史萊姆論壇 - 查看單個文章

swwy1661 · 2008-10-04, 06:16 PM

小弟要啟動一個程式

但是每次跑到一半就會出現

Runtime erroe 216 at 01f385e

這種視窗!!按確定整個程式就關閉了!!

另外小弟前幾天用卡巴抓毒...

結果好像刪到system的東西...我有2個槽... c跟e

結果c曹整個不見了.....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 下午 06:05:43, on 2008/10/4
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\SYSTEM32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Winamp\winampa.exe
E:\WINDOWS\System32\Rundll32.exe
E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
E:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
E:\WINDOWS\System32\woauolt.exe
E:\WINDOWS\System32\npkcmsvc.exe
E:\WINDOWS\System32\nvsvc32.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\qume.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\WINDOWS\system32\mshta.exe

R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - E:\Program Files\TENCENT\SSPlus\SAddr1.dll
O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - E:\WINDOWS\System32\xunleibho_v8.dll
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - E:\Program Files\ALiBaBar\ComDlls\TDAtOnce_Now.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - E:\Program Files\TENCENT\SSPlus\SAddr1.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:\Documents and Settings\Administrator\桌面\新資料夾 (2)\jccatch.dll (file missing)
O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - E:\WINDOWS\System32\SSup.dll
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - E:\Program Files\ALiBaBar\ComDlls\xunleiBHO_Now.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: PChome Context Menu - {CCAC9B65-EE47-4164-8EB6-E35C51735831} - E:\Program Files\PChome\Uploader\dll\PChomeCustMenu.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E:\Documents and Settings\Administrator\桌面\新資料夾 (2)\getflash.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: 收音機(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Photo Downloader] "E:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Flashget] "E:\Documents and Settings\Administrator\桌面\新資料夾 (2)\FlashGet.exe" /min
O4 - HKLM\..\Run: [IMJPMIG8.1] E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] E:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [MSPY2002] E:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CJIMETIPSYNC] E:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync
O4 - HKLM\..\Run: [PHIMETIPSYNC] E:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync
O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NBKeyScan] "E:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [MxieAutoExecute] E:\PROGRA~1\mxie\mxie_waiting.exe
O4 - HKLM\..\Run: [stup.exe] Rundll32.exe E:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll,Rundll32 R
O4 - HKLM\..\Run: [pdfFactory Pro 分派器 v3] "E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Thunder] "E:\Program Files\ALiBaBar\Thunder.exe" /s
O4 - HKLM\..\Run: [361kary] E:\WINDOWS\System32\woauolt.exe
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg] E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "E:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [foxy] "E:\Program Files\Foxy\Foxy.exe" -tray
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] E:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] E:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
Files\NamiRobot\Data\du.html
O8 - Extra context menu item: &使用BitComet下載本頁視訊 - res://C:\Program Files\BitComet0.91\BitComet.exe/AddVideo.htm

Files\BitComet0.91\BitComet.exe/AddAllLink.htm
Files\BitComet0.91\BitComet.exe/AddLink.htm
Files\ALiBaBar\Program\getallurl.htm

O9 - Extra button: (no name) - Software - (no file)
O9 - Extra button: 運行迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - E:\Program Files\ALiBaBar\Thunder.exe
O9 - Extra 'Tools' menuitem: 運行迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - E:\Program Files\ALiBaBar\Thunder.exe
O9 - Extra button: 網頁防護統計 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINDOWS\web\related.htm

and Settings\123\桌面\新資料夾 (12)\QQ.EXE (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Documents and Settings\Administrator\桌面\新資料夾 (2)\FlashGet.exe (file missing)
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Documents and Settings\Administrator\桌面\新資料夾 (2)\FlashGet.exe (file missing)
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O11 - Options group: [TBH] SOSO AddressBar Search
O16 - DPF: i.Game CardGameImpress2007 - http://210.59.226.78/client/CardGame...mpress2007.cab
O16 - DPF: i.Game CChessImpress - http://210.59.226.161/client/CChessd...essImpress.cab
O16 - DPF: i.Game MJImpress2007Free - http://210.59.226.161/client/MJE/com...MJFree4210.cab
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://192.83.191.101/ScriptX/ScriptX.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - E:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {596AC026-B204-4E26-8B2B-65797BF599D0} (KENP11Crypt Class) - https://tw.playsafecard.gamania.com/FSP11CryptATL.cab
O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} - http://download.ppstream.com/bin/powerplayer.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1209389647498
O16 - DPF: {7C6E92FA-4429-4FB6-909B-798E2EFFAEF0} (NCWeb.Launcher) - http://lineage.plaync.co.kr/common/ocx/ncweb.cab
O16 - DPF: {81F3CC2E-5F40-41A5-9FCA-6DAAA6051D46} (ClientATXCtrl Control) - http://www.wayi.com.tw/gameup/ClientATXCtrl.CAB
O16 - DPF: {A22B8FD2-4CAA-4EFB-82F7-680CD656D9B0} - http://www.gogobox.com.tw/neo.fld/GNowStarter.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {C70E8BB2-849B-478E-828E-9F71729C86B2} (ATXWSM Control) - http://download.wayi.com.tw/download/WSM/ATXWSM.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://www.newseal.com.tw/common_htm...npkcx_inca.cab
O16 - DPF: {F3ED645F-2426-4001-8756-596B4F1EBF1A} (ShakeGTW Control) - http://tw.games.yahoo.com/crazy/ShakeGTW.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{33E05196-2CBD-4132-919F-E4A0F4989ADD}: NameServer = 168.95.192.1 168.95.1.1
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: GemSAFE Card Server - Unknown owner - E:\Program Files\Gemplus\GemSafe Libraries User\BIN\GCardSrvNT.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - E:\WINDOWS\System32\npkcmsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 12280 bytes

希望有大大可以幫忙解答!感恩

2008-10-04, 06:16 PM	#1
swwy1661 註冊會員榮譽勳章勳章總數0 UID - 304808 在線等級: 註冊日期: 2008-07-08 文章: 54 精華: 0 現金: 93 金幣資產: 93 金幣	開啟檔案問題小弟要啟動一個程式但是每次跑到一半就會出現 Runtime erroe 216 at 01f385e 這種視窗!!按確定整個程式就關閉了!! 另外小弟前幾天用卡巴抓毒... 結果好像刪到system的東西...我有2個槽... c跟e 結果c曹整個不見了..... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 下午 06:05:43, on 2008/10/4 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Boot mode: Normal Running processes: E:\WINDOWS\System32\smss.exe E:\WINDOWS\SYSTEM32\winlogon.exe E:\WINDOWS\system32\services.exe E:\WINDOWS\system32\lsass.exe E:\WINDOWS\system32\svchost.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\system32\spoolsv.exe E:\WINDOWS\Explorer.EXE E:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe E:\WINDOWS\SOUNDMAN.EXE E:\Program Files\Winamp\winampa.exe E:\WINDOWS\System32\Rundll32.exe E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe E:\WINDOWS\System32\ctfmon.exe E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe E:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe E:\WINDOWS\System32\woauolt.exe E:\WINDOWS\System32\npkcmsvc.exe E:\WINDOWS\System32\nvsvc32.exe E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe E:\WINDOWS\System32\svchost.exe E:\WINDOWS\qume.exe E:\Program Files\Internet Explorer\iexplore.exe E:\WINDOWS\system32\mshta.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: Tencent SearchHook - {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} - E:\Program Files\TENCENT\SSPlus\SAddr1.dll O2 - BHO: ThunderIEHelper Class - {0005A87D-D626-4B3A-84F9-1D9571695F55} - E:\WINDOWS\System32\xunleibho_v8.dll O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - E:\Program Files\ALiBaBar\ComDlls\TDAtOnce_Now.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Tencent Browser Helper - {0C7C23EF-A848-485B-873C-0ED954731014} - E:\Program Files\TENCENT\SSPlus\SAddr1.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:\Documents and Settings\Administrator\桌面\新資料夾 (2)\jccatch.dll (file missing) O2 - BHO: (no name) - {669751ED-D558-49AE-B01A-3B374CC7910E} - E:\WINDOWS\System32\SSup.dll O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - E:\Program Files\ALiBaBar\ComDlls\xunleiBHO_Now.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - e:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - E:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll O2 - BHO: PChome Context Menu - {CCAC9B65-EE47-4164-8EB6-E35C51735831} - E:\Program Files\PChome\Uploader\dll\PChomeCustMenu.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E:\Documents and Settings\Administrator\桌面\新資料夾 (2)\getflash.dll (file missing) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - e:\program files\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: 收音機(&R) - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Adobe Photo Downloader] "E:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" O4 - HKLM\..\Run: [Flashget] "E:\Documents and Settings\Administrator\桌面\新資料夾 (2)\FlashGet.exe" /min O4 - HKLM\..\Run: [IMJPMIG8.1] E:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [IMEKRMIG6.1] E:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] E:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE E:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [CJIMETIPSYNC] E:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync O4 - HKLM\..\Run: [PHIMETIPSYNC] E:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync O4 - HKLM\..\Run: [AVP] "E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" O4 - HKLM\..\Run: [WinampAgent] E:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [NBKeyScan] "E:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [MxieAutoExecute] E:\PROGRA~1\mxie\mxie_waiting.exe O4 - HKLM\..\Run: [stup.exe] Rundll32.exe E:\PROGRA~1\TENCENT\SSPlus\SPlus1.dll,Rundll32 R O4 - HKLM\..\Run: [pdfFactory Pro 分派器 v3] "E:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis3a.exe" /source=HKLM O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Thunder] "E:\Program Files\ALiBaBar\Thunder.exe" /s O4 - HKLM\..\Run: [361kary] E:\WINDOWS\System32\woauolt.exe O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\System32\ctfmon.exe O4 - HKCU\..\Run: [swg] E:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [Yahoo! Pager] "E:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - HKCU\..\Run: [foxy] "E:\Program Files\Foxy\Foxy.exe" -tray O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] E:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] E:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] E:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] E:\WINDOWS\System32\CTFMON.EXE (User 'Default user') Files\NamiRobot\Data\du.html O8 - Extra context menu item: &使用BitComet下載本頁視訊 - res://C:\Program Files\BitComet0.91\BitComet.exe/AddVideo.htm Files\BitComet0.91\BitComet.exe/AddAllLink.htm Files\BitComet0.91\BitComet.exe/AddLink.htm Files\ALiBaBar\Program\getallurl.htm O9 - Extra button: (no name) - Software - (no file) O9 - Extra button: 運行迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - E:\Program Files\ALiBaBar\Thunder.exe O9 - Extra 'Tools' menuitem: 運行迅雷5 - {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} - E:\Program Files\ALiBaBar\Thunder.exe O9 - Extra button: 網頁防護統計 - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - E:\WINDOWS\web\related.htm and Settings\123\桌面\新資料夾 (12)\QQ.EXE (file missing) O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Documents and Settings\Administrator\桌面\新資料夾 (2)\FlashGet.exe (file missing) O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\Documents and Settings\Administrator\桌面\新資料夾 (2)\FlashGet.exe (file missing) O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll O11 - Options group: [TBH] SOSO AddressBar Search O16 - DPF: i.Game CardGameImpress2007 - http://210.59.226.78/client/CardGame...mpress2007.cab O16 - DPF: i.Game CChessImpress - http://210.59.226.161/client/CChessd...essImpress.cab O16 - DPF: i.Game MJImpress2007Free - http://210.59.226.161/client/MJE/com...MJFree4210.cab O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://192.83.191.101/ScriptX/ScriptX.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - E:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {596AC026-B204-4E26-8B2B-65797BF599D0} (KENP11Crypt Class) - https://tw.playsafecard.gamania.com/FSP11CryptATL.cab O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} - http://download.ppstream.com/bin/powerplayer.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1209389647498 O16 - DPF: {7C6E92FA-4429-4FB6-909B-798E2EFFAEF0} (NCWeb.Launcher) - http://lineage.plaync.co.kr/common/ocx/ncweb.cab O16 - DPF: {81F3CC2E-5F40-41A5-9FCA-6DAAA6051D46} (ClientATXCtrl Control) - http://www.wayi.com.tw/gameup/ClientATXCtrl.CAB O16 - DPF: {A22B8FD2-4CAA-4EFB-82F7-680CD656D9B0} - http://www.gogobox.com.tw/neo.fld/GNowStarter.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab O16 - DPF: {C70E8BB2-849B-478E-828E-9F71729C86B2} (ATXWSM Control) - http://download.wayi.com.tw/download/WSM/ATXWSM.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} (NPKCX Control) - http://www.newseal.com.tw/common_htm...npkcx_inca.cab O16 - DPF: {F3ED645F-2426-4001-8756-596B4F1EBF1A} (ShakeGTW Control) - http://tw.games.yahoo.com/crazy/ShakeGTW.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{33E05196-2CBD-4132-919F-E4A0F4989ADD}: NameServer = 168.95.192.1 168.95.1.1 O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - E:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe O23 - Service: GemSAFE Card Server - Unknown owner - E:\Program Files\Gemplus\GemSafe Libraries User\BIN\GCardSrvNT.exe O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: npkcmsvc - INCA Internet Co., Ltd. - E:\WINDOWS\System32\npkcmsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\System32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe -- End of file - 12280 bytes 希望有大大可以幫忙解答!感恩

	送花文章: 25, 收花文章: 3 篇, 收花: 3 次