瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 中毒后所有程序只要访问网络就会出现异常

1   1  /  1  页   跳转

中毒后所有程序只要访问网络就会出现异常

收藏
明月小楼
头像
初生襁褓狮
  • 帖子:19
  • 注册: 2006-09-05
  • 来自:
发表于: 2006-09-06 10:42 | 只看楼主 短消息 资料
字号: 1楼

中毒后所有程序只要访问网络就会出现异常

比如运行QQ,只要连上网以后,运行需要上网的程序,此程序就会出错,如果没有拨事情还没问题.这些病毒杀掉过,只是一开网页就会自动跳到一个IP地址,这些毒又会出现了~~ 日志内容:
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>[MicrosoftCorporation]
<MsnMsgr><"C:\ProgramFiles\MSNMessenger\MsnMsgr.Exe"/background>[MicrosoftCorporation]
[HKEY_CURRENT_USER\Software\Microsoft\WindowsNT\CurrentVersion\Windows]
<load><>[]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE"/Spoil/RemAdvDef/Migration32>[MicrosoftCorporation]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE/SYNC>[MicrosoftCorporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE/IMEName>[MicrosoftCorporation]
<RfwMain><"C:\ProgramFiles\Rising\Rfw\rfwmain.exe"-Startup>[BeijingRisingTechnologyCo.,Ltd.]
<RavTask><"c:\ProgramFiles\Rising\Rav\RavTask.exe"-system>[BeijingRisingTechnologyCo.,Ltd.]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE/Preload>[MicrosoftCorporation]
<IMEKRMIG6.1><C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>[MicrosoftCorporation]
<MSPY2002><C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe/SYNC>[]
<ms><C:\ProgramFiles\Microsoft\svhost32.exe>[]
<stonedrv><>[]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<RavStub><"c:\ProgramFiles\Rising\Rav\ravstub.exe"/RUNONCE>[BeijingRisingTechnologyCo.,Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<1><C:\WINDOWS\svchost.exe>[]
[HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon]
<shell><EXPLORER.EXE>[MicrosoftCorporation]
<Userinit><C:\WINDOWS\system32\Userinit.exe>[MicrosoftCorporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Windows]
<AppInit_DLLs><>[]
[HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon]
<UIHost><logonui.exe>[MicrosoftCorporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{6E44887F-5214-41F2-AB46-4728735C4CC6}><C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys>[]
<{F3D0D422-CE6D-47B3-9CE6-C54DD63F1ADB}><C:\ProgramFiles\InternetExplorer\PLUGINS\new123.sys>[]

==================================
启动文件夹
[EDial]
<C:\DocumentsandSettings\BOBO\「开始」菜单\程序\启动\EDial.lnk><N>

==================================
服务
[RisingProxyService/RfwProxySrv]
<c:\programfiles\rising\rfw\rfwproxy.exe><BeijingRisingTechnologyCo.,Ltd.>
[RisingPersonalFirewallService/RfwService]
<c:\programfiles\rising\rfw\rfwsrv.exe><BeijingRisingTechnologyCo.,Ltd.>
[RisingProcessCommunicationCenter/RsCCenter]
<"c:\ProgramFiles\Rising\Rav\CCenter.exe"><BeijingRisingTechnologyCo.,Ltd.>
[RsRavMonService/RsRavMon]
<"c:\ProgramFiles\Rising\Rav\Ravmond.exe"><BeijingRisingTechnologyCo.,Ltd.>
[ApacheTomcat/Tomcat5]
<"d:\ProgramFiles\ApacheSoftwareFoundation\Tomcat5.0\bin\tomcat5.exe"//RS//Tomcat5><ApacheSoftwareFoundation>

