昨天才注意到瑞星的防火墙和杀毒软件均没有启动，当我双击图标时，防火墙不能启动，杀毒软件可以启动，但是不能常驻，点击小叉时他就关闭了。这是我无意中点了一下显示桌面，机器竟然重新启动了。我又去下载一个木马克星。安装完后，第一下启动还能看见软件的画面，不到几秒钟就报错关闭了。以后启动连软件都看不见就报错。请分析一下是怎么回事？不胜感激

请下载 System Repair Engineer，使用“智能扫描”，按下“扫描”按钮进行扫描，扫描完成后按下“保存报告”按钮保存报告日志文件（SREng.LOG），把保存的报告日志文件内容复制-粘贴上来
下载网址
http://www.kztechs.com/sreng/sreng2.zip
http://forum.ikaka.com/topic.asp?board=67&artid=5188931
日志一次粘不完，分次粘完，请不要修改。

2006-06-18,14:21:28

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [Microsoft Corporation]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit>  [NVIDIA Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [Microsoft Corporation]
    <Cmaudio><RunDll32 cmicnfg.cpl,CMICtrlWnd>  []
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <nwiz><nwiz.exe /install>  [NVIDIA Corporation]
    <anvshell><anvshell.exe>  [AsusTeK Computer Inc.]
    <LiveNote><livenote.exe>  []
    <HP Software Update><C:\Program Files\HP\HP Software Update\HPWuSchd2.exe>  [Hewlett-Packard Co.]
    <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [Microsoft Corporation]
    <RichMedia><C:\WINDOWS\System32\Rundll32.exe  "C:\PROGRA~1\hbclient\HBHelper.dll",WaitWindows>  [Shanghai Henbang Technology Co., Ltd]
    <ToP><C:\WINDOWS\LSASS.exe>  [jC9oQ]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [Microsoft Corporation]

==================================
启动文件夹
[Adobe Gamma Loader.exe]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Adobe Gamma Loader.exe.lnk><N>
[AutoCAD 启动加速器]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\AutoCAD 启动加速器.lnk><N>
[HP Digital Imaging Monitor]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\HP Digital Imaging Monitor.lnk><N>

==================================
服务
[Autodesk Licensing Service / Autodesk Licensing Service]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[Macromedia Licensing Service / Macromedia Licensing Service]
  <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><N/A>
[%NVSVC.name% / NVSvc]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Pml Driver HPZ12 / Pml Driver HPZ12]
  <C:\WINDOWS\System32\HPZipm12.exe><HP>
[Rising Personal Firewall Service / RfwService]
  <C:\Program Files\Rising\Rfw\rfwsrv.exe><N/A>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><N/A>

==================================
浏览器加载项
[AcroIEHlprObj Class]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[wmpdrm]
  {0E674588-66B7-4E19-9D0E-2053B800F69F} <C:\WINDOWS\System32\wmpdrm.dll, N/A>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\PROGRA~1\baidu\bar\BaiduBar.dll, Baidu.com, Inc.>
[HBObject Class]
  {AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1} <C:\PROGRA~1\hbclient\HBHelper.dll, Shanghai Henbang Technology Co., Ltd>
[shdocvwhlp Class]
  {BE442802-3911-46E0-B227-076B15A4EAD3} <C:\WINDOWS\System32\shdocvw2.dll, MicroCropration>
[CibaCtrl Class]
  {8DE0FCD4-5EB5-11D3-AD25-00002100131B} <C:\POWERW~1\POWERW~1\IEPlugin.dll, >
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[金山词霸]
  {9A687CA6-D585-4947-9ED9-BE96071F5CD9} <C:\POWERW~1\POWERW~1\XDictExB.dll, 金山软件股份有限公司>
[JoyoCtrl Class]
  {C8CE29C5-7589-11D3-B81B-0080C8DC5DC8} <C:\POWERW~1\POWERW~1\IEPlugin.dll, >
[@shdoclc.dll,-866]
  {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[电台(&R)]
  {8E718888-423F-11D2-876E-00A0C9082467} <C:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\PROGRA~1\baidu\bar\BaiduBar.dll, Baidu.com, Inc.>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>

正在运行的进程
[PID: 468][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 524][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 556][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 600][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 612][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 792][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 844][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 912][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1028][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1228][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
    [C:\WINDOWS\system32\HpTcpMon.dll]  <Hewlett Packard><5.01.00.011>
    [C:\WINDOWS\system32\hpzjrd01.dll]  <Hewlett Packard><2.01.00.001>
    [C:\WINDOWS\system32\HPTcpMUI.dll]  <Microsoft Corporation><5.01.00.011>
    [C:\WINDOWS\system32\hptcpmib.dll]  <Hewlett Packard><5.01.00.011>
    [C:\WINDOWS\system32\hpzsnt12.dll]  <HP><14.00.00.41711>
[PID: 1528][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\System32\AcSignIcon.dll]  <Autodesk><16.2.54.0>
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  <Autodesk><16.2.54.0>
    [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><6.0.1.2003110300>
    [C:\PROGRA~1\baidu\bar\BaiduBar.dll]  <Baidu.com, Inc.><2, 0, 2, 78>
    [C:\WINDOWS\System32\shdocvw2.dll]  <MicroCropration><1, 0, 0, 1>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\Common Files\Adobe\Shell\PSICON.DLL]  <Adobe Systems, Incorporated><6.0>
[PID: 1676][C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe]  <Autodesk><2.66.000>
[PID: 1716][C:\WINDOWS\System32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.5216>
[PID: 1804][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 1980][C:\WINDOWS\LSASS.exe]  <jC9oQ><0.00.0073>
[PID: 312][C:\WINDOWS\System32\RunDll32.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\system\cmicnfg.cpl]  <C-Media Corporation><1, 0, 41, 16>
    [C:\WINDOWS\System32\udaprop.dll]  <C-Media Corporation><1.0.2.2>
[PID: 460][C:\Program Files\HP\HP Software Update\HPWuSchd2.exe]  <Hewlett-Packard Co.><53.0.13.000>
[PID: 492][C:\WINDOWS\anvshell.exe]  <AsusTeK Computer Inc.><1.00.00>
    [C:\WINDOWS\System32\ANVIOCTL.DLL]  <AsusTeK Computer Inc.><1.00.00>
    [C:\WINDOWS\EIO.DLL]  <ASUSTek Computer Inc.,><1, 8, 7, 0>
[PID: 504][C:\WINDOWS\System32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 508][C:\WINDOWS\System32\Rundll32.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\PROGRA~1\hbclient\HBHelper.dll]  <Shanghai Henbang Technology Co., Ltd><1, 1, 3, 3>
[PID: 616][C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll]  <Hewlett-Packard Co.><50.0.206.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc]  <Hewlett-Packard Co.><50.0.206.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpqrif08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpodvd09.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpoddcomm09.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\WINDOWS\System32\hpzidr12.dll]  <HP><9, 0, 0, 0>
    [C:\WINDOWS\System32\hpzipr12.dll]  <HP><9, 0, 0, 0>
[PID: 824][C:\WINDOWS\System32\RUNDLL32.EXE]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\System32\NVMCTRAY.DLL]  <NVIDIA Corporation><6.14.10.5216>
[PID: 888][C:\WINDOWS\System32\conime.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 1388][C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpqmfc09.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpqtap08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpqcxm08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.rsc]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpqsti08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpqstp08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\WINDOWS\System32\hpzipr12.dll]  <HP><9, 0, 0, 0>
    [C:\WINDOWS\System32\hpzidr12.dll]  <HP><9, 0, 0, 0>
    [C:\Program Files\HP\Digital Imaging\bin\hpqsem08.rsc]  <Hewlett-Packard Co.><53.0.13.000>

[PID: 936][C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe]  <Hewlett-Packard Co.><53.0.13.000>
    [C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprbutil.dll]  <Hewlett-Packard Co.><53.0.13.000>
[PID: 1880][C:\WINDOWS\System32\wuauclt.exe]  <Microsoft Corporation><5.4.3630.1106 (xpsp1.020828-1920)>
[PID: 784][C:\Program Files\SkyNet\FireWall\PFW.exe]  <广州众达天网技术有限公司><2.7.7.1004>
    [C:\Program Files\SkyNet\FireWall\SKYMISC.DLL]  <N/A><N/A>
    [C:\Program Files\SkyNet\FireWall\COMPRESSWRAP.DLL]  <N/A><N/A>
[PID: 1476][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\System32\AcSignIcon.dll]  <Autodesk><16.2.54.0>
    [C:\PROGRA~1\baidu\bar\BaiduBar.dll]  <Baidu.com, Inc.><2, 0, 2, 78>
    [C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll]  <Adobe Systems Incorporated><6.0.1.2003110300>
    [C:\PROGRA~1\hbclient\HBHelper.dll]  <Shanghai Henbang Technology Co., Ltd><1, 1, 3, 3>
    [C:\WINDOWS\System32\shdocvw2.dll]  <MicroCropration><1, 0, 0, 1>
    [C:\WINDOWS\System32\macromed\flash\Flash.ocx]  <Macromedia, Inc.><7,0,14,0>
[PID: 2420][C:\Documents and Settings\yangxun\桌面\扫描软牛\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  Error. [WindowFiles]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  Error. ["C:\Program Files\Macromedia\Dreamweaver MX\Dreamweaver.exe" "%1"]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

<ToP><C:\WINDOWS\LSASS.exe> [jC9oQ]

参考:http://forum.ikaka.com/topic.asp?board=28&artid=7828861

处理完重装瑞星...