msconfig后在启动项里发现不正常启动项 分别是lotusHip upxdnd AVPSrv MsMMs32 swchost 出现这了后老是出现IP冲突 然后全部掉线 望大家帮我出个主意 怎么个防发 在这里跪谢了 盼佳音 这是我用卡卡助手扫描的 8哥看下帮我 都被搞了几天瑞星杀了后上网又出现掉线 最主要的特征就是影响到IP地址冲突.我该怎么做
注释: [A]表示该文件存在自启动关联;
[M]表示该文件在内存中;
+ 注册表自运行项目
+ 内核驱动
+ HKLM\System\CurrentControlSet\Services
ALCXSENS
[A ] 1. c:\windows\system32\drivers\alcxsens.sys
ALCXWDM
[A ] 2. c:\windows\system32\drivers\alcxwdm.sys
NPF
[A ] 3. c:\windows\system32\drivers\npf.sys
RsAntiSpyware
[A ] 4. c:\windows\system32\drivers\rsboot.sys
Secdrv
[A ] 5. c:\windows\system32\drivers\secdrv.sys
SentryCard
[A ] 6. c:\windows\system32\drivers\xsbide.sys
XsbSafeDriver
[A ] 7. c:\windows\system32\drivers\safexsb.sys
ZSMC301b
[A ] 8. c:\windows\system32\drivers\usbvm31b.sys
+ 资源管理器加载模块
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
HyperTerminal Icon Ext
[A ] 9. c:\windows\system32\hticons.dll
+ HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks
{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}
[AM] 10. c:\windows\system32\shlhook.dll
{7E32FA58-3453-FA2D-BC49-F340348ACCE7}
[AM] 11. c:\windows\system32\rsmygpm.dll
{A12C8D43-AC10-4C17-9136-E3E2FC9B3D21}
[AM] 12. c:\program files\internet explorer\plugins\wn_sys8x.sys
{9C87A354-ABC3-DEDE-FF33-3213FD7447C9}
[AM] 13. c:\windows\system32\kvdxima.dll
{B0E4D1E9-3CE5-48A1-8DF0-6463E046E7EF}
[AM] 14. c:\windows\system32\wclucipubi.dll
{4960356A-458E-DE24-BD50-268F589A56A4}
[AM] 15. c:\windows\system32\avwldmn.dll
{5A1247C1-53DA-FF43-ABD3-345F323A48D5}
[AM] 16. c:\windows\system32\avwgemn.dll
{97D81718-1314-5200-2597-587901018079}
[AM] 17. c:\windows\system32\kaqhizy.dll
{38907901-1416-3389-9981-372178569983}
[AM] 18. c:\windows\system32\kawdczy.dll
{96650011-3344-6688-4899-345FABCD1569}
[AM] 19. c:\windows\system32\ratbipi.dll
{38847374-8323-FADC-B443-4732ABCD3783}
[AM] 20. c:\windows\system32\sidjczy.dll
{36FF2E71-1F0D-4E07-9213-E6740C57322E}
[AM] 21. c:\windows\system32\rxfmxdkpwcip.dll
{4A321487-4977-D98A-C8D5-6488257545A4}
[AM] 22. c:\windows\system32\kapjdzy.dll
+ 用户登陆自运行项目
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Run
NSP
[AM] 23. c:\windows\system32\nsp.exe
XSB
[AM] 24. c:\windows\system32\xsbmon.exe
runeip
[AM] 25. e:\ka\runiep.exe
upxdnd
[A ] 26. c:\windows\upxdnd.exe
cmdbcs
[A ] 27. c:\windows\cmdbcs.exe
DbgHlp32
[A ] 28. c:\windows\dbghlp32.exe
WinSysM
[A ] 29. c:\windows\igm.exe
KVP
[A ] 30. c:\windows\system32\drivers\svchost.exe
WinSysW
[A ] 31. c:\windows\swchost.exe
文件名和"svchost.exe"类似;
+ HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run
MSDEG32
[A ] 32. c:\windows\system32\lyloader.exe
+ 程序初始化和已知动态连接库
+ HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
AppInit_DLLs
[AM] 16. c:\windows\system32\avwgemn.dll
+ 正在运行的进程
+ 000000c8(200) scvhost.exe
00400000[0000C000]
[ M] 33. c:\windows\system32\drivers\scvhost.exe
008F0000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
10000000[0005F000]
[ M] 34. c:\windows\system32\wpcap.dll
00920000[00024000]
[ M] 35. c:\windows\system32\packet.dll
00950000[0001E000]
[ M] 36. c:\windows\system32\wanpacket.dll
00380000[00011000]
[AM] 12. c:\program files\internet explorer\plugins\wn_sys8x.sys
+ 000001a4(420) conime.exe
00A80000[0001B000]
[ M] 37. e:\ka\ieprot.dll
00A40000[00011000]
[AM] 12. c:\program files\internet explorer\plugins\wn_sys8x.sys
+ 000001c0(448) smss.exe
+ 000001f8(504) csrss.exe
+ 00000210(528) winlogon.exe
004D0000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
72C80000[00008000]
[ M] 38. c:\windows\system32\msacm32.drv
+ 00000240(576) services.exe
003C0000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
+ 00000244(580) Ras.exe
00400000[00170000]
[ M] 39. e:\ka\ras.exe
780C0000[00061000]
[ M] 40. e:\ka\msvcp60.dll
10000000[00013000]
[ M] 41. e:\ka\topsoft.dll
7C140000[00103000]
[ M] 42. e:\ka\mfc71.dll
7C340000[00056000]
[ M] 43. e:\ka\msvcr71.dll
7C3A0000[0007B000]
[ M] 44. e:\ka\msvcp71.dll
003E0000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
00DA0000[00011000]
[AM] 12. c:\program files\internet explorer\plugins\wn_sys8x.sys
00EC0000[000BD000]
[ M] 45. e:\ka\rasgui.dll
01810000[00011000]
[AM] 10. c:\windows\system32\shlhook.dll
01840000[0000C000]
[AM] 11. c:\windows\system32\rsmygpm.dll
01950000[0000C000]
[AM] 13. c:\windows\system32\kvdxima.dll
01A60000[0001F000]
[AM] 14. c:\windows\system32\wclucipubi.dll
01B90000[0000C000]
[AM] 15. c:\windows\system32\avwldmn.dll
01CA0000[0000C000]
[AM] 17. c:\windows\system32\kaqhizy.dll
01DB0000[0000C000]
[AM] 18. c:\windows\system32\kawdczy.dll
01EC0000[0000C000]
[AM] 19. c:\windows\system32\ratbipi.dll
01FD0000[0000C000]
[AM] 20. c:\windows\system32\sidjczy.dll
020E0000[0001C000]
[AM] 21. c:\windows\system32\rxfmxdkpwcip.dll
02210000[0000C000]
[AM] 22. c:\windows\system32\kapjdzy.dll
02370000[0001B000]
[ M] 37. e:\ka\ieprot.dll
+ 0000024c(588) lsass.exe
003C0000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
+ 000002e8(744) svchost.exe
00560000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
+ 00000318(792) svchost.exe
005A0000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
10000000[00010000]
[ M] 46. c:\windows\system32\sqmapi32.dll
+ 0000035c(860) svchost.exe
00560000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
10000000[00010000]
[ M] 46. c:\windows\system32\sqmapi32.dll
+ 00000390(912) svchost.exe
005A0000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
+ 0000043c(1084) svchost.exe
00560000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
+ 00000538(1336) spoolsv.exe
003C0000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
+ 00000574(1396) alg.exe
10000000[00010000]
[ M] 46. c:\windows\system32\sqmapi32.dll
+ 0000068c(1676) NSP.exe
00400000[00005000]
[AM] 23. c:\windows\system32\nsp.exe
10000000[00007000]
[ M] 47. c:\windows\system32\xsbio.dll
009D0000[0001B000]
[ M] 37. e:\ka\ieprot.dll
003E0000[00011000]
[AM] 12. c:\program files\internet explorer\plugins\wn_sys8x.sys
+ 00000694(1684) XSBMON.EXE
00400000[00034000]
[AM] 24. c:\windows\system32\xsbmon.exe
00DD0000[0001B000]
[ M] 37. e:\ka\ieprot.dll
00C00000[00011000]
[AM] 12. c:\program files\internet explorer\plugins\wn_sys8x.sys
+ 000006a4(1700) runiep.exe
00400000[00013000]
[AM] 25. e:\ka\runiep.exe
00D20000[0001B000]
[ M] 37. e:\ka\ieprot.dll
00A80000[00011000]
[AM] 12. c:\program files\internet explorer\plugins\wn_sys8x.sys
+ 00000700(1792) ctfmon.exe
003D0000[0000C000]
[AM] 22. c:\windows\system32\kapjdzy.dll
00BF0000[0001B000]
[ M] 37. e:\ka\ieprot.dll
00AD0000[00011000]
[AM] 12. c:\program files\internet explorer\plugins\wn_sys8x.sys
+ 000007e4(2020) svchost.exe
005A0000[0000C000]
[AM] 22. c:\windows\system32\kapjdzy.dll
+ 0000081c(2076) scvhost.exe
00400000[0000C000]
[ M] 33. c:\windows\system32\drivers\scvhost.exe
003C0000[0000C000]
[AM] 20. c:\windows\system32\sidjczy.dll
10000000[0005F000]
[ M] 34. c:\windows\system32\wpcap.dll
009F0000[00024000]
[ M] 35. c:\windows\system32\packet.dll
00A20000[0001E000]
[ M] 36. c:\windows\system32\wanpacket.dll
25000000[00013000]
[ M] 48. c:\windows\system32\zxatl.dll
00BF0000[00012000]
[ M] 49. c:\windows\system32\qqsgatl.dll
00B40000[0001C000]
[AM] 21. c:\windows\system32\rxfmxdkpwcip.dll
00B70000[0001F000]
[AM] 14. c:\windows\system32\wclucipubi.dll
00BA0000[00011000]
[AM] 12. c:\program files\internet explorer\plugins\wn_sys8x.sys
+ 000008b8(2232) wuauclt.exe
+ 00000b54(2900) wscntfy.exe
10000000[0001B000]
[ M] 37. e:\ka\ieprot.dll
008D0000[00011000]
[AM] 12. c:\program files\internet explorer\plugins\wn_sys8x.sys
+ 00000c04(3076) rsmygsp.exe
00400000[00014000]
[ M] 50. c:\windows\system32\rsmygsp.exe
003C0000[0000C000]
[AM] 22. c:\windows\system32\kapjdzy.dll
003E0000[0000C000]
[AM] 11. c:\windows\system32\rsmygpm.dll
+ 00000c4c(3148) explorer.exe
003D0000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
10000000[0001B000]
[ M] 37. e:\ka\ieprot.dll
012A0000[0000C000]
[AM] 11. c:\windows\system32\rsmygpm.dll
014C0000[0000C000]
[AM] 19. c:\windows\system32\ratbipi.dll
012C0000[0000C000]
[AM] 15. c:\windows\system32\avwldmn.dll
01460000[0000C000]
[AM] 17. c:\windows\system32\kaqhizy.dll
01590000[0000C000]
[AM] 13. c:\windows\system32\kvdxima.dll
015E0000[0000C000]
[AM] 20. c:\windows\system32\sidjczy.dll
01630000[0000C000]
[AM] 18. c:\windows\system32\kawdczy.dll
72C80000[00008000]
[ M] 38. c:\windows\system32\msacm32.drv
017D0000[0000C000]
[AM] 22. c:\windows\system32\kapjdzy.dll
01BA0000[00011000]
[AM] 12. c:\program files\internet explorer\plugins\wn_sys8x.sys
01680000[00011000]
[AM] 10. c:\windows\system32\shlhook.dll
01F30000[0001F000]
[AM] 14. c:\windows\system32\wclucipubi.dll
01F50000[0001C000]
[AM] 21. c:\windows\system32\rxfmxdkpwcip.dll
+ 00000eb0(3760) avwgest.exe
00400000[00015000]
[ M] 51. c:\windows\system32\avwgest.exe
003C0000[0000C000]
[AM] 22. c:\windows\system32\kapjdzy.dll
003E0000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
+ 00000ed4(3796) kvdxiis.exe
00400000[00014000]
[ M] 52. c:\windows\system32\kvdxiis.exe
003C0000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
003E0000[0000C000]
[AM] 13. c:\windows\system32\kvdxima.dll
+ 00000ee0(3808) kaqhiaz.exe
00400000[00014000]
[ M] 53. c:\windows\system32\kaqhiaz.exe
003C0000[0000C000]
[AM] 16. c:\windows\system32\avwgemn.dll
003E0000[0000C000]
[AM] 17. c:\windows\system32\kaqhizy.dll
+ 00000f44(3908) sidjcaz.exe
00400000[00014000]
[ M] 54. c:\windows\system32\sidjcaz.exe
003C0000[0000C000]
[AM] 13. c:\windows\system32\kvdxima.dll
003E0000[0000C000]
[AM] 20. c:\windows\system32\sidjczy.dll
+ 00000f68(3944) kawdcaz.exe
00400000[00019000]
[ M] 55. c:\windows\system32\kawdcaz.exe
003C0000[0000C000]
[AM] 13. c:\windows\system32\kvdxima.dll
003E0000[0000C000]
[AM] 18. c:\windows\system32\kawdczy.dll
+ 00000fe4(4068) avwldst.exe
00400000[00015000]
[ M] 56. c:\windows\system32\avwldst.exe
003C0000[0000C000]
[AM] 22. c:\windows\system32\kapjdzy.dll
003E0000[0000C000]
[AM] 15. c:\windows\system32\avwldmn.dll
+ 00000ff4(4084) ratbitl.exe
00400000[00014000]
[ M] 57. c:\windows\system32\ratbitl.exe
003C0000[0000C000]
[AM] 19. c:\windows\system32\ratbipi.dll
