麻烦大家帮我看看，我的电脑老是重启 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛麻烦大家帮我看看，我的电脑老是重启

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

麻烦大家帮我看看，我的电脑老是重启

麦田守望初生襁褓狮帖子:25 注册: 2005-02-28 来自:	发表于： 2006-02-16 09:58 \| 只看楼主短消息资料字号：小中大 1楼麻烦大家帮我看看，我的电脑老是重启我用hijackthis查到的东东： HijackThis(zww3008汉化版)V1.99.1 保存于 9:52:17, 日期 2006-2-16 操作系统： Windows 2000 SP4 (WinNT 5.00.2195) 浏览器： Internet Explorer v6.00 SP1 (6.00.2800.1106) 当前运行的进程： C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe d:\kbs\avpcc.exe d:\kbs\avpm.exe C:\WINNT\System32\llssrv.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\Dfssvc.exe C:\WINNT\system32\inetsrv\inetinfo.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\winser.exe D:\kbs\avpcc.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINNT\system32\ope34.exe C:\Program Files\Microsoft Office\Office\2052\OLFSNT40.EXE C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe C:\WINNT\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe E:\共享文件\HB_HijackThis\HijackThis1991汉化版\HB_HijackThis1991_zww.exe R3 - URLSearchHook: (no name) - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - (no file) O3 - IE工具栏增项: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - 启动项HKLM\\Run: [PRPCMonitor] ; PRPCUI.exe O4 - 启动项HKLM\\Run: [LaunchAp] ; C:\Program Files\Launch Manager\LaunchAp.exe O4 - 启动项HKLM\\Run: [HotkeyApp] ; C:\Program Files\Launch Manager\HotkeyApp.exe O4 - 启动项HKLM\\Run: [CtrlVol] ; C:\Program Files\Launch Manager\CtrlVol.exe O4 - 启动项HKLM\\Run: [Wbutton] ; "C:\Program Files\Launch Manager\Wbutton.exe" O4 - 启动项HKLM\\Run: [PRONoMgr.exe] ; C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe O4 - 启动项HKLM\\Run: [AVPCC] d:\kbs\avpcc.exe /wait O4 - 启动项HKLM\\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - 启动项HKLM\\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - 启动项HKCU\\Run: [ctfmon.exe] C:\WINNT\System32\Ctfmon.exe O4 - 启动项HKCU\\Run: [internat.exe] internat.exe O4 - “启动”文件夹: 腾讯TM.lnk = E:\qq\TMShell.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\2052\OLFSNT40.EXE O4 - Global Startup: 服务管理器.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - IE右键菜单中的新增项目： &使用迅雷下载 - C:\Thunder Network\Thunder\geturl.htm O8 - IE右键菜单中的新增项目： &使用迅雷下载全部链接 - C:\Thunder Network\Thunder\getAllurl.htm O8 - IE右键菜单中的新增项目：上传到QQ网络硬盘 - E:\qq\AddToNetDisk.htm O8 - IE右键菜单中的新增项目：导出当前页到超星阅览器(&A) - C:\超星阅读器\SSREADER36\ss_all.htm O8 - IE右键菜单中的新增项目：导出选中部分到超星阅览器(&S) - C:\超星阅读器\SSREADER36\ss_select.htm O8 - IE右键菜单中的新增项目：添加到QQ自定义面板 - E:\qq\AddPanel.htm O8 - IE右键菜单中的新增项目：添加到QQ表情 - E:\qq\AddEmotion.htm O8 - IE右键菜单中的新增项目：用QQ彩信发送该图片 - E:\qq\SendMMS.htm O9 - 浏览器额外的按钮： Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - 浏览器额外的“工具”菜单项： Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - 浏览器额外的按钮： QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\qq\QQ.EXE (file missing) O9 - 浏览器额外的“工具”菜单项：腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\qq\QQ.EXE (file missing) O16 - DPF: {88734439-46D0-42C0-A13F-7E881EE550CF} (Filetran Control) - http://www.bluesky.cn/download/filetran.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{517FD4F6-0BC3-4FD9-A255-396F31EC052A}: NameServer = 202.98.160.68 O18 - 列举现有的协议: dynascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll O18 - 列举现有的协议: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll O23 - NT 服务: AVP Control Centre Service (AVPCC) - Kaspersky Labs. - d:\kbs\avpcc.exe O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - NT 服务: KAV Monitor Service (KAVMonitorService) - Kaspersky Labs. - d:\kbs\avpm.exe O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - NT 服务: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe O23 - NT 服务: systme (systme2) - Unknown owner - C:\WINNT\system01.exe (file missing) ----------------------------- 哪位老大能帮我看看，我中是什么毒。这些天系统老是重启谢谢大家 2006-02-28 09:48:41
麦田守望初生襁褓狮帖子:25 注册: 2005-02-28 来自:	分享到：

不言放弃社区嘉宾帖子:30678 注册: 2004-09-17 来自:蓝色星球	发表于： 2006-02-16 10:39 \| 短消息资料字号：小中大 2楼结束C:\WINNT\system32\winser.exe进程进入注册表搜索winser.exe 找到后全部删除删除 C:\WINNT\system32\winser.exe
不言放弃社区嘉宾帖子:30678 注册: 2004-09-17 来自:蓝色星球

麦田守望初生襁褓狮帖子:25 注册: 2005-02-28 来自:	发表于： 2006-02-17 10:07 \| 只看楼主短消息资料字号：小中大 3楼老兄，谢谢你，我已经删除了但还是会重启前段时间没有出现过。只有这几出现重启麻烦各位帮我分析一下: ---------------- HijackThis(zww3008汉化版)V1.99.1 保存于 9:51:27, 日期 2006-2-17 操作系统： Windows 2000 SP4 (WinNT 5.00.2195) 浏览器： Internet Explorer v6.00 SP1 (6.00.2800.1106) 当前运行的进程： C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe d:\kbs\avpcc.exe d:\kbs\avpm.exe C:\WINNT\System32\llssrv.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\Dfssvc.exe C:\WINNT\system32\inetsrv\inetinfo.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\PRPCUI.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\CtrlVol.exe C:\Program Files\Launch Manager\Wbutton.exe D:\kbs\avpcc.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINNT\system32\ope34.exe C:\WINNT\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe E:\共享文件\HB_HijackThis\HijackThis1991汉化版\HB_HijackThis1991_zww.exe R3 - URLSearchHook: (no name) - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - (no file) O3 - IE工具栏增项: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - 启动项HKLM\\Run: [PRPCMonitor] PRPCUI.exe O4 - 启动项HKLM\\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - 启动项HKLM\\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - 启动项HKLM\\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - 启动项HKLM\\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - 启动项HKLM\\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe O4 - 启动项HKLM\\Run: [AVPCC] d:\kbs\avpcc.exe /wait O4 - 启动项HKLM\\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - 启动项HKLM\\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - 启动项HKCU\\Run: [ctfmon.exe] C:\WINNT\System32\Ctfmon.exe O4 - 启动项HKCU\\Run: [internat.exe] internat.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\2052\OLFSNT40.EXE O4 - Global Startup: 服务管理器.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - IE右键菜单中的新增项目： &使用迅雷下载 - C:\Thunder Network\Thunder\geturl.htm O8 - IE右键菜单中的新增项目： &使用迅雷下载全部链接 - C:\Thunder Network\Thunder\getAllurl.htm O8 - IE右键菜单中的新增项目：上传到QQ网络硬盘 - E:\qq\AddToNetDisk.htm O8 - IE右键菜单中的新增项目：导出当前页到超星阅览器(&A) - C:\超星阅读器\SSREADER36\ss_all.htm O8 - IE右键菜单中的新增项目：导出选中部分到超星阅览器(&S) - C:\超星阅读器\SSREADER36\ss_select.htm O8 - IE右键菜单中的新增项目：添加到QQ自定义面板 - E:\qq\AddPanel.htm O8 - IE右键菜单中的新增项目：添加到QQ表情 - E:\qq\AddEmotion.htm O8 - IE右键菜单中的新增项目：用QQ彩信发送该图片 - E:\qq\SendMMS.htm O9 - 浏览器额外的按钮： Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - 浏览器额外的“工具”菜单项： Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - 浏览器额外的按钮： QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\qq\QQ.EXE (file missing) O9 - 浏览器额外的“工具”菜单项：腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\qq\QQ.EXE (file missing) O16 - DPF: {88734439-46D0-42C0-A13F-7E881EE550CF} (Filetran Control) - http://www.bluesky.cn/download/filetran.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{517FD4F6-0BC3-4FD9-A255-396F31EC052A}: NameServer = 202.98.160.68 O18 - 列举现有的协议: dynascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll O18 - 列举现有的协议: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll O23 - NT 服务: AVP Control Centre Service (AVPCC) - Kaspersky Labs. - d:\kbs\avpcc.exe O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - NT 服务: KAV Monitor Service (KAVMonitorService) - Kaspersky Labs. - d:\kbs\avpm.exe O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - NT 服务: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe O23 - NT 服务: systme (systme2) - Unknown owner - C:\WINNT\system01.exe (file missing)
麦田守望初生襁褓狮帖子:25 注册: 2005-02-28 来自:

