|
|
我的电脑中了www.3448.com 这个网的病毒啊!已经用了无数的软件了啊!就是杀不了啊!求求大家救救我的机吧。。。。。好人万岁!!!!小弟在此先谢谢了啊!
我的诊断报告:
各位高手:
非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
该诊断报告由360安全卫士提供 http://www.360safe.com
诊断时间: 2006-11-01 23:51:34
诊断平台: Microsoft Windows 2000 Service Pack 4
IE版本: Internet Explorer V6.0.2800.1106 Build:62800.1106
计算机物理内存:127MB - 当前可用内存:41MB
R0 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.baidu.com/
O23 - 未知 - Service: AVP [保护计算机远离病毒和间谍软件的威胁。] - D:\卡巴杀毒\avp.exe -r
=======================================
100 - 安全 - Process: smss.exe [该进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - \SystemRoot\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINNT\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxReques
100 - 安全 - Process: WINLOGON.EXE [windows nt用户登陆程序。] - winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINNT\system32\services.exe
100 - 安全 - Process: LSASS.EXE [本地安全权限服务控制windows安全机制。] - C:\WINNT\system32\lsass.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINNT\system32\svchost -k rpcss
100 - 安全 - Process: winmgmt.exe [windows management service透过windows management instrumentation data (wmi)技术处理来自应用客户端的请求。] - C:\WINNT\System32\WBEM\WinMgmt.exe
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件管理。] - C:\WINNT\Explorer.EXE
100 - 安全 - Process: conime.exe [console ime ime输入法控制台软件。] - C:\WINNT\system32\conime.exe
100 - 安全 - Process: sriecli.exe [超级兔子相关程序。] - "C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE"
100 - 安全 - Process: 360Safe.exe [360安全卫士] - "D:\360safe\360Safe.exe"
O2 - 安全 - BHO: (AcroIEHlprObj Class) - [Adobe Reader, 查看和打印 Adobe 便携文档格式 (PDF) 文件。] - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - 安全 - BHO: (超级兔子上网精灵) - [超级兔子上网精灵相关插件。] - {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} - C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
O3 - 安全 - Toolbar: (@msdxmLC.dll,-1@2052,电台(&R)) - [是Windows Media Player播放器ActiveX控制相关文件。] - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - 安全 - Toolbar: (超级兔子上网精灵) - [超级兔子上网精灵工具条,随超级兔子软件捆绑安装。] - {43869BB3-22FD-4F15-9B46-238106BA2F4E} - C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll
O4 - 安全 - HKLM\..\Run: [Synchronization Manager] [资料同步管理器] mobsync.exe /logon
O4 - 安全 - HKLM\..\Run: [SoundMan] [Realtek声卡相关程序。] SOUNDMAN.EXE
O4 - 安全 - HKLM\..\Run: [TkBellExe] [是Real Networks产品定时升级检测程序。] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - 安全 - HKLM\..\Run: [kav] [卡巴斯基杀毒软件相关程序。] "D:\卡巴杀毒\avp.exe"
O4 - 安全 - HKCU\..\Run: [Internat.exe] [输入法在任务栏里的图标] internat.exe
O4 - 安全 - HKCU\..\Run: [Super Rabbit IEPro] [超级兔子ie保护专家] C:\Program Files\Super Rabbit\MagicSet\SRIECLI.EXE /LOAD
O8 - 安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O16 - 安全 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Windows升级工具V4) - http://v4.windowsupdate.microsof ... AB?38455.2106828704
O16 - 安全 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Flash播放器) - http://download.macromedia.com/p ... s/flash/swflash.cab
O18 - 安全 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O23 - 安全 - Service: Fax [微软Microsoft传真服务相关程序,该服务允许用户创建和发送传真到微软Office组件中。] - C:\WINNT\system32\faxsvc.exe
O23 - 安全 - Service: NVSvc [是NVIDIA显示卡相关程序。] - C:\WINNT\system32\nvsvc32.exe
=======================================
040 - winlogon.exe - Microsoft Corporation - C:\WINNT\system32\sfcfiles.dll - Windows 2000 System File Checker
040 - winlogon.exe - Kaspersky Lab - C:\WINNT\system32\klogon.dll - Logon Visualizer
040 - winlogon.exe - Microsoft Corporation - C:\WINNT\system32\wzcdlg.dll - Wireless Zero Configuration Service UI
040 - lsass.exe - Microsoft Corporation - C:\WINNT\system32\ICMP.DLL - ICMP DLL
040 - lsass.exe - Microsoft Corporation - C:\WINNT\system32\rsabase.dll - Microsoft Base Cryptographic Provider (Export Version)
040 - svchost.exe - Microsoft Corporation - C:\WINNT\system32\msafd.dll - Microsoft Windows Sockets 2.0 Service Provider
040 - svchost.exe - Microsoft Corporation - C:\WINNT\System32\wshisn.dll - NWLINK2 Socket Helper DLL
040 - svchost.exe - Microsoft Corporation - C:\WINNT\System32\wshnetbs.dll - Netbios Windows Sockets Helper DLL
040 - svchost.exe - Microsoft Corporation - C:\WINNT\System32\rnr20.dll - Windows Socket2 NameSpace DLL
040 - svchost.exe - Microsoft Corporation - C:\WINNT\system32\ICMP.DLL - ICMP DLL
040 - Explorer.EXE - Microsoft Corporation - C:\WINNT\system32\shim.dll - Shim Engine DLL
040 - Explorer.EXE - Microsoft Corporation - C:\WINNT\AppPatch\AcLayers.DLL - Windows 2000 Shim Accessory DLL
040 - Explorer.EXE - Kaspersky Lab - D:\卡巴杀毒\shellex.dll - Windows Shell Extension
040 - Explorer.EXE - Microsoft Corporation - C:\WINNT\system32\LZ32.DLL - LZ Expand/Compress API DLL
040 - Explorer.EXE - Microsoft Corporation - C:\WINNT\system32\c_is2022.dll - ISO-2022 Code Page Translation DLL
040 - Explorer.EXE - Microsoft Corporation - C:\WINNT\system32\msafd.dll - Microsoft Windows Sockets 2.0 Service Provider
040 - Explorer.EXE - Microsoft Corporation - C:\WINNT\System32\rnr20.dll - Windows Socket2 NameSpace DLL
040 - Explorer.EXE - Microsoft Corporation - C:\WINNT\system32\ICMP.DLL - ICMP DLL
040 - Explorer.EXE - Microsoft Corporation - C:\WINNT\system32\inetcplc.dll - Internet Control Panel
=======================================
041 - CCDECODE - WDM Closed Caption VBI Codec - C:\WINNT\system32\drivers\ccdecode.sys
041 - gameenum - Game Port Enumerator - C:\WINNT\system32\drivers\gameenum.sys
041 - GNetPPPoE - Intermediate Miniport Driver For PPP over Ethernet Protocol - C:\WINNT\system32\drivers\PPPoE.SYS
041 - IdeBusDr - Intel Application Accelerator Driver - C:\WINNT\system32\drivers\IdeBusDr.sys
041 - IdeChnDr - Intel Application Accelerator Driver - C:\WINNT\system32\drivers\IdeChnDr.sys
041 - kl1 - Kaspersky Unified Driver - C:\WINNT\system32\drivers\kl1.sys
041 - klif - spuper-ptor - C:\WINNT\system32\drivers\klif.sys
041 - MPE - Microsoft MPE to IP Filter - C:\WINNT\system32\drivers\mpe.sys
041 - MSTEE - WDM Tee/Communication Transform Filter - C:\WINNT\system32\drivers\mstee.sys
041 - NABTSFEC - WDM NABTS/FEC VBI Codec - C:\WINNT\system32\drivers\nabtsfec.sys
041 - NetDetect - Network Card Detection driver - C:\WINNT\system32\drivers\netdtect.sys
041 - NwlnkIpx - NWLINK2 IPX Protocol Driver - C:\WINNT\system32\drivers\nwlnkipx.sys
041 - NwlnkNb - NWLINK2 IPX Netbios Protocol Driver - C:\WINNT\system32\drivers\nwlnknb.sys
041 - NwlnkSpx - NWLINK2 SPX Protocol Driver - C:\WINNT\system32\drivers\nwlnkspx.sys
041 - Parallel - Parallel Printer Driver - C:\WINNT\system32\drivers\parallel.sys
041 - RCA - RCA filter - C:\WINNT\system32\drivers\rca.sys
041 - SLIP - Microsoft Slip Deframing Filter Minidriver - C:\WINNT\system32\drivers\slip.sys
041 - streamip - Microsoft IP Driver - C:\WINNT\system32\drivers\streamip.sys
041 - uhcd - Universal Host Controller Driver - C:\WINNT\system32\drivers\uhcd.sys
041 - usbhub20 - Default Hub Driver for USB 2.0 - C:\WINNT\system32\drivers\usbhub20.sys
041 - WSTCODEC - WDM WST Codec Driver - C:\WINNT\system32\drivers\wstcodec.sys
041 - yukonw2k - NDIS5 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter - C:\WINNT\system32\drivers\yukonw2k.sys
=======================================
360Safe.exe=2.0.1.2006
AntiAdwa.dll=2.0.1.2003
AntiEng.dll=2.0.1.2002
AntiActi.dll=2.0.0.3000
CleanHis.dll=2.0.0.1001
safelive.exe=1.0.0.1002
live.dll=1.0.0.1011
=======================================
操作历史报告:
----------查杀恶意软件历史----------
2006-11-01 22:25
查杀恶意软件 - 4199/9505/3448 - 危险 -
2006-11-01 22:33
查杀恶意软件 - 4199/9505/3448 - 危险 -
----------全面诊断修复历史----------
2006-11-01 22:26
O4 - 未知 - hn - C:\WINNT\system32\rundll32.exe 7dfln.dll Rundll32
2006-11-01 23:49
100 - 未知 - srgui.exe - C:\Program Files\Super Rabbit\MagicSet\srgui.exe
O4 - 未知 - hn - C:\WINNT\system32\rundll32.exe 7dfln.dll Rundll32
O4 - 未知 - Super Rabbit SRCK - "C:\Program Files\Super Rabbit\MagicSet\SRCK.exe" /autokill:226
O9 - 未知 - @shdoclc.dll,-866 - C:\WINNT\web\related.htm
2006-11-01 23:49
R1 - 安全 - IE用户指定空白页 - HKLM\Software\Microsoft\Internet Explorer\Main
R1 - 安全 - IE用户指定空白页 - HKCU\Software\Microsoft\Internet Explorer\Main
----------修复IE浏览器操作历史----------
2006-11-01 22:27
O27 - 危险 - 登录提示框标题 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
O27 - 危险 - 登录提示框文字 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
R0 - 危险 - IE起始页的默认页 - HKLM\Software\Microsoft\Internet Explorer\Main
2006-11-01 23:47
O27 - 危险 - 登录提示框文字 - HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
O6 - 危险 - 禁止IE首页相关设置 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
O6 - 危险 - 禁止IE相关功能 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions
2006-11-01 23:49
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
2006-11-01 23:49
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
2006-11-01 23:49
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
2006-11-01 23:49
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
2006-11-01 23:50
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
2006-11-01 23:50
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
2006-11-01 23:50
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
2006-11-01 23:50
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
2006-11-01 23:50
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
2006-11-01 23:50
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
2006-11-01 23:51
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
大家求你们了啊!谢谢了啊! |
|
闽公网安备35020302032614号 )
IP卡
狗仔卡
发表于 2006-11-2 01:03:37
提升卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