史萊姆論壇

返回   史萊姆論壇 > 專業主討論區 > 一般電腦疑難討論區
刷新本頁 求助 - 網路會突然中斷卡死!
忘記密碼?
論壇說明 標記討論區已讀

歡迎您來到『史萊姆論壇』 ^___^

您目前正以訪客的身份瀏覽本論壇,訪客所擁有的權限將受到限制,您可以瀏覽本論壇大部份的版區與文章,但您將無法參與任何討論或是使用私人訊息與其他會員交流。若您希望擁有完整的使用權限,請註冊成為我們的一份子,註冊的程序十分簡單、快速,而且最重要的是--註冊是完全免費的!

請點擊這裡:『註冊成為我們的一份子!』

Google 提供的廣告


發文 回覆
 
主題工具 顯示模式
舊 2009-05-11, 10:35 PM   #1 (permalink)
註冊會員
榮譽勳章

勳章總數
UID - 297142
在線等級: 級別:1 | 在線時長:7小時 | 升級還需:5小時
註冊日期: 2008-03-28
文章: 21
精華: 0
現金: 37 金幣
資產: 37 金幣
預設
不好意思,您叫我去看的那篇文章對我來說好深澳= ="看的有點母煞煞不好意思!

我PO報表麻煩幫檢查一下謝謝!

[code]

2009-05-11,20:44:04

System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理許可權用戶 - 完整功能

以下內容被選中:
所有的啟動項目(包括註冊表、開機檔案夾、服務等)
流覽器載入項
正在運行的進程(包括進程模組資訊)
文件關聯
Winsock 提供者
Autorun.inf
HOSTS 文件
進程特權掃描
計畫任務
API HOOK
隱藏進程


啟動專案
註冊表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
<foxy><"C:\Program Files\Foxy\Foxy.exe" -tray> [File is missing]
<KKBOX Tray Icon><C:\Program Files\KKBOX\KKBOX_Tray.exe> [Skysoft]
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Windows Publisher]
<Messenger (Yahoo!)><"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet> [(Verified)Yahoo! Inc.]
<swg><C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe> [(Verified)Google Inc]
<BitComet><"C:\Program Files\BitComet\BitComet.exe" /tray> [(Verified)Comet Network Technology Co Ltd.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<avgnt><"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min> [Avira GmbH]
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k> [File is missing]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SSDPSRV]
<WinlogonNotify: SSDPSRV><C:\WINDOWS\System32\Systen.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<自訂瀏覽器><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]

==================================
開機檔案夾
N/A

==================================
服務
[shapedaccdss Recpter / AdscdsessNum][Running/Auto Start]
<C:\WINDOWS\system32\Mosdfar.exe><N/A>
[Avira AntiVir Personal – Free Antivirus Scheduler / AntiVirScheduler][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe"><Avira GmbH>
[Avira AntiVir Personal – Free Antivirus Guard / AntiVirService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe"><Avira GmbH>
[eScan Monitor Service / eScan Monitor Service][Stopped/Auto Start]
<C:\PROGRA~1\eScan\VISTA\avpmapp.exe><MicroWorld Technologies Inc.>
[eScan Server-Updater / eScan-trayicos][Running/Auto Start]
<C:\PROGRA~1\eScan\TRAYSSER.EXE><MicroWorld Technologies Inc.>
[fhgos soft Service / fhgos Service][Stopped/Auto Start]
<C:\WINDOWS\system32\SC3TP5MU2€\J001.exe><(File is missing)>
[Google Software Updater / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[ibzai / ibzai][Stopped/Auto Start]
<C:\WINDOWS\system32\ibzai.exe><(File is missing)>
[KingDuBa Driver A / KingDuuBa A][Running/Auto Start]
<C:\WINDOWS\system32\KiVIR.exe><N/A>
[MWAgent / MWAgent][Running/Auto Start]
<C:\Program Files\Common Files\MicroWorld\Agent\MWASER.EXE><MicroWorld Technologies Inc.>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Program Compatibility Assistan / PctaSvc][Stopped/Auto Start]
<C:\Program Files\R_Server\Slsvc.exe><(File is missing)>
[RDP Endpoint Mapper / RdpEptMapper][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k RdpService-->C:\WINDOWS\system32\rdpctrl.dll><N/A>
[Routing and Remote Access / RemoteAccess][Stopped/Disabled]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mprdim.dll><Microsoft Corporation>
[QoS RSVP / RSVP][Stopped/Manual Start]
<C:\WINDOWS\system32\rsvp.exe><Microsoft Corporation>
[tapiessNumss Recoter / tapiessNum][Stopped/Auto Start]
<C:\WINDOWS\system32\wcssvbr.exe><(File is missing)>

