1   1  /  1  页   跳转

老是跑出什么信使服务,怎么办

收藏
长毛飞鹰
头像
初生襁褓狮
  • 帖子:46
  • 注册: 2005-11-07
  • 来自:
发表于: 2006-04-10 00:20 | 只看楼主 短消息 资料
字号: 1楼

老是跑出什么信使服务,怎么办

我的电脑现在老是跑出什么信使服务,这是怎么回事,请高手帮我看看。以下是我扫的LOG
2006-04-10,00:18:43

System Repair Engineer 2.0.12.350 (2.0 RC 1)
    Windows XP Professional Service Pack 1 - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <><regedit -s C:\$NtUninstallQ5926809$\sp4custom.dll>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <load><>
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <run><>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <CnsMin><Rundll32.exe C:\WINDOWS\downlo~1\CnsMin.dll,Rundll32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <vptray><C:\PROGRA~1\SYMANT~1\VPTray.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002ASync><rem C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002A><rem C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <nwiz><rem nwiz.exe /install>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IMJPMIG8.1><rem "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <><regedit -s C:\$NtUninstallQ5926809$\sp4custom.dll>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <NTdhcp><C:\WINDOWS\System32\NTdhcp.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
  <UserInit><usrinit.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINDOWS\system32\userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>

==================================
启动文件夹
服务
[Symantec Event Manager / ccEvtMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe"><Symantec Corporation>
[Symantec Password Validation / ccPwdSvc]
  <"C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe"><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr]
  <"C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe"><Symantec Corporation>
[Symantec AntiVirus Definition Watcher / DefWatch]
  <"C:\Program Files\Symantec AntiVirus\DefWatch.exe"><Symantec Corporation>
[NVIDIA Driver Helper Service / NVSvc]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[SavRoam / SavRoam]
  <"C:\Program Files\Symantec AntiVirus\SavRoam.exe"><symantec>
[Symantec Network Drivers Service / SNDSrvc]
  <"C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe"><Symantec Corporation>
[Symantec AntiVirus / Symantec AntiVirus]
  <"C:\Program Files\Symantec AntiVirus\Rtvscan.exe"><Symantec Corporation>

==================================
浏览器加载项
[IeCatch2 Class]
  {A5366673-E8CA-11D3-9CD9-0090271D075B} <D:\PROGRA~1\FLASHGET\jccatch.dll, Amaze Soft>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\PROGRA~1\3721\assist\asbar.dll, 3721>
[CnsHook Class]
  {D157330A-9EF3-49F8-9A67-4141AC41ADD4} <C:\WINDOWS\downlo~1\CnsHook.dll, 北京三七二一科技有限公司>
[豪杰超级解霸9]
  {367E0A21-8601-4986-9C9A-153BF5ACA118} <d:\Program Files\Herosoft\Hero 9\STHSDVD.EXE, herosoft>
[Yahoo 1G电邮]
  {507F9113-CD77-4866-BA92-0E86DA3D0B97} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail, N/A>
[寻宝乐趣多]
  {59BC54A2-56B3-44a0-93E5-432D58746E26} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=taobao, N/A>
[雅虎助手]
  {5D73EE86-05F1-49ed-B850-E423120EC338} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist, N/A>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\游戏\QQ\QQ.EXE, TENCENT>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <D:\PROGRA~1\FLASHGET\flashget.exe, Amaze Soft>
[QQIEFloatBarCfgCmd Class]
  {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} <E:\游戏\QQ\QQIEHelper.dll, 深圳市腾讯计算机系统有限公司>
[情景聊天]
  {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} <http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/, N/A>
[]
  {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair, N/A>
[]
  {FD00D911-7529-4084-9946-A29F1BDF4FE5} <http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[FlashGet Bar]
  {E0E899AB-F487-11D5-8D29-0050BA6940E3} <D:\PROGRA~1\FLASHGET\fgiebar.dll, Amaze Soft>
[上网助手]
  {BB936323-19FA-4521-BA29-ECA6A121BC78} <C:\PROGRA~1\3721\assist\asbar.dll, 3721>
[BitCometBar]
  {3F1ABCDB-A875-46c1-8345-B72A4567E486} <F:\BT\BitComet\BitCometBar\BitCometBar0.3.dll, N/A>
[YInstStarter Class]
  {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} <C:\WINDOWS\Downloaded Program Files\yinsthelper.dll, Yahoo! Inc.>
[WebActivater Control]
  {3D8F74EE-8692-4F8F-B8D2-7522E732519E} <C:\WINDOWS\System32\WEBACT~1.OCX, QQ>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\macromed\flash\Flash.ocx, Macromedia, Inc.>
[VqqSpeedDlProxy Class]
  {F138084D-84D7-48CD-BEA8-04772457516E} <C:\WINDOWS\vqqsdl.dll, Tencent>
[上传到QQ网络硬盘]
  <E:\游戏\QQ\AddToNetDisk.htm, N/A>
[使用网际快车下载]
  <D:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <D:\Program Files\FlashGet\jc_all.htm, N/A>
[使用超级解霸播放]
  <d:\Program Files\Herosoft\Hero 9\MPURLGET.HTM, N/A>
[添加到QQ自定义面板]
  <E:\游戏\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
  <E:\游戏\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
  <E:\游戏\QQ\SendMMS.htm, N/A>
最后编辑2006-04-10 00:21:57
分享到:
gototop
 
