瑞星卡卡安全论坛

最近我的电脑启动好慢，我就看了下Ｃ盘，结果发现（如图），这样怕不怕，又没有病毒，请高手帮忙

附件: 78804320061222142604.BMP

扫苗日记是
Logfile of Kaka v2. 0. 2. 6 Scan Module v1. 0. 3. 6
Scan saved at 14:24:57, on 2006-12-22
Platform: Microsoft Windows XP Personal Service Pack 2 (Build 2600)
MSIE: Internet Explorer v6.00 SP2; (6.00.2900.2180 (xpsp_sp2_rtm.040803-2158))


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.yahoo.com.cn
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,default_page_url=http://www.lenovo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.yahoo.com.cn
O1 - Hosts: 127.0.0.1      localhost
O2 - BHO: Thunder Browser Helper - {54EBD539-9BC1-480B-966A-843A333CA162} - d:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_006.dll
O2 - BHO: QQBrowserHelperObject Class - {54EBD53A-9BC1-480B-966A-843A333CA162} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
O2 - BHO:  - {A9930D97-9CF0-42A0-A10D-4F28836579D5} - D:\PROGRA~1\KuGoo3\KUGOO3~1.OCX
O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKLM\..\Run: [StateChange] C:\Program Files\lenovo\StateChange\QuakeII.exe
O4 - HKLM\..\Run: [RavTask] "D:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - HKLM\..\Run: [RfwMain] "D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [联想标准功能键盘 Ver1.0.0.3] C:\Program Files\联想\联想标准功能键盘\SkDaemond.exe
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [runeip] D:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - Startup: desktop.ini =
O4 - Global Startup: desktop.ini =
O4 - Global Startup: 功能键盘.lnk = C:\Program Files\Legend\HotKey\HotKeyB.exe
O8 - Extra context menu item: &使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: &使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 上传到QQ网络硬盘 - D:\Program Files\Tencent\QQ\AddToNetDisk.htm
O8 - Extra context menu item: 使用KuGoo3下载(&K) - D:\Program Files\KuGoo3\KuGoo3DownX.htm
O8 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: 添加到QQ自定义面板 - D:\Program Files\Tencent\QQ\AddPanel.htm
O8 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\Program Files\Tencent\QQ\SendMMS.htm
O9 - Extra Button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - Extra Button: 解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - d:\Program Files\HEROSOFT\Hero3000\MPLAYER.EXE
O9 - Extra 'Tools' menuitem: 超级解霸 - {367E0A21-8601-4986-9C9A-153BF5ACA118} - d:\Program Files\HEROSOFT\Hero3000\MPLAYER.EXE
O9 - Extra Button: 联想 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.lenovo.com (file missing)
O9 - Extra Button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\Program Files\Tencent\QQ\QQ.EXE
O9 - Extra Button: (no name) - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra 'Tools' menuitem: QQ炫彩工具条设置 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - D:\Program Files\Tencent\QQ\QQIEHelper.dll
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160972286796
O17 - HKLM\System\CCS\Services\Tcpip\..\{644CB283-37C4-47D5-8B65-1847AC748136}: NameServer = 202.101.224.69 202.101.226.68
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll
O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll
O18 - Protocol: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL
O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll

卷  (C:)
    卷大小                                    = 9.76 GB
    簇大小                                    = 8 KB
    已使用空间                                = 9.24 GB
    可用空间                                  = 533 MB
    可用空间百分比                            = 5 %

卷碎片
    总的碎片                                  = 27 %
    文件碎片                                  = 51 %
    可用空间碎片                              = 4 %

文件碎片
    文件总数                                  = 21,065
    文件平均大小                              = 417 KB
    碎片文件总数                              = 76
    剩余碎片总数                              = 7,999
    每个文件的碎片平均个数                    = 1.37

页面文件碎片
    页面文件大小                              = 768 MB
    总的碎片个数                              = 479

文件夹碎片
    文件夹总数                                = 1,671
    零碎文件夹                                = 33
    剩余文件夹碎片                            = 161

--------------------------------------------------------------------------------
碎片            文件大小        最零碎的文件
2              13 MB          \WINDOWS\SYSTEM32\VIRPE.DEF
2              16 MB          \WINDOWS\Fonts\BATANG.TTC
2              40 MB          \WINDOWS\Fonts\SURSONG.TTF
2              60 MB          \WINDOWS\Driver Cache\I386\DRIVER.CAB
3              76 KB          \WINDOWS\Prefetch\SMARTUP.EXE-047BF84C.pf
2              64 KB          \WINDOWS\SoftwareDistribution\DataStore\Logs\TMP.EDB
2              538 KB          \Documents and Settings\All Users\Application Data\Rising\Rav\RsConfig.cfg
3              1 KB            \Documents and Settings\Owner\ntuser.dat.LOG
2              32 KB          \Documents and Settings\Owner\Local Settings\Temp\~DF49E7.TMP
422            810 MB          \Documents and Settings\Owner\Local Settings\Temp\000003452D1B99CD
1,287          360 MB          \Documents and Settings\Owner\Local Settings\Temp\0000038B02C451B5
17              160 MB          \Documents and Settings\Owner\Local Settings\Temp\000003AADD991A6A
325            160 MB          \Documents and Settings\Owner\Local Settings\Temp\000003CAE93C0C95
1,461          810 MB          \Documents and Settings\Owner\Local Settings\Temp\0000031DC024D494
1,150          160 MB          \Documents and Settings\Owner\Local Settings\Temp\0000035422276A97
736            160 MB          \Documents and Settings\Owner\Local Settings\Temp\00000371ABFC557D
132            240 MB          \Documents and Settings\Owner\Local Settings\Temp\0000038A108F00C2
1,211          360 MB          \Documents and Settings\Owner\Local Settings\Temp\0000039F97C4AD48
192            810 MB          \Documents and Settings\Owner\Local Settings\Temp\0000041DA95E7DF1
980            540 MB          \Documents and Settings\Owner\Local Settings\Temp\0000045BA00E3142
4              2 MB            \Documents and Settings\Owner\Local Settings\Temp\NeroDemo11535\Cab\83D029BE.CAB
8              49 MB          \Documents and Settings\Owner\Local Settings\Temp\RavTmp\Rav.zip
2              4 MB            \Documents and Settings\Owner\Local Settings\Temp\RavTmp\VirPe.def
2              64 KB          \Documents and Settings\Owner\Local Settings\History\History.IE5\MSHist012006122220061223\INDEX.DAT
4              818 KB          \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\CT6BS1EZ\78804320061222142604[1].bmp
6              1 MB            \Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5\UHRSTKZ2\main_new[1].swf
3              17 MB          \System Volume Information\_restore{84ABCC85-A6AA-48EA-A2ED-8ED1D403B9E5}\RP130\SNAPSHOT\_REGISTRY_MACHINE_SOFTWARE
15              49 MB          \System Volume Information\_restore{84ABCC85-A6AA-48EA-A2ED-8ED1D403B9E5}\RP131\A0022853.EXE
3              16 MB          \System Volume Information\_restore{84ABCC85-A6AA-48EA-A2ED-8ED1D403B9E5}\RP131\A0022854.EXE
3              46 KB          \System Volume Information\_restore{84ABCC85-A6AA-48EA-A2ED-8ED1D403B9E5}\RP131\CHANGE.LOG

这些文件有用吗，可以删涂吗，请高手帮忙

【回复“９８７６５３２”的帖子】
删除
\Documents and Settings\Owner\Local Settings\Temp\下的所有文件及文件夹

删除
\Documents and Settings\Owner\Local Settings\Temporary Internet Files\下的所有文件及文件夹

删除
\Documents and Settings\Owner\Local Settings\History\下的所有文件及文件夹

＝＝＝＝＝＝＝

另外
\System Volume Information\是系统还原文件夹
建议关闭系统还原

重启机器

开启系统还原并重建一个系统还原点