==================================
驅動程式
[ADI DTS Filter Service / ADIDTSFiltService][Running/Manual Start]
<system32\drivers\adidts.sys><Analog Devices, Inc.>
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
<system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[ADMtek ADM8511/AN986 USB To Fast Ethernet Converter / ADM8511][Stopped/Manual Start]
<system32\DRIVERS\ADM8511.SYS><ADMtek Incorporated>
[AE Audio Service / AEAudio][Running/Manual Start]
<system32\drivers\AEAudio.sys><Andrea Electronics Corporation>
[avgio / avgio][Running/System Start]
<\??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Manual Start]
<\??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
<system32\DRIVERS\avipbb.sys><Avira GmbH>
[city / city][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\city.ahc><N/A>
[eScan Monitor Extension / ESCANMX][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\escanmxx.sys><MicroWorld Technologies Inc. - www.mwti.net>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Kaspersky Lab Driver / KLIF][Running/System Start]
<system32\DRIVERS\klif.sys><Kaspersky Lab>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
<system32\DRIVERS\ASACPI.sys><>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[nvata / nvata][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\nvata.sys><NVIDIA Corporation>
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
<system32\DRIVERS\NVENETFD.sys><NVIDIA Corporation>
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
<system32\DRIVERS\nvnetbus.sys><NVIDIA Corporation>
[Process Creation Monitor / ProcObsrves][Stopped/Manual Start]
<\??\C:\PROGRA~1\eScan\ProcObsrves.sys><N/A>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Running/Auto Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start]
<\SystemRoot\System32\drivers\sfdrv01.sys><Protection Technology>
[StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfhlp02.sys><Protection Technology>
[StarForce Protection Synchronization Driver (version 2.x) / sfsync02][Running/Boot Start]
<\SystemRoot\System32\drivers\sfsync02.sys><Protection Technology>
[sptd / sptd][Stopped/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[系統還原篩選器驅動程式 / sr][Running/Boot Start]
<\SystemRoot\\SystemRoot\system32\DRIVERS\sr.sys><N/A>
[ssmdrv / ssmdrv][Running/System Start]
<system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[npkcrypt / npkcrypt][Running/Manual Start]
<\??\C:\Program Files\Gamania\天堂(Lineage 2.70C)\npkcrypt.sys><INCA Internet Co., Ltd.>

==================================
愛撒謊的明 目前離線  
送花文章: 16, 收花文章: 17 篇, 收花: 36 次
回覆時引用此帖
有 2 位會員向 愛撒謊的明 送花:
KL-iris (2009-07-20),Living (2009-05-12)
感謝您發表一篇好文章
舊 2009-05-11, 10:36 PM   #2 (permalink)
註冊會員
榮譽勳章

勳章總數
UID - 297142
在線等級: 級別:1 | 在線時長:7小時 | 升級還需:5小時
註冊日期: 2008-03-28
文章: 21
精華: 0
現金: 37 金幣
資產: 37 金幣
預設
流覽器載入項
[&Yahoo! Toolbar Helper]
{02478D38-C3F9-4efb-9B51-7695ECA05670} <C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll, (Signed) BitComet>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[參考資料(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[BitComet]
{D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} <, >
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[]
{32099AAC-C132-4136-9E9A-4E364A424E17} <, >
[Yahoo!奇摩捷徑列]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[Lexmark 工具列]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} <C:\Program Files\Lexmark Toolbar\toolband.dll, N/A>
[MajiToolbar]
{DF76A633-1E37-4A16-A943-0938402FFA8B} <C:\Program Files\MyMaji\MajiToolbar\MajiToolbar.dll, MyMaji.com Inc.>
[Google Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\Adobe\Director\SwDir.dll, (Signed) Adobe Systems, Inc.>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, (Signed) Microsoft Corporation>
[]
{31435657-9980-0010-8000-00AA00389B71} <, >
[Windows Live Safety Center Base Module]
{5ED80217-570B-4DA9-BF44-BE107C0EC166} <C:\WINDOWS\Downloaded Program Files\wlscBase.dll, (Signed) Microsoft Corporation>
[]
{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >
[NowStarter Control]
{A22B8FD2-4CAA-4EFB-82F7-680CD656D9B0} <C:\WINDOWS\DOWNLO~1\GNOWST~1.OCX, (C) NOWCOM>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[&Yahoo! Toolbar Helper]
{02478D38-C3F9-4EFB-9B51-7695ECA05670} <C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[Lexmark 工具列]
{1017A80C-6F09-4548-A84D-EDD6AC9525F0} <C:\Program Files\Lexmark Toolbar\toolband.dll, N/A>
[Adobe PDF Link Helper]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[Google Toolbar]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[BitComet Helper]
{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll, (Signed) BitComet>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[Windows Live Safety Center Base Module]
{5ED80217-570B-4DA9-BF44-BE107C0EC166} <C:\WINDOWS\Downloaded Program Files\wlscBase.dll, (Signed) Microsoft Corporation>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Windows Live Safety Center Control Module]
{8E5C8BEE-1887-414C-8AC9-7C3951F28476} <C:\Program Files\Windows Live Safety Center\wlscCtrl.dll, (Signed) Microsoft Corporation>
[]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll, (Signed) Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll, (Signed) Google Inc.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[Google Dictionary Compression sdch]
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} <C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll, (Signed) Google Inc.>
[]
{D18A0B52-D63C-4ED0-AFC6-C1E3DC1AF43A} <, >
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[MessengerChecker Class]
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} <C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll, (Signed) Yahoo! Inc.>
[MajiToolbar]
{DF76A633-1E37-4A16-A943-0938402FFA8B} <C:\Program Files\MyMaji\MajiToolbar\MajiToolbar.dll, MyMaji.com Inc.>
[Yahoo!奇摩捷徑列]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} <C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll, (Signed) Yahoo! Inc.>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[ActiveBrowserToolbar Class]
{FEBA8EC4-8262-485B-B97B-AD3113768E89} <C:\Program Files\MyMaji\MajiToolbar\MajiToolbar.dll, MyMaji.com Inc.>
[使用 BitComet 下載全部影片(&V)]
<res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm, N/A>
[使用 BitComet 下載全部連結(&A)]
<res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm, N/A>
[使用 BitComet 下載連結(&B)]
<res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm, N/A>
[匯出至 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
正在運行的進程
[PID: 460 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 512 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 536 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\Systen.dll] [N/A, ]
[C:\WINDOWS\system32\avicap32.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 580 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 600 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 752 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 808 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 872 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1028 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1124 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1172 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe] [Avira GmbH, 8.00.00.12]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\schedr.dll] [Avira GmbH, 8.00.03.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll] [Avira GmbH, 8.00.00.11]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll] [, 3.3.17.1]
[PID: 1376 / kikjkk][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 9.0.0.2008061100]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHT] [Adobe Systems, Inc., 9.0.0.0]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.11.7519]
[C:\WINDOWS\system32\OLEACC.dll] [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\NVRSZHT.DLL] [NVIDIA Corporation, 6.14.11.7519]
[C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.7519]
[C:\WINDOWS\system32\nvshell.dll] [, ]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll] [Avira GmbH, 7.00.00.11]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\PROGRA~1\eScan\eScanShx.dll] [MicroWorld Technologies Inc., 2, 0, 0, 7]
[C:\WINDOWS\system32\msls31.dll] [Microsoft Corporation, 3.10.349.0]
[C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8665.0]
[C:\Program Files\Lexmark Toolbar\toolband.dll] [N/A, ]
[C:\Program Files\Lexmark Toolbar\resource.dll] [N/A, ]
[C:\WINDOWS\system32\dfshim.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Fusion.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\ShFusRes.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)]
[PID: 1496 / kikjkk][C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe] [Avira GmbH, 8.00.00.07]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\cclib.dll] [Avira GmbH, 8.00.01.18]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[c:\program files\avira\antivir personaledition classic\ccgen.dll] [Avira GmbH, 8.00.00.20]
[c:\program files\avira\antivir personaledition classic\ccgenrc.dll] [Avira GmbH, 8.00.12.00]
[c:\program files\avira\antivir personaledition classic\ccguard.dll] [Avira GmbH, 8.00.00.16]
[c:\program files\avira\antivir personaledition classic\ccgrdrc.dll] [Avira GmbH, 8.00.03.00]