麦田守望初生襁褓狮帖子:25 注册: 2005-02-28 来自:	发表于： 2006-02-21 09:43 \| 只看楼主短消息资料字号：小中大 4楼 HijackThis(zww3008汉化版)V1.99.1 保存于 9:34:47, 日期 2006-2-21 操作系统： Windows 2000 SP4 (WinNT 5.00.2195) 浏览器： Internet Explorer v6.00 SP1 (6.00.2800.1106) 当前运行的进程： C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe d:\kbs\avpcc.exe d:\kbs\avpm.exe C:\WINNT\System32\llssrv.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\Dfssvc.exe C:\WINNT\system32\inetsrv\inetinfo.exe C:\WINNT\Explorer.EXE C:\WINNT\system32\PRPCUI.exe C:\Program Files\Launch Manager\LaunchAp.exe C:\WINNT\System32\svchost.exe C:\Program Files\Launch Manager\HotkeyApp.exe C:\Program Files\Launch Manager\CtrlVol.exe C:\Program Files\Launch Manager\Wbutton.exe D:\kbs\avpcc.exe C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe E:\共享文件\HB_HijackThis\HijackThis1991汉化版\HB_HijackThis1991_zww.exe R3 - URLSearchHook: (no name) - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - (no file) O3 - IE工具栏增项: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - 启动项HKLM\\Run: [PRPCMonitor] PRPCUI.exe O4 - 启动项HKLM\\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe O4 - 启动项HKLM\\Run: [HotkeyApp] C:\Program Files\Launch Manager\HotkeyApp.exe O4 - 启动项HKLM\\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe O4 - 启动项HKLM\\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe" O4 - 启动项HKLM\\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe O4 - 启动项HKLM\\Run: [AVPCC] d:\kbs\avpcc.exe /wait O4 - 启动项HKLM\\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - 启动项HKLM\\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - 启动项HKLM\\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - 启动项HKCU\\Run: [ctfmon.exe] C:\WINNT\System32\Ctfmon.exe O4 - 启动项HKCU\\Run: [internat.exe] internat.exe O4 - 启动项HKCU\\Run: [NIW] C:\WINNT\NIW.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\2052\OLFSNT40.EXE O4 - Global Startup: 服务管理器.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe O8 - IE右键菜单中的新增项目： &使用迅雷下载 - C:\Thunder Network\Thunder\geturl.htm O8 - IE右键菜单中的新增项目： &使用迅雷下载全部链接 - C:\Thunder Network\Thunder\getAllurl.htm O8 - IE右键菜单中的新增项目：上传到QQ网络硬盘 - E:\qq\AddToNetDisk.htm O8 - IE右键菜单中的新增项目：导出当前页到超星阅览器(&A) - C:\超星阅读器\SSREADER36\ss_all.htm O8 - IE右键菜单中的新增项目：导出选中部分到超星阅览器(&S) - C:\超星阅读器\SSREADER36\ss_select.htm O8 - IE右键菜单中的新增项目：添加到QQ自定义面板 - E:\qq\AddPanel.htm O8 - IE右键菜单中的新增项目：添加到QQ表情 - E:\qq\AddEmotion.htm O8 - IE右键菜单中的新增项目：用QQ彩信发送该图片 - E:\qq\SendMMS.htm O9 - 浏览器额外的按钮： Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - 浏览器额外的“工具”菜单项： Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - 浏览器额外的按钮： QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\qq\QQ.EXE (file missing) O9 - 浏览器额外的“工具”菜单项：腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\qq\QQ.EXE (file missing) O16 - DPF: {88734439-46D0-42C0-A13F-7E881EE550CF} (Filetran Control) - http://www.bluesky.cn/download/filetran.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{517FD4F6-0BC3-4FD9-A255-396F31EC052A}: NameServer = 202.98.160.68 O18 - 列举现有的协议: dynascript - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINNT\system32\mshtml.dll O18 - 列举现有的协议: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O20 - Winlogon Notify: igfxcui - C:\WINNT\SYSTEM32\igfxsrvc.dll O23 - NT 服务: AVP Control Centre Service (AVPCC) - Kaspersky Labs. - d:\kbs\avpcc.exe O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - NT 服务: KAV Monitor Service (KAVMonitorService) - Kaspersky Labs. - d:\kbs\avpm.exe O23 - NT 服务: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - NT 服务: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe O23 - NT 服务: systme (systme2) - Unknown owner - C:\WINNT\system01.exe (file missing) -------------------------------- 各位救命，电脑还是重启，并且很奇怪有时并不是运行文件大多而重启，无缘无故的重启
麦田守望初生襁褓狮帖子:25 注册: 2005-02-28 来自:

BlackStone 叱咤花甲狮帖子:2616 注册: 2005-09-27 来自:	发表于： 2006-02-21 09:54 \| 短消息资料字号：小中大 5楼用Autoruns保存一个日志发上来日志保存方法:选择File->Save菜单项保存日志时注意选择Options->Hide Microsoft Entries菜单项(设置了这项后点工具栏的刷新按钮) 工具的下载、使用参考http://forum.ikaka.com/topic.asp?board=28&artid=7318038
BlackStone 叱咤花甲狮帖子:2616 注册: 2005-09-27 来自:

麦田守望初生襁褓狮帖子:25 注册: 2005-02-28 来自:	发表于： 2006-02-21 10:41 \| 只看楼主短消息资料字号：小中大 6楼谢谢老大: --------------------- PIDCPUDescriptionCompany Name 099.00 n/aHardware Interrupts n/a1.00Deferred Procedure Calls 8 192Windows NT Session ManagerMicrosoft Corporation 216Client Server Runtime ProcessMicrosoft Corporation 212Windows NT Logon ApplicationMicrosoft Corporation 264Services and Controller appMicrosoft Corporation 460Generic Host Process for Win32 ServicesMicrosoft Corporation 504Generic Host Process for Win32 ServicesMicrosoft Corporation 560Spooler SubSystem AppMicrosoft Corporation 584KL Control CentreKaspersky Labs. 604KAV Monitor main moduleKaspersky Labs. 668Microsoft? License ServerMicrosoft Corporation 732Machine Debug ManagerMicrosoft Corporation 936Remote Registry ServiceMicrosoft Corporation 988Task Scheduler EngineMicrosoft Corporation 1040Windows Management InstrumentationMicrosoft Corporation 1076Generic Host Process for Win32 ServicesMicrosoft Corporation 1096Windows NT Distributed File System ServiceMicrosoft Corporation 1120Internet 信息服务Microsoft Corporation 1536Generic Host Process for Win32 ServicesMicrosoft Corporation 276LSA Executable and Server DLL (Export Version)Microsoft Corporation 1404Windows ExplorerMicrosoft Corporation 1480Intel(R) SpeedStep(TM) technology User InterfaceIntel Corporation 1544LaunchAp MFC Application 1556HotkeyAppWistron 1568ctrlvolWistron 1576WButton MFC Application 1600KL Control CentreKaspersky Labs. 1632InstallShield Update Service SchedulerInstallShield Software Corporation 1648RealNetworks SchedulerRealNetworks, Inc. 1732Internet ExplorerMicrosoft Corporation 364Internet ExplorerMicrosoft Corporation 1664Sysinternals Process ExplorerSysinternals
麦田守望初生襁褓狮帖子:25 注册: 2005-02-28 来自:

BlackStone 叱咤花甲狮帖子:2616 注册: 2005-09-27 来自:	发表于： 2006-02-21 10:44 \| 短消息资料字号：小中大 7楼注意看贴，是autoruns不是procexp
BlackStone 叱咤花甲狮帖子:2616 注册: 2005-09-27 来自:

麦田守望初生襁褓狮帖子:25 注册: 2005-02-28 来自:	发表于： 2006-02-21 11:00 \| 只看楼主短消息资料字号：小中大 8楼谢谢老兄，没搞清楚， ---------------------- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run + AVPCCKL Control CentreKaspersky Labs.d:\kbs\avpcc.exe + CtrlVolctrlvolWistronc:\program files\launch manager\ctrlvol.exe + HotkeyAppHotkeyAppWistronc:\program files\launch manager\hotkeyapp.exe + ISUSPM StartupInstallShield Update Service Update ManagerInstallShield Software Corporationc:\program files\common files\installshield\updateservice\isuspm.exe + ISUSSchedulerInstallShield Update Service SchedulerInstallShield Software Corporationc:\program files\common files\installshield\updateservice\issch.exe + LaunchApLaunchAp MFC Applicationc:\program files\launch manager\launchap.exe + PRONoMgr.exePRONotifyMgr ModuleIntel(R) Corporationc:\program files\intel\ncs\proset\pronomgr.exe + PRPCMonitorIntel(R) SpeedStep(TM) technology User InterfaceIntel Corporationc:\winnt\system32\prpcui.exe + TkBellExeRealNetworks SchedulerRealNetworks, Inc.c:\program files\common files\real\update_ob\realsched.exe + WbuttonWButton MFC Applicationc:\program files\launch manager\wbutton.exe HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run + Winpatch AutoUpdateFile not found: C:\WINNT\system32\ope34.exe HKCU\Software\Microsoft\Windows\CurrentVersion\Run + ctfmon.exeFile not found: C:\WINNT\System32\Ctfmon.exe + internat.exeFile not found: internat.exe + NIWFile not found: C:\WINNT\NIW.exe HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved + Display Panning CPL ExtensionFile not found: deskpan.dll + HyperTerminal Icon ExtHyperTerminal Applet LibraryHilgraeve, Inc.c:\winnt\system32\hticons.dll + Shell Extensions for RealOne PlayerRealPlayer Shell ExtensionsRealNetworks, Inc.c:\program files\real\realplayer\rpshell.dll + Trojan Remover Shell ExtensionFile not found: d:\TROJAN~1\Trshlex.dll + WinRAR shell extensionc:\program files\winrar\rarext.dll HKLM\Software\Microsoft\Internet Explorer\Extensions + @shdoclc.dll,-864c:\winnt\web\related.htm + 腾讯QQFile not found: E:\qq\QQ.EXE HKLM\System\CurrentControlSet\Services + AVPCCKL Control CentreKaspersky Labs.d:\kbs\avpcc.exe + KAVMonitorServiceKAV Monitor main moduleKaspersky Labs.d:\kbs\avpm.exe HKLM\System\CurrentControlSet\Services + AgereSoftModemSoftModem Device DriverAgere Systemsc:\winnt\system32\drivers\agrsm.sys + bcm4sbe5Broadcom Corporation NDIS 5.0 ethernet driverBroadcom Corporationc:\winnt\system32\drivers\bcm4sbe5.sys + cs429xCrystal AC9x WDM DriverApplied Drivers Corporationc:\winnt\system32\drivers\cwawdm.sys + dmioNT Disk Manager I/O DriverVERITAS Software Corp.c:\winnt\system32\drivers\dmio.sys + dmloadNT Disk Manager Startup DriverVERITAS Software Corp.c:\winnt\system32\drivers\dmload.sys + hnamec:\winnt\system32\drivers\hname.sys + ialmController Hub for Intel Graphics DriverIntel Corporationc:\winnt\system32\drivers\ialmnt5.sys + Klifspuper-ptorKaspersky Labsc:\winnt\system32\drivers\klif.sys + kmsinputc:\winnt\system32\drivers\kmsinput.sys + KRegExFile not found: C:\WINNT\system32\drivers\KRegEx.sys + KSysCallFile not found: D:\KV2005\KSysCall.sys + NALIntel(R) Network Adapter Diagnostic DriverIntel Corporation c:\winnt\system32\drivers\iqvw32.sys + New0c:\winnt\system32\new.sys + npkcryptnProtect KeyCrypt DriverINCA Internet Co., Ltd.e:\qq\npkcrypt.sys + NSCIRDANSC Fast Infrared Driver.National Semiconductor Corporationc:\winnt\system32\drivers\nscirda.sys + PProtectFile not found: C:\WINNT\system32\drivers\PProtect.sys + PtilinkDirect Parallel Link DriverParallel Technologies, Inc.c:\winnt\system32\drivers\ptilink.sys + WBMSWinbond Memory Stick Card DriverWinbond Electronics Corp.c:\winnt\system32\drivers\wbms.sys + WBSDWinbond Secure Digital (SD/MMC) Storage Device DriverWinbond Electronics Corp.c:\winnt\system32\drivers\wbsd.sys + Wbuttonc:\winnt\system32\drivers\wbutton.sys + {6080A529-897E-4629-A488-ABA0C29B635E}Intel Graphics Platform (SoftBIOS) Driver for Windows 2000(R) & Windows XP(TM)Intel Corporationc:\winnt\system32\drivers\ialmsbw.sys + {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}Intel Graphics Chipset (KCH) Driver for Windows 2000(R) & Windows XP(TM)Intel Corporationc:\winnt\system32\drivers\ialmkchw.sys + {E2B953A6-195A-44F9-9BA3-3D5F4E32BB55}Ch7009 MinidriverIntel Corporationc:\winnt\system32\drivers\wa301a.sys HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify + igfxcuiigfxsrvc ModuleIntel Corporationc:\winnt\system32\igfxsrvc.dll
麦田守望初生襁褓狮帖子:25 注册: 2005-02-28 来自:

不言放弃社区嘉宾帖子:30678 注册: 2004-09-17 来自:蓝色星球	发表于： 2006-02-21 11:07 \| 短消息资料字号：小中大 9楼【回复“麦田守望”的帖子】结束C:\WINNT\system32\ope34.exe进程进入注册表搜索ope34.exe 找到后全部删除删除 C:\WINNT\system32\ope34.exe
不言放弃社区嘉宾帖子:30678 注册: 2004-09-17 来自:蓝色星球

BlackStone 叱咤花甲狮帖子:2616 注册: 2005-09-27 来自:	发表于： 2006-02-21 12:23 \| 短消息资料字号：小中大 10楼 + ISUSPM StartupInstallShield Update Service Update ManagerInstallShield Software Corporationc:\program files\common files\installshield\updateservice\isuspm.exe + ISUSSchedulerInstallShield Update Service SchedulerInstallShield Software Corporationc:\program files\common files\installshield\updateservice\issch.exe + Winpatch AutoUpdateFile not found: C:\WINNT\system32\ope34.exe 删除启动项重启 c:\program files\common files\installshield\updateservice\isuspm.exe； c:\program files\common files\installshield\updateservice\issch.exe试试
BlackStone 叱咤花甲狮帖子:2616 注册: 2005-09-27 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT