请教高手：当前系统无法修改时间，安全模式却可以。。。。

显示全部楼层 · 发表于 2008-3-8 18:58:31

在XP系统里一改时间，点“应用”后，时间立马回到改前的时间，不过在安全模式下可以改时间，改好了重起，时间不会回到改前的状态。可为什么会在当前系统无法更改呢？郁闷，哪位高手能帮忙解决呀

我正确用了360TimeProtect时间保护工具。还是不行，卸载360TimeProtect后，再在XP系统里改时间，点“应用”后，时间立马回到改前的时间，不过在安全模式下可以改时间，改好了重起，时间不会回到改前的状态。郁闷，哪位高手能帮忙解决呀

[ 本帖最后由踏雪飞鸿于 2008-3-8 19:03 编辑 ]

显示全部楼层 · 发表于 2008-3-8 20:16:54

使用系统管理员的帐号登陆进入系统，打开“开始”-“运行”，在运行输入框中输入“gpedit.msc”，进入“组策略”设置界面，依次展开“计算机配置”--“Windows 设置”--“安全设置”--“本地策略”--“用户权利指派”，
然后，选择“更改系统时间”

显示全部楼层 · 发表于 2008-3-8 20:47:17

看一下软件下载区的一篇文章
http://www.kpfans.com/bbs/viewth ... p;extra=&page=1

显示全部楼层 · 发表于 2008-3-8 22:45:54

ARP防火墙都有防止修改时间的!

显示全部楼层 · 发表于 2008-3-9 19:05:23

试了2楼的方法，还是不行

显示全部楼层 · 发表于 2008-3-10 19:46:27

sreng"智能扫描"的结果，请高手分析分析

2008-03-10,19:40:43
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
[3L软件工作室(3LSoft)]
[]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[(Verified)Microsoft Windows Component Publisher]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
[Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
[(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<; > [N/A]
==================================
启动文件夹
N/A
==================================
服务
[Avira Premium Security Suite WebGuard / antivirwebservice][Stopped/Disabled]
<>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Stopped/Manual Start]
<>
[Contrl Center of Storm Media / ccosm][Stopped/Manual Start]
<北京暴风网际科技有限公司>
[KVSrvXP / KVSrvXP][Running/Auto Start]
[MPSVC Service / MPSVCService][Running/Auto Start]
[O&O Defrag / O&O Defrag][Stopped/Auto Start]
[O&O CleverCache / OOCleverCacheAgent][Stopped/Auto Start]
[PnpWMmng / PnpWMmng][Stopped/Disabled]
<完美卸载>
[User Profile Hive Cleanup / UPHClean][Running/Auto Start]
==================================
驱动程序
[360TimeProt / 360TimeProt][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\360TimeProt.sys>
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Stopped/System Start]
<\??\F:\TaoMengLiang\杀毒软件\木马流氓软件查杀\AVG Anti-Spyware(原eWido)7.5.1.43汉化绿色破解版(可在线升级、整合0702病毒库\AVGAntiSpywarelse\AVG Anti-Spyware\guard.sys>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
[avgio / avgio][Stopped/System Start]
<\??\D:\Program Files\Avira\Avira Premium Security Suite\avgio.sys>
[avgntflt / avgntflt][Stopped/Manual Start]
<\??\D:\Program Files\Avira\Avira Premium Security Suite\avgntflt.sys>
[avipbb / avipbb][Running/System Start]
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
[BsDeamon / BsDeamon][Running/System Start]
<\??\D:\Program Files\JiangMin\AntiVirus\BsDeamon.sys>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Running/Manual Start]
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
[HSFHWAZL / HSFHWAZL][Running/Manual Start]
[HSF_DPV / HSF_DPV][Running/Manual Start]
[ialm / ialm][Running/Manual Start]
[KAVBootC / KAVBootC][Running/Boot Start]
<\SystemRoot\system32\Drivers\KAVBootC.sys>
[KRegEx / KRegEx][Running/Auto Start]
<\??\D:\Program Files\JiangMin\antivirus\KRegEx.sys>
[Jiangmin Antivirus Software - SysCall Services / KSysCall][Running/System Start]
<\??\D:\Program Files\JiangMin\common\KSysCall.sys>
[KVFileGuard From Jiangmin / KVFileGuard][Running/Manual Start]
<\??\D:\Program Files\JiangMin\AntiVirus\KVfg.sys>
[mdmxsdk / mdmxsdk][Running/Auto Start]
[mp110001 / mp110001][Running/Auto Start]
[mp110002 / mp110002][Stopped/Auto Start]
[mp110003 / mp110003][Running/Boot Start]
<\SystemRoot\system32\drivers\mp110003.sys>
[mp110004 / mp110004][Running/Auto Start]
[mp110005 / mp110005][Running/Manual Start]
[mp110006 / mp110006][Running/System Start]
[mp110007 / mp110007][Running/System Start]
[mp110008 / mp110008][Running/Auto Start]
[mp110009 / mp110009][Running/System Start]
[mp110010 / mp110010][Running/Boot Start]
<\SystemRoot\system32\drivers\mp110010.sys>
[mp110011 / mp110011][Stopped/System Start]
[mp110012 / mp110012][Stopped/Manual Start]
[mp110013 / mp110013][Running/Boot Start]
<\SystemRoot\system32\drivers\mp110013.sys>
[PC-CDMA Serial port driver / oxser][Running/System Start]
[PnpWmkDrv / PnpWmkDrv][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys>
[Powertweak NT helper / Powert][Stopped/Auto Start]
<\??\F:\TAOMEN~2\优化软件\POWERT~1.02R\pt202-1\pt202-1\powert2k.sys>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
[Secdrv / Secdrv][Stopped/Manual Start]
[ssmdrv / ssmdrv][Running/System Start]
[Jiangmin AntiVirus Software - System Guard / SysGuard][Running/Boot Start]
<\SystemRoot\system32\Drivers\SysGuard.sys>
[tifm21 / tifm21][Running/Manual Start]
[Conexant Setup API / UIUSys][Stopped/Manual Start]
[Virtual CD-ROM Device Driver / vcdrom][Running/System Start]
<\??\E:\WinPE纯净硬盘版配合微软虚拟光驱，再不用刻盘装系统了\微软虚拟光驱18K\微软虚拟光驱\虚拟光驱\VCdRom.sys>
[winachsf / winachsf][Running/Manual Start]
==================================
浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233}
[IeCatch5 Class]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}
[BrowseHelper Class]
{80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9}
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283}
[RegisterHelper Class]
{FF354A24-B490-4D4F-8EEC-B3ACD6E681A4}
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3}
[江民杀毒工具栏]
{B5A34A93-D538-43A7-8371-864CB6148D12}
[DrvCert Class]
{2FD68643-4BCE-4EF5-B7B8-F0F1192FDE86}
[InputPassWd Class]
{3A4C8311-C151-4462-BDE9-F777ABEE0063}
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C}
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233}
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700}
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60}
[DrvCert Class]
{2FD68643-4BCE-4EF5-B7B8-F0F1192FDE86}
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}
[DrvINFReader Class]
{631AC624-4EA0-49AB-ABD7-64409592AE15}
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C}
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
[BrowseHelper Class]
{80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9}
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3}
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2}
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283}
[DrvInst Class]
{9222E48D-8985-4BE2-B9DB-EBE734CBE7B5}
[江民杀毒工具栏]
{B5A34A93-D538-43A7-8371-864CB6148D12}
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000}
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8}
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221}
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221}
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4}
[RegisterHelper Class]
{FF354A24-B490-4D4F-8EEC-B3ACD6E681A4}
[使用 IDM 下载]
<54A24-B490-4D4F-8EEC-B3ACD6E681A4}, N/A>
[使用 IDM 下载所有链接]
<, N/A>
[使用 IDM 下载视频内容]
<, N/A>
[使用网际快车下载]
[使用网际快车下载全部链接]
[使用迅雷下载]
[使用迅雷下载全部链接]
==================================
正在运行的进程
[PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 808 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 836 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[d:\Program Files\Micropoint\mp110031.dll] [Micropoint Corporation, 1.2.10043]
[PID: 884 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 896 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1108 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[d:\Program Files\Micropoint\mp110031.dll] [Micropoint Corporation, 1.2.10043]
[PID: 1292 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[d:\Program Files\Micropoint\mp110031.dll] [Micropoint Corporation, 1.2.10043]
[PID: 1584 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[d:\Program Files\Micropoint\mp110031.dll] [Micropoint Corporation, 1.2.10043]
[PID: 1800 / wuliu][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[d:\Program Files\Micropoint\mp110031.dll] [Micropoint Corporation, 1.2.10043]
[F:\TaoMengLiang\重装系统首要必装软件\WinRAR 绿色版\winrar卡饭专用版\rarext.dll] [N/A, ]
[F:\TaoMengLiang\杀毒软件\木马流氓软件查杀\unlocker\Unlocker[1].v1.7.8.中文免安装版\强行解锁删除软件专家Unlocker.v1.7.8.中文免安装版\UnlockerCOM.dll] [N/A, ]
[D:\Program Files\JiangMin\AntiVirus\KVshell.dll] [Jiangmin Co.Ltd, 2, 0, 7, 1018]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd., 1, 0, 7, 717]
[C:\WINDOWS\system32\kvinstall.dll] [Jiangmin Co.,Ltd, 2, 0, 7, 831]
[D:\Program Files\JiangMin\AntiVirus\lang\KvXP0804.lng] [N/A, ]
[F:\DrWeb\drwsxtn.dll] [Doctor Web, Ltd., 4, 44, 0, 8080]
[PID: 1972 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1992 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 2040 / SYSTEM][D:\Program Files\UPHClean\uphclean.exe] [Microsoft Corporation, 1.5.5.21]
[PID: 1612 / wuliu][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 484 / wuliu][M:\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[M:\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[d:\Program Files\Micropoint\mp110031.dll] [Micropoint Corporation, 1.2.10043]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
127.0.0.1 registeridm.com
127.0.0.1 www.internetdownloadmanager.com
127.0.0.1 internetdownloadmanager.com
127.0.0.1 www.registeridm.com
127.0.0.1 secure.registeridm.com
127.0.0.1 secure.internetdownloadmanager.com
127.0.0.1 mirror.internetdownloadmanager.com
127.0.0.1 mirror2.internetdownloadmanager.com
127.0.0.1 mirror3.internetdownloadmanager.com
127.0.0.1 www.tonec.com
127.0.0.1 tonec.com
127.0.0.1 207.44.199.159
127.0.0.1 207.44.199.16
==================================
进程特权扫描
N/A
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================

复制代码

显示全部楼层 · 发表于 2008-3-10 19:47:42

sreng"智能扫描"的结果，请高手分析分析

2008-03-10,19:40:43
System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
[3L软件工作室(3LSoft)]
[]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[(Verified)Microsoft Windows Component Publisher]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
[Intel Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
[(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
[Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<; > [N/A]
==================================
启动文件夹
N/A
==================================
服务
[Avira Premium Security Suite WebGuard / antivirwebservice][Stopped/Disabled]
<>
[AVG Anti-Spyware Guard / AVG Anti-Spyware Guard][Stopped/Manual Start]
<>
[Contrl Center of Storm Media / ccosm][Stopped/Manual Start]
<北京暴风网际科技有限公司>
[KVSrvXP / KVSrvXP][Running/Auto Start]
[MPSVC Service / MPSVCService][Running/Auto Start]
[O&O Defrag / O&O Defrag][Stopped/Auto Start]
[O&O CleverCache / OOCleverCacheAgent][Stopped/Auto Start]
[PnpWMmng / PnpWMmng][Stopped/Disabled]
<完美卸载>
[User Profile Hive Cleanup / UPHClean][Running/Auto Start]
==================================
驱动程序
[360TimeProt / 360TimeProt][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\360TimeProt.sys>
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
[AVG Anti-Spyware Driver / AVG Anti-Spyware Driver][Stopped/System Start]
<\??\F:\TaoMengLiang\杀毒软件\木马流氓软件查杀\AVG Anti-Spyware(原eWido)7.5.1.43汉化绿色破解版(可在线升级、整合0702病毒库\AVGAntiSpywarelse\AVG Anti-Spyware\guard.sys>
[AVG Anti-Spyware Clean Driver / AvgAsCln][Running/System Start]
[avgio / avgio][Stopped/System Start]
<\??\D:\Program Files\Avira\Avira Premium Security Suite\avgio.sys>
[avgntflt / avgntflt][Stopped/Manual Start]
<\??\D:\Program Files\Avira\Avira Premium Security Suite\avgntflt.sys>
[avipbb / avipbb][Running/System Start]
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
[BsDeamon / BsDeamon][Running/System Start]
<\??\D:\Program Files\JiangMin\AntiVirus\BsDeamon.sys>
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Running/Manual Start]
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
[HSFHWAZL / HSFHWAZL][Running/Manual Start]
[HSF_DPV / HSF_DPV][Running/Manual Start]
[ialm / ialm][Running/Manual Start]
[KAVBootC / KAVBootC][Running/Boot Start]
<\SystemRoot\system32\Drivers\KAVBootC.sys>
[KRegEx / KRegEx][Running/Auto Start]
<\??\D:\Program Files\JiangMin\antivirus\KRegEx.sys>
[Jiangmin Antivirus Software - SysCall Services / KSysCall][Running/System Start]
<\??\D:\Program Files\JiangMin\common\KSysCall.sys>
[KVFileGuard From Jiangmin / KVFileGuard][Running/Manual Start]
<\??\D:\Program Files\JiangMin\AntiVirus\KVfg.sys>
[mdmxsdk / mdmxsdk][Running/Auto Start]
[mp110001 / mp110001][Running/Auto Start]
[mp110002 / mp110002][Stopped/Auto Start]
[mp110003 / mp110003][Running/Boot Start]
<\SystemRoot\system32\drivers\mp110003.sys>
[mp110004 / mp110004][Running/Auto Start]
[mp110005 / mp110005][Running/Manual Start]
[mp110006 / mp110006][Running/System Start]
[mp110007 / mp110007][Running/System Start]
[mp110008 / mp110008][Running/Auto Start]
[mp110009 / mp110009][Running/System Start]
[mp110010 / mp110010][Running/Boot Start]
<\SystemRoot\system32\drivers\mp110010.sys>
[mp110011 / mp110011][Stopped/System Start]
[mp110012 / mp110012][Stopped/Manual Start]
[mp110013 / mp110013][Running/Boot Start]
<\SystemRoot\system32\drivers\mp110013.sys>
[PC-CDMA Serial port driver / oxser][Running/System Start]
[PnpWmkDrv / PnpWmkDrv][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys>
[Powertweak NT helper / Powert][Stopped/Auto Start]
<\??\F:\TAOMEN~2\优化软件\POWERT~1.02R\pt202-1\pt202-1\powert2k.sys>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
[Secdrv / Secdrv][Stopped/Manual Start]
[ssmdrv / ssmdrv][Running/System Start]
[Jiangmin AntiVirus Software - System Guard / SysGuard][Running/Boot Start]
<\SystemRoot\system32\Drivers\SysGuard.sys>
[tifm21 / tifm21][Running/Manual Start]
[Conexant Setup API / UIUSys][Stopped/Manual Start]
[Virtual CD-ROM Device Driver / vcdrom][Running/System Start]
<\??\E:\WinPE纯净硬盘版配合微软虚拟光驱，再不用刻盘装系统了\微软虚拟光驱18K\微软虚拟光驱\虚拟光驱\VCdRom.sys>
[winachsf / winachsf][Running/Manual Start]
==================================
浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233}
[IeCatch5 Class]
{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}
[BrowseHelper Class]
{80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9}
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283}
[RegisterHelper Class]
{FF354A24-B490-4D4F-8EEC-B3ACD6E681A4}
[FlashGet]
{D6E814A0-E0C5-11d4-8D29-0050BA6940E3}
[江民杀毒工具栏]
{B5A34A93-D538-43A7-8371-864CB6148D12}
[DrvCert Class]
{2FD68643-4BCE-4EF5-B7B8-F0F1192FDE86}
[InputPassWd Class]
{3A4C8311-C151-4462-BDE9-F777ABEE0063}
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C}
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233}
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700}
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60}
[DrvCert Class]
{2FD68643-4BCE-4EF5-B7B8-F0F1192FDE86}
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}
[DrvINFReader Class]
{631AC624-4EA0-49AB-ABD7-64409592AE15}
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C}
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
[BrowseHelper Class]
{80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9}
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3}
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2}
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283}
[DrvInst Class]
{9222E48D-8985-4BE2-B9DB-EBE734CBE7B5}
[江民杀毒工具栏]
{B5A34A93-D538-43A7-8371-864CB6148D12}
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000}
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8}
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221}
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221}
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4}
[RegisterHelper Class]
{FF354A24-B490-4D4F-8EEC-B3ACD6E681A4}
[使用 IDM 下载]
<54A24-B490-4D4F-8EEC-B3ACD6E681A4}, N/A>
[使用 IDM 下载所有链接]
<, N/A>
[使用 IDM 下载视频内容]
<, N/A>
[使用网际快车下载]
[使用网际快车下载全部链接]
[使用迅雷下载]
[使用迅雷下载全部链接]
==================================
正在运行的进程
[PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 808 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 836 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[d:\Program Files\Micropoint\mp110031.dll] [Micropoint Corporation, 1.2.10043]
[PID: 884 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 896 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1108 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[d:\Program Files\Micropoint\mp110031.dll] [Micropoint Corporation, 1.2.10043]
[PID: 1292 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[d:\Program Files\Micropoint\mp110031.dll] [Micropoint Corporation, 1.2.10043]
[PID: 1584 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[d:\Program Files\Micropoint\mp110031.dll] [Micropoint Corporation, 1.2.10043]
[PID: 1800 / wuliu][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[d:\Program Files\Micropoint\mp110031.dll] [Micropoint Corporation, 1.2.10043]
[F:\TaoMengLiang\重装系统首要必装软件\WinRAR 绿色版\winrar卡饭专用版\rarext.dll] [N/A, ]
[F:\TaoMengLiang\杀毒软件\木马流氓软件查杀\unlocker\Unlocker[1].v1.7.8.中文免安装版\强行解锁删除软件专家Unlocker.v1.7.8.中文免安装版\UnlockerCOM.dll] [N/A, ]
[D:\Program Files\JiangMin\AntiVirus\KVshell.dll] [Jiangmin Co.Ltd, 2, 0, 7, 1018]
[C:\WINDOWS\system32\HiveBase.dll] [Jiangmin Co., Ltd., 1, 0, 7, 717]
[C:\WINDOWS\system32\kvinstall.dll] [Jiangmin Co.,Ltd, 2, 0, 7, 831]
[D:\Program Files\JiangMin\AntiVirus\lang\KvXP0804.lng] [N/A, ]
[F:\DrWeb\drwsxtn.dll] [Doctor Web, Ltd., 4, 44, 0, 8080]
[PID: 1972 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1992 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 2040 / SYSTEM][D:\Program Files\UPHClean\uphclean.exe] [Microsoft Corporation, 1.5.5.21]
[PID: 1612 / wuliu][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 484 / wuliu][M:\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[M:\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[d:\Program Files\Micropoint\mp110031.dll] [Micropoint Corporation, 1.2.10043]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
127.0.0.1 registeridm.com
127.0.0.1 www.internetdownloadmanager.com
127.0.0.1 internetdownloadmanager.com
127.0.0.1 www.registeridm.com
127.0.0.1 secure.registeridm.com
127.0.0.1 secure.internetdownloadmanager.com
127.0.0.1 mirror.internetdownloadmanager.com
127.0.0.1 mirror2.internetdownloadmanager.com
127.0.0.1 mirror3.internetdownloadmanager.com
127.0.0.1 www.tonec.com
127.0.0.1 tonec.com
127.0.0.1 207.44.199.159
127.0.0.1 207.44.199.16
==================================
进程特权扫描
N/A
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================

复制代码

显示全部楼层 · 发表于 2008-3-10 19:59:48

你中奖了。。。。
换个杀毒试试 pe系统下杀毒

显示全部楼层 · 发表于 2008-3-11 09:29:55

原帖由 dujie7023 于 2008-3-10 19:59 发表
你中奖了。。。。
换个杀毒试试 pe系统下杀毒

请教一下高手，PE下如何杀毒呀？麻烦你详细说说吧，谢谢了

显示全部楼层 · 发表于 2008-3-11 17:32:14

？？？？？？？没有回答呀？

[已解决] 请教高手：当前系统无法修改时间，安全模式却可以。。。。

浏览过的版块