Kannushi Link 11 發表於 September 17, 2007 檢舉 Share 發表於 September 17, 2007 我爸的電腦最近怪怪的...他說他的電腦在開機後會跑出自動關機的對話框(1分鐘)然後電腦時間被調成2005年(不過月和日沒有錯,只是年份被改,例如今天是2007/9/17,那電腦的時鐘就被改成2005/9/17)然後如果用Ctrl+Alt+Del開工作管理員的話會直接當機...不過我還是用別的方法拍到了剛開機時執行程式的清單...我想請問這是中什麼病毒? 因為那台電腦現在不能開任何掃毒程式或救援程式...其他程式的話則會很lag...PS:再說一次,是我爸的電腦中毒,不是我的電腦中毒 鏈接文章 分享到其他網站
Kannushi Link 11 發表於 September 17, 2007 作者 檢舉 Share 發表於 September 17, 2007 "一分鐘倒數,關機"<-----疾風病毒吧!?執行程式清單和系統資料夾都找不到MSBlast.exe...所以可能不是...|||不過話說n**********k.exe是做什麼用的...每次重開機檔名都不一樣... 鏈接文章 分享到其他網站
Kannushi Link 11 發表於 September 17, 2007 作者 檢舉 Share 發表於 September 17, 2007 用HijackThis查的......------Logfile of HijackThis v1.99.1Scan saved at 下午 09:44:31, on 2005/9/17Platform: Windows XP SP1 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)Running processes:C:\WINNT\System32\smss.exeC:\WINNT\system32\winlogon.exeC:\WINNT\system32\services.exeC:\WINNT\system32\lsass.exeC:\WINNT\system32\svchost.exeC:\WINNT\system32\svchost.exeC:\WINNT\Explorer.EXEC:\WINNT\System32\ctfmon.exeC:\HijackThis.exeR3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dllO2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dllO2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO2 - BHO: GetIE Helper - {BDEEE1B1-8B25-42BE-9925-1E0228C27126} - C:\WINNT\system32\GetIEBrowser.dllO3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dllO3 - Toolbar: Dr.eye WebPage Translation - {92B255FE-94E2-4BCA-958D-3926CE38913F} - C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIEBar.dllO3 - Toolbar: 收音機(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocxO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINNT\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32O4 - HKLM\..\Run: [RemoteControl] C:\WINNT\System32\rmctrl.exeO4 - HKLM\..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\GUI.exeO4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exeO4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.ExeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInitO4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Internet Security 6.0\Kaspersky Internet Security 6.0\avp.exe"O4 - HKLM\..\Run: [PHIMETIPSYNC] C:\Program Files\Common Files\Microsoft Shared\IME\IMTC60\Phonetic\TINTLCFG.EXE /PHIMETIPSyncO4 - HKCU\..\Run: [ctfmon.exe] C:\WINNT\System32\ctfmon.exeO4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimizedO4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exeO4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"O4 - HKCU\..\Run: [KKBOX Tray Icon] C:\Program Files\KKBOX\KKBOX_Tray.exeO4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quietO8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Google 搜尋(&G) - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: 匯出至 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: 反向連結 - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: 網頁的快取快照 - res://c:\program files\google\GoogleToolbar2.dll/cmcache.htmlO8 - Extra context menu item: 翻譯英文字詞(&T) - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.htmlO8 - Extra context menu item: 類似網頁 - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.htmlO9 - Extra button: 網頁 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Internet Security 6.0\Kaspersky Internet Security 6.0\scieplugin.dllO9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dllO9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dllO9 - Extra 'Tools' menuitem: 建立行動最愛... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dllO9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\common\yhexbmestw.dllO9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:\PROGRA~1\Yahoo!\common\yhexbmestw.dllO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htmO9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htmO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXEO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXEO10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dllO15 - Trusted Zone: http://www.moda.com.twO15 - Trusted Zone: http://www.moda.com.twO16 - DPF: {1ED48504-8834-11D5-AC75-0008C73FD642} - file://C:\PTC\proeWildfire 2.0\i486_nt\obj\pvx_install.exeO18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLLO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLLO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - AppInit_DLLs: "C:\PROGRA~1\KASPER~1.0\KASPER~1.0\adialhk.dll"O20 - Winlogon Notify: klogon - C:\WINNT\System32\klogon.dllO23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exeO23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Internet Security 6.0\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)O23 - Service: FLEXlm server for PTC - Macrovision Corporation - C:\PTC\flexnet\i486_nt\obj\lmgrd.exeO23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exeO23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2 Pro\nlsvc.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exeO23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\Sptisrv.exeO23 - Service: WinTab Service (WinTabService) - Unknown owner - C:\WINNT\System32\Drivers\WTSRV.EXE 鏈接文章 分享到其他網站
Kannushi Link 11 發表於 September 18, 2007 作者 檢舉 Share 發表於 September 18, 2007 重灌不是比較快?那部電腦裡面有防毒程式嗎?我爸說他電腦裝的是過期的卡巴斯基= ="------*Problem solved*http://hi.baidu.com/ganyao/blog/item/b790c354eb01865bd0090662.html 鏈接文章 分享到其他網站
Recommended Posts
請登入後來留意見
在登入之後,您才能留意見
立即登入