求助 - 這兩個程式是什麼呢.可否刪除.....

meng2009 · 2008-08-22, 09:59 PM

你好.我部電腦內....c/windows 內有兩個程式.經常彈出.被我的防火牆攔截.我在第二部電腦內看無這兩個程式.這兩個程式是什麼呢...看圖..請指教......可否刪除.....
http://inspic.com/3C5D1AAC

atie · 2008-08-22, 10:31 PM

這個的話九成是病毒

請詳見
http://forum.slime.com.tw/thread208952.html

meng2009 · 2008-08-23, 09:31 PM

Trend Micro™ HijackThis™ v2.02 的報告如下..........

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 上午 10:22:20, on 2008/8/23
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec AntiVirus\DefWatch.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\PROGRA~1\SYMANT~1\VPTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINPENJR\win32\pphidpad.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\apple.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\install.exe
C:\WINDOWS\itune.exe
C:\Program Files\windows.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\user\桌面\HiJackThis--分析及修復登錄檔中有問題報告.exe

R3 - URLSearchHook: Yahoo!奇摩捷徑列 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\迅雷\Thunder\ComDlls\TDAtOnce_Now.dll (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\迅雷\Thunder\ComDlls\xunleiBHO_Now.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Dr.eye WebPage Translation - {92B255FE-94E2-4BCA-958D-3926CE38913F} - C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIEBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo!奇摩捷徑列 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [PPHIDPAD] C:\WINPENJR\win32\pphidpad.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Ashampoo FireWall] "C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" -TRAY
O4 - HKLM\..\Run: [apple] C:\WINDOWS\apple.exe
O4 - HKLM\..\Run: [sdfda64abc64] C:\\install.exe
O4 - HKLM\..\Run: [Windows] C:\WINDOWS\itune.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &全部使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Foxy 下載 - res://C:\Program Files\Foxy\Foxy.exe/download.htm
O8 - Extra context menu item: Foxy 搜尋 - res://C:\Program Files\Foxy\Foxy.exe/search.htm
O8 - Extra context menu item: 使用迅雷下載 - C:\迅雷\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下載全部鏈接 - C:\迅雷\Thunder\Program\getallurl.htm
O8 - Extra context menu item: 匯出至 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe
O9 - Extra button: 參考資料 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1219236328046
O17 - HKLM\System\CCS\Services\Tcpip\..\{49F15A03-90FC-4704-A8FA-F479BFE93BB3}: NameServer = 202.175.3.3,202.175.3.8
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

--
End of file - 8085 bytes

另外又出現這些圖案
http://inspic.com/D204D1C3
http://inspic.com/498EB9A1
請大大指教.............

sob790717b · 2008-08-23, 10:42 PM

路過

這是不才的我找到的....

除了我列出的
好像還有其他的很可疑
但是我不敢斷定

C:\WINDOWS\apple.exe
C:\install.exe
C:\Program Files\windows.exe

O4 - HKLM\..\Run: [apple] C:\WINDOWS\apple.exe
O4 - HKLM\..\Run: [sdfda64abc64] C:\\install.exe

Living · 2008-08-23, 11:03 PM

你的LOG有點怪, 一般itune不應該裝在Windows下, 可能是中了偽裝的木馬. 建議你先用Hijackthis去修復下列這幾個地方, 然後將這幾個檔案砍掉.

O4 - HKLM\..\Run: [apple] C:\WINDOWS\apple.exe
O4 - HKLM..Run: [sdfda64abc64] C:\install.exe
O4 - HKLM\..\Run: [Windows] C:\WINDOWS\itune.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{49F15A03-90FC-4704-A8FA-F479BFE93BB3}: NameServer = 202.175.3.3,202.175.3.8

tyc8008 · 2008-08-23, 11:13 PM

引用:

作者: sob790717b

路過

這是不才的我找到的....

除了我列出的
好像還有其他的很可疑
但是我不敢斷定

C:\WINDOWS\apple.exe
C:\install.exe
C:\Program Files\windows.exe

O4 - HKLM\..\Run: [apple] C:\WINDOWS\apple.exe
O4 - HKLM\..\Run: [sdfda64abc64] C:\\install.exe

還有這一行 -
O4 - HKLM\..\Run: [Windows] C:\WINDOWS\itune.exe

meng2009 · 2008-08-25, 07:26 PM

apple.exe....itune.exe.是以這圖案出現..http://inspic.com/3C5D1AAC...這些是否 windows 的檔案..而這個檔案經常要接通網絡.但被我的防火牆阻截..stsvchost.exe 可否刪除stsvchost.exe.在 c--windows 資料夾內......請指教

meng2009 · 2008-09-03, 07:34 PM

問題仍然未找到原因解決.中了什麼毒....我只好將 c, d 盆格式化.全新磁區重裝 windows xp 2........

2008-08-22, 09:59 PM	#1
meng2009 註冊會員榮譽勳章勳章總數2 UID - 289166 在線等級: 註冊日期: 2007-12-24 文章: 295 精華: 0 現金: 523 金幣資產: 553 金幣	求助 - 這兩個程式是什麼呢.可否刪除..... 你好.我部電腦內....c/windows 內有兩個程式.經常彈出.被我的防火牆攔截.我在第二部電腦內看無這兩個程式.這兩個程式是什麼呢...看圖..請指教......可否刪除..... http://inspic.com/3C5D1AAC

	送花文章: 1, 收花文章: 98 篇, 收花: 156 次

2008-08-22, 10:31 PM	#2 (permalink)
atie 超級版主榮譽勳章勳章總數25 UID - 7036 在線等級: 註冊日期: 2002-12-08 住址: 面壁思過協會文章: 18175 精華: 0 現金: 17 金幣資產: 137432703 金幣	這個的話九成是病毒請詳見 http://forum.slime.com.tw/thread208952.html
	__________________ 　﹒☆°﹒☆．﹒☆°﹒☆．﹒☆° °﹒☆°．﹒‧°∴°﹒°．﹒‧°∴°.﹒‧°∴°﹒☆...... ☆ 　　許好願　　　　做好事　　　　轉好運　　　一個願無量善緣；菩提心永不褪變心中常存善解、包容、感恩、知福、惜福
	送花文章: 19054, 收花文章: 13665 篇, 收花: 61022 次

2008-08-23, 09:31 PM	#3 (permalink)
meng2009 註冊會員榮譽勳章勳章總數2 UID - 289166 在線等級: 註冊日期: 2007-12-24 文章: 295 精華: 0 現金: 523 金幣資產: 553 金幣	Trend Micro™ HijackThis™ v2.02 的報告如下.......... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 上午 10:22:20, on 2008/8/23 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec AntiVirus\DefWatch.exe C:\Program Files\Executive Software\Diskeeper\DkService.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\PROGRA~1\SYMANT~1\VPTray.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINPENJR\win32\pphidpad.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\WINDOWS\apple.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\install.exe C:\WINDOWS\itune.exe C:\Program Files\windows.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Symantec AntiVirus\Rtvscan.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\explorer.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\user\桌面\HiJackThis--分析及修復登錄檔中有問題報告.exe R3 - URLSearchHook: Yahoo!奇摩捷徑列 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll O2 - BHO: Thunder AtOnce - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\迅雷\Thunder\ComDlls\TDAtOnce_Now.dll (file missing) O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ThunderBHO - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\迅雷\Thunder\ComDlls\xunleiBHO_Now.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.509.6972\swg.dll O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll O3 - Toolbar: Dr.eye WebPage Translation - {92B255FE-94E2-4BCA-958D-3926CE38913F} - C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIEBar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo!奇摩捷徑列 - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\YAHOO!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [PPHIDPAD] C:\WINPENJR\win32\pphidpad.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [Ashampoo FireWall] "C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall.exe" -TRAY O4 - HKLM\..\Run: [apple] C:\WINDOWS\apple.exe O4 - HKLM\..\Run: [sdfda64abc64] C:\\install.exe O4 - HKLM\..\Run: [Windows] C:\WINDOWS\itune.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: &使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: &全部使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Foxy 下載 - res://C:\Program Files\Foxy\Foxy.exe/download.htm O8 - Extra context menu item: Foxy 搜尋 - res://C:\Program Files\Foxy\Foxy.exe/search.htm O8 - Extra context menu item: 使用迅雷下載 - C:\迅雷\Thunder\Program\geturl.htm O8 - Extra context menu item: 使用迅雷下載全部鏈接 - C:\迅雷\Thunder\Program\getallurl.htm O8 - Extra context menu item: 匯出至 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\PROGRA~1\ICQ\ICQ.exe O9 - Extra button: 參考資料 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1219236328046 O17 - HKLM\System\CCS\Services\Tcpip\..\{49F15A03-90FC-4704-A8FA-F479BFE93BB3}: NameServer = 202.175.3.3,202.175.3.8 O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe -- End of file - 8085 bytes 另外又出現這些圖案 http://inspic.com/D204D1C3 http://inspic.com/498EB9A1 請大大指教.............

