各位高手: 非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助! wen ti 1:shu ru fa bu neng yong wen ti 2:xu ni nei cun yizhi zai 2Gduo wen ti 3:kabasiji buneng shiyong 该诊断报告由360安全卫士提供 http://www.360.cn 诊断时间: 2009-02-02 13:23:09 诊断平台: Microsoft Windows XP Service Pack 2 IE版本: Internet Explorer V7.0.5730.11 Build:75730 计算机物理内存:1.12GB - 当前可用内存:624.20MB 100 - 未知 - Process: nslsvice.exe [] - C:\WINDOWS\system32\nslsvice.exe 100 - 未知 - Process: nsl.exe [] - C:\WINDOWS\system32\nsl.exe 100 - 未知 - Process: TPHKMGR.exe [] - C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe 100 - 未知 - Process: WPService.exe [WebProtect] - C:\Program Files\CMBCHINA\WebProtect\WPService.exe O2 - 未知 - BHO: (WebProtect) - [WebProtect] - {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} - C:\Program Files\CMBCHINA\WebProtect\WebProtect.dll O2 - 未知 - BHO: (IEVkbdBHO Class) - [IE Virtual Keyboard] - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll O2 - 未知 - BHO: (浏览器辅助对象(BHO)) - [无效的CLSID:{7E853D72-626A-48EC-A868-BA8D5E23E045}] - {7E853D72-626A-48EC-A868-BA8D5E23E045} - O2 - 未知 - BHO: (AcroIEToolbarHelper Class) - [Adobe IE plugin] - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - 未知 - Toolbar: (Adobe PDF) - [Adobe IE plugin] - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - 未知 - HKLM\..\Run: [] [] O8 - 未知 - Extra context menu item: 在Foxmail中添加该RSS频道/频道组 - res://C:\WINDOWS\system32\fmrsslink.dll/201 O8 - 未知 - Extra context menu item: 查看当前站点排名 - http://alexa.chinaz.com/alexa.htm O8 - 未知 - Extra context menu item: 转换为 Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - 未知 - Extra context menu item: 转换为现有 PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - 未知 - Extra context menu item: 转换选定的链接为 Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - 未知 - Extra context menu item: 转换选定的链接为现有 PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - 未知 - Extra context menu item: 转换选项为 Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - 未知 - Extra context menu item: 转换选项为现有 PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - 未知 - Extra context menu item: 转换链接目标为 Adobe PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - 未知 - Extra context menu item: 转换链接目标为现有 PDF - res://D:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - 未知 - Extra button: 番茄花园(HKLM) - http://www.tomatolei.com O9 - 未知 - Extra button: 信息检索(HKLM) - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - 未知 - Extra button: 更新 ThinkPad 软件(HKLM) - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe O16 - 未知 - DPF: {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} (PhotoDraw) - http://imgcache.qq.com/qzone/client/photo/pages/QQPhotoDrawSetup.exe O16 - 未知 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl) - https://img.alipay.com/download/1101/aliedit.cab O16 - 未知 - DPF: {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} (DLoader) - http://dl.uc.sina.com/cab/downloader.cab O16 - 未知 - DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} (CCTVUpdateInstall) - http://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll O16 - 未知 - DPF: 无效的CLSID:{D27CDB6E-AE6D-11CF-96B8-444553539500} ({D27CDB6E-AE6D-11CF-96B8-444553539500}) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - 未知 - DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} (PasswordEditCtrl) - https://password.qq.com/download/qqedit2.cab O18 - 未知 - Protocol: 电子书编译工具Web Compiler相关 - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll O18 - 未知 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - 未知 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O20 - 未知 - AppInit DLLs: C:\WINDOWS\system32\COMRes*dll,D:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd*dll,D:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3*dll O21 - 未知 - Protocol Icons: HKCR\http\shell\open\command - "d:\Program Files\360safe\360se\360SE.exe" "%1" O21 - 未知 - Protocol Icons: HKCR\https\shell\open\command - "d:\Program Files\360safe\360se\360SE.exe" "%1" O21 - 未知 - Protocol Icons: HKCR\htmlfile\shell\open\command - "d:\Program Files\360safe\360se\360SE.exe" "%1" O23 - 未知 - Service: AVP [防御病毒和其它恶意程序] - "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" -r - (running) O23 - 未知 - Service: CMBWPS [招商银行一网通网盾服务模块] - C:\Program Files\CMBCHINA\WebProtect\WPService.exe /start - (running) O23 - 未知 - Service: Lotus Notes Single Logon [Lotus Notes Single Logon] - C:\WINDOWS\system32\nslsvice.exe - (running) O23 - 未知 - Service: odserv [运行部分 Microsoft Office 诊断。] - "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" - (not running) O23 - 未知 - Service: QCONSVC [QCONSVC] - System32\QCONSVC.EXE - (not running) O23 - 未知 - Service: Roxio UPnP Renderer 9 [Roxio UPnP Renderer 9] - "C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe" - (not running) O23 - 未知 - Service: Roxio Upnp Server 9 [Roxio Upnp Server 9] - "C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe" - (not running) O23 - 未知 - Service: RoxLiveShare9 [Allows remote users to view through WEB browsers your authorized multimedia content managed by Roxio Media Manager9.] - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" - (not running) O23 - 未知 - Service: RoxMediaDB9 [Roxio RoxMediaDB9 Service] - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe" - (not running) O23 - 未知 - Service: RoxWatch9 [Roxio Hard Drive Watcher 9] - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe" - (not running) ======================================= 100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe 100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base 100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe 100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe 100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe 100 - 安全 - Process: ati2evxx.exe [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup 100 - 安全 - Process: ati2evxx.exe [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService 100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序,用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe 100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件管理。] - C:\WINDOWS\Explorer.EXE 100 - 安全 - Process: avp.exe [卡巴斯基杀毒软件相关程序。] - 100 - 安全 - Process: SMax4PNP.exe [声卡相关软件。] - C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe 100 - 安全 - Process: EZEJMNAP.EXE [IBM ThinkPad电脑EasyEject工具,用于在你的Thinkpad笔记本电脑上容易的连接多个设备。 ] - C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe 100 - 安全 - Process: 360tray.exe [360安全卫士实时保护模块] - D:\Program Files\360safe\safemon\360Tray.exe 100 - 安全 - Process: Vm_sti.exe [still image (sti) driver驱动程序,一般用于电脑摄像头。] - C:\WINDOWS\VM_STI.EXE 100 - 安全 - Process: avp.exe [卡巴斯基杀毒软件相关程序。] - 100 - 安全 - Process: AntiArp.exe [360ARP防火墙] - D:\Program Files\360safe\antiarp\antiarp.exe 100 - 安全 - Process: TPONSCR.exe [IBM笔记本扩展热键配置程序。 ] - C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe 100 - 安全 - Process: TpScrex.exe [IBM Thinkpad笔记本UltraZoom功能配置和诊断程序。] - C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe 100 - 安全 - Process: SMAgent.exe [一个声卡相关软件。] - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k imgsvc 100 - 安全 - Process: alg.exe [这是一个应用层网关服务用于网络共享。] - C:\WINDOWS\System32\alg.exe 100 - 安全 - Process: 360SE.exe [360安全浏览器] - D:\Program Files\360safe\360se\360SE.exe 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k HTTPFilter 100 - 安全 - Process: NOTEPAD.EXE [notepad字符编辑器用于打开文档。在windows中附带。] - C:\WINDOWS\notepad.exe 100 - 安全 - Process: 360Safe.exe [360安全卫士] - D:\Program Files\360safe\360Safe.exe 100 - 安全 - Process: safeboxtray.exe [360安全卫士保险箱相关程序。] - C:\Program Files\360Safebox\safeboxtray.exe R0 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page=http://go.microsoft.com/fwlink/?LinkId=54896 R0 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://go.microsoft.com/fwlink/?LinkId=54896 R0 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL=http://go.microsoft.com/fwlink/?LinkId=54896 R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm O1 - 安全 - Host: 127.0.0.1 1.jopenkk.com O1 - 安全 - Host: 127.0.0.1 1.jopenqc.com O1 - 安全 - Host: 127.0.0.1 1.joppnqq.com O1 - 安全 - Host: 127.0.0.1 2.joppnqq.com O1 - 安全 - Host: 127.0.0.1 3.joppnqq.com O2 - 安全 - BHO: (ThunderAtOnce Class) - [迅雷浏览器高级特性支持模块。] - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll O2 - 安全 - BHO: (AcroIEHlprObj Class) - [Adobe Reader, 查看和打印 Adobe 便携文档格式 (PDF) 文件。] - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - 安全 - BHO: (Thunder Browser Helper) - [迅雷附带下载监视器相关文件。] - {889D2FEB-5411-4565-8998-1DD2C5261283} - D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll O2 - 安全 - BHO: (Windows Live 登录帮助程序) - [windows live多用户登陆助手相关插件。] - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - 安全 - BHO: (浏览器辅助对象(BHO)) - [网际快车IE模块。] - {A5366673-E8CA-11D3-9CD9-0090271D075B} - O4 - 安全 - HKLM\..\Run: [IMSCMig] [微软拼音输入法安装工具。 ] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - 安全 - HKLM\..\Run: [SoundMAXPnP] [analog device公司声卡驱动程序。] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - 安全 - HKLM\..\Run: [SoundMAX] [analog device公司声卡驱动程序。] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray O4 - 安全 - HKLM\..\Run: [ATIPTA] [ati显卡驱动的系统托盘图标,可调节显卡属性] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - 安全 - HKLM\..\Run: [TPHOTKEY] [ibm thinkpad笔记本应用程序。] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe O4 - 安全 - HKLM\..\Run: [EZEJMNAP] [ibm thinkpad笔记本相关软件。] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe O4 - 安全 - HKLM\..\Run: [TP4EX] [ibm thinkpad系列笔记本驱动程序。] tp4ex.exe O4 - 安全 - HKLM\..\Run: [360Safetray] [360safe实时保护功能模块。] D:\Program Files\360safe\safemon\360Tray.exe /start O4 - 安全 - HKLM\..\Run: [BigDogPath] [网眼摄像头驱动] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera O4 - 安全 - HKLM\..\Run: [AVP] [卡巴斯基杀毒软件相关程序。] "D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe" O4 - 安全 - HKLM\..\Run: [360Antiarp] [360安全卫士ARP防火墙相关程序。] D:\Program Files\360safe\antiarp\antiarp.exe /start O4 - 安全 - HKLM\..\Run: [360Safebox] [360安全卫士保险箱相关程序。] "C:\Program Files\360Safebox\safeboxTray.exe" /r O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe O8 - 安全 - Extra context menu item: 使用网际快车下载 - D:\Program Files\FlashGet\jc_link.htm O8 - 安全 - Extra context menu item: 使用网际快车下载全部链接 - D:\Program Files\FlashGet\jc_all.htm O8 - 安全 - Extra context menu item: 使用迅雷下载 - D:\Program Files\Thunder Network\Thunder\Program\geturl.htm O8 - 安全 - Extra context menu item: 使用迅雷下载全部链接 - D:\Program Files\Thunder Network\Thunder\Program\getallurl.htm O8 - 安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - 安全 - Extra button: 启动迅雷5(HKLM)(HKLM) - C:\Program Files\Thunder Network\Thunder\Thunder.exe O9 - 安全 - Extra button: 卡巴斯基Web反病毒保护插件(HKLM) - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll O9 - 安全 - Extra button: Windows Messenger(HKLM) - C:\Program Files\Messenger\msmsgs.exe O11 - 安全 - Options Group: International* O16 - 安全 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (Windows升级工具V5) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1231940655421 O18 - 安全 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL O18 - 安全 - Protocol: OFFICE 相关 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL O23 - 安全 - Service: Ati HotKey Poller [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe - (running) O23 - 安全 - Service: Autodesk Licensing Service [Autodesk的服务程序。] - "C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe" - (not running) O23 - 安全 - Service: IBMPMSVC [IBM笔记本电脑电源管理相关程序。 ] - C:\WINDOWS\system32\ibmpmsvc.exe - (not running) O23 - 安全 - Service: SoundMAX Agent Service (default) [是Analog SoundMAX声卡产品相关程序。] - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe - (running) O23 - 安全 - Service: usnjsvc [Windows Live相关服务。] - "C:\Program Files\Windows Live\Messenger\usnsvc.exe" - (not running) O23 - 安全 - Service: WLSetupSvc [Windows Live相关服务。] - "C:\Program Files\Windows Live\installer\WLSetupSvc.exe" - (not running) O25 - 安全 - ABOUT: DesktopItemNavigationFailure - res://ieframe.dll/navcancl.htm O25 - 安全 - ABOUT: NavigationCanceled - res://ieframe.dll/navcancl.htm O25 - 安全 - ABOUT: NavigationFailure - res://ieframe.dll/navcancl.htm O25 - 安全 - ABOUT: OfflineInformation - res://ieframe.dll/offcancl.htm O25 - 安全 - ABOUT: PostNotCached - res://ieframe.dll/repost.htm ======================================= O31 - 未知 - Folder Menu: {F9DB5320-233E-11D1-9F84-707F02C10627} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll - Adobe Systems, Inc. - PDF Shell Extension - 7.0.0.0 - 110592 - 4b0991cd076b617a2231b19a6663c1c9 O31 - 未知 - Notify: QConGina - C:\WINDOWS\system32\QConGina.dll - Lenovo - ThinkVantage Access Connections - GINA Component. - 3.8.0.0 - 262144 - 262925e50fe7d5e65c9e3609828ca4fa O31 - 未知 - Notify: tpfnf2 - C:\WINDOWS\system32\notifyf2.dll - - - - 28672 - 3c21a62642bea691b588f69e8d11b374 O31 - 未知 - Notify: tphotkey - C:\WINDOWS\system32\tphklock.dll - - - - 24576 - 37b8b44c4443f0bd2c50f7fcff3a361b O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll - - - - 0 - O31 - 未知 - SEApproved: 无效的CLSID:Shell extensions for file compression - - - - - 0 - O31 - 未知 - SEApproved: 无效的CLSID:加密上下文菜单 - - - - - 0 - O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} - - - - - 0 - O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - - - - - 0 - O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} - - - - - 0 - O31 - 未知 - SEApproved: 无效的CLSID:压缩(zipped)文件夹 - - - - - 0 - O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - d:\Program Files\WinRAR\rarext.dll - - - - 129024 - 60fe004235a8108446dcfc1e526fde0e O31 - 未知 - SEApproved: {D25B2CAB-8A9A-4517-A9B2-CB5F68A5A802} - D:\Program Files\Adobe\Acrobat 7.0\Acrobat Elements\ContextMenu.dll - Adobe Systems Inc. - Adobe Acrobat Context Menu - 7.0.0.1333 - 577536 - edfca3682bcfe788bfcabf4d7e22805a O31 - 未知 - SEApproved: {e82a2d71-5b2f-43a0-97b8-81be15854de8} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141 O31 - 未知 - SEApproved: {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141 O31 - 未知 - SEApproved: 无效的CLSID:索尼爱立信文件管理器 - - - - - 0 - O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - d:\Program Files\WinRAR\rarext.dll - - - - 129024 - 60fe004235a8108446dcfc1e526fde0e O31 - 未知 - LSA: Security Packages - sv1_0.dll - - - - 0 - O31 - 未知 - LSA: Security Packages - channel.dll - - - - 0 - ======================================= O40 - winlogon.exe - - C:\WINDOWS\system32\tphklock.dll - - 37b8b44c4443f0bd2c50f7fcff3a361b O40 - winlogon.exe - Lotus Development - C:\WINDOWS\system32\npnotes.dll - Notes Network Provider - 9615ff6e82d5fef5d697a43063f57f7b O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL - MFCDLL Shared Library - Retail Version - ccc2e312486ae6b80970211da472268b O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll - Microsoft? C Runtime Library - e4fece18310e23b1d8fee993e35e7a6f O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL - MFC Language Specific Resources - afa7e91c8c9566e03fb1620f95230b93 O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll - Microsoft? C++ Runtime Library - 4c8a880eabc0b4d462cc4b2472116ea1 O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL - ATL Module for Windows (Unicode) - 3c7def3cbbca6284867aa4621d5d8a54 O40 - Explorer.EXE - Adobe Systems, Inc. - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll - PDF Shell Extension - 4b0991cd076b617a2231b19a6663c1c9 O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\MSVCR71.dll - Microsoft? C Runtime Library - 86f1895ae8c5e8b17d99ece768a70732 O40 - Explorer.EXE - - D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll - DsBho - 595719e26f2c6a5c2b5cbfa9ebbffa4b O40 - Explorer.EXE - Thunder Networking Technologies,LTD - D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll - DataProcessor - dae999d2d3b95d4488c56d114284c8d3 O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\dfshim.dll - Application Deployment Support Library - b3511383c8be3a8c5b88a78971fc1141 O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\mscoree.dll - Microsoft .NET Runtime Execution Engine - 34bc771730448718ab771255888c783d O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Shfusion.dll - Microsoft COM Runtime Fusion Assembly Viewer - 5b746df7ff55229630fe2815b348149c O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Fusion.dll - Assembly manager - ad23bb6b329c7d5ee8a43b89e2fd4fd2 O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\culture.dll - Microsoft Globalization Support - ad060608376e3195b4545928f43653d8 O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\zh-CHS\ShFusRes.dll - Microsoft COM 运行时合成程序集查看器资源 - dbd869737dbce332bf17026df3de7e82 O40 - Explorer.EXE - Adobe Systems, Incorporated - C:\Program Files\Common Files\Adobe\Shell\PSICON.DLL - Icons for Adobe Photoshop - b3425c813804c01c0a7fc732f7ae60cb ======================================= O41 - ANC - IBM Access Connections - ANC - C:\WINDOWS\system32\drivers\ANC.sys - (running) - IBM Access Connections - ANC - IBM Corp. - 11ab185a7af224800bbfb5b836974a17 O41 - CMB8100 - CMB8100 - C:\WINDOWS\system32\drivers\CertClient.dat - (running) - - - 1b5be95b9bf04543fcf9f37f464105f8 O41 - CMBProtector - CMBProtector - C:\WINDOWS\system32\drivers\CMBProtector.dat - (running) - - - ba2e66e85dd0af4c5414f7b58ad5fc64 O41 - IBMTPCHK - IBMTPCHK - C:\WINDOWS\system32\drivers\IBMBLDID.SYS - (running) - - - 927dd405f7aec212ffdec4f7f4ab2731 O41 - SafeBoxKrnl - 360安全卫士 - 保险箱 - C:\Program Files\360Safebox\SafeBoxKrnl.sys - (running) - 360安全卫士 - 保险箱 - 360安全中心 - 50fad33109793f7a8b64f98a1bb6feeb O41 - SafeMon0 - SafeMon0 - C:\WINDOWS\system32\333C3D59.dat - (running) - - - d2a5eff2e4ea9481380894f8f986b105 O41 - Smapint - SMAPI I/O - C:\WINDOWS\system32\drivers\SMAPINT.SYS - (running) - SMAPI I/O - Microsoft Corporation - 26341d0dd225d19fd50e0ee3c3c77502 O41 - sptd - sptd - C:\WINDOWS\system32\drivers\sptd.sys - (running) - - - O41 - TDSMAPI - TDSMAPI - C:\WINDOWS\system32\drivers\TDSMAPI.SYS - (running) - - - e9512ac82fff83808549267078b38fe5 O41 - TSMAPIP - TSMAPIP - C:\WINDOWS\system32\drivers\TSMAPIP.SYS - (running) - - - f2aba3066d7921d7fcdbd66dea88be11 O41 - MRV6X32U - ExtSta NDIS 6.0 driver - C:\WINDOWS\system32\drivers\MRVW23B.sys - (not running) - ExtSta NDIS 6.0 driver - Tenda, Inc - 44504407ebbcb56081bbb29dc3c692df O41 - MRVW225 - Tenda TWL541U driver - C:\WINDOWS\system32\drivers\MRVW225.sys - (not running) - Tenda TWL541U driver - Tenda, Inc - 5d4d4c3e1fae084e94e0b1dcf8e0426a O41 - npkcrypt - npkcrypt - C:\WINDOWS\system32\npkcrypt.sys - (not running) - - - O41 - npkycryp - npkycryp - C:\WINDOWS\system32\npkycryp.sys - (not running) - - - O41 - QCNDISIF - IBM Access Connections - Intermediate Protocol Driver. - C:\WINDOWS\system32\drivers\qcndisif.sys - (not running) - IBM Access Connections - Intermediate Protocol Driver. - IBM Corporation. - d1666121638bb0d23081dcc41ecb21f0 O41 - SciCamD - SCI Camera Driver - C:\WINDOWS\system32\drivers\SciCamD.sys - (not running) - SCI Camera Driver - Spreadtrum - 6e2b7f281459dbcac7da818df0be1957 O41 - UIUSys - UIUSys - C:\WINDOWS\system32\drivers\UIUSys.sys - (not running) - - - ======================================= 360Safe.exe=4.4.1.1011 AntiAdwa.dll=4.2.0.1001 AntiEng.dll=4.4.0.1001 AntiActi.dll=2.0.0.3000 CleanHis.dll=4.2.0.1002 live.dll=1.0.1.1029 ======================================= 操作历史报告: ----------清理恶评及系统插件历史---------- 2009-02-01 23:21 清理恶评软件 - Wisro木马程序 - 2009-01-25 01:20 清理恶评插件 - pkeusvq(Auto) - 清理恶评插件 - SRAT_Service木马程序 - C:\WINDOWS\system32\sadfasdf.jpg 2009-02-01 22:04 清理恶评插件 - pkeusvq(Auto) - 清理恶评插件 - SRAT_Service木马程序 - C:\WINDOWS\system32\sadfasdf.jpg 清理恶评插件 - Wisro木马程序 - C:\WINDOWS\system32\ctm04004.exe ----------全面诊断修复历史---------- 2008-04-04 12:13 O6 - 危险 - 禁止IE首页相关设置 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel ----------修复IE浏览器操作历史---------- 2008-04-04 12:15 R0 - 危险 - IE起始页的默认页 - HKLM\Software\Microsoft\Internet Explorer\Main R1 - 危险 - IE左侧搜索页 - HKLM\Software\Microsoft\Internet Explorer\Main O21 - 危险 - http协议缺省启动程序 - "d:\Program Files\Maxthon2\Maxthon.exe" "%1" O21 - 危险 - https协议缺省启动程序 - "d:\Program Files\Maxthon2\Maxthon.exe" "%1" O21 - 危险 - htmlfile协议缺省启动程序 - "d:\Program Files\Maxthon2\Maxthon.exe" "%1" O28 - 危险 - IE链接的参数 - C:\DOCUME~1\葛生林\「开始~1\程序\附件\系统工具\INTERN~2.LNK 2009-02-01 22:48 O20 - 危险 - 自启动项AppInit_DLLs - C:\WINDOWS\system32\COMRes.dll O21 - 危险 - http协议缺省启动程序 - "D:\Program Files\Maxthon2\Maxthon.exe" "%1" O21 - 危险 - https协议缺省启动程序 - "D:\Program Files\Maxthon2\Maxthon.exe" "%1" O21 - 危险 - htmlfile协议缺省启动程序 - "D:\Program Files\Maxthon2\Maxthon.exe" "%1" O28 - 危险 - IE链接的参数 - C:\DOCUME~1\葛生林\「开始~1\程序\附件\系统工具\INTERN~1.LNK ======================================= 360安全卫士,彻底查杀各种流氓软件,全面保护系统安全 最新免费下载:http://www.360.cn/download.html