广告广告
  加入我的最爱 设为首页 风格修改
首页 首尾
 手机版   订阅   地图  繁体 
您是第 10373 个阅读者
 
发表文章 发表投票 回覆文章
  可列印版   加为IE收藏   收藏主题   上一主题 | 下一主题   
bi_510
个人头像
个人文章 个人相簿 个人日记 个人地图
小有名气
级别: 小有名气 该用户目前不上站
推文 x107 鲜花 x476
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片
推文 x0
[病毒蠕虫] 求救开机就中毒又杀不掉....
我用卡巴但是最近开机就出现

C:\WINDOWS\system32\zmgev.dll;
C:\WINDOWS\SYSTEM32\DRIVERS\PEUVA.SYS
已被病毒 Trojan-Downloader.Win32.Agent.bdd 感染;
无法删除,物件已拦截将在系统启动时删除

惨的是杀不掉就连进入安全模式也不行
是这个报表吗表情 表情

复制程式

2007-03-25,11:14:47

System Repair Engineer 2.4.12.806
Smallfrogs ([url]http://www.KZTechs.com[/url])

Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed

Follow item(s) have been choosed:
    All Boot Items (Including Registry, Startup Folders, Services and so on)
    Browser Add-ons
    Runing Processes (Including process model information)
    File Associations
    Winsock Provider
    Autorun.Inf
    HOSTS File


Boot Items
Registry
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe>  [(Verified)Google Inc]
    <0chl80gk636><; >  [N/A]
    <183hmw><; C:\WINDOWS\iexpl0ra.exe>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><; ?>  [N/A]
    <run><; ?>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <CdnCtr><; >  [N/A]
    <System><; >  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]

==================================
Startup Folders
[Google 更新器]
  <C:\Documents and Settings\All Users\「开始」功能表\程式集\启动\Google 更新器.lnk --> C:\PROGRA~1\Google\GOOGLE~2\GOOGLE~1.EXE [Google]><N>
[Microsoft Office]
  <C:\Documents and Settings\All Users\「开始」功能表\程式集\启动\Microsoft Office.lnk --> C:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>
[费尔消息服务]
  <C:\Documents and Settings\All Users\「开始」功能表\程式集\启动\费尔消息服务.lnk --> C:\PROGRA~1\COMMON~1\FILSEC~1\FilMsg.exe [费尔安全实验室]><N>

==================================
Services
[Network IPSEC Connections / 8NASCAR][Stopped/Auto Start]
  <C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE C:\WINDOWS\SYSTEM32\WBEM\ESSWR.DLL,Export 1087><N/A>
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Google Updater Service / gusvc][Running/Auto Start]
  <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[kavsvc / kavsvc][Running/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe"><Kaspersky Lab>
[PDEngine / PDEngine][Stopped/Manual Start]
  <"C:\Program Files\Raxco\PerfectDisk\PDEngine.exe"><Raxco Software, Inc.>
[PDScheduler / PDSched][Running/Auto Start]
  <"C:\Program Files\Raxco\PerfectDisk\PDSched.exe"><Raxco Software, Inc.>

==================================
Drivers
[acpidisk / acpidisk][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[Filseclab Dynamic Defense System Driver / filar][Running/System Start]
  <\??\C:\PROGRA~1\COMMON~1\FILSEC~1\filar.sys><Filseclab Corporation>
[ids00026 / ids00026][Stopped/Manual Start]
  <\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys><N/A>
[ids0018a / ids0018a][Running/Manual Start]
  <\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0018a.sys><Kaspersky Lab>
[Filseclab Twister Kernel Module / IMMDRV][Stopped/Manual Start]
  <\??\C:\PROGRA~1\FILSEC~1\Twister\immdrv.sys><Filseclab Corp.>
[jdihefga / jdihefga][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\jdihefga.sys><中?互?网?信息中心(CNNIC)>
[Klick / Klick][Running/Boot Start]
  <\SystemRoot\System32\drivers\klick.sys><Kaspersky Lab>
[Klif / Klif][Running/System Start]
  <System32\drivers\klif.sys><Kaspersky Labs>
[Klin / Klin][Running/Boot Start]
  <\SystemRoot\System32\drivers\klin.sys><Kaspersky Lab>
[Klmc / Klmc][Running/System Start]
  <System32\drivers\klmc.sys><Kaspersky Lab>
[klstm / klstm][Running/Manual Start]
  <\??\C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\klstm.sys><Kaspersky Lab>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[peuv / peuva][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\peuva.sys><N/A>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[直接平行连接埠连结驱动程式 / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Running/Auto Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[TSP / TSP][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Labs>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[VIA ACྜྷ Audio Controller (WDM) / VIAudio][Running/Manual Start]
  <system32\drivers\viaudios.sys><VIA Technologies, Inc.>

==================================
Browser Add-ons
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(?州)科技有限公司>
[Google Toolbar Helper]
  {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[运行迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[ALiBaBar]
  {0A1375E1-56C2-11D6-8E45-8933A0FB5235} <C:\PROGRA~1\ALiBaBar\ALiBaBar.dll, Alfred, C. S. Li>
[&Google]
  {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[Web Browser Applet Control]
  {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[ALiBaBar]
  {0A1375E1-56C2-11D6-8E45-8933A0FB5235} <C:\PROGRA~1\ALiBaBar\ALiBaBar.dll, Alfred, C. S. Li>
[&Google]
  {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[Cbho Object]
  {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, N/A>
[Info cache]
  {385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(?州)科技有限公司>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, N/A>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_007.dll, N/A>
[Google Toolbar Helper]
  {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[VIDEO__MPEG Moniker Class]
  {CD3AFA89-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[ALiBaBar_Helper]
  {CE439C63-384A-747A-A357-23D96B5D652B} <C:\PROGRA~1\ALiBaBar\ALiBaBar.dll, Alfred, C. S. Li>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx, Adobe Systems, Inc.>
[MessengerChecker Class]
  {DA4F543C-C8A9-4E88-9A79-548CBB46F18F} <C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll, Yahoo! Inc.>
[Rising Web Scan Object]
  {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} <C:\WINDOWS\Downloaded Program Files\OL2005.dll, Beijing Rising Technology Co., Ltd.>
[Google Updater Class]
  {FB19FE33-6238-4D4A-8BA1-4141A04971A9} <C:\Program Files\Google\Google Updater\2.1.794.19080\ci.dll, Google>
[&使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[&使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[汇出至 Microsoft Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>

==================================
Running Processes
[PID: 640][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 720][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1832][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1880][C:\Program Files\Google\Google Updater\GoogleUpdater.exe]  [Google, 2.1.794.19080.beta]
    [C:\Program Files\Google\Google Updater\2.1.794.19080\ci.dll]  [Google, 2.1.794.19080.beta]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\swg.dll]  [Google Inc., 1, 2, 1128, 5462]
    [C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\res_zh-TW.dll]  [Google Inc., 1, 2, 1128, 5462]
[PID: 1900][C:\Program Files\Common Files\Filseclab\FilMsg.exe]  [费尔安全实验室, 4, 0, 0, 986]
    [C:\Program Files\Common Files\Filseclab\twsupdate.dll]  [Filseclab Corp., 1, 0, 1, 497]
    [C:\Program Files\Common Files\Filseclab\W32Tools.dll]  [Filseclab Corp., 1, 0, 2, 1642]
    [C:\Program Files\Common Files\Filseclab\FAPIConv.dll]  [Filseclab Corp., 1, 0, 0, 45]
    [C:\Program Files\Common Files\Filseclab\mdcoder.dll]  [Filseclab Corp., 1, 0, 0, 21]
[PID: 2708][C:\WINDOWS\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Filseclab\Twister\Twshlext.dll]  [Filseclab Corp., 2, 0, 1, 988]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\shellex.dll]  [Kaspersky Lab, 5.0.227.1]
    [C:\Documents and Settings\杨奇儒\Application Data\Foxy\LinkMaker.dll]  [, 1, 1, 0, 0]
    [C:\WINDOWS\system32\contmenu.dll]  [N/A, ]
[PID: 2704][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [c:\program files\google\googletoolbar2.dll]  [Google Inc., 4, 0, 1601, 4978]
    [C:\PROGRA~1\ALiBaBar\ALiBaBar.dll]  [Alfred, C. S. Li, 4.0.3.0]
    [C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll]  [金泰丰(?州)科技有限公司, 2, 3, 0, 0]
    [C:\WINDOWS\system32\MSTCIPHA.IME]  [Microsoft Corporation, 5.1.0.60]
    [C:\Program Files\Common Files\Microsoft Shared\Ink\PENCHT.DLL]  [Microsoft Corporation, 1.0.1038.0]
    [C:\Program Files\Common Files\Microsoft Shared\IME\MSTCIA\Applet\chtskdic.dll]  [Microsoft Corporation, 8.0.0.1912]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\avpscrch.dll]  [Kaspersky Lab, 1.0.227.342]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\concl.dll]  [Kaspersky Lab, 1.0.227.3]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\FSSync.dll]  [Kaspersky Lab, 5.0.227.0]
    [C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\ipc.dll]  [Kaspersky Lab, 5.0.227.0]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9.ocx]  [Adobe Systems, Inc., 9,0,16,0]
[PID: 3652][C:\Documents and Settings\杨奇儒\My Documents\sreng2\SREng.EXE]  [Smallfrogs Studio, 2.4.12.806]

==================================
File Associations
.TXT  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock Provider
N/A

==================================
Autorun.Inf
N/A

==================================
HOSTS File
N/A

==================================
API HOOK
RVA Error:  LoadLibraryA (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF80F8FE1)
RVA Error:  LoadLibraryExA (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF80F9155)
RVA Error:  LoadLibraryExW (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF80F9222)
RVA Error:  LoadLibraryW (Dangerous Level: Generic,  Hooked by Module: Dest Addr: 0xF80F909E)

==================================
Hidden Process
    [233] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe
    [3365] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe

==================================




[ 此文章被bi_510在2007-03-25 11:19重新编辑 ]



努力减肥加油加油加油......
http://tw.myblog.yahoo.com/bi_510 部落格已更新有空去看看吧
http://bi510.spaces.live.com/default.aspx   新的分享空间...
献花 x0 回到顶端 [楼 主] From:台湾台北市 | Posted:2007-03-22 04:08 |
彗星风采 手机
个人头像
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x0 鲜花 x24
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

表情 应该不用重灌..建议楼主参考置顶文章跑sreng报表贴上来判读表情

ps:建议跑报表时关掉一些不必要的程式..这样判读比较不会那么累


献花 x0 回到顶端 [1 楼] From:台湾中华电信 | Posted:2007-03-22 13:59 |
彗星风采 手机
个人头像
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x0 鲜花 x24
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

楼主您所贴的报表不是很完整喔!所以没办法看出部分系统档是否有被注入的情形.应该是您跑报表的时候点选Smart Scan时左下角的Verify前面的空格没有打勾

发现的问题如下...
Boot Items
Registry
<183hmw><; C:\WINDOWS\iexpl0ra.exe> [N/A]

Services
[Network IPSEC Connections / 8NASCAR][Stopped/Auto Start]
<C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE C:\WINDOWS\SYSTEM32\WBEM\ESSWR.DLL,Export 1087><N/A>

Drivers
[acpidisk / acpidisk][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[jdihefga / jdihefga][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\jdihefga.sys><中?互?网?信息中心(CNNIC)>
[peuv / peuva][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\peuva.sys><N/A>

Browser Add-ons
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(?州)科技有限公司>
[Cbho Object]
{352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, N/A>

Running Processes
[C:\WINDOWS\system32\contmenu.dll] [N/A, ]
  [C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll] [金泰丰(?州)科技有限公司, 2, 3, 0, 0]

另外在SReng报表中并没有发现C:\WINDOWS\system32\zmgev.dll;这个项目..
解决方法..请楼主先下载工具SREng及ICEsword..
SREng载点--http://www.kztechs.com/sreng/download.html
Icesword冰刃--http://www.ttian.net/website/2005/0829/391.html(因为中文的版本会出现乱码.所以请下载Icesword 1.20英文版)
关闭系统还原.清除所有IE暂存档.进入安全模式..
在执行删除之前强烈建议楼主先备份.等删除完确定问题解决再将备份资料删除
启动SREng主程式切换至Boot Items分页中的Registry选项.找到
<183hmw><; C:\WINDOWS\iexpl0ra.exe> [N/A]
点选Delete.按下是删除.
接着切换至Boot Items分页中的Services中的Win32 Services选项.找到
[Network IPSEC Connections / 8NASCAR][Stopped/Auto Start]
<C:\WINDOWS\SYSTEM32\RUNDLL2000.EXE C:\WINDOWS\SYSTEM32\WBEM\ESSWR.DLL,Export 1087><N/A>
勾选Delet services.再按Set.按下才是删除.
接着再切换至Boot Items分页中的Services中Drivers选项.找到
[acpidisk / acpidisk][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\acpidisk.sys><N/A>
[jdihefga / jdihefga][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\jdihefga.sys><中?互?网?信息中心(CNNIC)>
[peuv / peuva][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\peuva.sys><N/A>
操作方法与Services相同
接着切换至System Repair分页中的Browser Add-ons选项.找到
{385AB8C6-FB22-4D17-8834-064E2BA0A6F0} <C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll, 金泰丰(?州)科技有限公司>
[Cbho Object]
{352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} <C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll, N/A>
点选Delete Selected.按下删除
启动ICEseord程式.切到File模式.依路径找到
[C:\WINDOWS\system32\contmenu.dll] [N/A, ]
  [C:\Documents and Settings\All Users\Application Data\Microsoft\PCTools\pctools.dll] [金泰丰(?州)科技有限公司, 2, 3, 0, 0]
点选右键 选择Force Delete删除

刚刚发现有新版的SREng..请楼主先下载新版的SREng再跑一次报表
请再用新版的SREng报表再贴一次.
记得点选Smart Scan时左下角的Verify前面的空格一定要勾选.
表情


[ 此文章被彗星风采在2007-03-25 23:55重新编辑 ]


献花 x1 回到顶端 [2 楼] From:台湾中华电信HINET | Posted:2007-03-25 12:22 |
qn9877
数位造型
个人文章 个人相簿 个人日记 个人地图
路人甲
级别: 路人甲 该用户目前不上站
推文 x0 鲜花 x2
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

请去下载windows 清理助手,应该就能解决问题了
祝你好运!


献花 x0 回到顶端 [3 楼] From:没有资料 | Posted:2007-04-02 12:16 |
qn9877
数位造型
个人文章 个人相簿 个人日记 个人地图
路人甲
级别: 路人甲 该用户目前不上站
推文 x0 鲜花 x2
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

还有你中了很多木马及广告软件都是彼岸的,建议你换一套防毒软体! 表情


献花 x0 回到顶端 [4 楼] From:没有资料 | Posted:2007-04-02 12:20 |
彗星风采 手机
个人头像
个人文章 个人相簿 个人日记 个人地图
小人物
级别: 小人物 该用户目前不上站
推文 x0 鲜花 x24
分享: 转寄此文章 Facebook Plurk Twitter 复制连结到剪贴簿 转换为繁体 转换为简体 载入图片

换防毒软体并不能彻底的解决问题..养成好的上网习惯才是重点..

况且..楼主所使用的是KAV的防软..已经算扫毒能力很强的防软了.. 表情


献花 x1 回到顶端 [5 楼] From:台湾中华电信 | Posted:2007-04-02 12:44 |

首页  发表文章 发表投票 回覆文章
Powered by PHPWind v1.3.6
Copyright © 2003-04 PHPWind
Processed in 0.047240 second(s),query:16 Gzip disabled
本站由 瀛睿律师事务所 担任常年法律顾问 | 免责声明 | 本网站已依台湾网站内容分级规定处理 | 连络我们 | 访客留言