个task.exe文件是我见到的最不好弄掉的恶意程序,而且在c:\windows\system32\task.exe这个路径下它的操作有点像cmd,很是糟糕 ,它在我上网的时候经常谈出来连接一个www.aoyou520.com的地址,但是我在IE里却打不开这个地址!请求高手快点帮忙解决下啊
不胜感激!!!!!
以下是日志: 我分段上传
2006-07-21,12:38:33
System Repair Engineer 2.0.21.505 (2.0 RC 2)
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [Microsoft Corporation]
<KavPFW><"C:\KAV2006\KPFW32.EXE"> [Kingsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<BigDog303><; C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)> []
<Cmaudio><; RunDll32 cmicnfg.cpl,CMICtrlWnd> []
<hxgame-update><; C:\Program Files\hxupdate\hxgame-update.exe> []
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<KavPFW><; "C:\KAV2006\KPFW32.EXE"> [Kingsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<KavStart><; "C:\KAV2006\KAVStart.exe" -startup> [Kingsoft Corporation]
<KAVUpdate><; C:\KAV2006\Update.exe /Slience> [Kingsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<MSMSGS><; "C:\Program Files\Messenger\msmsgs.exe" /background> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<NeroFilterCheck><; C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh]
<PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [Microsoft Corporation]
<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [Microsoft Corporation]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<RealPlayer><; "C:\Program Files\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot> [RealNetworks, Inc.]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<SiS KHooker><; > []
<SiS Tray><; C:\WINDOWS\system32\sistray.EXE> [Silicon Integrated Systems Corporation]
<SiS7012Utility><; C:\WINDOWS\system32\SiSAudUt.exe -vxd> [Silicon Integrated Systems Corporation]
<SiSUSBRG><; C:\WINDOWS\SiSUSBrg.exe> [Silicon Integrated Systems Corp.]
<TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<WebThunder><; C:\Program Files\Thunder Network\WebThunder\WebThunder.exe> [深圳市迅雷网络技术有限公司]
<WinampAgent><; "C:\Program Files\Winamp\Winampa.exe"> []
==================================
启动文件夹
[Microsoft Office]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk><N>
==================================
服务
[Autodesk Licensing Service / Autodesk Licensing Service]
<"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[Kingsoft Personal Firewall Service / KPfwSvc]
<"C:\KAV2006\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc]
<C:\KAV2006\KWatch.EXE><Kingsoft Corporation>