继续求助! - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛继续求助!

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

1

1 / 1 页

跳转页

继续求助!

menboy 初生襁褓狮帖子:13 注册: 2005-09-03 来自:	发表于： 2005-09-03 20:20 \| 只看楼主短消息资料字号：小中大 1楼继续求助! 高手们:我的机子最近出现开机不久(一般是10分钟左右)出现屏幕不动,鼠标针能动,点击没有反映,点击数次后,黑屏一闪,伴随主机"只"的一响,恢复正常，稍后继续出现，比较频繁。（不点击时，几秒后黑一下屏恢复正常）.开机时间一长还死机.我换显卡、内存试过，没有改善。查不出病毒，操作系统ＸＰ。 HijackThis@Qoo的扫描日志 V1.97.7 Scan saved at 20:14:29, on 2005-9-3 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe D:\PROGRAM FILES\RISING\RAV\RavStub.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\rundll32.exe D:\Program Files\rising\Rfw\Rfw.exe D:\PROGRA~1\RISING\RAV\RAVTIMER.EXE D:\PROGRA~1\RISING\RAV\RAVMON.EXE C:\Program Files\Topro\tppoll.exe D:\Antiy Labs\AGB4\Monitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe E:\hijackthis1.97_qoo\HijackThis.exe R3 - URLSearchHook: O2 - BHO: (no name) - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v4.dll O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll O2 - BHO: (no name) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - D:\ O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\downlo~1\CnsHook.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll O3 - Toolbar: ????? - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll O4 - HKLM\..\Run: [IMJPMIG8.1] rem "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] rem C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] rem C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32 O4 - HKLM\..\Run: [CnsMin] Rundll32.exe C:\WINDOWS\downlo~1\CnsMin.dll,Rundll32 O4 - HKLM\..\Run: [rfw] D:\Program Files\rising\Rfw\Rfw.exe O4 - HKLM\..\Run: [RavTimer] D:\PROGRA~1\RISING\RAV\RAVTIMER.EXE O4 - HKLM\..\Run: [RavMon] D:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM O4 - HKLM\..\Run: [StormCodec_Helper] "D:\ O4 - HKLM\..\Run: [tppoll] C:\Program Files\Topro\tppoll.exe O4 - HKLM\..\Run: [AGBMonitor] D:\Antiy Labs\AGB4\Monitor.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: NTUSER.DAT O4 - Startup: NTUSER.DAT.LOG O4 - Startup: ntuser.ini O4 - Global Startup: ntuser.dat O4 - Global Startup: ntuser.dat.LOG O8 - Extra context menu item: !搜一搜 - res://C:\WINDOWS\downlo~1\CnsMinEx.dll/1003 O8 - Extra context menu item: 使用影音传送带下载 - D:\ O8 - Extra context menu item: 使用影音传送带下载全部链接 - D:\ O8 - Extra context menu item: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: 添加到QQ自定义面板 - D:\ O8 - Extra context menu item: 添加到QQ表情 - D:\ O8 - Extra context menu item: 用QQ彩信发送该图片 - D:\ O8 - Extra context menu item: 用比特精灵下载(&B) - D:\BitSpirit\bsurl.htm O9 - Extra button: QQ (HKLM) O11 - Options group: [!CNS] O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/ O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1116688148604 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E1E5BE2C-E8F9-48FE-8CEC-19F1A287BF92}: NameServer = 202.102.134.68,202.56.57.58 没有后面的,怎么回事啊? 2005-09-03 20:54:54
menboy 初生襁褓狮帖子:13 注册: 2005-09-03 来自:	分享到：

menboy 初生襁褓狮帖子:13 注册: 2005-09-03 来自:	发表于： 2005-09-03 20:20 \| 只看楼主短消息资料字号：小中大 2楼启动程序列表 StartupList report, 2005-9-3, 20:05:58 StartupList version: 1.52 Started from : E:\hijackthis1.97_qoo\HijackThis.EXE Detected: Windows XP SP2 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180) * Using default options * Showing rarely important sections ================================================== Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe D:\PROGRAM FILES\RISING\RAV\Ravmond.exe D:\PROGRAM FILES\RISING\RAV\RavStub.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\rundll32.exe D:\Program Files\rising\Rfw\Rfw.exe D:\PROGRA~1\RISING\RAV\RAVTIMER.EXE D:\PROGRA~1\RISING\RAV\RAVMON.EXE C:\Program Files\Topro\tppoll.exe D:\Antiy Labs\AGB4\Monitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE C:\WINDOWS\system32\svchost.exe E:\hijackthis1.97_qoo\HijackThis.exe -------------------------------------------------- Checking Windows NT UserInit: [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] UserInit = C:\WINDOWS\system32\userinit.exe, -------------------------------------------------- Autorun entries from Registry: HKLM\Software\Microsoft\Windows\CurrentVersion\Run IMJPMIG8.1 = rem "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 PHIME2002ASync = rem C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC PHIME2002A = rem C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot helper.dll = C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32 CnsMin = Rundll32.exe C:\WINDOWS\downlo~1\CnsMin.dll,Rundll32 rfw = D:\Program Files\rising\Rfw\Rfw.exe RavTimer = D:\PROGRA~1\RISING\RAV\RAVTIMER.EXE RavMon = D:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM StormCodec_Helper = "D:\软件\Storm Codec\StormSet.exe" /S /opti tppoll = C:\Program Files\Topro\tppoll.exe AGBMonitor = D:\Antiy Labs\AGB4\Monitor.exe -------------------------------------------------- Autorun entries from Registry: HKCU\Software\Microsoft\Windows\CurrentVersion\Run ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe -------------------------------------------------- Enumerating Active Setup stub paths: HKLM\Software\Microsoft\Active Setup\Installed Components (* = disabled by HKCU twin) [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP [>{26923b43-4d38-484f-9b9e-de460746276c}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] * StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] * StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install [{7790769C-0471-11d2-AF11-00C04FA35D02}] * StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install [{89820200-ECBD-11cf-8B85-00AA005B4340}] * StubPath = regsvr32.exe /s /n /i:U shell32.dll [{89820200-ECBD-11cf-8B85-00AA005B4383}] * StubPath = %SystemRoot%\system32\ie4uinit.exe -------------------------------------------------- Shell & screensaver key from C:\WINDOWS\SYSTEM.INI: Shell=INI section not found SCRNSAVE.EXE=INI section not found drivers=INI section not found Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=C:\WINDOWS\system32\logon.scr drivers=Registry value not found Policies Shell key: HKCU\..\Policies: Shell=Registry key not found HKLM\..\Policies: Shell=Registry value not found -------------------------------------------------- Checking for EXPLORER.EXE instances: C:\WINDOWS\Explorer.exe: PRESENT! C:\Explorer.exe: not present C:\WINDOWS\Explorer\Explorer.exe: not present C:\WINDOWS\System\Explorer.exe: not present C:\WINDOWS\System32\Explorer.exe: not present C:\WINDOWS\Command\Explorer.exe: not present C:\WINDOWS\Fonts\Explorer.exe: not present -------------------------------------------------- Checking for superhidden extensions: .lnk: HIDDEN! (arrow overlay: yes) .pif: HIDDEN! (arrow overlay: yes) .exe: not hidden .com: not hidden .bat: not hidden .hta: not hidden .scr: not hidden .shs: HIDDEN! .shb: HIDDEN! .vbs: not hidden .vbe: not hidden .wsh: not hidden .scf: HIDDEN! (arrow overlay: NO!) .url: HIDDEN! (arrow overlay: yes) .js: not hidden .jse: not hidden -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:\WINDOWS\system32\xunleibho_v4.dll - {0005A87D-D626-4B3A-84F9-1D9571695F55} (no name) - C:\PROGRA~1\FLASHGET\jccatch.dll - {A5366673-E8CA-11D3-9CD9-0090271D075B} (no name) - C:\Program Files\3721\Assist\asbar.dll - {BB936323-19FA-4521-BA29-ECA6A121BC78} (no name) - D:\软砑件\NetTransport 2\NTIEHelper.dll (file missing) - {C56CB6B0-0D96-11D6-8C65-B2868B609932} IE - C:\WINDOWS\downlo~1\CnsHook.dll - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} -------------------------------------------------- Enumerating Task Scheduler jobs: Symantec NetDetect.job -------------------------------------------------- Enumerating Download Program Files: [WebActivater Control] InProcServer32 = C:\WINDOWS\system32\WEBACT~1.OCX CODEBASE = http://game.qq.com/QQGame2.cab [WUWebControl Class] InProcServer32 = C:\WINDOWS\system32\wuweb.dll CODEBASE = http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1116688148604 [Shockwave Flash Object] InProcServer32 = C:\WINDOWS\system32\macromed\flash\Flash.ocx CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab -------------------------------------------------- Enumerating Windows NT/2000/XP services AntiyFirewall: system32\drivers\AntiyFW.sys (autostart) Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Basetdi: \??\C:\WINDOWS\system32\drivers\basetdi.sys (autostart) Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart) DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart) Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Event Log: %SystemRoot%\system32\services.exe (autostart) Help and Support: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) HookCont: \??\D:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys (autostart) HookReg: \??\D:\PROGRAM FILES\RISING\RAV\HOOKREG.sys (autostart) HookSys: \??\D:\PROGRAM FILES\RISING\RAV\hooksys.sys (autostart) IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (autostart) IPHOOK: \??\d:\Program Files\rising\rfw\iphook.sys (autostart) Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Machine Debug Manager: "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" (autostart) New0: \??\C:\WINDOWS\system32\new.sys (autostart) Plug and Play: %SystemRoot%\system32\services.exe (autostart) IPSEC Services: %SystemRoot%\system32\lsass.exe (autostart) Protected Storage: %SystemRoot%\system32\lsass.exe (autostart) Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart) Rising Process Communication Center: D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE (autostart) RsRavMon Service: D:\PROGRAM FILES\RISING\RAV\Ravmond.exe (autostart) Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart) Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart) System Restore Service: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (autostart) Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart) Windows User Mode Driver Framework: C:\WINDOWS\system32\wdfmgr.exe (autostart) Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart) Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart) -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:\WINDOWS\system32\SHELL32.dll CDBurn: C:\WINDOWS\system32\SHELL32.dll WebCheck: C:\WINDOWS\system32\webcheck.dll SysTray: C:\WINDOWS\system32\stobject.dll -------------------------------------------------- End of report, 10,866 bytes Report generated in 0.371 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only 并且进程里有4个SVCHOST.EXE,内存使用3千到2万K.谁能帮帮我啊?
menboy 初生襁褓狮帖子:13 注册: 2005-09-03 来自:

天天泡泡卡卡技术团队帖子:17486 注册: 2004-01-21 来自:安徽安庆	发表于： 2005-09-03 20:27 \| 短消息资料字号：小中大 3楼日志版本太老，请用HijackThis1.99.1版重新扫描日志上来。工具在置顶的贴子里有。
天天泡泡卡卡技术团队帖子:17486 注册: 2004-01-21 来自:安徽安庆

menboy 初生襁褓狮帖子:13 注册: 2005-09-03 来自:	发表于： 2005-09-03 20:35 \| 只看楼主短消息资料字号：小中大 4楼 HijackThis_zww汉化版扫描日志 V1.99.1 保存于 20:36:45, 日期 2005-9-3 操作系统： Windows XP SP2 (WinNT 5.01.2600) 浏览器： Internet Explorer v6.00 SP2 (6.00.2900.2180) 当前运行的进程： C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe D:\PROGRAM FILES\RISING\RAV\RavStub.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\system32\rundll32.exe D:\Program Files\rising\Rfw\Rfw.exe D:\PROGRA~1\RISING\RAV\RAVTIMER.EXE D:\PROGRA~1\RISING\RAV\RAVMON.EXE C:\Program Files\Topro\tppoll.exe D:\Antiy Labs\AGB4\Monitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\FlashGet\flashget.exe E:\2535952005811174944\HijackThis1991zww.exe R3 - URLSearchHook: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - C:\WINDOWS\system32\xunleibho_v4.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FLASHGET\jccatch.dll O2 - BHO: AssistII - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - D:\软砑件\NetTransport 2\NTIEHelper.dll (file missing) O2 - BHO: IE - {D157330A-9EF3-49F8-9A67-4141AC41ADD4} - C:\WINDOWS\downlo~1\CnsHook.dll O3 - IE工具栏增项: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\fgiebar.dll O3 - IE工具栏增项: 上网助手 - {BB936323-19FA-4521-BA29-ECA6A121BC78} - C:\Program Files\3721\Assist\asbar.dll O4 - 启动项HKLM\\Run: [IMJPMIG8.1] rem "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - 启动项HKLM\\Run: [PHIME2002ASync] rem C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - 启动项HKLM\\Run: [PHIME2002A] rem C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - 启动项HKLM\\Run: [helper.dll] C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\3721\helper.dll,Rundll32 O4 - 启动项HKLM\\Run: [CnsMin] Rundll32.exe C:\WINDOWS\downlo~1\CnsMin.dll,Rundll32 O4 - 启动项HKLM\\Run: [rfw] D:\Program Files\rising\Rfw\Rfw.exe O4 - 启动项HKLM\\Run: [RavTimer] D:\PROGRA~1\RISING\RAV\RAVTIMER.EXE O4 - 启动项HKLM\\Run: [RavMon] D:\PROGRA~1\RISING\RAV\RAVMON.EXE -SYSTEM O4 - 启动项HKLM\\Run: [StormCodec_Helper] "D:\软件\Storm Codec\StormSet.exe" /S /opti O4 - 启动项HKLM\\Run: [tppoll] C:\Program Files\Topro\tppoll.exe O4 - 启动项HKLM\\Run: [AGBMonitor] D:\Antiy Labs\AGB4\Monitor.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - IE右键菜单中的新增项目: !搜一搜 - res://C:\WINDOWS\downlo~1\CnsMinEx.dll/1003 O8 - IE右键菜单中的新增项目: 使用影音传送带下载 - D:\软件\NetTransport 2\NTAddLink.html O8 - IE右键菜单中的新增项目: 使用影音传送带下载全部链接 - D:\软件\NetTransport 2\NTAddList.html O8 - IE右键菜单中的新增项目: 使用网际快车下载 - C:\Program Files\FlashGet\jc_link.htm O8 - IE右键菜单中的新增项目: 使用网际快车下载全部链接 - C:\Program Files\FlashGet\jc_all.htm O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - IE右键菜单中的新增项目: 添加到QQ自定义面板 - D:\软件\qq\AddPanel.htm O8 - IE右键菜单中的新增项目: 添加到QQ表情 - D:\软件\qq\AddEmotion.htm O8 - IE右键菜单中的新增项目: 用QQ彩信发送该图片 - D:\软件\qq\SendMMS.htm O8 - IE右键菜单中的新增项目: 用比特精灵下载(&B) - D:\BitSpirit\bsurl.htm O9 - 浏览器额外的按钮: 手机短信 - {00000000-0000-0001-0001-596BAEDD1289} - http://sms.3721.com/ie/index.htm (file missing) O9 - 浏览器额外的按钮: Yahoo 1G电邮 - {507F9113-CD77-4866-BA92-0E86DA3D0B97} - http://cn.mail.yahoo.com/promo/rd1 (file missing) O9 - 浏览器额外的按钮: 寻宝乐趣多 - {59BC54A2-56B3-44a0-93E5-432D58746E26} - http://hot.3721.com/rd/shop_btn.htm (file missing) O9 - 浏览器额外的按钮: 上网助手 - {5D73EE86-05F1-49ed-B850-E423120EC338} - http://assistant.3721.com/index.htm?fb=Cns (file missing) O9 - 浏览器额外的按钮: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\软件\qq\QQ.EXE (file missing) O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - D:\软件\qq\QQ.EXE (file missing) O9 - 浏览器额外的按钮: 情景聊天 - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - http://cn.rd.yahoo.com/home/messenger/bjk/clientbtn/?http://cn.messenger.yahoo.com/ (file missing) O9 - 浏览器额外的按钮: (no name) - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing) O9 - 浏览器额外的“工具”菜单项: 修复浏览器 - {ECF2E268-F28C-48d2-9AB7-8F69C11CCB71} - http://assistant.3721.com/security1.htm?fb=Cns (file missing) O9 - 浏览器额外的按钮: 易趣购物 - {EE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - 浏览器额外的“工具”菜单项: 易趣购物 - {EE60714F-AC19-427e-861A-FD60ABDF119A} - http://click2.ad4all.net/url2/urlmanage/url.asp?id=1 (file missing) O9 - 浏览器额外的按钮: (no name) - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing) O9 - 浏览器额外的“工具”菜单项: 清理上网记录 - {FD00D911-7529-4084-9946-A29F1BDF4FE5} - http://assistant.3721.com/clean1.htm?fb=Cns (file missing) O11 - Options group: [!CNS] 上网助手-地址栏搜索 O14 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/ O16 - DPF: {3D8F74EE-8692-4F8F-B8D2-7522E732519E} (WebActivater Control) - http://game.qq.com/QQGame2.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1116688148604 O17 - HKLM\System\CCS\Services\Tcpip\..\{E1E5BE2C-E8F9-48FE-8CEC-19F1A287BF92}: NameServer = 202.102.134.68,202.56.57.58 O23 - NT 服务: Rising Process Communication Center (RsCCenter) - rising - D:\PROGRAM FILES\RISING\RAV\CCENTER.EXE O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - D:\PROGRAM FILES\RISING\RAV\Ravmond.exe O23 - NT 服务: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe 请看看是什么问题啊,谢谢
menboy 初生襁褓狮帖子:13 注册: 2005-09-03 来自:

天天泡泡卡卡技术团队帖子:17486 注册: 2004-01-21 来自:安徽安庆	发表于： 2005-09-03 20:49 \| 短消息资料字号：小中大 5楼 C:\Program Files\Topro\tppoll.exe 这个是什么？日志看上去没什么异常
天天泡泡卡卡技术团队帖子:17486 注册: 2004-01-21 来自:安徽安庆

menboy 初生襁褓狮帖子:13 注册: 2005-09-03 来自:	发表于： 2005-09-03 20:54 \| 只看楼主短消息资料字号：小中大 6楼 C:\Program Files\Topro\tppoll.exe 摄像头的程序能大概判断出是什么问题吗?
menboy 初生襁褓狮帖子:13 注册: 2005-09-03 来自:

<<上一主题|下一主题>>

1

1 / 1 页

跳转页

页面顶部

Powered by Discuz!NT