在安全模式下,我用HJ修复它也不行啊.结束不了他啊.CPU运行率高达100%啊.一进系统就提示系统出现致命错误,稍后重启.郁闷死啊!
2006-09-17,14:10:02

System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 1 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\System32\ctfmon.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <kav><"D:\kav\avp.exe">  [Kaspersky Lab]
    <SKYNET Personal FireWall><C:\PROGRA~1\SkyNet\FireWall\pfw.exe>  [www.mumayi.net]
    <Cnmins><; C:\WINDOWS\rund1132.exe -t cnsmin.dll -r -c>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [Microsoft Corporation]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [Microsoft Corporation]
    <UIHost><logonui.exe>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><D:\ewido-setup_4.0\ewido anti-spyware 4.0\shellexecutehook.dll>  [Anti-Malware Development a.s.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\System32\klogon.dll>  [Kaspersky Lab]

==================================
启动文件夹
服务
[卡巴斯基反病毒软件6.0 / AVP]
  <D:\kav\avp.exe -r><Kaspersky Lab>
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard]
  <D:\ewido-setup_4.0\ewido anti-spyware 4.0\guard.exe><Anti-Malware Development a.s.>
[Windows Data Control / W32DTC]
  <C:\WINDOWS\System32\w32dtc.exe><N/A>

==================================
浏览器加载项
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[启动迅雷]
  {0062C9BD-B349-40DE-91A0-755F37ACD559} <C:\Program Files\Thunder.exe, Thunder Networking Technologies,LTD>
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\办公软件\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[&使用迅雷下载]
  <C:\Program Files\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Program\GetAllUrl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://D:\办公软件\OFFICE11\EXCEL.EXE/3000, N/A>
[用比特精灵下载(&B)]
  <D:\比特\BitSpirit\bsurl.htm, N/A>

==================================
正在运行的进程
[PID: 176][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 224][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 248][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\System32\klogon.dll]  <Kaspersky Lab><6.0.0.299>
[PID: 292][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 304][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 468][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 492][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 724][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [D:\ewido-setup_4.0\ewido anti-spyware 4.0\shellexecutehook.dll]  <Anti-Malware Development a.s.><4, 0, 0, 172>
[PID: 832][D:\kav\avp.exe]  <Kaspersky Lab><6.0.0.299>
    [D:\kav\pr_remote.dll]  <Kaspersky Lab><6.0.0.299>
    [D:\kav\FSSync.dll]  <Kaspersky Lab><6.0.5.0>
    [D:\kav\AVPGS.PPL]  <Kaspersky Lab><6.0.0.299>
    [D:\kav\prloader.dll]  <Kaspersky Lab><6.0.0.299>
    [D:\kav\prkernel.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\pxstub.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\params.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\winreg.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\tm.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\nfio.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\fsdrvplgn.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\bl.ppl]  <Kaspersky Lab><6.0.0.300>
    [d:\kav\wmihlpr.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\ndetect.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\crpthlpr.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\schedule.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\timer.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\thpimpl.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\lic60.ppl]  <Kaspersky Lab><6.0.0.300>
    [d:\kav\report.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\hashmd5.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\avs.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\avpmgr.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\wdiskio.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\avlib.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\avspm.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\avp3info.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\avpgui.ppl]  <Kaspersky Lab><6.0.0.300>
    [D:\kav\basegui.dll]  <Kaspersky Lab><6.0.0.300>
    [d:\kav\qb.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\inflate.ppl]  <Kaspersky Lab><6.0.0.16>
    [d:\kav\ods.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\buffer.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\dtreg.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\memscan.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\memmodsc.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\prutil.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\avp1.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\l_llio.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\btdisk.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\ichk2.ppl]  <Kaspersky Lab><6.0.0.300>
    [d:\kav\sfdb.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\icheckersa.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\hashcont.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\hccmp.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\uniarc.ppl]  <Kaspersky Lab><6.0.0.16>
    [d:\kav\minizip.ppl]  <Kaspersky Lab><6.0.0.16>
    [d:\kav\cab.ppl]  <Kaspersky Lab><6.0.0.16>
    [d:\kav\arj.ppl]  <Kaspersky Lab><6.0.0.16>
    [d:\kav\rar.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\lha.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\ntfsstrm.ppl]  <Kaspersky Lab><6.0.0.299>
    [d:\kav\iwgen.ppl]  <Kaspersky Lab><6.0.0.299>
[PID: 1168][C:\WINDOWS\System32\w32dtc.exe]  <N/A><N/A>
[PID: 1296][E:\SREng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

打开SREng 启动项目  注册表 删除
<Cnmins><; C:\WINDOWS\rund1132.exe -t cnsmin.dll -r -c> []

删除 C:\WINDOWS\rund1132.exe
启动项目  服务WIN32 删除
[Windows Data Control / W32DTC]
<C:\WINDOWS\System32\w32dtc.exe><N/A>
安全模式下删除C:\WINDOWS\System32\w32dtc.exe