长毛飞鹰
头像
初生襁褓狮
  • 帖子:46
  • 注册: 2005-11-07
  • 来自:
发表于: 2006-04-10 00:20 | 只看楼主 短消息 资料
字号: 2楼

==================================
正在运行的进程
[PID: 424][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 488][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 512][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\System32\NavLogon.dll]  <Symantec Corporation><9.0.0.338>
[PID: 556][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 568][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 732][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 784][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 860][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 884][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1060][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
    [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll]  <Windows (R) 2000 DDK provider><5.00.2195.1620>
[PID: 1360][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 2, 6>
    [C:\WINDOWS\downlo~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 2, 4>
    [d:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  <Symantec Corporation><9.0.0.338>
    [D:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
[PID: 1524][C:\WINDOWS\System32\Rundll32.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 2, 6>
    [C:\WINDOWS\downlo~1\CnsMinIO.dll]  <北京三七二一科技有限公司><1, 0, 3, 4>
    [C:\WINDOWS\downlo~1\cnsio.dll]  <北京三七二一科技有限公司><1, 0, 2, 5>
[PID: 1964][C:\Program Files\Symantec AntiVirus\DefWatch.exe]  <Symantec Corporation><9.0.0.338>
[PID: 2032][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 164][C:\Program Files\Symantec AntiVirus\Rtvscan.exe]  <Symantec Corporation><9.0.0.338>
    [C:\WINDOWS\System32\CBA.DLL]  <Intel? Corporation><6.12.0.112 E>
    [C:\WINDOWS\System32\MsgSys.dll]  <Intel? Corporation><6.12.0.112 E>
    [C:\WINDOWS\System32\NTS.dll]  <Intel? Corporation><6.12.0.112 E>
    [C:\WINDOWS\System32\PDS.DLL]  <Intel? Corporation><6.12.0.112 E>
    [C:\Program Files\Symantec AntiVirus\NAVLU.dll]  <Symantec Corporation><9.0.0.338>
    [C:\Program Files\Symantec AntiVirus\I2ldvp3.dll]  <Symantec Corporation><9.0.0.338>
    [C:\Program Files\Symantec AntiVirus\ecmldr32.DLL]  <Symantec Corp.><1.1.0.3>
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  <Symantec Corporation><9.3.0.28>
    [C:\Program Files\Symantec AntiVirus\NAVNTUTL.DLL]  <Symantec Corporation><9.0.0.338>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060406.006\ecmsvr32.dll]  <Symantec Corporation><61.1.0.11>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060406.006\NAVEX32a.DLL]  <Symantec Corporation><20061.1.0.14>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060406.006\NAVENG32.DLL]  <Symantec Corporation><20061.1.0.14>
    [C:\Program Files\Symantec AntiVirus\IMail.dll]  <Symantec Corporation><9.0.0.338>
    [C:\Program Files\Symantec AntiVirus\NotesExt.dll]  <Symantec Corporation><9.0.0.338>
    [C:\Program Files\Symantec AntiVirus\vpmsece.dll]  <Symantec Corporation><9.0.0.338>
