瑞星卡卡安全论坛

--------------------------系统环境-------------------------
检测日期: 2006-2-13 18:20
Windows: Microsoft Windows XP
ServicePack: Service Pack 2
Update: 2600.xpsp_sp2_gdr.050301-1519
Internet Explorer: 6.0.2900.2180


-----------------------网络基础安全测试--------------------
密码安全检测:已经设置了管理员密码,建议:将密码复杂度和长度提高!
网络漏洞检测:空连接检查安全!

服务名称        是否运行              描述
RemoteRegistry [运行中] [说明:这个服务可能被利用远程操作注册表]
Windows Time  [已停止] [说明:这个服务可能被黑客利用来启动木马]
Telnet        [已停止] [说明:这个服务可能被黑客登录到您计算机]
Messenger      [已停止] [说明:这个服务常被广告商用来发垃圾广告]
Server        [已停止] [说明:如果你的电脑不用局域网中,可以关闭]


-----------------------计算机网络端口----------------------
协议      端口号              端口类型
TCP        135        微软DCE RPC end-point mapper服务
TCP        445        Microsoft-DS
TCP      1025        未知类型
TCP        139        微软Netbios Name服务(用于文件及打印机共享)
TCP        445        公共Internet文件系统(CIFS)
TCP      1033        未知类型
TCP      1051        未知类型
TCP        137        未知类型
TCP        138        未知类型


--------------------计算机系统组件体检----------------------
[编号:0]
[名称:\SystemRoot\System32\smss.exe]
[类型:运行进程]
[内容:未知]

[编号:1]
[名称:\??\C:\WINDOWS\system32\winlogon.exe]
[类型:运行进程]
[内容:未知]

[编号:2]
[名称:C:\WINDOWS\system32\services.exe]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:3]
[名称:C:\WINDOWS\system32\lsass.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:4]
[名称:C:\WINDOWS\system32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:5]
[名称:C:\WINDOWS\System32\svchost.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:6]
[名称:C:\WINDOWS\system32\nvsvc32.exe]
[类型:运行进程]
[内容:NVIDIA Driver Helper Service, Version 81.98 (C) NVIDIA Corporation. All rights reserved.]

[编号:7]
[名称:C:\WINDOWS\Explorer.EXE]
[类型:运行进程]
[内容:Microsoft(R) Windows(R) Operating System (C) Microsoft Corporation. All rights reserved.]

[编号:8]
[名称:C:\WINDOWS\system32\conime.exe]
[类型:运行进程]
[内容:Microsoft? Windows? Operating System ? Microsoft Corporation. All rights reserved.]

[编号:9]
[名称:C:\Program Files\完美卸载V2006\SysSec.exe]
[类型:运行进程]
[内容:完美卸载V2006-ChinaHijackThis 版权所有 (C) 2006]

[编号:10]
[分隔符:---------------------------------------------------------------------]

[编号:11]
[名称:C:\WINDOWS\system32\nvcpl.dll]
[类型:已加载DLL]
[内容:NVIDIA Compatible Windows 2000 Display driver, Version 81.98  (C) NVIDIA Corporation. All rights reserved.]

[编号:12]
[名称:C:\WINDOWS\system32\NVRSZHC.DLL]
[类型:已加载DLL]
[内容:NVIDIA Compatible Windows 2000 Display driver, Version 81.98  (C) NVIDIA Corporation. All rights reserved.]

[编号:13]
[名称:C:\WINDOWS\system32\nvshell.dll]
[类型:已加载DLL]
[内容:(null) (null)]

[编号:14]
[名称:C:\Program Files\WinRAR\rarext.dll]
[类型:已加载DLL]
[内容:未知]

[编号:15]
[分隔符:---------------------------------------------------------------------]

[编号:16]
[名称:NvCplDaemon]
[类型:开机启动]
[内容:RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup]

[编号:17]
[分隔符:---------------------------------------------------------------------]

[编号:18]
[名称:ACARD AEC6210UF UltraDMA33 Controller]
[类型:服务:ACARD PCI Ultra-IDE DMA-33 Controller ACARD Technology Corp 1995-1999.]
[内容:C:\WINDOWS\system32\drivers\aec6210.sys]

[编号:19]
[名称:ACARD AEC6260 UltraDMA-66 Controller]
[类型:服务:ACARD's DMA-66 IDE Driver  ACARD Technology Corp 1995-2000.]
[内容:C:\WINDOWS\system32\drivers\aec6260.sys]

[编号:20]
[名称:AFD]
[类型:服务:未知]
[内容:\SystemRoot\System32\drivers\afd.sys]

[编号:21]
[名称:Service for Realtek AC97 Audio (WDM)]
[类型:服务:Windows (R) WDM driver for Realtek AC'97 Audio Copyright (c) Realtek Semiconductor Corp.1998-2003]
[内容:C:\WINDOWS\system32\drivers\alcxwdm.sys]

[编号:22]
[名称:DCOM Server Process Launcher]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:23]
[名称:Intel Integrated RAID]
[类型:服务:Intel Application Accelerator driver Copyright(C) Intel Corporation 1994-2004 ]
[内容:C:\WINDOWS\system32\drivers\iastor.sys]

[编号:24]
[名称:ITERAID_Service_Install]
[类型:服务:Windows (R) 2000 DDK driver Copyright (C) Integrated Technology Express, Inc. 2004]
[内容:C:\WINDOWS\system32\drivers\iteraid.sys]

[编号:25]
[名称:Windows Installer]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\msiexec.exe /V]

[编号:26]
[名称:npkcrypt]
[类型:服务:未知]
[内容:e:\游戏\腾讯qq2006\npkcrypt.sys]

[编号:27]
[名称:Intel SCSI Controller]
[类型:服务:NVIDIA nForce(TM) IDE Driver Copyright(C) 2001-2005 NVIDIA Corporation]
[内容:C:\WINDOWS\system32\drivers\nvatabus.sys]

[编号:28]
[名称:NVIDIA nForce(tm) RAID Class Driver]
[类型:服务:NVIDIA nForce(TM) RAID Driver Copyright(C) 2001-2005 NVIDIA Corporation]
[内容:C:\WINDOWS\system32\drivers\nvraid.sys]

[编号:29]
[名称:NVIDIA Display Driver Service]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\nvsvc32.exe]

[编号:30]
[名称:SiI 680 ATA Controller]
[类型:服务:PnP680 Copyright ? 2001-2002  Silicon Image]
[内容:C:\WINDOWS\system32\drivers\pnp680.sys]

[编号:31]
[名称:Silicon Image SiI 0680 Medley Raid Controller]
[类型:服务:Medley Copyright  2002 Silicon Image, Inc.]
[内容:C:\WINDOWS\system32\drivers\pnp680r.sys]

[编号:32]
[名称:QLogic Fibre Channel SCSI Miniport Driver]
[类型:服务:QLogic Fibre Channel Stor Miniport Driver Copyright ? QLogic Corporation 1996-2004]
[内容:C:\WINDOWS\system32\drivers\ql2300.sys]

[编号:33]
[名称:Remote Procedure Call (RPC)]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:34]
[名称:Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver]
[类型:服务:Realtek RTL8139 Family Fast Ethernet Adapter Copyright (C) 1994-2003 Realtek Semiconductor Corporation]
[内容:C:\WINDOWS\system32\drivers\rtl8139.sys]

[编号:35]
[名称:Secdrv]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\drivers\secdrv.sys]

[编号:36]
[名称:SiI-3512 SATALink Controller]
[类型:服务:SiI 3112 SATALink controller Copyright ? 2002 - 2003  Silicon Image]
[内容:C:\WINDOWS\system32\drivers\si3112.sys]

[编号:37]
[名称:Silicon Image SiI 3512 SATARaid Controller]
[类型:服务:Medley Copyright  2001 Silicon Image, Inc.]
[内容:C:\WINDOWS\system32\drivers\si3112r.sys]

[编号:38]
[名称:SiI-3114 SATALink Controller]
[类型:服务:SiI 3114 SATALink controller Copyright ? 2003  Silicon Image]
[内容:C:\WINDOWS\system32\drivers\si3114.sys]

[编号:39]
[名称:SiI-3114 SATARaid Controller]
[类型:服务:SATARAID Copyright  2003 Silicon Image, Inc.]
[内容:C:\WINDOWS\system32\drivers\si3114r.sys]

[编号:40]
[名称:SiI-3124 SATALink Controller]
[类型:服务:SiI 3124 SATALink controller Copyright ? 2003  Silicon Image]
[内容:C:\WINDOWS\system32\drivers\si3124.sys]

