瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 电脑不正常好久了,瑞星杀也杀不完,不能打开文档 TXT文件,有日志,求救

1   1  /  1  页   跳转

电脑不正常好久了,瑞星杀也杀不完,不能打开文档 TXT文件,有日志,求救

收藏
带毒上网
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2006-09-12
  • 来自:
发表于: 2006-10-12 10:29 | 只看楼主 短消息 资料
字号: 1楼

电脑不正常好久了,瑞星杀也杀不完,不能打开文档 TXT文件,有日志,求救

2006-10-12,10:06:55

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><ctfmon.exe>  [Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <rx><E:\WINNT\system32\explore.exe>  []
    <wm><E:\WINNT\system32\grtosts.exe>  []
    <wow><E:\WINNT\system32\Launcher.exe>  []
    <zz><E:\WINNT\system32\intenet.exe>  []
    <wl><E:\WINNT\system32\svvosts.exe>  []
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
    <run><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"E:\Program Files\Rising\Rav\RavTask.exe" -system>  [Beijing Rising Technology Co., Ltd.]
    <CdnCtr><E:\Program Files\CNNIC\Cdn\cdnup.exe>  []
    <Synchronization Manager><mobsync.exe /logon>  []
    <IMSCMig><E:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [Microsoft Corporation]
    <Tray><E:\WINNT\command\rundll32.exe>  []
    <Ljx><E:\WINNT\inf\rundll32.exe>  []
    <RavUpes><E:\WINNT\system32\agetltfes.exe>  []
    <realtpsk><E:\WINNT\system\realsched.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <Super Rabbit Winspeed><"D:\Program Files\Super Rabbit\MagicSet\winspeed.exe" /autokill:163,161,100,90,86,5>  [Super Rabbit Soft]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><EXPLORER.EXE>  [Microsoft Corporation]
    <Userinit><userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []

==================================
启动文件夹
服务
[Adobe LM Service / Adobe LM Service]
  <"E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Logical Disk Manager Administrative Service / dmadmin]
  <E:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[HDCK Client / HDCK]
  <><N/A>
[KSD2Service / KSD2Service]
  <E:\WINNT\system32\WINL0GON.exe><N/A>
[Network IPSEC Connections / MouTALS]
  <E:\WINNT\SYSTEM32\RUNDLL.EXE E:\WINNT\SYSTEM32\WBEM\SMTPCONFS.DLL,Export 1087><N/A>
[ninetowns_iCSP_sm / ninetowns_iCSP_sm]
  <><N/A>
[nvidGUIv / nvidGUIv2]
  <><N/A>
[Rising Process Communication Center / RsCCenter]
  <"E:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"E:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <E:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[google bar]
  {607E95A1-8F89-4343-B9BC-2EFC2B291BB4} <E:\WINNT\system32\googlebar.dll, Google Inc.>
[BrowserProxy4]
  {BCF4D74B-E6BD-4C8F-83D7-90D6439705B9} <E:\WINNT\system32\AlxTbl.dll,  Alexa Internet>
[CdnForIE Class]
  {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} <E:\PROGRA~1\CNNIC\Cdn\cdnforie.dll, CNNIC>
[雅虎WIDGET]
  {6354ABE6-05F1-49ed-B850-E423120EC338} <http://cn.widget.yahoo.com/index.htm?source=Cns, N/A>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <, N/A>
[@msdxmLC.dll,-1@2052,电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <E:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[SearchCar]
  {BD328E49-38AB-42CB-8EEA-73AA4CD2A6FD} <E:\Program Files\SearchCar\tbu03346\SearchCar.dll, IE Toolbar>
[AxInputControl Class]
  {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <E:\WINNT\DOWNLO~1\INPUTC~1.DLL, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <E:\WINNT\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[导出到 Microsoft Office Excel(&X)]
  <res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
  <, N/A>
[添加到QQ表情]
  <, N/A>
[用QQ彩信发送该图片]
  <, N/A>
最后编辑2006-10-12 11:59:46
分享到:
gototop
 
带毒上网
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2006-09-12
  • 来自:
发表于: 2006-10-12 10:29 | 只看楼主 短消息 资料
字号: 2楼

