loadms.exe IEXPLOERS.EXE木马解决方法，求助 - 瑞星卡卡安全论坛bbs.ikaka.com

瑞星卡卡安全论坛技术交流区 反病毒/反流氓软件论坛 loadms.exe IEXPLOERS.EXE木马解决方法，求助

	瑞星“1+2”全新解决方案巡展在广州画上圆满句号		叶院长揭秘：瑞星如何运用AI技术革新网络安全		俄乌冲突加剧网络攻击风险白俄罗斯政府遭APT攻击		瑞星ESM防病毒系统助力矿业大学筑牢网络安全防线
	实力拉满瑞星第五十次通过VB100测评		携手老友，拥抱新精彩 —— 新论坛新活动，感谢你的陪伴		护航司法，瑞星助力山西省高院构建安全防线		人工智能在网络安全领域的风险和机遇

12

1 / 2 页

跳转页

loadms.exe IEXPLOERS.EXE木马解决方法，求助

哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:	发表于： 2006-05-23 20:40 \| 显示全部短消息资料字号：小中大 1楼 loadms.exe IEXPLOERS.EXE木马解决方法，求助 loadms.exe IEXPLOERS.EXE，求助该木马的解决方法！！在百度里搜了一下，有很多朋友中了该木马，我也按他们说的方法去试着杀，可是还不能彻底的解决，用瑞星2006查了后，在重启机子后会说有一个程序出现了问题，而且启动速度会慢好多， 2006-05-24 13:19:07
哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:	分享到：

哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:	发表于： 2006-05-23 20:45 \| 显示全部短消息资料字号：小中大 2楼重启机子后，按了CTRL+ALT+DEL后要很久才能进入桌面，而后说：有一个程序出现了问题
哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:

哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:	发表于： 2006-05-23 20:59 \| 显示全部短消息资料字号：小中大 3楼 2006-05-23,20:56:33 System Repair Engineer 2.0.12.350 (2.0 RC 1) Windows 2000 Server Service Pack 4 - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <Internat.exe><internat.exe> [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <Ntcheck><C:\WINNT\mapserver.exe> [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] <Cmpnt><c:\winnt\system\mainsv.exe> [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <run><> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <SoundMan><SOUNDMAN.EXE> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <NvCplDaemon><RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <nwiz><nwiz.exe /install> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <NvMediaCenter><RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <Cmpnt><C:\WINNT\system\cmpku.exe> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices] <Shell><c:\winnt\system\mainsv.exe> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <Userinit><C:\WINNT\system32\userinit.exe,> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><>
哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:

哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:	发表于： 2006-05-23 20:59 \| 显示全部短消息资料字号：小中大 4楼 ================================== 启动文件夹 [Service Manager] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Service Manager.lnk><N> ================================== 服务 [Apache / Apache] <"c:\Thunder\Apache\Apache.exe"><N/A> [Network IPSEC Connections / BARCASE] <C:\WINNT\SYSTEM32\RUNDLL32.EXE C:\WINNT\SYSTEM32\WBEM\IRJIT.DLL,Export 1087><N/A> [DataBase Assistant / DataBase Assistant] <C:\thunder\ktv\ktvsvr\DBAss.exe><SinoSoft WorkGroup> [Logical Disk Manager Administrative Service / dmadmin] <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.> [kfsvr / kfsvr] <c:\Thunder\system\kfserver\kfsvr.exe><N/A> [ktvserver / ktvserver] <c:\Thunder\ktv\ktvsvr\ktvserver.exe><N/A> [MainKtvServer / MainKtvServer] <c:\thunder\ktv\ktvsvr\MainKtvServer.exe><SinoSoft Workgroup> [NVIDIA Display Driver Service / NVSvc] <C:\WINNT\system32\nvsvc32.exe><NVIDIA Corporation> [RecordServer / RecordServer] <c:\Thunder\ktv\ktvsvr\RecordServer.exe><N/A> [videoserver / videoserver] <c:\Thunder\ktv\ktvsvr\videoserver.exe><N/A> [VoiceServer / VoiceServer] <c:\Thunder\ktv\ktvsvr\VoiceServer.exe><N/A> ================================== 浏览器加载项 [相关站点] {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A> [电台(&R)] {8E718888-423F-11D2-876E-00A0C9082467} <c:\thunder\system\ocx\msdxm.ocx, Microsoft Corporation> [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINNT\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:

哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:	发表于： 2006-05-23 21:00 \| 显示全部短消息资料字号：小中大 5楼 ================================== 正在运行的进程 [PID: 180][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.00.2195.6601> [PID: 204][\??\C:\WINNT\system32\csrss.exe] <Microsoft Corporation><5.00.2195.6601> [PID: 224][\??\C:\WINNT\system32\winlogon.exe] <Microsoft Corporation><5.00.2195.6898> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 260][C:\WINNT\system32\services.exe] <Microsoft Corporation><5.00.2195.6700> [C:\WINNT\KB494002.LOG] <N/A><N/A> [C:\WINNT\system32\dmserver.dll] <VERITAS Software Corp.><2195.6605.297.3> [PID: 280][C:\WINNT\system32\lsass.exe] <Microsoft Corporation><5.00.2195.6902> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 480][C:\WINNT\system32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 512][C:\WINNT\system32\spoolsv.exe] <Microsoft Corporation><5.00.2195.6659> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 548][c:\Thunder\Apache\Apache.exe] <N/A><N/A> [c:\Thunder\Apache\ApacheCore.dll] <N/A><N/A> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 564][C:\WINNT\SYSTEM32\RUNDLL32.EXE] <Microsoft Corporation><5.00.2134.1> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 588][c:\Thunder\Apache\Apache.exe] <N/A><N/A> [c:\Thunder\Apache\ApacheCore.dll] <N/A><N/A> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 816][C:\WINNT\system32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 844][c:\Thunder\system\kfserver\kfsvr.exe] <N/A><N/A> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 868][c:\Thunder\ktv\ktvsvr\ktvserver.exe] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\BasicUtil.dll] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\SocketUtil.dll] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\ktvdb.dll] <N/A><N/A> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 908][C:\WINNT\System32\llssrv.exe] <Microsoft Corporation><5.00.2195.6697> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 952][C:\MSSQL7\binn\sqlservr.exe] <Microsoft Corporation><1998.11.13> [C:\WINNT\KB494002.LOG] <N/A><N/A> [C:\MSSQL7\binn\SQLRGSTR.DLL] <N/A><N/A> [PID: 1044][C:\WINNT\system32\nvsvc32.exe] <NVIDIA Corporation><6.14.10.5672> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1072][c:\Thunder\ktv\ktvsvr\RecordServer.exe] <N/A><N/A> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1088][C:\WINNT\system32\regsvc.exe] <Microsoft Corporation><5.00.2195.6701> [PID: 1104][C:\WINNT\system32\MSTask.exe] <Microsoft Corporation><4.71.2195.6704> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1140][C:\WINNT\System32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1204][c:\Thunder\ktv\ktvsvr\VoiceServer.exe] <N/A><N/A> [C:\WINNT\KB494002.LOG] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\VoiceOrder.dll] <><1, 0, 0, 1> [c:\Thunder\ktv\ktvsvr\SMAPI.dll] <IBM Corporation><8.0.0.40> [PID: 1260][C:\WINNT\System32\WBEM\WinMgmt.exe] <Microsoft Corporation><1.50.1085.0100> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1280][C:\WINNT\system32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1316][C:\WINNT\system32\Dfssvc.exe] <Microsoft Corporation><5.00.2195.6664> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1340][C:\WINNT\system32\inetsrv\inetinfo.exe] <Microsoft Corporation><5.00.0984> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1544][C:\thunder\ktv\ktvsvr\DBAss.exe] <SinoSoft WorkGroup><8, 0, 0, 0> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1636][C:\MSSQL7\binn\sqlagent.exe] <Microsoft Corporation><1998.11.13> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1664][c:\Thunder\ktv\ktvsvr\videoserver.exe] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\ktvdb.dll] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\BasicUtil.dll] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\vp.dll] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\SocketUtil.dll] <N/A><N/A> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1920][C:\WINNT\SOUNDMAN.EXE] <Realtek Semiconductor Corp.><5.1.0.30> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1904][C:\WINNT\system\ntdllf.exe] <N/A><N/A> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 2008][C:\WINNT\system32\internat.exe] <Microsoft Corporation><5.00.2920.0000> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 1896][C:\MSSQL7\Binn\sqlmangr.exe] <Microsoft Corporation><1998.11.13> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 2124][C:\WINNT\explorer.exe] <Microsoft Corporation><5.00.3700.6690> [C:\WINNT\KB494002.LOG] <N/A><N/A> [C:\WINNT\system32\cacb.dll] <><1, 0, 1, 0> [C:\WINNT\system32\HttpReq.dll] <N/A><N/A> [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] <Adobe Systems, Inc.><7.0.0.0> [C:\Program Files\WinRAR\rarext.dll] <N/A><N/A> [C:\WINNT\system32\nvshell.dll] <NVIDIA Corporation><6.14.10.5672> [C:\WINNT\system32\NVWRSZHC.DLL] <NVIDIA Corporation><6.14.10.5672> [C:\WINNT\system32\JPWB.IME] <常诚研制><4.00.950> [C:\WINNT\system32\WBJJU.IME] <北京六合源软件技术有限公司><2, 5, 0, 0> [C:\WINNT\system32\WbCodeU.dll] <><2, 5, 0, 0> [C:\WINNT\system32\wbjju.dll] <N/A><N/A> [PID: 2096][C:\WINNT\system32\taskmgr.exe] <Microsoft Corporation><5.00.2195.6620> [C:\WINNT\KB494002.LOG] <N/A><N/A> [PID: 416][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2800.1106> [C:\WINNT\KB494002.LOG] <N/A><N/A> [C:\WINNT\system32\cacb.dll] <><1, 0, 1, 0> [C:\WINNT\system32\HttpReq.dll] <N/A><N/A> [C:\WINNT\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0> [C:\WINNT\system32\JPWB.IME] <常诚研制><4.00.950> [C:\WINNT\system32\WBJJU.IME] <北京六合源软件技术有限公司><2, 5, 0, 0> [C:\WINNT\system32\WbCodeU.dll] <><2, 5, 0, 0> [C:\WINNT\system32\wbjju.dll] <N/A><N/A> [C:\WINNT\system32\WNWBIO.IME] <深圳市世强电脑科技有限公司 www.wnwb.com ><2004, 10, 21, 1> [PID: 2168][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.843\SREng.exe] <Smallfrogs Studio><2.0.12.350> ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINNT\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 ==================================
哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:

哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:	发表于： 2006-05-23 21:36 \| 显示全部短消息资料字号：小中大 6楼在第一步服务里没有那些程序，在最后一步删不掉IRJIT.DLL，删时说无法删除IRJIT.DLL，该文件正被WINDOWS使用
哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:

哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:	发表于： 2006-05-23 22:00 \| 显示全部短消息资料字号：小中大 7楼 KB494002.LOG 这个文件删时很容易，就是IRJIT.DLL删时不让，后来我结束EXPLORER后才让删，现在是重启后的日志，006-05-23,21:55:12 System Repair Engineer 2.0.12.350 (2.0 RC 1) Windows 2000 Server Service Pack 4 - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <Internat.exe><internat.exe> [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <load><> [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <run><> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <SoundMan><SOUNDMAN.EXE> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <NvCplDaemon><RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <nwiz><nwiz.exe /install> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <NvMediaCenter><RUNDLL32.EXE C:\WINNT\system32\NvMcTray.dll,NvTaskbarInit> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] <dwMyTest><LOADHW.EXE> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <Userinit><C:\WINNT\system32\userinit.exe,> [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> ================================== 启动文件夹 [Service Manager] <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Service Manager.lnk><N> ==================================
哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:

哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:	发表于： 2006-05-23 22:01 \| 显示全部短消息资料字号：小中大 8楼服务 [Apache / Apache] <"c:\Thunder\Apache\Apache.exe"><N/A> [Network IPSEC Connections / BARCASE] <C:\WINNT\SYSTEM32\RUNDLL32.EXE C:\WINNT\SYSTEM32\WBEM\IRJIT.DLL,Export 1087><N/A> [DataBase Assistant / DataBase Assistant] <C:\thunder\ktv\ktvsvr\DBAss.exe><SinoSoft WorkGroup> [Logical Disk Manager Administrative Service / dmadmin] <C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.> [kfsvr / kfsvr] <c:\Thunder\system\kfserver\kfsvr.exe><N/A> [ktvserver / ktvserver] <c:\Thunder\ktv\ktvsvr\ktvserver.exe><N/A> [MainKtvServer / MainKtvServer] <c:\thunder\ktv\ktvsvr\MainKtvServer.exe><SinoSoft Workgroup> [NVIDIA Display Driver Service / NVSvc] <C:\WINNT\system32\nvsvc32.exe><NVIDIA Corporation> [RecordServer / RecordServer] <c:\Thunder\ktv\ktvsvr\RecordServer.exe><N/A> [videoserver / videoserver] <c:\Thunder\ktv\ktvsvr\videoserver.exe><N/A> [VoiceServer / VoiceServer] <c:\Thunder\ktv\ktvsvr\VoiceServer.exe><N/A> ================================== 浏览器加载项 [相关站点] {c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A> [电台(&R)] {8E718888-423F-11D2-876E-00A0C9082467} <c:\thunder\system\ocx\msdxm.ocx, Microsoft Corporation> [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINNT\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.> [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.> ================================== 正在运行的进程 [PID: 180][\SystemRoot\System32\smss.exe] <Microsoft Corporation><5.00.2195.6601> [PID: 204][\??\C:\WINNT\system32\csrss.exe] <Microsoft Corporation><5.00.2195.6601> [PID: 224][\??\C:\WINNT\system32\winlogon.exe] <Microsoft Corporation><5.00.2195.6898> [PID: 252][C:\WINNT\system32\services.exe] <Microsoft Corporation><5.00.2195.6700> [C:\WINNT\system32\dmserver.dll] <VERITAS Software Corp.><2195.6605.297.3> [PID: 264][C:\WINNT\system32\lsass.exe] <Microsoft Corporation><5.00.2195.6902> [PID: 456][C:\WINNT\system32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [PID: 484][C:\WINNT\system32\spoolsv.exe] <Microsoft Corporation><5.00.2195.6659> [PID: 512][c:\Thunder\Apache\Apache.exe] <N/A><N/A> [c:\Thunder\Apache\ApacheCore.dll] <N/A><N/A> [PID: 536][c:\Thunder\Apache\Apache.exe] <N/A><N/A> [c:\Thunder\Apache\ApacheCore.dll] <N/A><N/A> [PID: 768][C:\WINNT\Explorer.EXE] <Microsoft Corporation><5.00.3700.6690> [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] <Adobe Systems, Inc.><7.0.0.0> [C:\WINNT\system32\cacb.dll] <><1, 0, 1, 0> [C:\WINNT\system32\HttpReq.dll] <N/A><N/A> [PID: 860][C:\WINNT\SOUNDMAN.EXE] <Realtek Semiconductor Corp.><5.1.0.30> [PID: 900][C:\WINNT\system32\internat.exe] <Microsoft Corporation><5.00.2920.0000> [PID: 916][C:\WINNT\system32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [PID: 928][C:\MSSQL7\Binn\sqlmangr.exe] <Microsoft Corporation><1998.11.13> [PID: 936][c:\Thunder\system\kfserver\kfsvr.exe] <N/A><N/A> [PID: 956][c:\Thunder\ktv\ktvsvr\ktvserver.exe] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\BasicUtil.dll] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\SocketUtil.dll] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\ktvdb.dll] <N/A><N/A> [PID: 968][C:\WINNT\System32\llssrv.exe] <Microsoft Corporation><5.00.2195.6697> [PID: 1004][C:\MSSQL7\binn\sqlservr.exe] <Microsoft Corporation><1998.11.13> [C:\MSSQL7\binn\SQLRGSTR.DLL] <N/A><N/A> [PID: 1092][C:\WINNT\system32\nvsvc32.exe] <NVIDIA Corporation><6.14.10.5672> [PID: 1112][c:\Thunder\ktv\ktvsvr\RecordServer.exe] <N/A><N/A> [PID: 1128][C:\WINNT\system32\regsvc.exe] <Microsoft Corporation><5.00.2195.6701> [PID: 1144][C:\WINNT\system32\MSTask.exe] <Microsoft Corporation><4.71.2195.6704> [PID: 1176][C:\WINNT\System32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [PID: 1208][c:\Thunder\ktv\ktvsvr\VoiceServer.exe] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\VoiceOrder.dll] <><1, 0, 0, 1> [c:\Thunder\ktv\ktvsvr\SMAPI.dll] <IBM Corporation><8.0.0.40> [PID: 1256][C:\WINNT\System32\WBEM\WinMgmt.exe] <Microsoft Corporation><1.50.1085.0100> [PID: 1284][C:\WINNT\system32\svchost.exe] <Microsoft Corporation><5.00.2134.1> [PID: 1304][C:\WINNT\system32\Dfssvc.exe] <Microsoft Corporation><5.00.2195.6664> [PID: 1332][C:\WINNT\system32\inetsrv\inetinfo.exe] <Microsoft Corporation><5.00.0984> [PID: 1512][C:\thunder\ktv\ktvsvr\DBAss.exe] <SinoSoft WorkGroup><8, 0, 0, 0> [PID: 1564][C:\MSSQL7\binn\sqlagent.exe] <Microsoft Corporation><1998.11.13> [PID: 1580][c:\Thunder\ktv\ktvsvr\videoserver.exe] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\ktvdb.dll] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\BasicUtil.dll] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\vp.dll] <N/A><N/A> [c:\Thunder\ktv\ktvsvr\SocketUtil.dll] <N/A><N/A> [PID: 1056][C:\Program Files\Internet Explorer\iexplore.exe] <Microsoft Corporation><6.00.2800.1106> [C:\WINNT\system32\cacb.dll] <><1, 0, 1, 0> [C:\WINNT\system32\HttpReq.dll] <N/A><N/A> [C:\WINNT\system32\kakatool.dll] <Beijing Rising Technology Co., Ltd.><2, 0, 0, 8> [C:\WINNT\system32\Macromed\Flash\Flash8.ocx] <Macromedia, Inc.><8,0,22,0> [PID: 1220][C:\Documents and Settings\Administrator\My Documents\SREng.exe] <Smallfrogs Studio><2.0.12.350>
哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:

哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:	发表于： 2006-05-23 22:18 \| 显示全部短消息资料字号：小中大 9楼文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %] .COM OK. ["%1" %] .PIF OK. ["%1" %] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINNT\hh.exe" %1] .HLP OK. [%SystemRoot%\system32\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 ==================================
哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:

哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:	发表于： 2006-05-24 02:31 \| 显示全部短消息资料字号：小中大 10楼现在病毒没了，重启机子后说，找不到LOADHW。EXE，请确认路径和文件名是否正确，而且所需的库文件是否可用，还有在系统启动时至少有一个服务或驱动程序出现错误，详细信息请查看事件查看器，
哦的的初生襁褓狮帖子:15 注册: 2005-03-20 来自:

<<上一主题|下一主题>>

12

1 / 2 页

跳转页

页面顶部

Powered by Discuz!NT