[编号:41]
[名称:SiI-3124 SATARaid Controller]
[类型:服务:SATARAID Copyright  2003 Silicon Image, Inc.]
[内容:C:\WINDOWS\system32\drivers\si3124r.sys]

[编号:42]
[名称:SATALink driver accelerator]
[类型:服务:SATALink Accelerator Driver Copyright ? 2002-2003 Silicon Image Inc.]
[内容:C:\WINDOWS\system32\drivers\siwinacc.sys]

[编号:43]
[名称:System Restore Filter Driver]
[类型:服务:未知]
[内容:\SystemRoot\system32\DRIVERS\sr.sys]

[编号:44]
[名称:Terminal Services]
[类型:服务:未知]
[内容:C:\WINDOWS\system32\svchost ]

[编号:45]
[名称:VIA ATA/ATAPI Host Controller]
[类型:服务:VIA Bus Master IDE Driver VIA Technilogies, Inc. 2001-2005]
[内容:C:\WINDOWS\system32\drivers\viapdsk.sys]

[编号:46]
[名称:vmscsi]
[类型:服务:VMware, Inc. Script1 Application Copyright ? 1998-2003 VMware, Inc.]
[内容:C:\WINDOWS\system32\drivers\vmscsi.sys]

[编号:47]
[分隔符:---------------------------------------------------------------------]

[编号:48]
[名称:Start Page]
[类型:IE主页-当前用户]
[内容:about:blank]

[编号:49]
[名称:Search Page]
[类型:IE搜索-当前用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:50]
[名称:Start Page]
[类型:IE主页-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home]

[编号:51]
[名称:Search Page]
[类型:IE搜索-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:52]
[名称:Default_Page_URL]
[类型:默认IE主页-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome]

[编号:53]
[名称:Default_Search_URL]
[类型:默认IE搜索-所有用户]
[内容:http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch]

[编号:54]
[分隔符:---------------------------------------------------------------------]

[编号:55]
[名称:{0A155D3C-68E2-4215-A47A-E800A446447A}]
[类型:IE 扩展按钮]
[内容:浩方对战平台 路径:F:\游戏\浩方对战平台\GameClient.exe]

[编号:56]
[名称:{FB5F1910-F110-11d2-BB9E-00C04F795683}]
[类型:IE 扩展按钮]
[内容:Messenger 路径:C:\Program Files\Messenger\msmsgs.exe]

[编号:57]
[分隔符:---------------------------------------------------------------------]

[编号:58]
[名称:WebCheck]
[类型:正常嵌入对象]
[内容:%SystemRoot%\system32\webcheck.dll]

[编号:59]
[名称:SysTray]
[类型:正常嵌入对象]
[内容:C:\WINDOWS\system32\stobject.dll]

[编号:60]
[分隔符:---------------------------------------------------------------------]

[编号:61]
[名称:]
[类型:EXE关联]
[内容:"%1" %*]

[编号:62]
[名称:]
[类型:TXT关联]
[内容:%SystemRoot%\system32\NOTEPAD.EXE %1]

[编号:63]
[名称:]
[类型:vbs关联]
[内容:%SystemRoot%\System32\WScript.exe "%1" %*]

[编号:64]
[名称:]
[类型:Js关联]
[内容:%SystemRoot%\System32\WScript.exe "%1" %*]

[编号:65]
[名称:]
[类型:htmlfile关联]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" -nohome]

[编号:66]
[名称:]
[类型:HTTP协议]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" -nohome]

[编号:67]
[名称:]
[类型:FTP协议]
[内容:"C:\Program Files\Internet Explorer\iexplore.exe" %1]

[编号:68]
[分隔符:---------------------------------------------------------------------]

[编号:69]
[名称:c:\windows\system32\imageole.dll]
[类型:第三方 COM/ActiveX组件]
[内容:HFGifImage Class---发布公司:未知]

[编号:70]
[名称:c:\windows\system32\deskpan.dll]
[类型:第三方 COM/ActiveX组件]
[内容:显示摇曳 CPL 扩展---发布公司:未知]

[编号:71]
[名称:c:\windows\system32\audio3d.dll]
[类型:第三方 COM/ActiveX组件]
[内容:Audio3DObject---发布公司:Sensaura ? Copyright 1997-2001  Sensaura Ltd]