============================================================== 金山清理专家系统诊断报告 该诊断报告由金山清理专家提供 http://www.duba.net ============================================================== 诊断时间: 2008-10-24, 23:11 诊断平台: Windows 2003 [5.2.3790] IE版本: Internet Explorer V6.0.0.3790 计算机物理内存: 2047(MB) 当前可用内存: 2047(MB) 硬盘总大小: 534(GB) 硬盘可用空间: 492(GB) 清理专家版本: 2008.10.13.10 恶意软件库版本: 2008.08.06.1 漏洞库版本: 2008.10.15.1 ============================================================== 启动文件夹位置 ============================================================== Common Startup: C:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动 Startup: C:\Documents and Settings\Administrator.LI-PNXYWX41TC8W\「开始」菜单\程序\启动 Common Startup: %ALLUSERSPROFILE%\「开始」菜单\程序\启动 ============================================================== Host File ============================================================== 127.0.0.1 localhost 127.0.0.1 www.symantec.com 127.0.0.1 securityresponse.symantec.com 127.0.0.1 downloads1.kaspersky-labs.com 127.0.0.1 downloads2.kaspersky-labs.com 127.0.0.1 downloads3.kaspersky-labs.com 127.0.0.1 downloads4.kaspersky-labs.com 127.0.0.1 downloads5.kaspersky-labs.com 127.0.0.1 www.kaspersky-labs.com 127.0.0.1 symantec.com 127.0.0.1 www.sophos.com 127.0.0.1 sophos.com 127.0.0.1 www.mcafee.com 127.0.0.1 mcafee.com 127.0.0.1 liveupdate.symantecliveupdate.com 127.0.0.1 www.viruslist.com 127.0.0.1 viruslist.com 127.0.0.1 viruslist.com 127.0.0.1 f-secure.com 127.0.0.1 www.f-secure.com 127.0.0.1 kaspersky.com 127.0.0.1 www.avp.com 127.0.0.1 www.kaspersky-labs.com 127.0.0.1 avp.com 127.0.0.1 www.networkassociates.com 127.0.0.1 networkassociates.com 127.0.0.1 www.ca.com 127.0.0.1 ca.com 127.0.0.1 mast.mcafee.com 127.0.0.1 my-etrust.com 127.0.0.1 www.my-etrust.com 127.0.0.1 download.mcafee.com 127.0.0.1 dispatch.mcafee.com 127.0.0.1 secure.nai.com 127.0.0.1 nai.com 127.0.0.1 www.nai.com 127.0.0.1 update.symantec.com 127.0.0.1 updates.symantec.com 127.0.0.1 us.mcafee.com 127.0.0.1 liveupdate.symantec.com 127.0.0.1 customer.symantec.com 127.0.0.1 rads.mcafee.com 127.0.0.1 trendmicro.com 127.0.0.1 www.trendmicro.com 127.0.0.1 vncsvr.com 127.0.0.1 secdreg.org 127.0.0.1 virusscan.jotti.org 127.0.0.1 virustotal.com 127.0.0.1 www.virustotal.com 127.0.0.1 www.jotti.org 127.0.0.1 cdn.atwola.com 127.0.0.1 www.atwola.com 127.0.0.1 support.microsoft.com 127.0.0.1 symantec.com 127.0.0.1 update.symantec.com 127.0.0.1 updates.symantec.com 127.0.0.1 us.mcafee.com 127.0.0.1 vil.nai.com 127.0.0.1 viruslist.ru 127.0.0.1 windowsupdate.microsoft.com 127.0.0.1 www.avp.ch 127.0.0.1 www.avp.com 127.0.0.1 www.avp.ru 127.0.0.1 www.awaps.net 127.0.0.1 www.ca.com 127.0.0.1 www.fastclick.net 127.0.0.1 www.f-secure.com 127.0.0.1 www.kaspersky.ru 127.0.0.1 www.mcafee.com 127.0.0.1 www.my-etrust.com 127.0.0.1 www.nai.com 127.0.0.1 www.networkassociates.com 127.0.0.1 www.sophos.com 127.0.0.1 www.symantec.com 127.0.0.1 www.trendmicro.com 127.0.0.1 www.viruslist.ru 127.0.0.1 www3.ca.com 127.0.0.1 www.advancedcleaner.com 127.0.0.1 advancedcleaner.com 127.0.0.1 secure.advancedcleaner.com 127.0.0.1 protect.advancedcleaner.com 127.0.0.1 jsp.advancedcleaner.com 127.0.0.1 liveupdatesnet.com 127.0.0.1 www.liveupdatesnet.com 127.0.0.1 theinstalls.com 127.0.0.1 www.theinstalls.com 127.0.0.1 allofyouwant.com 127.0.0.1 www.here4search.biz 127.0.0.1 here4search.biz 127.0.0.1 www.smart-security.biz 127.0.0.1 smart-security.biz 127.0.0.1 www.searchmeup.biz 127.0.0.1 searchmeup.biz 127.0.0.1 www.iwantsearch.net 127.0.0.1 iwantsearch.net 127.0.0.1 www.wideportal.net 127.0.0.1 wideportal.net 127.0.0.1 calc.avsystemcare.com 127.0.0.1 avsystemcare.com 127.0.0.1 content.onerateld.com 127.0.0.1 www.onerateld.com 127.0.0.1 protect.trustedantivirus.com 127.0.0.1 www.trustedantivirus.com 127.0.0.1 iwantsearch.net 127.0.0.1 www.iwantsearch.net 127.0.0.1 mediacount.net 127.0.0.1 www.mediacount.net 127.0.0.1 bin.errorprotector.com 127.0.0.1 www.errorprotector.com 127.0.0.1 br.errorsafe.com 127.0.0.1 www.errorsafe.com 127.0.0.1 br.winantivirus.com 127.0.0.1 www.winantivirus.com 127.0.0.1 br.winfixer.com 127.0.0.1 www.winfixer.com 127.0.0.1 cdn.drivecleaner.com 127.0.0.1 www.drivecleaner.com 127.0.0.1 cdn.errorsafe.com 127.0.0.1 www.errorsafe.com 127.0.0.1 cdn.winsoftware.com 127.0.0.1 www.winsoftware.com 127.0.0.1 de.errorsafe.com 127.0.0.1 www.errorsafe.com 127.0.0.1 de.winantivirus.com 127.0.0.1 www.winantivirus.com 127.0.0.1 download.cdn.drivecleaner.com 127.0.0.1 download.cdn.errorsafe.com 127.0.0.1 download.cdn.winsoftware.com 127.0.0.1 download.errorsafe.com 127.0.0.1 download.systemdoctor.com 127.0.0.1 download.winantispyware.com 127.0.0.1 download.windrivecleaner.com 127.0.0.1 download.winfixer.com 127.0.0.1 drivecleaner.com 127.0.0.1 dynamique.drivecleaner.com 127.0.0.1 errorprotector.com 127.0.0.1 errorsafe.com 127.0.0.1 es.winantivirus.com 127.0.0.1 fr.winantivirus.com 127.0.0.1 fr.winfixer.com 127.0.0.1 go.drivecleaner.com 127.0.0.1 go.errorsafe.com 127.0.0.1 go.winantispyware.com 127.0.0.1 go.winantivirus.com 127.0.0.1 hk.winantivirus.com 127.0.0.1 instlog.errorsafe.com 127.0.0.1 instlog.winantivirus.com 127.0.0.1 instlog.winfixer.com 127.0.0.1 jsp.drivecleaner.com 127.0.0.1 kb.errorsafe.com 127.0.0.1 kb.winantivirus.com 127.0.0.1 nl.errorsafe.com 127.0.0.1 se.errorsafe.com 127.0.0.1 secure.drivecleaner.com 127.0.0.1 secure.errorsafe.com 127.0.0.1 secure.winantispam.com 127.0.0.1 secure.winantispy.com 127.0.0.1 secure.winantivirus.com 127.0.0.1 support.winantivirus.com 127.0.0.1 trial.updates.winsoftware.com 127.0.0.1 ulog.winantivirus.com 127.0.0.1 utils.errorsafe.com 127.0.0.1 utils.winantivirus.com 127.0.0.1 utils.winfixer.com 127.0.0.1 winantispyware.com 127.0.0.1 winantivirus.com 127.0.0.1 winfixer.com 127.0.0.1 winfixer2006.com 127.0.0.1 winsoftware.com 127.0.0.1 www.drivecleaner.com 127.0.0.1 www.errorprotector.com 127.0.0.1 www.errorsafe.com 127.0.0.1 www.systemdoctor.com 127.0.0.1 www.utils.winfixer.com 127.0.0.1 www.win-anti-virus-pro.com 127.0.0.1 www.win-virus-pro.com 127.0.0.1 www.winantispam.com 127.0.0.1 www.winantispy.com 127.0.0.1 www.winantispyware.com 127.0.0.1 www.winantivirus.com 127.0.0.1 www.winantiviruspro.com 127.0.0.1 www.windrivecleaner.com 127.0.0.1 www.windrivesafe.com 127.0.0.1 www.winfixer.com 127.0.0.1 www.winfixer2006.com 127.0.0.1 www.winsoftware.com 127.0.0.1 www.usagc.org 127.0.0.1 www.prospywareremover.com 127.0.0.1 prospywareremover.com 127.0.0.1 www.noadware.com--e.com 127.0.0.1 noadware.com--e.com 127.0.0.1 www.wwwadawear.com 127.0.0.1 wwwadawear.com 127.0.0.1 www.free-spyware-scan.org 127.0.0.1 free-spyware-scan.org 127.0.0.1 www.spybotfinder.com 127.0.0.1 spybotfinder.com 127.0.0.1 www.the-spyware-zone.com 127.0.0.1 the-spyware-zone.com 127.0.0.1 www.digitalreservoir.com 127.0.0.1 digitalreservoir.com 127.0.0.1 www.free-spyware.net 127.0.0.1 free-spyware.net 127.0.0.1 www.spyware-control.com 127.0.0.1 spyware-control.com 127.0.0.1 www.computerspywarecheck.com 127.0.0.1 computerspywarecheck.com 127.0.0.1 www.compare-spyware.com 127.0.0.1 compare-spyware.com 127.0.0.1 www.spywareremoval.ws 127.0.0.1 spywareremoval.ws 127.0.0.1 www.ridadware.org 127.0.0.1 ridadware.org 127.0.0.1 www.elimiware.com 127.0.0.1 elimiware.com 127.0.0.1 www.nomorespyware.net 127.0.0.1 nomorespyware.net 127.0.0.1 www.123-spyware-remover.com 127.0.0.1 123-spyware-remover.com 127.0.0.1 www.spyware-adware-removal.net 127.0.0.1 spyware-adware-removal.net 127.0.0.1 www.spytoaster.com 127.0.0.1 spytoaster.com 127.0.0.1 www.spywareno.com 127.0.0.1 spywareno.com 127.0.0.1 www.3bsoftware.com 127.0.0.1 3bsoftware.com 127.0.0.1 www.softwaredoctor.com 127.0.0.1 softwaredoctor.com 127.0.0.1 doubleclick.net 127.0.0.1 doubleclick.com 127.0.0.1 adhostcenter.com 127.0.0.1 adtrade.net 127.0.0.1 www.adcycle.com 127.0.0.1 advertising.com 127.0.0.1 servedby.advertising.com 127.0.0.1 commission-junction.com 127.0.0.1 dayrates.com 127.0.0.1 ad-flow.com 127.0.0.1 ads.ad-flow.com 127.0.0.1 popuptraffic.com 127.0.0.1 fastclick.com 127.0.0.1 fastclick.net 127.0.0.1 adserving.cpxinteractive.com 127.0.0.1 www.usafis.org 127.0.0.1 brazauskas.info 127.0.0.1 centralgate.biz 127.0.0.1 clickfast.biz 127.0.0.1 code.jcash.biz 127.0.0.1 code.trasferimento.biz 127.0.0.1 cyber-search.biz 127.0.0.1 download.accessmedia.tv 127.0.0.1 download.jupitersatellites.biz 127.0.0.1 exeloads.info 127.0.0.1 forlink.biz 127.0.0.1 game4all.biz 127.0.0.1 get-access.host.sk 127.0.0.1 musah.info 127.0.0.1 picshunter.us 127.0.0.1 prevedtraf.biz 127.0.0.1 search-biz.biz 127.0.0.1 searchx.cc 127.0.0.1 s-pics.biz 127.0.0.1 snow410.info 127.0.0.1 sp2admin.biz 127.0.0.1 traff5all.biz 127.0.0.1 traffbest.biz 127.0.0.1 traffbucks.biz 127.0.0.1 traffmoney.biz 127.0.0.1 ultra-search.biz 127.0.0.1 www.lattefresco.biz 127.0.0.1 www.picshunter.us 127.0.0.1 www.procounter.biz 127.0.0.1 www.searchx.cc 127.0.0.1 www.s-pics.biz 127.0.0.1 www.sp2admin.biz 127.0.0.1 www.spamcatchero.biz 127.0.0.1 www.traff4ppc.biz 127.0.0.1 www.zgallery.us 127.0.0.1 ybbwxlxytz.biz 127.0.0.1 yepjnddqpq.biz 127.0.0.1 yhvoo.eseconsult.info 127.0.0.1 zchxsikpgz.biz 127.0.0.1 zgallery.us 127.0.0.1 mmsk.cn 127.0.0.1 ikaka.com 127.0.0.1 safe.qq.com 127.0.0.1 360safe.com 127.0.0.1 www.mmsk.cn 127.0.0.1 www.ikaka.com 127.0.0.1 tool.ikaka.com 127.0.0.1 zs.kingsoft.com 127.0.0.1 forum.ikaka.com 127.0.0.1 up.rising.com.cn 127.0.0.1 scan.kingsoft.com 127.0.0.1 kvup.jiangmin.com 127.0.0.1 reg.rising.com.cn 127.0.0.1 update.rising.com.cn 127.0.0.1 update7.jiangmin.com 127.0.0.1 download.rising.com.cn 127.0.0.1 dnl-us1.kaspersky-labs.com 127.0.0.1 dnl-us2.kaspersky-labs.com 127.0.0.1 dnl-us3.kaspersky-labs.com 127.0.0.1 dnl-us4.kaspersky-labs.com 127.0.0.1 dnl-us5.kaspersky-labs.com 127.0.0.1 dnl-us6.kaspersky-labs.com 127.0.0.1 dnl-us7.kaspersky-labs.com 127.0.0.1 dnl-us8.kaspersky-labs.com 127.0.0.1 dnl-us9.kaspersky-labs.com 127.0.0.1 dnl-us10.kaspersky-labs.com 127.0.0.1 dnl-eu1.kaspersky-labs.com 127.0.0.1 dnl-eu2.kaspersky-labs.com 127.0.0.1 dnl-eu3.kaspersky-labs.com 127.0.0.1 dnl-eu4.kaspersky-labs.com 127.0.0.1 dnl-eu5.kaspersky-labs.com 127.0.0.1 dnl-eu6.kaspersky-labs.com 127.0.0.1 dnl-eu7.kaspersky-labs.com 127.0.0.1 dnl-eu8.kaspersky-labs.com 127.0.0.1 dnl-eu9.kaspersky-labs.com 127.0.0.1 dnl-eu10.kaspersky-labs.com 127.0.0.1 dnl-eu11.kaspersky-labs.com 127.0.0.1 dnl-eu12.kaspersky-labs.com 127.0.0.1 dnl-eu13.kaspersky-labs.com 127.0.0.1 dnl-cd1.kaspersky-labs.com 127.0.0.1 dnl-ru1.kaspersky-labs.com 127.0.0.1 dnl-ru2.kaspersky-labs.com 127.0.0.1 dnl-ru5.kaspersky-labs.com 127.0.0.1 dnl-cn1.kaspersky-labs.com 127.0.0.1 dnl-cn2.kaspersky-labs.com 127.0.0.1 dnl-cn3.kaspersky-labs.com 127.0.0.1 dnl-kr1.kaspersky-labs.com 127.0.0.1 dnl-kr2.kaspersky-labs.com 127.0.0.1 dnl-kr3.kaspersky-labs.com 127.0.0.1 dnl-jp1.kaspersky-labs.com 127.0.0.1 dnl-jp2.kaspersky-labs.com 127.0.0.1 dnl-jp3.kaspersky-labs.com 127.0.0.1 dnl-jp4.kaspersky-labs.com 127.0.0.1 inetpc.net 127.0.0.1 mp0.inetpc.net 127.0.0.1 m.proxyisp.info 127.0.0.1 proxyisp.info 127.0.0.1 vncsvr.com 127.0.0.1 ns2.darksheekz.info 127.0.0.1 darksheekz.info 127.0.0.1 pcsecuritylab.com 127.0.0.1 liveupdatesnet.com 127.0.0.1 rhythmswing.org 127.0.0.1 www.rhythmswing.org 127.0.0.1 pool.hybridtx.com 127.0.0.1 hybridtx.com 127.0.0.1 in1.smtp.messagingengine.com 127.0.0.1 messagingengine.com 127.0.0.1 h.gtld-servers.net 127.0.0.1 gtld-servers.net 127.0.0.1 mail7.digitalwaves.co.nz 127.0.0.1 netau.dk 127.0.0.1 www.netau.dk 127.0.0.1 eircd.zief.pl 127.0.0.1 zief.pl 127.0.0.1 proxim.ircgalaxy.pl 127.0.0.1 proxima.ircgalaxy.pl 127.0.0.1 ircgalaxy.pl 127.0.0.1 proxim.ntkrnlpa.info 127.0.0.1 ntkrnlpa.info 127.0.0.1 dep.mvl0an7.com 127.0.0.1 mvl0an7.com 127.0.0.1 dhcp.vncsvr.com 127.0.0.1 russia.blacktiehsbdcs.com 127.0.0.1 jiets.soidudrf.com 127.0.0.1 bti.jeiahsdod.net 127.0.0.1 dirty.eiheihre3.com 127.0.0.1 munirah.nagitiriheiwu.net ============================================================== 系统服务 ============================================================== 该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services [Apache2.2] [已禁用] <"D:\apache\bin\httpd.exe" -k runservice/Apache2.2/Apache> [r_server] [已禁用] <"D:\SoftWare\radmin3.2\r_server.exe" /service> [WinHttpAutoProxySvc] [已禁用] ============================================================== 驱动程序 ============================================================== 该项来源: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services [IpInIp] [已启用] ============================================================== 当前进程 ============================================================== 名称: mbkwgwcz.exe [已启用] 命令行: "mbkwgwcz.exe" 文件路径: C:\WINDOWS\system32\mbkwgwcz.exe [文件无法访问] 模块文件: C:\WINDOWS\system32\ntdll.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\kernel32.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\MSVCRT.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\WS2_32.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\WS2HELP.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\ADVAPI32.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\RPCRT4.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\USER32.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\GDI32.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\IMM32.DLL (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\LPK.DLL (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\USP10.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\SHLWAPI.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.100.0_x-ww_8417450B\comctl32.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\OLEAUT32.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\ole32.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\netapi32.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\mpr.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\pstorec.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\ATL.DLL (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\wininet.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\CRYPT32.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\MSASN1.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\psapi.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\rsaenh.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\System32\mswsock.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\DNSAPI.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\rasadhlp.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\System32\wshtcpip.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\appHelp.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\CLBCatQ.DLL (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\COMRes.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\VERSION.dll (Microsoft Corporation) 模块文件: C:\WINDOWS\system32\SETUPAPI.dll (Microsoft Corporation) ============================================================== 其他安全区域 ============================================================== 该项来源: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved [超级终端图标扩展]