瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 “我的电脑”无法正常打开!带日志

1   1  /  1  页   跳转

[求助] “我的电脑”无法正常打开!带日志

“我的电脑”无法正常打开!带日志

前几天上网时突然,发现IE首页被更改,双击桌面上“我的电脑”图标,显示如下画面,


点击快捷方式上
显示桌面的图标出现下面画面,用360查杀木马发现有3个木马,处理后厚膜两个问题依然存在,求各为老
大帮忙!以下为日志!
[CODE]
2010-02-20,18:19:08
System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    Windows 安全更新检查
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>  [File is missing]
    <360Safetray><"C:\Program Files\360\360Safe\safemon\360tray.exe" /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe">  [(Verified)Kaspersky Lab]
    <BigDogPath><C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera>  [File is missing]
    <eLiveSafe><"C:\Program Files\ChinaTelecom\eLive\PlugIns\Safe\beikeloader.exe" -launchedbylogin>  [(Verified)Beike Internet Security Technology Co.,Ltd]
    <360Safebox><"C:\Program Files\360Safebox\SafeBoxTray.exe" /r>  [(Verified)Qizhi Software (beijing) Co. Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\TIME.SCR>  []

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
分享到:
gototop
 

回复:“我的电脑”无法正常打开!带日志

==================================
启动文件夹
N/A

==================================
服务
[卡巴斯基互联网安全套装 7.0 / AVP][Running/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r><Kaspersky Lab>
[C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start]
  <C:\WINDOWS\system32\drivers\CDAC11BA.EXE><Macrovision>
[eLive Security Service / eLiveSafe][Running/Auto Start]
  <"C:\Program Files\ChinaTelecom\eLive\PlugIns\Safe\elivesafe.exe"><贝壳网际(北京)安全技术有限公司>
[ms NCPA / NCPA][Stopped/Auto Start]
  <><(File is missing)>
[system Security Center / system Security Center  ][Stopped/Auto Start]
  <><(File is missing)>
[主动防御 / ZhuDongFangYu][Running/Auto Start]
  <"C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe"><360.cn>

==================================
驱动程序
[360SelfProtection / 360SelfProtection][Running/System Start]
  <system32\drivers\360SelfProtection.sys><360安全中心>
[BAPIDRV / BAPIDRV][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\BAPIDRV.SYS><360.cn>
[CdaC15BA / CdaC15BA][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS><Macrovision Europe Ltd>
[C-Media PCI Audio Driver (WDM) / cmpci][Running/Manual Start]
  <system32\drivers\cmaudio.sys><C-Media Inc>
[EfiSystemMon / EfiMon][Running/System Start]
  <System32\Drivers\Efimon.sys><奇虎网>
[HookPort / HookPort][Running/Boot Start]
  <\SystemRoot\System32\Drivers\Hookport.sys><360安全中心>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start]
  <system32\DRIVERS\klim5.sys><Kaspersky Lab>
[Netgroup Packet Filter / NPF][Running/Manual Start]
  <system32\drivers\npf.sys><Politecnico di Torino>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><N/A>
[Protector / Protector][Running/System Start]
  <system32\drivers\Protector.sys><N/A>
[ProtectorA / ProtectorA][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\ProtectorA.sys><www.ISRA.org.cn>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Quantum DeepScanner Servers / quxxxserv][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\quxxxrv.sys><360.cn>
[qutmipc / qutmipc][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\qutmipc.sys><360安全中心>
[USB Token 32 Holder Service / R6BaseSmc][Running/Manual Start]
  <system32\DRIVERS\smccarda.sys><OEM>
[Realtek RTL8029(AS)-based PCI Ethernet Adapter NT Driver / rtl8029][Running/Manual Start]
  <system32\DRIVERS\RTL8029.SYS><Realtek Semiconductor Corporation>
[USB Token 32 Device Service / Ry6_USB][Stopped/Manual Start]
  <system32\DRIVERS\Ry6USB.sys><>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
  <System32\Drivers\SafeBoxKrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SiS315 / SiS315][Running/Manual Start]
  <system32\DRIVERS\sisgrp.sys><Silicon Integrated Systems Corporation>
[SiSkp / SiSkp][Running/System Start]
  <system32\DRIVERS\srvkp.sys><Silicon Integrated Systems Corporation>
[SiS PCI Fast Ethernet Adapter Driver / SISNIC][Stopped/Manual Start]
  <system32\DRIVERS\sisnic.sys><SiS Corporation>
[D-Link WLAN USB Boot Device / TIAcxubt][Stopped/Manual Start]
  <System32\Drivers\tiacxubt.sys><N/A>
[D-Link AirPlus DWL-120+ Wireless USB Adapter / TIACXUSB][Stopped/Manual Start]
  <System32\Drivers\tiacxusb.sys><N/A>
[TSKSP / TSKSP][Stopped/Manual Start]
  <\??\C:\Program Files\Tencent\QQ\QQDoctor\TSKSP.sys><N/A>
[uls8ua / uls8ua][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\uls8ua.sys><N/A>
[VIMICRO USB PC Camera / ZSMC302][Stopped/Manual Start]
  <System32\Drivers\usbVM31b.sys><VM>

==================================
浏览器加载项
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\Program Files\FlashGet\jccatch.dll, FlashGet>
[VnetCookie Class]
  {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, N/A>
[BOC ProcessProtect Class]
  {776B71E2-B4CC-4C94-BC7C-09103AA690B6} <C:\WINDOWS\system32\ProcessProtection.dll, (Signed) www.ISRA.org.cn>
[Windows Live 登录帮助程序]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360\360Safe\safemon\safemon.dll, (Signed) 360安全中心>
[Web 反病毒统计]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll, (Signed) Kaspersky Lab>
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[启动WEB迅雷]
  {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} <http://my.xunlei.com, N/A>
[FlashGet]
  {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} <C:\Program Files\FlashGet\flashget.exe, FlashGet.com>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Edit Class]
  {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <C:\WINDOWS\system32\CMBEdit.dll, >
[UploadAgent.MultiUpload]
  {19576354-001A-48F0-9727-29D0D4EBEA8A} <C:\WINDOWS\Downloaded Program Files\UploadAgent.ocx, 我的相册(北京)科技有限公司>
[SpdbUtility Control]
  {1AB36BBC-ABCB-4B10-AB46-7B2C4ED662F3} <C:\WINDOWS\system32\SPDBSA~1.OCX, CSII>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[PortalCom AAA 1.0]
  {414E7D87-8073-4EFB-9E4B-C8DF04C979EE} <C:\WINDOWS\DOWNLO~1\PORTAL~1.OCX, Huawei Co. Ltd.>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[DigitalTrafic Control]
  {7FC22A16-79E6-4787-9C96-B6359BB1106D} <C:\WINDOWS\DOWNLO~1\DIGITA~1.OCX, Broad-way>
[UTPKES Control]
  {94BE7FE8-CF75-4FD3-8A41-9D5FE7135511} <C:\WINDOWS\DOWNLO~1\UTPKES.ocx, 广州科友科技股份有限公司>
[koaliisvsctrl Class]
  {9BA878B8-5AF3-43E6-8DB1-E7849E4C6A4B} <C:\WINDOWS\system32\koalii_svs_acx.dll, (Signed) >
[QQCertCtrl Class]
  {BAEA0695-03A4-43BB-8495-C7025E1A8F42} <C:\WINDOWS\system32\qqedit\qqcert.dll, (Signed) 腾讯科技(深圳)有限公司>
[Tencent Safety Online Base Module]
  {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} <C:\WINDOWS\DOWNLO~1\TSOBase.ocx, (Signed) Tencent Corporation>
[SMI MapView Control]
  {CA828031-4325-11D4-BDB2-00105A776E78} <C:\WINDOWS\Downloaded Program Files\SMIWMap.dll, 上海市测绘院基础地理信息中心, Shanghai Municipal Instatute of Surveying & Mapping,毕俊, 021-6254955>
[PowerPasswordX Control]
  {CB2E4748-5B57-492E-8155-A8A29B0DCB0A} <C:\WINDOWS\DOWNLO~1\POWERE~1.OCX, (Signed) CSII>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[safeInput Class]
  {ECCBA953-80E5-11D3-9285-0080ADB811C5} <C:\WINDOWS\Downloaded Program Files\SAFEIN~1.DLL, Beijing eChannels Century Technology Co.,Ltd>
[WebThunder Browser Helper]
  {00000AAA-A363-466E-BEF5-9BB68697AA7F} <C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[WebThunder Class]
  {03507A1A-E0C5-4404-AA26-205385C0892D} <, >
[]
  {05C1004E-2596-48E5-8E26-39362985EEB9} <, >
[CEnroll Class]
  {127698E4-E730-4E5C-A2B1-21490A70C8A1} <C:\WINDOWS\system32\xenroll.dll, (Signed) Microsoft Corporation>
[SpdbUtility Control]
  {1AB36BBC-ABCB-4B10-AB46-7B2C4ED662F3} <C:\WINDOWS\system32\SPDBSA~1.OCX, CSII>
[WWPicUploadCtrl Class]
  {1D63232D-4F15-4A42-890D-EE617AA1537D} <C:\Program Files\淘宝网\淘宝旺旺\modules\1685\WWPictureUpload.dll, Alibaba software (Shanghai) Corporation>
[iTrusPTA Class]
  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, (Signed) N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[WebThunder DapPlayer]
  {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <C:\Program Files\Thunder Network\WebThunder\DownAndPlay\DapPlayer3.0.5712.71.55.dll, ShenZhen Thunder Networking Technologies Ltd.>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\Program Files\FlashGet\jccatch.dll, FlashGet>
[RealPlayer RAM Download Handler]
  {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[IETag Factory]
  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[VnetCookie Class]
  {4E83D567-4697-4F7B-B1F0-A513B01DB89A} <c:\PROGRA~1\chinanet\VNETTR~1.DLL, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, (Signed) Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[WangWangX Class]
  {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <C:\Program Files\淘宝网\淘宝旺旺\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>
[]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <, >
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[PAid Class]
  {6BC568F9-096D-49BB-AEEC-0E8EEDEFFEA6} <C:\WINDOWS\system32\getmac.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[WBEM Scripting Sink]
  {75718C9A-F029-11D1-A1AC-00C04FB6C223} <C:\WINDOWS\system32\wbem\wbemdisp.dll, (Signed) Microsoft Corporation>
[WBEM Scripting Locator]
  {76A64158-CB41-11D1-8B02-00600806D9B6} <C:\WINDOWS\system32\wbem\wbemdisp.dll, (Signed) Microsoft Corporation>
[BOC ProcessProtect Class]
  {776B71E2-B4CC-4C94-BC7C-09103AA690B6} <C:\WINDOWS\system32\ProcessProtection.dll, (Signed) www.ISRA.org.cn>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360\360Safe\Safelive.dll, (Signed) >
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, (Signed) Microsoft Corporation>
[Windows Live 登录帮助程序]
  {9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[UTPKES Control]
  {94BE7FE8-CF75-4FD3-8A41-9D5FE7135511} <C:\WINDOWS\DOWNLO~1\UTPKES.ocx, 广州科友科技股份有限公司>
[]
  {962EFB8E-2683-42D4-AC74-AAA4C759B9C6} <, >
[koaliisvsctrl Class]
  {9BA878B8-5AF3-43E6-8DB1-E7849E4C6A4B} <C:\WINDOWS\system32\koalii_svs_acx.dll, (Signed) >
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\dapctrl.2.1.5801.53.(55).dll, ShenZhen Thunder Networking Technologies Ltd.>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360\360Safe\safemon\safemon.dll, (Signed) 360安全中心>
[QQCertCtrl Class]
  {BAEA0695-03A4-43BB-8495-C7025E1A8F42} <C:\WINDOWS\system32\qqedit\qqcert.dll, (Signed) 腾讯科技(深圳)有限公司>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[SMI MapView Control]
  {CA828031-4325-11D4-BDB2-00105A776E78} <C:\WINDOWS\Downloaded Program Files\SMIWMap.dll, 上海市测绘院基础地理信息中心, Shanghai Municipal Instatute of Surveying & Mapping,毕俊, 021-6254955>
[PowerPasswordX Control]
  {CB2E4748-5B57-492E-8155-A8A29B0DCB0A} <C:\WINDOWS\DOWNLO~1\POWERE~1.OCX, (Signed) CSII>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx, (Signed) Adobe Systems, Inc.>
[]
  {D6E814A0-E0C5-11D4-8D29-0050BA6940E3} <, >
[SpdbSafe Control]
  {D9497A57-607D-4F29-9F93-B05E5AF87308} <C:\WINDOWS\system32\SPDBSA~1.OCX, CSII>
[PlayerCtrl Class]
  {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <C:\Program Files\Tencent\QQMusic\QzoneMusic.dll, 深圳腾讯科技>
[BOC Edit Class]
  {E61E8363-041F-455C-8AD0-8A61F1D8E540} <C:\WINDOWS\system32\KeyboardProtection.dll, (Signed) www.ISRA.org.cn>
[PasswordEditCtrl Class]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, (Signed) 腾讯科技(深圳)有限公司>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.164.(55).dll, Thunder>
[]
  {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[上传到淘江湖相册]
  <C:\Program Files\淘宝网\淘宝旺旺\AddToAlbum.htm, N/A>
[使用Web迅雷下载]
  <C:\Program Files\Thunder Network\WebThunder\GetUrl.htm, N/A>
[使用Web迅雷下载全部链接]
  <C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加为阿里旺旺表情]
  <C:\Program Files\淘宝网\淘宝旺旺\AddNewEmotion.htm, N/A>
[添加到QQ表情]
  <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[添加到反广告条]
  <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm, N/A>
gototop
 

回复:“我的电脑”无法正常打开!带日志

==================================
正在运行的进程
[PID: 580][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 848][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 872][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.325]
[PID: 916][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 928][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
[PID: 1088][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1156][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
[PID: 1252][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
[PID: 1296][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
[PID: 1320][C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe]  [360.cn, 3, 2, 0, 1001]
    [C:\Program Files\360\360Safe\SoftMgr\360SoftMgrS.dll]  [奇虎网, 2, 1, 5, 1010]
    [C:\Program Files\360\360Safe\deepscan\CloudCom2.dll]  [360.cn, 3, 2, 0, 2001]
    [C:\Program Files\360\360Safe\deepscan\heavygate.dll]  [360安全中心, 3, 6, 11, 0]
    [C:\Program Files\360\360Safe\deepscan\qutmload.dll]  [360.cn, 6, 2, 0, 1006]
[PID: 1752][C:\WINDOWS\System32\SCardSvr.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
[PID: 1848][C:\WINDOWS\system32\drivers\CDAC11BA.EXE]  [Macrovision, 4.20.020]
[PID: 1876][C:\Program Files\ChinaTelecom\eLive\PlugIns\Safe\elivesafe.exe]  [贝壳网际(北京)安全技术有限公司, 2009.10.11.35]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\ChinaTelecom\eLive\PlugIns\Safe\elivebeike.dll]  [贝壳网际(北京)安全技术有限公司, 2009.10.11.35]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]
[PID: 1920][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 196][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 2040][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 528][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 564][C:\WINDOWS\system32\wuauclt.exe]  [(Verified) Microsoft Corporation, 5.8.0.2469 built by: lab01_n(wmbla)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1476][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 17.0.54.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 17.0.54.110]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360安全中心, 5, 2, 0, 1001]
[PID: 4084][C:\WINDOWS\VM_STI.EXE]  [BIGDOG, 4, 2, 610, 4]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360安全中心, 5, 2, 0, 1001]
[PID: 2368][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2540][C:\WINDOWS\Explorer.exe]  [(Verified) Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360安全中心, 5, 2, 0, 1001]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 17.0.54.0]
    [C:\Program Files\FlashGet\jccatch.dll]  [FlashGet, 1, 1, 5, 0]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 17.0.54.110]
[PID: 3732][J:\工具软件\检测工具\SReng2.8.2.1321版\sr-engldr.EXE]  [Smallfrogs Studio, 2.8.2.1321]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\360\360Safe\safemon\safemon.dll]  [360安全中心, 5, 2, 0, 1001]
    [J:\工具软件\检测工具\SReng2.8.2.1321版\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\miscr3.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\fssync.dll]  [Kaspersky Lab, 7.0.5.325]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.762]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\adialhk.dll]  [Kaspersky Lab, 7.0.1.325]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\dnsq.dll]  [Kaspersky Lab, 7.0.1.325]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
127.0.0.1  yu.8s7.net
27.0.0.1  1.jopanqc.com
127.0.0.1  2.joppnqq.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  xxx.m111.biz
127.0.0.1  1.jopenqc.com
127.0.0.1  1.jopenkk.com
127.0.0.1  xxx.vh7.biz
127.0.0.1  xxx.j41m.com
127.0.0.1  3.joppnqq.com
127.0.0.1  d.93se.com
127.0.0.1  www.868wg.com
127.0.0.1  xxx.mmma.biz
127.0.0.1  ilove.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  www.tomwg.com
127.0.0.1  www.cike007.cn
127.0.0.1  www.22aaa.com
127.0.0.1  xx.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
127.0.0.1  1.jopmmqq.com
127.0.0.1  171817.171817.com
127.0.0.1  d2.llsging.com
127.0.0.1  down.malasc.cn
127.0.0.1  llboss.com
127.0.0.1  nx.51ylb.cn
127.0.0.1  my.531jx.cn
127.0.0.1  qqq.dzydhx.com
127.0.0.1  qqq.hao1658.com
127.0.0.1  www.333292.com
127.0.0.1  down.18dd.net
127.0.0.1  up.22x44.com
127.0.0.1  aaa.faba01.com
127.0.0.1  bad.tqdlt.cn
127.0.0.1  1.chsipo.com
127.0.0.1  c3.aishangai.net
127.0.0.1  c2.aishangai.net
127.0.0.1  xxx.188dm.com
127.0.0.1  x2.1a2b3c1.com
127.0.0.1  d1.163500.net
127.0.0.1  down.google-serv.cn

==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 4084, C:\WINDOWS\VM_STI.EXE]

==================================
计划任务
N/A

==================================
Windows 安全更新检查
N/A

==================================
API HOOK
RVA  错误: LoadLibraryA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryExA (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryExW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: LoadLibraryW (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA  错误: GetProcAddress (危险等级: 高,  被下面模块所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 

回复: “我的电脑”无法正常打开!带日志

1、第一张截图情况是“我的电脑”的关联被篡改了,您可以使用清理助手进行修复
2、最后一张点击显示桌面提示找不到文件,其实显示桌面已被指向DESKTOP.EXE了
建议删除该快捷方式
手动恢复显示桌面

建文本文件如下:
[Shell]
Command=2
IconFile=explorer.exe,3
[Taskbar]
Command=ToggleDesktop

另存为显示桌面.scf
再复制到  C:\Documents and Settings\用户名\SendTo    文件夹
最后发送快捷方式到桌面并复制或移动到快速启动栏即可





本帖被评分 1 次
gototop
 

回复:“我的电脑”无法正常打开!带日志

C:\WINDOWS\system32\msdmo.dll 无版本信息,建议楼主到官方下载同系统类型的文件覆盖。HOST文件是卡巴用来屏蔽恶意网站的,不用管。
另外桌面图标异常可以下载这个帖子里的:
鼠标右键单击桌面,在排列图标内选择----运行桌面清理向导。以及恢复IE空白首页设置,还是不能清理掉的情况下,就可以试试下面的了。

目前可以尝试以下方法自助清理:

1、首选下载这个工具尝试修复:(不支持Vista和Win7系统)
        附件: FixIE_Plus.rar
http://bbs.ikaka.com/showtopic-8685996.aspx

2、删除这个路径下的这个文件:C:\WINDOWS\system32\TIME.SCR ,然后清理注册表。按楼上做法重新弄个显示桌面的快捷方式。最后重启电脑
本帖被评分 1 次
最后编辑暗夜的雪 最后编辑于 2010-02-20 20:53:36
娱乐致死还是娱乐至死啊?
gototop
 

回复:“我的电脑”无法正常打开!带日志

谢谢,楼上两位的热心回答,按照4楼提供的方法,问题已解决!
gototop
 
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT