[求助] 救急.怎么删黑色幽灵啊.?请各位高手帮帮忙.

kang_kuang

新兵

积分: 1
威望: 2
元宝: 0
铜钱: 2

1楼大中小发表于 2008-6-29 16:39 只看该作者

救急.怎么删黑色幽灵啊.?请各位高手帮帮忙.

请各位高手帮帮忙..怎么删黑色幽灵啊.?
我看了别人的...说要禁用一些服务(诊断报告里的该项来源那里)..但我不知道在哪里禁用.还要粉碎驱动文件..是哪个驱动文件啊.?请教一下..

这是诊断报告：

==============================================================
      金山清理专家系统诊断报告
该诊断报告由金山清理专家提供 http://www.duba.net
==============================================================
诊断时间:          2008-06-29, 16:14
诊断平台:          Windows XP [5.1.2600] Service Pack 2
IE版本:             Internet Explorer V7.0.11.5730
计算机物理内存:    511(MB)
当前可用内存:       157(MB)
硬盘总大小:       76(GB)
硬盘可用空间:       49(GB)
清理专家版本:       2008.06.13.404
恶意软件库版本:    2008.06.03.1
漏洞库版本:       2008.06.26.1

==============================================================
      常规启动项
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
      [QuickTime Task]    <"G:\QuickTime\QTTask.exe" -atboottime>
      文件路径: G:\QuickTime\QTTask.exe [分析中]

==============================================================
      执行挂钩
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
      <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}>          <C:\WINDOWS\system32\shlhook.dll>
      文件路径: C:\WINDOWS\system32\shlhook.dll [分析中]

==============================================================
      启动文件夹位置
==============================================================
Common Startup:    C:\Documents and Settings\All Users\「开始」菜单\程序\启动
Startup:          C:\Documents and Settings\kang\「开始」菜单\程序\启动
Common Startup:    %ALLUSERSPROFILE%\「开始」菜单\程序\启动
==============================================================
      Host File
==============================================================
127.0.0.1    localhost
127.0.0.1    www.360Safe.com
127.0.0.1    www.360.cn
127.0.0.1    bbs.360safe.com
127.0.0.1    baike.360.cn
127.0.0.1    kaba.360.cn
127.0.0.1    bbs.360.cn
127.0.0.1    360.cn
127.0.0.1    forum.ikaka.com
127.0.0.1    tool.ikaka.com
127.0.0.1    file.ikaka.com
127.0.0.1    update.ikaka.com
127.0.0.1    bbs.ikaka.com
127.0.0.1    bbs.janmeng.com
127.0.0.1    www.ikaka.com
127.0.0.1    forum.jiangmin.com
127.0.0.1    update.rising.com.cn
127.0.0.1    online.rising.com.cn
127.0.0.1    center.rising.com.cn
127.0.0.1    www.rising.com.cn
127.0.0.1    fw.rising.com.cn
127.0.0.1    csc.rising.com.cn
127.0.0.1    buy.rising.com.cn
127.0.0.1    sos.rising.com.cn
127.0.0.1    download.rising.com.cn
127.0.0.1    help.rising.com.cn
127.0.0.1    go.rising.com.cn
127.0.0.1    up.duba.net
127.0.0.1    shadu.baidu.com
127.0.0.1    security.symantec.com
127.0.0.1    shadu.duba.net
127.0.0.1    online.jiangmin.com
127.0.0.1    cn.mcafee.com
127.0.0.1    bbs.mcafeefans.com
127.0.0.1    mcafeefans.com
127.0.0.1    www.ahn.com.cn
127.0.0.1    www.kaspersky.com.cn
127.0.0.1    www.kaspersky.com
127.0.0.1    www.pcav.cn
127.0.0.1    www.vrv.com.cn
127.0.0.1    bbs.sucop.com
127.0.0.1    www.sucop.com
127.0.0.1    sucop.com
127.0.0.1    bbs.cpcw.com
127.0.0.1    www.shudoo.com
127.0.0.1    alert.rising.com.cn
127.0.0.1    www.dswlab.com
127.0.0.1    dswlab.com
127.0.0.1    bbs.dswlab.com
127.0.0.1    zhidao.ikaka.com
127.0.0.1    bbs.kafan.cn
127.0.0.1    bbs.kaspersky.com.cn
127.0.0.1    www.trendmicro.com.cn
127.0.0.1    bbs.trendmicro.com.cn
127.0.0.1    cn.trendmicro.com
127.0.0.1    www.kpfans.com
127.0.0.1    kpfans.com
127.0.0.1    www.mcafee.com
127.0.0.1    dnl-cn1.kaspersky-labs.com
127.0.0.1    dnl-cn2.kaspersky-labs.com
127.0.0.1    dnl-cn3.kaspersky-labs.com
127.0.0.1    dnl-cn4.kaspersky-labs.com
127.0.0.1    dnl-cn5.kaspersky-labs.com
127.0.0.1    dnl-cn6.kaspersky-labs.com
127.0.0.1    dnl-cn7.kaspersky-labs.com
127.0.0.1    dnl-cn8.kaspersky-labs.com
127.0.0.1    dnl-cn9.kaspersky-labs.com
127.0.0.1    dnl-cn10.kaspersky-labs.com
127.0.0.1    dnl-cn11.kaspersky-labs.com
127.0.0.1    dnl-cn12.kaspersky-labs.com
127.0.0.1    dnl-cn13.kaspersky-labs.com
127.0.0.1    dnl-cn14.kaspersky-labs.com
127.0.0.1    dnl-cn15.kaspersky-labs.com
127.0.0.1    dnl-cd1.kaspersky-labs.com
127.0.0.1    dnl-cd2.kaspersky-labs.com
127.0.0.1    dnl-cd3.kaspersky-labs.com
127.0.0.1    dnl-cd4.kaspersky-labs.com
127.0.0.1    dnl-cd5.kaspersky-labs.com
127.0.0.1    dnl-cd6.kaspersky-labs.com
127.0.0.1    dnl-cd7.kaspersky-labs.com
127.0.0.1    dnl-cd8.kaspersky-labs.com
127.0.0.1    dnl-cd9.kaspersky-labs.com
127.0.0.1    dnl-cd10.kaspersky-labs.com
127.0.0.1    dnl-cd11.kaspersky-labs.com
127.0.0.1    dnl-cd12.kaspersky-labs.com
127.0.0.1    dnl-cd13.kaspersky-labs.com
127.0.0.1    dnl-cd14.kaspersky-labs.com
127.0.0.1    dnl-eu1.kaspersky-labs.com
127.0.0.1    dnl-eu2.kaspersky-labs.com
127.0.0.1    dnl-eu3.kaspersky-labs.com
127.0.0.1    dnl-eu4.kaspersky-labs.com
127.0.0.1    dnl-eu5.kaspersky-labs.com
127.0.0.1    dnl-eu6.kaspersky-labs.com
127.0.0.1    dnl-eu7.kaspersky-labs.com
127.0.0.1    dnl-eu8.kaspersky-labs.com
127.0.0.1    dnl-eu9.kaspersky-labs.com
127.0.0.1    dnl-eu10.kaspersky-labs.com
127.0.0.1    dnl-eu11.kaspersky-labs.com
127.0.0.1    dnl-eu12.kaspersky-labs.com
127.0.0.1    dnl-eu13.kaspersky-labs.com
127.0.0.1    dnl-eu14.kaspersky-labs.com
127.0.0.1    dnl-eu15.kaspersky-labs.com
127.0.0.1    dnl-us1.kaspersky-labs.com
127.0.0.1    dnl-us2.kaspersky-labs.com
127.0.0.1    dnl-us3.kaspersky-labs.com
127.0.0.1    dnl-us4.kaspersky-labs.com
127.0.0.1    dnl-us5.kaspersky-labs.com
127.0.0.1    dnl-us6.kaspersky-labs.com
127.0.0.1    dnl-us7.kaspersky-labs.com
127.0.0.1    dnl-us8.kaspersky-labs.com
127.0.0.1    dnl-us9.kaspersky-labs.com
127.0.0.1    dnl-us10.kaspersky-labs.com
127.0.0.1    dnl-us11.kaspersky-labs.com
127.0.0.1    dnl-us12.kaspersky-labs.com
127.0.0.1    dnl-us13.kaspersky-labs.com
127.0.0.1    dnl-us14.kaspersky-labs.com
127.0.0.1    dnl-us15.kaspersky-labs.com
127.0.0.1    dnl-ru1.kaspersky-labs.com
127.0.0.1    dnl-ru2.kaspersky-labs.com
127.0.0.1    dnl-ru3.kaspersky-labs.com
127.0.0.1    dnl-ru4.kaspersky-labs.com
127.0.0.1    dnl-ru5.kaspersky-labs.com
127.0.0.1    dnl-ru6.kaspersky-labs.com
127.0.0.1    dnl-ru7.kaspersky-labs.com
127.0.0.1    dnl-ru8.kaspersky-labs.com
127.0.0.1    dnl-ru9.kaspersky-labs.com
127.0.0.1    dnl-ru10.kaspersky-labs.com
127.0.0.1    dnl-ru11.kaspersky-labs.com
127.0.0.1    dnl-ru12.kaspersky-labs.com
127.0.0.1    dnl-ru13.kaspersky-labs.com
127.0.0.1    dnl-ru14.kaspersky-labs.com
127.0.0.1    dnl-ru15.kaspersky-labs.com
127.0.0.1    dnl-jp1.kaspersky-labs.com
127.0.0.1    dnl-jp2.kaspersky-labs.com
127.0.0.1    dnl-jp3.kaspersky-labs.com
127.0.0.1    dnl-jp4.kaspersky-labs.com
127.0.0.1    dnl-jp5.kaspersky-labs.com
127.0.0.1    dnl-jp6.kaspersky-labs.com
127.0.0.1    dnl-jp7.kaspersky-labs.com
127.0.0.1    dnl-jp8.kaspersky-labs.com
127.0.0.1    dnl-jp9.kaspersky-labs.com
127.0.0.1    dnl-jp10.kaspersky-labs.com
127.0.0.1    dnl-jp11.kaspersky-labs.com
127.0.0.1    dnl-jp12.kaspersky-labs.com
127.0.0.1    dnl-jp13.kaspersky-labs.com
127.0.0.1    dnl-jp14.kaspersky-labs.com
127.0.0.1    dnl-jp15.kaspersky-labs.com
127.0.0.1    dnl-kr1.kaspersky-labs.com
127.0.0.1    dnl-kr2.kaspersky-labs.com
127.0.0.1    dnl-kr3.kaspersky-labs.com
127.0.0.1    dnl-kr4.kaspersky-labs.com
127.0.0.1    dnl-kr5.kaspersky-labs.com
127.0.0.1    dnl-kr6.kaspersky-labs.com
127.0.0.1    dnl-kr7.kaspersky-labs.com
127.0.0.1    dnl-kr8.kaspersky-labs.com
127.0.0.1    dnl-kr9.kaspersky-labs.com
127.0.0.1    dnl-kr10.kaspersky-labs.com
127.0.0.1    dnl-kr11.kaspersky-labs.com
127.0.0.1    dnl-kr12.kaspersky-labs.com
127.0.0.1    dnl-kr13.kaspersky-labs.com
127.0.0.1    dnl-kr14.kaspersky-labs.com
127.0.0.1    dnl-kr15.kaspersky-labs.com
==============================================================
      系统服务
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
      [HidServ] [已禁用]          <%SystemRoot%\System32\hidserv.dll>

==============================================================
      驱动程序
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32
      [MIDI1] [已启用]             <SYNCOR11.DLL>
      文件路径: C:\WINDOWS\system32\SYNCOR11.DLL [分析中]
--------------------------------------------------------------
该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
      [00008695] [已启用]          <\??\C:\WINDOWS\system32\Drivers\00008695.sys>
      [000092ba] [已启用]          <\??\C:\WINDOWS\system32\Drivers\000092ba.sys>
      [0000c459] [已启用]          <\??\C:\WINDOWS\system32\Drivers\0000c459.sys>
      [0000c766] [已启用]          <\??\C:\WINDOWS\system32\Drivers\0000c766.sys>
      [0000cfa4] [已启用]          <\??\C:\WINDOWS\system32\Drivers\0000cfa4.sys>
      [0000da43] [已启用]          <\??\C:\WINDOWS\system32\Drivers\0000da43.sys>
      [0000effd] [已启用]          <\??\C:\WINDOWS\system32\Drivers\0000effd.sys>
      [0000f4ef] [已启用]          <\??\C:\WINDOWS\system32\Drivers\0000f4ef.sys>
      [0000f5c9] [已启用]          <\??\C:\WINDOWS\system32\Drivers\0000f5c9.sys>
      [0000fa0f] [已启用]          <\??\C:\WINDOWS\system32\Drivers\0000fa0f.sys>
      [0000fada] [已启用]          <\??\C:\WINDOWS\system32\Drivers\0000fada.sys>
      [0000fbf4] [已启用]          <\??\C:\WINDOWS\system32\Drivers\0000fbf4.sys>
      [0000fda9] [已启用]          <\??\C:\WINDOWS\system32\Drivers\0000fda9.sys>
      [00010162] [已启用]          <\??\C:\WINDOWS\system32\Drivers\00010162.sys>
      [00010402] [已启用]          <\??\C:\WINDOWS\system32\Drivers\00010402.sys>
      [000107cb] [已启用]          <\??\C:\WINDOWS\system32\Drivers\000107cb.sys>
      [00010b65] [已启用]          <\??\C:\WINDOWS\system32\Drivers\00010b65.sys>
      [00011095] [已启用]          <\??\C:\WINDOWS\system32\Drivers\00011095.sys>
      [00013090] [已启用]          <\??\C:\WINDOWS\system32\Drivers\00013090.sys>
      [00a9020d] [已启用]          <\??\C:\WINDOWS\system32\Drivers\00a9020d.sys>
      [TesSafe] [已启用]          <\??\C:\WINDOWS\system32\TesSafe.sys>
      文件路径: C:\WINDOWS\system32\TesSafe.sys [分析中]

==============================================================
      当前进程
==============================================================
名称:    ArSwp.exe  [已启用]
命令行: "C:\Documents and Settings\kang\桌面\arswp2\ArSwp.exe"
文件路径: C:\Documents and Settings\kang\桌面\arswp2\ArSwp.exe  [分析中] (ArSwp.com)
模块文件: C:\WINDOWS\system32\ntdll.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\kernel32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHLWAPI.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ADVAPI32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RPCRT4.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Secur32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\GDI32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USER32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msvcrt.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WININET.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Normaliz.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\iertutil.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\imagehlp.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\comdlg32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMCTL32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SHELL32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINSPOOL.DRV             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\oledlg.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ole32.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEPRO32.DLL             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\OLEAUT32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\urlmon.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WSOCK32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2_32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WS2HELP.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\iphlpapi.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSVCP60.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\VERSION.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SETUPAPI.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINTRUST.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CRYPT32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSASN1.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\IMM32.DLL                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LPK.DLL                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USP10.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\uxtheme.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSCTF.dll                (Microsoft Corporation)
模块文件: G:\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL (Kingsoft Corporation)
模块文件: G:\Kingsoft\Kingsoft Internet Security 2008\kis.dll (Kingsoft Corporation)
模块文件: G:\Kingsoft\Kingsoft Internet Security 2008\MFC80U.DLL (Microsoft Corporation)
模块文件: G:\Kingsoft\Kingsoft Internet Security 2008\MSVCR80.dll (Microsoft Corporation)
模块文件: G:\Kingsoft\Kingsoft Internet Security 2008\MSVCP80.dll (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\appHelp.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\CLBCATQ.DLL             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\COMRes.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msctfime.ime             (Microsoft Corporation)
模块文件: C:\Documents and Settings\kang\桌面\arswp2\plugin\ArFix.dll (ArSwp.Com)
模块文件: C:\WINDOWS\system32\netapi32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\USERENV.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\xpsp2res.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rsaenh.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\cryptnet.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WLDAP32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINHTTP.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SensApi.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\mswsock.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\hnetcfg.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\wshtcpip.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\RASAPI32.DLL             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rasman.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\TAPI32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rtutils.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\WINMM.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SYNCOR11.DLL             (SoundMAX)
模块文件: C:\WINDOWS\system32\msv1_0.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\DNSAPI.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\rasadhlp.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ieframe.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\PSAPI.DLL                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\asycfilt.dll             (Microsoft Corporation)
模块文件: C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\SXS.DLL                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\mshtml.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msls31.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\System32\winrnr.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\mlang.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Cabinet.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msimtf.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\jscript.dll             (Microsoft Corporation)
模块文件: G:\Kingsoft\Kingsoft Internet Security 2008\Flash.OCX (Adobe Systems. Inc.)
模块文件: C:\WINDOWS\system32\wdmaud.drv             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\msacm32.drv             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\MSACM32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\midimap.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Dxtrans.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ATL.DLL                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ImgUtil.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ddrawex.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\DDRAW.dll                (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\DCIMAN32.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\pngfilt.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\Dxtmsft.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\LINKINFO.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\ntshrui.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\NETSHELL.dll             (Microsoft Corporation)
模块文件: C:\WINDOWS\system32\credui.dll             (Microsoft Corporation)

==============================================================
      协议
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler
      <ms-itss>                      <C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL>
      文件路径: C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [分析中]

==============================================================
      第3方IE插件
==============================================================
名称:    npqtplugin.dll  [已启用]
文件路径: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll [分析中]
名称:    npqtplugin2.dll  [已启用]
文件路径: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll [分析中]
名称:    npqtplugin3.dll  [已启用]
文件路径: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll [分析中]
名称:    npqtplugin4.dll  [已启用]
文件路径: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin4.dll [分析中]
名称:    npqtplugin5.dll  [已启用]
文件路径: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll [分析中]
名称:    npqtplugin6.dll  [已启用]
文件路径: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin6.dll [分析中]
名称:    nprfxins.dll  [已启用]
文件路径: C:\Program Files\Internet Explorer\PLUGINS\RichFX\Player\nprfxins.dll [分析中]
名称:    TRadioPlugin.dll  [已启用]
文件路径: D:\Tencent\TT\PLUGINS\TRadio\TRadioPlugin.dll [分析中]

==============================================================
      IE扩展按钮
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions
      [启动迅雷5]
      <{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}> <G:\Thunder Network\Thunder\Thunder.exe>
      文件路径: G:\Thunder Network\Thunder\Thunder.exe [分析中]
      [番茄花园]
      <{6096E38F-5AC1-4391-8EC4-75DFA92FB32F}> <http://www.tomatolei.com>

==============================================================
      IE扩展菜单
==============================================================
该项来源: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt
      <&使用超级旋风下载>       <D:\Tencent\QQDownload\geturl.htm>
      文件路径: D:\Tencent\QQDownload\geturl.htm [分析中]
      <&使用超级旋风下载全部链接>       <D:\Tencent\QQDownload\getAllurl.htm>
      文件路径: D:\Tencent\QQDownload\getAllurl.htm [分析中]
      <使用迅雷下载>       <G:\Thunder Network\Thunder\Program\geturl.htm>
      文件路径: G:\Thunder Network\Thunder\Program\geturl.htm [分析中]

==============================================================
      ActiveX控件
==============================================================
该项来源: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats
      [Thunder Agent Class]
      <{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}>       <G:\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll>
      文件路径: G:\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll [分析中]
      [XMP Class]
      <{6483F145-A768-4C41-AACC-52D4D7845851}>       <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work>
      文件路径: C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work [分析中]
      [XDRM]
      <{693571CB-54A3-4E90-9D52-EEAE1334E2D3}>       <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work>
      文件路径: C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work [分析中]
      [MediaComm Class]
      <{7670648D-461B-42AF-BDFE-46D26AF5EFF2}>       <G:\Thunder Network\Thunder\Components\InMedia\MediaAddin14.dll>
      文件路径: G:\Thunder Network\Thunder\Components\InMedia\MediaAddin14.dll [分析中]
      [Thunder DapCtrl]
      <{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}>       <G:\Thunder Network\Thunder\Components\DownAndPlay\DapCtrl1.2.11.14.8.dll>
      文件路径: G:\Thunder Network\Thunder\Components\DownAndPlay\DapCtrl1.2.11.14.8.dll [分析中]
      [Thunder DapPlayer]
      <{EEDD6FF9-13DE-496B-9A1C-D78B3215E266}>       <G:\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.40.64.8.dll>
      文件路径: G:\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.40.64.8.dll [分析中]
      [XPPlayer Class]
      <{F3E70CEA-956E-49CC-B444-73AFE593AD7F}>       <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work>
      文件路径: C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work [分析中]

==============================================================
      其他安全区域
==============================================================
该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
      [显示摇曳 CPL 扩展]       <deskpan.dll>
      [WinRAR]             <G:\WinRAR\rarext.dll>
      文件路径: G:\WinRAR\rarext.dll [分析中]

请各位高手帮帮忙..谢谢.!

TOP

annygi

Annygi

荣誉版主

http://kokoboy.ys168.com

积分: 7619
威望: 14927
元宝: 10
铜钱: 3047

最勤奋版主优秀版主勋章终身成就奖幕后英雄勋章安全精英毒霸MVP勋章技术达人病毒解剖师安全新秀清理专家电脑清理高手影音大使安全大师系统维护专家插件大侠进程新星系统狂人启动小师傅杀软原创技术写手勋章杀软技术新人勋章安全之星勋章最佳红客爱毒霸社区技术大师爱毒霸社区技术拉风人物电脑技术指导电脑技术专家周刊评论员

2楼大中小发表于 2008-6-29 17:16 只看该作者

清理HOST。

为了進一步暸解繫統詳細信息，需要您配合完善信息，

☆提交清理專傢在綫繫統診斷的日誌或者是SRENG的日誌（任選其一即可）

ＰＳ：
△清理專傢使用圖解:http://bbs.duba.net/thread-21830227-1-1.html

①请提供安全（杀毒）软件名以及相关查杀报告（病毒日志）信息；
②提交清理專傢在綫繫統診斷的日誌，請在“在線繫統診斷”＞“全麵診斷”＞＞“導齣診斷報告”到論壇求助；
③“導齣診斷報告”要選擇‘隱藏所有已知為安全項目’（非不得已，才去掉此選項）；
④齣現不能運行、運行無傚，請將安裝目錄下的KASMain.EXE文件改名（类似KOKO.com \ Gboy.scr）後再運行；
⑤毒霸2008無需再安裝，已經緊密結閤。

毒霸清理專傢官方下载：http://buy.duba.net/download/index.shtml#kas

◎请下载SRENG(System Repair Engineer)
◎.1将下载的文件Sreng2.zip>>>解压缩释放任意文件夹>>>运行SREngPS.EXE{Sreng2.exe}>>>智能扫描…>扫描…>保存报告
◎.2将保存的报告以文本方式打开，复制里面的内容，以回复形式粘贴发上论坛您的求助贴处，以作分析问题。
ＰＳ：
△SRENG使用图解:http://bbs.duba.net/thread-21830192-1-1.html
①扫描时请关闭所有手动打开的程序
②如出现SRENG不能运行情况，把文件改名（类似ag1.com \ g1n.scr）后再运行
③如遇见需要用户名和授权号，或者版本过期，请将系统日期设置为当前再运行
④请不要在对分析结果作出建议前进行任何修复、编辑、删除操作。

System Repair Engineer (SREng) 2.5 使用图解http://bbs.duba.net/thread-21830192-1-1.html
System Repair Engineer官方2.5下载：http://www.kztechs.com/sreng/download.html
System Repair Engineer官方在线帮助手册 http://www.kztechs.com/sreng/help2/
SRENG(無敵掃描糢式)下载http://kokoboy.ys168.com/

Annygi留言本　感謝“空指针”對友人D指教，深思更謹慎
爱毒霸社区宗旨是消灭0回复，您的所有问题，在这里都将找到答案
想知道鐵軍、鏽劒等高手如何進行反病毒麼，這裏進入吧…>新手入門
Annygi仅表达个人观点、提供个人建议，并不代表金山官方立场

TOP

‹‹ 上一主题 | 下一主题 ››