廣告廣告
  加入我的最愛 設為首頁 風格修改
首頁 首尾
 手機版   訂閱   地圖  簡體 
您是第 15569 個閱讀者
 
<< 上頁  1   2   3   4   5   6  下頁 >>(共 6 頁)
發表文章 發表投票 回覆文章
  可列印版   加為IE收藏   收藏主題   上一主題 | 下一主題   
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

請樓主一下述的資訊依路徑找到檔案..然後上傳至免空給我好嗎?

Boot Items
Registry
<MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Corporation]

Drivers
[TSP / TSP][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><N/A>
[U3sHlpDr / U3sHlpDr][Running/Auto Start]
<\??\C:\WINDOWS\System32\Drivers\U3sHlpDr.sys><N/A>

Browser Add-ons
[網頁]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Internet Security 6.0\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>

另外剛剛又重看了一次.樓主您下述這一樣還是沒清除到喔!
Browser Add-ons
[EF2KRSE.ctlEF2KRSE]
{CF265377-E224-11D4-ACE8-0080C8D96040} <C:\WINDOWS\Downloaded Program Files\EF2KRSE.ocx, Data Systems Consulting Co., Ltd.>


[ 此文章被彗星風采在2007-04-04 09:48重新編輯 ]



獻花 x0 回到頂端 [20 樓] From:臺灣中華電信 | Posted:2007-04-04 00:13 |
Rich0401
數位造型
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x1 鮮花 x28
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

昨天電腦關機呈現正在關機中,然後就任它一直處於這種狀態,

今天來看電源依然開著,它並沒有關機,但是出現了按

Ctl+Alt+Del 開機提示,結果開機後,就非常順暢,

但是依然沒音效。

目前出現左下角【開始】鈕沒反應 表情

msmsgs.exe;klif.sys;scieplugin.dll;U3sHlpDr.sys查找結果
http://app04.bonpoo.com/cgi-bin/download?...DB8ABA3A618E215873

msmsgs.exe
http://app04.bonpoo.com/cgi-bin/download?...DB8AEB378F8E215873

scieplugin.dll
http://app04.bonpoo.com/cgi-bin/download?...DBAC09E5948E215873

U3sHlpDr.sys
http://app04.bonpoo.com/cgi-bin/download?...DBA6FD84828E215873

-------------------------------------------------------------------------------
Browser Add-ons
[EF2KRSE.ctlEF2KRSE]
{CF265377-E224-11D4-ACE8-0080C8D96040} <C:\WINDOWS\Downloaded Program Files\EF2KRSE.ocx, Data Systems Consulting Co., Ltd.>

這個我用SREng清不掉,後來用Hijack清掉

-------------------------------------------------------------------------------

複製程式

2007-04-04,09:15:13

System Repair Engineer 2.4.12.806
Smallfrogs ([url]http://www.KZTechs.com[/url])

Windows XP Professional Service Pack 1 (Build 2600) - 

Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, 

Services and so on)
    Browser Add-ons
    Runing Processes (Including process model 

information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVers

ion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  

[(Verified)Microsoft Windows XP Publisher]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" 

/background>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows 

NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVer

sion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" 

/Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft 

Windows XP Publisher]
    <CJIMETIPSYNC><C:\Program Files\Common 

Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE 

/CJIMETIPSync>  [(Verified)Microsoft Corporation]
    <PHIMETIPSYNC><C:\Program Files\Common 

Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE 

/PHIMETIPSync>  [(Verified)Microsoft Corporation]
    <OfficeScanNT Monitor><"C:\Program Files\Trend 

Micro\OfficeScan Client\pccntmon.exe" -HideWindow>  

[Trend Micro Inc.]
    <Matrox Powerdesk><C:\WINDOWS\System32

\PDesk\PDesk.exe /Autolaunch>  [(Verified)Microsoft 

Windows XP Publisher]
    <avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe>  

[(Verified)ALWIL Software]
    <Outpost Firewall><C:\PROGRA~1\Agnitum\OUTPOS~1.0

\outpost.exe /waitservice>  [Agnitum]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows 

NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows 

XP Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  

[(Verified)]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows 

NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows 

NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows 

XP Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\System32\AVASTSS.scr>  

[ALWIL Software]

==================================
Startup Folders
[REBECCA]
  <C:\Documents and Settings\sinotech.54-573\「開始」功能

表\程式集\啟動\REBECCA.lnk --> 

E:\RIMARTS\REBECCA\REBECCA.EXE [RimArts, Inc.]><N>
[Reminder]
  <C:\Documents and Settings\sinotech.54-573\「開始」功能

表\程式集\啟動\Reminder.lnk --> E:\REMINDER\Reminder.exe 

[Kana Solution]><N>
[標點符號.exe]
  <C:\Documents and Settings\sinotech.54-573\「開始」功能

表\程式集\啟動\標點符號.exe.lnk --> E:\原DISK~1

\C\game\FU\標點符號.exe [台灣鉅軟科技 HZYSoft 

Corporation]><N>

==================================
Services
[ASP.NET State Service / aspnet_state][Stopped/Manual 

Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322

\aspnet_state.exe><Microsoft Corporation>
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto 

Start]
  <"C:\Program Files\Alwil Software\Avast4

\aswUpdSv.exe"><N/A>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast4

\ashServ.exe"><>
[avast! Mail Scanner / avast! Mail Scanner]

[Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" 

/service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual 

Start]
  <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" 

/service><ALWIL Software>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard]

[Stopped/Disabled]
  <><N/A>
[Human Interface Device Access / HidServ]

[Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%

SystemRoot%\System32\hidserv.dll><N/A>
[MGABGEXE / MGABGEXE][Running/Auto Start]
  <C:\WINDOWS\System32\mgabg.exe><Matrox Graphics Inc.>
[OfficeScanNT 即時掃瞄 / ntrtscan][Running/Auto Start]
  <C:\Program Files\Trend Micro\OfficeScan 

Client\ntrtscan.exe><Trend Micro Inc.>
[OfficeScanNT 防火牆 / OfcPfwSvc][Running/Auto Start]
  <C:\Program Files\Trend Micro\OfficeScan 

Client\OfcPfwSvc.exe><Trend Micro Inc.>
[Outpost Firewall Service / OutpostFirewall][Running/Auto 

Start]
  <C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe 

/service><Agnitum>
[OfficeScanNT Listener / tmlisten][Running/Auto Start]
  <C:\Program Files\Trend Micro\OfficeScan 

Client\tmlisten.exe><Trend Micro Inc.>

==================================
Drivers
[Intel(r) 82801 Audio Driver Install Service (WDM) / 

ac97intc][Running/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Outpost Firewall PlugIn (CONTENT.DLL) / CONTENT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\CONTENT.DLL><Agnitum>
[CO_Mon / CO_Mon][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\Drivers\CO_Mon.sys><N/A>
[Outpost Firewall PlugIn (DNSCACHE.DLL) / DNSCACHE.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\DNSCACHE.DLL><Agnitum>
[Intel(R) PRO Adapter Driver / E100B][Running/Manual 

Start]
  <System32\DRIVERS\e100b325.sys><Intel Corporation>
[Filseclab Dynamic Defense System Driver / filar]

[Stopped/System Start]
  <\??\C:\PROGRA~1\COMMON~1\FILSEC~1\filar.sys><N/A>
[Outpost Firewall PlugIn (FTPFILT.DLL) / FTPFILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\FTPFILT.DLL><Agnitum>
[G400 / G400][Stopped/Manual Start]
  <System32\DRIVERS\G400m.sys><Matrox Graphics Inc.>
[G400DH / G400DH][Running/Manual Start]
  <System32\DRIVERS\g400dhm.sys><Matrox Graphics Inc.>
[Outpost Firewall PlugIn (HTMLFILT.DLL) / HTMLFILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\HTMLFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (HTTPFILT.DLL) / HTTPFILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\HTTPFILT.DLL><Agnitum>
[i81x / i81x][Stopped/Manual Start]
  <System32\DRIVERS\i81xnt5.sys><Intel Corporation>
[iAimFP0 / iAimFP0][Stopped/Manual Start]
  <System32\DRIVERS\wADV01nt.sys><Intel Corporation>
[iAimFP1 / iAimFP1][Stopped/Manual Start]
  <System32\DRIVERS\wADV02NT.sys><Intel Corporation>
[iAimFP2 / iAimFP2][Stopped/Manual Start]
  <System32\DRIVERS\wADV05NT.sys><Intel Corporation>
[iAimFP3 / iAimFP3][Stopped/Manual Start]
  <System32\DRIVERS\wSiINTxx.sys><Intel Corporation>
[iAimFP4 / iAimFP4][Stopped/Manual Start]
  <System32\DRIVERS\wVchNTxx.sys><Intel Corporation>
[iAimTV0 / iAimTV0][Stopped/Manual Start]
  <System32\DRIVERS\wATV01nt.sys><Intel Corporation>
[iAimTV1 / iAimTV1][Stopped/Manual Start]
  <System32\DRIVERS\wATV02NT.sys><Intel Corporation>
[iAimTV2 / iAimTV2][Stopped/Manual Start]
  <System32\DRIVERS\wATV03nt.sys><Intel Corporation>
[iAimTV3 / iAimTV3][Stopped/Manual Start]
  <System32\DRIVERS\wATV04nt.sys><Intel Corporation>
[iAimTV4 / iAimTV4][Stopped/Manual Start]
  <System32\DRIVERS\wCh7xxNT.sys><Intel Corporation>
[Outpost Firewall PlugIn (IMAPFILT.DLL) / IMAPFILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\IMAPFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (MAILFILT.DLL) / MAILFILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\MAILFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (NNTPFILT.DLL) / NNTPFILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\NNTPFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (POP3FILT.DLL) / POP3FILT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\POP3FILT.DLL><Agnitum>
[Outpost Firewall PlugIn (PROTECT.DLL) / PROTECT.DLL]

[Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0

\kernel\PROTECT.DLL><Agnitum>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual 

Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, 

Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[Trend Micro Filter / TmFilter][Running/Auto Start]
  <\??\C:\Program Files\Trend Micro\OfficeScan 

Client\TmXPFlt.sys><Trend Micro Inc.>
[Trend Micro PreFilter / TmPreFilter][Running/Auto Start]
  <\??\C:\Program Files\Trend Micro\OfficeScan 

Client\TmPreFlt.sys><Trend Micro Inc.>
[TSP / TSP][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><N/A>
[U3sHlpDr / U3sHlpDr][Running/Auto Start]
  <\??\C:\WINDOWS\System32\Drivers\U3sHlpDr.sys><N/A>
[Outpost Firewall Kernel Driver / VFILT][Running/System 

Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\2000

\FILTNT.SYS><Agnitum>
[Trend Micro VSAPI NT / VSApiNt][Running/Auto Start]
  <\??\C:\Program Files\Trend Micro\OfficeScan 

Client\VSApiNt.sys><Trend Micro Inc.>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program 

Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe 

Systems Incorporated>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents 

and Settings\All Users\Application 

Data\Microsoft\PCTools\pctools.dll, N/A>
[網頁]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program 

Files\Kaspersky Internet Security 6.0\Kaspersky Internet 

Security 6.0\scieplugin.dll, Kaspersky Lab>
[參考資料(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1

\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[@C:\Program Files\Messenger\Msgslang.dll,-61144]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program 

Files\Messenger\msmsgs.exe, Microsoft Corporation>
[收音機(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} 

<C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[CKAVWebScan Object]
  {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <, N/A>
[Symantec AntiVirus scanner]
  {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} 

<C:\WINDOWS\Downloaded Program Files\avsniff.dll, 

Symantec Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} 

<C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Symantec RuFSI Utility Class]
  {644E432F-49D3-41A1-8DD5-E099162EEEC5} 

<C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec 

Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} 

<C:\WINDOWS\System32\muweb.dll, Microsoft Corporation>
[WScanCtl Class]
  {7B297BFD-85E4-4092-B2AF-16A91B2EA103} 

<C:\WINDOWS\Downloaded Program Files\webscan.dll, CA>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} 

<C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe 

Systems, Inc.>
[McFreeScan Class]
  {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} 

<C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll, McAfee, 

Inc.>
[匯出至 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, 

N/A>

==================================
Running Processes
[PID: 552][\SystemRoot\System32\smss.exe]  [Microsoft 

Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 656][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft 

Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 220][C:\WINDOWS\Explorer.EXE]  [Microsoft 

Corporation, 6.00.2800.1221 (xpsp2.030511-1403)]
    [C:\WINDOWS\System32\PDesk\PDKERNEL.DLL]  [Matrox 

Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDTOOLS.DLL]  [Matrox 

Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDRESENG.DLL]  [Matrox 

Graphics Inc., 6.93.009]
    [C:\Program Files\Adobe\Acrobat 7.0

\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
    [C:\Program Files\Alwil Software\Avast4\ashShell.dll] 

 [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Adobe\Acrobat 7.0

\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 

7.0.0.2004121400]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft 

Corporation, 7.10.3052.4]
[PID: 324][C:\Program Files\Trend Micro\OfficeScan 

Client\pccntmon.exe]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\loadhttp.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\Pwd.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\OfcPlugInAPI.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\OfcPIPC.dll]  [N/A, ]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\TimeString.dll]  [N/A, ]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\ntmonres.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\OfcPlugInMain.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\OfcPlugInTray.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\tmdbg20.dll]  [trend_company_name, 1, 0, 0, 1]
[PID: 332][C:\WINDOWS\System32\PDesk\PDesk.exe]  [Matrox 

Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDTOOLS.DLL]  [Matrox 

Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDRESENG.DLL]  [Matrox 

Graphics Inc., 6.93.009]
[PID: 360][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe]  [, 

4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft 

Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft 

Corporation, 7.10.3052.4]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast4

\English\Base.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast4

\English\Lang.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\WINDOWS\System32\MFC71.DLL]  [Microsoft 

Corporation, 7.10.3077.0]
    [C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruimai.dll] 

 [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll]  [ALWIL 

Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll]  [Codejock 

Software, 1, 9, 4, 0]
    [c:\program files\alwil software\avast4\ahruimes.dll] 

 [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruins.dll]  

[ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruiout.dll] 

 [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruip2p.dll] 

 [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruistd.dll] 

 [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruiws.dll]  

[ALWIL Software, 4, 7, 936, 0]
[PID: 392][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft 

Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 628][E:\原Disk J\C\game\FU\標點符號.exe]  [台灣鉅軟

科技 HZYSoft Corporation, 3. 0. 0. 0]
[PID: 1096][C:\Program Files\Trend Micro\OfficeScan 

Client\Pop3Trap.exe]  [Trend Micro Incorporated., 

10.0.4.1141]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\POP3UTIL.dll]  [Trend Micro Incorporated., 

10.0.4.1141]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\tmdbg.dll]  [N/A, ]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\pewnt2.dll]  [Trend Micro Incorporated., 

10.0.4.1141]
    [C:\Program Files\Trend Micro\OfficeScan 

Client\tmCfwApi.dll]  [Trend Micro Inc., 1.2.0.1020]
[PID: 2448][C:\WINDOWS\System32\wuauclt.exe]  [Microsoft 

Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
[PID: 2820][E:\soft\電腦檢測\sreng2\SREng.EXE]  

[Smallfrogs Studio, 2.4.12.806]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1       localhost

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================




[ 此文章被Rich0401在2007-04-04 10:43重新編輯 ]


一人論命,命師曰︰『即將走名聲運。』,不久報紙頭版果登其照,原是通緝犯落網。名聲有好有壞,端看個人作為。
獻花 x0 回到頂端 [21 樓] From:臺灣中華HiNet | Posted:2007-04-04 10:33 |
LostDream
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x6
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

C:\WINDOWS\System32\Drivers\U3sHlpDr.sys
C:\WINDOWS\system32\drivers\klif.sys
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Kaspersky Internet Security 6.0\Kaspersky Internet Security 6.0\scieplugin.dll

全部都是正常的。


獻花 x0 回到頂端 [22 樓] From:臺灣 | Posted:2007-04-04 18:13 |
ken2659 手機
個人文章 個人相簿 個人日記 個人地圖
小有名氣
級別: 小有名氣 該用戶目前不上站
推文 x57 鮮花 x620
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

我感覺還是重新安裝一下作業系統應會比較好吧! 表情


★★★請回覆或推薦一下囉!!! ★★★
        感恩了!!
http://bbs.mychat.to/index.php?u=304870
獻花 x0 回到頂端 [23 樓] From:臺灣中華HiNet | Posted:2007-04-04 18:30 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片



獻花 x0 回到頂端 [24 樓] From:臺灣中華電信HINET | Posted:2007-04-04 19:48 |
LostDream
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x6
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

不是所有狀況都是威脅造成的,若不是威脅造成,SREngLog中自然看不出異樣。


獻花 x0 回到頂端 [25 樓] From:臺灣 | Posted:2007-04-04 20:05 |
Rich0401
數位造型
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x1 鮮花 x28
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

請問如果找不到以下檔案

C:\WINDOWS\system32\drivers\klif.sys

可在SREng中刪除它嗎? 表情

我在網上找文,也有同樣情形的受害者,音效不見,他是說被注入dll,

但是後輩才疏學淺,實在看不出所以然來啊~~~ 表情


[ 此文章被Rich0401在2007-04-05 00:26重新編輯 ]


一人論命,命師曰︰『即將走名聲運。』,不久報紙頭版果登其照,原是通緝犯落網。名聲有好有壞,端看個人作為。
獻花 x0 回到頂端 [26 樓] From:東森 Cable | Posted:2007-04-05 00:03 |
彗星風采 手機
個人頭像
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x0 鮮花 x24
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

Drivers
[TSP / TSP][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><N/A>
Browser Add-ons
[網頁]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Internet Security 6.0\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>
這2項我之前有列過了?不過忘記提醒樓主說要刪除.. 表情
這2項都是卡巴的元件..因為樓主沒再用卡巴了..所以可以刪除了... 表情
另外樓主您的XP也都沒有做更新喔...還在SP1....趕緊去更新喔...

PS..我不知道在這邊貼連結到別論壇算不算違規....不過最好還是不要喔....請盡速更改吧 表情


獻花 x0 回到頂端 [27 樓] From:臺灣中華電信HINET | Posted:2007-04-05 00:11 |
Rich0401
數位造型
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x1 鮮花 x28
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

但是我看[ 防毒防駭討論 獎勵與公告 ]

第一條有說可以貼文,而且要載明出處,我不知道還有限制不能貼別的論壇,真失禮啦~~ 表情

http://bbs.mychat.to/thread.php?fid=254
1. 轉貼文章須註明出處, 和寫30個字以上有建設性的心得, 新聞類設自刪。


有問題的那台電腦要下禮拜二才碰的到,我再試試 表情


一人論命,命師曰︰『即將走名聲運。』,不久報紙頭版果登其照,原是通緝犯落網。名聲有好有壞,端看個人作為。
獻花 x0 回到頂端 [28 樓] From:東森 Cable | Posted:2007-04-05 00:22 |
Rich0401
數位造型
個人文章 個人相簿 個人日記 個人地圖
小人物
級別: 小人物 該用戶目前不上站
推文 x1 鮮花 x28
分享: 轉寄此文章 Facebook Plurk Twitter 複製連結到剪貼簿 轉換為繁體 轉換為簡體 載入圖片

舞了一個早上

Browser Add-ons
[Info cache]
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, N/A>

依然不動如山,機碼刪不掉,Icewords也不能用,

-------------------------------------------------------

Drivers
[TSP / TSP][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><N/A>
Browser Add-ons
[網頁]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Internet Security 6.0\Kaspersky Internet Security 6.0\scieplugin.dll, Kaspersky Lab>
這2項我也刪了

-------------------------------------------------------

音效依然呈現死寂狀態,我敗了 表情


以下是最新出爐的SREngLOG,敬請賜教。

-------------------------------------------------------

複製程式

2007-04-10,12:46:43

System Repair Engineer 2.4.12.806
Smallfrogs ([url]http://www.KZTechs.com[/url])

Windows XP Professional Service Pack 1 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [(Verified)Microsoft Windows XP Publisher]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows XP Publisher]
    <CJIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync>  [(Verified)Microsoft Corporation]
    <PHIMETIPSYNC><C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync>  [(Verified)Microsoft Corporation]
    <OfficeScanNT Monitor><"C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow>  [Trend Micro Inc.]
    <Matrox Powerdesk><C:\WINDOWS\System32\PDesk\PDesk.exe /Autolaunch>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <avast!><C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe>  [(Verified)ALWIL Software]
    <Outpost Firewall><C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe /waitservice>  [Agnitum]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows XP Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\System32\AVASTSS.scr>  [ALWIL Software]

==================================
Startup Folders
[REBECCA]
  <C:\Documents and Settings\sinotech.54-573\「開始」功能表\程式集\啟動\REBECCA.lnk --> E:\RIMARTS\REBECCA\REBECCA.EXE [RimArts, Inc.]><N>
[Reminder]
  <C:\Documents and Settings\sinotech.54-573\「開始」功能表\程式集\啟動\Reminder.lnk --> E:\REMINDER\Reminder.exe [Kana Solution]><N>
[標點符號.exe]
  <C:\Documents and Settings\sinotech.54-573\「開始」功能表\程式集\啟動\標點符號.exe.lnk --> E:\原DISK~1\C\game\FU\標點符號.exe [台灣鉅軟科技 HZYSoft Corporation]><N>

==================================
Services
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"><N/A>
[avast! Antivirus / avast! Antivirus][Running/Auto Start]
  <"C:\Program Files\Alwil Software\Avast4\ashServ.exe"><>
[avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service><ALWIL Software>
[avast! Web Scanner / avast! Web Scanner][Running/Manual Start]
  <"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service><ALWIL Software>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Stopped/Disabled]
  <><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[MGABGEXE / MGABGEXE][Running/Auto Start]
  <C:\WINDOWS\System32\mgabg.exe><Matrox Graphics Inc.>
[OfficeScanNT 即時掃瞄 / ntrtscan][Running/Auto Start]
  <C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe><Trend Micro Inc.>
[OfficeScanNT 防火牆 / OfcPfwSvc][Running/Auto Start]
  <C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe><Trend Micro Inc.>
[Outpost Firewall Service / OutpostFirewall][Running/Auto Start]
  <C:\PROGRA~1\Agnitum\OUTPOS~1.0\outpost.exe /service><Agnitum>
[OfficeScanNT Listener / tmlisten][Running/Auto Start]
  <C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe><Trend Micro Inc.>

==================================
Drivers
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Outpost Firewall PlugIn (CONTENT.DLL) / CONTENT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\CONTENT.DLL><Agnitum>
[CO_Mon / CO_Mon][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\Drivers\CO_Mon.sys><N/A>
[Outpost Firewall PlugIn (DNSCACHE.DLL) / DNSCACHE.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\DNSCACHE.DLL><Agnitum>
[Intel(R) PRO Adapter Driver / E100B][Running/Manual Start]
  <System32\DRIVERS\e100b325.sys><Intel Corporation>
[Filseclab Dynamic Defense System Driver / filar][Stopped/System Start]
  <\??\C:\PROGRA~1\COMMON~1\FILSEC~1\filar.sys><N/A>
[Outpost Firewall PlugIn (FTPFILT.DLL) / FTPFILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\FTPFILT.DLL><Agnitum>
[G400 / G400][Stopped/Manual Start]
  <System32\DRIVERS\G400m.sys><Matrox Graphics Inc.>
[G400DH / G400DH][Running/Manual Start]
  <System32\DRIVERS\g400dhm.sys><Matrox Graphics Inc.>
[Outpost Firewall PlugIn (HTMLFILT.DLL) / HTMLFILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\HTMLFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (HTTPFILT.DLL) / HTTPFILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\HTTPFILT.DLL><Agnitum>
[i81x / i81x][Stopped/Manual Start]
  <System32\DRIVERS\i81xnt5.sys><Intel Corporation>
[iAimFP0 / iAimFP0][Stopped/Manual Start]
  <System32\DRIVERS\wADV01nt.sys><Intel Corporation>
[iAimFP1 / iAimFP1][Stopped/Manual Start]
  <System32\DRIVERS\wADV02NT.sys><Intel Corporation>
[iAimFP2 / iAimFP2][Stopped/Manual Start]
  <System32\DRIVERS\wADV05NT.sys><Intel Corporation>
[iAimFP3 / iAimFP3][Stopped/Manual Start]
  <System32\DRIVERS\wSiINTxx.sys><Intel Corporation>
[iAimFP4 / iAimFP4][Stopped/Manual Start]
  <System32\DRIVERS\wVchNTxx.sys><Intel Corporation>
[iAimTV0 / iAimTV0][Stopped/Manual Start]
  <System32\DRIVERS\wATV01nt.sys><Intel Corporation>
[iAimTV1 / iAimTV1][Stopped/Manual Start]
  <System32\DRIVERS\wATV02NT.sys><Intel Corporation>
[iAimTV2 / iAimTV2][Stopped/Manual Start]
  <System32\DRIVERS\wATV03nt.sys><Intel Corporation>
[iAimTV3 / iAimTV3][Stopped/Manual Start]
  <System32\DRIVERS\wATV04nt.sys><Intel Corporation>
[iAimTV4 / iAimTV4][Stopped/Manual Start]
  <System32\DRIVERS\wCh7xxNT.sys><Intel Corporation>
[Outpost Firewall PlugIn (IMAPFILT.DLL) / IMAPFILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\IMAPFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (MAILFILT.DLL) / MAILFILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\MAILFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (NNTPFILT.DLL) / NNTPFILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\NNTPFILT.DLL><Agnitum>
[Outpost Firewall PlugIn (POP3FILT.DLL) / POP3FILT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\POP3FILT.DLL><Agnitum>
[Outpost Firewall PlugIn (PROTECT.DLL) / PROTECT.DLL][Running/Manual Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\PROTECT.DLL><Agnitum>
[直接平行連接埠連結驅動程式 / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[Trend Micro Filter / TmFilter][Running/Auto Start]
  <\??\C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys><Trend Micro Inc.>
[Trend Micro PreFilter / TmPreFilter][Running/Auto Start]
  <\??\C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys><Trend Micro Inc.>
[U3sHlpDr / U3sHlpDr][Running/Auto Start]
  <\??\C:\WINDOWS\System32\Drivers\U3sHlpDr.sys><N/A>
[Outpost Firewall Kernel Driver / VFILT][Running/System Start]
  <\??\C:\PROGRA~1\Agnitum\OUTPOS~1.0\kernel\2000\FILTNT.SYS><Agnitum>
[Trend Micro VSAPI NT / VSApiNt][Running/Auto Start]
  <\??\C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys><Trend Micro Inc.>

==================================
Browser Add-ons
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, N/A>
[參考資料(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[@C:\Program Files\Messenger\Msgslang.dll,-61144]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[收音機(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[CKAVWebScan Object]
  {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} <, N/A>
[Symantec AntiVirus scanner]
  {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} <C:\WINDOWS\Downloaded Program Files\avsniff.dll, Symantec Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\System32\wuweb.dll, Microsoft Corporation>
[Symantec RuFSI Utility Class]
  {644E432F-49D3-41A1-8DD5-E099162EEEC5} <C:\WINDOWS\Downloaded Program Files\rufsi.dll, Symantec Corporation>
[MUWebControl Class]
  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\System32\muweb.dll, Microsoft Corporation>
[WScanCtl Class]
  {7B297BFD-85E4-4092-B2AF-16A91B2EA103} <C:\WINDOWS\Downloaded Program Files\webscan.dll, CA>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[McFreeScan Class]
  {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} <C:\WINDOWS\McAfee.com\FreeScan\mcfscan.dll, McAfee, Inc.>
[匯出至 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 556][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 672][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1668][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2800.1221 (xpsp2.030511-1403)]
    [C:\WINDOWS\System32\PDesk\PDKERNEL.DLL]  [Matrox Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDTOOLS.DLL]  [Matrox Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDRESENG.DLL]  [Matrox Graphics Inc., 6.93.009]
    [C:\Program Files\Alwil Software\Avast4\ashShell.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll]  [Adobe Systems Incorporated, 7.0.0.2004121400]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 7.0.0.0]
[PID: 1996][C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\loadhttp.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\Pwd.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInAPI.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPIPC.dll]  [N/A, ]
    [C:\Program Files\Trend Micro\OfficeScan Client\TimeString.dll]  [N/A, ]
    [C:\Program Files\Trend Micro\OfficeScan Client\ntmonres.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInMain.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\OfcPlugInTray.dll]  [Trend Micro Inc., 7.0.0.1077]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmdbg20.dll]  [trend_company_name, 1, 0, 0, 1]
[PID: 2004][C:\WINDOWS\System32\PDesk\PDesk.exe]  [Matrox Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDTOOLS.DLL]  [Matrox Graphics Inc., 6.93.009]
    [C:\WINDOWS\System32\PDesk\PDRESENG.DLL]  [Matrox Graphics Inc., 6.93.009]
[PID: 2012][C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe]  [, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\WINDOWS\System32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\System32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast4\English\Base.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\Program Files\Alwil Software\Avast4\English\Lang.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\WINDOWS\System32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruimai.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\ashUInt.dll]  [ALWIL Software, 4, 7, 936, 0]
    [C:\PROGRA~1\ALWILS~1\Avast4\XT1922.dll]  [Codejock Software, 1, 9, 4, 0]
    [c:\program files\alwil software\avast4\ahruimes.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruins.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruiout.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruip2p.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruistd.dll]  [ALWIL Software, 4, 7, 936, 0]
    [c:\program files\alwil software\avast4\ahruiws.dll]  [ALWIL Software, 4, 7, 936, 0]
[PID: 2028][C:\WINDOWS\System32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.1106 (xpsp1.020828-1920)]
[PID: 1196][C:\Program Files\Trend Micro\OfficeScan Client\Pop3Trap.exe]  [Trend Micro Incorporated., 10.0.4.1141]
    [C:\Program Files\Trend Micro\OfficeScan Client\POP3UTIL.dll]  [Trend Micro Incorporated., 10.0.4.1141]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmdbg.dll]  [N/A, ]
    [C:\Program Files\Trend Micro\OfficeScan Client\pewnt2.dll]  [Trend Micro Incorporated., 10.0.4.1141]
    [C:\Program Files\Trend Micro\OfficeScan Client\tmCfwApi.dll]  [Trend Micro Inc., 1.2.0.1020]
[PID: 2720][E:\soft\電腦檢測\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1       localhost

==================================
API HOOK
N/A

==================================
Hidden Process
N/A

==================================




一人論命,命師曰︰『即將走名聲運。』,不久報紙頭版果登其照,原是通緝犯落網。名聲有好有壞,端看個人作為。
獻花 x0 回到頂端 [29 樓] From:臺灣中華HiNet | Posted:2007-04-10 12:58 |

<< 上頁  1   2   3   4   5   6  下頁 >>(共 6 頁)
首頁  發表文章 發表投票 回覆文章
Powered by PHPWind v1.3.6
Copyright © 2003-04 PHPWind
Processed in 0.119604 second(s),query:16 Gzip disabled
本站由 瀛睿律師事務所 擔任常年法律顧問 | 免責聲明 | 本網站已依台灣網站內容分級規定處理 | 連絡我們 | 訪客留言