双击打开硬盘 会让你选择用什么程序打开~

还有就是 什么杀软的 ，sreng的日志扫描工具也被屏蔽了  我改名后才扫的日志~


下面是日志~！  麻烦帮看下 ~ 现谢过了~

[用户系统信息]Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; KuGooSoft)

[CODE]

2007-12-04,12:16:36

System Repair Engineer 2.4.12.806
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><; C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
    <run><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <nhbivui><; C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe>  [N/A]
    <mhlclyg><; C:\Program Files\Common Files\System\yyjnldu.exe>  [N/A]
    <MSConfig><C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto>  [(Verified)Microsoft Windows Publisher]
    <5QIM><; d:\Program Files\校内\校内通\5QIM.exe>  [xiaonei.com]
    <AVPSrv><; C:\WINDOWS\AVPSrv.exE>  []
    <cmdbcs><; C:\WINDOWS\cmdbcs.exe>  []
    <DbgHlp32><; C:\WINDOWS\DbgHlp32.exe>  []
    <GenProtect><; C:\WINDOWS\GenProtect.exe>  []
    <Kvsc3><; C:\WINDOWS\Kvsc3.exE>  []
    <LotusHlp><; C:\WINDOWS\LotusHlp.exe>  []
    <mppds><; C:\WINDOWS\mppds.exe>  []
    <msccrt><; C:\WINDOWS\msccrt.exe>  []
    <MsIMMs32><; C:\WINDOWS\MsIMMs32.exE>  []
    <MsPrint32D><; C:\WINDOWS\MsPrint32D.exe>  []
    <NVDispDrv><; C:\WINDOWS\NVDispDRV.EXE>  []
    <runeip><; "C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>  [N/A]
    <SoundMan><; SOUNDMAN.EXE>  [(Verified)Microsoft Windows Publisher]
    <switch><; c:\windows\system32\壁纸自动换.exe>  []
    <upxdnd><; C:\WINDOWS\upxdnd.exe>  []
    <WinSysM><; C:\WINDOWS\496973M.exe>  [N/A]
    <WinSysW><; C:\WINDOWS\496973L.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <MSDEG32><LYLoader.exe>  []
    <MSDWG32><LYLoadbr.exe>  [N/A]
    <MSDCG32    ><LYLeador.exe>  [N/A]
    <MSDOG32><LYLoador.exe>  [N/A]
    <MSDSG32><LYLoadar.exe>  [N/A]
    <MSDMG32><LYLoadmr.exe>  [N/A]
    <MSDHG32><LYLoadhr.exe>  [N/A]
    <MSDQG32><LYLoadqr.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
N/A

==================================
服务
[286EE121 / 286EE121][Stopped/Auto Start]
  <C:\WINDOWS\system32\792405C6.EXE -k><>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Qvod Terminal / Qvod Terminal][Running/Auto Start]
  <d:\QvodPlayer\QvodTerminal.exe><Shenzhen TASK Technology Co.,Ltd>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
  <"d:\Program Files\Rising\Rav\CCenter.exe"><N/A>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"D:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><N/A>

==================================
驱动程序
[100133 / 100133][Running/Boot Start]
  <\SystemRoot\System32\drivers\100133.sys><N/A>
[a0 / a0][Running/Boot Start]
  <\SystemRoot\\SystemRoot\System32\drivers\100133.sys><N/A>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[BaseTDI / BaseTDI][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\basetdi.sys><Beijing Rising Technology Co., Ltd.>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[ExpScaner / ExpScaner][Stopped/Auto Start]
  <\??\D:\PROGRAM FILES\RISING\RAV\ExpScan.sys><N/A>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Stopped/Auto Start]
  <\??\D:\PROGRAM FILES\RISING\RAV\HOOKCONT.sys><N/A>
[HookReg / HookReg][Stopped/Auto Start]
  <\??\D:\PROGRAM FILES\RISING\RAV\HookReg.sys><N/A>
[HookSys / HookSys][Stopped/Auto Start]
  <\??\D:\PROGRAM FILES\RISING\RAV\HookSys.sys><N/A>
[MEMSCAN / MEMSCAN][Stopped/Auto Start]
  <\??\D:\PROGRAM FILES\RISING\RAV\MEMSCAN.sys><N/A>
[npkcrypt / npkcrypt][Stopped/Auto Start]
  <\??\C:\Program Files\QQ2006\npkcrypt.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsAntiSpyware / RsAntiSpyware][Running/Disabled]
  <system32\drivers\RsBoot.sys><N/A>
[RSPPSYS / RSPPSYS][Stopped/Auto Start]
  <\??\D:\PROGRAM FILES\RISING\RAV\RSPPSYS.sys><N/A>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaidexp.sys><VIA Technologies, Inc.>

