【求助】我的机器今天开机突然．．．．．．．．．烦请高手给我看一下日志 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛【求助】我的机器今天开机突然．．．．．．．．．烦请高手给我看一下日志

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

【求助】我的机器今天开机突然．．．．．．．．．烦请高手给我看一下日志

bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:	发表于： 2007-05-17 11:42 \| 显示全部短消息资料字号：小中大 1楼【求助】我的机器今天开机突然．．．．．．．．．烦请高手给我看一下日志 Logfile of Kaka v2. 0. 3. 0 Scan Module v1. 0. 6. 1 Scan saved at 11:17:02, on 2005-05-17 Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,default_page_url= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://www.google.com/ie R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm O1 - Hosts: 127.0.0.1 localhost O2 - BHO: Thunder Browser Helper - {406F94EF-504F-4A40-8DFD-58B0666ABEBD} - D:\软件\迅雷\程序\ComDlls\XunLeiBHO_007.dll O3 - Toolbar: (file missing) O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe O4 - HKLM\..\Run: [Thunder] "D:\软件\迅雷\程序\Thunder.exe" /s O4 - HKLM\..\Run: [runeip] D:\123\程序\runiep.exe O4 - Startup: desktop.ini = O4 - Global Startup: desktop.ini = O8 - Extra context menu item: &使用迅雷下载 - D:\软件\迅雷\程序\Program\geturl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\软件\迅雷\程序\Program\getallurl.htm O8 - Extra context menu item: 添加到QQ自定义面板 - E:\腾迅QQ\程序\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - E:\腾迅QQ\程序\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\腾迅QQ\程序\QQ\SendMMS.htm O9 - Extra Button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\软件\迅雷\程序\Thunder.exe O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\软件\迅雷\程序\Thunder.exe O9 - Extra Button: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing) O9 - Extra 'Tools' menuitem: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing) O9 - Extra Button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\腾迅QQ\程序\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\腾迅QQ\程序\QQ\QQ.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.tomatolei.com O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ipp - (no CLSID) - (no file) O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll O18 - Protocol: msdaipp - (no CLSID) - (no file) O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll O23 - Service: Human Interface Device Access (HidServ) - - C:\WINDOWS\system32\svchost.exe -k netsvcs O23 - Service: User Privilege Service (usprserv) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe -k netsvcs 2007-05-17 12:49:50
bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:	分享到：

bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:	发表于： 2007-05-17 11:44 \| 显示全部短消息资料字号：小中大 2楼 Logfile of Kaka v2. 0. 3. 0 Scan Module v1. 0. 6. 1 Scan saved at 11:17:02, on 2005-05-17 Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,default_page_url= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://www.google.com/ie R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm O1 - Hosts: 127.0.0.1 localhost O2 - BHO: Thunder Browser Helper - {406F94EF-504F-4A40-8DFD-58B0666ABEBD} - D:\软件\迅雷\程序\ComDlls\XunLeiBHO_007.dll O3 - Toolbar: (file missing) O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe O4 - HKLM\..\Run: [Thunder] "D:\软件\迅雷\程序\Thunder.exe" /s O4 - HKLM\..\Run: [runeip] D:\123\程序\runiep.exe O4 - Startup: desktop.ini = O4 - Global Startup: desktop.ini = O8 - Extra context menu item: &使用迅雷下载 - D:\软件\迅雷\程序\Program\geturl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\软件\迅雷\程序\Program\getallurl.htm O8 - Extra context menu item: 添加到QQ自定义面板 - E:\腾迅QQ\程序\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - E:\腾迅QQ\程序\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\腾迅QQ\程序\QQ\SendMMS.htm O9 - Extra Button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\软件\迅雷\程序\Thunder.exe O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\软件\迅雷\程序\Thunder.exe O9 - Extra Button: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing) O9 - Extra 'Tools' menuitem: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing) O9 - Extra Button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\腾迅QQ\程序\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\腾迅QQ\程序\QQ\QQ.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.tomatolei.com O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ipp - (no CLSID) - (no file) O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll O18 - Protocol: msdaipp - (no CLSID) - (no file) O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll O23 - Service: Human Interface Device Access (HidServ) - - C:\WINDOWS\system32\svchost.exe -k netsvcs O23 - Service: User Privilege Service (usprserv) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe -k netsvcs
bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:

bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:	发表于： 2007-05-17 11:48 \| 显示全部短消息资料字号：小中大 3楼 Logfile of Kaka v2. 0. 3. 0 Scan Module v1. 0. 6. 1 Scan saved at 11:17:02, on 2005-05-17 Platform: Microsoft Windows XP Professional Service Pack 2 (Build 2600) R0 - HKCU\Software\Microsoft\Internet Explorer\Main,default_page_url= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://www.google.com/ie R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.google.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=%SystemRoot%\system32\blank.htm O1 - Hosts: 127.0.0.1 localhost O2 - BHO: Thunder Browser Helper - {406F94EF-504F-4A40-8DFD-58B0666ABEBD} - D:\软件\迅雷\程序\ComDlls\XunLeiBHO_007.dll O3 - Toolbar: (file missing) O3 - Toolbar: 卡卡上网安全助手 - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe O4 - HKLM\..\Run: [Thunder] "D:\软件\迅雷\程序\Thunder.exe" /s O4 - HKLM\..\Run: [runeip] D:\123\程序\runiep.exe O4 - Startup: desktop.ini = O4 - Global Startup: desktop.ini = O8 - Extra context menu item: &使用迅雷下载 - D:\软件\迅雷\程序\Program\geturl.htm O8 - Extra context menu item: &使用迅雷下载全部链接 - D:\软件\迅雷\程序\Program\getallurl.htm O8 - Extra context menu item: 添加到QQ自定义面板 - E:\腾迅QQ\程序\QQ\AddPanel.htm O8 - Extra context menu item: 添加到QQ表情 - E:\腾迅QQ\程序\QQ\AddEmotion.htm O8 - Extra context menu item: 用QQ彩信发送该图片 - E:\腾迅QQ\程序\QQ\SendMMS.htm O9 - Extra Button: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\软件\迅雷\程序\Thunder.exe O9 - Extra 'Tools' menuitem: 启动迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - D:\软件\迅雷\程序\Thunder.exe O9 - Extra Button: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing) O9 - Extra 'Tools' menuitem: 番茄花园 - {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} - http://www.tomatolei.com (file missing) O9 - Extra Button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\腾迅QQ\程序\QQ\QQ.EXE O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\腾迅QQ\程序\QQ\QQ.EXE O14 - IERESET.INF: START_PAGE_URL=http://www.tomatolei.com O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: cdl - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: dvd - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: file - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ftp - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: http - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: https - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ipp - (no CLSID) - (no file) O18 - Protocol: its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll O18 - Protocol: javascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: local - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: mailto - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: mhtml - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll O18 - Protocol: mk - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll O18 - Protocol: ms-its - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll O18 - Protocol: msdaipp - (no CLSID) - (no file) O18 - Protocol: res - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: sysimage - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: tv - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll O18 - Protocol: vbscript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll O18 - Protocol: wia - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll O23 - Service: Human Interface Device Access (HidServ) - - C:\WINDOWS\system32\svchost.exe -k netsvcs O23 - Service: User Privilege Service (usprserv) - Microsoft Corporation - C:\WINDOWS\system32\svchost.exe -k netsvcs
bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:

bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:	发表于： 2007-05-17 12:01 \| 显示全部短消息资料字号：小中大 4楼上面是用瑞星卡卡上网助手扫的下面我在用SRE去扫呀稍等片刻
bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:

bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:	发表于： 2007-05-17 12:07 \| 显示全部短消息资料字号：小中大 5楼 [CODE] 2007-05-17,11:52:12 System Repair Engineer 2.4.12.806 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher] <swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe> [(Verified)Google Inc] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <Thunder><"D:\软件\迅雷\程序\Thunder.exe" /s> [Thunder Networking Technologies,LTD] <runeip><D:\123\程序\runiep.exe> [Beijing Rising Technology Co., Ltd.] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Publisher] <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher] ================================== 启动文件夹 N/A ================================== 服务 [Human Interface Device Access / HidServ][Stopped/Disabled] <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> ================================== 驱动程序 [Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start] <system32\drivers\ALCXSENS.SYS><Sensaura> [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.> [IdeBusDr / IdeBusDr][Running/Boot Start] <\SystemRoot\system32\DRIVERS\IdeBusDr.sys><Intel Corporation> [Intel(R) Ultra ATA Controller / IdeChnDr][Running/Boot Start] <\SystemRoot\system32\DRIVERS\IdeChnDr.sys><Intel Corporation> [npkcrypt / npkcrypt][Running/Auto Start] <\??\E:\腾迅QQ\程序\QQ\npkcrypt.sys><INCA Internet Co., Ltd.> [nv / nv][Running/Manual Start] <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation> [Direct Parallel Link Driver / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> [RsAntiSpyware / RsAntiSpyware][Running/Boot Start] <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising> [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start] <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation> [Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><N/A> [SentryCard / SentryCard][Running/Boot Start] <\SystemRoot\System32\Drivers\xsbide.sys><Sentry Technology Co., LTD.> [USB PC Camera (SNPSTD3) / SNPSTD3][Stopped/Manual Start] <system32\DRIVERS\snpstd3.sys><> [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start] <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation> [Xsb safe NT Driver / XsbSafeDriver][Running/Boot Start] <\SystemRoot\system32\Drivers\Safexsb.sys><>
bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:

bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:	发表于： 2007-05-17 12:08 \| 显示全部短消息资料字号：小中大 6楼浏览器加载项 [Thunder Browser Helper] {406F94EF-504F-4A40-8DFD-58B0666ABEBD} <D:\软件\迅雷\程序\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD> [启动迅雷5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\软件\迅雷\程序\Thunder.exe, Thunder Networking Technologies,LTD> [番茄花园] {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.tomatolei.com, N/A> [QQ] {c95fe080-8f5d-11d2-a20b-00aa003c157b} <E:\腾迅QQ\程序\QQ\QQ.EXE, TENCENT> [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.> [Thunder Browser Helper] {406F94EF-504F-4A40-8DFD-58B0666ABEBD} <D:\软件\迅雷\程序\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD> [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\软件\迅雷\程序\ComDlls\XunLeiBHO_007.dll, Thunder Networking Technologies,LTD> [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.> [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.> [&使用迅雷下载] <D:\软件\迅雷\程序\Program\geturl.htm, N/A> [&使用迅雷下载全部链接] <D:\软件\迅雷\程序\Program\getallurl.htm, N/A> [添加到QQ自定义面板] <E:\腾迅QQ\程序\QQ\AddPanel.htm, N/A> [添加到QQ表情] <E:\腾迅QQ\程序\QQ\AddEmotion.htm, N/A> [用QQ彩信发送该图片] <E:\腾迅QQ\程序\QQ\SendMMS.htm, N/A> ================================== 正在运行的进程 [PID: 292][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 352][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 376][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 420][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1192][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [D:\123\程序\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [D:\软件\迅雷\程序\ComDlls\XunLeiBHO_007.dll] [Thunder Networking Technologies,LTD, 5, 0, 1, 4] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [PID: 1512][D:\123\程序\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6] [D:\123\程序\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4] [D:\123\程序\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 1536][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\123\程序\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 1584][C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe] [Google Inc., 1, 2, 911, 3380] [C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\res_zh-CN.dll] [Google Inc., 1, 2, 911, 3380] [C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\swg.dll] [Google Inc., 1, 2, 911, 3380] [D:\123\程序\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 1140][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kakatool.dll] [Beijing Rising Technology Co., Ltd., 2, 0, 3, 0] [D:\软件\迅雷\程序\ComDlls\XunLeiBHO_007.dll] [Thunder Networking Technologies,LTD, 5, 0, 1, 4] [D:\123\程序\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 1432][C:\WINDOWS\system32\notepad.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\123\程序\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 1672][C:\WINDOWS\system32\NOTEPAD.EXE] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\123\程序\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [PID: 1528][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kakatool.dll] [Beijing Rising Technology Co., Ltd., 2, 0, 3, 0] [D:\软件\迅雷\程序\ComDlls\XunLeiBHO_007.dll] [Thunder Networking Technologies,LTD, 5, 0, 1, 4] [D:\123\程序\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx] [Adobe Systems, Inc., 9,0,16,0] [C:\Documents and Settings\Administrator\桌面\SREng【teyqiu】.com] [Smallfrogs Studio, 2.4.12.806] [D:\123\程序\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost ================================== API HOOK N/A
bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:

bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:	发表于： 2007-05-17 12:13 \| 显示全部短消息资料字号：小中大 7楼还有哎大侠！　刚才我扫描日志的时候才发现我的系统时间也被改了哎　，这是怎么回事呀，昨天关机的时候还好好的，今天开机就说＇系统已经从一个严重的错误中恢复＇，从左下角还发现了新硬件＇以太网控制器＇这都是什么呀
bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:

bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:	发表于： 2007-05-17 12:21 \| 显示全部短消息资料字号：小中大 8楼谢谢大侠了，后面那些东东就是我最后说的那些呀，我先按你你教我的方法去把那些坏东东投进监狱去
bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:

bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:	发表于： 2007-05-17 12:59 \| 显示全部短消息资料字号：小中大 9楼回来是来谢谢网恋大侠的，照你教的东东已经ＯＫ了，不耽误你网恋了，快去找你的网络小情人去吧，嘻嘻
bingyudg 初生襁褓狮帖子:44 注册: 2007-03-07 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT