瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 跪求,!今天中了病毒杀毒软件全部不打不开了。

12   1  /  2  页   跳转

[求助] 跪求,!今天中了病毒杀毒软件全部不打不开了。

收藏
大家帮忙下
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2009-06-09
  • 来自:
发表于: 2009-06-09 12:54 | 只看楼主 短消息 资料
字号: 1楼

跪求,!今天中了病毒杀毒软件全部不打不开了。

我在安全模式下 瑞星杀毒360全部打不开,我下了顽强360木马杀手也不行。

大家帮帮我啊,这个是我哥哥的电脑,弄烂了我不好说的啊。

跪求大家解决帮忙!

用户系统信息:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)
分享到:
gototop
 
夲號ヱ被ジ盜
头像
叱咤花甲狮
  • 帖子:7083
  • 注册: 2008-08-21
  • 来自:昆仑琼华派
论坛8周年活动礼物就爱不长大论坛9周年纪念冰激凌10温馨圣诞十周年国庆61周年十一周年勋章
发表于: 2009-06-09 12:54 | 短消息 资料
字号: 2楼

回复:跪求,!今天中了病毒杀毒软件全部不打不开了。

http://www.kztechs.com/sreng/download.html
SREng/智能扫描(记得勾选“检查进程的数字签名)
等扫描完成,
保存日志(LOG格式)
PS:如主程序SREng**.exe无法运行,
导致无法扫描日志将主程序改名为
我爱小狮子.bat或我爱小狮子.scr
gototop
 
大家帮忙下
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2009-06-09
  • 来自:
发表于: 2009-06-09 13:02 | 只看楼主 短消息 资料
字号: 3楼

回复:跪求,!今天中了病毒杀毒软件全部不打不开了。

[CODE]

2009-06-09,13:03:00

System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    API HOOK
    隐藏进程


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <PPS Accelerator><; >  [N/A]
    <Explorer><C:\WINDOWS\system32\drivers\TXP1atform.exe>  []
    <PPLiveVA><; >  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <High Definition Audio Property Page Shortcut><HDAShCut.exe>  [(Verified)Microsoft Windows XP Publisher]
    <SoundMAX><"C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray>  [Analog Devices, Inc.]
    <NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <NvMediaCenter><; RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [NVIDIA Corporation]
    <NeroFilterCheck><; C:\WINDOWS\system32\NeroCheck.exe>  [Nero AG]
    <RavTray><"E:\瑞星杀毒\Rising\Rav\RsTray.exe" -system>  []
    <360Safetray><E:\360杀毒\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <RFWTray><"E:\瑞星防火墙\Rising\RFW\RsTray.exe" -system>  []
    <nwiz><nwiz.exe /install>  []
    <Grid Service><"C:\Program Files\GridService\peer.exe" -n Grid>  [FS2YOU]
    <Super Rabbit SafeEdit><E:\超级兔子\MagicSet\SRFC.EXE /Load>  []
    <updater><C:\WINDOWS\system32\updater.exe>  [File is missing]
    <IMJPMIG8.1><; >  [N/A]
    <PHIME2002A><; >  [N/A]
    <PHIME2002ASync><; >  [N/A]
    <StormCodec_Helper><; >  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <ming9bstart><C:\WINDOWS\system\ming9b090423.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Infected) Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon,>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{FCA4D3BE-C6C7-4F4D-9CBD-CB2666647ACA}><C:\WINDOWS\system32\EN7hzSreCat8.dll>  []
    <{028A997C-4262-4107-BD46-2ABBC6143E8C}><C:\WINDOWS\system32\efc0c52cc1.dll>  []
    <{6101B532-3E30-49FB-8594-F9B22338FF4A}><C:\WINDOWS\system32\DcXb7abe.dll>  []
    <{3816D07B-D6F9-403B-B7D7-EDE52959341B}><C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll>  []
    <{A23CA53C-731F-4033-92E8-C1DFB4E71D34}><C:\WINDOWS\system32\JBn2ypqY23vWX.dll>  []
    <{76B9BA7A-81D0-4979-8598-8471F2AB5186}><C:\WINDOWS\system32\76B9BA7A.dll>  []
    <{54DA5754-2475-4B55-8DFA-D0327C8F4A9E}><C:\WINDOWS\system32\hhnt2pBK.dll>  []
    <{A0C86020-5935-4B87-B20E-0B656D450264}><C:\WINDOWS\system32\A0C86020.dll>  []
    <{08223B03-1B38-4A33-A83A-A4D3CC1D6E4E}><C:\WINDOWS\system32\08223B03.dll>  []
    <{704C3595-DB85-40F6-A601-8D6F346907BD}><C:\WINDOWS\system32\704C3595.dll>  []
    <{02845FCC-2BF4-4191-888D-18030FAA2074}><C:\WINDOWS\system32\UnsrA8Hec.dll>  []
    <{37C5D66A-8B1B-4545-8112-3751194F6A4A}><C:\WINDOWS\system32\taNjsFa2tT2Dh.dll>  []
    <{737858A9-9AEA-4838-9B49-54DA731F7F37}><C:\WINDOWS\system32\BMsg6pdMD4ht.dll>  []
    <{36AC68E6-0C26-4D39-B98E-54B49DAB6BAA}><C:\WINDOWS\system32\dhDhwS7fFW.dll>  []
    <{E4814792-EFA3-4C20-93D0-8B130A59F9A8}><C:\WINDOWS\system32\E4814792.dll>  []
    <{93EC6B33-16B4-4110-BBC1-8B4A20E321C5}><C:\WINDOWS\system32\uXrgQ8ZEp.dll>  []
    <{93DA1E7D-7C46-4F90-8674-EC90511FCA72}><C:\WINDOWS\system32\CDuAUVkGy9.dll>  []
    <{AF235511-A3CA-4AF6-BA10-C2D229B8A01B}><C:\WINDOWS\system32\t44y9a553NQ.dll>  []
    <{C722AD57-35DA-4460-8353-328372F32AB2}><C:\WINDOWS\system32\ufQCU5.dll>  []
    <{122B901E-493F-4AD9-BC69-7DE8C3E52FCC}><C:\WINDOWS\system32\122B901E.dll>  []
    <{11B10F7F-FB23-466D-BDC3-9591CF02EC17}><C:\WINDOWS\fonts\uXUsF2RrQy.fon>  []
    <{3D490B56-425C-4B8F-889E-0E391AD54DE8}><C:\WINDOWS\system32\wrGwvaDRB6M.dll>  []
    <{F653395D-C9C7-4026-ADD1-E88DD96BD650}><C:\WINDOWS\fonts\rsR933gQXyUh.fon>  []
    <{0D267113-499A-4EEF-998D-C45731C1B313}><C:\WINDOWS\system32\VnTU2WAqUcZA6.dll>  []
    <{51FC2309-B81E-4542-A0F1-E9A51297F2F4}><C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon>  []
    <{4679E74B-E5EE-458F-B613-2324AA1C817E}><C:\WINDOWS\system32\mR7Sg4vSx5TR.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360down.exe]
    <IFEO[360down.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360hotfix.exe]
    <IFEO[360hotfix.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360rpt.exe]
    <IFEO[360rpt.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safe.exe]
    <IFEO[360safe.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360safebox.exe]
    <IFEO[360safebox.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360tray.exe]
    <IFEO[360tray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360upp.exe]
    <IFEO[360upp.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentsvr.exe]
    <IFEO[agentsvr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\apvxdwin.exe]
    <IFEO[apvxdwin.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ast.exe]
    <IFEO[ast.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe]
    <IFEO[avcenter.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avengine.exe]
    <IFEO[avengine.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe]
    <IFEO[avgnt.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe]
    <IFEO[avguard.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avltmain.exe]
    <IFEO[avltmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe]
    <IFEO[avp.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp32.exe]
    <IFEO[avp32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avtask.exe]
    <IFEO[avtask.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdagent.exe]
    <IFEO[bdagent.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdwizreg.exe]
    <IFEO[bdwizreg.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\boxmod.exe]
    <IFEO[boxmod.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccapp.exe]
    <IFEO[ccapp.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccenter.exe]
gototop
 
大家帮忙下
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2009-06-09
  • 来自:
发表于: 2009-06-09 13:03 | 只看楼主 短消息 资料
字号: 4楼

回复:跪求,!今天中了病毒杀毒软件全部不打不开了。

<IFEO[ccenter.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccevtmgr.exe]
    <IFEO[ccevtmgr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccregvfy.exe]
    <IFEO[ccregvfy.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccsetmgr.exe]
    <IFEO[ccsetmgr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cqw32.exe]
    <IFEO[cqw32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DrvAnti.exe]
    <IFEO[DrvAnti.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe]
    <IFEO[egui.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe]
    <IFEO[ekrn.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\enc98.EXE]
    <IFEO[enc98.EXE]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\extdb.exe]
    <IFEO[extdb.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frameworkservice.exe]
    <IFEO[frameworkservice.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\frwstub.exe]
    <IFEO[frwstub.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guardfield.exe]
    <IFEO[guardfield.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iparmor.exe]
    <IFEO[iparmor.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kaccore.exe]
    <IFEO[kaccore.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kasmain.exe]
    <IFEO[kasmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kav32.exe]
    <IFEO[kav32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavstart.exe]
    <IFEO[kavstart.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavsvc.exe]
    <IFEO[kavsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kavsvcui.exe]
    <IFEO[kavsvcui.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kislnchr.exe]
    <IFEO[kislnchr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kissvc.exe]
    <IFEO[kissvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kmailmon.exe]
    <IFEO[kmailmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\knownsvr.exe]
    <IFEO[knownsvr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kpfw32.exe]
    <IFEO[kpfw32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kpfwsvc.exe]
    <IFEO[kpfwsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kregex.exe]
    <IFEO[kregex.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvfw.exe]
    <IFEO[kvfw.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvmonxp.exe]
    <IFEO[kvmonxp.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvmonxp.kxp]
    <IFEO[kvmonxp.kxp]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvol.exe]
    <IFEO[kvol.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvprescan.exe]
    <IFEO[kvprescan.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvsrvxp.exe]
    <IFEO[kvsrvxp.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvwsc.exe]
    <IFEO[kvwsc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kvxp.kxp]
    <IFEO[kvxp.kxp]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kwatch.exe]
    <IFEO[kwatch.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\livesrv.exe]
    <IFEO[livesrv.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\makereport.exe]
    <IFEO[makereport.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcagent.exe]
    <IFEO[mcagent.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcdash.exe]
    <IFEO[mcdash.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcdetect.exe]
    <IFEO[mcdetect.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcshield.exe]
    <IFEO[mcshield.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mctskshd.exe]
    <IFEO[mctskshd.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsescn.exe]
    <IFEO[mcvsescn.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsshld.exe]
    <IFEO[mcvsshld.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mghtml.exe]
    <IFEO[mghtml.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\naprdmgr.exe]
    <IFEO[naprdmgr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapsvc.exe]
    <IFEO[navapsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navapw32.exe]
    <IFEO[navapw32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\navw32.exe]
    <IFEO[navw32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nmain.exe]
    <IFEO[nmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32.exe]
    <IFEO[nod32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32krn.exe]
    <IFEO[nod32krn.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nod32kui.exe]
    <IFEO[nod32kui.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\npfmntor.exe]
    <IFEO[npfmntor.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oasclnt.exe]
    <IFEO[oasclnt.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pavsrv51.exe]
    <IFEO[pavsrv51.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pfw.exe]
    <IFEO[pfw.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psctrls.exe]
    <IFEO[psctrls.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psimreal.exe]
    <IFEO[psimreal.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\psimsvc.exe]
    <IFEO[psimsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qqdoctormain.exe]
    <IFEO[qqdoctormain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ras.exe]
    <IFEO[ras.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravmon.exe]
    <IFEO[ravmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravmond.exe]
    <IFEO[ravmond.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravstub.exe]
    <IFEO[ravstub.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ravtask.exe]
    <IFEO[ravtask.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwcfg.exe]
    <IFEO[rfwcfg.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwmain.exe]
    <IFEO[rfwmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwproxy.exe]
    <IFEO[rfwproxy.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rfwsrv.exe]
    <IFEO[rfwsrv.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsagent.exe]
    <IFEO[rsagent.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsmain.exe]
    <IFEO[rsmain.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rsnetsvr.exe]
    <IFEO[rsnetsvr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rssafety.exe]
    <IFEO[rssafety.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstray.exe]
    <IFEO[rstray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safebank.exe]
    <IFEO[safebank.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safeboxtray.exe]
    <IFEO[safeboxtray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scan32.exe]
    <IFEO[scan32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scanfrm.exe]
    <IFEO[scanfrm.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sched.exe]
    <IFEO[sched.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\seccenter.exe]
    <IFEO[seccenter.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\secnotifier.exe]
    <IFEO[secnotifier.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SetupLD.exe]
    <IFEO[SetupLD.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\shstat.exe]
    <IFEO[shstat.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\smartup.exe]
    <IFEO[smartup.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sndsrvc.exe]
    <IFEO[sndsrvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spbbcsvc.exe]
    <IFEO[spbbcsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symlcsvc.exe]
    <IFEO[symlcsvc.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbmon.exe]
    <IFEO[tbmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tmp6.exe]
    <IFEO[tmp6.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uihost.exe]
    <IFEO[uihost.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ulibcfg.exe]
    <IFEO[ulibcfg.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\updaterui.exe]
    <IFEO[updaterui.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\uplive.exe]
    <IFEO[uplive.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vcr32.exe]
    <IFEO[vcr32.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vcrmon.exe]
    <IFEO[vcrmon.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vptray.exe]
    <IFEO[vptray.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vsserv.exe]
    <IFEO[vsserv.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vstskmgr.exe]
    <IFEO[vstskmgr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vstskmgr.exe ]
    <IFEO[vstskmgr.exe ]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\webproxy.exe]
    <IFEO[webproxy.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xcommsvr.exe]
    <IFEO[xcommsvr.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\xnlscn.exe]
    <IFEO[xnlscn.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\修复工具.exe]
    <IFEO[修复工具.exe]><ntsd -d>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\修复工具.exe>貉wX韰]
    <IFEO[修复工具.exe>貉wX韰]><ntsd -d>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Application Management / AppMgmt][Stopped/Auto Start]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->%SystemRoot%\System32\appmgmts.dll><N/A>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
  <E:\影音风暴\Storm2009_531\stormliv.exe /asservice><北京暴风网际科技有限公司>
[ClipBook / ClipSrv][Stopped/Auto Start]
  <C:\WINDOWS\java\classes\CLIPORV.exe><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[LightScribeService Direct Disc Labeling Service / LightScribeService][Running/Auto Start]
  <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Microsoft Device Logical / porting][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k "porting"-->C:\WINDOWS\system32\4ce0a.dll><Microsoft Corporation>
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
  <E:\瑞星杀毒\Rising\Rav\CCENTER.EXE><N/A>
[Rising RavTask Manager / RavTask][Stopped/Auto Start]
  <"E:\瑞星杀毒\Rising\Rav\RavTask.exe" RavTask><N/A>
[Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start]
  <E:\瑞星防火墙\Rising\RFW\CCENTER.EXE><N/A>
[Rising Personal Firewall Service / RfwService][Stopped/Auto Start]
  <E:\瑞星防火墙\Rising\RFW\rfwsrv.exe><N/A>
[Rising RfwTask Manager / RfwTask][Stopped/Auto Start]
  <"E:\瑞星防火墙\Rising\RFW\RavTask.exe" RfwTask><N/A>
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
  <E:\瑞星杀毒\Rising\Rav\ScanFrm.exe><N/A>
gototop
 
大家帮忙下
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2009-06-09
  • 来自:
发表于: 2009-06-09 13:03 | 只看楼主 短消息 资料
字号: 5楼

回复:跪求,!今天中了病毒杀毒软件全部不打不开了。

驱动程序
[360FkAdv / 360FkAdv][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\360FkAdv.sys><N/A>
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
  <system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[AEAudio Service / AEAudioService][Running/Manual Start]
  <system32\drivers\AEAudio.sys><Andrea Electronics Corporation>
[AlcwWmDrv / AlcwWmDrv][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\AlcwWmDrv.sys><N/A>
[AmdK8 Compatible Device / AmdK8][Stopped/Manual Start]
  <System32\drivers\amdk8.sys><Advanced Micro Devices>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Stopped/Manual Start]
  <system32\drivers\HdAudio.sys><Windows (R) Server 2003 DDK provider>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[hookcont / hookcont][Running/System Start]
  <system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[hooksys / hooksys][Running/System Start]
  <system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[ialm / ialm][Stopped/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[iebe / iebe][Running/Boot Start]
  <\SystemRoot\system32\drivers\zgvlh.sys><N/A>
[Sony Ericsson 750 driver (WDM) / k750bus][Stopped/Manual Start]
  <system32\DRIVERS\k750bus.sys><N/A>
[Sony Ericsson 750 USB WMC Modem Filter / k750mdfl][Stopped/Manual Start]
  <system32\DRIVERS\k750mdfl.sys><N/A>
[Sony Ericsson 750 USB WMC Modem Drivers / k750mdm][Stopped/Manual Start]
  <system32\DRIVERS\k750mdm.sys><N/A>
[Sony Ericsson 750 USB WMC Device Management Drivers / k750mgmt][Stopped/Manual Start]
  <system32\DRIVERS\k750mgmt.sys><N/A>
[Sony Ericsson 750 USB WMC OBEX Interface Drivers / k750obex][Stopped/Manual Start]
  <system32\DRIVERS\k750obex.sys><N/A>
[KAVBootC / KAVBootC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[KAVSafe / KAVSafe][Stopped/Auto Start]
  <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
[klan / klan][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\klan.sys><N/A>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ASACPI.sys><>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[NPPTNT2 / NPPTNT2][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[pcidump / pcidump][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\pcidump.sys><N/A>
[PnpWmkDrv / PnpWmkDrv][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys><Windows (R) 2000 DDK provider>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[qq2 / qq2][Stopped/Manual Start]
  <\??\C:\Program Files\Internet Explorer\002.tmp><N/A>
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
  <system32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
  <\??\E:\瑞星防火墙\Rising\RFW\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rsfwdrv / rsfwdrv][Running/System Start]
  <\??\E:\瑞星防火墙\Rising\RFW\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[RsProtect / RsProtect][Running/System Start]
  <system32\drivers\RsPtect.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtenicxp.sys><Realtek Semiconductor Corporation>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys><360安全中心>
[SafeMon1 / SafeMon1][Running/System Start]
  <\??\C:\WINDOWS\e20fc07d.dat><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SenFilt Service / SenFiltService][Running/Manual Start]
  <system32\drivers\Senfilt.sys><Sensaura>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TesDrvPt / TesDrvPt][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesDrvPt.sys><TENCENT>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
[WmRegProDrv / WmRegProDrv][Stopped/Manual Start]
  <System32\Drivers\WmRegProDrv.sys><N/A>

==================================
浏览器加载项
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <E:\迅雷5\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <E:\迅雷5\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <E:\360杀毒\360safe\safemon\safemon.dll, (Signed) 360.CN>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <E:\迅雷5\Thunder.exe, (Signed) Thunder Networking Technologies,LTD>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <E:\迅雷5\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\WINDOWS\system32\dllcache\dhtmled.ocx, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <E:\迅雷5\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <E:\360杀毒\360safe\safemon\safemon.dll, (Signed) 360.CN>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx, (Signed) Adobe Systems, Inc.>
[&U使用纳米机器人下载并收藏]
  <E:\GG\NamiRobot\Data\du.html, N/A>

==================================
正在运行的进程
[PID: 912 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 968 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 992 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 1036 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1052 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1208 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\java\classes\CLIPORV.DLL]  [N/A, ]
    [C:\WINDOWS\system32\EN7hzSreCat8.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\A0C86020.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\system32\E4814792.dll]  [N/A, ]
    [C:\WINDOWS\system32\uXrgQ8ZEp.dll]  [N/A, ]
    [C:\WINDOWS\system32\CDuAUVkGy9.dll]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\ufQCU5.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\wrGwvaDRB6M.dll]  [N/A, ]
    [C:\WINDOWS\fonts\rsR933gQXyUh.fon]  [N/A, ]
    [C:\WINDOWS\system32\VnTU2WAqUcZA6.dll]  [N/A, ]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
[PID: 1284 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 1484 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\COMRes.dll]  [N/A, ]
    [c:\windows\system32\appmgmts.dll]  [N/A, ]
    [C:\WINDOWS\System32\mscoree.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
    [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorie.dll]  [Microsoft Corporation, 2.0.50727.832 (QFE.050727-8300)]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
[PID: 1592 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1740 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 184 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
[PID: 416 / Administrator][C:\WINDOWS\explorer.exe]  [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\EN7hzSreCat8.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\A0C86020.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\system32\E4814792.dll]  [N/A, ]
    [C:\WINDOWS\system32\uXrgQ8ZEp.dll]  [N/A, ]
    [C:\WINDOWS\system32\CDuAUVkGy9.dll]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\ufQCU5.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\wrGwvaDRB6M.dll]  [N/A, ]
    [C:\WINDOWS\fonts\rsR933gQXyUh.fon]  [N/A, ]
    [C:\WINDOWS\system32\VnTU2WAqUcZA6.dll]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
    [C:\WINDOWS\system32\QCNt.dll]  [N/A, ]
    [C:\WINDOWS\java\classes\CLIPORV.DLL]  [N/A, ]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.10.8391]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.8391]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
[PID: 780 / Administrator][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp.tmp]  [N/A, ]
[PID: 352 / Administrator][C:\Program Files\Analog Devices\SoundMAX\Smax4.exe]  [Analog Devices, Inc., 5, 2, 0, 12]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
[PID: 1428 / Administrator][C:\Program Files\GridService\peer.exe]  [FS2YOU, 2, 1, 10, 8366]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
[PID: 1504 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
[PID: 1012 / Administrator][E:\PPS\PPStream\ppsap.exe]  [PPStream Inc, 1, 0, 11, 171]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [e:\PPS\PPStream\1.1.0.2663\vodnet.dll]  [PPStream Inc., 1, 0, 11, 209]
    [e:\PPS\PPStream\1.1.0.2663\vodres.dll]  [PPStream Inc., 1, 0, 11, 209]
    [e:\PPS\PPStream\1.1.0.2663\ppssg.dll]  [PPStream Inc., 1, 0, 11, 192]
    [e:\PPS\PPStream\1.1.0.2663\fds.dll]  [PPStream Inc., 1, 0, 0, 101]
[PID: 1948 / Administrator][C:\WINDOWS\system32\conime.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
gototop
 
大家帮忙下
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2009-06-09
  • 来自:
发表于: 2009-06-09 13:05 | 只看楼主 短消息 资料
字号: 6楼

回复:跪求,!今天中了病毒杀毒软件全部不打不开了。

[C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
[PID: 3756 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2376 / SYSTEM][E:\影音风暴\Storm2009_531\stormliv.exe]  [北京暴风网际科技有限公司, 3, 9, 5, 22]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [E:\影音风暴\Storm2009_531\bfoptdll.dll]  [北京暴风网际科技有限公司, 3, 8, 7, 16]
    [E:\影音风暴\Storm2009_531\box\BoxLog.dll]  [北京暴风网际科技有限公司, 3, 9, 2, 19]
[PID: 3500 / SYSTEM][C:\Program Files\Common Files\LightScribe\LSSrvc.exe]  [Hewlett-Packard Company, 1.4.109.1]
    [C:\Program Files\Common Files\LightScribe\LSSProxy.dll]  [Hewlett-Packard Company, 1.4.109.1]
    [C:\Program Files\Common Files\LightScribe\LSLog.dll]  [Hewlett-Packard Company, 1.4.109.1]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_0de06acd\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
[PID: 4004 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.8391]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1956 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\windows\system32\4ce0a.dll]  [Microsoft Corporation, 1, 0, 0, 1]
[PID: 2284 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
[PID: 272 / Administrator][D:\ctfmen.exe]  [Microsoft Corporation, 5.01.0026]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\vb6chs.dll]  [Microsoft Corporation, 6.00.8988]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\WINDOWS\system32\uXrgQ8ZEp.dll]  [N/A, ]
[PID: 1120 / Administrator][C:\WINDOWS\system32\drivers\TXP1atform.exe]  [N/A, ]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\EN7hzSreCat8.dll]  [N/A, ]
    [C:\WINDOWS\system32\A0C86020.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\system32\E4814792.dll]  [N/A, ]
    [C:\WINDOWS\system32\uXrgQ8ZEp.dll]  [N/A, ]
    [C:\WINDOWS\system32\CDuAUVkGy9.dll]  [N/A, ]
    [C:\WINDOWS\system32\ufQCU5.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrGwvaDRB6M.dll]  [N/A, ]
    [C:\WINDOWS\fonts\rsR933gQXyUh.fon]  [N/A, ]
    [C:\WINDOWS\system32\VnTU2WAqUcZA6.dll]  [N/A, ]
[PID: 1896 / Administrator][C:\WINDOWS\system32\cmd.exe]  [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
[PID: 2616 / Administrator][C:\Program Files\GridService\peeradapter.exe]  [FS2YOU, 2, 1, 10, 8366]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
[PID: 392 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [E:\迅雷5\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.34]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [E:\360杀毒\360safe\safemon\safemon.dll]  [360.CN, 5, 0, 0, 1010]
    [C:\WINDOWS\system32\mshtml.dll]  [Microsoft Corporation, 6.00.2900.3492 (xpsp_sp2_gdr.081212-1610)]
    [C:\WINDOWS\system\VchE7.tmp]  [N/A, ]
    [C:\WINDOWS\system\Vch1.tmp]  [N/A, ]
    [C:\WINDOWS\system\Vch3.tmp]  [N/A, ]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\WINDOWS\system32\uXrgQ8ZEp.dll]  [N/A, ]
    [C:\WINDOWS\system32\WINABCX.IME]  [PKUETI, 5.22.216]
    [E:\瑞星杀毒\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.74]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx]  [Adobe Systems, Inc., 10,0,12,36]
    [C:\WINDOWS\system32\WINWB86.IME]  [Microsoft Corporation, 4.00.950]
    [E:\迅雷5\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 120]
    [C:\WINDOWS\system32\EN7hzSreCat8.dll]  [N/A, ]
    [C:\WINDOWS\system32\A0C86020.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\system32\E4814792.dll]  [N/A, ]
    [C:\WINDOWS\system32\CDuAUVkGy9.dll]  [N/A, ]
    [C:\WINDOWS\system32\ufQCU5.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrGwvaDRB6M.dll]  [N/A, ]
    [C:\WINDOWS\fonts\rsR933gQXyUh.fon]  [N/A, ]
    [C:\WINDOWS\system32\VnTU2WAqUcZA6.dll]  [N/A, ]
[PID: 6060 / Administrator][E:\迅雷5\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.8.9.662]
    [E:\迅雷5\Program\BugReport.dll]  [Thunder Networking Technologies,LTD, 1, 4, 1, 20]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\迅雷5\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 10, 73]
    [E:\迅雷5\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 3, 4, 2, 333]
    [E:\迅雷5\Program\mp.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 5]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [E:\迅雷5\Program\asyn_frame.dll]  [Thunder Networking Technologies,LTD, 1, 3, 2, 32]
    [E:\迅雷5\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [E:\迅雷5\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 5, 2, 25]
    [E:\迅雷5\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 12]
gototop
 
byxxdrls
头像
卡卡反病毒小组
  • 帖子:1029
  • 注册: 2008-06-19
  • 来自:
发表于: 2009-06-09 13:06 | 短消息 资料
字号: 7楼

回复:跪求,!今天中了病毒杀毒软件全部不打不开了。

木马群,建议先用金山急救箱解决。http://bbs.duba.net/thread-21989211-1-1.html
gototop
 
大家帮忙下
头像
初生襁褓狮
  • 帖子:9
  • 注册: 2009-06-09
  • 来自:
发表于: 2009-06-09 13:06 | 只看楼主 短消息 资料
字号: 8楼

回复:跪求,!今天中了病毒杀毒软件全部不打不开了。

[C:\WINDOWS\system32\VnTU2WAqUcZA6.dll]  [N/A, ]
[PID: 6060 / Administrator][E:\迅雷5\Program\Thunder5.exe]  [Thunder Networking Technologies,LTD, 5.8.9.662]
    [E:\迅雷5\Program\BugReport.dll]  [Thunder Networking Technologies,LTD, 1, 4, 1, 20]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\迅雷5\Program\TaskManager.dll]  [Thunder Networking Technologies,LTD, 1, 3, 10, 73]
    [E:\迅雷5\Program\download_interface.dll]  [Thunder Networking Technologies,LTD, 3, 4, 2, 333]
    [E:\迅雷5\Program\mp.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 5]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [E:\迅雷5\Program\asyn_frame.dll]  [Thunder Networking Technologies,LTD, 1, 3, 2, 32]
    [E:\迅雷5\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [E:\迅雷5\Program\XLNet.Dll]  [Thunder Networking Technologies,LTD, 1, 5, 2, 25]
    [E:\迅雷5\Program\BHOStub.dll]  [Thunder Networking Technologies,LTD, 1, 1, 1, 12]
    [E:\迅雷5\Components\DownAndPlay\DownAndPlay.dll]  [, 1, 0, 12, 30]
    [E:\迅雷5\Program\backend_agent.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 27]
    [E:\迅雷5\Program\zlib1.dll]  [, 1.2.3]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [E:\迅雷5\Program\p2sp.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 59]
    [E:\迅雷5\Program\fs.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 17]
    [E:\迅雷5\Program\down_dispatcher.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 42]
    [E:\迅雷5\Program\ptl.dll]  [Thunder Networking Technologies,LTD, 3, 2, 2, 55]
    [E:\迅雷5\Program\dl_peer_id.dll]  [Thunder Networking Technologies,LTD, 3, 1, 2, 4]
    [E:\迅雷5\Program\xl_stat.dll]  [, 1, 0, 2, 7]
    [C:\WINDOWS\system32\uXrgQ8ZEp.dll]  [N/A, ]
    [E:\迅雷5\Program\iTargetAD.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 35]
    [C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx]  [Adobe Systems, Inc., 10,0,12,36]
    [C:\WINDOWS\system32\mshtml.dll]  [Microsoft Corporation, 6.00.2900.3492 (xpsp_sp2_gdr.081212-1610)]
    [C:\WINDOWS\system\VchE7.tmp]  [N/A, ]
    [C:\WINDOWS\system\Vch1.tmp]  [N/A, ]
    [C:\WINDOWS\system\Vch3.tmp]  [N/A, ]
    [E:\瑞星杀毒\Rising\Rav\RavScrCh.dll]  [Beijing Rising Information Technology Co., Ltd., 21.0.0.74]
    [E:\迅雷5\Program\p2p_upload.dll]  [Thunder Networking Technologies,LTD, 1,1,2,13]
    [E:\迅雷5\Program\p2p.dll]  [Thunder Networking Technologies,LTD, 1,1,2,48]
    [E:\迅雷5\Program\xldc.dll]  [Thunder Networking Technologies,LTD, 4, 0, 2, 28]
    [E:\迅雷5\Program\stream.dll]  [ShenZhen Thunder Networking Technologies,Ltd., 2, 1, 2, 1046]
    [E:\迅雷5\Program\p2p_local_res.dll]  [Thunder Networking Technologies,LTD, 1,1,2,18]
    [E:\迅雷5\Program\al.dll]  [Thunder Networking Technologies,LTD, 1,1,2,31]
    [E:\迅雷5\Program\media_data.dll]  [, 1, 0, 2, 7]
    [E:\迅雷5\Program\sl.dll]  [Thunder Networking Technologies,LTD, 1.0.2.2]
    [E:\迅雷5\Program\p2sp_pd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 5]
    [E:\迅雷5\Components\InMedia\iEmbedShell.dll]  [ShenZhen Thunder Networking Technologies,LTD, 3, 4, 12, 125]
    [E:\迅雷5\Components\InMedia\iEmbed22.dll]  [ShenZhen Thunder Networking Technologies,LTD, 3, 4, 12, 125]
    [E:\迅雷5\Components\InMedia\XLIPC.DLL]  [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [E:\迅雷5\Components\P4PClient\P4PClient.dll]  [Thunder Networking Technologies,LTD, 2, 2, 5, 70]
    [E:\迅雷5\Components\Community\XLCommunity.dll]  [Thunder Networking Technologies,LTD, 2, 6, 0, 104]
    [E:\迅雷5\Program\RegisterDll.dll]  [Thunder Networking Technologies,LTD, 2, 17, 0, 67]
    [E:\迅雷5\Program\MSVCIRT.dll]  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [E:\迅雷5\Program\XLNetU.Dll]  [Thunder Networking Technologies,LTD, 1, 5, 1, 24]
    [E:\迅雷5\Program\imdt.dll]  [Thunder Networking Technologies,LTD, 1.2.0.21]
    [E:\迅雷5\Components\Security\ThunderSafe.dll]  [Xunlei Networking Technologies,LTD, 2, 1, 8, 106]
    [E:\迅雷5\Components\Security\ConfigManager.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 0, 1]
    [E:\迅雷5\Components\Security\SafeManager.dll]  [Xunlei Networking Technologies,LTD, 1, 0, 5, 20]
    [E:\迅雷5\Components\Security\SafeStatistic.dll]  [Xunlei Networking Technologies,LTD, 1, 0, 0, 1]
    [E:\迅雷5\Plugins\XLSafeHost\XLSafeHost.dll]  [深圳市迅雷网络技术有限公司, 1, 2, 19, 106]
    [E:\迅雷5\Components\Search\XLSearch.dll]  [Thunder Networking Technologies,LTD, 1, 1, 7, 25]
    [E:\迅雷5\Program\LiveUpdate.dll]  [Thunder Networking Technologies,LTD, 1, 2, 4, 26]
    [E:\迅雷5\Plugins\NetGame\XLNetGame.dll]  [, 1, 0, 0, 2]
    [E:\迅雷5\Components\XLSoftBase\DrThunderHost.dll]  [深圳市迅雷网络技术有限公司, 1.0.0.17]
    [E:\迅雷5\Components\XLSoftBase\DrKernel.dll]  [深圳市迅雷网络技术有限公司, 1.0.0.8]
    [E:\迅雷5\Components\XLSoftBase\DrSoftIdentifier.dll]  [深圳市迅雷网络技术有限公司, 1.0.0.10]
    [E:\迅雷5\Components\XLSoftBase\DrUpdate.dll]  [深圳市迅雷网络技术有限公司, 1.1.0.8]
    [E:\迅雷5\Program\xldcsubtask.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 13]
    [E:\迅雷5\Components\ExplorerHelper\ExplorerHelper.dll]  [Thunder Networking Technologies,LTD, 1, 0, 4, 26]
    [E:\迅雷5\Components\InMedia\MediaAddin19.dll]  [ShenZhen Thunder Networking Technologies,LTD, 3, 1, 7, 82]
    [E:\迅雷5\Components\Tips\TipsClient.dll]  [Thunder Networking Technologies,LTD, 3, 0, 2, 131]
    [E:\迅雷5\Components\Tips\XLSkin.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 2]
    [E:\迅雷5\Program\emule_id.dll]  [, 1, 0, 2, 12]
    [E:\迅雷5\Components\VPSHELL\VPSHELL.dll]  [迅雷网络, 4, 0, 0, 38]
    [E:\迅雷5\Components\UserExperience\UserExperience.dll]  [Thunder Networking Technologies,LTD, 1, 0, 3, 5]
    [E:\迅雷5\Components\ResWorker\DsXlCom.dll]  [, 1, 0, 0, 30]
    [E:\迅雷5\Components\ResWorker\DataProcessor_00.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [E:\迅雷5\Components\ResWorker\MediaWorker.dll]  [Thunder Networking Technologies,LTD, 1, 2, 0, 22]
    [E:\迅雷5\Components\DownloadStat\DownloadStat.dll]  [Thunder Networking Technologies,LTD, 1, 4, 1, 6]
    [E:\迅雷5\Program\bd.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 20]
[PID: 5016 / Administrator][F:\不好\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.7.1.1261]
[PID: 5984 / Administrator][F:\不好\sreng2\SREf678ddc3.EXE]  [Smallfrogs Studio, 2.7.1.1261]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\jxinit.dat]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [F:\不好\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\system32\uXrgQ8ZEp.dll]  [N/A, ]
    [C:\WINDOWS\system32\COMRes.dll]  [N/A, ]
    [C:\WINDOWS\system32\EN7hzSreCat8.dll]  [N/A, ]
    [C:\WINDOWS\system32\A0C86020.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\system32\E4814792.dll]  [N/A, ]
    [C:\WINDOWS\system32\CDuAUVkGy9.dll]  [N/A, ]
    [C:\WINDOWS\system32\ufQCU5.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\system32\wrGwvaDRB6M.dll]  [N/A, ]
    [C:\WINDOWS\fonts\rsR933gQXyUh.fon]  [N/A, ]
    [C:\WINDOWS\system32\VnTU2WAqUcZA6.dll]  [N/A, ]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许: SeDebugPrivilege [PID = 352, C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 352, C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1428, C:\PROGRAM FILES\GRIDSERVICE\PEER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1428, C:\PROGRAM FILES\GRIDSERVICE\PEER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 4004, C:\WINDOWS\SYSTEM32\NVSVC32.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 272, D:\CTFMEN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 272, D:\CTFMEN.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 1120, C:\WINDOWS\SYSTEM32\DRIVERS\TXP1ATFORM.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1120, C:\WINDOWS\SYSTEM32\DRIVERS\TXP1ATFORM.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2616, C:\PROGRAM FILES\GRIDSERVICE\PEERADAPTER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2616, C:\PROGRAM FILES\GRIDSERVICE\PEERADAPTER.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 5016, F:\不好\SRENG2\SRENGLDR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 5016, F:\不好\SRENG2\SRENGLDR.EXE]

