崔大看一下【崔衍渠吧】

我的机子最近中了病毒，然后我的杀毒软件实时防毒自动禁止了（我用的是Symatec Antivirus企业版)，Ｄefwatch,AntivirusClient/Norton Antivirus Sever两项服务自动关闭，手动启动时显示：在本地计算机无法启动．．．．．．错误３：系统找不到指定路径.　手动打开扫描时扫到一半就自动退出了，该怎么办啊？另外，开机时提示　Autochk -not found  ,且系统还原不能用了（没有禁止，我的电脑－属性　项目中压根就没有，程序－附件－系统工具－系统还原及碎片整理选中后也没反应，是怎么回事啊.下面是我的日志：
2006-05-21,08:52:42

System Repair Engineer 2.0.12.350 (2.0 RC 1)
    Windows XP Professional Service Pack 2 - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  <vptray><C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <shell><Explorer.exe>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><userinit.exe,>
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><>

==================================
启动文件夹
服务
[DCOMLOAD / DCOMLOAD]
  <><N/A>
[DefWatch / DefWatch]
  <><N/A>
[Symantec AntiVirus Client / Norton AntiVirus Server]
  <><N/A>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd]
  <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>

==================================
浏览器加载项
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[ThunderIEHelper Class]
  {0005A87D-D626-4B3A-84F9-1D9571695F55} <C:\WINDOWS\system32\xunleibho_v14.dll, Thunder Networking Technologies,LTD>
[ActiveMovieControl Object]

送TA礼物

IP属地:江苏

1楼2006-05-21 09:11回复

  {05589FA1-C356-11CE-BF01-00AA0055595A} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corp.>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[HHCtrl Object]
  {41B23C28-488E-4E5C-ACE2-BB0BBABE99E8} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[BandIE Class]
  {77FEF28E-EB96-44FF-B511-3185DEA48697} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Tool Class]
  {A7F05EE4-0426-454F-8013-C41E3596E9E9} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[百度超级搜霸]
  {B580CF65-E151-49C3-B73F-70B13FCA8E86} <C:\Progra~1\Baidu\bar\BaiDuBar.dll, Baidu.com, Inc.>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx, Macromedia, Inc.>
[  >> 彩信发送 <<]
  <res://C:\PROGRA~1\MMSASS~1\Mmsass~1.dll/mms.htm, N/A>
[&使用迅雷下载]
  <F:\download\迅雷\geturl.htm, N/A>
[&使用迅雷下载全部链接]
  <F:\download\迅雷\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A>
[百度--网页搜索]
  <RES://C:\Progra~1\Baidu\bar\baidubar.dll/BAIDUSEARCH.HTM, N/A>

==================================
正在运行的进程
[PID: 512][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 572][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 596][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 648][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 660][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 812][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 896][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 992][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>

IP属地:江苏

2楼2006-05-21 09:11

[PID: 1036][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1156][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1376][C:\WINDOWS\system32\spoolsv.exe]  <Microsoft Corporation><5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)>
[PID: 1532][C:\WINDOWS\Explorer.EXE]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\WINDOWS\system32\nvcpl.dll]  <NVIDIA Corporation><6.14.10.6176>
    [C:\WINDOWS\system32\NVRSZHC.DLL]  <NVIDIA Corporation><6.14.10.6176>
    [C:\WINDOWS\system32\nvshell.dll]  <NVIDIA Corporation><6.14.10.6176>
    [C:\Progra~1\Baidu\bar\BaiDuBar.dll]  <Baidu.com, Inc.><2, 0, 2, 70>
    [C:\WINDOWS\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\Herosoft\HeroV8\VCvtShell.dll]  <herosoft><1, 0, 0, 1>
    [C:\PROGRA~1\Yahoo!\ASSIST~1\Assist\ywiper.dll]  <N/A><1, 0, 1, 1014>
    [C:\Program Files\WinRAR\rarext.dll]  <N/A><N/A>
    [C:\Program Files\Common Files\Symantec Shared\SSC\vpshell2.dll]  <Symantec Corporation><8.1.0.821>
[PID: 1676][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  <RealNetworks, Inc.><0.1.0.3510>
    [C:\Herosoft\HeroV8\VCvtShell.dll]  <herosoft><1, 0, 0, 1>
[PID: 1684][C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe]  <Symantec Corporation><8.1.0.821>
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\Cliscan.dll]  <Symantec Corporation><8.1.0.821>
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVNTUTL.DLL]  <Symantec/Peter Norton Group><1, 0, 0, 1>
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\i2ldvp3.dll]  <Symantec Corporation><8.1.0.821>
    [C:\PROGRA~1\SYMANT~1\SYMANT~1\NAVAPI32.DLL]  <Symantec Corp.><4.2.0.7>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060517.020\NAVEX32a.DLL]  <Symantec Corporation><20061.1.0.14>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20060517.020\NAVENG32.DLL]  <Symantec Corporation><20061.1.0.14>
    [C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\NAVAP32.DLL]  <Symantec Corporation><9.1.0.26>
    [C:\PROGRA~1\COMMON~1\SYMANT~1\SSC\Scandlgs.dll]  <Symantec Corporation><8.1.0.821>
    [C:\Herosoft\HeroV8\VCvtShell.dll]  <herosoft><1, 0, 0, 1>
[PID: 1692][C:\WINDOWS\system32\ctfmon.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Herosoft\HeroV8\VCvtShell.dll]  <herosoft><1, 0, 0, 1>
[PID: 284][C:\WINDOWS\system32\taskmgr.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Herosoft\HeroV8\VCvtShell.dll]  <herosoft><1, 0, 0, 1>
[PID: 620][C:\WINDOWS\system32\nvsvc32.exe]  <NVIDIA Corporation><6.14.10.6176>
[PID: 832][C:\WINDOWS\system32\wdfmgr.exe]  <Microsoft Corporation><5.2.3790.1230 built by: dnsrv(bld4act)>
[PID: 1360][F:\影视\BitComet\BitComet.exe]  <www.BitComet.com><0.62.>
    [C:\Herosoft\HeroV8\VCvtShell.dll]  <herosoft><1, 0, 0, 1>
[PID: 1152][D:\杀毒1\木马杀客\木马杀客\mmsk.exe]  <木马杀客><2,0,0,6>
    [D:\杀毒1\木马杀客\木马杀客\krnln.fnr]  <><1, 0, 0, 1>
    [D:\杀毒1\木马杀客\木马杀客\HtmlView.fne]  <><1, 0, 0, 1>

IP属地:江苏

3楼2006-05-21 09:11

    [D:\杀毒1\木马杀客\木马杀客\iext.fnr]  <><1, 0, 0, 1>
    [D:\杀毒1\木马杀客\木马杀客\TrayIcon.fne]  <><1, 0, 0, 1>
    [D:\杀毒1\木马杀客\木马杀客\iext2.fne]  <><1, 0, 0, 1>
    [D:\杀毒1\木马杀客\木马杀客\iext3.fne]  <><1, 0, 0, 1>
    [D:\杀毒1\木马杀客\木马杀客\xplib.fne]  <N/A><N/A>
    [D:\杀毒1\木马杀客\木马杀客\shell.fne]  <N/A><N/A>
    [D:\杀毒1\木马杀客\木马杀客\dp1.fne]  <N/A><N/A>
    [D:\杀毒1\木马杀客\木马杀客\eAPI.fne]  <><1, 0, 0, 1>
    [C:\Herosoft\HeroV8\VCvtShell.dll]  <herosoft><1, 0, 0, 1>
[PID: 2024][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)>
[PID: 1464][D:\Program Files\Linkage\802.1x客户端\Dot1xClient.exe]  <N/A><N/A>
    [C:\WINDOWS\system32\wpcap.dll]  <Politecnico di Torino><3, 0, 0, 18>
    [C:\WINDOWS\system32\pthreadVC.dll]  <N/A><N/A>
    [C:\WINDOWS\system32\packet.dll]  <Politecnico di Torino><3, 0, 0, 18>
    [C:\Herosoft\HeroV8\VCvtShell.dll]  <herosoft><1, 0, 0, 1>
[PID: 1776][C:\Program Files\Internet Explorer\iexplore.exe]  <Microsoft Corporation><6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)>
    [C:\Progra~1\Baidu\bar\BaiDuBar.dll]  <Baidu.com, Inc.><2, 0, 2, 70>
    [C:\WINDOWS\system32\xunleibho_v14.dll]  <Thunder Networking Technologies,LTD><4, 6, 0, 62>
    [C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx]  <Macromedia, Inc.><8,0,22,0>
    [C:\Herosoft\HeroV8\VCvtShell.dll]  <herosoft><1, 0, 0, 1>
[PID: 476][F:\download\sreng2\SREng.exe]  <Smallfrogs Studio><2.0.12.350>
    [C:\Herosoft\HeroV8\VCvtShell.dll]  <herosoft><1, 0, 0, 1>

==================================
文件关联
.TXT  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. [C:\WINDOWS\hh.exe %1]
.HLP  Error. [C:\WINDOWS\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.INF  Error. [C:\WINDOWS\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================

IP属地:江苏

4楼2006-05-21 09:11

日志无明显的异常建议重装一下系统�

IP属地:四川

5楼2006-05-21 17:52

服务
[DCOMLOAD / DCOMLOAD]
<><N/A>
[DefWatch / DefWatch]
<><N/A>
[Symantec AntiVirus Client / Norton AntiVirus Server]
<><N/A>

先删除，重装一下诺顿看看行不行实在不行你再重装系统�

IP属地:四川

6楼2006-05-21 18:03

日	一	二	三	四	五	六

崔大看一下

登录百度账号

扫二维码下载贴吧客户端