==================================
浏览器加载项
[AcroIEHlprObjClass]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}<D:\ProgramFiles\Adobe\Acrobat7.0\ActiveX\AcroIEHelper.dll,AdobeSystemsIncorporated>
[ThunderBrowserHelper]
{889D2FEB-5411-4565-8998-1DD2C5261283}<d:\ProgramFiles\ThunderNetwork\Thunder\ComDlls\XunLeiBHO_002.dll,ThunderNetworkingTechnologies,LTD>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263}<D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL,MicrosoftCorporation>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683}<C:\ProgramFiles\Messenger\msmsgs.exe,MicrosoftCorporation>
[CEditCtrlObject]
{488A4255-3236-44B3-8F27-FA1AECAA8844}<C:\WINDOWS\system32\aliedit\AliEdit.dll,www.alipay.com>
[JavaPlug-in1.4.2_05]
{8AD9C840-044E-11D1-B3E9-00805F499D93}<C:\ProgramFiles\Java\j2re1.4.2_05\bin\npjpi142_05.dll,JavaSoft/SunMicrosystems,Inc.>
[JavaPlug-in1.4.2_05]
{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}<C:\ProgramFiles\Java\j2re1.4.2_05\bin\npjpi142_05.dll,JavaSoft/SunMicrosystems,Inc.>
[ShockwaveFlashObject]
{D27CDB6E-AE6D-11CF-96B8-444553540000}<C:\WINDOWS\system32\macromed\flash\flash.ocx,Macromedia,Inc.>
[AcroIEHlprObjClass]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}<D:\ProgramFiles\Adobe\Acrobat7.0\ActiveX\AcroIEHelper.dll,AdobeSystemsIncorporated>
[WindowsMediaPlayer]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95}<C:\WINDOWS\system32\wmpdxm.dll,MicrosoftCorporation>
[HTMLDocument]
{25336920-03F9-11CF-8FD0-00AA00686F13}<%SystemRoot%\system32\mshtml.dll,N/A>
[PGEditClass]
{2BFAA61B-5C83-4865-8281-D8BDBF863061}<D:\ProgramFiles\GnetSecCtrl\PG_ATL_Edit.dll,银联网络支付集团有限公司>
[CEditCtrlObject]
{488A4255-3236-44B3-8F27-FA1AECAA8844}<C:\WINDOWS\system32\aliedit\AliEdit.dll,www.alipay.com>
[ShellNameSpace]
{55136805-B2DE-11D1-B9F2-00A0C98BC547}<%SystemRoot%\system32\shdocvw.dll,N/A>
[WindowsMediaPlayer]
{6BF52A52-394A-11D3-B153-00C04F79FAA6}<C:\WINDOWS\system32\wmp.dll,MicrosoftCorporation>
[MicrosoftWeb浏览器]
{8856F961-340A-11D0-A96B-00C04FD705A2}<C:\WINDOWS\system32\shdocvw.dll,MicrosoftCorporation>
[ThunderBrowserHelper]
{889D2FEB-5411-4565-8998-1DD2C5261283}<d:\ProgramFiles\ThunderNetwork\Thunder\ComDlls\XunLeiBHO_002.dll,ThunderNetworkingTechnologies,LTD>
[MicrosoftScriptletComponent]
{AE24FDAE-03C6-11D1-8B76-0080C744F389}<C:\WINDOWS\system32\mshtml.dll,MicrosoftCorporation>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89}<%SystemRoot%\system32\shdocvw.dll,N/A>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36}<C:\ProgramFiles\CommonFiles\System\msadc\msadco.dll,MicrosoftCorporation>
[VIDEO__X_MS_ASFMonikerClass]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127}<C:\WINDOWS\system32\wmp.dll,MicrosoftCorporation>
[ShockwaveFlashObject]
{D27CDB6E-AE6D-11CF-96B8-444553540000}<C:\WINDOWS\system32\macromed\flash\flash.ocx,Macromedia,Inc.>
[CPasswordEditCtrlObject]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF}<C:\WINDOWS\system32\qqedit\qqedit.dll,腾讯科技(深圳)有限公司>
[&使用迅雷下载]
<d:\ProgramFiles\ThunderNetwork\Thunder\Program\GetUrl.htm,N/A>
[&使用迅雷下载全部链接]
<d:\ProgramFiles\ThunderNetwork\Thunder\Program\GetAllUrl.htm,N/A>
[上传到QQ网络硬盘]
<D:\ProgramFiles\157476896\AddToNetDisk.htm,N/A>
[导出到MicrosoftOfficeExcel(&X)]
<res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000,N/A>
[添加到QQ自定义面板]
<D:\ProgramFiles\157476896\AddPanel.htm,N/A>
[添加到QQ表情]
<D:\ProgramFiles\157476896\AddEmotion.htm,N/A>
[用QQ彩信发送该图片]
<D:\ProgramFiles\157476896\SendMMS.htm,N/A>
[用比特精灵下载(&B)]
<D:\ProgramFiles\BitSpirit\bsurl.htm,N/A>
最后编辑2006-09-06 13:56:42
分享到:
gototop
 
明月小楼
头像
初生襁褓狮
  • 帖子:19
  • 注册: 2006-09-05
  • 来自:
发表于: 2006-09-06 10:43 | 只看楼主 短消息 资料
字号: 2楼


==================================
正在运行的进程
[PID:488][\SystemRoot\System32\smss.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[PID:544][\??\C:\WINDOWS\system32\csrss.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[PID:568][\??\C:\WINDOWS\system32\winlogon.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[PID:612][C:\WINDOWS\system32\services.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
[C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys]<N/A><N/A>
[C:\WINDOWS\system32\msdll.dll]<N/A><N/A>
[PID:624][C:\WINDOWS\system32\lsass.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
[PID:776][C:\WINDOWS\system32\svchost.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\msdll.dll]<N/A><N/A>
[C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys]<N/A><N/A>
[PID:824][C:\WINDOWS\system32\svchost.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[PID:896][c:\ProgramFiles\Rising\Rav\CCenter.exe]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,3>
[PID:912][C:\WINDOWS\System32\svchost.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
[PID:972][C:\WINDOWS\system32\svchost.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[PID:1108][C:\WINDOWS\system32\svchost.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[PID:1192][c:\ProgramFiles\Rising\Rav\Ravmond.exe]<BeijingRisingTechnologyCo.,Ltd.><18,0,1,35>
[c:\ProgramFiles\Rising\Rav\BWList.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,19>
[c:\ProgramFiles\Rising\Rav\RsCommX.dll]<rising><18,0,0,1>
[c:\ProgramFiles\Rising\Rav\RSAPPMGR.DLL]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,2>
[c:\ProgramFiles\Rising\Rav\CfgDll.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,11>
[c:\ProgramFiles\Rising\Rav\RSCOMMON.DLL]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,4>
[c:\ProgramFiles\Rising\Rav\RsLog.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,20>
[c:\ProgramFiles\Rising\Rav\HOOKSYS.dll]<BeijingRisingTechnologyCo.,Ltd.><18,1,0,11>
[c:\ProgramFiles\Rising\Rav\Scanner.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,32>
[c:\ProgramFiles\Rising\Rav\libload.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,10>
[c:\ProgramFiles\Rising\Rav\VirusLib.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,12>
[c:\ProgramFiles\Rising\Rav\regmon.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,6>
[c:\ProgramFiles\Rising\Rav\HookWeb.dll]<rising><18,0,0,2>
[c:\ProgramFiles\Rising\Rav\MemMon.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,10>
[c:\ProgramFiles\Rising\Rav\expscan.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,4>
[c:\ProgramFiles\Rising\Rav\mPorts.dll]<BeijingRisingTechnologyCo.,Ltd.><4,0,0,3>
[c:\ProgramFiles\Rising\Rav\MailMon.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,5>
[c:\ProgramFiles\Rising\Rav\SpamEng.dll]<N/A><18,0,0,6>
[c:\ProgramFiles\Rising\Rav\engine.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,34>
[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
[c:\ProgramFiles\Rising\Rav\PostTrt.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,13>
[c:\ProgramFiles\Rising\Rav\UnExe.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,11>
[c:\ProgramFiles\Rising\Rav\ScanExec.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,11>
[c:\ProgramFiles\Rising\Rav\ScanEx.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,20>
[c:\ProgramFiles\Rising\Rav\RSUnpack.dll]<BeijingRisingTechnologyCo.,Ltd.><1,0,0,13>
[c:\ProgramFiles\Rising\Rav\NvFile.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,7>
[c:\ProgramFiles\Rising\Rav\ScanMac.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,9>
[c:\ProgramFiles\Rising\Rav\ScanSct.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,18>
[c:\ProgramFiles\Rising\Rav\Unpacker.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,4>
[PID:1288][c:\programfiles\rising\rfw\rfwsrv.exe]<BeijingRisingTechnologyCo.,Ltd.><4,0,0,32>
[c:\programfiles\rising\rfw\RfwRule.dll]<BeijingRisingTechnologyCo.,Ltd.><4,0,0,13>
[c:\programfiles\rising\rfw\rfwlog.dll]<BeijingRisingTechnologyCo.,Ltd.><4,0,0,6>
[c:\programfiles\rising\rfw\Rfwdrv.dll]<BeijingRisingTechnologyCo.,Ltd.><4,0,0,21>
[c:\programfiles\rising\rfw\MonDrv.dll]<rs><1,0,0,4>
[c:\programfiles\rising\rfw\ProcLib.dll]<BeijingRisingTechnologyCo.,Ltd.><4,0,0,9>
[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
[PID:1488][C:\WINDOWS\Explorer.EXE]<MicrosoftCorporation><6.00.2900.2180(xpsp_sp2_rtm.040803-2158)>
[C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys]<N/A><N/A>
[C:\WINDOWS\system32\msdll.dll]<N/A><N/A>
[D:\ProgramFiles\Adobe\Acrobat7.0\ActiveX\PDFShell.dll]<AdobeSystems,Inc.><7.0.0.0>
[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
[D:\ProgramFiles\Adobe\Acrobat7.0\ActiveX\AcroIEHelper.dll]<AdobeSystemsIncorporated><7.0.5.2005092300>
[d:\ProgramFiles\ThunderNetwork\Thunder\ComDlls\XunLeiBHO_002.dll]<ThunderNetworkingTechnologies,LTD><5,0,0,2>
[c:\ProgramFiles\Rising\Rav\RSCOMMON.DLL]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,4>
[PID:1600][C:\WINDOWS\system32\spoolsv.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\hpzsnt10.dll]<HP><2.323.0.0>
[PID:1704][c:\ProgramFiles\Rising\Rav\RavStub.exe]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,16>
[c:\ProgramFiles\Rising\Rav\RsCommX.dll]<rising><18,0,0,1>
[c:\ProgramFiles\Rising\Rav\RSCOMMON.DLL]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,4>
[PID:1988][C:\ProgramFiles\Rising\Rav\RavTask.exe]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,22>
[C:\ProgramFiles\Rising\Rav\RSCOMMON.DLL]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,4>
[C:\ProgramFiles\Rising\Rav\RSAPPMGR.DLL]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,2>
[C:\ProgramFiles\Rising\Rav\CfgDll.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,11>
[C:\ProgramFiles\Rising\Rav\RsCommX.dll]<rising><18,0,0,1>
[C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys]<N/A><N/A>
[C:\WINDOWS\system32\msdll.dll]<N/A><N/A>
[PID:2032][C:\ProgramFiles\Microsoft\svhost32.exe]<N/A><N/A>
[C:\WINDOWS\system32\msdll.dll]<N/A><N/A>
[C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys]<N/A><N/A>
[PID:120][C:\ProgramFiles\Microsoft\svhost32.exe]<N/A><N/A>
[PID:168][C:\WINDOWS\system32\ctfmon.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys]<N/A><N/A>
[C:\WINDOWS\system32\msdll.dll]<N/A><N/A>
[PID:296][C:\WINDOWS\system32\inetsrv\inetinfo.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
[PID:424][C:\WINDOWS\system32\svchost.exe]<MicrosoftCorporation><5.1.2600.2180(xpsp_sp2_rtm.040803-2158)>
[PID:3788][C:\WINDOWS\system32\wuauclt.exe]<MicrosoftCorporation><5.4.3790.2180(xpsp_sp2_rtm.040803-2158)>
[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
[PID:4088][C:\WINDOWS\system32\winmer.exe]<MicrosoftCorporation><5.1.2600.0>
[C:\WINDOWS\system32\msdll.dll]<N/A><N/A>
[C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys]<N/A><N/A>
[PID:1532][c:\programfiles\rising\rfw\RfwMain.exe]<BeijingRisingTechnologyCo.,Ltd.><4,0,0,52>
[c:\programfiles\rising\rfw\RsGuiLib.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,23>
[c:\programfiles\rising\rfw\RSCOMMON.DLL]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,4>
[c:\programfiles\rising\rfw\PngDll.dll]<BeijingRisingTechnologyCo.,Ltd.><18,0,0,5>
[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
[C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys]<N/A><N/A>
[C:\WINDOWS\system32\msdll.dll]<N/A><N/A>
[PID:3700][D:\ProgramFiles\sreng2\SREng.exe]<SmallfrogsStudio><2.0.21.505>
[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
[C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys]<N/A><N/A>
[C:\WINDOWS\system32\msdll.dll]<N/A><N/A>
[PID:3848][C:\WINDOWS\system32\vsjitdebugger.exe]<MicrosoftCorporation><8.0.50727.42(RTM.050727-4200)>
[PID:3868][C:\WINDOWS\system32\vsjitdebugger.exe]<MicrosoftCorporation><8.0.50727.42(RTM.050727-4200)>
[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
[C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys]<N/A><N/A>
[C:\WINDOWS\system32\msdll.dll]<N/A><N/A>

==================================
文件关联
.TXTOK.[%SystemRoot%\system32\NOTEPAD.EXE%1]
.EXEOK.["%1"%*]
.COMOK.["%1"%*]
.PIFOK.["%1"%*]
.REGOK.[regedit.exe"%1"]
.BATOK.["%1"%*]
.SCROK.["%1"/S]
.CHMOK.["C:\WINDOWS\hh.exe"%1]
.HLPOK.[%SystemRoot%\System32\winhlp32.exe%1]
.INIOK.[%SystemRoot%\System32\NOTEPAD.EXE%1]
.INFOK.[%SystemRoot%\System32\NOTEPAD.EXE%1]
.VBSOK.[%SystemRoot%\System32\WScript.exe"%1"%*]
.JSOK.[%SystemRoot%\System32\WScript.exe"%1"%*]
.LNKOK.[{00021401-0000-0000-C000-000000000046}]

请高手帮忙,怎么能杀的彻底
gototop
 
mopery
头像
卡卡技术团队
  • 帖子:17737
  • 注册: 2005-12-06
  • 来自:New York
卡卡名人堂论坛9周年纪念
发表于: 2006-09-06 11:02 | 短消息 资料
字号: 3楼

[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
需要用LSPFix 来修复..
LSPFix(汉化版) 下载地址:http://forum.ikaka.com/topic.asp?board=67&artid=5188931
(8楼...)
同时下载WinsockXPFix.exe...(2楼...)
----------------------------------------------------------------
先运行LSPFix ... 勾上 我确定要进行修复操作 ...
然后将cn_spiEx.dll移到右边...点下完成...
----------------------------------------------------------------
如果在操作之后不能上网...请用WinsockXPFix.exe 修复一下即可...安全模式下..

打开SRE 启动项目 注册表 删除
<ms><C:\ProgramFiles\Microsoft\svhost32.exe>[]
<stonedrv><>[]
<1><C:\WINDOWS\svchost.exe>[]
<{6E44887F-5214-41F2-AB46-4728735C4CC6}><C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys>[]
<{F3D0D422-CE6D-47B3-9CE6-C54DD63F1ADB}><C:\ProgramFiles\InternetExplorer\PLUGINS\new123.sys>[]
删除
C:\ProgramFiles\Microsoft\svhost32.exe
C:\WINDOWS\svchost.exe
C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys
C:\ProgramFiles\InternetExplorer\PLUGINS\new123.sys
C:\WINDOWS\system32\msdll.dll
gototop
 
明月小楼
头像
初生襁褓狮
  • 帖子:19
  • 注册: 2006-09-05
  • 来自:
发表于: 2006-09-06 12:43 | 只看楼主 短消息 资料
字号: 4楼

我按照楼上说的做了,现在在安全模式下都不进去系统了,在登录页点用户后,就出现正在保存,然后回到登录页.进不去了~~~~~~~~~好像是删C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys的原因现在怎么修啊?
gototop
 
leasu
头像
初生襁褓狮
  • 帖子:527
  • 注册: 2005-01-08
  • 来自:
发表于: 2006-09-06 13:06 | 短消息 资料
字号: 5楼

引用:
【mopery的贴子】[C:\WINDOWS\system32\cn_spiEx.dll]<N/A><N/A>
需要用LSPFix 来修复..
LSPFix(汉化版) 下载地址:http://forum.ikaka.com/topic.asp?board=67&artid=5188931
(8楼...)
同时下载WinsockXPFix.exe...(2楼...)
----------------------------------------------------------------
先运行LSPFix ... 勾上 我确定要进行修复操作 ...
然后将cn_spiEx.dll移到右边...点下完成...
----------------------------------------------------------------
如果在操作之后不能上网...请用WinsockXPFix.exe 修复一下即可...安全模式下..

打开SRE 启动项目 注册表 删除
<ms><C:\ProgramFiles\Microsoft\svhost32.exe>[]
<stonedrv><>[]
<1><C:\WINDOWS\svchost.exe>[]
<{6E44887F-5214-41F2-AB46-4728735C4CC6}><C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys>[]
<{F3D0D422-CE6D-47B3-9CE6-C54DD63F1ADB}><C:\ProgramFiles\InternetExplorer\PLUGINS\new123.sys>[]
删除
C:\ProgramFiles\Microsoft\svhost32.exe
C:\WINDOWS\svchost.exe
C:\ProgramFiles\InternetExplorer\PLUGINS\system.sys
C:\ProgramFiles\InternetExplorer\PLUGINS\new123.sys
C:\WINDOWS\system32\msdll.dll



………………
gototop
 
明月小楼
头像
初生襁褓狮
  • 帖子:19
  • 注册: 2006-09-05
  • 来自:
发表于: 2006-09-06 14:04 | 只看楼主 短消息 资料
字号: 6楼

我现在都进不去系统了,登录不进去,怎么修?
gototop
 
<<上一主题|下一主题>>
1   1  /  1  页   跳转
页面顶部
Powered by Discuz!NT