这天1开电脑卡巴7就自动关闭说是系统时间不对.1看.原来是2007年的变成了2005年.改回来后...后卡巴7刚恢复就猛报病毒..1大堆木马...杀完以为没事了。谁知道第二天开了电脑还是系统时间错误...纠正了以后又是那堆病毒...今天花时间在安全模式下杀了1白天...重启动还是老样子。..对了....还有C.D.E.F盘都不能直接进入.还要在程序列表里选择程序...哎;..咋办啊...

LS的给个EwIDO下载行不....以前找过都是英文的,,,看不懂....要不就是要什么注册码我找不到...  

我下来用用...先谢谢了....希望奏效....

那个EWIDO的找不到汉化补丁....晕了...

电脑菜鸟不会扫....

Trojan-psw.win32.onlinegames.
Virus.Win32.Autorun.afk
Heur.Trojan的2个变种病毒

卡巴7反复查到的就这些病毒.....

[CODE]

2007-11-27,17:06:14

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <internat.exe><internat.exe>  [Microsoft Corporation]
    <pyjj><C:\Program Files\jj4\jjsvr4.exe>  [加加开发组]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <nwiz><nwiz.exe /install>  []
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe">  [(Verified)Kaspersky Lab]
    <stup.exe><Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll,Rundll32 R>  [TENCENT]
    <WinSysM><C:\WINDOWS\215366M.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <MSDWG32><LYLoadbr.exe>  [N/A]
    <MSDCG32    ><LYLeador.exe>  [N/A]
    <MSDOG32><LYLoador.exe>  [N/A]
    <MSDSG32><LYLoadar.exe>  [N/A]
    <MSDMG32><LYLoadmr.exe>  [N/A]
    <MSDHG32><LYLoadhr.exe>  [N/A]
    <MSDQG32><LYLoadqr.exe>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
    <WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll>  [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [N/A]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <pyjj><; C:\Program Files\jj4\jjsvr4.exe>  [加加开发组]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []

==================================
启动文件夹
N/A

==================================
服务
[Kaspersky Internet Security 7.0 / AVP][Running/Auto Start]
  <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" -r><Kaspersky Lab>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[P4P Service / P4P Service][Running/Auto Start]
  <C:\Program Files\Common Files\Sogou PXP\p2psvr.exe><Sohu.com Inc.>

==================================
驱动程序
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[Sundance ST201 based Adapter NT Driver / DLH5X][Running/Manual Start]
  <system32\DRIVERS\DLH5XND5.sys><D-Link Corporation>
[gren / gren][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\gren.ahc><N/A>
[ialm / ialm][Running/Manual Start]
  <system32\DRIVERS\ialmnt5.sys><Intel Corporation>
[kl1 / kl1][Running/Boot Start]
  <\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS Filter / klim5][Stopped/Manual Start]
  <system32\DRIVERS\klim5.sys><N/A>
[npkcrypt / npkcrypt][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkycryp.sys><N/A>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Logitech QuickCam Express / QCDonner][Running/Manual Start]
  <system32\DRIVERS\OVCD.sys><Microsoft Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
  <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[Vinyl AC'97 Audio Controller (WDM) / VIAudio][Running/Manual Start]
  <system32\drivers\vinyl97.sys><VIA Technologies, Inc.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
浏览器加载项
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <D:\QQDownload\QQIEHelper01.dll, 腾讯公司>
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr.dll, Tencent>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\360卫士\360safe\safemon\safemon.dll, >
[]
  {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <D:\QQDownload\QQIEHelper01.dll, 腾讯公司>
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr.dll, Tencent>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <D:\360卫士\360safe\live.dll, 360safe.com>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll, Thunder Networking Technologies,LTD>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[NavigatMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\360卫士\360safe\safemon\safemon.dll, >
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[使用迅雷下载]
  <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[添加到反广告横幅]
  <C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ie_banner_deny.htm, N/A>

==================================
正在运行的进程
[PID: 476 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 548 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 572 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\klogon.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 616 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 628 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 772 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 832 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 908 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 984 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1104 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1284 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1400 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 27]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [C:\Program Files\TENCENT\SSPlus\SAddr.dll]  [Tencent, 5, 0, 2, 10]
    [D:\360卫士\360safe\safemon\safemon.dll]  [, 3, 5, 3, 1001]
    [C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
    [C:\Program Files\Picaview2 绿色版\PicaView.dll]  [ACD Systems, Ltd., 2, 0, 0, 84]
    [C:\Program Files\Picaview2 绿色版\IDE_ACDStd.apl]  [ACD Systems, Ltd., 3,2,62,0]
    [C:\Program Files\Picaview2 绿色版\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\Program Files\Picaview2 绿色版\msvcr71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\ShellEx.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll]  [Kaspersky Lab, 7.0.0.125]
[PID: 1616 / Administrator][C:\WINDOWS\system32\RUNDLL32.EXE]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\NvMcTray.dll]  [NVIDIA Corporation, 6.14.10.9136]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 27]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.10.9136]
[PID: 1632 / Administrator][C:\WINDOWS\system32\Rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 27]
[PID: 1640 / Administrator][C:\WINDOWS\system32\internat.exe]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 27]
[PID: 1652 / Administrator][C:\Program Files\jj4\jjsvr4.exe]  [加加开发组, 4.0.0.19]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 27]
[PID: 1764 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.10.9136]
[PID: 1812 / SYSTEM][C:\Program Files\Common Files\Sogou PXP\p2psvr.exe]  [Sohu.com Inc., 2, 0, 0, 20]
    [C:\Program Files\P4P\p4pipc.dll]  [Sohu.com Inc., 1, 0, 0, 11]
[PID: 1852 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1876 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 2892 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2016 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 27]
    [C:\Program Files\TENCENT\SSPlus\SAddr.dll]  [Tencent, 5, 0, 2, 10]
    [D:\QQDownload\QQIEHelper01.dll]  [腾讯公司, 1, 1, 0, 5]
    [C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll]  [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
    [D:\360卫士\360safe\safemon\safemon.dll]  [, 3, 5, 3, 1001]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\klscav.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\nfio.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\fsdrvplg.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\basegui.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\thpimpl.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\FSSync.dll]  [Kaspersky Lab, 7.0.5.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\winreg.ppl]  [Kaspersky Lab, 7.0.0.125]
[PID: 592 / Administrator][D:\QQDownload\QQDownload.exe]  [Tencent Technology (Shenzhen) Company Limited, 1, 6, 145, 145]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 27]
    [D:\QQDownload\QQDownload.dll]  [Tencent Technology (Shenzhen) Company Limited, 1, 6, 145, 145]
    [D:\QQDownload\TNProxy.dll]  [Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 90]
    [D:\QQ2006\TIMProxy.dll]  [tencent, 0, 3, 2, 4]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\scrchpg.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\klscav.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCR80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prremote.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\MSVCP80.dll]  [Microsoft Corporation, 8.00.50727.42]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prloader.dll]  [Kaspersky Lab, 7.0.0.125]
    [C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\prkernel.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\params.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\pxstub.ppl]  [Kaspersky Lab, 7.0.0.125]
    [c:\program files\kaspersky lab\kaspersky internet security 7.0\tempfile.ppl]  [Kaspersky Lab, 7.0.0.125]
[PID: 3960 / Administrator][D:\SREng\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\INDICDLL.dll]  [Microsoft Corporation, 5.00.2920.0000]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 1, 27]
    [D:\SREng\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
[C:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[D:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[E:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe
[F:\]
[AutoRun]
open=auto.exe
shellexecute=auto.exe
shell\Auto\command=auto.exe

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1640, C:\WINDOWS\SYSTEM32\INTERNAT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 1652, C:\PROGRAM FILES\JJ4\JJSVR4.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 592, D:\QQDOWNLOAD\QQDOWNLOAD.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]

LS的杀了我吧....太深奥了....这么麻烦.还是重装算了...

谢谢上面几位朋友的帮助哈....C.D.等盘都可以正常进入了.也不知道啥东西..卡巴7都查不出来..下了安全卫士...查杀了下恶意软件....调查出1个"未知程序"...查杀完毕重新启动后几个盘都可以正常直接进入了....另外那几个木马也全部被360给清理干净了。是梦幻西游盗号木马啥的。...电脑应该恢复正常了.....嘿嘿.....不过不清楚怎么大家都说什么AUTO病毒.那是啥玩意......

下了那个AOTO专杀的杀了1遍...啥都没....哈哈....之所以不能进硬盘我看就是那神秘的不知名程序在捣鬼.....恩恩...谢谢大家的帮助.每人都嘴个...