|
|
北大电脑病毒讨论区- 减少病毒入侵电脑的机会 - 第6页#133
[复制链接]
|
|
|
发表于 26-10-2007 07:58 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 26-10-2007 08:43 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 26-10-2007 08:45 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
发表于 27-10-2007 03:24 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
发表于 27-10-2007 11:50 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
发表于 28-10-2007 01:01 AM
|
显示全部楼层
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbload.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Sogou PXP\p2psvr.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Downloads\RRT.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Orbitdownloader\orbitdm.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Orbitdownloader\orbitnet.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\RUNDLL32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\RUNDLL32.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\POIYEE~1\LOCALS~1\Temp\Rar$EX00.500\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://i.sogou.com/goto?v=tb2
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://bar.baidu.com/sobar/defaultsearch.html
R3 - URLSearchHook: (no name) - {982CB676-38F0-4D9A-BB72-D9371ABE876E} - (no file)
R3 - URLSearchHook: SgUrlSearHook Class - {BAB1AC41-6FF7-4F2E-A04E-5C592CCFEA7D} - C:\WINDOWS\system32\socul.dll
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\system32\JambanMu.com"
F3 - REG:win.ini: load=Flash.10.exe
O2 - BHO: WebThunderBHO - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SohuDAIEHelper - {0CA51D02-7739-43EA-8D9A-1E8AD4327B03} - C:\Program Files\P4P\sodaie.dll
O2 - BHO: BandIE Class - {77FEF28E-EB96-44FF-B511-3185DEA48697} - C:\PROGRA~1\baidu\bar\baidubar.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: °Ù¶È³¬¼¶ËÑ°Ô - {B580CF65-E151-49C3-B73F-70B13FCA8E86} - C:\PROGRA~1\baidu\bar\baidubar.dll
O3 - Toolbar: Ëѹ·¹¤¾ßÌõ - {DBBB7978-AF21-4EF4-9AD1-B2F4BC75696C} - C:\Program Files\P4P\ToolBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [RRT-Auto] C:\Downloads\RRT.exe auto
O4 - HKCU\..\Run: [CursorXP] "C:\Program Files\CursorXP\CursorXP.exe" -s
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: ·¢ËÍͼƬµ½ÊÖ»ú - C:\Program Files\P4P\cx.htm
O8 - Extra context menu item: ʹÓÃWebѸÀ×ÏÂÔØ - C:\Program Files\Thunder Network\WebThunder\GetUrl.htm
O8 - Extra context menu item: ʹÓÃWebѸÀ×ÏÂÔØÈ«²¿Á´½Ó - C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm
O8 - Extra context menu item: ʹÓÃËѹ·Ö±Í¨³µÏÂÔØ - C:\Program Files\P4P\dl.htm
O8 - Extra context menu item: Ìí¼Óµ½¡°ÎҵĶ©ÔÄ¡± - C:\Program Files\P4P\rss.htm
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: ÎҵĶ©ÔÄ - {8755CE6E-0BF7-4441-8751-FB728941B0B4} - C:\Program Files\P4P\rss.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Æô¶¯WebѸÀ× - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra 'Tools' menuitem: Æô¶¯WebѸÀ× - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - http://my.xunlei.com (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng ... webscan_unicode.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\SoDAHK.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WB - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\fastload.dll
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: P4P Service - Sohu.com Inc. - C:\Program Files\Common Files\Sogou PXP\p2psvr.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
、这是我的log file...
谢谢 |
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 28-10-2007 09:08 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
发表于 29-10-2007 02:46 AM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 29-10-2007 12:25 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
发表于 29-10-2007 07:51 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 30-10-2007 01:55 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
发表于 8-11-2007 11:42 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
发表于 9-11-2007 10:11 PM
|
显示全部楼层
现在是不能hidden file了。。。。
一直选dont show hidden file后,关掉之后还是会跑出system file |
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 13-11-2007 01:22 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 13-11-2007 01:24 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
发表于 13-11-2007 02:09 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
发表于 13-11-2007 11:58 PM
|
显示全部楼层
|
我的电脑local hardisk d,e,f 多了个"打开"字眼。。然后double click 时不能直接开,会出view by .... 的.请问怎么办..有写bsr file missing de ... |
|
|
|
|
|
|
|
|
|
|
|
发表于 14-11-2007 04:48 PM
|
显示全部楼层
NgSzeYin2005学长,你的电脑知识真好!
我这个电脑白痴,希望能认识到你,跟你学多一些电脑知识。
希望能认识你!我也是住yab,今年sem1。 |
|
|
|
|
|
|
|
|
|
|
|
楼主 |
发表于 14-11-2007 07:21 PM
|
显示全部楼层
|
|
|
|
|
|
|
|
|
|
|
发表于 14-11-2007 10:32 PM
|
显示全部楼层
原帖由 愉心 于 14-11-2007 04:48 PM 发表 
NgSzeYin2005学长,你的电脑知识真好!
我这个电脑白痴,希望能认识到你,跟你学多一些电脑知识。
希望能认识你!我也是住yab,今年sem1。
他很帅的咯,他是抓虫王也是佳礼王子。。。认识他你的电脑100%没毒! |
|
|
|
|
|
|
|
|
|
| |
 本周最热论坛帖子
|
1097 
121
