奇怪的花屏问题会不会病毒导致？

马力发表于 2009-7-21 07:51

电脑从前几天开始，开了一段时间后就会出现花屏假死，屏幕字体都会不正常，这时候我只要随便关闭一些已经打开的程序，就会暂时恢复正常。不知道是什么原因？

马力发表于 2009-7-21 08:14

因为之前安装过PPS软件，通过百度后发现PPS会导致花屏问题，已经将PPS卸载，并且显卡驱动已经重新安装。刚刚用sreng扫描已经提示某些键值不正常，稍后将日志发上来。

马力发表于 2009-7-21 08:28

本帖最后由马力于 2009-7-21 08:31 编辑

2009-07-21,08:18:29

System Repair Engineer 2.7.1.1261 Emergency Scan Mode
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600)

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务

启动项目
注册表
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> <iResearchiClick><"C:\PROGRA~1\IRESEA~1\iClick\iResearchiClick.exe" -d 150> <load><> <run><> <iResearchiClick><"C:\PROGRA~1\IRESEA~1\iClick\iResearchiClick.exe" -d 150> <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>[(Verified)Beijing Rising Information Technology Corporation Limited] <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>[(Verified)Microsoft Corporation] <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security\KAVStart.exe" -startup>[(Verified)"ZhuhaiKingsoft Software Co.,Ltd"] <AntiyTray><C:\Program Files\Antiy Labs\ASoft\ATray.exe>[(Verified)Antiy Technology Co. Ltd] <RTHDCPL><RTHDCPL.EXE> <Alcmtr><; ALCMTR.EXE> <RavTray><"C:\Program Files\Rising\Rav\RsTray.exe" -system>[(Verified)Beijing Rising Information Technology Corporation Limited] <RFWTray><"C:\Program Files\Rising\RFW\RsTray.exe" -system>[(Verified)Beijing Rising Information Technology Corporation Limited] <safety3><"C:\Program Files\Rising\Rav\rssafety.exe" /startup>[(Verified)Beijing Rising Information Technology Corporation Limited] <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> <shell><Explorer.exe> <Userinit><C:\WINDOWS\system32\userinit.exe,> <AppInit_DLLs><kmon.dll>[(Verified)Beijing Rising Information Technology Corporation Limited] <UIHost><logonui.exe> <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> <PostBootReminder><%SystemRoot%\system32\SHELL32.dll> <CDBurn><%SystemRoot%\system32\SHELL32.dll> <WebCheck><%SystemRoot%\system32\webcheck.dll> <SysTray><C:\WINDOWS\system32\stobject.dll> <WinlogonNotify: crypt32chain><crypt32.dll> <WinlogonNotify: cryptnet><cryptnet.dll> <WinlogonNotify: cscdll><cscdll.dll> <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> <WinlogonNotify: ScCertProp><wlnotify.dll> <WinlogonNotify: Schedule><wlnotify.dll> <WinlogonNotify: sclgntfy><sclgntfy.dll> <WinlogonNotify: SensLogn><WlNotify.dll> <WinlogonNotify: termsrv><wlnotify.dll> <WinlogonNotify: wlballoon><wlnotify.dll> <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> <Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>[] <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>[] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>[] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>

==================================
启动文件夹
N/A

==================================
服务
<"C:\Program Files\Common Files\Antiy Labs\ACommon\AKrnl.exe" -n AKrnl -fC:\Program Files\Common Files\Antiy Labs\ACommon\AKrnlComMgr.dll><Antiy Labs><C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\system32\alrsvc.dll><Microsoft Corporation><C:\WINDOWS\System32\alg.exe><Microsoft Corporation><C:\Program Files\Antiy Labs\AModule\AHProcMonServer.exe><Antiy Labs><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><Microsoft Corporation><C:\Program Files\Antiy Labs\ASoft\AScheduleService.exe><Antiy Labs><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\audiosrv.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\qmgr.dll><Microsoft Corporation><C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe><N/A><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\browser.dll><Microsoft Corporation><C:\WINDOWS\system32\cisvc.exe><Microsoft Corporation><C:\WINDOWS\system32\clipsrv.exe><Microsoft Corporation><C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\cryptsvc.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost -k DcomLaunch-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dhcpcsvc.dll><Microsoft Corporation><C:\WINDOWS\System32\dmadmin.exe /com><Microsoft Corp., Veritas Software><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\dmserver.dll><Microsoft Corp.><C:\WINDOWS\system32\svchost.exe -k NetworkService-->%SystemRoot%\System32\dnsrslvr.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k dot3svc-->%SystemRoot%\System32\dot3svc.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k eapsvcs-->%SystemRoot%\System32\eapsvc.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\ersvc.dll><Microsoft Corporation><C:\WINDOWS\system32\services.exe><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\es.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\kmsvc.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k HTTPFilter-->%SystemRoot%\System32\w3ssl.dll><Microsoft Corporation><C:\WINDOWS\system32\imapi.exe><Microsoft Corporation><"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"><Kingsoft Corporation><C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\KSWebShield.exe><Kingsoft Corporation><C:\Program Files\Kingsoft\Kingsoft Internet Security\KISSvc.EXE><Kingsoft Corporation><"C:\Program Files\Kingsoft\Kingsoft Internet Security\KWatch.EXE"><Kingsoft Corporation><C:\Program Files\Common Files\Kingsoft\CommonService\kxeserv.exe><Kingsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\srvsvc.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wkssvc.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\lmhsvc.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\msgsvc.dll><Microsoft Corporation><C:\WINDOWS\system32\mnmsrvc.exe><Microsoft Corporation><C:\WINDOWS\system32\msdtc.exe><Microsoft Corporation><C:\WINDOWS\system32\msiexec.exe /V><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\qagentrt.dll><Microsoft Corporation><C:\WINDOWS\system32\netdde.exe><Microsoft Corporation><C:\WINDOWS\system32\netdde.exe><Microsoft Corporation><C:\WINDOWS\system32\lsass.exe><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\netman.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mswsock.dll><Microsoft Corporation><C:\WINDOWS\system32\lsass.exe><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\ntmssvc.dll><Microsoft Corporation><C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation><C:\WINDOWS\system32\services.exe><Microsoft Corporation><C:\WINDOWS\system32\lsass.exe><Microsoft Corporation><C:\WINDOWS\system32\lsass.exe><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasauto.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\rasmans.dll><Microsoft Corporation><C:\WINDOWS\system32\sessmgr.exe><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\mprdim.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\system32\regsvc.dll><Microsoft Corporation><C:\WINDOWS\system32\locator.exe><Microsoft Corporation><C:\WINDOWS\system32\svchost -k rpcss-->%SystemRoot%\system32\rpcss.dll><Microsoft Corporation><"C:\Program Files\Rising\Rav\RavMonD.exe"><Beijing Rising Information Technology Co., Ltd.><"C:\Program Files\Rising\RFW\RavMonD.exe"><Beijing Rising Information Technology Co., Ltd.><C:\WINDOWS\system32\rsvp.exe><Microsoft Corporation><C:\WINDOWS\system32\lsass.exe><Microsoft Corporation><C:\WINDOWS\System32\SCardSvr.exe><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\system32\schedsvc.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\seclogon.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\sens.dll><Microsoft Corporation><"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia.><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\ipnathlp.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation><C:\WINDOWS\system32\spoolsv.exe><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\srsvc.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\ssdpsrv.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k imgsvc-->%SystemRoot%\system32\wiaservc.dll><Microsoft Corporation><C:\WINDOWS\system32\dllhost.exe /Processid:{E9744927-6A84-45FF-8BB3-FE4E93169F03}><Microsoft Corporation><C:\WINDOWS\system32\smlogsvc.exe><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\tapisrv.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost -k DComLaunch-->%SystemRoot%\System32\termsrv.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\shsvcs.dll><Microsoft Corporation><C:\WINDOWS\system32\tlntsvr.exe><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\trkwks.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\upnphost.dll><Microsoft Corporation><C:\WINDOWS\System32\ups.exe><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs><Microsoft Corporation><C:\Program Files\VMware\VMware Workstation\vmware-authd.exe><VMware, Inc.><C:\WINDOWS\system32\vmnetdhcp.exe><VMware, Inc.><C:\WINDOWS\system32\vmnat.exe><VMware, Inc.><C:\WINDOWS\System32\vssvc.exe><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\w32time.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k LocalService-->%SystemRoot%\System32\webclnt.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\system32\wbem\WMIsvc.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\mspmsnsv.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\advapi32.dll><Microsoft Corporation><C:\WINDOWS\system32\wbem\wmiapsrv.exe><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SYSTEMROOT%\system32\wscsvc.dll><Microsoft Corporation><C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\wuauserv.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\wzcsvc.dll><Microsoft Corporation><C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\xmlprov.dll><Microsoft Corporation>

==================================
驱动程序
<\SystemRoot\system32\DRIVERS\ACPI.sys><Microsoft Corporation><system32\drivers\aec.sys><Microsoft Corporation><\SystemRoot\System32\drivers\afd.sys><Microsoft Corporation><system32\drivers\Ambfilt.sys><Creative><\??\C:\Program Files\Antiy Labs\AModule\AMonitorDriver.sys><Antiy Labs><\??\C:\Program Files\Antiy Labs\AModule\ProAntiy.sys><Antiy Labs><system32\DRIVERS\asyncmac.sys><Microsoft Corporation>[标准 IDE/ESDI 硬盘控制器 / atapi]<\SystemRoot\system32\DRIVERS\atapi.sys><Microsoft Corporation><system32\DRIVERS\atmarpc.sys><Microsoft Corporation>[音频存根驱动程序 / audstub]<system32\DRIVERS\audstub.sys><Microsoft Corporation><system32\DRIVERS\blueletaudio.sys><IVT Corporation><system32\DRIVERS\BlueletSCOAudio.sys><IVT Corporation><system32\DRIVERS\btnetdrv.sys><IVT Corporation><System32\Drivers\btcusb.sys><IVT Corporation><system32\DRIVERS\vbtenum.sys><N/A><\SystemRoot\System32\Drivers\BTHidMgr.sys><IVT Corporation><system32\DRIVERS\CCDECODE.sys><Microsoft Corporation><system32\DRIVERS\cdrom.sys><Microsoft Corporation><\??\C:\Documents and Settings\mali\桌面\Ch000001.sys><N/A>[磁盘驱动器 / Disk]<\SystemRoot\system32\DRIVERS\disk.sys><Microsoft Corporation><System32\drivers\dmboot.sys><Microsoft Corp., Veritas Software><\SystemRoot\System32\drivers\dmio.sys><Microsoft Corp., Veritas Software><\SystemRoot\System32\drivers\dmload.sys><Microsoft Corp., Veritas Software.><system32\drivers\DMusic.sys><Microsoft Corporation><system32\drivers\drmkaud.sys><Microsoft Corporation><\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A><system32\DRIVERS\fdc.sys><Microsoft Corporation>[软盘驱动程序 / Flpydisk]<system32\DRIVERS\flpydisk.sys><Microsoft Corporation><\SystemRoot\system32\drivers\fltmgr.sys><Microsoft Corporation><system32\DRIVERS\fsvga.sys><Microsoft Corporation><\SystemRoot\system32\DRIVERS\ftdisk.sys><Microsoft Corporation><\??\C:\WINDOWS\gdrv.sys><Windows (R) 2000 DDK provider><system32\DRIVERS\msgpc.sys><Microsoft Corporation><\??\C:\WINDOWS\system32\drivers\hardlock.sys><N/A><\??\C:\WINDOWS\system32\Drivers\hcmon.sys><VMware, Inc.><system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider><system32\DRIVERS\hidusb.sys><Microsoft Corporation><system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.><\??\D:\热舞派对\element\HookProtect.sys><N/A><system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.><System32\Drivers\HTTP.sys><Microsoft Corporation><system32\DRIVERS\i8042prt.sys><Microsoft Corporation><system32\DRIVERS\imapi.sys><Microsoft Corporation><system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.><system32\DRIVERS\intelppm.sys><Microsoft Corporation><system32\drivers\ip6fw.sys><Microsoft Corporation><system32\DRIVERS\ipfltdrv.sys><Microsoft Corporation><system32\DRIVERS\ipinip.sys><Microsoft Corporation><system32\DRIVERS\ipnat.sys><Microsoft Corporation><system32\DRIVERS\ipsec.sys><Microsoft Corporation><system32\DRIVERS\irenum.sys><Microsoft Corporation><\SystemRoot\system32\DRIVERS\isapnp.sys><Microsoft Corporation><\SystemRoot\system32\DRIVERS\jraid.sys><JMicron Technology Corp.><\??\C:\WINDOWS\system32\drivers\kavapim.sys><Kingsoft Corporation><\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation><\??\C:\WINDOWS\system32\drivers\kavfm.sys><Kingsoft Corporation><\SystemRoot\system32\drivers\kavpm.sys><Kingsoft Corporation><\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation><\SystemRoot\system32\drivers\kavuty.sys><Kingsoft Corporation><system32\DRIVERS\kbdclass.sys><Microsoft Corporation><system32\drivers\kmixer.sys><Microsoft Corporation><\??\C:\Program Files\Kingsoft\Kingsoft Internet Security\KNetWch.SYS><Kingsoft Corporation><\??\C:\WINDOWS\system32\Drivers\KWatch3.sys><Kingsoft Corporation><system32\drivers\Monfilt.sys><Creative Technology Ltd.