1   1  /  1  页   跳转

救救我的电脑吧,555555555,有log

收藏
angelcyt
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2007-01-08
  • 来自:
发表于: 2007-01-08 18:15 | 显示全部 短消息 资料
字号: 1楼

救救我的电脑吧,555555555,有log

现在很多软件打不开,任务管理器出不来,无法完成“运行”的指令。各驱动盘双击打不开,一直跳出来mhh.exe,kap.exe,3127.exe等。我已经格过C盘了,可是问题依旧存在,怎么办阿?55555555!高手帮帮我!!!
最后编辑2007-01-08 22:36:09
分享到:
gototop
 
angelcyt
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2007-01-08
  • 来自:
发表于: 2007-01-08 18:17 | 显示全部 短消息 资料
字号: 2楼

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <svcshare><C:\WINDOWS\system32\drivers\spcolsv.exe>  [N/A]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <System Files Updater><; C:\WINDOWS\FlyakiteOSX\System Files Updater.exe /S>  [N/A]
    <MSConfig><C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto>  [Microsoft Corporation]
    <zts2><C:\DOCUME~1\cyt\LOCALS~1\Temp\ztt.exe>  [N/A]
    <mhs2><C:\DOCUME~1\cyt\LOCALS~1\Temp\mhh.exe>  [N/A]
    <wlzs><C:\DOCUME~1\cyt\LOCALS~1\Temp\wll.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <!AVG Anti-Spyware><; "D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <bgswitch><; C:\WINDOWS\system32\bgswitch.exe>  [N/A]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <SoundMan><; SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <svcshare><; C:\WINDOWS\system32\drivers\spcolsv.exe>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Running/Auto Start]
  <D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe><Anti-Malware Development a.s.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Windows Installer / MSIServer][Stopped/Manual Start]
  <C:\WINDOWS\system32\msiexec.exe /V><Microsoft Corporation>
[Windows DHCP Service / WinDHCPsvc][Stopped/Auto Start]
  <C:\WINDOWS\system32\\rundll32.exe windhcp.ocx,start><Microsoft Corporation>

==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Running/System Start]
  <\??\D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys><N/A>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
  <System32\DRIVERS\AvgAsCln.sys><GRISOFT, s.r.o.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
  <\??\G:\INSTALL\GMSIPCI.SYS><N/A>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\D:\Program Files\盛大网络\冒险岛online\npkcrypt.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[squell / squell][Running/Manual Start]
  <2 - 系统找不到指定的文件。
><N/A>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <system32\DRIVERS\npf.sys><CACE Technologies>

==================================
浏览器加载项
[番茄花园]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A>
[PowerList Control]
  {20C2C286-BDE8-441B-B73D-AFA22D914DA5} <E:\PROGRA~1\PPStream\POWERL~1.OCX, PPStream.com>
[PowerPlayer Control]
  {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <E:\PROGRA~1\PPStream\POWERP~1.DLL, PPStream Inc.>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.>
gototop
 
angelcyt
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2007-01-08
  • 来自:
发表于: 2007-01-08 18:17 | 显示全部 短消息 资料
字号: 3楼

=================================
正在运行的进程
[PID: 380][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 436][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 460][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4117]
    [C:\WINDOWS\system32\JJN.IME]  [加加在线, 3.11.0.0]
[PID: 504][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 516][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 676][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4117]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 688][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 752][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 828][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 884][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 916][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1140][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1308][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4117]
    [C:\WINDOWS\system32\JJN.IME]  [加加在线, 3.11.0.0]
    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 1408][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JJN.IME]  [加加在线, 3.11.0.0]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll]  [Anti-Malware Development a.s., 7, 5, 0, 49]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1492][C:\Program Files\JJOL\IME\JJSvr.EXE]  [加加在线, 3.11.0.1]
    [C:\WINDOWS\system32\JJN.IME]  [加加在线, 3.11.0.0]
[PID: 1572][D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe]  [Anti-Malware Development a.s., 7, 5, 0, 47]
    [D:\Program Files\Grisoft\AVG Anti-Spyware 7.5\engine.dll]  [Anti-Malware Development a.s., 4, 2, 0, 15]
[PID: 1620][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JJN.IME]  [加加在线, 3.11.0.0]
[PID: 1724][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 2032][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JJN.IME]  [加加在线, 3.11.0.0]
[PID: 3860][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JJN.IME]  [加加在线, 3.11.0.0]
    [C:\WINDOWS\system32\macromed\flash\Flash85.ocx]  [Macromedia, Inc., 8,5,0,133]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
[PID: 908][C:\DOCUME~1\cyt\LOCALS~1\Temp\mhh.exe]  [N/A, N/A]
    [C:\DOCUME~1\cyt\LOCALS~1\Temp\mhs2.dll]  [N/A, N/A]
[PID: 2656][C:\DOCUME~1\cyt\LOCALS~1\Temp\ztt.exe]  [N/A, N/A]
    [C:\DOCUME~1\cyt\LOCALS~1\Temp\zts2.dll]  [N/A, N/A]
[PID: 3120][C:\DOCUME~1\cyt\LOCALS~1\Temp\wll.exe]  [N/A, N/A]
    [C:\DOCUME~1\cyt\LOCALS~1\Temp\wlzs.dll]  [N/A, N/A]
[PID: 3780][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\JJN.IME]  [加加在线, 3.11.0.0]
[PID: 1508][C:\DOCUME~1\cyt\LOCALS~1\Temp\ztt.exe]  [N/A, N/A]
[PID: 1064][C:\DOCUME~1\cyt\LOCALS~1\Temp\mhh.exe]  [N/A, N/A]
[PID: 3636][C:\DOCUME~1\cyt\LOCALS~1\Temp\wll.exe]  [N/A, N/A]
[PID: 4424][C:\DOCUME~1\cyt\LOCALS~1\Temp\ztt.exe]  [N/A, N/A]
[PID: 4536][C:\DOCUME~1\cyt\LOCALS~1\Temp\mhh.exe]  [N/A, N/A]
[PID: 956][C:\DOCUME~1\cyt\LOCALS~1\Temp\wll.exe]  [N/A, N/A]
[PID: 3168][C:\DOCUME~1\cyt\LOCALS~1\Temp\ztt.exe]  [N/A, N/A]
[PID: 3568][C:\DOCUME~1\cyt\LOCALS~1\Temp\wll.exe]  [N/A, N/A]
[PID: 1680][C:\DOCUME~1\cyt\LOCALS~1\Temp\mhh.exe]  [N/A, N/A]
[PID: 4456][C:\DOCUME~1\cyt\LOCALS~1\Temp\wll.exe]  [N/A, N/A]
[PID: 5364][C:\DOCUME~1\cyt\LOCALS~1\Temp\ztt.exe]  [N/A, N/A]
[PID: 5572][C:\DOCUME~1\cyt\LOCALS~1\Temp\mhh.exe]  [N/A, N/A]
[PID: 3040][C:\DOCUME~1\cyt\LOCALS~1\Temp\mhh.exe]  [N/A, N/A]
[PID: 3528][C:\DOCUME~1\cyt\LOCALS~1\Temp\ztt.exe]  [N/A, N/A]
[PID: 4796][C:\DOCUME~1\cyt\LOCALS~1\Temp\wll.exe]  [N/A, N/A]
[PID: 2188][C:\DOCUME~1\cyt\LOCALS~1\Temp\mhh.exe]  [N/A, N/A]
[PID: 836][C:\DOCUME~1\cyt\LOCALS~1\Temp\wll.exe]  [N/A, N/A]
[PID: 5872][C:\DOCUME~1\cyt\LOCALS~1\Temp\ztt.exe]  [N/A, N/A]
[PID: 1052][C:\WINDOWS\system32\Thunder5.exe]  [N/A, N/A]
[PID: 2632][C:\DOCUME~1\cyt\LOCALS~1\Temp\mhh.exe]  [N/A, N/A]
[PID: 2572][C:\DOCUME~1\cyt\LOCALS~1\Temp\ztt.exe]  [N/A, N/A]
[PID: 3232][C:\DOCUME~1\cyt\LOCALS~1\Temp\wll.exe]  [N/A, N/A]
[PID: 1276][C:\DOCUME~1\cyt\LOCALS~1\Temp\kap.exe]  [N/A, N/A]
[PID: 3600][C:\WINDOWS\system32\drivers\spcolsv.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\SrvDll.dll]  [N/A, N/A]
[PID: 1784][C:\WINDOWS\system32\Thunder5.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
[PID: 3888][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINDOWS\system32\JJN.IME]  [加加在线, 3.11.0.0]
[PID: 5884][C:\DOCUME~1\cyt\LOCALS~1\Temp\Rar$EX00.500\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\WINDOWS\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINDOWS\system32\JJN.IME]  [加加在线, 3.11.0.0]
    [C:\WINDOWS\system32\SrvDll.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
IP
    C:\WINDOWS\system32\SrvDll.dll(N/A, N/A)
UDP_CHAIN
    C:\WINDOWS\system32\SrvDll.dll(N/A, N/A)

==================================
Autorun.inf
[C:\]
[AutoRun]
OPEN=setup.exe
shellexecute=setup.exe
shell\Auto\command=setup.exe
[D:\]
[AutoRun]
OPEN=setup.exe
shellexecute=setup.exe
shell\Auto\command=setup.exe
[E:\]
[AutoRun]
OPEN=setup.exe
shellexecute=setup.exe
shell\Auto\command=setup.exe
[F:\]
[AutoRun]
OPEN=setup.exe
shellexecute=setup.exe
shell\Auto\command=setup.exe
gototop
 
angelcyt
头像
初生襁褓狮
  • 帖子:4
  • 注册: 2007-01-08
  • 来自:
发表于: 2007-01-08 22:45 | 显示全部 短消息 资料
字号: 4楼

IceSword用不起来阿,说初始化错误1,怎么办阿?
熊猫专杀弄出来一堆拒绝访问的东西
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT