.Xut591
机器启动后不能正常上网,可以PING的通,是什么问题呀?大家帮忙看看,谢谢了!
启动项报告: 2006-8-16, 9:46:09
启动项扫描器版本: 1.52.2
开始于: C:\Documents and Settings\Mr.Wei\桌面\HijackThis汉华版\HijackThis1991zww.EXE
系统检测: Windows XP SP2 (WinNT 5.01.2600)
系统检测: Internet Explorer v6.00 SP2 (6.00.2900.2180)
* 使用默认选项
* 选择“列出全部(全面)”方式
* 选择“列出主要的部分(标准)”方式
==================================================
当前运行的进程:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\Explorer.EXE (www.dngz.net)
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe
C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe
C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe
C:\Program Files\TOPSEC\FW_AUTH_C\AuthClient.exe
C:\WINDOWS\TEMP\KM85CF.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\conime.exe
C:\Documents and Settings\Mr.Wei\桌面\HijackThis汉华版\HijackThis1991zww.exe
C:\WINDOWS\system32\NOTEPAD.EXE
--------------------------------------------------
文件夹中的启动项
Shell folders Startup:
[C:\Documents and Settings\Mr.Wei\「开始」菜单\程序\启动]
*No files*
Shell folders AltStartup:
*Folder not found*
User shell folders Startup:
*Folder not found*
User shell folders AltStartup:
*Folder not found*
Shell folders Common Startup: (www.dngz.net)
[C:\Documents and Settings\All Users\「开始」菜单\程序\启动]
*No files*
Shell folders Common AltStartup:
*Folder not found*
User shell folders Common Startup:
*Folder not found*
User shell folders Alternate Common Startup:
*Folder not found*
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,
[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
* 未找到相关注册表键值 *
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
* 未找到相关注册表键值 *
[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
IMJPMIG8.1 = "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
PHIME2002ASync = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC dngz.net您的电脑医生
PHIME2002A = C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
TkBellExe = "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
SoundMan = SOUNDMAN.EXE
SiSUSBRG = C:\WINDOWS\SiSUSBrg.exe
CnsMin = Rundll32.exe C:\WINDOWS\downlo~1\CnsMin.dll,Rundll32
OfficeScanNT Monitor = "C:\Program Files\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow
传奇杀手克星 = G:\PROGRAMS\WinTools\网络工具\AntiArp\arp.exe
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
* 未找到值 *
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
* 未找到值 *
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
欢迎来到(www.dngz.net)
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run (www.dngz.net)版权所有
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
[OptionalComponents]
* 未找到值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of: 本文来自(www.dngz.net)
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
* 未找到相关注册表键值 *
www.dngz.net
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
* 未找到相关注册表键值 *
--------------------------------------------------
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
* 未找到相关注册表键值 *
--------------------------------------------------
文件打开方式关联 for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command
(黙认) = "%1" %*
--------------------------------------------------
文件打开方式关联 for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command
(黙认) = "%1" %*
--------------------------------------------------
文件打开方式关联 for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command
(黙认) = "%1" %*
--------------------------------------------------
文件打开方式关联 for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command
(黙认) = "%1" %*
-------------------------------------------------- ~
文件打开方式关联 for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command
(黙认) = "%1" /S
--------------------------------------------------
文件打开方式关联 for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command
(黙认) = C:\WINDOWS\system32\mshta.exe "%1" %*
--------------------------------------------------
文件打开方式关联 for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command
(黙认) = %SystemRoot%\system32\NOTEPAD.EXE %1
--------------------------------------------------
Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)
[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = C:\WINDOWS\inf\unregmp2.exe /ShowWMP
[>{26923b43-4d38-484f-9b9e-de460746276c}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
[>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] *
StubPath = RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
[>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] *
StubPath = %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
~
[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
[{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
[{5945c046-1e7d-11d1-bc44-00c04fd912be}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub
[{7790769C-0471-11d2-AF11-00C04FA35D02}] *
StubPath = "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll
[{89820200-ECBD-11cf-8B85-00AA005B4383}]
StubPath = %SystemRoot%\system32\ie4uinit.exe
-------------------------------------------------- (www.dngz.net)为您排除一切电脑故障
Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps
* 未找到相关注册表键值 *
--------------------------------------------------
Load/Run keys from C:\WINDOWS\WIN.INI:
load=* 未找到INI相关项目值 *
run=* 未找到INI相关项目值 *
Load/Run keys from Registry:
HKLM\..\Windows NT\CurrentVersion\WinLogon: load=* 未找到相关注册表键值 *
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=* 未找到相关注册表键值 *
HKLM\..\Windows\CurrentVersion\WinLogon: load=* 未找到相关注册表键值 *
HKLM\..\Windows\CurrentVersion\WinLogon: run=* 未找到相关注册表键值 *
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=* 未找到相关注册表键值 *
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=* 未找到相关注册表键值 *
HKCU\..\Windows\CurrentVersion\WinLogon: load=* 未找到相关注册表键值 *
HKCU\..\Windows\CurrentVersion\WinLogon: run=* 未找到相关注册表键值 *
HKCU\..\Windows NT\CurrentVersion\Windows: load= (www.dngz.net)
HKCU\..\Windows NT\CurrentVersion\Windows: run=* 未找到相关注册表键值 *
HKLM\..\Windows NT\CurrentVersion\Windows: load=* 未找到相关注册表键值 *
HKLM\..\Windows NT\CurrentVersion\Windows: run=* 未找到相关注册表键值 *
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=
--------------------------------------------------
外壳扩展和屏幕保护程序的键值 从 C:\WINDOWS\SYSTEM.INI:
Shell=* 未找到INI相关项目值 *
SCRNSAVE.EXE=* 未找到INI相关项目值 *
drivers=* 未找到INI相关项目值 *
外壳扩展和屏幕保护程序的键值 从 注册表
Shell=Explorer.exe
SCRNSAVE.EXE=C:\WINDOWS\system32\ssstars.scr
drivers=* 未找到相关注册表键值 *
Policies Shell key:
HKCU\..\Policies: Shell=* 未找到相关注册表键值 *
HKLM\..\Policies: Shell=* 未找到相关注册表键值 *
--------------------------------------------------
Checking for EXPLORER.EXE instances:
C:\WINDOWS\Explorer.exe: PRESENT! (www.dngz.net)为您排除一切电脑故障
C:\Explorer.exe: not present
C:\WINDOWS\Explorer\Explorer.exe: not present
C:\WINDOWS\System\Explorer.exe: not present
C:\WINDOWS\System32\Explorer.exe: not present
C:\WINDOWS\Command\Explorer.exe: not present
C:\WINDOWS\Fonts\Explorer.exe: not present
--------------------------------------------------
Checking for superhidden extensions:
.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: HIDDEN!
.shb: HIDDEN!
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden
--------------------------------------------------
Verifying REGEDIT.EXE integrity:
- Regedit.exe found in C:\WINDOWS
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename OK: 'REGEDIT.EXE'
- File description: 'Registry Editor'
Registry check passed dngz.net版权所有
--------------------------------------------------
列举IE浏览器辅助对象(BHO??:
YDragSearch - (no file) - {62EED7C6-9F02-42f9-B634-98E2899E147B}
(no name) - C:\PROGRA~1\FLASHGET\jccatch.dll - {A5366673-E8CA-11D3-9CD9-0090271D075B}
DownloadBHO T2BHO - C:\WINDOWS\Downloaded Program Files\barhelp24.0.dll - {B1D147E7-873E-4909-8127-695D9BB78728}
IE - C:\WINDOWS\downlo~1\CnsHook.dll - {D157330A-9EF3-49F8-9A67-4141AC41ADD4}
--------------------------------------------------
列举“计划任务”服务:
*No jobs found*
--------------------------------------------------
列举下载的程序文件:
[ObjWinNTCheck Class]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\WinNTChk.dll
CODEBASE = http://10.36.5.29:8080/officescan/console/ClientInstall/WinNTChk.cab
[Virusscan Control]
InProcServer32 = C:\WINDOWS\DOWNLO~1\scan.ocx
CODEBASE = http://www.zrinfo.net/scan/scan.CAB
[XLink Class]
InProcServer32 = C:\WINDOWS\system32\wshcon32.dll
,
CODEBASE = http://active.micr0media.com/swflash.CAB
[Shockwave Flash Object]
InProcServer32 = C:\WINDOWS\system32\Macromed\Flash\Flash8.ocx
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
[Ravonline]
InProcServer32 = C:\WINDOWS\Downloaded Program Files\RsOnline.dll
CODEBASE = http://download.rising.com.cn/QQ/QQkill/rsonline.cab
--------------------------------------------------
列举 Winsock LSP 文件:
NameSpace #1: C:\WINDOWS\System32\mswsock.dll
NameSpace #2: C:\WINDOWS\System32\winrnr.dll
NameSpace #3: C:\WINDOWS\System32\mswsock.dll
Protocol #1: C:\WINDOWS\system32\wshcon32.dll
Protocol #2: C:\WINDOWS\system32\mswsock.dll
Protocol #3: C:\WINDOWS\system32\mswsock.dll
Protocol #4: C:\WINDOWS\system32\mswsock.dll
Protocol #5: C:\WINDOWS\system32\mswsock.dll
Protocol #6: C:\WINDOWS\system32\mswsock.dll
Protocol #7: C:\WINDOWS\system32\mswsock.dll
Protocol #8: C:\WINDOWS\system32\mswsock.dll
Protocol #9: C:\WINDOWS\system32\mswsock.dll
Protocol #10: C:\WINDOWS\system32\mswsock.dll ~
Protocol #11: C:\WINDOWS\system32\rsvpsp.dll
Protocol #12: C:\WINDOWS\system32\rsvpsp.dll
Protocol #13: C:\WINDOWS\system32\wshcon32.dll
--------------------------------------------------
Enumerating Windows NT/2000/XP services
157426: System32\drivers\157426.sys (system)
Microsoft ACPI Driver: system32\DRIVERS\ACPI.sys (system)
Microsoft Kernel Acoustic Echo Canceller: system32\drivers\aec.sys (manual start)
AFD: \SystemRoot\System32\drivers\afd.sys (system)
Service for WDM 3D Audio Driver: system32\drivers\ALCXSENS.SYS (manual start)
Service for Realtek AC97 Audio (WDM): system32\drivers\ALCXWDM.SYS (manual start)
Alerter: %SystemRoot%\system32\svchost.exe -k LocalService (disabled)
Application Layer Gateway Service: %SystemRoot%\System32\alg.exe (manual start)
Application Management: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
RAS Asynchronous Media Driver: system32\DRIVERS\asyncmac.sys (manual start)
标准 IDE/ESDI 硬盘控制器: system32\DRIVERS\atapi.sys (system)
ATM ARP Client Protocol: system32\DRIVERS\atmarpc.sys (manual start) ,
Windows Audio: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
音频存根驱动程序: system32\DRIVERS\audstub.sys (manual start)
Background Intelligent Transfer Service: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Computer Browser: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
CD-ROM Driver: system32\DRIVERS\cdrom.sys (system)
Indexing Service: %SystemRoot%\system32\cisvc.exe (manual start)
ClipBook: %SystemRoot%\system32\clipsrv.exe (disabled)
CnsMinKP: system32\drivers\CnsMinKP.sys (system)
COM System Application: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Cryptographic Services: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
DCOM Server Process Launcher: %SystemRoot%\system32\svchost -k DcomLaunch (autostart)
DHCP Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
磁盘驱动器: system32\DRIVERS\disk.sys (system)
Logical Disk Manager Administrative Service: %SystemRoot%\System32\dmadmin.exe /com (manual start)
dmboot: System32\drivers\dmboot.sys (disabled)
本文来自 www.dngz.net
Logical Disk Manager Driver: System32\drivers\dmio.sys (system)
dmload: System32\drivers\dmload.sys (system)
Logical Disk Manager: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Microsoft Kernel DLS Syntheiszer: system32\drivers\DMusic.sys (manual start)
DNS Client: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
Microsoft Kernel DRM Audio Descrambler: system32\drivers\drmkaud.sys (manual start)
Error Reporting Service: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Event Log: %SystemRoot%\system32\services.exe (autostart)
COM Event System: C:\WINDOWS\system32\svchost.exe -k netsvcs (manual start)
Fast User Switching Compatibility: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Floppy Disk Controller Driver: system32\DRIVERS\fdc.sys (manual start)
软盘驱动程序: system32\DRIVERS\flpydisk.sys (manual start)
FltMgr: system32\DRIVERS\fltMgr.sys (system)
FsVga: system32\DRIVERS\fsvga.sys (system)
Volume Manager Driver: system32\DRIVERS\ftdisk.sys (system)
Game Port Enumerator: system32\DRIVERS\gameenum.sys (manual start) ~
Generic Packet Classifier: system32\DRIVERS\msgpc.sys (manual start)
Human Interface Device Access: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Microsoft HID Class Driver: system32\DRIVERS\hidusb.sys (manual start)
HTTP: System32\Drivers\HTTP.sys (manual start)
HTTP SSL: %SystemRoot%\System32\svchost.exe -k HTTPFilter (manual start)
i8042 键盘及 PS/2 鼠标端口驱动程序: system32\DRIVERS\i8042prt.sys (system)
i81x: system32\DRIVERS\i81xnt5.sys (manual start)
iAimFP0: system32\DRIVERS\wADV01nt.sys (manual start)
iAimFP1: system32\DRIVERS\wADV02NT.sys (manual start)
iAimFP2: system32\DRIVERS\wADV05NT.sys (manual start)
iAimFP3: system32\DRIVERS\wSiINTxx.sys (manual start)
iAimFP4: system32\DRIVERS\wVchNTxx.sys (manual start)
iAimFP5: system32\DRIVERS\wADV07nt.sys (manual start)
iAimFP6: system32\DRIVERS\wADV08nt.sys (manual start)
iAimFP7: system32\DRIVERS\wADV09nt.sys (manual start)
iAimTV0: system32\DRIVERS\wATV01nt.sys (manual start)
iAimTV1: system32\DRIVERS\wATV02NT.sys (manual start)
iAimTV3: system32\DRIVERS\wATV04nt.sys (manual start)
(www.dngz.net)
iAimTV4: system32\DRIVERS\wCh7xxNT.sys (manual start)
iAimTV5: system32\DRIVERS\wATV10nt.sys (manual start)
iAimTV6: system32\DRIVERS\wATV06nt.sys (manual start)
CD 烧制筛选驱动器: system32\DRIVERS\imapi.sys (system)
IMAPI CD-Burning COM Service: C:\WINDOWS\system32\imapi.exe (manual start)
IntelIde: system32\DRIVERS\intelide.sys (system)
Intel Processor Driver: system32\DRIVERS\intelppm.sys (system)
IPv6 Windows Firewall Driver: system32\DRIVERS\Ip6Fw.sys (manual start)
IP Traffic Filter Driver: system32\DRIVERS\ipfltdrv.sys (manual start)
IP in IP Tunnel Driver: system32\DRIVERS\ipinip.sys (manual start)
IP Network Address Translator: system32\DRIVERS\ipnat.sys (manual start)
IPSEC driver: system32\DRIVERS\ipsec.sys (system)
IR Enumerator Service: system32\DRIVERS\irenum.sys (manual start)
PnP ISA/EISA Bus Driver: system32\DRIVERS\isapnp.sys (system)
Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (system)
Microsoft Kernel Wave Audio Mixer: system32\drivers\kmixer.sys (manual start)
kmsinput: \?\C:\WINDOWS\system32\drivers\kmsinput.sys (manual start) dngz.net您的电脑医生
Server: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Workstation: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
TCP/IP NetBIOS Helper: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Machine Debug Manager: "C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE" (autostart)
Messenger: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
NetMeeting Remote Desktop Sharing: C:\WINDOWS\system32\mnmsrvc.exe (manual start)
Mouse Class Driver: system32\DRIVERS\mouclass.sys (system)
Mouse HID Driver: system32\DRIVERS\mouhid.sys (manual start)
WebDav Client Redirector: system32\DRIVERS\mrxdav.sys (manual start)
MRXSMB: system32\DRIVERS\mrxsmb.sys (system)
Distributed Transaction Coordinator: C:\WINDOWS\system32\msdtc.exe (manual start)
Windows Installer: C:\WINDOWS\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start) (www.dngz.net)版权所有
Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (manual start)
Microsoft MPU-401 MIDI UART Driver: system32\drivers\msmpu401.sys (manual start)
Remote Access NDIS TAPI Driver: system32\DRIVERS\ndistapi.sys (manual start)
NDIS 用户模式 I/O 协议: system32\DRIVERS\ndisuio.sys (manual start)
Remote Access NDIS WAN Driver: system32\DRIVERS\ndiswan.sys (manual start)
NetBIOS Interface: system32\DRIVERS\netbios.sys (system)
NetBT: system32\DRIVERS\netbt.sys (system)
Network DDE: %SystemRoot%\system32\netdde.exe (disabled)
Network DDE DSDM: %SystemRoot%\system32\netdde.exe (disabled)
Net Logon: %SystemRoot%\system32\lsass.exe (manual start)
Network Connections: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Network Logon: rundll32.exe KB896425.log,start (autostart)
New0: \?\C:\WINDOWS\system32\new.sys (autostart)
Network Location Awareness (NLA): %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
npkcrypt: \?\C:\Program Files\Tencent\QQ\npkcrypt.sys (autostart)
NT LM Security Support Provider: %SystemRoot%\system32\lsass.exe (manual start) ;
Removable Storage: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
OfficeScanNT 实时扫描: C:\Program Files\Trend Micro\OfficeScan Client\ntrtscan.exe (autostart)
IPX Traffic Filter Driver: system32\DRIVERS\nwlnkflt.sys (manual start)
IPX Traffic Forwarder Driver: system32\DRIVERS\nwlnkfwd.sys (manual start)
OfficeScanNT 个人防火墙: C:\Program Files\Trend Micro\OfficeScan Client\OfcPfwSvc.exe (autostart)
Office Source Engine: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (manual start)
Intel PentiumIII Processor Driver: system32\DRIVERS\p3.sys (system)
Parallel port driver: system32\DRIVERS\parport.sys (manual start)
PCI Bus Driver: system32\DRIVERS\pci.sys (system)
PCIIde: system32\DRIVERS\pciide.sys (system)
Plug and Play: %SystemRoot%\system32\services.exe (autostart)
IPSEC Services: %SystemRoot%\system32\lsass.exe (autostart)
WAN Miniport (PPTP): system32\DRIVERS\raspptp.sys (manual start)
Protected Storage: %SystemRoot%\system32\lsass.exe (autostart)
QoS Packet Scheduler: system32\DRIVERS\psched.sys (manual start) www.dngz.net
Direct Parallel Link Driver: system32\DRIVERS\ptilink.sys (manual start)
PxHelp20: system32\DRIVERS\PxHelp20.sys (system)
Remote Access Auto Connection Driver: system32\DRIVERS\rasacd.sys (system)
Remote Access Auto Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
WAN Miniport (L2TP): system32\DRIVERS\rasl2tp.sys (manual start)
Remote Access Connection Manager: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
远程访问 PPPOE 驱动程序: system32\DRIVERS\raspppoe.sys (manual start)
Direct Parallel: system32\DRIVERS\raspti.sys (manual start)
Rdbss: system32\DRIVERS\rdbss.sys (system)
RDPCDD: System32\DRIVERS\RDPCDD.sys (system)
Terminal Server Device Redirector Driver: system32\DRIVERS\rdpdr.sys (manual start)
Remote Desktop Help Session Manager: C:\WINDOWS\system32\sessmgr.exe (manual start)
Digital CD Audio Playback Filter Driver: system32\DRIVERS\redbook.sys (system)
Routing and Remote Access: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
Remote Registry: %SystemRoot%\system32\svchost.exe -k LocalService (autostart) (www.dngz.net)
Remote Procedure Call (RPC) Locator: %SystemRoot%\system32\locator.exe (manual start)
Remote Procedure Call (RPC): %SystemRoot%\system32\svchost -k rpcss (autostart)
QoS RSVP: %SystemRoot%\system32\rsvp.exe (manual start)
Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver: system32\DRIVERS\RTL8139.SYS (manual start)
Security Accounts Manager: %SystemRoot%\system32\lsass.exe (autostart)
Smart Card: %SystemRoot%\System32\SCardSvr.exe (manual start)
Task Scheduler: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Secdrv: system32\DRIVERS\secdrv.sys (manual start)
Secondary Logon: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
System Event Notification: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Serenum Filter Driver: system32\DRIVERS\serenum.sys (manual start)
Serial port driver: system32\DRIVERS\serial.sys (system)
Windows Firewall/Internet Connection Sharing (ICS): %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Shell Hardware Detection: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
dngz.net版权所有
SiS315: system32\DRIVERS\sisgrp.sys (manual start)
SiS AGP Filter: system32\DRIVERS\SISAGPX.sys (system)
SiSkp: system32\DRIVERS\srvkp.sys (system)
Sony USB Filter Driver (SONYPVU1): system32\DRIVERS\SONYPVU1.SYS (manual start)
Microsoft Kernel Audio Splitter: system32\drivers\splitter.sys (manual start)
Print Spooler: %SystemRoot%\system32\spoolsv.exe (autostart)
System Restore Filter Driver: \SystemRoot\system32\DRIVERS\sr.sys (disabled)
System Restore Service: %SystemRoot%\system32\svchost.exe -k netsvcs (disabled)
Srv: system32\DRIVERS\srv.sys (manual start)
SSDP Discovery Service: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Windows Image Acquisition (WIA): %SystemRoot%\system32\svchost.exe -k imgsvc (manual start)
Software Bus Driver: system32\DRIVERS\swenum.sys (manual start)
Microsoft Kernel GS Wavetable Synthesizer: system32\drivers\swmidi.sys (manual start)
MS Software Shadow Copy Provider: C:\WINDOWS\system32\dllhost.exe /Processid:{C993C98C-ED14-40A6-AD9B-EC66F8BB50D9} (manual start)
Microsoft Kernel System Audio Device: system32\drivers\sysaudio.sys (manual start) .
Performance Logs and Alerts: %SystemRoot%\system32\smlogsvc.exe (manual start)
Telephony: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
TCP/IP Protocol Driver: system32\DRIVERS\tcpip.sys (system)
Terminal Device Driver: system32\DRIVERS\termdd.sys (system)
Terminal Services: %SystemRoot%\System32\svchost -k DComLaunch (manual start)
Themes: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Telnet: C:\WINDOWS\system32\tlntsvr.exe (disabled)
Trend Micro Filter: \?\C:\Program Files\Trend Micro\OfficeScan Client\TmXPFlt.sys (autostart)
OfficeScanNT 侦听程序: C:\Program Files\Trend Micro\OfficeScan Client\tmlisten.exe (autostart)
Trend Micro PreFilter: \?\C:\Program Files\Trend Micro\OfficeScan Client\TmPreFlt.sys (autostart)
Common Firewall Driver: \?\C:\Program Files\Trend Micro\OfficeScan Client\tm_cfw.sys (autostart)
Distributed Link Tracking Client: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
Microsoft AGPv3.5 Filter: system32\DRIVERS\uagp35.sys (system)
Microcode Update Driver: system32\DRIVERS\update.sys (manual start) (www.dngz.net)
Universal Plug and Play Device Host: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Uninterruptible Power Supply: %SystemRoot%\System32\ups.exe (manual start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
USB2 Enabled Hub: system32\DRIVERS\usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: system32\DRIVERS\usbohci.sys (manual start)
USB 大容量存储设备: system32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: system32\DRIVERS\usbuhci.sys (manual start)
VgaSave: \SystemRoot\System32\drivers\vga.sys (system)
Trend Micro VSAPI NT: \?\C:\Program Files\Trend Micro\OfficeScan Client\VSApiNt.sys (autostart)
Volume Shadow Copy: %SystemRoot%\System32\vssvc.exe (manual start)
Windows Time: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Remote Access IP ARP Driver: system32\DRIVERS\wanarp.sys (manual start)
Microsoft WINMM WDM Audio Compatibility Driver: system32\drivers\wdmaud.sys (manual start) ~
WebClient: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
Windows Management Instrumentation: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Portable Media Serial Number Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Windows Management Instrumentation Driver Extensions: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
WMI Performance Adapter: C:\WINDOWS\system32\wbem\wmiapsrv.exe (manual start)
Windows 套接字 2 .0 Non-IFS 服务提供程序支持环境: \SystemRoot\System32\drivers\ws2ifsl.sys (system)
Security Center: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
Automatic Updates: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Wireless Zero Configuration: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
Network Provisioning Service: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
--------------------------------------------------
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
Windows NT checkdisk command:
BootExecute = autocheck autochk *
(www.dngz.net)
Windows NT 'Wininit.ini':
PendingFileRenameOperations: * 未找到相关注册表键值 *
--------------------------------------------------
列举 ShellServiceObjectDelayLoad 项目:
PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll
--------------------------------------------------
注册表中的启动项:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
* 未找到相关注册表键值 *
--------------------------------------------------
注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
* 未找到相关注册表键值 *
--------------------------------------------------
报告完毕,共 32,097 字节
报告生成用时:0.180秒
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
,
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
C:\WINDOWS\Explorer.EXE只发现这个 没发现C:\WINDOWS\explorer.exe
当前运行的进程:
C:\WINDOWS\TEMP\KM85CF.EXE
注册表中的启动项:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
SiSUSBRG = C:\WINDOWS\SiSUSBrg.exe
Enumerating Windows NT/2000/XP services
Network Logon: rundll32.exe KB896425.log,start (autostart)
New0: \?\C:\WINDOWS\system32\new.sys (autostart)
楼主扫日记的软件怎么这么全啊,看得太辛苦,就看出这么多吧,该怎么做怎么做去.
KB896425.log
这个文件说不定在windows环境下看不到,建议用DOS启动盘找一下windows目录是否有这个文件.
我有同样的问题。
很有可能是上网的dll文件被破坏了,我的以前也是这样的,后来用了一条命令解决问题~
netsh winsock reset
我这里也出现这种情况,有是能上网,但经常断,外网能PING通,杀毒也没杀出什么
使用一个叫WinsockxpFix软件,可以修复
用兔子的ie修复,里面有个强力修复,winsock2,用这个试试
2个字 病毒
建议你重新装过系统
删除TCP/IP协议,再安装就行了
重新安TCP/IP
偶也是新手看不懂那些东西 给你的建议也只能是粗浅的 要不就重装 要不就把东西都给卸了
用黄山IE修复
不能正常上网是什么意思,是有时能不上网有时不能上网,还是上网后有其它的问题,把问题描述清楚嘛?