[c:\program files\avira\antivir personaledition classic\avipc.dll] [Avira GmbH, 1.0.6.0]
[c:\program files\avira\antivir personaledition classic\ccupdate.dll] [Avira GmbH, 8.00.00.14]
[c:\program files\avira\antivir personaledition classic\ccupdrc.dll] [Avira GmbH, 8.00.03.00]
[c:\program files\avira\antivir personaledition classic\cclic.dll] [Avira GmbH, 8.00.00.09]
[c:\program files\avira\antivir personaledition classic\cclicrc.dll] [Avira GmbH, 8.00.02.00]
[c:\program files\avira\antivir personaledition classic\ccmsg.dll] [Avira GmbH, 8.00.00.04]
[PID: 1528 / kikjkk][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1324 / SYSTEM][C:\WINDOWS\system32\iexplorer.exe] [N/A, ]
[PID: 1332 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe] [Avira GmbH, 8.00.01.15]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avevtlog.dll] [Avira GmbH, 8.00.00.11]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\guardmsg.dll] [Avira GmbH, 8.00.04.01]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\sqlite3.dll] [, 3.3.17.1]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVPREF.DLL] [Avira GmbH, 8.00.00.01]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\SMTPLIB.DLL] [Avira GmbH, 1.02.00.19]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\AVGIO.DLL] [Avira GmbH, 8.00.00.04]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aecore.dll] [Avira GmbH, 8.1.0.25]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aevdf.dll] [Avira GmbH, 8.1.0.5]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescript.dll] [Avira GmbH, 8.1.0.19]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aescn.dll] [Avira GmbH, 8.1.0.12]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aerdl.dll] [Avira GmbH, 8.1.0.19]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aepack.dll] [Avira GmbH, 8.1.1.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\unacev2.dll] [N/A, ]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeoffice.dll] [Avira GmbH, 8.1.0.15]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeheur.dll] [Avira GmbH, 8.1.0.15]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aehelp.dll] [Avira GmbH, 8.1.0.11]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aegen.dll] [Avira GmbH, 8.1.0.15]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\aeemu.dll] [Avira GmbH, 8.1.0.5]
[C:\Program Files\Avira\AntiVir PersonalEdition Classic\avipc.dll] [Avira GmbH, 1.0.6.0]
[PID: 1580 / SYSTEM][C:\PROGRA~1\eScan\TRAYSSER.EXE] [MicroWorld Technologies Inc., 4, 0, 0, 19]
[PID: 1740 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1748 / SYSTEM][C:\Program Files\Common Files\MicroWorld\Agent\MWASER.EXE] [MicroWorld Technologies Inc., 4.0.1.2]
[PID: 1320 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.11.7519]
[C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.7519]
[PID: 1656 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2408 / kikjkk][C:\Documents and Settings\kikjkk\桌面\小紅傘動態繁體中文化\小紅傘動態繁體中文化.exe] [yuhiyu, 1.00]
[C:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9782]
[C:\WINDOWS\system32\VB6CHT.DLL] [Microsoft Corporation, 6.00.8988]
[PID: 3340 / kikjkk][C:\Program Files\GameArming\GameArming.exe] [GameArming, 2,0,0,52]
[C:\WINDOWS\system32\oledlg.dll] [Microsoft Corporation, 1.0 (XPClient.010817-1148)]
[C:\Program Files\GameArming\Reg.dll] [GameArming, 2,0,1,8]
[C:\Program Files\GameArming\HoM.dll] [, 1, 1, 1, 1]
[C:\Program Files\GameArming\DownLoad.dll] [GameArming, 1,0,5,9]
[C:\WINDOWS\system32\msls31.dll] [Microsoft Corporation, 3.10.349.0]
[C:\Program Files\GameArming\SOL Tool\SOL.DLL] [, 1,0,1,2]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 3492 / kikjkk][C:\UserJoy\SOL70\OnLine.dat] [N/A, ]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\GameArming\HoM.dll] [, 1, 1, 1, 1]
[C:\Program Files\GameArming\SOL Tool\SOL.DLL] [, 1,0,1,2]
[C:\Program Files\GameArming\GameArming.dll] [N/A, ]
[C:\Program Files\GameArming\Reg.dll] [GameArming, 2,0,1,8]
[C:\Program Files\GameArming\SOL Tool\SOL_Win.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8665.0]
[PID: 2388 / kikjkk][C:\Program Files\TTPlayer\TTPlayer.exe] [Alen Soft, 5, 2, 1, 0]
[C:\Program Files\TTPlayer\ttpcomm.dll] [N/A, ]
[C:\Program Files\TTPlayer\ttpres.dll] [Alen Soft, 5, 2, 1, 0]
[C:\Program Files\TTPlayer\msdmo.dll] [Microsoft Corporation, 6.03.01.0400]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\Program Files\TTPlayer\AddIn\ttp_lrcsh.dll] [N/A, ]
[PID: 3892 / kikjkk][C:\WINDOWS\system32\conime.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3812 / kikjkk][C:\Program Files\BitComet\BitComet.exe] [www.BitComet.com, 1.09]
[C:\WINDOWS\system32\oledlg.dll] [Microsoft Corporation, 1.0 (XPClient.010817-1148)]
[C:\WINDOWS\system32\plugin.ocx] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\WINDOWS\system32\msls31.dll] [Microsoft Corporation, 3.10.349.0]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 18172 / kikjkk][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll] [Yahoo! Inc., 2007, 12, 18, 1]
[C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll] [BitComet, 20090115]
[C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll] [Google Inc., 6, 1, 1518, 856]
[C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_6D0D6FD66D664927.dll] [Google Inc., 6, 1, 1518, 856]
[C:\WINDOWS\system32\OLEACC.dll] [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148)]
[C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_zh-TW_AB21B6B290BAC0C6.dll] [Google Inc., 6, 1, 1518, 856]
[C:\WINDOWS\system32\msls31.dll] [Microsoft Corporation, 3.10.349.0]
[C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\msratelc.dll] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\WINDOWS\system32\plugin.ocx] [Microsoft Corporation, 6.00.2600.0000 (xpclient.010817-1148)]
[C:\WINDOWS\system32\MFC42LOC.DLL] [Microsoft Corporation, 6.00.8665.0]
[PID: 25936 / kikjkk][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ]
[C:\WINDOWS\system32\riched32.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 30632 / kikjkk][C:\DOCUME~1\kikjkk\LOCALS~1\Temp\Rar$EX17.969\SREngLdr.EXE] [Smallfrogs Studio, 2.7.1.1261]
[PID: 29708 / kikjkk][C:\DOCUME~1\kikjkk\LOCALS~1\Temp\Rar$EX17.969\SREddc374c7.EXE] [Smallfrogs Studio, 2.7.1.1261]
[C:\WINDOWS\system32\oledlg.dll] [Microsoft Corporation, 1.0 (XPClient.010817-1148)]
[C:\DOCUME~1\kikjkk\LOCALS~1\Temp\Rar$EX17.969\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\WINDOWS\system32\utildll.dll] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]

