Re: [問題] 無法載入win.exe??

看板AntiVirus (防毒)作者Jman208 (→ 171G8)時間17年前 (2008/10/24 17:50)推噓1(1推 0噓 1→)

留言2則, 1人參與討論串2/2 (看更多)

以下為執行完的log 2008-10-24 16:48:49.25 EFix system report ver 4.65: Microsoft Windows XP [版本 5.1.2600] Service Pack 2 ======================================================= EFix刪除的檔案列表: "C:\WINDOWS\system32\kxvo0.dll" ======================================================= EFix刪除的登錄值列表: "hkey_current_user\software\microsoft\windows\currentversion\run" value "SCMTool" [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "userinit"="C:\\WINDOWS\\system32\\userinit.exe," [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "shell"="explorer.exe" [HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows] "load"=- ======================================================= EFix刪除的檔案備份位置列表: C:\WINDOWS\system32\kxvo0.dll => C:\NEFix\backup\files\C\WINDOWS\system32\kxvo0.dll ======================================================= ****** Created 2008-09 to 2008-10 Files ****** <DIR> 2008-10-24 2008-10-24 16:48 d-a------ C:\NEFix 2008-10-24 2008-10-24 10:54 --------- C:\WINDOWS\system32\jwedsfdo0.dll 2008-10-24 2008-02-25 11:44 --a------ C:\WINDOWS\system32\sigcheck.com 2008-10-24 2004-10-19 08:00 --a------ C:\WINDOWS\fixreg.com ======================================================= 執行中的程序: C:\WINDOWS\system32\wdfmgr.exe ( Microsoft Corporation < MicrosoftR WindowsR Operating System > ) C:\WINDOWS\system32\wbem\wmiprvse.exe ( Microsoft Corporation < MicrosoftR WindowsR Operating System > ) C:\WINDOWS\System32\alg.exe ( Microsoft Corporation < MicrosoftR WindowsR Operating System > ) C:\WINDOWS\Explorer.exe ( Microsoft Corporation < Microsoft(R) Windows(R) Operating System > ) C:\Program Files\Raxco\PerfectDisk\PDSched.exe ( Raxco Software, Inc. < PDSched Module > ) C:\Program Files\Eset\nod32krn.exe ( Eset < NOD32 Antivirus System > ) ======================================================= 登錄值列表 *** 注意 : 部分正常值不會顯示 *** [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=e1.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-10-19 08:00] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55] "WindowsUpdater"="C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WinUpdter.exe" [] "dc2k5"="C:\WINDOWS\SVIQ.EXE" [] "Fun"="C:\WINDOWS\system\Fun.exe" [] "dc"="C:\WINDOWS\dc.exe" [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-10-19 08:00] "VTTimer"=VTTimer.exe [2005-03-08 03:33 C:\WINDOWS\system32\VTTimer.exe] "VTTrayp"=VTtrayp.exe [2005-01-11 07:33 C:\WINDOWS\system32\VTTrayp.exe] "SoundMan"=SOUNDMAN.EXE [2004-12-22 17:09 C:\WINDOWS\SOUNDMAN.EXE] "CJIMETIPSYNC"="C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.exe" [2003-07-14 22:57] "PHIMETIPSYNC"="C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.exe" [2003-07-14 22:57] "himem.exe"="C:\WINDOWS\system32\svchd32.exe" [] "SoundMnEx32"="C:\WINDOWS\system32\svchd32.exe" [] "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2008-05-15 14:49] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=ctfmon.exe [2004-10-19 08:00 C:\WINDOWS\system32\ctfmon.exe] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] @ 2003-11-03 14:17 C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C56CB6B0-0D96-11D6-8C65-B2868B609932}] @ 2004-07-19 21:16 C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE439C63-384A-747A-A357-23D96B5D652B}] @ 2004-09-05 14:44 C:\PROGRA~1\ALiBaBar\ALiBaBar.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mscmippr] "DLLName"="wlnotify.dll" --a------ 2004-10-19 08:00 C:\WINDOWS\system32\wlnotify.dll MD5: 453888766DA789F18FBBF5B20E4BC17F 2004-10-19 08:00 976896 C:\WINDOWS\explorer.exe MD5: F3A20A3C6A4DF7FE038F4CCA70080B10 2004-10-19 08:00 23552 C:\WINDOWS\system32\userinit.exe --a------ 2007-05-09 22:27 C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\VIA RAID TOOL.lnk => -ra------ 2004-07-14 14:44 C:\Program Files\VIA\RAID\raid_tool.exe 服務 \ 驅動列表: 顯示方式 : 啟動狀態服務名稱;顯示名稱;檔案名稱啟動狀態 : S0 = Boot Start S1 = System Start S2 = Auto Start S3 = Manual Start S4 = Disable S2 AMON;AMON;C:\WINDOWS\system32\drivers\amon.sys [2008-05-15 14:49] S2 PDSched;PDScheduler;"C:\Program Files\Raxco\PerfectDisk\PDSched.exe" [2004-07-21 21:21] S0 viamraid;viamraid;C:\WINDOWS\system32\DRIVERS\viamraid.sys [2004-05-18 16:55] ======================================================= Winsock lsp : 000000000001;C:\WINDOWS\system32\imon.dll --a------ 2008-05-15 14:49 000000000002;C:\WINDOWS\system32\imon.dll --a------ 2008-05-15 14:49 000000000003;C:\WINDOWS\system32\imon.dll --a------ 2008-05-15 14:49 000000000004;C:\WINDOWS\system32\imon.dll --a------ 2008-05-15 14:49 000000000005;C:\WINDOWS\system32\imon.dll --a------ 2008-05-15 14:49 000000000021;C:\WINDOWS\system32\imon.dll --a------ 2008-05-15 14:49 ======================================================= 感謝~ -- ※ 發信站: 批踢踢實業坊(ptt.cc) ◆ From: 61.229.105.17