><system32\DRIVERS\mouclass.sys><Microsoft Corporation><system32\DRIVERS\mouhid.sys><Microsoft Corporation><system32\DRIVERS\mrxdav.sys><Microsoft Corporation><system32\DRIVERS\mrxsmb.sys><Microsoft Corporation><system32\drivers\MSKSSRV.sys><Microsoft Corporation><system32\drivers\MSPCLOCK.sys><Microsoft Corporation><system32\drivers\MSPQM.sys><Microsoft Corporation><system32\DRIVERS\mssmbios.sys><Microsoft Corporation><system32\drivers\MSTEE.sys><Microsoft Corporation><system32\DRIVERS\NABTSFEC.sys><Microsoft Corporation><system32\DRIVERS\NdisIP.sys><Microsoft Corporation><system32\DRIVERS\ndistapi.sys><Microsoft Corporation><system32\DRIVERS\ndisuio.sys><Microsoft Corporation><system32\DRIVERS\ndiswan.sys><Microsoft Corporation><system32\DRIVERS\netbios.sys><Microsoft Corporation><system32\DRIVERS\netbt.sys><Microsoft Corporation><system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation><system32\DRIVERS\nwlnkflt.sys><Microsoft Corporation><system32\DRIVERS\nwlnkfwd.sys><Microsoft Corporation><system32\DRIVERS\parport.sys><Microsoft Corporation><system32\DRIVERS\pccsmcfd.sys><Nokia><\SystemRoot\system32\DRIVERS\pci.sys><Microsoft Corporation><\SystemRoot\system32\DRIVERS\pciide.sys><Microsoft Corporation><system32\DRIVERS\raspptp.sys><Microsoft Corporation><system32\drivers\Protector.sys><N/A><\??\C:\WINDOWS\system32\drivers\ProtectorA.sys><www.ISRA.org.cn><system32\DRIVERS\psched.sys><Microsoft Corporation><system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.><system32\DRIVERS\rasacd.sys><Microsoft Corporation><system32\DRIVERS\rasl2tp.sys><Microsoft Corporation>[远程访问 PPPOE 驱动程序 / RasPppoe]<system32\DRIVERS\raspppoe.sys><Microsoft Corporation><system32\DRIVERS\raspti.sys><Microsoft Corporation><system32\DRIVERS\rdbss.sys><Microsoft Corporation><System32\DRIVERS\RDPCDD.sys><Microsoft Corporation><system32\DRIVERS\rdpdr.sys><Microsoft Corporation><system32\DRIVERS\redbook.sys><Microsoft Corporation><system32\DRIVERS\rfwarp.sys><Beijing Rising Information Technology Co., Ltd.><system32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.><\??\C:\Program Files\Rising\RFW\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.><System32\Drivers\RootMdm.sys><Microsoft Corporation><\??\C:\Program Files\Rising\RFW\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.><\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.><system32\drivers\RsPtect.sys><Beijing Rising Information Technology Co., Ltd.><system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation><system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.><\SystemRoot\System32\Drivers\SENTINEL.SYS><Rainbow Technologies, Inc.><system32\DRIVERS\serenum.sys><Microsoft Corporation><system32\DRIVERS\serial.sys><Microsoft Corporation><system32\DRIVERS\SLIP.sys><Microsoft Corporation><system32\DRIVERS\SONYPVU1.SYS><Sony Corporation><system32\drivers\splitter.sys><Microsoft Corporation><\SystemRoot\system32\DRIVERS\sr.sys><Microsoft Corporation><system32\DRIVERS\srv.sys><Microsoft Corporation><system32\DRIVERS\StreamIP.sys><Microsoft Corporation><system32\DRIVERS\swenum.sys><Microsoft Corporation><system32\drivers\swmidi.sys><Microsoft Corporation><system32\drivers\sysaudio.sys><Microsoft Corporation><system32\DRIVERS\tcpip.sys><Microsoft Corporation><system32\DRIVERS\termdd.sys><Microsoft Corporation><\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT><system32\DRIVERS\update.sys><Microsoft Corporation><system32\DRIVERS\usbser_lowerflt.sys><N/A><system32\DRIVERS\usbehci.sys><Microsoft Corporation><system32\DRIVERS\usbhub.sys><Microsoft Corporation><system32\DRIVERS\USBSTOR.SYS><Microsoft Corporation><system32\DRIVERS\usbuhci.sys><Microsoft Corporation><system32\DRIVERS\VComm.sys><IVT Corporation><System32\Drivers\VcommMgr.sys><IVT Corporation><\SystemRoot\System32\drivers\vga.sys><Microsoft Corporation><system32\DRIVERS\vmnetadapter.sys><VMware, Inc.><system32\DRIVERS\vmnetbridge.sys><VMware, Inc.><\??\C:\WINDOWS\system32\drivers\vmnetuserif.sys><VMware, Inc.><\??\C:\WINDOWS\system32\Drivers\VMparport.sys><VMware, Inc.><System32\Drivers\vmusb.sys><VMware, Inc.><\??\C:\WINDOWS\system32\Drivers\vmx86.sys><VMware, Inc.><system32\DRIVERS\wanarp.sys><Microsoft Corporation><system32\drivers\wdmaud.sys><Microsoft Corporation><system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation><\??\C:\WINDOWS\system32\drivers\AntiyFW.sys><Antiy Labs>

==================================
浏览器加载项
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>{776B71E2-B4CC-4C94-BC7C-09103AA690B6} <C:\WINDOWS\system32\ProcessProtection.dll, (Signed) www.ISRA.org.cn>{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>[启动迅雷5]{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, (Signed) 深圳市迅雷网络技术有限公司>{09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} <C:\Program Files\Google\Google Gears\Internet Explorer\0.3.13.0\gears.dll, Google Inc.>[信息检索(&R)]{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>[瑞星卡卡工具条(&R)]{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>[]{00000161-0000-0010-8000-00AA00389B71} <, >{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} <C:\WINDOWS\system32\OGACheckControl.dll, (Signed) >{0742B9EF-8C83-41CA-BFBA-830A59E23533} <C:\WINDOWS\Downloaded Program Files\MSDcode.dll, (Signed) Microsoft Corp>{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >[]{33564D57-0000-0010-8000-00AA00389B71} <, >{3F096DF9-E61A-40D2-96CA-E734019AB4B9} <C:\WINDOWS\system32\WebI800.dll, (Signed) TODO: <公司名>>{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>{6DC46AC0-7EC9-44EB-8CF7-5371B2008904} <C:\WINDOWS\Downloaded Program Files\SpeedTE.dll, (Signed) AKAZAM Communications Inc.>{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >[]{B2EC6023-6C00-49F9-A8BE-3AAC4E326BA4} <, >{BAEA0695-03A4-43BB-8495-C7025E1A8F42} <C:\WINDOWS\system32\qqedit\qqcert.dll, N/A>{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>[]{00000161-0000-0010-8000-00AA00389B71} <, >{01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>[]{01C8D7B8-5236-46A6-B6A7-94224EEED170} <, >{05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} <C:\WINDOWS\system32\OGACheckControl.dll, (Signed) >{0742B9EF-8C83-41CA-BFBA-830A59E23533} <C:\WINDOWS\Downloaded Program Files\MSDcode.dll, (Signed) Microsoft Corp>{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>[]{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >[]{09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} <, >{0A47E819-F82E-4D5D-B806-6A9EA94D68CD} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\peerid.dll, N/A>{127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, (Signed) Microsoft Corporation>{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, (Signed) Microsoft Corporation>[]{18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <, >[]{19EFFC12-25FB-479A-A0F2-1569AE1B3365} <, >{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>{25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, Microsoft Corporation>{3050F819-98B5-11CF-BB82-00AA00BDCE0B} <C:\WINDOWS\system32\mshtmled.dll, Microsoft Corporation>[]{320AF880-6646-11D3-ABEE-C5DBF3571F46} <, >[]{320AF880-6646-11D3-ABEE-C5DBF3571F49} <, >{38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>[]{3AECD3C1-7085-4731-96DC-47B6CF7EF749} <, >{3F096DF9-E61A-40D2-96CA-E734019AB4B9} <C:\WINDOWS\system32\WebI800.dll, (Signed) TODO: <公司名>>[]{43869BB3-22FD-4F15-9B46-238106BA2F4E} <, >{48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >{49484D63-60FB-4E4E-A400-9092F418CB61} <C:\PROGRA~1\Shutter\9BOX-S~1\NINEBO~1.DLL, (Signed) N/A>{4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, N/A>{4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, N/A>{52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>[]{53BEAA3C-A509-49AD-ACC3-553AD20DA38B} <, >{55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>[]{5AB9367B-DD7F-411D-A030-DF7DE5E17AAE} <, >{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <C:\Program Files\Alisoft\WangWang\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>{6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, 深圳市迅雷网络技术有限公司>{693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >[]{69A5F9C4-01CB-470B-8161-CE67313E3CF4} <, >{6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} <C:\Program Files\StormII\mps.dll, (Signed) 北京暴风网际科技有限公司>{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>{6DC46AC0-7EC9-44EB-8CF7-5371B2008904} <C:\WINDOWS\Downloaded Program Files\SpeedTE.dll, (Signed) AKAZAM Communications Inc.>{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>[]{724D43A0-0D85-11D4-9908-00400523E39A} <, >[]{724D43A9-0D85-11D4-9908-00400523E39A} <, >[]{724D43AA-0D85-11D4-9908-00400523E39A} <, >[]{7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <, >{7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, N/A>{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >{7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, N/A>{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin19.dll, (Signed) 深圳市迅雷网络技术有限公司>{776B71E2-B4CC-4C94-BC7C-09103AA690B6} <C:\WINDOWS\system32\ProcessProtection.dll, (Signed) www.ISRA.org.cn>[]{77FEF28E-EB96-44FF-B511-3185DEA48697} <, >[]{7E853D72-626A-48EC-A868-BA8D5E23E045} <, >[]{7EA71132-FFE9-4BEC-8824-B94F83E1F353} <, >{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >[]{8FFBE65D-2C9C-4669-84BD-5829DC0B603C} <, >{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>{9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, N/A>[]{92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >{9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5814.165.(186).dll, (Signed) 深圳市迅雷网络技术有限公司>[卡卡上网安全助手]{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <C:\WINDOWS\system32\UrlFilter.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>[]{9D9E8E93-78DE-4C43-9951-571BE86D5060} <, >[]{9EDD6A91-BDD9-46DF-B470-7C04BA9B11FB} <, >[]{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <, >[]{A3CD7F74-93C9-4BC4-B892-CCDF1514F714} <, >{A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5814.165.(186).dll, (Signed) 深圳市迅雷网络技术有限公司>{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>[]{B2EC6023-6C00-49F9-A8BE-3AAC4E326BA4} <, >{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>[]{B580CF65-E151-49C3-B73F-70B13FCA8E86} <, >[]{B69003B3-C55E-4B48-836C-BC5946FC3B28} <C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation>{BAEA0695-03A4-43BB-8495-C7025E1A8F42} <C:\WINDOWS\system32\qqedit\qqcert.dll, N/A>{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>{BDEADE3F-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\OFFICE11\OWSCLT.DLL, (Signed) Microsoft Corporation>{BDEADE43-C265-11D0-BCED-00A0C90AB50F} <C:\PROGRA~1\MICROS~2\OFFICE11\OWSCLT.DLL, (Signed) Microsoft Corporation>{CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>{CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>{CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\Program Files\StormII\Codec\rmoc3260.dll, N/A>{D2517915-48CE-4286-970F-921E881B8C5C} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>[]{D82303B7-A754-4DCB-8AFC-8CF99435AACE} <, >{D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security\KASBrowserShield.DLL, (Signed) Kingsoft Corporation>[瑞星卡卡工具条(&R)]{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\KakaTool.dll, (Signed) Beijing Rising Information Technology Co., Ltd.>{DFEAF541-F3E1-4C24-ACAC-99C30715084A} <C:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.dll, (Signed)Microsoft Corporation>{E05BC2A3-9A46-4A32-80C9-023A473F5B23} <C:\Program Files\QQ\QzoneMusic.dll, (Signed) 深圳腾讯科技>{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} <C:\Program Files\Google\Google Gears\Internet Explorer\0.3.13.0\gears.dll, Google Inc.>[]{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >{E61E8363-041F-455C-8AD0-8A61F1D8E540} <C:\WINDOWS\system32\KeyboardProtection.dll, (Signed) www.ISRA.org.cn>[]{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <, >[]{E9707834-5BF7-4CFF-A639-398427DE1991} <, >[]{ECCBA956-80E5-11D3-9285-0080ADB811C9} <, >{EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.5712.71.207.dll, N/A>{F0E42D40-368C-11D0-AD81-00A0C90DC8D9} <C:\PROGRA~1\COMMON~1\MICROS~1\SNAPSH~1\SNAPVIEW.OCX, (Signed) Microsoft Corporation>{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.58130.251.(186).dll, (Signed) 深圳市迅雷网络技术有限公司>[]{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >[]{FB7199AB-79BF-11D2-8D94-0000F875C541} <C:\Program Files\Messenger\msgsc.dll, Microsoft Corporation>[使用迅雷下载]<C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>[使用迅雷下载全部链接]<C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>

==================================
正在运行的进程
[\SystemRoot\System32\smss.exe] [\??\C:\WINDOWS\system32\csrss.exe] [\??\C:\WINDOWS\system32\winlogon.exe] [, ] [深圳市迅雷网络技术有限公司, 1, 0, 0, 20] [深圳市迅雷网络技术有限公司, 1, 0, 0, 16]

547602543z 发表于 2009-7-21 08:28

我想说~你的windows安装盘不完整，哪个版本的GHOST XP？缺少了个dll~用sreng把错误的值修复

马力发表于 2009-7-21 08:32

文件关联
.TXTError.
.EXEOK. ["%1" %*]
.COMOK. ["%1" %*]
.PIFOK. ["%1" %*]
.REGOK.
.BATOK. ["%1" %*]
.SCROK. ["%1" /S]
.CHMError. ["hh.exe" %1]
.HLPError.
.INIError.
.INFOK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBSOK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNKOK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
MSAFD Tcpip
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD Tcpip
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD Tcpip
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{D2790B8F-09E6-414E-B0CF-006B34892566}] SEQPACKET 0
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{D2790B8F-09E6-414E-B0CF-006B34892566}] DATAGRAM 0
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{D746C9BA-AD42-4B33-BDBE-B1AF43FC7375}] SEQPACKET 6
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{D746C9BA-AD42-4B33-BDBE-B1AF43FC7375}] DATAGRAM 6
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E0F7E5A-498A-4EED-A5BD-F3FC1C08CF6D}] SEQPACKET 5
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{7E0F7E5A-498A-4EED-A5BD-F3FC1C08CF6D}] DATAGRAM 5
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{76009BF6-791A-4233-82B4-B701D64E41AB}] SEQPACKET 1
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{76009BF6-791A-4233-82B4-B701D64E41AB}] DATAGRAM 1
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{545776AC-8D3C-4981-966E-650111C6A6BB}] SEQPACKET 2
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{545776AC-8D3C-4981-966E-650111C6A6BB}] DATAGRAM 2
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{E54E4B5F-E176-4974-BDB2-A5207EBB59B3}] SEQPACKET 7
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{E54E4B5F-E176-4974-BDB2-A5207EBB59B3}] DATAGRAM 7
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{4CFC8A68-5F8F-4DFE-8D01-4801312B2952}] SEQPACKET 8
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{4CFC8A68-5F8F-4DFE-8D01-4801312B2952}] DATAGRAM 8
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{BDF79DEB-B9F9-44F0-A4A7-CA3C3241D65E}] SEQPACKET 3
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{BDF79DEB-B9F9-44F0-A4A7-CA3C3241D65E}] DATAGRAM 3
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{479C39F7-DAFD-4596-B5E8-2493B715A1F0}] SEQPACKET 4
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
MSAFD NetBIOS [\Device\NetBT_Tcpip_{479C39F7-DAFD-4596-B5E8-2493B715A1F0}] DATAGRAM 4
C:\WINDOWS\system32\mswsock.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider)
RSVP UDP Service Provider
C:\WINDOWS\system32\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider)
RSVP TCP Service Provider
C:\WINDOWS\system32\rsvpsp.dll(Microsoft Corporation, Microsoft Windows Rsvp 1.0 Service Provider)

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeSystemtimePrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeDebugPrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeSystemtimePrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeLoadDriverPrivilege
特殊特权被允许： SeDebugPrivilege
特殊特权被允许： SeLoadDriverPrivilege

==================================
计划任务
[已启用] SogouImeMgr.job C:\PROGRA~1\SOGOUI~1\360~1.165\PinyinRepair.exe [已启用] OGALogon.job C:\WINDOWS\system32\OGAVerify.exe [已启用] OGADaily.job C:\WINDOWS\system32\OGAVerify.exe

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

马力发表于 2009-7-21 08:35

我想说~你的windows安装盘不完整，哪个版本的GHOST XP？缺少了个dll~用sreng把错误的值修复
547602543z 发表于 2009-7-21 08:28 http://bbs.antiy.cn/images/common/back.gif
XP是原版镜像文件刻的盘，不是GHOST

547602543z 发表于 2009-7-21 09:53

本帖最后由 547602543z 于 2009-7-21 09:54 编辑

用金山清理专家诊断下吧，怀疑有病毒或者恶意软件，尝试这些工具

马力发表于 2009-7-21 09:54

诊断过没问题，所以觉得奇怪

swordlea 发表于 2009-7-21 10:03

电脑从前几天开始，开了一段时间后就会出现花屏假死，屏幕字体都会不正常，这时候我只要随便关闭一些已经打开的程序，就会暂时恢复正常。不知道是什么原因？

这种情况我以前遇到过，一般是系统可用句柄被耗尽的前兆，可以使用任务管理器检查一下是哪个进程占用句柄过多。

马力发表于 2009-7-21 10:15

好的，我回去看下，谢谢sw

马力发表于 2009-7-21 18:34

这种情况我以前遇到过，一般是系统可用句柄被耗尽的前兆，可以使用任务管理器检查一下是哪个进程占用句柄过多。
1940
swordlea 发表于 2009-7-21 10:03 http://bbs.antiy.cn/images/common/back.gif
发个截图

马力发表于 2009-7-21 18:34

还有刚刚软件运行的时候，提示可能因为病毒原因已经被更改。我现在重新解压未被感染的sreng扫描个日志发上来

swordlea 发表于 2009-7-21 18:37

11# 马力

设置任务管理器显示句柄数量的方法为，”查看 “-> ”选择列“，然后按图中操作。

马力发表于 2009-7-21 18:41

11# 马力

设置任务管理器显示句柄数量的方法为，”查看 “-> ”选择列“，然后按图中操作。
1942
swordlea 发表于 2009-7-21 18:37 http://bbs.antiy.cn/images/common/back.gif
不好意思，想着截句柄的，结果截错图了

马力发表于 2009-7-21 19:03

重新发个刚刚扫描的日志上来

页: [1] 2

创意安天's Archiver

奇怪的花屏问题 会不会病毒导致？

奇怪的花屏问题会不会病毒导致？