幫忙看看怎麽搞掂它
各位高手:非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
该诊断报告由360安全卫士提供 http://www.360safe.com
诊断时间: 2007-07-1911:12:49
诊断平台: Microsoft Windows XPService Pack 2
IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180
计算机物理内存:511.48MB - 当前可用内存:141.58MB
100 - 未知 - Process: sqlservr.exe - d:\PROGRA~1\MICROS~2\MSSQL\binn\sqlservr.exe
100 - 未知 - Process: A4E13FD1.exe [] - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\A4E13FD1.exe
100 - 未知 - Process: rundll32.exe - C:\WINDOWS\system32\Rundll32.exe "C:\Program Files\FlashGet\fgmgr.dll",Rundll32
100 - 未知 - Process: WLLoginProxy.exe - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
100 - 未知 - Process: rundll32.exe - C:\WINDOWS\system32\rundll32 C:\WINDOWS\system32\981.dll,Always
100 - 未知 - Process: WebThunder.exe - d:\Program Files\Thunder Network\WebThunder\WebThunder.exe
100 - 未知 - Process: setup.exe [] - C:\TDDOWNLOAD\setup.exe
100 - 未知 - Process: killer_asn.exe [] - C:\TDDOWNLOAD\killer_asn.exe
100 - 未知 - Process: 360安全卫士诊断工具.exe [诊断报告工具] - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX02.063\360安全卫士诊断工具.exe
R0 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.google.com
R0 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch=http://client.jogo.cn/cdn/browser/customsearch/customsearch-cn.html
R0 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://client.jogo.cn/cdn/browser/sidesearch/sidesearch-cn.html
R1 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm
R1 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://www.google.com/ie
R1 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Use Search Asst=no
R3 - 未知 - URLSearchHook: (SrchspHook Class) - [无效的CLSID:{22F86F33-9CBB-49a8-BB12-CDBE51B4C294}] - {22F86F33-9CBB-49a8-BB12-CDBE51B4C294} - C:\PROGRA~1\OCINS\srchsp.dll
O1 - 未知 - Host: 127.0.0.1 www.jack.coyo.eu
O1 - 未知 - Host: 127.0.0.1 www.51zc.com
O1 - 未知 - Host: 127.0.0.1 www.caiyi8.com
O1 - 未知 - Host: 127.0.0.1 vod.caiyi8.com
O2 - 未知 - BHO: (Thunder Browser Helper) - - {00C6482C-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - 未知 - BHO: (ThunderAtOnce Class) - [迅雷浏览器高级特性支持模块] - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - 未知 - BHO: (IEAux Class) - [无效的CLSID:{7605CC7C-00FD-4A5F-BAFD-828342DE6279}] - {7605CC7C-00FD-4A5F-BAFD-828342DE6279} - C:\PROGRA~1\OCINS\ieaux.dll
O2 - 未知 - BHO: (浏览器辅助对象(BHO)) - [无效的CLSID:{7E853D72-626A-48EC-A868-BA8D5E23E045}] - {7E853D72-626A-48EC-A868-BA8D5E23E045} -
O2 - 未知 - BHO: (ff Class) - - {FAAAC0F6-94BE-4466-934B-7C53666A2F41} - C:\WINDOWS\system32\8171.dll
O3 - 未知 - Toolbar: (第三方IE工具栏) - [无效的CLSID:{1E796980-9CC5-11D1-A83F-00C04FC99D61}] - {1E796980-9CC5-11D1-A83F-00C04FC99D61} -
O4 - 未知 - HKLM\..\Run: [] C:\Program Files\OCINS\idnsvr.exe
O4 - 未知 - HKLM\..\Run: [] C:\webplayer\webplayer.exe
O8 - 未知 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - 未知 - Extra context menu item: &使用快车(FlashGet)下载 - C:\Program Files\FlashGet\jc_link.htm
O8 - 未知 - Extra context menu item: &使用快车(FlashGet)下载全部链接 - C:\Program Files\FlashGet\jc_all.htm
O8 - 未知 - Extra context menu item: &访问通用网址 - C:\Program Files\OCINS\cnrbtn.html
O8 - 未知 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\QQ2006飘云版3.81\AddToNetDisk.htm
O8 - 未知 - Extra context menu item: 使用Web迅雷下载 - d:\Program Files\Thunder Network\WebThunder\GetUrl.htm
O8 - 未知 - Extra context menu item: 使用Web迅雷下载全部链接 - d:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm
O8 - 未知 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - 未知 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - 未知 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\QQ2006飘云版3.81\AddPanel.htm
O8 - 未知 - Extra context menu item: 添加到QQ表情 - C:\Program Files\QQ2006飘云版3.81\AddEmotion.htm
O8 - 未知 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\QQ2006飘云版3.81\SendMMS.htm
O9 - 未知 - Extra button: 启动迅雷5(HKLM) - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 未知 - Extra button: 浩方对战平台(HKLM) - H:\游戏\浩方对战平台\GameClient.exe
O9 - 未知 - Extra button: 启动Web迅雷(HKLM) - http://my.xunlei.com
O9 - 未知 - Extra button: 中文上网(HKLM) - C:\Program Files\OCINS\config.exe
O9 - 未知 - Extra button: 腾讯QQ(HKLM) - C:\Program Files\QQ2006飘云版3.81\QQ.EXE
O9 - 未知 - Extra button: 快车(FlashGet)(HKLM) - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - 未知 - Extra button: 访问瑞星网站(HKLM) - http://www.rising.com.cn/?u=RSTB
O9 - 未知 - Extra button: 访问卡卡社区(HKLM) - http://www.ikaka.com/?u=RSTB
O15 - 未知 - Trusted Zone: easyabc.95599.cn
O15 - 未知 - Trusted Zone: www.95599.cn
O16 - 未知 - DPF: {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} (PhotoDraw) - http://photo.qq.com/qzone_v4/QzoneMediaTools.cab
O16 - 未知 - DPF: {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} (163Uploader Control) - http://photo.163.com/163Uploader.cab
O16 - 未知 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (PasswordEditCtrl) - https://password.qq.com/download/qqedit2.cab
O16 - 未知 - DPF: {EC0978ED-24E3-403C-AB7A-060E388553E6} (BoBoControl) - http://www.17bobo.com/Software/BoBo_ActiveX_V3.ocx
O18 - 未知 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} - D:\PROGRA~1\KuGoo3\InExtend\KUGOO3~1.OCX
O18 - 未知 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - 未知 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - 未知 - Service: AVG Anti-Spyware Guard - C:\Downloads\绿色版\AVG Anti-Spyware 7.5\guard.exe - (not running)
O23 - 未知 - Service: MSSQLSERVER - d:\PROGRA~1\MICROS~2\MSSQL\binn\sqlservr.exe - (running)
O23 - 未知 - Service: ms_2fax - C:\WINDOWS\system32\17341.exe - (not running)
O23 - 未知 - Service: RfwProxySrv - d:\program files\rising\rfw\rfwproxy.exe - (not running)
O23 - 未知 - Service: RfwService - d:\program files\rising\rfw\rfwsrv.exe - (not running)
O23 - 未知 - Service: RsCCenter - "d:\Program Files\Rising\Rav\CCenter.exe" - (not running)
O23 - 未知 - Service: RsRavMon - "D:\PROGRAM FILES\RISING\RAV\Ravmond.exe" - (not running)
O23 - 未知 - Service: SQLSERVERAGENT - d:\PROGRA~1\MICROS~2\MSSQL\binn\sqlagent.exe - (not running)
O23 - 未知 - Service: usnjsvc - "C:\Program Files\MSN Messenger\usnsvc.exe" - (not running)
O23 - 未知 - Service: zecr - C:\PROGRA~1\uzxm\ejhw.dll - (running) =======================================
100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe - C:\WINDOWS\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: svchost.exe - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - 安全 - Process: svchost.exe - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: svchost.exe - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: svchost.exe - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - 安全 - Process: svchost.exe - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: spoolsv.exe - C:\WINDOWS\system32\spoolsv.exe
100 - 安全 - Process: inetinfo.exe - C:\WINDOWS\system32\inetsrv\inetinfo.exe
100 - 安全 - Process: nvsvc32.exe - C:\WINDOWS\system32\nvsvc32.exe
100 - 安全 - Process: svchost.exe - C:\WINDOWS\system32\svchost.exe -k imgsvc
100 - 安全 - Process: svchost.exe - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
100 - 安全 - Process: ctfmon.exe - C:\WINDOWS\system32\ctfmon.exe
100 - 安全 - Process: Thunder5.exe [迅雷5,支持多资源超线程技术的下载工具] - C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe
100 - 安全 - Process: WinRAR.exe [一款解压缩软件,支持.rar和.zip等格式。] - C:\Program Files\WinRAR\WinRAR.exe
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=about:blank
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=about:blank
O2 - 安全 - BHO: (WebThunder Browser Helper) - - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - d:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll
O2 - 安全 - BHO: (SnagIt Toolbar Loader) - - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - 安全 - BHO: (CAdLogic Object) - [搜狗工具条相关文件。] - {11F09AFD-75AD-4E51-AB43-E09E9351CE16} - C:\Program Files\Common Files\CPUSH\cpush.dll
O2 - 安全 - BHO: (Flashget Catch Url Class) - [网际快车,支持下载后的文件管理] - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - 安全 - BHO: (腾讯QQ) - [腾讯QQ的一个插件。] - {54EBD53A-9BC1-480B-966A-843A333CA162} - C:\WINDOWS\QQIEHelper.dll
O2 - 安全 - BHO: (Windows Live Sign-in Helper) - - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - 安全 - BHO: (Windows Live Toolbar Helper) - - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - 安全 - BHO: (AlxTB BHO Class) - - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} - C:\WINDOWS\system32\AlxTB1.dll
O3 - 安全 - Toolbar: (Windows Live Toolbar) - - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - 安全 - HKLM\..\Run: [是NVIDIA显示卡相关动态链接库文件。] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 安全 - HKLM\..\Run: [是Real Networks产品定时升级检测程序。] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"-osboot
O4 - 安全 - HKLM\..\Run: [一款摄像头相关程序。] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - 安全 - HKCU\..\Run: C:\WINDOWS\system32\ctfmon.exe
O8 - 安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - 安全 - Extra button: 电台(HKLM) -
O16 - 安全 - DPF: {E4E2F180-CB8B-4DE9-ACBB-DA745D3BA153} (瑞星免费在线查毒插件) - http://download.rising.com.cn/register/pcver/autoupgradepad/pcver2007/OL2006.cab
O18 - 安全 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - 安全 - Service: MSSQLServerADHelper - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe - (not running)
O23 - 安全 - Service: NVSvc [是NVIDIA显示卡相关程序。] - C:\WINDOWS\system32\nvsvc32.exe - (running) =======================================
O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll ---- 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Shell extensions for file compression ----- 0 -
O31 - 未知 - SEApproved: 无效的CLSID:加密上下文菜单 ----- 0 -
O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} ----- 0 -
O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} ----- 0 -
O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} ----- 0 -
O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll ---- 126464 - eb6dd474b60390c082ed42abca0e963c
O31 - 未知 - SEApproved: {A70C977A-BF00-412C-90B7-034C51DA2439} - C:\WINDOWS\system32\nvcpl.dll - NVIDIA Corporation - NVIDIA Display Properties Extension - 6.14.10.8426 - 7561216 -
O31 - 未知 - SEApproved: {FFB699E0-306A-11d3-8BD1-00104B6F7516} - C:\WINDOWS\system32\nvcpl.dll - NVIDIA Corporation - NVIDIA Display Properties Extension - 6.14.10.8426 - 7561216 -
O31 - 未知 - SEApproved: {1CDB2949-8F65-4355-8456-263E7C208A5D} - C:\WINDOWS\system32\nvshell.dll --- 6.14.10.11027 - 466944 - 57aebbcdfaf66564d3b935a056ec7627
O31 - 未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - C:\WINDOWS\system32\nvshell.dll --- 6.14.10.11027 - 466944 - 57aebbcdfaf66564d3b935a056ec7627
O31 - 未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - C:\WINDOWS\system32\nvshell.dll --- 6.14.10.11027 - 466944 - 57aebbcdfaf66564d3b935a056ec7627
O31 - 未知 - SEApproved: {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} - C:\WINDOWS\system32\RavExt.dll - Beijing Rising Technology Co., Ltd. - Rising Shell Ext Module - 19.0.0.9 - 106496 - fa20734a7acabcfe9d727fb343da4e8a
O31 - 未知 - SEApproved: 无效的CLSID:CorelDRAW Shell Extension Component ----- 0 - O31 - 未知 - SEApproved: {e82a2d71-5b2f-43a0-97b8-81be15854de8} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
O31 - 未知 - SEApproved: {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
O31 - 未知 - SEApproved: {68f32140-2ca3-11d0-acc1-444553540000} - d:\Program Files\ACDSee\picaview.dll - ACD Systems, Ltd. - PicaView 系统扩展 DLL - 2.0.0.78 - 487424 - 053432fff82198e62c0162be6c5c60f9
O31 - 未知 - Directory Menu: {8934FCEF-F5B8-468f-951F-78A921CD3920} - C:\Downloads\绿色版\AVG Anti-Spyware 7.5\context.dll - Anti-Malware Development a.s. - Context-Menu (Shell Extension) - 7.5.0.49 - 98304 - 2aff6773501cefdda87bc6b1a0e29ac1
O31 - 未知 - Directory Menu: {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} - C:\WINDOWS\system32\RavExt.dll - Beijing Rising Technology Co., Ltd. - Rising Shell Ext Module - 19.0.0.9 - 106496 - fa20734a7acabcfe9d727fb343da4e8a
O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll ---- 126464 - eb6dd474b60390c082ed42abca0e963c
O31 - 未知 - BootExecute: bsmain ---- 0 -
O31 - 未知 - BootExecute:---- 0 -
O31 - 未知 - Image Execution: adam.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: AgentSvr.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: AppSvc32.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: autoruns.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: avgrssvc.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: AvMonitor.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: avp.com - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: avp.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: CCenter.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: ccSvcHst.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: Explorer.exe - C:\WINDOWS\system32\netdde32.exe ---- 0 -
O31 - 未知 - Image Execution: FileDsty.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: FTCleanerShell.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: HijackThis.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: IceSword.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: iparmo.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: Iparmor.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: isPwdSvc.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: kabaload.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KaScrScn.SCR - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KASMain.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KASTask.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KAV32.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KAVDX.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KAVPFW.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KAVSetup.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KAVStart.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KISLnchr.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KMailMon.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KMFilter.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KPFW32.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KPFW32X.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KPFWSvc.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KRegEx.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: krepair.COM - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KsLoader.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KVCenter.kxp - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KvDetect.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KvfwMcl.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KVMonXP.kxp - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KVMonXP_1.kxp - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: kvol.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: kvolself.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KvReport.kxp - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KVScan.kxp - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KVSrvXP.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KVStub.kxp - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: kvupload.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: kvwsc.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KvXP.kxp - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KvXP_1.kxp - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KWatch.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KWatch9x.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: KWatchX.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: loaddll.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: MagicSet.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: mcconsol.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: mmqczj.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: mmsk.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: NAVSetup.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: nod32krn.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: nod32kui.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: PFW.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: PFWLiveUpdate.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: QHSET.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: Ras.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: Rav.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: RavMon.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: RavMonD.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: RavStub.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: RavTask.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: RegClean.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 - O31 - 未知 - Image Execution: rfwcfg.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: RfwMain.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: rfwProxy.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: rfwsrv.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: RsAgent.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: Rsaupd.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: runiep.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: safelive.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: scan32.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: shcfg32.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: SmartUp.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: SREng.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: symlcsvc.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: SysSafe.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: TrojanDetector.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: Trojanwall.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: TrojDie.kxp - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: UIHost.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: UmxAgent.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: UmxAttachment.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: UmxCfg.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: UmxFwHlp.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: UmxPol.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: UpLive.EXE.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: WoptiClean.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - Image Execution: zxsweep.exe - C:\PROGRA~1\COMMON~1\MICROS~1\MSINFO\A4E13FD1.dat ---- 18 -
O31 - 未知 - LSA: Security Packages - sv1_0.dll ---- 0 -
O31 - 未知 - LSA: Security Packages - channel.dll ---- 0 -
=======================================
O40 - winlogon.exe -- C:\WINDOWS\system32\winlib4.dll -- ea33fbfb55af4f4f07e7e72b81d90e4a
O40 - svchost.exe - - c:\progra~1\uzxm\ejhw.dll - AdDm - 70ddf5ef599a10359a9730ca9d1b92cf
O40 - svchost.exe -- c:\progra~1\uzxm\hmkz.dll - stdstub Module - 136ebcd215cab6cad2ba18d36398d1b9
O40 - svchost.exe - - c:\progra~1\uzxm\mrpe.dll - stdplay - ba53ed142afbf30865ac8c1b6abdde11
O40 - svchost.exe - - c:\progra~1\uzxm\jomb.dll - stdvote - 5a09cf0a508e549eadaf4bea64e6c78e
O40 - svchost.exe -- c:\progra~1\uzxm\afds.dll - navseg - 7dd32bcec1b544de86107ecd0d257c74
O40 - Rundll32.exe - www.flashget.com - C:\Program Files\FlashGet\fgmgr.dll - Flashget Manager- 3c8ec93df9cba83062933a25bb47cec2
O40 - Rundll32.exe -- c:\progra~1\uzxm\hmkz.dll - stdstub Module - 136ebcd215cab6cad2ba18d36398d1b9
O40 - Rundll32.exe - - c:\progra~1\uzxm\mrpe.dll - stdplay - ba53ed142afbf30865ac8c1b6abdde11
O40 - Rundll32.exe -- C:\Program Files\Common Files\Microsoft Shared\MSINFO\A4E13FD1.dll -- 89609f4a311d476fd1c8d4bf75ce8e23
O40 - rundll32.exe - - C:\WINDOWS\system32\981.dll - Player 动态链接库 - df48346c23a984c4dc5390c7278ba916
O40 - rundll32.exe - www.flashget.com - C:\Program Files\FlashGet\fgmgr.dll - Flashget Manager- 3c8ec93df9cba83062933a25bb47cec2
O40 - rundll32.exe -- C:\Program Files\Common Files\Microsoft Shared\MSINFO\A4E13FD1.dll -- 89609f4a311d476fd1c8d4bf75ce8e23
O40 - rundll32.exe -- c:\progra~1\uzxm\hmkz.dll - stdstub Module - 136ebcd215cab6cad2ba18d36398d1b9
O40 - rundll32.exe - - c:\progra~1\uzxm\mrpe.dll - stdplay - ba53ed142afbf30865ac8c1b6abdde11 =======================================
O41 - 3nzb - 3nzb - C:\WINDOWS\system32\drivers\3nzb.sys - (running) ---
O41 - acpidisk - acpidisk - C:\WINDOWS\system32\drivers\acpidisk.sys - (running) --- fc365f68b32cc16175ed75c9f366c2c4
O41 - BaseTDI - basetdi - C:\WINDOWS\system32\drivers\basetdi.sys - (running) - basetdi - Beijing Rising Technology Co., Ltd. - 0064810c1b03f2c889130b669a4ce937
O41 - cnprov - cnprov - C:\WINDOWS\system32\drivers\cnprov.sys - (running) ---
O41 - filter - Filter Device Driver - C:\WINDOWS\system32\drivers\filter.sys - (running) - Filter Device Driver -- 1ecfafe9c404297cd6cfce6c56abe864
O41 - GdApp - Kernel - C:\WINDOWS\system32\drivers\GdApp.sys - (running) - Kernel - Microsoft Corporation -
O41 - h657m11k8 - h657m11k8 - C:\WINDOWS\system32\drivers\h657m11k8.sys - (running) --- 432c720cf384cd9530c82ce27c97360b
O41 - idnaux - idnaux - C:\WINDOWS\system32\drivers\idnaux.sys - (running) ---
O41 - npkcrypt - nProtect KeyCrypt Driver - D:\Program Files\Tencent\QQ\npkcrypt.sys - (running) - nProtect KeyCrypt Driver - INCA Internet Co., Ltd. - 8bcb281a2540e7aff0cd00f9878fe21f
O41 - oreans32 - oreans32 - C:\WINDOWS\system32\drivers\oreans32.sys - (running) --- 21dc5b289dce2d32a32baab7bcf29a6a
O41 - RsAntiSpyware - Anti-RootKit Driver - C:\WINDOWS\system32\drivers\RsBoot.sys - (running) - Anti-RootKit Driver - Beijing Rising Technology Co., Ltd. - f9edc97f228c046832a24b5a76017912
O41 - RsNTGDI - RsNTGDI - C:\WINDOWS\system32\drivers\RsNTGdi.sys - (running) - RsNTGDI - Beijing Rising Technology Co., Ltd. - 17214e7b192cb93ff014fca1484b97ad
O41 - sptd - sptd - C:\WINDOWS\system32\drivers\sptd.sys - (running) ---
O41 - SVKP - SVKP driver for NT - C:\WINDOWS\system32\SVKP.sys - (running) - SVKP driver for NT - AntiCracking - f05028b163b92c302a74409d683ac9b0
O41 - sysHostSvc - Gui Helper api - C:\WINDOWS\system32\drivers\GuiHelp.sys - (running) - Gui Helper api - Microsoft Corporation - 99a87b164f509db7976fbd4b8f0aa338
O41 - AVG Anti-Spyware Driver - AVG Anti-Spyware Driver - C:\Downloads\绿色版\AVG Anti-Spyware 7.5\guard.sys - (not running) --- 7d78b7fd0ebe00f177b053a08c78e35b
O41 - AvgAsCln - AVG7 Clean Driver - C:\WINDOWS\system32\drivers\AvgAsCln.sys - (not running) - AVG7 Clean Driver - GRISOFT, s.r.o. - 6d4a1da6e6d522b3ebbcbff4a3589ec5
O41 - ExpScaner - ExpScan.sys - D:\PROGRAM FILES\Rising\Rav\ExpScan.sys - (not running) - ExpScan.sys -- 5a690926c7181d5c0b2721016442c9c3
O41 - HookCont - HookCont - D:\PROGRAM FILES\Rising\Rav\HookCont.sys - (not running) - HookCont - Rising - 3926cb7b005564bc77d6b40235c53817
O41 - HookReg - HookReg - D:\PROGRAM FILES\Rising\Rav\HOOKREG.sys - (not running) --- 997c395147f8e5b3f714bdd112fe8945
O41 - HookSys - Hooksys - D:\PROGRAM FILES\Rising\Rav\HookSys.sys - (not running) - Hooksys - Rising - 265b67f85db6226f2439e13e7c1fa8bf
O41 - HookUrl - HookUrl - d:\Program Files\Rising\Rfw\HookUrl.sys - (not running) - HookUrl - Beijing Rising Technology Co., Ltd. - 93768ab1e576eef2de107eddbc586e9b
O41 - MEMSCAN - MemScan Driver - D:\PROGRAM FILES\Rising\Rav\MemScan.sys - (not running) - MemScan Driver - 瑞星软件有限公司 - 9811b256023dd985cbc5bad790e5bb84
O41 - mProcRs - Rising Personal FireWallmprocrs.sys - d:\program files\Rising\Rfw\mProcRs.sys - (not running) - Rising Personal FireWallmprocrs.sys - Beijing Rising Technology Co., Ltd. - 3659b3132bc2c05db37b8c5e65687159
O41 - P2k - Motorola Driver - C:\WINDOWS\system32\drivers\P2k.sys - (not running) - Motorola Driver - Motorola Inc - 300f7eb434d7ae9ab5209eb5f6c3c98b
O41 - RsFwDrv - nt_fwdrv - d:\Program Files\Rising\Rfw\rsfwdrv.sys - (not running) - nt_fwdrv - Beijing Rising Technology Co., Ltd. - 1869e55cfacff0ff786d4ba6d2340ee2
O41 - RSPPSYS - RSPPSYS.SYS - D:\PROGRAM FILES\Rising\Rav\rsppsys.sys - (not running) - RSPPSYS.SYS - Rising - f38c10d8c21626a4878ea16717e971fa
O41 - ZSMC303 - Video streaming and Capture Device Driver - C:\WINDOWS\system32\drivers\usbVM303.sys - (not running) - Video streaming and Capture Device Driver - Vimicro Corporation -
======================================= 報告全部附上了 mjj:@ :@ :@ 没敢仔细看,只看到hosts文件不对
C:\WINDOWS\system32\drivers\etc\目录下
显示隐藏的文件和文件夹,显示系统文件
用记事本编辑hosts文件
# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
把hosts里面的东西除了上面框里的,下面全部删除
解决1个问题 没遇到过
页:
[1]
2