==================================
正在运行的进程
[PID: 168][\??\E:\WINNT\system32\csrss.exe]  <Microsoft Corporation><5.00.2195.6601>
[PID: 164][\??\E:\WINNT\system32\winlogon.exe]  <Microsoft Corporation><5.00.2195.6898>
    [E:\WINNT\KB75976M.LOG]  <N/A><N/A>
[PID: 224][E:\WINNT\system32\services.exe]  <Microsoft Corporation><5.00.2195.6700>
    [E:\WINNT\KB75976M.LOG]  <N/A><N/A>
    [E:\WINNT\system32\dmserver.dll]  <VERITAS Software Corp.><2195.6605.297.3>
[PID: 236][E:\WINNT\system32\lsass.exe]  <Microsoft Corporation><5.00.2195.6902>
    [E:\WINNT\KB75976M.LOG]  <N/A><N/A>
[PID: 452][E:\Program Files\Rising\Rav\CCenter.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
    [E:\WINNT\KB75976M.LOG]  <N/A><N/A>
[PID: 596][E:\WINNT\system32\WINL0GON.exe]  <N/A><N/A>
    [E:\WINNT\KB75976M.LOG]  <N/A><N/A>
[PID: 660][E:\WINNT\SYSTEM32\RUNDLL.EXE]  <Microsoft Corporation><5.00.2134.1>
    [E:\WINNT\KB75976M.LOG]  <N/A><N/A>
[PID: 784][E:\WINNT\system32\MSTask.exe]  <Microsoft Corporation><4.71.2195.6704>
[PID: 972][E:\WINNT\system32\server.exe]  <Microsoft Corporation><5, 1, 2600, 2180>
[PID: 1048][E:\WINNT\System32\WBEM\WinMgmt.exe]  <Microsoft Corporation><1.50.1085.0100>
[PID: 1072][C:\Program Files\FalconStor\WORMLock\wormservice.exe]  <N/A><N/A>
    [C:\Program Files\FalconStor\WORMLock\WormDll.dll]  <N/A><N/A>
[PID: 1208][E:\WINNT\Explorer.EXE]  <Microsoft Corporation><5.00.3700.6690>
    [E:\Program Files\CNNIC\Cdn\imaoe.dll]  <CNNIC><2, 2, 0, 1>
    [E:\Program Files\CNNIC\Cdn\cdnforie.dll]  <CNNIC><2, 0, 0, 6>
    [E:\Program Files\CNNIC\Cdn\cdndet.dll]  <CNNIC><2, 4, 0, 3>
    [E:\WINNT\system32\jxdll.dll]  <N/A><N/A>
    [E:\WINNT\system32\mywow.dll]  <N/A><N/A>
    [E:\WINNT\system32\mywl.dll]  <N/A><N/A>
    [E:\WINNT\system32\mywm.dLL]  <N/A><N/A>
    [E:\WINNT\system32\myrx.dll]  <N/A><N/A>
    [E:\Program Files\Rising\Rav\RavScrCh.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [E:\WINNT\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [E:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\WINNT\system32\igfxpph.dll]  <Intel Corporation><3,0,0,2082>
    [E:\WINNT\system32\hccutils.DLL]  <Intel Corporation><3,0,0,2082>
    [E:\WINNT\system32\igfxres.dll]  <Intel Corporation><3,0,0,2082>
    [E:\WINNT\system32\igfxsrvc.dll]  <Intel Corporation><3,0,0,2082>
    [E:\WINNT\system32\igfxdev.dll]  <Intel Corporation><3,0,0,2082>
    [E:\WINNT\Dll.dll]  <N/A><N/A>
    [E:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll]  <Adobe Systems, Inc.><7.0.0.0>
[PID: 1224][E:\Program Files\CNNIC\Cdn\cdnup.exe]  <><2, 4, 0, 10>
    [E:\Program Files\CNNIC\Cdn\cdndet.dll]  <CNNIC><2, 4, 0, 3>
    [E:\Program Files\CNNIC\Cdn\cdnforie.dll]  <CNNIC><2, 0, 0, 6>
    [E:\Program Files\CNNIC\Cdn\imaoe.dll]  <CNNIC><2, 2, 0, 1>
[PID: 1084][E:\Program Files\Rising\Rav\RavTask.exe]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 22>
    [E:\WINNT\KB75976M.LOG]  <N/A><N/A>
    [E:\Program Files\Rising\Rav\RSCOMMON.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
    [E:\Program Files\Rising\Rav\RSAPPMGR.DLL]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
    [E:\Program Files\Rising\Rav\CfgDll.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
    [E:\Program Files\Rising\Rav\RsCommX.dll]  <rising><18, 0, 0, 1>
    [E:\Program Files\CNNIC\Cdn\imaoe.dll]  <CNNIC><2, 2, 0, 1>
    [E:\Program Files\CNNIC\Cdn\cdnforie.dll]  <CNNIC><2, 0, 0, 6>
    [E:\Program Files\CNNIC\Cdn\cdndet.dll]  <CNNIC><2, 4, 0, 3>
[PID: 896][E:\WINNT\system32\conime.exe]  <Microsoft Corporation><5.00.2195.6655>
    [E:\WINNT\KB75976M.LOG]  <N/A><N/A>
    [E:\Program Files\CNNIC\Cdn\imaoe.dll]  <CNNIC><2, 2, 0, 1>
    [E:\Program Files\CNNIC\Cdn\cdnforie.dll]  <CNNIC><2, 0, 0, 6>
    [E:\Program Files\CNNIC\Cdn\cdndet.dll]  <CNNIC><2, 4, 0, 3>
[PID: 1372][E:\WINNT\csrss.exe]  <Microsoft Corporation><5.01.2600>
    [E:\WINNT\KB75976M.LOG]  <N/A><N/A>
    [E:\Program Files\CNNIC\Cdn\imaoe.dll]  <CNNIC><2, 2, 0, 1>
    [E:\Program Files\CNNIC\Cdn\cdnforie.dll]  <CNNIC><2, 0, 0, 6>
    [E:\Program Files\CNNIC\Cdn\cdndet.dll]  <CNNIC><2, 4, 0, 3>
[PID: 852][E:\WINNT\system32\ctfmon.exe]  <Microsoft Corporation><1.00.2409.34 built by: Lab06_N>
    [E:\WINNT\KB75976M.LOG]  <N/A><N/A>
    [E:\Program Files\CNNIC\Cdn\imaoe.dll]  <CNNIC><2, 2, 0, 1>
    [E:\Program Files\CNNIC\Cdn\cdnforie.dll]  <CNNIC><2, 0, 0, 6>
    [E:\Program Files\CNNIC\Cdn\cdndet.dll]  <CNNIC><2, 4, 0, 3>
    [E:\WINNT\system32\jxdll.dll]  <N/A><N/A>
[PID: 1112][E:\WINNT\system32\ntsd.exe]  <Microsoft Corporation><5.00.2184.1>
[PID: 1708][E:\WINNT\system32\ntsd.exe]  <Microsoft Corporation><5.00.2184.1>
[PID: 3484][E:\WINNT\system32\ntsd.exe]  <Microsoft Corporation><5.00.2184.1>
[PID: 1104][E:\WINNT\system32\ntsd.exe]  <Microsoft Corporation><5.00.2184.1>
[PID: 5592][E:\WINNT\system32\ntsd.exe]  <Microsoft Corporation><5.00.2184.1>
[PID: 3116][E:\WINNT\system32\ntsd.exe]  <Microsoft Corporation><5.00.2184.1>
[PID: 944][E:\WINNT\system32\ntsd.exe]  <Microsoft Corporation><5.00.2184.1>
[PID: 5784][E:\WINNT\Logo1_.exe]  <><1.0.0.0>
    [E:\Program Files\CNNIC\Cdn\imaoe.dll]  <CNNIC><2, 2, 0, 1>
    [E:\Program Files\CNNIC\Cdn\cdnforie.dll]  <CNNIC><2, 0, 0, 6>
    [E:\Program Files\CNNIC\Cdn\cdndet.dll]  <CNNIC><2, 4, 0, 3>
[PID: 764][E:\Program Files\WinRAR\WinRAR.exe]  <N/A><N/A>
    [E:\Program Files\CNNIC\Cdn\imaoe.dll]  <CNNIC><2, 2, 0, 1>
    [E:\Program Files\CNNIC\Cdn\cdnforie.dll]  <CNNIC><2, 0, 0, 6>
    [E:\Program Files\CNNIC\Cdn\cdndet.dll]  <CNNIC><2, 4, 0, 3>
    [E:\WINNT\system32\jxdll.dll]  <N/A><N/A>
[PID: 880][E:\Program Files\WinRAR\WinRAR.exe]  <N/A><N/A>
    [E:\Program Files\CNNIC\Cdn\imaoe.dll]  <CNNIC><2, 2, 0, 1>
    [E:\Program Files\CNNIC\Cdn\cdnforie.dll]  <CNNIC><2, 0, 0, 6>
    [E:\Program Files\CNNIC\Cdn\cdndet.dll]  <CNNIC><2, 4, 0, 3>
    [E:\WINNT\system32\jxdll.dll]  <N/A><N/A>
[PID: 3416][E:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.047\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [E:\Program Files\CNNIC\Cdn\imaoe.dll]  <CNNIC><2, 2, 0, 1>
    [E:\Program Files\CNNIC\Cdn\cdnforie.dll]  <CNNIC><2, 0, 0, 6>
    [E:\Program Files\CNNIC\Cdn\cdndet.dll]  <CNNIC><2, 4, 0, 3>
    [E:\WINNT\system32\jxdll.dll]  <N/A><N/A>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["E:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================
gototop
 
带毒上网
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2006-09-12
  • 来自:
发表于: 2006-10-12 10:30 | 只看楼主 短消息 资料
字号: 3楼

HijackThis_zww汉化版扫描日志 V1.99.1
保存于      10:06:21, 日期 2006-10-12
操作系统:  Windows 2000 SP4 (WinNT 5.00.2195)
浏览器:    Internet Explorer v6.00 (6.00.2462.0000)

当前运行的进程:         
E:\WINNT\system32\csrss.exe
E:\WINNT\system32\winlogon.exe
E:\WINNT\system32\services.exe
E:\WINNT\system32\lsass.exe
E:\Program Files\Rising\Rav\CCenter.exe
E:\WINNT\system32\WINL0GON.exe
E:\WINNT\SYSTEM32\RUNDLL.EXE
E:\WINNT\system32\MSTask.exe
E:\WINNT\system32\server.exe
E:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\FalconStor\WORMLock\wormservice.exe
E:\WINNT\Explorer.EXE
E:\Program Files\CNNIC\Cdn\cdnup.exe
E:\Program Files\Rising\Rav\RavTask.exe
E:\WINNT\system32\conime.exe
E:\WINNT\inf\rundll32.exe
E:\WINNT\csrss.exe
E:\WINNT\system32\ctfmon.exe
E:\WINNT\system32\ntsd.exe
E:\WINNT\system32\ntsd.exe
E:\WINNT\system32\ntsd.exe
E:\WINNT\system32\ntsd.exe
E:\WINNT\system32\ntsd.exe
E:\WINNT\system32\ntsd.exe
E:\WINNT\system32\ntsd.exe
E:\WINNT\Logo1_.exe
E:\Program Files\WinRAR\WinRAR.exe
E:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.359\HijackThis1991zww.exe

R3 - URLSearchHook: SearchCar - {BD328E49-38AB-42CB-8EEA-73AA4CD2A6FD} - E:\Program Files\SearchCar\tbu03346\SearchCar.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: 59.34.197.239 www.baidu.com
O1 - Hosts: 59.34.197.239 baidu.com
O1 - Hosts: 59.34.197.239 www.sohu.com
O1 - Hosts: 59.34.197.239 sohu.com
O1 - Hosts: 59.34.197.239 www.sina.com
O1 - Hosts: 59.34.197.239 sina.com
O1 - Hosts: 59.34.197.239 www.sina.com.cn
O1 - Hosts: 59.34.197.239 sina.com.cn
O1 - Hosts: 59.34.197.239 www.163.com
O1 - Hosts: 59.34.197.239 163.com
O1 - Hosts: 59.34.197.239 www.google.com
O1 - Hosts: 59.34.197.239 google.com
O1 - Hosts: 59.34.197.239 www.qq.com
O1 - Hosts: 59.34.197.239 qq.com
O1 - Hosts: 59.34.197.239 www.hao123.com
O1 - Hosts: 59.34.197.239 hao123.com
O1 - Hosts: 59.34.197.239 ttlttt.com
O1 - Hosts: 59.34.197.239 www.ddspn.com
O1 - Hosts: 203.171.236.215 www.17173.com
O1 - Hosts: 203.171.236.215 www.wowchina.com
O1 - Hosts: 203.171.236.215 www.ztgame.com.cn
O1 - Hosts: 203.171.236.215 rxjh.17game.com
O1 - Hosts: 203.171.236.215 www.17game.com
O1 - Hosts: 203.171.236.215 www.kd171.cn
O1 - Hosts: 203.171.236.215 www.72g.com
O1 - Hosts: 203.171.236.215 www.muchina.com
O1 - Hosts: 203.171.236.215 xyq.163.com
O1 - Hosts: 203.171.236.215 xy2.163.com
O1 - Hosts: 203.171.236.215 www.the9.com
O1 - Hosts: 203.171.236.215 www.5173.com
O1 - Hosts: 203.171.236.215 www.tkgame.com
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - E:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O2 - BHO: google bar  - {607E95A1-8F89-4343-B9BC-2EFC2B291BB4} - E:\WINNT\system32\googlebar.dll
O2 - BHO: BrowserProxy4  - {BCF4D74B-E6BD-4C8F-83D7-90D6439705B9} - E:\WINNT\system32\AlxTbl.dll
O3 - IE工具栏增项: @msdxmLC.dll,-1@2052,电台(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINNT\system32\msdxm.ocx
O3 - IE工具栏增项: SearchCar - {BD328E49-38AB-42CB-8EEA-73AA4CD2A6FD} - E:\Program Files\SearchCar\tbu03346\SearchCar.dll
O4 - 启动项HKLM\\Run: [RavTask] "E:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 启动项HKLM\\Run: [CdnCtr] E:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - 启动项HKLM\\Run: [Synchronization Manager] mobsync.exe /logon
O4 - 启动项HKLM\\Run: [IMSCMig] E:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 启动项HKLM\\Run: [Tray] E:\WINNT\command\rundll32.exe
O4 - 启动项HKLM\\Run: [Ljx] E:\WINNT\inf\rundll32.exe
O4 - 启动项HKLM\\Run: [RavUpes] E:\WINNT\system32\agetltfes.exe
O4 - 启动项HKLM\\Run: [realtpsk] E:\WINNT\system\realsched.exe
O4 - 启动项HKLM\\RunOnce: [Super Rabbit Winspeed] "D:\Program Files\Super Rabbit\MagicSet\winspeed.exe" /autokill:163,161,100,90,86,5
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O8 - IE右键菜单中的新增项目: 导出到 Microsoft Office Excel(&X) - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - 浏览器额外的按钮: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - E:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - 浏览器额外的“工具”菜单项: 中文上网 - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - E:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - 浏览器额外的按钮: 雅虎WIDGET - {6354ABE6-05F1-49ed-B850-E423120EC338} - http://cn.widget.yahoo.com/index.htm?source=Cns (file missing)
O9 - 浏览器额外的按钮: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - 浏览器额外的按钮: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINNT\web\related.htm
O9 - 浏览器额外的“工具”菜单项: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINNT\web\related.htm
O9 - 浏览器额外的按钮: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\WINNT\system32\shdocvw.dll
O9 - 浏览器额外的“工具”菜单项: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - E:\WINNT\system32\shdocvw.dll
O11 - Options group: [CDNCLIENT]  中文上网
O16 - DPF: {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} (AxInputControl Class) - https://mybank.icbc.com.cn/icbc/perbank/AXSafeControls.cab
O20 - Winlogon Notify: igfxcui - E:\WINNT\SYSTEM32\igfxsrvc.dll
O23 - NT 服务: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - NT 服务: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - E:\WINNT\System32\dmadmin.exe
O23 - NT 服务: KSD2Service - Unknown owner - E:\WINNT\system32\WINL0GON.exe
O23 - NT 服务: Rising Process Communication Center (RsCCenter) - Beijing Rising Technology Co., Ltd. - E:\Program Files\Rising\Rav\CCenter.exe
O23 - NT 服务: RsRavMon Service (RsRavMon) - Beijing Rising Technology Co., Ltd. - E:\Program Files\Rising\Rav\Ravmond.exe
O23 - NT 服务: WORMLock Service (WORMService) - Unknown owner - C:\Program Files\FalconStor\WORMLock\wormservice.exe
gototop
 
带毒上网
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2006-09-12
  • 来自:
发表于: 2006-10-12 10:39 | 只看楼主 短消息 资料
字号: 4楼

乱七八遭的东西好多啊
gototop
 
带毒上网
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2006-09-12
  • 来自:
发表于: 2006-10-12 10:55 | 只看楼主 短消息 资料
字号: 5楼

高手都吃饭去了吗?

要不我请算了啊
gototop
 
我有好办法
头像
初生襁褓狮
  • 帖子:14
  • 注册: 2006-10-12
  • 来自:
发表于: 2006-10-12 11:02 | 短消息 资料
字号: 6楼

做一张最新的DOS杀毒盘试一下吧,再不行建议把硬盘全格一遍,估计其他盘都受感染了
gototop
 
带毒上网
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2006-09-12
  • 来自:
发表于: 2006-10-12 11:07 | 只看楼主 短消息 资料
字号: 7楼

能 从装的话 就好了

因为电脑不能重装 所以才急啊
gototop
 
带毒上网
头像
初生襁褓狮
  • 帖子:24
  • 注册: 2006-09-12
  • 来自:
发表于: 2006-10-12 12:08 | 只看楼主 短消息 资料
字号: 8楼

高手来啊
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT