紧急求救！！！ - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛紧急求救！！！

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

2 / 4 页

跳转页

紧急求救！！！

liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:	发表于： 2006-08-09 21:09 \| 只看楼主短消息资料字号：小中大 11楼 [F:\Apache2\bin\libapr.dll] <Apache Software Foundation><0.0.0.0> [F:\Apache2\bin\libaprutil.dll] <Apache Software Foundation><0.0.0.0> [F:\Apache2\bin\libapriconv.dll] <Apache Software Foundation><0.0.0.0> [F:\Apache2\bin\libhttpd.dll] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_access.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_actions.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_alias.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_asis.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_auth.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_autoindex.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_cgi.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_dir.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_env.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_imap.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_include.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_isapi.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_log_config.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_mime.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_negotiation.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_setenvif.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_userdir.so] <Apache Software Foundation><2.0.52> [PID: 1996][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 2004][C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE] <C-Dilla Ltd><3.24.010> [PID: 2024][C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe] <Symantec Corporation><8.1.0.821> [PID: 2032][F:\Apache2\bin\Apache.exe] <Apache Software Foundation><2.0.52> [F:\Apache2\bin\libapr.dll] <Apache Software Foundation><0.0.0.0> [F:\Apache2\bin\libaprutil.dll] <Apache Software Foundation><0.0.0.0> [F:\Apache2\bin\libapriconv.dll] <Apache Software Foundation><0.0.0.0> [F:\Apache2\bin\libhttpd.dll] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_access.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_actions.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_alias.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_asis.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_auth.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_autoindex.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_cgi.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_dir.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_env.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_imap.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_include.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_isapi.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_log_config.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_mime.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_negotiation.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_setenvif.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_userdir.so] <Apache Software Foundation><2.0.52> [PID: 180][C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe] <Symantec Corporation><8.1.0.821> [C:\WINDOWS\system32\CBA.DLL] <Intel? Corporation><6.12.0.105 E> [C:\WINDOWS\system32\MsgSys.dll] <Intel? Corporation><6.12.0.105 E> [C:\WINDOWS\system32\NTS.dll] <Intel? Corporation><6.12.0.105 E> [C:\WINDOWS\system32\PDS.DLL] <Intel? Corporation><6.12.0.105 E> [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVLU.dll] <Symantec Corporation><8.1.0.821> [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVNTUTL.DLL] <Symantec/Peter Norton Group><1, 0, 0, 1> [C:\PROGRA~1\SYMANT~1\SYMANT~1\i2ldvp3.dll] <Symantec Corporation><8.1.0.821> [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAPI32.DLL] <Symantec Corp.><4.2.0.7> [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060520.005\NAVEX32a.DLL] <Symantec Corporation><20061.1.0.14> [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060520.005\NAVENG32.DLL] <Symantec Corporation><20061.1.0.14> [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP32.DLL] <Symantec Corporation><9.1.0.26> [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NotesExt.dll] <Symantec Corporation><8.1.0.821> [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vpmsece.dll] <Symantec Corporation><8.1.0.821> [C:\WINDOWS\system32\wshcon32.dll] <><4, 0, 0, 0> [PID: 2536][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] <Intel Corporation><9, 0, 1, 10> [PID: 3884][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 2788][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [C:\WINDOWS\system32\wshcon32.dll] <><4, 0, 0, 0> [PID: 1812][C:\Program Files\MYIE2\MyIE.exe] <MY Soft Technology><0, 9, 27, 68> [C:\Program Files\MYIE2\Plugin\ViewSource\ViewSrc.dll] <><1, 0, 0, 1> [C:\Program Files\MYIE2\Plugin\uc\uc.dll] <><1, 0, 0, 1> [C:\Program Files\MYIE2\Services\RealTime\real_time.dll] <><1, 0, 0, 1> [C:\WINDOWS\system32\wshcon32.dll] <><4, 0, 0, 0> [C:\Program Files\Chinagames\iGame\flash.ocx] <Macromedia, Inc.><7,0,19,0> [C:\WINDOWS\system32\UNISPIM.IME] <北京清华紫光软件股份有限公司><3.0.0.3045> [C:\WINDOWS\system32\upengine.dll] <北京清华紫光软件股份有限公司><3.0.0.3045> [PID: 6708][C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE] <Microsoft Corporation><11.0.8026> [C:\Program Files\Kingsoft\Powerword 2003\PWOffice2.dll] <Kingsoft Co, Ltd.><6, 0, 0, 0> [C:\Program Files\Microsoft Office\OFFICE11\STARTUP\MathPage.wll] <N/A><N/A> [C:\WINDOWS\system32\UNISPIM.IME] <北京清华紫光软件股份有限公司><3.0.0.3045> [PID: 15568][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [C:\WINDOWS\system32\wshcon32.dll] <><4, 0, 0, 0> [PID: 33540][E:\sreng2\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505> [C:\WINDOWS\system32\wshcon32.dll] <><4, 0, 0, 0> ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP Error. [C:\WINDOWS\winhlp32.exe %1] .INI Error. [C:\WINDOWS\NOTEPAD.EXE %1] .INF Error. [C:\WINDOWS\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 ==================================
liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:

我无邪高贵耄耋狮帖子:20720 注册: 2004-06-10 来自:广西玉林	发表于： 2006-08-09 21:22 \| 短消息资料字号：小中大 12楼运行(双击)System Repair Engineer，点“启动项目，服务，点“Win32服务应用程序”勾选“隐藏微软服务”选中病毒服务Network Connection100011，选择“删除服务”点“设置”选择“否” 下载超级兔子。 http://www.pctutu.com/srmsdown.asp 安装好后，打开“超级兔子清理王”“专业卸载,卸载所有提示的垃圾软件，卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载。卸载完后进入安全模式运行(双击)System Repair Engineer，使用“启动项目，注册表”来删除以下选项。 C:\WINDOWS\svchost.exe C:\WINDOWS\system32\sysmini.exe 运行(双击)System Repair Engineer，使用“启动项目，注册表”选中要修复的项， C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\mouser.exe 点“编辑”在“值”里删除C:\WINDOWS\system32\mouser.exe 删除 C:\WINDOWS\system32\mouser.exe C:\WINDOWS\svchost.exe C:\WINDOWS\system32\sysmini.exe C:\WINDOWS\system32\lm 直接在安全模式运行WinsockXPFix 重启后，再扫份日志粘上来。
我无邪高贵耄耋狮帖子:20720 注册: 2004-06-10 来自:广西玉林

liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:	发表于： 2006-08-09 22:15 \| 只看楼主短消息资料字号：小中大 13楼 Logfile of HijackThis v1.99.1 Scan saved at 22:03:46, on 2006-8-9 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE F:\Apache2\bin\Apache.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe F:\Apache2\bin\Apache.exe C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\svchost.exe E:\ha_hijackthis_1991\HijackThis.exe C:\WINDOWS\System32\regsvr32.exe R3 - Default URLSearchHook is missing F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\mouser.exe O2 - BHO: (no name) - {14A21378-5BB1-4BC4-95D5-5D3F51527F6F} - (no file) O2 - BHO: MyIEHelper Class - {16A770A0-0E87-4278-B748-2460D64A8386} - C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4558.dll (file missing) O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing) O3 - Toolbar: 超级兔子上网精灵 - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll O3 - Toolbar: &IE修复专家 - {123249EB-F891-44C4-946F-450064F9080E} - C:\PROGRA~1\IE修复~1\IERBar.dll (file missing) O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM\..\Run: [KernelFaultCheck] ; %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [dla] ; C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [91cast] ; O4 - HKLM\..\Run: [CnsMin] ; Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32 O4 - HKLM\..\Run: [IMSCMig] ; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - HKLM\..\Run: [pbmini] ; C:\Program Files\pcast\PodcastbarMini\PodcastBar.exe -hide O4 - HKLM\..\Run: [CdnCtr] ; C:\Program Files\CNNIC\Cdn\cdnup.exe O4 - HKLM\..\Run: [MSConfig] ; C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKLM\..\Run: [vptray] ; ; C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe O4 - HKLM\..\Run: [yassistse] ; ; "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe" O4 - HKCU\..\Run: [ctfmon.exe] ; C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NetCounter] ; c:\Program Files\NetCounter\NetCount.exe O8 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\qq\AddToNetDisk.htm O8 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\qq\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\qq\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\qq\SendMMS.htm O9 - Extra button: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing) O9 - Extra 'Tools' menuitem: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing) O11 - Options group: [CDNCLIENT] 中文上网 O14 - IERESET.INF: SEARCH_PAGE_URL= O14 - IERESET.INF: START_PAGE_URL= O18 - Protocol: dic - {C21F5C32-F57A-4A0D-8E0A-B672691C52D0} - C:\PROGRA~1\Kingsoft\POWERW~1\XDictExB.dll O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apache2 - Unknown owner - F:\Apache2\bin\Apache.exe" -k runservice (file missing) O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: WLANKEEPER - Intel? Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:

liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:	发表于： 2006-08-09 22:17 \| 只看楼主短消息资料字号：小中大 14楼在上面的步骤中，没有看到C:\WINDOWS\svchost.exe C:\WINDOWS\system32\sysmini.exe 删除了C:\WINDOWS\system32\mouser.exe
liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:

我无邪高贵耄耋狮帖子:20720 注册: 2004-06-10 来自:广西玉林	发表于： 2006-08-09 22:29 \| 短消息资料字号：小中大 15楼扫份System Repair Engineer的日志粘上来。
我无邪高贵耄耋狮帖子:20720 注册: 2004-06-10 来自:广西玉林

liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:	发表于： 2006-08-09 22:34 \| 只看楼主短消息资料字号：小中大 16楼 2006-08-09,22:24:08 System Repair Engineer 2.0.21.505 (2.0 RC 2) Smallfrogs (http://www.KZTechs.com) Windows XP Home Edition Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation] <NetCounter><; c:\Program Files\NetCounter\NetCount.exe> [] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [] <run><> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <KernelFaultCheck><; %systemroot%\system32\dumprep 0 -k> [] <dla><; C:\WINDOWS\system32\dla\tfswctrl.exe> [Sonic Solutions] <91cast><; > [] <CnsMin><; Rundll32.exe C:\WINDOWS\DOWNLO~1\CnsMin.dll,Rundll32> [] <IMSCMig><; C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [Microsoft Corporation] <pbmini><; C:\Program Files\pcast\PodcastbarMini\PodcastBar.exe -hide> [] <CdnCtr><; C:\Program Files\CNNIC\Cdn\cdnup.exe> [] <MSConfig><; C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto> [Microsoft Corporation] <vptray><; ; C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe> [Symantec Corporation] <yassistse><; ; "C:\PROGRA~1\Yahoo!\Assistant\yassistse.exe"> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [Microsoft Corporation] <Userinit><C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\mouser.exe> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [Microsoft Corporation] ================================== 启动文件夹服务 [Adobe LM Service / Adobe LM Service] <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><N/A> [Apache2 / Apache2] <"F:\Apache2\bin\Apache.exe" -k runservice><Apache Software Foundation> [C-DillaSrv / C-DillaSrv] <C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE><C-Dilla Ltd> [DefWatch / DefWatch] <C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe><Symantec Corporation> [EvtEng / EvtEng] <C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation> [Symantec AntiVirus Client / Norton AntiVirus Server] <C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe><Symantec Corporation> [RegSrvc / RegSrvc] <C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation> [Spectrum24 Event Monitor / S24EventMonitor] <C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation> [WLANKEEPER / WLANKEEPER] <C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe><Intel? Corporation> ================================== 浏览器加载项 [MyIEHelper Class] {16A770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4558.dll, N/A> [CdnForIE Class] {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, N/A> [CdnForIE Class] {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, N/A> [超级兔子上网精灵] {43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, Xiang Feng Technology> [&IE修复专家] {123249EB-F891-44C4-946F-450064F9080E} <C:\PROGRA~1\IE修复~1\IERBar.dll, N/A> [Query Class] {01C2F1E8-5C69-4B5C-B052-26941B6C23A6} <C:\WINDOWS\system32\iequery.dll, N/A> [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx, > [Web