[PID: 428][C:\Program Files\Mobiliti\Unplugged\BIN\MNUNET.EXE]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\NAWPROJ.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\NAWUSER.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUSYNCC.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\NAWRAS.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUNETSP.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNULOG.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\oaobsrvr.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUTRCAN.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNURES.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUFILE.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUINET.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\monuse.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUSYNCS.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\NAWUTIL.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\DTMPROXY.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\Program Files\Mobiliti\Unplugged\BIN\RSSU.DLL]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MBCSUDTM.DLL]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MBCSLDTM.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUCSAFE.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\DSSdelta.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
[PID: 988][C:\Program Files\CyberArmor\pcshelp.exe]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
[PID: 3188][C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe]  [Sun Microsystems, Inc., 5.0.60.5]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
[PID: 3228][C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe]  [N/A, N/A]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\Program Files\ThinkPad\PkgMgr\HOTKEY_2\tphk_2k.dll]  [N/A, N/A]
    [C:\WINNT\system32\Oemdspif.dll]  [ATI Technologies, Inc., 6.14.0017]
    [C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\tpfnf7.dll]  [N/A, N/A]
[PID: 3952][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 4072][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\SynCOM.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\WINNT\system32\SynTPAPI.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 376][C:\WINNT\system32\RunDll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll]  [IBM Corp., 1, 0, 0, 0]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\tppwrw32.dll]  [IBM Corp., 1, 0, 0, 0]
[PID: 2512][C:\WINNT\system32\rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll]  [N/A, N/A]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\tppwrw32.dll]  [IBM Corp., 1, 0, 0, 0]
[PID: 2372][C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe]  [IBM Corp., 1, 0, 0, 0]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\PROGRA~1\ThinkPad\UTILIT~1\US\EzMApRes.dll]  [N/A, N/A]
[PID: 2340][C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE]  [Nokia, 6, 80, 53, 3]
    [C:\WINNT\system32\ConnAPI.DLL]  [Nokia., 6, 80, 55, 5]
    [C:\PROGRA~1\Nokia\NOKIAP~1\PCSCM.dll]  [Nokia, 6, 80, 66, 0]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\Program Files\Common Files\PCSuite\ConfServer\ConfServer.dll]  [Nokia, 6, 80, 20, 4]
    [C:\WINNT\system32\NclTools.dll]  [Nokia., 6, 80, 18, 3]
    [C:\PROGRA~1\Nokia\NOKIAP~1\Lang\LaunchApplication_eng.NLR]  [Nokia, 6, 80, 56, 1]
[PID: 2168][C:\WINNT\system32\SKDAEMON.EXE]  [LITE-ON TECHNOLOGY CORP., 1, 0, 0, 3]
    [C:\WINNT\system32\skutil.dll]  [LITE-ON TECHNOLOGY CORP., 1, 1, 0, 1]
    [C:\WINNT\system32\SKUsbKbd.dll]  [LITE-ON TECHNOLOGY CORP., 1, 1, 0, 0]
    [C:\WINNT\system32\skosd.dll]  [LITE-ON TECHNOLOGY CORP., 1, 1, 0, 0]
    [C:\WINNT\system32\skhooks.dll]  [LITE-ON Corp., 1, 0, 0, 0]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 1724][C:\Program Files\Pointsec\P95tray.exe]  [Pointsec Mobile Technologies AB, 5.2.2]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 3172][C:\Program Files\Tivoli\lcf\bin\w32-ix86\mrt\lcfep.exe]  [N/A, N/A]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 3528][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 104.0.11.1]
[PID: 4048][C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe]  [N/A, N/A]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 2596][C:\PROGRA~1\Symantec\SCS3\SYMANT~1\VPTray.exe]  [Symantec Corporation, 10.1.4.4010]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\Program Files\Common Files\Symantec Shared\ccL40.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Symantec\SCS3\Symantec AntiVirus\SAVRT32.DLL]  [Symantec Corporation, 9.7.1.4]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Common Files\Symantec Shared\ccAlert.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\Program Files\Symantec\SCS3\Symantec AntiVirus\Cliproxy.dll]  [Symantec Corporation, 10.1.4.4010]
    [C:\Program Files\Symantec\SCS3\Symantec AntiVirus\NAVNTUTL.DLL]  [Symantec Corporation, 10.1.4.4010]
    [c:\program files\common files\symantec shared\ssc\ScsComms.dll]  [Symantec Corporation, 10.1.4.4010]
    [C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 104.0.11.1]
    [C:\WINNT\system32\nts.dll]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\WINNT\system32\cba.dll]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\WINNT\system32\MsgSys.dll]  [LANDesk Software Ltd., 6.12.0.142 E]
    [C:\WINNT\system32\PDS.DLL]  [LANDesk Software Ltd., 6.12.0.142 E]
[PID: 3392][C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe]  [IBM Corporation, 1.06]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 620][C:\WINNT\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 3484][C:\Program Files\IBM\Bluetooth Software\BTTray.exe]  [Broadcom Corporation, 3.0.1.915]
    [C:\WINNT\system32\wbtapi.dll]  [Broadcom Corporation, 3.0.1.915]
    [C:\WINNT\system32\btosif.dll]  [Broadcom Corporation, 3.0.1.915]
    [C:\Program Files\IBM\Bluetooth Software\BtBalloon.dll]  [Broadcom Corporation, 3.0.1.915]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\btrez.dll]  [Broadcom Corporation, 3.0.1.915]
    [C:\WINNT\system32\CSH.dll]  [Blue Sky Software Corporation, 2.00.039]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
    [C:\Program Files\IBM\Bluetooth Software\btkeyind.dll]  [N/A, N/A]

[PID: 3740][C:\Program Files\Mobiliti\Unplugged\BIN\MNUAGENT.EXE]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\NAWUSER.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\NAWUTIL.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\NAWPROJ.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUINET.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUNETSP.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUPREF.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\NAWRAS.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNURES.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUSYNCC.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNULOG.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\oaobsrvr.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUTRCAN.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUFILE.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\monuse.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUSYNCS.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\DTMPROXY.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUSCHED.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUABOUT.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\NAWSETUP.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\Program Files\Mobiliti\Unplugged\BIN\RSSU.DLL]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MBCSUDTM.DLL]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MBCSLDTM.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\MNUCSAFE.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\Program Files\Mobiliti\Unplugged\BIN\DSSdelta.dll]  [Mobiliti, Inc., 4, 7, 0, 20 ]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]
[PID: 1368][C:\Users\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]
    [C:\WINNT\system32\cahooknt.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\cahookd.dll]  [InfoExpress, 3.0.40520]
    [C:\WINNT\system32\SynTPFcs.dll]  [Synaptics, Inc., 7.5.17.13 08Nov04]

==================================
File Associations
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  Error. [winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
127.0.0.1      localhost
125.91.6.27session.17game.com
125.91.12.67session.17game.com
59.188.15.100  chargeuser.wjwg.com
59.188.15.100 bbs.wjwg.com

==================================
API HOOK
Warning! System Repair Engineer
remind you that following
functions have modified to
abnormal values by unknown
reasons:
Entry Error: LoadLibraryExW
Entry Error: CreateProcessA
Entry Error: CreateProcessW

==================================


[/CODE]

引用:

【newcenturymoon的贴子】下载 System Repair Engineer， http://www.kztechs.com/sreng/download.html 1 解压缩sreng2.zip 2 运行SREng.exe 3 智能扫描=》扫描=》保存报告 4 把日志中的报告完整拷贝贴上来，不要修改 友情提示： 扫描前关闭所有手工打开的软件和窗口，扫描后将日志发上来。但请不要用附件形式贴。 注意在没有进一步提示前，勿要胡乱修复，否则系统可能变的情况更糟。           如果发现SREng.exe运行无反应或者不能运行或者扫描出错,你可以将SREng.exe重命名为SREng.com(SREng.scr\SREng.bat\SREng.pif)或者abc.exe运行. 另外那个 病毒文件麻烦发到newcenturymoon@126.com ………………

扫描完了,报告贴上来了,我的是英文XP,SP2,公司笔记本,进程很多,贴了不少.病毒文件也已经发你了,请查收.

似乎没人过问,伤心的~~
现在电脑已经不能注销或重启了,因为这样做都会蓝屏....
不知道是不是病毒发作了:(

没人可以救我？

在盘里没找到ncscv32.exe(可能本来就没有,不清楚),打开了显示系统隐含文件....
文件也已经导入注册表并重启系统,已确认在注册表里可以找到,但问题还是发生.苦恼中....

对那句"末尾留一空行"不是很能明白,不理解,不知道baohu斑竹是否可以做下那个reg文件发我邮箱里,ryx1191@sina.con,谢谢先.
先用了电脑上的升过级更新完的Symantec Antivirus全盘杀了,没有发现任何.后又用了瑞星的在线杀毒,10元/月的那个,结果也是没有发现任何异常.郁闷的.......

引用:

【凝逸飘飞的贴子】用我写的专杀试下, 先点 取本机小木马 取本机小病毒 会提取出 cn911.exe 清除方法:     关了没用的程序,关了网络,用本程序全盘扫描!     完成后,重启系统,进入DOS,用GHOST备分还原系统,     (GHOST要改了*.gho的扩展名防被病毒删除) 进入系统     右建 >>资源管理  进入     把原在运行过exe程序,如qq删除,     这样就干净了 ………………

你的软件我不好用哦,刚解开就被Symantec Antivirus咔嚓了.....说是中了Bloodhound.Overpacked.......

现在似乎好了,做了以下改动:
照baohe斑竹的方法,导入注册表,2个都导了,重启后没用.后在组策略里添加了cn911禁止运行,重启后好了.可以看下这个组策略的图,那个(5.1.0.2180)就是了.现在也就是注册表里有还有组策略里也有的情况下好了.

用了N多专杀,没用,眼看着杀过这个cn911.exe却放过....无语.要不然我也不会麻烦大家了.我要找台电脑双击下这个cn911.exe!想看看会怎么样,哈哈.

turkey2k6 我把那个cn911打包发你,密码123.