ksdb15237452 2008-6-25 11:28
为什么金山毒霸安全中心图标是灰色的????
我的毒霸安全中心的图标变成灰色的,在线修复了好几次都没有用。监护防御栏里的“文件实时防毒” 和 “恶意行为拦截”都无法启动。。。
大家帮帮忙,这是什么回事???
无事无非 2008-6-25 15:05
可能是毒霸服务丢失或者是病毒引起。
拿清理专家,在联网的状态下点击在线系统诊断----启动项管理----导出诊断报告(注意选中隐藏所有已知为安全的项),然后复制上来
13481013564 2008-6-29 13:23
大哥``求救啊``我的问题和他一个样````
灰色的感觉好危险`` =。=
13481013564 2008-6-29 13:26
我发上去了``
13481013564 2008-6-29 13:27
==============================================================
金山清理专家系统诊断报告
该诊断报告由金山清理专家提供 [url]http://www.duba.net[/url]
==============================================================
诊断时间: 2008-06-29, 13:17
诊断平台: Windows XP [5.1.2600] Service Pack 2
IE版本: Internet Explorer V6.0.2180.2900
计算机物理内存: 1022(MB)
当前可用内存: 698(MB)
硬盘总大小: 148(GB)
硬盘可用空间: 117(GB)
清理专家版本: 2007,12,03,328
恶意软件库版本: 2007.11.26.2
漏洞库版本: 2007.11.21.1
==============================================================
App Init DLLs
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
[AppInit_DLLs] < ,yzztlmsn.dll,skqndbib.dll,tisqbtyu.dll>
文件路径: C:\WINDOWS\system32\tisqbtyu.dll [分析中]
==============================================================
常规启动项
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
[nwiz] <nwiz.exe /install>
文件路径: C:\WINDOWS\system32\nwiz.exe [分析中]
==============================================================
执行挂钩
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{189F087F-4378-405F-85FA-37D955AD7A8C}> <C:\WINDOWS\system32\mtewdh.dll>
文件路径: C:\WINDOWS\system32\mtewdh.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{55694105-5108-9405-3695-954187462155}> <C:\WINDOWS\system32\mpwdeapi.dll>
文件路径: C:\WINDOWS\system32\mpwdeapi.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{6C648541-1025-9650-9057-6541258720C6}> <C:\WINDOWS\system32\mndhfdwd.dll>
文件路径: C:\WINDOWS\system32\mndhfdwd.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{DC3D30AE-0380-4151-8934-EE98A34B0370}> <C:\WINDOWS\system32\mfdesy.dll>
文件路径: C:\WINDOWS\system32\mfdesy.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{50940F85-F015-14F1-A05F-F69858AC6D05}> <C:\WINDOWS\system32\zptlcsys.dll>
文件路径: C:\WINDOWS\system32\zptlcsys.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{7FD45A54-9875-698F-E56E-65102358FDF7}> <C:\WINDOWS\system32\apsggjba.dll>
文件路径: C:\WINDOWS\system32\apsggjba.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}> <C:\WINDOWS\system32\hhrdxd.dll>
文件路径: C:\WINDOWS\system32\hhrdxd.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{45AADFAA-DD36-42AB-83AD-0521BBF58C24}> <C:\WINDOWS\system32\zgrjdx.dll>
文件路径: C:\WINDOWS\system32\zgrjdx.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{011DB9B9-44B4-44D9-B17E-BC7608F2E549}> <C:\WINDOWS\system32\cdwqfs.dll>
文件路径: C:\WINDOWS\system32\cdwqfs.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{528DF602-9541-A985-210A-984A698C6F25}> <C:\WINDOWS\system32\ptjhehlp.dll>
文件路径: C:\WINDOWS\system32\ptjhehlp.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{43512378-9874-5641-1025-985420368734}> <C:\WINDOWS\system32\oswxdttb.dll>
文件路径: C:\WINDOWS\system32\oswxdttb.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{CAED0F3B-DF8B-4DBF-BB20-8DFBC3199068}> <C:\WINDOWS\system32\jggtsr.dll>
文件路径: C:\WINDOWS\system32\jggtsr.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{81AF1CF6-D1C9-4C6A-AC01-EDE54E71945B}> <C:\WINDOWS\system32\jfdses.dll>
文件路径: C:\WINDOWS\system32\jfdses.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{4D165A2A-4BC1-4CA8-8299-08E05AAAB5A4}> <C:\WINDOWS\system32\tdggrz.dll>
文件路径: C:\WINDOWS\system32\tdggrz.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{5A069845-2036-6084-9054-6087502480A5}> <C:\WINDOWS\system32\ozfyebyt.dll>
文件路径: C:\WINDOWS\system32\ozfyebyt.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{2B69874A-C58C-458D-69F0-698F874E41B2}> <C:\WINDOWS\system32\lassaplo.dll>
文件路径: C:\WINDOWS\system32\lassaplo.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{5D098345-6785-1098-5413-678067AE03D5}> <C:\WINDOWS\system32\tysqbkol.dll>
文件路径: C:\WINDOWS\system32\tysqbkol.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{42023698-6984-8541-9654-698745012524}> <C:\WINDOWS\system32\skqndbib.dll>
文件路径: C:\WINDOWS\system32\skqndbib.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{60A345CD-ABCD-EFAB-CDEF-ABCD01020306}> <C:\WINDOWS\system32\pqzfajke.dll>
文件路径: C:\WINDOWS\system32\pqzfajke.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{28093456-9012-4568-9076-908765467182}> <C:\WINDOWS\system32\tisqbtyu.dll>
文件路径: C:\WINDOWS\system32\tisqbtyu.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{20909876-4567-3908-4056-909834565102}> <C:\WINDOWS\system32\erxybloe.dll>
文件路径: C:\WINDOWS\system32\erxybloe.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{EA5D4B0E-B8CE-4761-8C7E-5D26369F0EC6}> <C:\WINDOWS\system32\fsrgeb.dll>
文件路径: C:\WINDOWS\system32\fsrgeb.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{B29583D8-033A-4B9F-8553-7C5458F3FB8E}> <C:\WINDOWS\system32\jdsaex.dll>
文件路径: C:\WINDOWS\system32\jdsaex.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{25FD6584-698F-BCD2-602C-698745210352}> <C:\WINDOWS\system32\rijxbkin.dll>
文件路径: C:\WINDOWS\system32\rijxbkin.dll [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{B490415F-65F8-B5C5-D8BA-9405FB12054B}> <C:\WINDOWS\system32\yzztlmsn.dll>
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
<{C3D16072-2E1B-450B-B843-50EADDC8EB63}> <C:\WINDOWS\system32\xcvaver0.dll>
==============================================================
启动文件夹位置
==============================================================
Common Startup: C:\Documents and Settings\All Users\「开始」菜单\程序\启动
Startup: C:\Documents and Settings\Administrator\「开始」菜单\程序\启动
Common Startup: %ALLUSERSPROFILE%\「开始」菜单\程序\启动
==============================================================
开始菜单启动项
==============================================================
<服务管理器.lnk> <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\服务管理器.lnk>
文件路径: [文件无法访问]
<self.bat> <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\self.bat>
文件路径: C:\Documents and Settings\All Users\「开始」菜单\程序\启动\self.bat [未知]
==============================================================
文件扩展名关联
==============================================================
.ASF <"f:\StormII\Storm.exe" /play "%1">
文件路径: f:\StormII\Storm.exe [分析中]
.AVI <"f:\StormII\Storm.exe" /play "%1">
文件路径: f:\StormII\Storm.exe [分析中]
.M3U <"f:\StormII\Storm.exe" /play "%1">
文件路径: f:\StormII\Storm.exe [分析中]
.WMA <"f:\StormII\Storm.exe" /play "%1">
文件路径: f:\StormII\Storm.exe [分析中]
.MP3 <"C:\Program Files\TTPlayer\TTPlayer.exe" "%1">
文件路径: C:\Program Files\TTPlayer\TTPlayer.exe [分析中]
.MPG(.MPEG) <"f:\StormII\Storm.exe" /play "%1">
文件路径: f:\StormII\Storm.exe [分析中]
==============================================================
Host File
==============================================================
127.0.0.1 localhost
==============================================================
系统服务
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
[ccosm] [已启用] <f:\StormII\stormliv.exe /asservice>
文件路径: f:\StormII\stormliv.exe [分析中]
[HidServ] [已禁用] <%SystemRoot%\System32\hidserv.dll>
[MSSQL$LLSLIAOLINGSHENG] [已启用] <f:\sql\MSSQL$~1\binn\sqlservr.exe -sLLSLIAOLINGSHENG>
[MSSQLServerADHelper] [已启用] <C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe>
==============================================================
驱动程序
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
[AmdK8] [已启用] <System32\DRIVERS\amdk8.sys>
文件路径: C:\WINDOWS\system32\DRIVERS\amdk8.sys [分析中]
[ATI2HDDSRV] [已启用] <\??\C:\WINDOWS\system32\drivers\ati32srv.sys>
[d347prt] [已启用] <System32\Drivers\d347prt.sys>
文件路径: C:\WINDOWS\system32\Drivers\d347prt.sys [分析中]
[DeepFree Update] [已启用] <\??\C:\WINDOWS\system32\drivers\pcihdd2.sys>
[EagleNT] [已启用] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys>
[HDAudBus] [已启用] <system32\DRIVERS\HDAudBus.sys>
文件路径: C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [分析中]
[PciHardDisk] [已启用] <\??\C:\WINDOWS\system32\fat32.sys>
[QKeyService] [已启用] <system32\KeyCrypt.sys>
文件路径: C:\WINDOWS\system32\KeyCrypt.sys [分析中]
[snpshot] [已启用] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\_tmp.bat>
[Tcpip] [已启用] <system32\DRIVERS\tcpip.sys/TCP/IP Protocol Driver>
文件路径: C:\WINDOWS\system32\DRIVERS\tcpip.sys [分析中]
==============================================================
BHO
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
[{20909876-4567-3908-4056-909834565102}]
{20909876-4567-3908-4056-909834565102} <C:\WINDOWS\system32\erxybloe.dll>
文件路径: C:\WINDOWS\system32\erxybloe.dll [分析中]
[{25FD6584-698F-BCD2-602C-698745210352}]
{25FD6584-698F-BCD2-602C-698745210352} <C:\WINDOWS\system32\rijxbkin.dll>
文件路径: C:\WINDOWS\system32\rijxbkin.dll [分析中]
[{28093456-9012-4568-9076-908765467182}]
{28093456-9012-4568-9076-908765467182} <C:\WINDOWS\system32\tisqbtyu.dll>
文件路径: C:\WINDOWS\system32\tisqbtyu.dll [分析中]
[{2B69874A-C58C-458D-69F0-698F874E41B2}]
{2B69874A-C58C-458D-69F0-698F874E41B2} <C:\WINDOWS\system32\lassaplo.dll>
文件路径: C:\WINDOWS\system32\lassaplo.dll [分析中]
[{42023698-6984-8541-9654-698745012524}]
{42023698-6984-8541-9654-698745012524} <C:\WINDOWS\system32\skqndbib.dll>
文件路径: C:\WINDOWS\system32\skqndbib.dll [分析中]
[{43512378-9874-5641-1025-985420368734}]
{43512378-9874-5641-1025-985420368734} <C:\WINDOWS\system32\oswxdttb.dll>
文件路径: C:\WINDOWS\system32\oswxdttb.dll [分析中]
[{50940F85-F015-14F1-A05F-F69858AC6D05}]
{50940F85-F015-14F1-A05F-F69858AC6D05} <C:\WINDOWS\system32\zptlcsys.dll>
文件路径: C:\WINDOWS\system32\zptlcsys.dll [分析中]
[{528DF602-9541-A985-210A-984A698C6F25}]
{528DF602-9541-A985-210A-984A698C6F25} <C:\WINDOWS\system32\ptjhehlp.dll>
文件路径: C:\WINDOWS\system32\ptjhehlp.dll [分析中]
[{55694105-5108-9405-3695-954187462155}]
{55694105-5108-9405-3695-954187462155} <C:\WINDOWS\system32\mpwdeapi.dll>
文件路径: C:\WINDOWS\system32\mpwdeapi.dll [分析中]
[{5A069845-2036-6084-9054-6087502480A5}]
{5A069845-2036-6084-9054-6087502480A5} <C:\WINDOWS\system32\ozfyebyt.dll>
文件路径: C:\WINDOWS\system32\ozfyebyt.dll [分析中]
[{5D098345-6785-1098-5413-678067AE03D5}]
{5D098345-6785-1098-5413-678067AE03D5} <C:\WINDOWS\system32\tysqbkol.dll>
文件路径: C:\WINDOWS\system32\tysqbkol.dll [分析中]
[{60A345CD-ABCD-EFAB-CDEF-ABCD01020306}]
{60A345CD-ABCD-EFAB-CDEF-ABCD01020306} <C:\WINDOWS\system32\pqzfajke.dll>
文件路径: C:\WINDOWS\system32\pqzfajke.dll [分析中]
[{6C648541-1025-9650-9057-6541258720C6}]
{6C648541-1025-9650-9057-6541258720C6} <C:\WINDOWS\system32\mndhfdwd.dll>
文件路径: C:\WINDOWS\system32\mndhfdwd.dll [分析中]
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll>
[{7FD45A54-9875-698F-E56E-65102358FDF7}]
{7FD45A54-9875-698F-E56E-65102358FDF7} <C:\WINDOWS\system32\apsggjba.dll>
文件路径: C:\WINDOWS\system32\apsggjba.dll [分析中]
[{B490415F-65F8-B5C5-D8BA-9405FB12054B}]
{B490415F-65F8-B5C5-D8BA-9405FB12054B} <C:\WINDOWS\system32\yzztlmsn.dll>
==============================================================
当前进程
==============================================================
名称: winlogon.exe [已启用]
该项来源: \??\C:\WINDOWS\system32\winlogon.exe
命令行: winlogon.exe
文件路径: C:\WINDOWS\system32\winlogon.exe [分析中] (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ntdll.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\AUTHZ.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CRYPT32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSASN1.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\NDdeApi.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\PROFMAP.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\NETAPI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USERENV.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\PSAPI.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\REGAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SETUPAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\VERSION.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINSTA.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINTRUST.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMAGEHLP.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2_32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2HELP.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\skqndbib.dll
模块文件: C:\WINDOWS\system32\wsock32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wininet.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\tisqbtyu.dll
模块文件: C:\WINDOWS\system32\MSGINA.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMCTL32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ODBC32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comdlg32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\odbcint.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHSVCS.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\sfc.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\sfc_os.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Apphelp.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msctfime.ime (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINSCARD.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WTSAPI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\sxs.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\uxtheme.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINMM.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\cscdll.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WlNotify.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINSPOOL.DRV (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MPR.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rsaenh.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SAMLIB.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msv1_0.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\iphlpapi.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\cscui.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wdmaud.drv (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\NTMARTA.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WLDAP32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msacm32.drv (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSACM32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\midimap.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\xpsp2res.dll (Microsoft Corporation)
名称: stormliv.exe [已启用]
命令行: f:\StormII\stormliv.exe /asservice
文件路径: f:\StormII\stormliv.exe [分析中] (北京暴风网际科技有限公司)
模块文件: C:\WINDOWS\system32\ntdll.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2_32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2HELP.dll (Microsoft Corporation)
模块文件: f:\StormII\MSVCP60.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MFC42.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comdlg32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\VERSION.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SETUPAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WININET.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CRYPT32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSASN1.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\skqndbib.dll
模块文件: C:\WINDOWS\system32\wsock32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\tisqbtyu.dll
模块文件: C:\WINDOWS\system32\MFC42LOC.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\uxtheme.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\xpsp2res.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\hnetcfg.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\wshtcpip.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\DNSAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msxml3.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\winrnr.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WLDAP32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\mlang.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\cryptdll.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rasadhlp.dll (Microsoft Corporation)
13481013564 2008-6-29 13:28
这写什么东西哦``完全看不懂``
希望大哥能帮帮忙
无事无非 2008-6-30 13:10
C:\WINDOWS\system32\winlogon.exe
把这个文件发上来看下
[quote]
C:\WINDOWS\system32\tisqbtyu.dll
C:\WINDOWS\system32\mtewdh.dll
C:\WINDOWS\system32\mpwdeapi.dll
C:\WINDOWS\system32\mndhfdwd.dll
C:\WINDOWS\system32\mfdesy.dll
C:\WINDOWS\system32\zptlcsys.dll
C:\WINDOWS\system32\apsggjba.dll
C:\WINDOWS\system32\hhrdxd.dll
C:\WINDOWS\system32\zgrjdx.dll
C:\WINDOWS\system32\cdwqfs.dll
C:\WINDOWS\system32\ptjhehlp.dll
C:\WINDOWS\system32\oswxdttb.dll
C:\WINDOWS\system32\jggtsr.dll
C:\WINDOWS\system32\jfdses.dll
C:\WINDOWS\system32\tdggrz.dll
C:\WINDOWS\system32\ozfyebyt.dll
C:\WINDOWS\system32\lassaplo.dll
C:\WINDOWS\system32\tysqbkol.dll
C:\WINDOWS\system32\skqndbib.dll
C:\WINDOWS\system32\pqzfajke.dll
C:\WINDOWS\system32\tisqbtyu.dll
C:\WINDOWS\system32\erxybloe.dll
C:\WINDOWS\system32\fsrgeb.dll
C:\WINDOWS\system32\jdsaex.dll
C:\WINDOWS\system32\rijxbkin.dll
C:\WINDOWS\system32\yzztlmsn.dll
C:\WINDOWS\system32\xcvaver0.dll
C:\Documents and Settings\All Users\「开始」菜单\程序\启动\self.bat
[/quote]
[color=green][size=3][b]尝试使用爱毒霸论坛文件延迟删除工具[/b]
[/size][/color][url=http://bbs.duba.net/attachment.php?aid=16136947][color=red][size=3][b]点击学习使用方法[/b]
[/size][/color][/url] [color=green][size=3][b]填入以下列出的病毒文件路径,添加以后选择删除,此时将提示重启,重启后建议打包上传工具目录下生成的_BackUP_文件夹[/b]
[/size][/color]
dirac888 2008-7-3 21:46
麻烦帮解决下
==============================================================
金山清理专家系统诊断报告
该诊断报告由金山清理专家提供 [url=http://www.duba.net]http://www.duba.net[/url]
==============================================================
诊断时间: 2008-07-03, 21:45
诊断平台: Windows XP [5.1.2600] Service Pack 2
IE版本: Internet Explorer V6.0.2180.2900
计算机物理内存: 247(MB)
当前可用内存: 65(MB)
硬盘总大小: 37(GB)
硬盘可用空间: 13(GB)
清理专家版本: 2008.06.26.422
恶意软件库版本: 2008.07.02.1
漏洞库版本: 2008.06.26.1
==============================================================
常规启动项
==============================================================
该项来源: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\KASDisabled
[SinaVideoAssistant] <REM D:\应用软件\新浪视频加速器\VideoCache.exe>
==============================================================
启动文件夹位置
==============================================================
Common Startup: C:\Documents and Settings\All Users\「开始」菜单\程序\启动
Startup: C:\Documents and Settings\wm\「开始」菜单\程序\启动
Common Startup: %ALLUSERSPROFILE%\「开始」菜单\程序\启动
==============================================================
Host File
==============================================================
127.0.0.1 localhost
==============================================================
系统服务
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
[HidServ] [已禁用] <%SystemRoot%\System32\hidserv.dll>
==============================================================
驱动程序
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32
[VIDC.WMV3] [已启用] <wmv9vcm.dll>
[vidc.xivd] [已启用] <E:\LL\CU2007\80247609\电驴\暴风\codec\xvidvfw.dll>
aisuting8449 2008-7-10 04:50
我从新装了遍就好了!
ksdbex05712084 2008-8-19 13:36
金山清理专家系统诊断报告
该诊断报告由金山清理专家提供 [url=http://www.duba.net]http://www.duba.net[/url]
==============================================================
诊断时间: 2008-08-19, 13:34
诊断平台: Windows XP [5.1.2600] Service Pack 2
IE版本: Internet Explorer V6.0.2180.2900
计算机物理内存: 447(MB)
当前可用内存: 64(MB)
硬盘总大小: 66(GB)
硬盘可用空间: 48(GB)
清理专家版本: 2008.07.16.472
恶意软件库版本: 2008.08.06.1
漏洞库版本: 2008.08.14.1
==============================================================
常规启动项
==============================================================
该项来源: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
[Super Rabbit IEPro] <C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD>
文件路径: C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE [分析中]
==============================================================
启动文件夹位置
==============================================================
Common Startup: C:\Documents and Settings\All Users\「开始」菜单\程序\启动
Startup: C:\Documents and Settings\Administrator\「开始」菜单\程序\启动
Common Startup: %ALLUSERSPROFILE%\「开始」菜单\程序\启动
==============================================================
Host File
==============================================================
127.0.0.1 localhost
==============================================================
当前进程
==============================================================
名称: SRIECLI.EXE [已启用]
命令行: "C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE" /LOAD
文件路径: C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE [分析中] (Super Rabbit Soft)
模块文件: C:\WINDOWS\system32\ntdll.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSVBVM60.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ole32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kmon.dll (Beijing Rising Information Technology Co.. Ltd.)
模块文件: C:\WINDOWS\system32\urlmon.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\VERSION.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\vb6chs.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\uxtheme.dll (Microsoft Corporation)
模块文件: D:\Program Files\360safe\safemon\safemon.dll (360.CN)
模块文件: C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\PSAPI.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comctl32.dll (Microsoft Corporation)
模块文件: C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL (Kingsoft Corporation)
模块文件: C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll (Kingsoft Corporation)
模块文件: C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MFC80U.DLL (Microsoft Corporation)
模块文件: C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCR80.dll (Microsoft Corporation)
模块文件: C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\MSVCP80.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\apphelp.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msctfime.ime (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CLBCATQ.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation)
模块文件: C:\PROGRA~1\SUPERR~1\MagicSet\shlobj71.ocx (Sky Software ([url=http://www.ssware.com]http://www.ssware.com[/url]))
模块文件: C:\WINDOWS\system32\MSIMG32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comdlg32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINSPOOL.DRV (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEPRO32.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rsaenh.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USERENV.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\netapi32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CRYPT32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSASN1.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\asycfilt.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WININET.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\xpsp2res.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SXS.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RASAPI32.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rasman.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2_32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2HELP.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\TAPI32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rtutils.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINMM.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msv1_0.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\iphlpapi.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\sensapi.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\mlang.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\wsock32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\mswsock.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\hnetcfg.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\wshtcpip.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\DNSAPI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rasadhlp.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\actxprxy.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\shdocvw.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CRYPTUI.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINTRUST.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMAGEHLP.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WLDAP32.dll (Microsoft Corporation)
砒霜 2008-8-24 15:53
我的
我的金山图标为蓝色
文件时事防毒和恶意拦截行为 无法启动
开机容易出现蓝屏
==============================================================
金山清理专家系统诊断报告
该诊断报告由金山清理专家提供 [url=http://www.duba.net]http://www.duba.net[/url]
==============================================================
诊断时间: 2008-08-24, 15:48
诊断平台: Windows XP [5.1.2600] Service Pack 2
IE版本: Internet Explorer V7.0.13.5730
计算机物理内存: 1023(MB)
当前可用内存: 457(MB)
硬盘总大小: 149(GB)
硬盘可用空间: 59(GB)
清理专家版本: 2008,03,26,471
恶意软件库版本: 2008.04.24.1
漏洞库版本: 2008.04.09.1
==============================================================
App Init DLLs
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
[AppInit_DLLs] < >
==============================================================
启动文件夹位置
==============================================================
Common Startup: C:\Documents and Settings\All Users\「开始」菜单\程序\启动
Startup: C:\Documents and Settings\Administrator\「开始」菜单\程序\启动
Common Startup: %ALLUSERSPROFILE%\「开始」菜单\程序\启动
==============================================================
Host File
==============================================================
127.0.0.1 localhost
==============================================================
系统服务
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
[HidServ] [已禁用] <%SystemRoot%\System32\hidserv.dll>
==============================================================
驱动程序
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
[dump_wmimmc] [已启用] <\??\E:\M01\GameGuard\dump_wmimmc.sys>
[EagleNT] [已启用] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys>
[KBaseZS] [已禁用] <\??\G:\KBaseZS.sys>
[npkcrypt] [已启用] <\??\C:\WINDOWS\system32\npkcrypt.sys>
[npkycryp] [已启用] <\??\C:\WINDOWS\system32\npkycryp.sys>
[sptd] [已启用] <System32\Drivers\sptd.sys>
文件路径: C:\WINDOWS\system32\Drivers\sptd.sys [文件无法访问]
[XDva027] [已启用] <\??\C:\WINDOWS\system32\XDva027.sys>
[XDva031] [已启用] <\??\C:\WINDOWS\system32\XDva031.sys>
==============================================================
BHO
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
[PopBlocker Class]
{7648AC4A-76F6-4d95-B2C4-F0DBD88E5DD5} <C:\WINDOWS\wmvploc.dll>
怎么解决啊 在线等~!~!~
无事无非 2008-8-25 10:17
楼上的朋友请单独开贴说明问题
另外,检测报告上无异常。可以重装下毒霸试试