==================================
愛撒謊的明 目前離線  
送花文章: 16, 收花文章: 17 篇, 收花: 36 次
回覆時引用此帖
有 2 位會員向 愛撒謊的明 送花:
KL-iris (2009-07-20),Living (2009-05-12)
感謝您發表一篇好文章
舊 2009-05-11, 10:37 PM   #3 (permalink)
註冊會員
榮譽勳章

勳章總數
UID - 297142
在線等級: 級別:1 | 在線時長:7小時 | 升級還需:5小時
註冊日期: 2008-03-28
文章: 21
精華: 0
現金: 37 金幣
資產: 37 金幣
預設
文件關聯
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
RSVP UDP Service Provider
C:\WINDOWS\system32\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider)
RSVP TCP Service Provider
C:\WINDOWS\system32\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{0B2040C2-9679-46F2-B8F6-9855506351DA}] SEQPACKET 1
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{0B2040C2-9679-46F2-B8F6-9855506351DA}] DATAGRAM 1
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{24891361-4FEE-4FD2-AC7E-2FCFB6158B53}] SEQPACKET 2
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{24891361-4FEE-4FD2-AC7E-2FCFB6158B53}] DATAGRAM 2
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================
進程特權掃描
特殊特權被允許: SeLoadDriverPrivilege [PID = 1172, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\SCHED.EXE]
特殊特權被允許: SeLoadDriverPrivilege [PID = 1496, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGNT.EXE]
特殊特權被允許: SeLoadDriverPrivilege [PID = 1332, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION CLASSIC\AVGUARD.EXE]
特殊特權被允許: SeLoadDriverPrivilege [PID = 2408, C:\DOCUMENTS AND SETTINGS\KIKJKK\桌面\小紅傘動態繁體中文化\小紅傘動態繁體中文化.EXE]
特殊特權被允許: SeLoadDriverPrivilege [PID = 3340, C:\PROGRAM FILES\GAMEARMING\GAMEARMING.EXE]
特殊特權被允許: SeLoadDriverPrivilege [PID = 3492, C:\USERJOY\SOL70\ONLINE.DAT]
特殊特權被允許: SeLoadDriverPrivilege [PID = 2388, C:\PROGRAM FILES\TTPLAYER\TTPLAYER.EXE]
特殊特權被允許: SeLoadDriverPrivilege [PID = 25936, C:\PROGRAM FILES\WINRAR\WINRAR.EXE]
特殊特權被允許: SeLoadDriverPrivilege [PID = 30632, C:\DOCUME~1\KIKJKK\LOCALS~1\TEMP\RAR$EX17.969\SRENGLDR.EXE]

==================================
計畫任務
N/A

==================================
API HOOK
RVA 錯誤: LoadLibraryA (危險等級: 高, 被下麵模組所HOOK: \SystemRoot\system32\DRIVERS\klif.sys)
RVA 錯誤: LoadLibraryExA (危險等級: 高, 被下麵模組所HOOK: \SystemRoot\system32\DRIVERS\klif.sys)
RVA 錯誤: LoadLibraryExW (危險等級: 高, 被下麵模組所HOOK: \SystemRoot\system32\DRIVERS\klif.sys)
RVA 錯誤: LoadLibraryW (危險等級: 高, 被下麵模組所HOOK: \SystemRoot\system32\DRIVERS\klif.sys)
RVA 錯誤: GetProcAddress (危險等級: 高, 被下麵模組所HOOK: \SystemRoot\system32\DRIVERS\klif.sys)

==================================
隱藏進程
N/A

==================================


[/code]
愛撒謊的明 目前離線  
送花文章: 16, 收花文章: 17 篇, 收花: 36 次
回覆時引用此帖
有 3 位會員向 愛撒謊的明 送花:
KL-iris (2009-07-20),Living (2009-05-12),magicwoo (2009-05-15)
感謝您發表一篇好文章
舊 2009-05-14, 11:27 AM   #4 (permalink)
註冊會員
榮譽勳章
UID - 289471
在線等級: 級別:17 | 在線時長:390小時 | 升級還需:6小時級別:17 | 在線時長:390小時 | 升級還需:6小時級別:17 | 在線時長:390小時 | 升級還需:6小時級別:17 | 在線時長:390小時 | 升級還需:6小時級別:17 | 在線時長:390小時 | 升級還需:6小時級別:17 | 在線時長:390小時 | 升級還需:6小時級別:17 | 在線時長:390小時 | 升級還需:6小時
註冊日期: 2007-12-28
住址: the corners of  the earth
文章: 174
精華: 0
現金: 85 金幣
資產: 4424 金幣
預設
引用:
正在運行的進程
[PID: 460 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 512 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 536 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\Systen.dll] [N/A, ]
我是覺得你要不要用其它線上掃瞄再掃看看有沒病毒?
長長一串我看不太懂, 但覺得那個 Systen.dll 很奇怪...
ISAM 目前離線  
送花文章: 208, 收花文章: 86 篇, 收花: 189 次
回覆時引用此帖
有 4 位會員向 ISAM 送花:
KL-iris (2009-07-20),Living (2009-05-14),magicwoo (2009-05-15),愛撒謊的明 (2009-05-14)
感謝您發表一篇好文章
舊 2009-05-14, 03:50 PM   #5 (permalink)
長老會員
榮譽勳章
UID - 44660
在線等級: 級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時
註冊日期: 2003-03-03
文章: 1211
精華: 0
現金: 10269 金幣
資產: 20217 金幣
預設
引用:
作者: ISAM 查看文章
我是覺得你要不要用其它線上掃瞄再掃看看有沒病毒?
長長一串我看不太懂, 但覺得那個 Systen.dll 很奇怪...
您好厲害....
我怎沒看到原PO有您打的那幾行
__________________
常被電腦玩
october_pc 目前離線  
送花文章: 1413, 收花文章: 460 篇, 收花: 1750 次
回覆時引用此帖
有 4 位會員向 october_pc 送花:
KL-iris (2009-07-20),Living (2009-05-14),magicwoo (2009-05-15),愛撒謊的明 (2009-05-14)
感謝您發表一篇好文章
舊 2009-05-14, 05:16 PM   #6 (permalink)
註冊會員
榮譽勳章
UID - 289471
在線等級: 級別:17 | 在線時長:390小時 | 升級還需:6小時級別:17 | 在線時長:390小時 | 升級還需:6小時級別:17 | 在線時長:390小時 | 升級還需:6小時級別:17 | 在線時長:390小時 | 升級還需:6小時級別:17 | 在線時長:390小時 | 升級還需:6小時級別:17 | 在線時長:390小時 | 升級還需:6小時級別:17 | 在線時長:390小時 | 升級還需:6小時
註冊日期: 2007-12-28
住址: the corners of  the earth
文章: 174
精華: 0
現金: 85 金幣
資產: 4424 金幣
預設
引用:
作者: october_pc 查看文章
您好厲害....
我怎沒看到原PO有您打的那幾行
 