Browser Applet Control] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation> [&IE修复专家] {123249EB-F891-44C4-946F-450064F9080E} <C:\PROGRA~1\IE修复~1\IERBar.dll, N/A> [MyIEHelper Class] {16A770A0-0E87-4278-B748-2460D64A8386} <C:\Documents and Settings\All Users\Application Data\Microsoft\IEHelper\IEHelper_4558.dll, N/A> [Windows Genuine Advantage Validation Tool] {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation> [FltSetUp Class] {1D49D58D-5C84-4B50-8359-D9809BEB2B32} <C:\Program Files\Internet Explorer\Connection Wizard\icwuti1.dll, N/A> [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation> [PowerPlr Control] {2354A44B-3CEB-4829-9940-545B03103538} <C:\WINDOWS\DOWNLO~1\PowerPlr.ocx, Powerise Digital> [IExpress] {27E96DE0-8211-42CF-9A1E-FA6246A95B77} <C:\WINDOWS\system32\iexpress.dll, N/A> [超级兔子上网精灵] {43869BB3-22FD-4F15-9B46-238106BA2F4E} <C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, Xiang Feng Technology> [HHCtrl Object] {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation> [QQBrowserHelperObject Class] {54EBD53A-9BC1-480B-966A-843A333CA162} <C:\Program Files\Tencent\QQ\QQIEHelper.dll, N/A> [Shell Name Space] {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A> [CdnForIE Class] {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, N/A> [DriveLetterAccess] {5CA3D70E-1895-11CF-8E15-001234567890} <C:\WINDOWS\system32\dla\tfswshx.dll, Sonic Solutions> [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation> [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [超级兔子上网精灵] {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll, Xiang Feng Technology> [Microsoft Web 浏览器] {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation> [Mini PPGou BHO] {92FB5F8F-8254-4978-9C50-03D9B0405062} <C:\PROGRA~1\MINIPP~1\MINIPP~1.DLL, N/A> [WinSC Class] {9ACEEE31-1440-471B-AA46-72B061FE7D61} <C:\WINDOWS\system32\WinSC.dll, N/A> [WAB Importer/Exporter] {AA158CA5-93B4-4CD4-8D8C-BB6F9F515213} <C:\WINDOWS\System32\wabimp.dll, N/A> [Microsoft Scriptlet Component] {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation> [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A> [Flash 8 ocx ] {B8CCDD47-38E4-4CD2-B7FA-3B4B690F74BD} <C:\WINDOWS\system32\flash8.dll, N/A> [VIDEO__X_MS_WMV Moniker Class] {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Program Files\Chinagames\iGame\flash.ocx, Macromedia, Inc.> [IEHlprObj Class] {D424FE4E-CAF9-4FDD-BC5F-E6E6B91D53BF} <C:\Progra~1\NetMeeting\conf.dll, N/A> [DuiSo.com Search] {E2218499-2FD4-4EED-A94A-7F0B9C6E300E} <C:\WINDOWS\system32\Inte32.dll, N/A> [BHelper Class] {F2E37336-BFDB-409B-8D0E-6F013C438B20} <C:\WINDOWS\system32\9bfo9e50.dll, N/A> [google bar] {F651FCAA-F826-4922-8990-C6F99CC67AFC} <C:\WINDOWS\Win32ef.dll, N/A> [google bar] {FAD11F89-F11E-4A15-92FB-6F0EDC4C8D59} <C:\WINDOWS\vwwreg.dll, N/A> [AdSwpr] {FCADDC14-BD46-408A-9842-CDBE1C6D37EB} <C:\PROGRA~1\IE修复~1\IERBar.dll, N/A> [上传到QQ网络硬盘] <C:\Program Files\Tencent\qq\AddToNetDisk.htm, N/A> [添加到QQ自定义面板] <C:\Program Files\Tencent\qq\AddPanel.htm, N/A> [添加到QQ表情] <C:\Program Files\Tencent\qq\AddEmotion.htm, N/A> [用QQ彩信发送该图片] <C:\Program Files\Tencent\qq\SendMMS.htm, N/A>
liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:

liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:	发表于： 2006-08-09 22:35 \| 只看楼主短消息资料字号：小中大 17楼 ================================== 正在运行的进程 [PID: 308][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 552][\??\C:\WINDOWS\system32\csrss.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 576][\??\C:\WINDOWS\system32\winlogon.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 620][C:\WINDOWS\system32\services.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 632][C:\WINDOWS\system32\lsass.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 804][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 860][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 968][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 1124][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] <Intel Corporation><9, 0, 1, 12> [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] <Intel Corporation><9, 0, 1, 14> [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] <Intel Corporation><9, 0, 1, 22> [PID: 1168][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] <Intel Corporation ><9, 0, 1, 41> [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] <Intel Corporation><9, 0, 1, 22> [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] <Intel Corporation><9, 0, 1, 14> [PID: 1228][C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe] <Intel? Corporation><9, 0, 1, 14> [C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] <Intel Corporation><9, 0, 1, 45> [C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] <Intel Corporation><9, 0, 1, 22> [C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] <Intel Corporation><9, 0, 1, 14> [C:\Program Files\Intel\Wireless\Bin\MurocApi.dll] <Intel Corporation><9, 0, 1, 54> [C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] <Intel Corporation><9, 0, 1, 7> [C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll] <Intel Corporation><9, 0, 1, 31> [C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll] <Intel Corporation><9, 0, 1, 31> [C:\Program Files\Intel\Wireless\Bin\LSAWRAPI.dll] <Intel Corporation><9, 0, 1, 1> [C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL] <N/A><N/A> [PID: 1292][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 1416][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 1620][C:\WINDOWS\system32\spoolsv.exe] <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)> [PID: 1728][C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe] <Intel><9, 0, 1, 33> [C:\PROGRA~1\Intel\Wireless\Bin\IntelAE5.dll] <Meetinghouse Data Communications><3, 0, 0, 40> [C:\PROGRA~1\Intel\Wireless\Bin\TraceAPI.DLL] <Intel Corporation><9, 0, 1, 22> [C:\PROGRA~1\Intel\Wireless\Bin\PsRegApi.dll] <Intel Corporation><9, 0, 1, 14> [C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL] <N/A><N/A> [PID: 268][C:\WINDOWS\Explorer.EXE] <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 1520][F:\Apache2\bin\Apache.exe] <Apache Software Foundation><2.0.52> [F:\Apache2\bin\libapr.dll] <Apache Software Foundation><0.0.0.0> [F:\Apache2\bin\libaprutil.dll] <Apache Software Foundation><0.0.0.0> [F:\Apache2\bin\libapriconv.dll] <Apache Software Foundation><0.0.0.0> [F:\Apache2\bin\libhttpd.dll] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_access.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_actions.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_alias.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_asis.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_auth.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_autoindex.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_cgi.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_dir.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_env.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_imap.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_include.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_isapi.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_log_config.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_mime.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_negotiation.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_setenvif.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_userdir.so] <Apache Software Foundation><2.0.52> [PID: 1460][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [c:\windows\system32\tasklist.dll] <N/A><N/A> [PID: 1604][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 1664][C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE] <C-Dilla Ltd><3.24.010> [PID: 1684][C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe] <Symantec Corporation><8.1.0.821> [PID: 1696][F:\Apache2\bin\Apache.exe] <Apache Software Foundation><2.0.52>
liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:

liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:	发表于： 2006-08-09 22:35 \| 只看楼主短消息资料字号：小中大 18楼 [F:\Apache2\bin\libapr.dll] <Apache Software Foundation><0.0.0.0> [F:\Apache2\bin\libaprutil.dll] <Apache Software Foundation><0.0.0.0> [F:\Apache2\bin\libapriconv.dll] <Apache Software Foundation><0.0.0.0> [F:\Apache2\bin\libhttpd.dll] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_access.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_actions.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_alias.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_asis.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_auth.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_autoindex.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_cgi.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_dir.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_env.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_imap.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_include.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_isapi.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_log_config.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_mime.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_negotiation.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_setenvif.so] <Apache Software Foundation><2.0.52> [F:\Apache2\modules\mod_userdir.so] <Apache Software Foundation><2.0.52> [PID: 2276][C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe] <Symantec Corporation><8.1.0.821> [C:\WINDOWS\system32\CBA.DLL] <Intel? Corporation><6.12.0.105 E> [C:\WINDOWS\system32\MsgSys.dll] <Intel? Corporation><6.12.0.105 E> [C:\WINDOWS\system32\NTS.dll] <Intel? Corporation><6.12.0.105 E> [C:\WINDOWS\system32\PDS.DLL] <Intel? Corporation><6.12.0.105 E> [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVLU.dll] <Symantec Corporation><8.1.0.821> [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVNTUTL.DLL] <Symantec/Peter Norton Group><1, 0, 0, 1> [C:\PROGRA~1\SYMANT~1\SYMANT~1\i2ldvp3.dll] <Symantec Corporation><8.1.0.821> [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAPI32.DLL] <Symantec Corp.><4.2.0.7> [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060520.005\NAVEX32a.DLL] <Symantec Corporation><20061.1.0.14> [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060520.005\NAVENG32.DLL] <Symantec Corporation><20061.1.0.14> [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP32.DLL] <Symantec Corporation><9.1.0.26> [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NotesExt.dll] <Symantec Corporation><8.1.0.821> [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vpmsece.dll] <Symantec Corporation><8.1.0.821> [PID: 2348][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] <Intel Corporation><9, 0, 1, 10> [PID: 2360][C:\WINDOWS\System32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 3100][C:\WINDOWS\system32\svchost.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 3380][C:\WINDOWS\System32\alg.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 3612][C:\Program Files\MYIE2\MyIE.exe] <MY Soft Technology><0, 9, 27, 68> [C:\Program Files\MYIE2\Plugin\ViewSource\ViewSrc.dll] <><1, 0, 0, 1> [C:\Program Files\MYIE2\Plugin\uc\uc.dll] <><1, 0, 0, 1> [C:\Program Files\MYIE2\Services\RealTime\real_time.dll] <><1, 0, 0, 1> [C:\Program Files\Chinagames\iGame\flash.ocx] <Macromedia, Inc.><7,0,19,0> [PID: 884][C:\WINDOWS\system32\wuauclt.exe] <Microsoft Corporation><5.8.0.2607 built by: dnsrv(wmbla)> [PID: 4204][C:\WINDOWS\system32\wbem\wmiprvse.exe] <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)> [PID: 5396][E:\sreng2\SREng2\SREng.exe] <Smallfrogs Studio><2.0.21.505> ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP Error. [C:\WINDOWS\winhlp32.exe %1] .INI Error. [C:\WINDOWS\NOTEPAD.EXE %1] .INF Error. [C:\WINDOWS\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 ==================================
liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:

我无邪高贵耄耋狮帖子:20720 注册: 2004-06-10 来自:广西玉林	发表于： 2006-08-09 22:41 \| 短消息资料字号：小中大 19楼下载超级兔子。 http://www.pctutu.com/srmsdown.asp 安装好后，打开“超级兔子清理王”“专业卸载,卸载所有提示的垃圾软件，卸载是不要打开任何浏览窗口。卸载不了可以重启后再去卸载。卸载完后重启再扫份日志粘上来。烦把C:\WINDOWS\system32\mouser.exe这个东东用WINRAR打包发到twtxk@126.com来，谢谢
我无邪高贵耄耋狮帖子:20720 注册: 2004-06-10 来自:广西玉林

liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:	发表于： 2006-08-09 22:48 \| 只看楼主短消息资料字号：小中大 20楼我用了超级兔子卸载了所有软件，但是有IE插件和win survey这两个无论如何也卸载不掉，兔子提示已经卸载，但是仍然存在。要发的东东马上给你发来。
liuhao199 初生襁褓狮帖子:21 注册: 2006-08-08 来自:

<<上一主题|下一主题>>

2 / 4 页

跳转页

页面顶部

Powered by Discuz!NT