    [C:\Program Files\Common Files\Symantec Shared\SSC\scandlgs.dll]  <Symantec Corporation><9.0.0.338>
    [C:\Program Files\Symantec AntiVirus\DecSDK.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2ID.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2ZIP.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2SS.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2GZIP.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2CAB.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2LHA.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2ARJ.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2TNEF.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2LZ.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2AMG.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2TAR.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2RTF.dll]  <Symantec Corporation><3.02.11.32>
    [C:\Program Files\Symantec AntiVirus\Dec2Text.dll]  <Symantec Corporation><3.02.11.32>
[PID: 760][C:\PROGRA~1\SYMANT~1\VPTray.exe]  <Symantec Corporation><9.0.0.338>
    [C:\Program Files\Symantec AntiVirus\SAVRT32.DLL]  <Symantec Corporation><9.3.0.28>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 2, 6>
    [C:\Program Files\Symantec AntiVirus\Cliscan.dll]  <Symantec Corporation><9.0.0.338>
    [C:\PROGRA~1\SYMANT~1\NAVNTUTL.DLL]  <Symantec Corporation><9.0.0.338>
    [C:\Program Files\Symantec AntiVirus\Cliproxy.dll]  <Symantec Corporation><9.0.0.338>
    [C:\WINDOWS\downlo~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 2, 4>
[PID: 836][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3018>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 2, 6>
[PID: 1176][C:\WINDOWS\System32\NTdhcp.exe]  <N/A><N/A>
[PID: 1220][C:\WINDOWS\System32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 2, 6>
[PID: 1812][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 2, 6>
    [C:\WINDOWS\downlo~1\CnsHint.dll]  <3721><1, 0, 0, 4>
    [C:\WINDOWS\downlo~1\cnsplus.dll]  <3721><1, 0, 0, 2>
    [C:\PROGRA~1\3721\assist\asbar.dll]  <3721><1, 0, 1, 1001>
    [C:\PROGRA~1\3721\assist\tbwrap.dll]  <3721><1, 0, 0, 2>
    [C:\PROGRA~1\3721\assist\asnoad.dll]  <><1, 0, 0, 5>
    [C:\PROGRA~1\3721\assist\aswiper.dll]  <3721><1, 0, 0, 1>
    [C:\PROGRA~1\3721\assist\asiesec.dll]  <yahoo><1, 0, 0, 9>
    [D:\PROGRA~1\FLASHGET\jccatch.dll]  <Amaze Soft><1, 1, 4, 0>
    [C:\WINDOWS\downlo~1\CnsHook.dll]  <北京三七二一科技有限公司><1, 0, 2, 4>
    [C:\WINDOWS\System32\macromed\flash\Flash.ocx]  <Macromedia, Inc.><7,0,19,0>
[PID: 1748][d:\Program Files\WinRAR\WinRAR.exe]  <N/A><N/A>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 2, 6>
[PID: 1264][C:\DOCUME~1\abc\LOCALS~1\Temp\Rar$EX00.016\SREng.exe]  <Smallfrogs Studio><2.0.12.350>
    [C:\WINDOWS\downlo~1\CnsMin.dll]  <北京三七二一科技有限公司><1, 5, 2, 6>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
gototop
 
mopery
头像
卡卡技术团队
  • 帖子:17737
  • 注册: 2005-12-06
  • 来自:New York
卡卡名人堂论坛9周年纪念
发表于: 2006-04-10 00:21 | 短消息 资料
字号: 3楼

你机上不是有3721么...

  上3721 把信使关掉不就行了>???
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT