同学给俺的啊?还有更好的吗 ?大侠我现在这个样子还有救吗
都是经典的工具,哎,看来你最好重装了。 现在一开机总有可以程序运行啊, 还有注册表中的被病毒修改了怎么改回来啊,昨天用瑞星又杀了一次 扫描结果发上来 ,高手们帮忙分析一下,有什么变化没? 2006-05-23,11:56:46
System Repair Engineer 2.0.12.350 (2.0 RC 1)
Windows XP Professional- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
启动项目
注册表
<ctfmon.exe><G:\WINDOWS\System32\ctfmon.exe>
<MSMSGS><; "G:\Program Files\Messenger\msmsgs.exe" /background>
<Super Rabbit IEPro><; G:\PROGRA~1\SUPERR~1\MagicSet\SRIECLI.EXE /LOAD>
<load><>
<run><>
<PHIME2002ASync><G:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>
<PHIME2002A><G:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>
<TkBellExe><; "G:\Program Files\Common Files\Real\Update_OB\realsched.exe"-osboot>
<KernelFaultCheck><%systemroot%\system32\dumprep 0 -k>
<jiahu><; G:\WINDOWS\System32\svchqst.exe>
<systwseh><; G:\WINDOWS\System32\algetgti.exe>
<TProgram><; G:\WINDOWS\SMSS.EXE>
<shell><Explorer.exe >
<Userinit><G:\WINDOWS\system32\userinit.exe,>
<AppInit_DLLs><>
==================================
启动文件夹
服务
<"G:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk, Inc.>
<><N/A>
<><N/A>
<><N/A>
<G:\WINDOWS\System32\imapi.exe><Microsoft Corporation>
<G:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
<"E:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
<"E:\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
<><N/A>
==================================
浏览器加载项
[超级兔子上网精灵]
{7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <G:\PROGRA~1\SUPERR~1\MagicSet\haokanbar.dll, Xiang Feng Technology>
{77FEF28E-EB96-44FF-B511-3185DEA48697} <G:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[相关站点]
{c95fe080-8f5d-11d2-a20b-00aa003c157a} <, N/A>
[电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <G:\WINDOWS\System32\msdxm.ocx, Microsoft Corporation>
[百度超级搜霸]
{B580CF65-E151-49C3-B73F-70B13FCA8E86} <G:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[超级兔子上网精灵]
{43869BB3-22FD-4F15-9B46-238106BA2F4E} <G:\PROGRA~1\SUPERR~1\MagicSet\haokanbar.dll, Xiang Feng Technology>
{3D8F74EE-8692-4F8F-B8D2-7522E732519E} <G:\WINDOWS\System32\WEBACT~1.OCX, QQ>
{D27CDB6E-AE6D-11CF-96B8-444553540000} <G:\WINDOWS\System32\Macromed\Flash\Flash8a.ocx, Macromedia, Inc.>
[&使用迅雷下载]
<C:\Program Files\Thunder Network\geturl.htm, N/A>
[&使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\getallurl.htm, N/A>
[上传到QQ网络硬盘]
<E:\Tencent\QQ\AddToNetDisk.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\OFFICE\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ自定义面板]
<E:\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<E:\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<E:\Tencent\QQ\SendMMS.htm, N/A>
==================================
正在运行的进程
[\SystemRoot\System32\smss.exe]<Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[\??\G:\WINDOWS\system32\csrss.exe]<Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[\??\G:\WINDOWS\system32\winlogon.exe]<Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
<Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
<Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
<Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
<Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
<Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
<Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
<Microsoft Corporation><5.1.2600.0 (XPClient.010817-1148)>
<Microsoft Corporation><6.00.2600.0000 (xpclient.010817-1148)>
<Baidu.com, Inc.><2, 0, 2, 76>
<N/A><N/A>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
<PWer><0.00.0069>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
<Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
<Autodesk, Inc.><2.51.000>
<NVIDIA Corporation><6.14.10.4403>
<Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
<Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 61>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 17>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
<rising><18, 0, 0, 1>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 57>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 24>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 4>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 28>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 16>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 23>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 2>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 26>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 10>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 11>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 9>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 7>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 13>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 5>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 12>
<rising><18, 0, 0, 1>
<Microsoft Corporation><6.00.2600.0000 (xpclient.010817-1148)>
<Baidu.com, Inc.><2, 0, 2, 76>
<Xiang Feng Technology><2, 0, 0, 1>
<Beijing Rising Technology Co., Ltd.><18, 0, 0, 3>
<Macromedia, Inc.><8,0,24,0>
<N/A><N/A>
<Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
<Smallfrogs Studio><2.0.12.350>
==================================
文件关联
.TXTOK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXEOK. ["%1" %*]
.COMOK. ["%1" %*]
.PIFOK. ["%1" %*]
.REGOK.
.BATOK. ["%1" %*]
.SCROK. ["%1" /S]
.CHMOK. ["G:\WINDOWS\hh.exe" %1]
.HLPOK. [%SystemRoot%\system32\winhlp32.exe %1]
.INIOK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INFOK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBSOK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JSOK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNKOK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
================================== 我晕这么多啊!
看的眼都花了!.... 病毒杀的差不多了,但启动项还没去干净。
<jiahu><; G:\WINDOWS\System32\svchqst.exe>
<systwseh><; G:\WINDOWS\System32\algetgti.exe>
<TProgram><; G:\WINDOWS\SMSS.EXE>
开机是不是有错误找不到文件?
流氓软件很多,系统很不干净。有认识的同学会装的还是重装吧。
页:
1
[2]