浏览器加载项
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[IE搜索工具条]
  {BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[AUDIO__MID Moniker Class]
  {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, Adobe Systems, Inc.>
[QvodCtrl Class]
  {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <d:\QvodPlayer\QvodInsert.dll, Shenzhen TASK Technology Co.,Ltd>
[使用迅雷下载]
  <C:\Program Files\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <d:\Tencent\QQ\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 436][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 496][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\1707E7B.DLL]  [, ]
[PID: 520][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\1707E7B.DLL]  [, ]
[PID: 564][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LYMANGR.DLL]  [N/A, ]
    [C:\WINDOWS\system32\1707E7B.DLL]  [, ]
[PID: 1240][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\1707E7B.DLL]  [, ]
    [C:\WINDOWS\system32\GenProtect.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dll]  [N/A, ]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsPrint32D.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\496973MM.DLL]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\WINDOWS\496973WL.DLL]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
    [C:\WINDOWS\system32\Audiodev.dll]  [Microsoft Corporation, 5.2.3802.3802 built by: dnsrv(bld4act)]
[PID: 1612][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\1707E7B.DLL]  [, ]
    [C:\WINDOWS\system32\GenProtect.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dll]  [N/A, ]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsPrint32D.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
[PID: 1920][D:\123.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\Program Files\Rising\AntiSpyware\ieprot.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 12]
    [C:\WINDOWS\system32\LotusHlp.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsPrint32D.dll]  [N/A, ]
    [C:\WINDOWS\system32\NVDispDrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\Kvsc3.dll]  [N/A, ]
    [C:\WINDOWS\system32\GenProtect.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]

==================================

文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[C:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[D:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[E:\]
[AutoRun]
open=auto.exe
shell\open=打开(&O)
shell\open\Command=nhbivui.exe
shell\open\Default=1
shell\explore=资源管理器(&X)
shell\explore\Command=nhbivui.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[F:\]
[AutoRun]
open=auto.exe
shell\open=打开(&O)
shell\open\Command=nhbivui.exe
shell\open\Default=1
shell\explore=资源管理器(&X)
shell\explore\Command=nhbivui.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[G:\]
[AutoRun]
open=auto.exe
shell\open=打开(&O)
shell\open\Command=nhbivui.exe
shell\open\Default=1
shell\explore=资源管理器(&X)
shell\explore\Command=nhbivui.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe

==================================
HOSTS 文件
127.0.0.1      localhost
0.0.0.0 182838.com
0.0.0.0 204.177.92.68
0.0.0.0 asiafriendfinder.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 www.jpbeauty.com
0.0.0.0 beautishow.com
0.0.0.0 goodmovies88.com
0.0.0.0 hothack.home.chinaren.com
0.0.0.0 hualiao.net
0.0.0.0 iplus.allyes.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 asqin123.51.net
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 jjkafei.longcity.net
0.0.0.0 kaomm.8m.cn
0.0.0.0 l3iaoliao.com
0.0.0.0 l3iaoliao.com
0.0.0.0 lingaonbvm.myrice.com
0.0.0.0 lovejava.boy.net.cn
0.0.0.0 love7liao.com
0.0.0.0 babe520.5188.org
0.0.0.0 music.feifa.com
0.0.0.0 music.v111.com

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

注意：删除病毒可能会具有一定的危险性 所以强烈建议操作前要把重要资料转移至非系统分区！
打开sreng
启动项目 注册表 删除如下项目
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<nhbivui><; C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe> [N/A]
<mhlclyg><; C:\Program Files\Common Files\System\yyjnldu.exe> [N/A]
<AVPSrv><; C:\WINDOWS\AVPSrv.exE> []
<cmdbcs><; C:\WINDOWS\cmdbcs.exe> []
<DbgHlp32><; C:\WINDOWS\DbgHlp32.exe> []
<GenProtect><; C:\WINDOWS\GenProtect.exe> []
<Kvsc3><; C:\WINDOWS\Kvsc3.exE> []
<LotusHlp><; C:\WINDOWS\LotusHlp.exe> []
<mppds><; C:\WINDOWS\mppds.exe> []
<msccrt><; C:\WINDOWS\msccrt.exe> []
<MsIMMs32><; C:\WINDOWS\MsIMMs32.exE> []
<MsPrint32D><; C:\WINDOWS\MsPrint32D.exe> []
<NVDispDrv><; C:\WINDOWS\NVDispDRV.EXE> []
<upxdnd><; C:\WINDOWS\upxdnd.exe> []
<WinSysM><; C:\WINDOWS\496973M.exe> [N/A]
<WinSysW><; C:\WINDOWS\496973L.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<MSDEG32><LYLoader.exe> []
<MSDWG32><LYLoadbr.exe> [N/A]
<MSDCG32 ><LYLeador.exe> [N/A]
<MSDOG32><LYLoador.exe> [N/A]
<MSDSG32><LYLoadar.exe> [N/A]
<MSDMG32><LYLoadmr.exe> [N/A]
<MSDHG32><LYLoadhr.exe> [N/A]
<MSDQG32><LYLoadqr.exe> [N/A]

“启动项目”-“服务”-“Win32服务应用程序”中点“隐藏经认证的微软项目”，
选中以下项目，点“删除服务”，再点“设置”，在弹出的框中点“否”：
[286EE121 / 286EE121][Stopped/Auto Start]
<C:\WINDOWS\system32\792405C6.EXE -k><>


用SRENG扫描工具删除以下驱动程序
[100133 / 100133][Running/Boot Start]
<\SystemRoot\System32\drivers\100133.sys><N/A>
[a0 / a0][Running/Boot Start]
<\SystemRoot\\SystemRoot\System32\drivers\100133.sys><N/A>

重启计算机进入安全模式下删除
<C:\WINDOWS\system32\792405C6.EXE -k><>
[C:\WINDOWS\system32\1707E7B.DLL] [, ]
[C:\WINDOWS\system32\LYMANGR.DLL] [N/A, ]
[C:\WINDOWS\system32\GenProtect.dll] [N/A, ]
[C:\WINDOWS\system32\Kvsc3.dll] [N/A, ]
[C:\WINDOWS\system32\AVPSrv.dll] [N/A, ]
[C:\WINDOWS\system32\mppds.dll] [N/A, ]
[C:\WINDOWS\system32\DbgHlp32.dll] [N/A, ]
[C:\WINDOWS\system32\NVDispDrv.dll] [N/A, ]
[C:\WINDOWS\system32\MsPrint32D.dll] [N/A, ]
[C:\WINDOWS\system32\cmdbcs.dll] [N/A, ]
[C:\WINDOWS\system32\upxdnd.dll] [N/A, ]
[C:\WINDOWS\496973MM.DLL] [N/A, ]
[C:\WINDOWS\system32\msccrt.dll] [N/A, ]
[C:\WINDOWS\system32\LotusHlp.dll] [N/A, ]
[C:\WINDOWS\496973WL.DLL] [N/A, ]
[C:\WINDOWS\system32\MsIMMs32.dll] [N/A, ]
<\SystemRoot\System32\drivers\100133.sys><N/A>
<\SystemRoot\\SystemRoot\System32\drivers\100133.sys><N/A>
<MSDEG32><LYLoader.exe> []
<MSDWG32><LYLoadbr.exe> [N/A]
<MSDCG32 ><LYLeador.exe> [N/A]
<MSDOG32><LYLoador.exe> [N/A]
<MSDSG32><LYLoadar.exe> [N/A]
<MSDMG32><LYLoadmr.exe> [N/A]
<MSDHG32><LYLoadhr.exe> [N/A]
<MSDQG32><LYLoadqr.exe> [N/A]
<nhbivui><; C:\Program Files\Common Files\Microsoft Shared\xnxlufi.exe> [N/A]
<mhlclyg><; C:\Program Files\Common Files\System\yyjnldu.exe> [N/A]
<AVPSrv><; C:\WINDOWS\AVPSrv.exE> []
<cmdbcs><; C:\WINDOWS\cmdbcs.exe> []
<DbgHlp32><; C:\WINDOWS\DbgHlp32.exe> []
<GenProtect><; C:\WINDOWS\GenProtect.exe> []
<Kvsc3><; C:\WINDOWS\Kvsc3.exE> []
<LotusHlp><; C:\WINDOWS\LotusHlp.exe> []
<mppds><; C:\WINDOWS\mppds.exe> []
<msccrt><; C:\WINDOWS\msccrt.exe> []
<MsIMMs32><; C:\WINDOWS\MsIMMs32.exE> []
<MsPrint32D><; C:\WINDOWS\MsPrint32D.exe> []
<NVDispDrv><; C:\WINDOWS\NVDispDRV.EXE> []
<upxdnd><; C:\WINDOWS\upxdnd.exe> []
<WinSysM><; C:\WINDOWS\496973M.exe> [N/A]
<WinSysW><; C:\WINDOWS\496973L.exe> [N/A]

用winrar清除每个盘符下的auto.exe和autorun.inf文件，修复hosts文件。

多谢楼上的~~  我去 弄下~~

老问题了

引用:

【tianxunmycool的贴子】老问题了 ………………

现在就是双击打开~ 硬盘  打开的是搜索框    这个怎么弄？？？

本人消失一会儿

超级巡警Ｕ盘免疫工具，有个修复磁盘关联。