机子被无缘无故的变成了这样子，当然我也知道，没有无缘无故的事情

反正机子现在的症状是所有的安装程序都打不开，都被感染，然后不经意的会突然打开很

多网页，我也从没有上过那些网，当然机子的速度是其慢无比的，然后我从装了系统，更过分的出现了，只要在网上搜索杀毒，网业就自动关闭，包括现在搜索卡卡社区也一样。从朋友那找来江民，现在杀的可以上网求助了，但我还是不相信江民 ，知道他应该不能根治，我想问问到底是病毒，

还有一个症状是在工具拦选择显示隐藏文件，选择了后，但没有显示，然后你回去看设置，还是不显示，

高人们看看到底是什么病毒，我不扫描日志可以吗？好像扫描的也打不开了

有没有什么专杀之流的软件？


小弟在这跪下了

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <g56960z3keuqw><C:\DOCUME~1\c\LOCALS~1\Temp\c0nime.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <load><C:\WINDOWS\uninstall\rundl132.exe>  [N/A]
    <KVMON><C:\Program Files\JiangMin\AntiVirus\KVMonXP.kxp>  [Jiangmin Co.Ltd]
    <Microsoft Autorun5><C:\WINDOWS\system32\mosou.exe>  [N/A]
    <MsIMMs32><C:\WINDOWS\MsIMMs32.exe>  [N/A]
    <Microsoft Autorun12><C:\WINDOWS\system32\nwizzhuxians.exe>  [N/A]
    <Microsoft Autorun7><C:\WINDOWS\system32\nwiztlbu.exe>  []
    <Microsoft Autorun14><C:\WINDOWS\system32\ztinetzt.exe>  [N/A]
    <Microsoft Autorun4><C:\WINDOWS\system32\mydata.exe>  [N/A]
    <Microsoft Autorun1><C:\WINDOWS\system32\nwizdh.exe>  [N/A]
    <Microsoft Autorun11><C:\WINDOWS\system32\nwizwlwzs.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <MSDEG32><LYLoader.exe>  []
    <MSDWG32><LYLoadbr.exe>  [N/A]
    <MSDCG32    ><LYLeador.exe>  [N/A]
    <MSDOG32><LYLoador.exe>  [N/A]
    <MSDSG32><LYLoadar.exe>  [N/A]
    <MSDMG32><LYLoadmr.exe>  [N/A]
    <MSDHG32><LYLoadhr.exe>  [N/A]
    <MSDQG32><LYLoadqr.exe>  [N/A]
    <twin><C:\WINDOWS\system32\ctfnom.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{1496D5ED-7A09-46D0-8C92-B8E71A4304DF}><C:\WINDOWS\system32\scandisk.dll>  []
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\KVSCRK~1.SCR>  [Jiangmin Co., Ltd.]

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Win32 Debug Service / MSDebugsvc][Stopped/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe msdebug.dll,input><Microsoft Corporation>
[Remote Help Session Manager / Rasautol][Stopped/Auto Start]
  <C:\WINDOWS\system32\ntsokele.exe><N/A>
[KVSrvXP / KVSrvXP][Running/Auto Start]
  <C:\Program Files\JiangMin\AntiVirus\kvsrvxp.exe /Service><Jiangmin Co., Ltd.>
[KVWSC / KVWSC][Running/Auto Start]
  <"C:\Program Files\JiangMin\AntiVirus\KVWSC.exe"><Jiangmin Co.,Ltd>

==================================
驱动程序
[Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Running/Manual Start]
  <system32\drivers\es1371mp.sys><Creative Technology Ltd.>
[HdFw_slot / HdFw_slot][Running/Manual Start]
  <\??\C:\PROGRA~1\JiangMin\KVFW\HdFw.sys><Jiangmin Co., Ltd.>
[IR Enumerator Service / IRENUM][Stopped/Manual Start]
  <system32\DRIVERS\irenum.sys><N/A>
[KPGuard / KPGuard][Running/System Start]
  <\??\C:\PROGRA~1\JiangMin\ANTIVI~1\KPGuard.sys><Jiangmin Co., Ltd.>
[KRegEx / KRegEx][Running/System Start]
  <\??\C:\PROGRA~1\JiangMin\ANTIVI~1\KRegEx.sys><Jiangmin Co. Ltd.>
[KSysMon / KSysMon][Running/System Start]
  <\??\C:\PROGRA~1\JiangMin\ANTIVI~1\KSysMon.sys><Jiangmin Co. Ltd.>
[KVDP / KVDP][Running/Disabled]
  <\??\C:\Program Files\JiangMin\AntiVirus\KVDP.sys><Jiangmin Co., Ltd.>
[KVRedir / KVRedir][Running/Disabled]
  <\??\C:\Program Files\JiangMin\AntiVirus\KVREDIR.SYS><Jiangmin Co., Ltd.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[Netgroup Packet Filter / NPF][Running/Manual Start]
  <system32\drivers\npf.sys><CACE Technologies>
[BsDeamon / BsDeamon][Running/System Start]
  <\??\C:\PROGRA~1\JiangMin\ANTIVI~1\BsDeamon.sys><Jiangmin Co.,Ltd.>
[KSysFilter / KSysFilter][Running/Boot Start]
  <\SystemRoot\System32\Drivers\KSysFilt.sys><Jiangmin Co. Ltd.>
[KAnalyser / KAnalyser][Stopped/System Start]
  <\??\C:\PROGRA~1\JiangMin\ANTIVI~1\KANALY~1.SYS><Jiangmin Co.,Ltd.>

==================================
浏览器加载项
[BrowseHelper Class]
  {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[同花顺]
  {39852EFE-325B-45ef-9A60-3DBECD2DDDD5} <C:\WINDOWS\system32\thsbar.dll, 同花顺>
[江民杀毒工具栏]
  {B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[同花顺]
  {39852EFE-325B-45EF-9A60-3DBECD2DDDD5} <C:\WINDOWS\system32\thsbar.dll, 同花顺>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[BrowseHelper Class]
  {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[江民杀毒工具栏]
  {B5A34A93-D538-43A7-8371-864CB6148D12} <C:\Program Files\JiangMin\AntiVirus\KVshell.dll, Jiangmin Co.Ltd>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\flash.ocx, Macromedia, Inc.>

==================================
正在运行的进程
[PID: 492][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 556][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 580][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 624][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\LYMANGR.DLL]  [N/A, ]
[PID: 636][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 796][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\zwgfx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wuhdd.dll]  [N/A, ]
    [C:\WINDOWS\system32\htysx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wtfsm.dll]  [N/A, ]
    [C:\WINDOWS\system32\weftl.dll]  [N/A, ]
[PID: 844][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 932][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1004][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1056][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1452][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1556][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\zwgfx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wuhdd.dll]  [N/A, ]
    [C:\WINDOWS\system32\htysx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wtfsm.dll]  [N/A, ]
    [C:\WINDOWS\system32\weftl.dll]  [N/A, ]
[PID: 1664][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\zwgfx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wuhdd.dll]  [N/A, ]
    [C:\WINDOWS\system32\htysx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wtfsm.dll]  [N/A, ]
    [C:\WINDOWS\system32\weftl.dll]  [N/A, ]
[PID: 1116][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1972][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msdebug.dll]  [N/A, ]
[PID: 112][C:\WINDOWS\system32\nslookupi.exe]  [N/A, ]
    [C:\WINDOWS\system32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\system32\WPCAP.DLL]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\system32\packet.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\system32\WanPacket.dll]  [CACE Technologies, 3, 1, 0, 27]
    [C:\WINDOWS\system32\ztinetzt.dll]  [N/A, ]
    [C:\WINDOWS\system32\MOSOU.dll]  [N/A, ]
[PID: 1488][C:\Program Files\同花顺核新\hexin.exe]  [上海核新软件技术有限公司, 2007, 5, 17, 1]
    [C:\WINDOWS\system32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\system32\moyu103.dll]  [N/A, ]
    [C:\WINDOWS\system32\zwgfx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wuhdd.dll]  [N/A, ]
    [C:\WINDOWS\system32\htysx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wtfsm.dll]  [N/A, ]

[C:\WINDOWS\system32\weftl.dll]  [N/A, ]
    [C:\WINDOWS\system32\winwb86.ime]  [Microsoft Corporation, 4.00.950]
    [C:\WINDOWS\system32\winabc.ime]  [PKUETI, 5.22.216]
[PID: 340][C:\Program Files\同花顺核新\zdsj.exe]  [上海核新软件技术有限公司, 2007, 3, 16, 0]
    [C:\WINDOWS\system32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\system32\zwgfx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wuhdd.dll]  [N/A, ]
    [C:\WINDOWS\system32\htysx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wtfsm.dll]  [N/A, ]
    [C:\WINDOWS\system32\weftl.dll]  [N/A, ]
[PID: 3408][C:\WINDOWS\system32\DllHost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msdebug.dll]  [N/A, ]
    [C:\Program Files\JiangMin\common\ComUI.dll]  [Jiangmin Co,.Ltd, 1, 0, 7, 112]
    [C:\Program Files\JiangMin\common\ComUIPS.dll]  [Jiangmin Co.Ltd, 1.0.0.808]
    [C:\WINDOWS\system32\zwgfx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wuhdd.dll]  [N/A, ]
    [C:\WINDOWS\system32\htysx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wtfsm.dll]  [N/A, ]
    [C:\WINDOWS\system32\weftl.dll]  [N/A, ]
    [C:\WINDOWS\system32\HiveBase.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 226]
    [C:\Program Files\JiangMin\common\GUIEXT.DLL]  [Jiangmin Co.Ltd, 1, 0, 6, 1201]
    [C:\Program Files\JiangMin\common\lang\guiext0804.lng]  [JiangMin Ltd., 7, 1, 0, 200]
[PID: 3972][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\JiangMin\AntiVirus\KVshell.dll]  [Jiangmin Co.Ltd, 1, 0, 7, 319]
    [C:\WINDOWS\system32\HiveBase.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 226]
    [C:\Program Files\JiangMin\AntiVirus\lang\kvxp0804.lng]  [N/A, ]
    [C:\WINDOWS\system32\csv.dll]  [N/A, ]
    [C:\WINDOWS\system32\weftl.dll]  [N/A, ]
    [C:\WINDOWS\system32\wtfsm.dll]  [N/A, ]
    [C:\WINDOWS\system32\htysx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wuhdd.dll]  [N/A, ]
    [C:\WINDOWS\system32\zwgfx.dll]  [N/A, ]
    [C:\Program Files\JiangMin\common\GUIEXT.DLL]  [Jiangmin Co.Ltd, 1, 0, 6, 1201]
    [C:\Program Files\JiangMin\common\lang\guiext0804.lng]  [JiangMin Ltd., 7, 1, 0, 200]
    [C:\WINDOWS\system32\scandisk.dll]  [N/A, ]
    [C:\WINDOWS\system32\msdmo.dll]  [, ]
    [C:\WINDOWS\system32\winwb86.ime]  [Microsoft Corporation, 4.00.950]
    [C:\WINDOWS\system32\winabc.ime]  [PKUETI, 5.22.216]
[PID: 2228][C:\Program Files\DayTV\player\ppcomm.exe]  [N/A, ]
    [C:\WINDOWS\system32\msdebug.dll]  [N/A, ]
    [C:\Program Files\JiangMin\AntiVirus\kvxp.kxp]  [Jiangmin Co.,Ltd, 1, 0, 7, 521]
    [C:\WINDOWS\system32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\system32\HiveBase.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 226]
    [C:\Program Files\JiangMin\AntiVirus\kvxpuw.dll]  [Jiangmin Co.,Ltd, 1, 0, 7, 521]
    [C:\Program Files\JiangMin\AntiVirus\lang\kvxp0804.lng]  [N/A, ]
    [C:\Program Files\JiangMin\common\GUIEXT.DLL]  [Jiangmin Co.Ltd, 1, 0, 6, 1201]
    [C:\Program Files\JiangMin\common\lang\guiext0804.lng]  [JiangMin Ltd., 7, 1, 0, 200]
    [C:\Program Files\JiangMin\AntiVirus\KvInterpreter.dll]  [Jiangmin Co., Ltd., 10, 0, 7, 417]
    [C:\Program Files\JiangMin\Kernel\EngFace.dll]  [Jiangmin Co., Ltd., 2, 0, 7, 412]
    [C:\Program Files\JiangMin\AntiVirus\VirusUpload.dll]  [, 2, 1, 7, 521]
    [C:\WINDOWS\system32\zwgfx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wuhdd.dll]  [N/A, ]
    [C:\WINDOWS\system32\htysx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wtfsm.dll]  [N/A, ]
    [C:\WINDOWS\system32\weftl.dll]  [N/A, ]
    [C:\Program Files\JiangMin\Kernel\Scan.dll]  [Jiangmin Co., Ltd., 2.0.7.119]
    [C:\Program Files\JiangMin\Kernel\Fix.dll]  [Jiangmin Co., Ltd., 10, 0, 7, 320]
    [C:\Program Files\JiangMin\AntiVirus\ScanSet.dll]  [Jiangmin Co., Ltd., 1, 0, 6, 1019]
    [C:\Program Files\JiangMin\AntiVirus\lang\scanset0804.lng]  [Jiangmin Co., Ltd., 1, 0, 6, 1019]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 312][C:\Program Files\JiangMin\AntiVirus\FrogAgent.exe]  [Jiangmin Co., Ltd., 10, 0, 6, 1106]
    [C:\WINDOWS\system32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\system32\HiveBase.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 226]
    [C:\Program Files\JiangMin\AntiVirus\lang\FrogRes0804.lng]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\zwgfx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wuhdd.dll]  [N/A, ]
    [C:\WINDOWS\system32\htysx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wtfsm.dll]  [N/A, ]
    [C:\WINDOWS\system32\weftl.dll]  [N/A, ]
[PID: 3700][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msdebug.dll]  [N/A, ]
    [C:\Program Files\JiangMin\AntiVirus\KVshell.dll]  [Jiangmin Co.Ltd, 1, 0, 7, 319]
    [C:\WINDOWS\system32\HiveBase.dll]  [Jiangmin Co., Ltd., 1, 0, 7, 226]
    [C:\Program Files\JiangMin\AntiVirus\lang\kvxp0804.lng]  [N/A, ]
    [C:\Program Files\JiangMin\common\GUIEXT.DLL]  [Jiangmin Co.Ltd, 1, 0, 6, 1201]
    [C:\Program Files\JiangMin\common\lang\guiext0804.lng]  [JiangMin Ltd., 7, 1, 0, 200]
    [C:\WINDOWS\system32\thsbar.dll]  [同花顺, 1, 3, 2, 0]
    [C:\WINDOWS\system32\zwgfx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wuhdd.dll]  [N/A, ]
    [C:\WINDOWS\system32\htysx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wtfsm.dll]  [N/A, ]
    [C:\WINDOWS\system32\weftl.dll]  [N/A, ]
    [C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
    [C:\WINDOWS\system32\macromed\flash\flash.ocx]  [Macromedia, Inc., 6,0,79,0]
    [C:\WINDOWS\system32\winwb86.ime]  [Microsoft Corporation, 4.00.950]
    [C:\WINDOWS\system32\winabc.ime]  [PKUETI, 5.22.216]
[PID: 916][C:\WINDOWS\system32\taskmgr.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\system32\zwgfx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wuhdd.dll]  [N/A, ]
    [C:\WINDOWS\system32\htysx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wtfsm.dll]  [N/A, ]
    [C:\WINDOWS\system32\weftl.dll]  [N/A, ]
[PID: 3560][D:\set up\sreng2412806\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]
    [C:\WINDOWS\system32\msdebug.dll]  [N/A, ]
    [C:\WINDOWS\system32\zwgfx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wuhdd.dll]  [N/A, ]
    [C:\WINDOWS\system32\htysx.dll]  [N/A, ]
    [C:\WINDOWS\system32\wtfsm.dll]  [N/A, ]
    [C:\WINDOWS\system32\weftl.dll]  [N/A, ]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

先到江民下载个威金专杀
然后安全模式 删除以下注册表和对应的文件
<g56960z3keuqw><C:\DOCUME~1\c\LOCALS~1\Temp\c0nime.exe> [N/A]
<load><C:\WINDOWS\uninstall\rundl132.exe> [N/A]
<Microsoft Autorun5><C:\WINDOWS\system32\mosou.exe> [N/A]
<MsIMMs32><C:\WINDOWS\MsIMMs32.exe> [N/A]
<Microsoft Autorun12><C:\WINDOWS\system32\nwizzhuxians.exe> [N/A]
<Microsoft Autorun7><C:\WINDOWS\system32\nwiztlbu.exe> []
<Microsoft Autorun14><C:\WINDOWS\system32\ztinetzt.exe> [N/A]
<Microsoft Autorun4><C:\WINDOWS\system32\mydata.exe> [N/A]
<Microsoft Autorun1><C:\WINDOWS\system32\nwizdh.exe> [N/A]
<Microsoft Autorun11><C:\WINDOWS\system32\nwizwlwzs.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
<MSDEG32><LYLoader.exe> []
<MSDWG32><LYLoadbr.exe> [N/A]
<MSDCG32 ><LYLeador.exe> [N/A]
<MSDOG32><LYLoador.exe> [N/A]
<MSDSG32><LYLoadar.exe> [N/A]
<MSDMG32><LYLoadmr.exe> [N/A]
<MSDHG32><LYLoadhr.exe> [N/A]
<MSDQG32><LYLoadqr.exe> [N/A]
<twin><C:\WINDOWS\system32\ctfnom.exe> [N
<UIHost><logonui.exe> []

删除服务
[Win32 Debug Service / MSDebugsvc][Stopped/Auto Start]
<C:\WINDOWS\system32\rundll32.exe msdebug.dll,input><Microsoft Corporation>
[Remote Help Session Manager / Rasautol][Stopped/Auto Start]
<C:\WINDOWS\system32\ntsokele.exe><N/A>

删除文件
[C:\WINDOWS\system32\LYMANGR.DLL] [N/A, ]
[C:\WINDOWS\system32\msdebug.dll] [N/A, ]
[C:\WINDOWS\system32\zwgfx.dll] [N/A, ]
[C:\WINDOWS\system32\wuhdd.dll] [N/A, ]
[C:\WINDOWS\system32\htysx.dll] [N/A, ]
[C:\WINDOWS\system32\wtfsm.dll] [N/A, ]
[C:\WINDOWS\system32\weftl.dll] [N/A, ]


清空这个文件夹C:\Documents and Settings\用户名\Local Settings\Temp
清空以后再用WinRAR 进 C:\Documents and Settings\用户名\Local Settings\Temp 看看里面还有没exe文件

如果有请回复一下

最后用威金专杀,全盘杀毒

好像是威金的一个变种

那下威金有用吗

引用:

【朝笑爱情的贴子】那下威金有用吗 ………………

我也不知道有没有用,试下吗,我也是个菜鸟.试下有没有用都回复一下,大家一起学习吗

没有用