返回列表 发帖
试试mt吧,
alg.exe的确是windows防火墙

TOP

再加张图~~   刚刚死了后截的
这次是在看论坛帖子时,将链接拖放打开后就发生的
附件: 您需要登录才可以下载或查看附件。没有帐号?加入 我们

TOP

未开XP的防火墙~
那上些插件有WMP、FLASH、QQEDIT,再就是别人用的网银等插件~~~都是常用的
与皮肤无关吧  前些天我用的默认皮肤一样的会经常死掉~
THEWORLD.INI也是全部重新配置的~
开关黑名单都试着用过了~~~

TOP

016项ActiveX对象这么多,试试先禁用除了网银和微软升级的其他加载项
ps:lz用了金山不用开xp的防火墙了

TOP

建议不用插件,不用皮肤和黑名单,能重现吗?

[ 本帖最后由 ww6174 于 2007-7-25 14:47 编辑 ]

TOP

Logfile of HijackThis v1.99.1
Scan saved at 14:43:09, on 2007-7-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\KAV2006\KWatch.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\KAV2006\KPfwSvc.EXE
C:\WINDOWS\system32\svchost.exe
C:\KAV2006\KAVStart.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\KAV2006\KPFW32.EXE
E:\Program Files\Tencent\Tencent\QQ.exe
G:\NEWSOFT\麒麟短线王至尊版原版\麒麟短线王至尊版.exe
E:\Program Files\Theworld\TheWorld.exe
H:\ttrry\系统问题\hijavkthis\HijackThis.exe

O4 - HKLM\..\Run: [KavStart] "C:\KAV2006\KAVStart.exe" -startup
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [KavPFW] "C:\KAV2006\KPFW32.EXE"
O8 - Extra context menu item: &使用快车(FlashGet)下载 - E:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &使用快车(FlashGet)下载全部链接 - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: 使用迅雷下载 - E:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - Extra context menu item: 使用迅雷下载全部链接 - E:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O15 - Trusted Zone: easyabc.95599.cn
O15 - Trusted Zone: www.95599.cn
O16 - DPF: {098A3F72-3110-4004-B954-2F9DC44934B4} (AddSHCARoot Control) - https://etrade.efunds.com.cn/etrading/AddSHCARootCert.cab
O16 - DPF: {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} (Edit Class) - https://www.sz1.cmbchina.com/download/CMBEdit.cab
O16 - DPF: {1DCEAEFB-ABD9-490F-894B-E7A99103CD06} (Echat2 Class) - http://chat.showbar.cn/cab/showbar_chat.cab
O16 - DPF: {26BCA338-BB94-4E8F-A082-3E5735875B79} (CMBSafeHelper Class) - http://www.sz1.cmbchina.com/download/CMBGUARD.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} -
O16 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl Class) - https://img.alipay.com/download/1101/aliedit.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/wind ... e.cab?1181179951833
O16 - DPF: {6DBB2904-082D-4DB0-944A-21C22BA121F4} (CCtInf Class) - http://www.95599.cn/perbank/BankControl.cab
O16 - DPF: {7F4EFFAE-D81B-4EA9-93DA-297F95268D35} (mcieplugin Class) -
O16 - DPF: {88734439-46D0-42C0-A13F-7E881EE550CF} (Filetran Control) - http://www.bluesky.cn/download/filetran.cab
O16 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (PasswordEditCtrl Class) - https://password.qq.com/download/qqedit2.cab
O16 - DPF: {F0E4E9A0-130A-412C-86BD-FE7B0D76F717} -
O16 - DPF: {F76637AD-C469-4412-BE00-2C2E805638B2} (SHLauncher Control) - http://www.saynsay.com/soft/SHLaunch_1010.cab
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Kingsoft Personal Firewall Service (KPfwSvc) - Kingsoft Corporation - C:\KAV2006\KPfwSvc.EXE
O23 - Service: Kingsoft Antivirus KWatch Service (KWatchSvc) - Kingsoft Corporation - C:\KAV2006\KWatch.EXE
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

TOP

rundll32是NOKIA手机蓝牙的一个自启动进程~

TOP

进程里有rundll32,lz没开什么插件吗?
贴一个诊断log上来

[ 本帖最后由 ww6174 于 2007-7-25 14:04 编辑 ]

TOP

注:近二年来,我98%的都是在用TW浏览器~~~
上面快速启动栏MX是其他人在用的.]
近段时间用着TW出现死住的情况多了点儿,所以请大家帮忙诊断一下原因~解决一下。小弟感激不尽!~

TOP

返回列表