  請參考

http://img13.imageshack.us/img13/3557/20090514170638.jpg
 
ISAM 目前離線  
送花文章: 208, 收花文章: 86 篇, 收花: 189 次
回覆時引用此帖
有 4 位會員向 ISAM 送花:
KL-iris (2009-07-20),Living (2009-05-14),magicwoo (2009-05-15),愛撒謊的明 (2009-05-14)
感謝您發表一篇好文章
舊 2009-05-14, 11:48 PM   #7 (permalink)
長老會員
榮譽勳章
UID - 44660
在線等級: 級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時級別:28 | 在線時長:952小時 | 升級還需:5小時
註冊日期: 2003-03-03
文章: 1211
精華: 0
現金: 10269 金幣
資產: 20217 金幣
預設
怪了..我火狐看不到有捲頁...開ie也沒看到
我系統出問題了嗎?
有其他人看的到嗎?
october_pc 目前離線  
送花文章: 1413, 收花文章: 460 篇, 收花: 1750 次
回覆時引用此帖
有 3 位會員向 october_pc 送花:
KL-iris (2009-07-20),Living (2009-05-15),magicwoo (2009-05-15)
感謝您發表一篇好文章
舊 2009-07-19, 08:32 AM   #8 (permalink)
註冊會員
榮譽勳章

勳章總數
UID - 325809
在線等級: 級別:0 | 在線時長:1小時 | 升級還需:4小時
註冊日期: 2009-06-07
文章: 2
精華: 0
現金: 4 金幣
資產: 4 金幣
預設 我也有類似情形
我也有類似情形--一直在尋找ip,重建ip..,ip值一直為0000,有時會找的到但是是169.***不過還是無法上網,ping 127.0.0.1 是正常的,重新開機有時又可以上網1-2分鐘,又斷線,斷斷續續
但是另一台電腦不會,所以應該不是中華電信問題,
用2套防毒軟體掃毒也沒發現病毒,Norton Internet Security 2009 and avast
重灌xp並updata還是一樣,換網卡driver一樣,換網卡也還是如此
大家給點意見吧
請多指教
謝謝
ppp395423 目前離線  
送花文章: 0, 收花文章: 2 篇, 收花: 3 次
回覆時引用此帖
有 2 位會員向 ppp395423 送花:
KL-iris (2009-07-20),愛撒謊的明 (2009-07-22)
感謝您發表一篇好文章
發文 回覆

« 上一主題 | 下一主題 »

主題工具
顯示模式
混合模式 混合模式

發表規則
不可以發文
不可以回覆主題
不可以上傳附加檔案
不可以編輯您的文章
論壇啟用 BB 語法
論壇啟用 表情符號
論壇啟用 [IMG] 語法
論壇禁用 HTML 語法
Trackbacks are 禁用
Pingbacks are 禁用
Refbacks are 禁用

相似的主題
主題 主題作者 討論區 回覆 最後發表
網路最近會突然斷線?! superworm 硬體疑難使用問題討論區 5 2006-02-13 12:34 AM
我的網路會突然斷線~ duozero 一般電腦疑難討論區 8 2002-12-18 01:28 PM


所有時間均為台北時間。現在的時間是 12:06 AM

《 史萊姆的第一個家 》 - 論壇存檔 - 返回頂端

Powered by vBulletin® 版本 3.6.8
版權所有 ©2000 - 2025, Jelsoft Enterprises Ltd.

『服務條款』

* 有問題不知道該怎麼解決嗎?請聯絡本站的系統管理員 *


SEO by vBSEO 3.6.1