	送花文章: 1, 收花文章: 98 篇, 收花: 156 次

2008-08-23, 10:42 PM	#4 (permalink)
sob790717b 註冊會員榮譽勳章勳章總數3 UID - 288487 在線等級: 註冊日期: 2007-12-16 文章: 378 精華: 0 現金: 655 金幣資產: 835 金幣	路過這是不才的我找到的.... 除了我列出的好像還有其他的很可疑但是我不敢斷定 C:\WINDOWS\apple.exe C:\install.exe C:\Program Files\windows.exe O4 - HKLM\..\Run: [apple] C:\WINDOWS\apple.exe O4 - HKLM\..\Run: [sdfda64abc64] C:\\install.exe

	送花文章: 764, 收花文章: 211 篇, 收花: 412 次

2008-08-23, 11:03 PM	#5 (permalink)
Living 超級版主榮譽勳章勳章總數18 UID - 1966 在線等級: 註冊日期: 2002-12-06 住址: 糖城文章: 9601 精華: 1 現金: 18 金幣資產: 11727852 金幣	你的LOG有點怪, 一般itune不應該裝在Windows下, 可能是中了偽裝的木馬. 建議你先用Hijackthis去修復下列這幾個地方, 然後將這幾個檔案砍掉. O4 - HKLM\..\Run: [apple] C:\WINDOWS\apple.exe O4 - HKLM..Run: [sdfda64abc64] C:\install.exe O4 - HKLM\..\Run: [Windows] C:\WINDOWS\itune.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{49F15A03-90FC-4704-A8FA-F479BFE93BB3}: NameServer = 202.175.3.3,202.175.3.8
	__________________ 經驗分享是學習的一種請多珍惜這片學習的園地史版啞甘部主任
	送花文章: 52690, 收花文章: 8441 篇, 收花: 61930 次

2008-08-25, 07:26 PM	#7 (permalink)
meng2009 註冊會員榮譽勳章勳章總數2 UID - 289166 在線等級: 註冊日期: 2007-12-24 文章: 295 精華: 0 現金: 523 金幣資產: 553 金幣	apple.exe....itune.exe.是以這圖案出現..http://inspic.com/3C5D1AAC...這些是否 windows 的檔案..而這個檔案經常要接通網絡.但被我的防火牆阻截..stsvchost.exe 可否刪除stsvchost.exe.在 c--windows 資料夾內......請指教

	送花文章: 1, 收花文章: 98 篇, 收花: 156 次

2008-09-03, 07:34 PM	#8 (permalink)
meng2009 註冊會員榮譽勳章勳章總數2 UID - 289166 在線等級: 註冊日期: 2007-12-24 文章: 295 精華: 0 現金: 523 金幣資產: 553 金幣	問題仍然未找到原因解決.中了什麼毒....我只好將 c, d 盆格式化.全新磁區重裝 windows xp 2........

	送花文章: 1, 收花文章: 98 篇, 收花: 156 次

相似的主題
主題	主題作者	討論區	回覆	最後發表
電腦一直出現結束程式不然就重新開機到底是什麼問題捏	nogods	軟體應用問題討論區	2	2004-08-27 06:03 PM
請問，系統組態編輯程式是什麼，有什麼做用?!	seep123123	一般電腦疑難討論區	1	2003-10-19 05:16 PM
請問較好,無麻煩註冊的FTP程式是什麼?	亞瑟	一般電腦疑難討論區	1	2003-05-18 03:17 AM
這是什麼的驅動程式	79979	硬體疑難使用問題討論區	5	2003-05-05 12:57 AM
有人知道是什麼嗎?會不會是大家說的微軟放在winddows的間碟程式?	二郎	軟體應用問題討論區	3	2003-04-19 10:49 AM

Google 提供的廣告