==================================
计划任务
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]
gototop
 
帅哥阿福
头像
雄霸杖朝狮
  • 帖子:21071
  • 注册: 2006-03-29
  • 来自:米兰
论坛8周年活动礼物祖国六十华诞09欢乐圣诞
发表于: 2009-06-09 13:10 | 短消息 资料
字号: 9楼

回复:跪求,!今天中了病毒杀毒软件全部不打不开了。

COMRes.dll文件被修改,从其他同版本操作系统上,复制此文件,覆盖到本机
下载文件批量提取工具提取下面文件
http://bbs.ikaka.com/attachment.aspx?attachmentid=486266
C:\WINDOWS\system32\drivers\TXP1atform.exe
C:\WINDOWS\system\ming9b090423.exe
C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon
C:\WINDOWS\system32\EN7hzSreCat8.dll
C:\WINDOWS\system32\efc0c52cc1.dll
C:\WINDOWS\system32\DcXb7abe.dll
C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll
C:\WINDOWS\system32\JBn2ypqY23vWX.dll
C:\WINDOWS\system32\76B9BA7A.dll
C:\WINDOWS\system32\hhnt2pBK.dll
C:\WINDOWS\system32\A0C86020.dll
C:\WINDOWS\system32\08223B03.dl
C:\WINDOWS\system32\704C3595.dl
C:\WINDOWS\system32\UnsrA8Hec.dll
C:\WINDOWS\system32\taNjsFa2tT2Dh.dll
C:\WINDOWS\system32\BMsg6pdMD4ht.dll
C:\WINDOWS\system32\dhDhwS7fFW.dll
C:\WINDOWS\system32\E4814792.dll
C:\WINDOWS\system32\uXrgQ8ZEp.dl
C:\WINDOWS\system32\CDuAUVkGy9.dll
C:\WINDOWS\system32\t44y9a553NQ.dll
C:\WINDOWS\system32\ufQCU5.dll
C:\WINDOWS\system32\122B901E.dll
C:\WINDOWS\fonts\uXUsF2RrQy.fon
C:\WINDOWS\system32\wrGwvaDRB6M.dll
C:\WINDOWS\fonts\rsR933gQXyUh.fon
C:\WINDOWS\system32\VnTU2WAqUcZA6.dll
C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon
C:\WINDOWS\system32\mR7Sg4vSx5TR.dl
system32\drivers\zgvlh.sys
C:\WINDOWS\system32\drivers\klan.sys
C:\Program Files\Internet Explorer\002.tmp
C:\WINDOWS\e20fc07d.dat
C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon
C:\WINDOWS\system32\COMRes.dll
C:\WINDOWS\java\classes\CLIPORV.DLL
C:\WINDOWS\system32\EN7hzSreCat8.dll
    [C:\WINDOWS\system32\efc0c52cc1.dll]  [N/A, ]
    [C:\WINDOWS\system32\DcXb7abe.dll]  [N/A, ]
    [C:\WINDOWS\system32\b4QcUJ5wmqh8wJCk.dll]  [N/A, ]
    [C:\WINDOWS\system32\JBn2ypqY23vWX.dll]  [N/A, ]
    [C:\WINDOWS\system32\76B9BA7A.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhnt2pBK.dll]  [N/A, ]
    [C:\WINDOWS\system32\A0C86020.dll]  [N/A, ]
    [C:\WINDOWS\system32\08223B03.dll]  [N/A, ]
    [C:\WINDOWS\system32\704C3595.dll]  [N/A, ]
    [C:\WINDOWS\system32\UnsrA8Hec.dll]  [N/A, ]
    [C:\WINDOWS\system32\taNjsFa2tT2Dh.dll]  [N/A, ]
    [C:\WINDOWS\system32\BMsg6pdMD4ht.dll]  [N/A, ]
    [C:\WINDOWS\system32\dhDhwS7fFW.dll]  [N/A, ]
    [C:\WINDOWS\system32\E4814792.dll]  [N/A, ]
    [C:\WINDOWS\system32\uXrgQ8ZEp.dll]  [N/A, ]
    [C:\WINDOWS\system32\CDuAUVkGy9.dll]  [N/A, ]
    [C:\WINDOWS\system32\t44y9a553NQ.dll]  [N/A, ]
    [C:\WINDOWS\system32\ufQCU5.dll]  [N/A, ]
    [C:\WINDOWS\system32\122B901E.dll]  [N/A, ]
    [C:\WINDOWS\fonts\uXUsF2RrQy.fon]  [N/A, ]
    [C:\WINDOWS\system32\wrGwvaDRB6M.dll]  [N/A, ]
    [C:\WINDOWS\fonts\rsR933gQXyUh.fon]  [N/A, ]
    [C:\WINDOWS\system32\VnTU2WAqUcZA6.dll]  [N/A, ]
    [C:\WINDOWS\fonts\z9gNwvuVDpyQqHSu.fon]  [N/A, ]
    [C:\WINDOWS\system32\mR7Sg4vSx5TR.dll]  [N/A, ]
[c:\windows\system32\appmgmts.dll]  [N/A, ]


上传病毒样本到可疑文件交流区,地址为:http://bbs.ikaka.com/showforum-20002.aspx
或者直接发送给瑞星的邮件服务中心【病毒样本】地址为:http://mailcenter.rising.com.cn/uploadnew.aspx

删除注册表键值HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
╭∩╮(︶︿︶)╭∩╮
gototop
 
夲號ヱ被ジ盜
头像
叱咤花甲狮
  • 帖子:7083
  • 注册: 2008-08-21
  • 来自:昆仑琼华派
论坛8周年活动礼物就爱不长大论坛9周年纪念冰激凌10温馨圣诞十周年国庆61周年十一周年勋章
发表于: 2009-06-09 13:12 | 短消息 资料
字号: 10楼

回复: 跪求,!今天中了病毒杀毒软件全部不打不开了。

MS有感染型
你下载后运行
都有一定的危险
系统文件被破坏
【先运行第一个,再重启运行第二个】
http://cu003.www.duba.net/duba/tools/dubatools/install.exe
http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/
先下载,然后断网
第一个是自动的
第二个用法:全NEXT安装
然后全打钩点Scan
gototop
 
<<上一主题|下一主题>>
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT