瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 杀毒软件和卡卡都打不开 扫描日志。帮帮忙急

1   1  /  1  页   跳转

杀毒软件和卡卡都打不开 扫描日志。帮帮忙急

杀毒软件和卡卡都打不开 扫描日志。帮帮忙急

006-12-09,16:54:03

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Professional Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <Internat.exe><internat.exe>  [Microsoft Corporation]
    <MsnMsgr><"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background>  [N/A]
    <auloadplx><C:\WINNT\system32\mplprogsm.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <TrackPointSrv><tp4serv.exe>  [IBM Corporation]
    <Synchronization Manager><mobsync.exe /logon>  [(Verified)Microsoft Corporation]
    <BMMGAG><RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor>  [IBM Corp.]
    <TpHotkey><C:\PROGRA~1\ThinkPad\UTILIT~1\tphkmgr.exe>  [N/A]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [(Verified)RealNetworks, Inc.]
    <kav><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe">  [Kaspersky Lab]
    <mlibsysmc><regposwu.exe>  [N/A]
    <namxja><C:\WINNT\system32\aeybsv.exe>  [N/A]
    <Thunder><"C:\Program Files\Thunder Network\Thunder\Thunder.exe" /s>  [Thunder Networking Technologies,LTD]
    <Super Rabbit Desktop Set><C:\Program Files\Super Rabbit\MagicSet\DS.EXE /Load>  [Super Rabbit Software]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <Super Rabbit SRCK><"C:\Program Files\Super Rabbit\MagicSet\SRCK.exe" /autokill:2>  [Super Rabbit Soft]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
    <mlibsysmc><regposwu.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINNT\system32\userinit.exe,>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINNT\system32\klogon.dll>  [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    <WinlogonNotify: NavLogon><C:\WINNT\System32\NavLogon.dll>  [(Verified)Symantec Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINNT\BUTTER~1.SCR>  [N/A]

==================================
启动文件夹
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]><N>

==================================
服务
[卡巴斯基反病毒6.0 / AVP]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
[Indexing Service / cisvc]
  <C:\WINNT\System32\cisvc.exe><Microsoft Corporation>
[ClipBook / ClipSrv]
  <C:\WINNT\system32\clipsrv.exe><Microsoft Corporation>
[DefWatch / DefWatch]
  <><N/A>
[Logical Disk Manager Administrative Service / dmadmin]
  <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[IBM PM Service / IBMPMSVC]
  <C:\WINNT\System32\ibmpmsvc.exe><N/A>
[ip139 / ip139]
  <C:\WINNT\System32\5.exe><N/A>
[NetMeeting Remote Desktop Sharing / mnmsrvc]
  <C:\WINNT\System32\mnmsrvc.exe><Microsoft Corporation>
[Distributed Transaction Coordinator / MSDTC]
  <C:\WINNT\System32\msdtc.exe><Microsoft Corporation>
[host Service For Windows / mshostsvr]
  <><N/A>
[Remote Procedure Call System(RPCS) / RpcS]
  <C:\WINNT\System32\RpcS.exe><Microsoft Corporation>
[SavRoam / SavRoam]
  <><N/A>
[Uninterruptible Power Supply / UPS]
  <C:\WINNT\System32\ups.exe><Microsoft Corporation>
[Win32 DHCP Service / Win32DHCPsvc]
  <C:\WINNT\System32\rundll32.exe windhcp.dll,start><Microsoft Corporation>
[Windows DHCP Service / WinDHCPsvc]
  <C:\WINNT\System32\rundll32.exe windhcp.ocx,start><Microsoft Corporation>

==================================
驱动程序
[ATM ARP Client Protocol / Atmarpc]
  <System32\DRIVERS\atmarpc.sys><Microsoft Corporation>
[Audio Stub Driver / audstub]
  <System32\DRIVERS\audstub.sys><Microsoft Corporation>
[Beep / Beep]
  <C:\WINNT\SYSTEM32\DRIVERS\Beep.SYS><Microsoft Corporation>
[btfirst / btfirst]
  <\SystemRoot\System32\DRIVERS\btfirst.sys><YAHOO Corporation.>
[Cdaudio / Cdaudio]
  <C:\WINNT\SYSTEM32\DRIVERS\Cdaudio.SYS><Microsoft Corporation>
[Cdr4_2K / Cdr4_2K]
  <C:\WINNT\SYSTEM32\DRIVERS\Cdr4_2K.SYS><Roxio>
[Cdralw2k / Cdralw2k]
  <C:\WINNT\SYSTEM32\DRIVERS\Cdralw2k.SYS><Roxio>
[Crystal SoundFusion(tm) Driver / cwcspud]
  <system32\drivers\cwcspud.sys><Microsoft Corporation>
[Crystal SoundFusion(tm) SPuD3 Driver / cwcspud3]
  <system32\drivers\cwcspud3.sys><Microsoft Corporation>
[Crystal SoundFusion(tm) WDM Driver / cwcwdm]
  <system32\drivers\cwcwdm.sys><Microsoft Corporation>
[dmboot / dmboot]
  <System32\drivers\dmboot.sys><VERITAS Software Corp.>
[Logical Disk Manager Driver / dmio]
  <\SystemRoot\System32\drivers\dmio.sys><VERITAS Software Corp.>
[dmload / dmload]
  <System32\drivers\dmload.sys><VERITAS Software Corp.>
[Microsoft DirectMusic SW Synth (WDM) / DMusic]
  <system32\drivers\DMusic.sys><Microsoft Corporation>
[Intel(R) PRO Adapter Driver / E100B]
  <System32\DRIVERS\e100bnt5.sys><Intel Corporation>
[3Com 10/100 Mini PCI Ethernet Adapter NDIS 5.0 Driver / EL556]
  <System32\DRIVERS\EL556ND5.sys><3Com Corporation>
[FsVga / FsVga]
  <System32\DRIVERS\fsvga.sys><Microsoft Corporation>
[IBMPMDRV / IBMPMDRV]
  <System32\DRIVERS\ibmpmdrv.sys><IBM Corp.>
[IP Traffic Filter Driver / IpFilterDriver]
  <System32\DRIVERS\ipfltdrv.sys><Microsoft Corporation>
[IP in IP Tunnel Driver / IpInIp]
  <System32\DRIVERS\ipinip.sys><Microsoft Corporation>
[jnlnmmq / jnlnmmqo]
  <\SystemRoot\System32\DRIVERS\jnlnmmqo.sys><N/A>
[kl1 / kl1]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif]
  <\??\C:\WINNT\system32\drivers\klif.sys><Kaspersky Lab>
[kmsinput / kmsinput]
  <\??\C:\WINNT\System32\drivers\kmsinput.sys><N/A>
[Xircom MPCI+ Modem 56 WinGlobal Driver / ltck000c]
  <System32\DRIVERS\ltck000C.sys><Xircom, Inc.>
[Lucent Modem Driver / ltmodem5]
  <System32\DRIVERS\ltmdmxp.sys><LT>
[mnmdd / mnmdd]
  <C:\WINNT\SYSTEM32\DRIVERS\mnmdd.SYS><Microsoft Corporation>
[Msfs / Msfs]
  <C:\WINNT\SYSTEM32\DRIVERS\Msfs.SYS><Microsoft Corporation>
[Microsoft Streaming Quality Manager Proxy / MSPQM]
  <system32\drivers\MSPQM.sys><Microsoft Corporation>
[NDIS Proxy / NDProxy]
  <C:\WINNT\SYSTEM32\DRIVERS\NDProxy.SYS><Microsoft Corporation>
[NetBIOS Interface / NetBIOS]
  <System32\DRIVERS\netbios.sys><Microsoft Corporation>
[NetDetect / NetDetect]
  <\SystemRoot\system32\drivers\netdtect.sys><Microsoft Corporation>
[Npfs / Npfs]
  <C:\WINNT\SYSTEM32\DRIVERS\Npfs.SYS><Microsoft Corporation>
[npkcrypt / npkcrypt]
  <\??\D:\qq\npkcrypt.sys><N/A>
[NSC Infrared Device Driver / NSCIRDA]
  <System32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[Null / Null]
  <C:\WINNT\SYSTEM32\DRIVERS\Null.SYS><Microsoft Corporation>
[IPX Traffic Filter Driver / NwlnkFlt]
  <System32\DRIVERS\nwlnkflt.sys><Microsoft Corporation>
[IPX Traffic Forwarder Driver / NwlnkFwd]
  <System32\DRIVERS\nwlnkfwd.sys><Microsoft Corporation>
[ParVdm / ParVdm]
  <C:\WINNT\SYSTEM32\DRIVERS\ParVdm.SYS><Microsoft Corporation>
[Direct Parallel Link Driver / Ptilink]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Remote Access Auto Connection Driver / RasAcd]
  <System32\DRIVERS\rasacd.sys><Microsoft Corporation>
[Direct Parallel / Raspti]
  <System32\DRIVERS\raspti.sys><Microsoft Corporation>
[Microsoft Streaming Network Raw Channel Access / RCA]
  <system32\drivers\RCA.sys><Microsoft Corporation>
[S3SavageMX / S3SavageMX]
  <System32\DRIVERS\s3savmxm.sys><S3 Graphics, Inc.>
[Smapint / Smapint]
  <System32\drivers\Smapint.sys><Microsoft Corporation>
[TDSMAPI / TDSMAPI]
  <System32\drivers\TDSMAPI.SYS><N/A>
[IBM PS/2 TrackPoint Driver / Tp4Track]
  <System32\DRIVERS\tp4track.sys><IBM Corporation>
[TPHKDRV / TPHKDRV]
  <C:\WINNT\SYSTEM32\DRIVERS\TPHKDRV.SYS><IBM Corporation>
[TPPWR / TPPWR]
  <System32\drivers\Tppwr.sys><IBM Corp.>
[tqymee4 / tqymee47]
  <\SystemRoot\System32\DRIVERS\tqymee47.sys><N/A>
[IBM PS/2 TrackPoint Filter Driver / TwoTrack]
  <System32\DRIVERS\TwoTrack.sys><Microsoft Corporation>
[VgaSave / VgaSave]
  <\SystemRoot\System32\drivers\vga.sys><Microsoft Corporation>
[WDHAIBFMiniPCI Winmodem / WDHAIBF]
  <System32\DRIVERS\WDHAIBF.sys><3Com Corporation>
最后编辑2006-12-09 21:29:50
分享到:
gototop
 

浏览器加载项
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[Web反病毒保护]
  {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll, Kaspersky Lab>
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\System32\msdxm.ocx, Microsoft Corporation>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar1.dll, Google Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINNT\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\System32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[Google 搜索(&G)]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html, N/A>
[使用影音传送带下载]
  <D:\影音传送带\NetTransport 2\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
  <D:\影音传送带\NetTransport 2\NTAddList.html, N/A>
[反向链接]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html, N/A>
[类似网页]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html, N/A>
[缓存的网页快照]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html, N/A>
[翻译英文字词(&T)]
  <res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html, N/A>

==================================
正在运行的进程
[PID: 184][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 208][\??\C:\WINNT\system32\csrss.exe]  [Microsoft Corporation, 5.00.2195.6601]
[PID: 204][\??\C:\WINNT\system32\winlogon.exe]  [Microsoft Corporation, 5.00.2195.6997]
    [C:\WINNT\system32\klogon.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINNT\System32\NavLogon.dll]  [Symantec Corporation, 10.0.0.359]
[PID: 256][C:\WINNT\system32\services.exe]  [Microsoft Corporation, 5.00.2195.7035]
    [C:\WINNT\system32\dmserver.dll]  [VERITAS Software Corp., 2195.6605.297.3]
[PID: 276][C:\WINNT\system32\lsass.exe]  [Microsoft Corporation, 5.00.2195.7011]
[PID: 384][C:\WINNT\System32\ibmpmsvc.exe]  [N/A, N/A]
[PID: 444][C:\WINNT\system32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 496][C:\WINNT\System32\svchost.exe]  [Microsoft Corporation, 5.00.2134.1]
[PID: 548][C:\WINNT\system32\spoolsv.exe]  [Microsoft Corporation, 5.00.2195.7059]
[PID: 572][C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\FSSync.dll]  [Kaspersky Lab, 6.0.5.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\AVPGS.PPL]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl]  [Kaspersky Lab, 6.0.0.304]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\winreg.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tm.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\nfio.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\fsdrvplgn.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\bl.ppl]  [Kaspersky Lab, 6.0.0.300]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\wmihlpr.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\ndetect.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\crpthlpr.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\schedule.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\timer.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\thpimpl.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\lic60.ppl]  [Kaspersky Lab, 6.0.0.306]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\report.ppl]  [Kaspersky Lab, 6.0.0.299]
    [c:\program files\kaspersky lab\kaspersky anti-virus 6.0\hashmd5.ppl]  [Kaspersky Lab, 6.0.0.299]
[PID: 748][C:\WINNT\system32\MSTask.exe]  [Microsoft Corporation, 4.71.2195.6972]
[PID: 792][C:\WINNT\System32\WBEM\WinMgmt.exe]  [Microsoft Corporation, 1.50.1085.0100]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1008][C:\WINNT\Explorer.EXE]  [Microsoft Corporation, 5.00.3700.6690]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\aeybsv.dll]  [N/A, N/A]
    [C:\Herosoft\HeroV8\VCvtShell.dll]  [herosoft, 1, 0, 0, 1]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll]  [Kaspersky Lab, 6.0.0.299]
[PID: 1064][C:\WINNT\system32\tp4serv.exe]  [IBM Corporation, 3.07]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\tp4uires.dll]  [N/A, N/A]
    [C:\WINNT\system32\aeybsv.dll]  [N/A, N/A]
[PID: 1092][C:\PROGRA~1\ThinkPad\UTILIT~1\tphkmgr.exe]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\aeybsv.dll]  [N/A, N/A]
[PID: 1116][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3760]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\aeybsv.dll]  [N/A, N/A]
gototop
 

[PID: 1144][C:\WINNT\system32\regposwu.exe]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\aeybsv.dll]  [N/A, N/A]
[PID: 1196][C:\WINNT\system32\internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\aeybsv.dll]  [N/A, N/A]
[PID: 1216][C:\WINNT\system32\mplprogsm.exe]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1868][C:\Program Files\Super Rabbit\MagicSet\srgui.exe]  [Super Rabbit Soft, 7.92]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\aeybsv.dll]  [N/A, N/A]
[PID: 1488][C:\WINNT\system32\regsvc.exe]  [Microsoft Corporation, 5.00.2195.6701]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1880][C:\WINNT\System32\rsvp.exe]  [Microsoft Corporation, 5.00.2195.6663]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 624][C:\WINNT\system32\msiexec.exe]  [Microsoft Corporation, 3.1.4000.1823]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
[PID: 1956][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2800.1106]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\aeybsv.dll]  [N/A, N/A]
    [c:\program files\google\googletoolbar1.dll]  [Google Inc., 3, 0, 131, 0]
    [C:\WINNT\system32\kakatool.dll]  [Beijing Rising Technology Co., Ltd., 2, 0, 2, 5]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\WINNT\System32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
[PID: 1960][C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.4.0.226]
    [C:\Program Files\Thunder Network\Thunder\Program\UpdateDownload.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 8]
    [C:\Program Files\Thunder Network\Thunder\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 2, 0, 0, 1]
    [C:\Program Files\Thunder Network\Thunder\Program\stlport_vc646.dll]  [STLport Consulting, Inc., 4.6.2003.1031]
    [C:\Program Files\Thunder Network\Thunder\Program\log4cplus.dll]  [, 1, 0, 2, 1]
    [C:\Program Files\Thunder Network\Thunder\Program\asyn_dns.dll]  [N/A, N/A]
    [C:\Program Files\Thunder Network\Thunder\Program\msgmanage.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 15]
    [C:\Program Files\Thunder Network\Thunder\Program\historyinfo_manage.dll]  [Thunder Networking Technologies,LTD, 5, 2, 0, 148]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\aeybsv.dll]  [N/A, N/A]
    [C:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 1, 0, 18]
    [C:\Program Files\Thunder Network\Thunder\Program\FloatBar.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll]  [ , 1, 0, 0, 11]
    [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed04.dll]  [ , 2, 3, 0, 37]
    [C:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 10]
    [C:\Program Files\Thunder Network\Thunder\Program\iTargetAd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 1, 59]
    [C:\WINNT\System32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scr_ch_pg.dll]  [Kaspersky Lab, 1.0.6.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll]  [Kaspersky Lab, 6.0.0.299]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll]  [Kaspersky Lab, 6.0.0.299]
[PID: 1992][C:\Program Files\WinRAR\WinRAR.exe]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\aeybsv.dll]  [N/A, N/A]
[PID: 1904][C:\DOCUME~1\user\LOCALS~1\Temp\Rar$EX00.059\SREng\SREng.exe]  [Smallfrogs Studio, 2.2.6.605]
    [C:\WINNT\system32\windhcp.dll]  [N/A, N/A]
    [C:\WINNT\system32\windhcp.ocx]  [N/A, N/A]
    [C:\WINNT\system32\aeybsv.dll]  [N/A, N/A]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINNT\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
gototop
 

有空的高手门快帮忙看看该怎么办?谢谢了
gototop
 

帮忙啊。等的 花儿也谢了
gototop
 

红色的自己确认一下,是否要删除

运行SREng2,使用“启动项目”--注册表--删除
C:\WINNT\system32\aeybsv.exe

运行(双击)SRENG2,点“启动项目,服务,点“Win32服务应用程序”
勾选“隐藏微软服务”选中病毒服务
Remote Procedure Call System(
Win32 DHCP Service /
Windows DHCP Service
,选择“删除服务”
点“设置”选择“否”

运行(双击)SRENG2,点“启动项目,服务,点“驱动程序”
勾选“隐藏微软服务”选中病毒服务
jnlnmmq
npkcrypt
tqymee4
,选择“删除服务”
点“设置”选择“否”

重启按F8进入安全模式下
显示隐藏文件
删除:   
\SystemRoot\System32\DRIVERS\tqymee47.sys
D:\qq\npkcrypt.sys
\SystemRoot\System32\DRIVERS\jnlnmmqo.sys
<C:\WINNT\System32\RpcS.exe
C:\WINNT\system32\windhcp.dll
[C:\WINNT\system32\windhcp.ocx
[C:\WINNT\system32\aeybsv.dll
C:\WINNT\system32\aeybsv.exe
gototop
 

xiexie 谢谢
gototop
 
1   1  /  1  页   跳转
页面顶部
关于瑞星 | 服务与支持 | 人才招聘 | 联系方式 | 网站内容指正
Copyright©2000 - 2025 Rising Corp. Ltd.  All Rights Reserved
版权所有 北京瑞星网安技术股份有限公司
备案编号:京公海网安备11010802020318号
Powered by Discuz!NT