诊断时间: 2009-07-30  08:32:34
诊断平台: Microsoft Windows XP  Service Pack 2
IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180 
计算机物理内存:510.11MB - 当前可用内存:113.08MB

O6 - 低危险 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel
O6 - 低危险 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions
R0 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch=
R0 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=
R1 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Window Title=
R1 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title=
O3 - 未知 - Toolbar: (第三方IE工具栏) - [无效的CLSID:{1E796980-9CC5-11D1-A83F-00C04FC99D61}] - {1E796980-9CC5-11D1-A83F-00C04FC99D61} - 
O8 - 未知 - Extra context menu item: 使用电驴下载 - D:\Program Files\easyMule\IE2EM.htm
O8 - 未知 - Extra context menu item: 使用迅雷下载 - d:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm
O8 - 未知 - Extra context menu item: 页面截图... Alt+S - c:\program files\iemate\page\saveimage.htm
O15 - 未知 - Trusted Zone: https://mybank.icbc.com.cn
O15 - 未知 - Trusted Zone: http://www.icbc.com.cn
O16 - 未知 - DPF: {642D2749-A4FC-49C5-8384-E39E009EBCDD} (XiaoNei Album Uploader) - http://xnimg.cn/xnalbum.cab
O18 - 未知 - Protocol: KuGoo - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}
O18 - 未知 - Protocol: KuGoo3 - {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}
O23 - 未知 - Service: PnkBstrA [PunkBuster Service Component [v1029] http://www.evenbalance.com] -  - (not running)

=======================================

100 - 默认 - Process: smss.exe [Windows操作系统的相关程序，用于会话管理子系统，负责启动用户会话。] - C:\WINDOWS\System32\smss.exe
100 - 默认 - Process: csrss.exe [Windows操作系统的客户端服务子系统，用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 默认 - Process: winlogon.exe [Windows操作系统的用户登陆程序，管理用户登录和退出。] - C:\WINDOWS\system32\winlogon.exe
100 - 默认 - Process: services.exe [Windows操作系统的相关程序，用于控制所有服务。] - C:\WINDOWS\system32\services.exe
100 - 默认 - Process: lsass.exe [Windows操作系统中多个windows系统服务的宿主，具有提供tcp/ip网络上客户端和服务器之间端对端的安全，保护敏感数据存储，通知sam接收请求等功能。] - C:\WINDOWS\system32\lsass.exe
100 - 默认 - Process: svchost.exe [Windows操作系统的相关程序，用于加载标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - 默认 - Process: svchost.exe [Windows操作系统的相关程序，用于加载标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: CCenter.exe [瑞星个人防火墙2009控制台的相关程序。] - d:\Program Files\Rising\RFW\CCENTER.EXE
100 - 默认 - Process: svchost.exe [Windows操作系统的相关程序，用于加载标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: RavTask.exe [瑞星个人防火墙2009的任务计划程序。] - d:\Program Files\Rising\RFW\RavTask.exe
100 - 安全 - Process: EvtEng.exe [英特尔公司出品的相关产品。] - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
100 - 安全 - Process: S24EvMon.exe [无线网卡相关驱动程序，用于事件监控。] - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
100 - 默认 - Process: svchost.exe [Windows操作系统的相关程序，用于加载标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - 默认 - Process: svchost.exe [Windows操作系统的相关程序，用于加载标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: RfwSrv.exe [瑞星防火墙的基础进程，缺少该文件防火墙将无法正常启动。] - d:\Program Files\Rising\RFW\rfwsrv.exe
100 - 默认 - Process: explorer.exe [Windows操作系统的程序管理器或者windows资源管理器，用于管理windows图形壳，包括开始菜单、任务栏、桌面和文件管理。] - C:\WINDOWS\Explorer.EXE
100 - 默认 - Process: spoolsv.exe [Windows操作系统的打印机的一部分，用于将windows打印机任务发送给本地打印机。] - C:\WINDOWS\system32\spoolsv.exe
100 - 默认 - Process: scardsvr.exe [微软windows操作系统的相关程序，用于认证你本地系统的简单安全卡。] - C:\WINDOWS\System32\SCardSvr.exe
100 - 安全 - Process: RsTray.exe [瑞星防火墙的实时监控程序，用于加载瑞星防火墙的实时监控服务。] - D:\Program Files\Rising\RFW\RsTray.exe
100 - 安全 - Process: 360tray.exe [360安全卫士实时监控程序。] - D:\Program Files\360\360Safe\safemon\360tray.exe
100 - 默认 - Process: ctfmon.exe [Windows操作系统的用户输入法选择服务，用于控制输入法语言条，提供语音识别、手写识别、键盘、翻译和其它用户输入技术的支持。] - C:\WINDOWS\system32\ctfmon.exe
100 - 安全 - Process: wcescomm.exe [系统设备的电脑同步软件相关程序，用于实现同步设备端与电脑的连接与通讯。] - D:\PROGRA~1\MICROS~1\wcescomm.exe
100 - 默认 - Process: svchost.exe [Windows操作系统的相关程序，用于加载标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: rapimgr.exe [ActiveSync软件的相关文件，用于连接和同步PC电脑和移动设备。] - D:\PROGRA~1\MICROS~1\rapimgr.exe -Embedding
100 - 安全 - Process: AppleMobileDeviceService.exe [苹果公司itunes软件的相关程序，用于提供支持服务。] - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
100 - 安全 - Process: mDNSResponder.exe [苹果公司itunes软件的共享启动程序，可用于支持一般软件的音乐共享。] - C:\Program Files\Bonjour\mDNSResponder.exe
100 - 安全 - Process: rsnetsvr.exe [rsnetsvr] - D:\Program Files\Rising\RFW\rsnetsvr.exe
100 - 安全 - Process: IcbcDaemon.exe [] - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\IcbcDaemon.exe
100 - 安全 - Process: ccSvcHst.exe [Symantec Service Framework] - d:\Program Files\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
100 - 安全 - Process: nvsvc32.exe [nvidia driver helper service在nvida显卡驱动中被安装。] - C:\WINDOWS\system32\nvsvc32.exe
100 - 安全 - Process: RegSrvc.exe [intel公司出品的安置在网卡驱动程序(intel proset)旁，用以通信服务。] - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
100 - 默认 - Process: svchost.exe [Windows操作系统的相关程序，用于加载标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k imgsvc
100 - 安全 - Process: wdfmgr.exe [windows media player的减少兼容性模块，其主要作用是检测系统环境中冲突和减少程序的不兼容性。] - C:\WINDOWS\system32\wdfmgr.exe
100 - 安全 - Process: VESMgr.exe [索尼公司出品的笔记本电脑相关程序。] - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
100 - 安全 - Process: ccSvcHst.exe [Symantec Service Framework] - d:\Program Files\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe
100 - 默认 - Process: alg.exe [Windows操作系统自带的程序，用于处理微软windows网络连接共享和网络连接防火墙。] - C:\WINDOWS\System32\alg.exe
100 - 安全 - Process: IEXPLORE.EXE [IE浏览器的主程序，用于启动/运行该软件。] - c:\program files\internet explorer\iexplore.exe
100 - 安全 - Process: QQ.exe [QQ2009] - D:\Program Files\Tencent\QQ\Bin\QQ.exe
100 - 安全 - Process: TXPlatform.exe [QQ2009] - d:\Program Files\Tencent\QQ\Bin\TXPlatform.exe
100 - 安全 - Process: 360Safe.exe [360安全卫士的主程序，用于启动和运行该程序。] - D:\Program Files\360\360Safe\360Safe.exe
O2 - 安全 - BHO: (ThunderAtOnce Class) - [迅雷(thunder)中的补助性插件，用于下载任务URL地址的查找。] - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - d:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll
O2 - 安全 - BHO: (IE2EMBHO Class) - [eMule BHO (电驴浏览器辅助对象)] - {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} - D:\Program Files\easyMule\modules\IE2EM.dll
O2 - 安全 - BHO: (Adobe PDF Link Helper) - [Adobe Reader IE插件。] - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - 安全 - BHO: (Thunder Browser Helper) - [迅雷附带下载监视器相关文件，用于在浏览器点击时获取url地址。] - {889D2FEB-5411-4565-8998-1DD2C5261283} - d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O2 - 安全 - BHO: (ICBC Anti-Phishing class) - [中国工商银行IE浏览器BHO组件] - {BB4491A2-D11A-4c6b-91C0-B53246A3122B} - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll
O4 - 安全 - HKLM\..\Run: [NvCplDaemon] [NVIDIA显示卡相关动态链接库文件。] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - 安全 - HKLM\..\Run: [RFWTray] [瑞星防火墙的实时监控程序，用于加载瑞星防火墙的实时监控服务。] "d:\Program Files\Rising\RFW\RsTray.exe" -system
O4 - 安全 - HKLM\..\Run: [360Safetray] [360安全卫士实时监控程序。] "D:\Program Files\360\360Safe\safemon\360tray.exe" /start
O4 - 默认 - HKCU\..\Run: [ctfmon.exe] [Windows操作系统的用户输入法选择服务，用于控制输入法语言条，提供语音识别、手写识别、键盘、翻译和其它用户输入技术的支持。] C:\WINDOWS\system32\ctfmon.exe
O4 - 安全 - HKCU\..\Run: [H/PC Connection Agent] [microsoft activesync掌上电脑同步软件。] "D:\PROGRA~1\MICROS~1\wcescomm.exe"
O8 - 安全 - Extra context menu item: &U使用纳米机器人下载并收藏 - D:\Program Files\NamiRobot\Data\du.html
O8 - 安全 - Extra context menu item: 使用迅雷下载全部链接 - d:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm
O8 - 安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - 安全 - Extra context menu item: 添加到QQ表情 - D:\Program Files\Tencent\QQ\Bin\AddEmotion.htm
O8 - 安全 - Extra context menu item: 用维棠下载视频 - C:\Program Files\ViDown\vd_link.htm
O9 - 安全 - Extra button: 启动迅雷5(HKLM) - d:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 安全 - Extra button: Create Mobile Favorite(HKLM) - D:\PROGRA~1\MICROS~1\INetRepl.dll
O9 - 安全 - Extra button: 创建移动收藏...(HKLM) - D:\PROGRA~1\MICROS~1\INetRepl.dll
O16 - 安全 - DPF: 无效的CLSID：{00000161-9980-0010-8000-00AA00389B71} ({00000161-9980-0010-8000-00AA00389B71}) - http://codecs.microsoft.com/codecs/i386/msaud.cab
O16 - 默认 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - 安全 - DPF: {488A4255-3236-44B3-8F27-FA1AECAA8844} (EditCtrl) - https://img.alipay.com/download/2121/aliedit.cab
O16 - 安全 - DPF: {69A5F9C4-01CB-470B-8161-CE67313E3CF4} (SfEdit32 Control) - https://img.99bill.com/seashell/website/js/pki/SF99BILL_09_v1_1.cab
O16 - 安全 - DPF: {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} (CCTVUpdateInstall) - http://t.live.cctv.com/ieocx/CCTVUpdateInstall.dll
O16 - 安全 - DPF: {BAEA0695-03A4-43BB-8495-C7025E1A8F42} (QQCertCtrl) - https://www.tenpay.com/download/qqedit.cab
O18 - 安全 - Protocol: Microsoft Office InfoPath相关的一个模块。 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O18 - 安全 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - 安全 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - 安全 - Protocol Icons: HKCR\http\shell\open\command - "C:\Program Files\internet explorer\iexplore.exe" "%1"
O21 - 安全 - Protocol Icons: HKCR\ftp\shell\open\command - "C:\Program Files\internet explorer\iexplore.exe" "%1"
O21 - 安全 - Protocol Icons: HKCR\https\shell\open\command - "C:\Program Files\internet explorer\iexplore.exe" "%1"
O21 - 安全 - Protocol Icons: HKCR\htmlfile\shell\open\command - "C:\Program Files\internet explorer\iexplore.exe" "%1"
O23 - 安全 - Service: Apple Mobile Device [苹果公司itunes软件的相关程序，用于提供支持服务。] - "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" - (running)
O23 - 安全 - Service: Bonjour Service [苹果公司itunes软件的共享启动程序，可用于支持一般软件的音乐共享。] - "C:\Program Files\Bonjour\mDNSResponder.exe" - (running)
O23 - 安全 - Service: ccosm [暴风影音的解码器的更新程序。] - d:\Program Files\StormII\stormliv.exe /asservice - (not running)
O23 - 安全 - Service: EvtEng [EvtEng相关模块，用于支持Intel无线网络连接硬件。] - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe - (running)
O23 - 安全 - Service: FLEXnet Licensing Service [FLEXnet Publisher防盗版软件的服务组件，用于软件的授权信息检测。] - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe - (not running)
O23 - 安全 - Service: ICBC Daemon Service [ICBC Daemon Service] - C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\IcbcDaemon.exe - (running)
O23 - 安全 - Service: iPod Service [苹果公司itunes软件的相关程序，用于提供对apple ipod设备的服务。] - "C:\Program Files\iPod\bin\iPodService.exe" - (not running)
O23 - 安全 - Service: Norton AntiVirus [Norton AntiVirus] - "d:\Program Files\Norton AntiVirus\Engine\16.5.0.134\ccSvcHst.exe" /s "Norton AntiVirus" /m "d:\Program Files\Norton AntiVirus\Engine\16.5.0.134\diMaster.dll" /prefetch:1 - (running)
O23 - 安全 - Service: NVSvc [是NVIDIA显示卡相关程序。] - C:\WINDOWS\system32\nvsvc32.exe - (running)
O23 - 安全 - Service: RegSrvc [Intel网络通讯软件相关程序。 ] - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe - (running)
O23 - 安全 - Service: RfwCCenter [瑞星个人防火墙2009控制台的相关程序。] - d:\Program Files\Rising\RFW\CCENTER.EXE - (not running)
O23 - 安全 - Service: RfwService [瑞星防火墙的基础进程，缺少该文件防火墙将无法正常启动。] - d:\Program Files\Rising\RFW\rfwsrv.exe - (not running)
O23 - 安全 - Service: RfwTask [瑞星个人防火墙2009的任务计划程序。] - "d:\Program Files\Rising\RFW\RavTask.exe" RfwTask - (running)
O23 - 安全 - Service: S24EventMonitor [无线网卡配置和诊断程序。] - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe - (running)
O23 - 安全 - Service: usnjsvc [msn的相关程序，用于加载messenger共享usn杂志阅读服务。] - "C:\Program Files\MSN Messenger\usnsvc.exe" - (not running)
O23 - 安全 - Service: VAIO Event Service [为VAIO计算机提供硬件事件管理服务。如果停止该服务，特殊按钮、Hotkey以及VAIO独自电源管理等功能将无法使用。] - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe - (running)
O23 - 安全 - Service: WMConnectCDS [windows media player的程序，用于将windows计算机上存放的音乐、照片和视频传送到支持upnp协议的设备中。] - C:\Program Files\Windows Media Connect 2\wmccds.exe - (not running)

=======================================

O31 - 未知 - Folder Menu: {7D4D6379-F301-4311-BEBA-E26EB0561882} - C:\Program Files\Common Files\Ahead\lib\NeroDigitalExt.dll - Nero AG - Nero Digital Shell Extension - 2.0.0.8 - 1802240 - 2891b62b2a8181d827add753dccdce7f
O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll -  -  -  - 0 - 
O31 - 未知 - SEApproved: 无效的CLSID：Shell extensions for file compression -  -  -  -  - 0 - 
O31 - 未知 - SEApproved: 无效的CLSID：加密上下文菜单 -  -  -  -  - 0 - 
O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} -  -  -  -  - 0 - 
O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} -  -  -  -  - 0 - 
O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} -  -  -  -  - 0 - 
O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll -  -  -  - 126464 - af42820acf961ad57e9b5eebefb34894
O31 - 未知 - SEApproved: 无效的CLSID：Shell Extensions for RealOne Player -  -  -  -  - 0 - 
O31 - 未知 - SEApproved: {B327765E-D724-4347-8B16-78AE18552FC3} - C:\Program Files\Common Files\Ahead\lib\NeroDigitalExt.dll - Nero AG - Nero Digital Shell Extension - 2.0.0.8 - 1802240 - 2891b62b2a8181d827add753dccdce7f
O31 - 未知 - SEApproved: {7F1CF152-04F8-453A-B34C-E609530A9DC8} - C:\Program Files\Common Files\Ahead\lib\NeroDigitalExt.dll - Nero AG - Nero Digital Shell Extension - 2.0.0.8 - 1802240 - 2891b62b2a8181d827add753dccdce7f
O31 - 未知 - SEApproved: 无效的CLSID：Windows木马清道夫 -  -  -  -  - 0 - 
O31 - 未知 - SEApproved: {e82a2d71-5b2f-43a0-97b8-81be15854de8} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
O31 - 未知 - SEApproved: {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll -  -  -  - 126464 - af42820acf961ad57e9b5eebefb34894
O31 - 未知 - LSA: Security Packages - sv1_0.dll -  -  -  - 0 - 
O31 - 未知 - LSA: Security Packages - channel.dll -  -  -  - 0 - 

=======================================

O40 - svchost.exe - Apple Inc. - C:\Program Files\Bonjour\mdnsNSP.dll - Bonjour Namespace Provider - 0e3e56064e162ee9cc48698355098301
O40 - svchost.exe - Apple Inc. - C:\Program Files\Bonjour\mdnsNSP.dll - Bonjour Namespace Provider - 0e3e56064e162ee9cc48698355098301
O40 - Explorer.EXE - Nero AG - C:\Program Files\Common Files\Ahead\lib\NeroDigitalExt.dll - Nero Digital Shell Extension - 2891b62b2a8181d827add753dccdce7f
O40 - Explorer.EXE - Microsoft Corporation - C:\Program Files\Common Files\Ahead\lib\MFC71.DLL - MFCDLL Shared Library - Retail Version - f35a584e947a5b401feb0fe01db4a0d7
O40 - Explorer.EXE - Microsoft Corporation - C:\Program Files\Common Files\Ahead\lib\MSVCP71.dll - Microsoft? C++ Runtime Library - 561fa2abb31dfa8fab762145f81667c2
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll - Microsoft? C Runtime Library - e4fece18310e23b1d8fee993e35e7a6f
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\mshtmleh.dll - Microsoft (R) HTML Editing Component - 9fa9acc69cb16bf6589bd4d9b06fdb2e
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\mshtmlte.dll - Microsoft (R) HTML Editing Component - adb9c13d62b5f0a6369f6d7283341f03
O40 - Explorer.EXE - NVIDIA Corporation - C:\WINDOWS\system32\NVRSZHC.DLL - NVIDIA Simplified Chinese language resource library - 6e599090feab761eba3d46a84d5d40a9
O40 - Explorer.EXE - ShenZhen Thunder Networking Technologies,LTD - d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll - DsBho - 8520ca7a95ac2dc573790343e6aa29b9
O40 - Explorer.EXE - ShenZhen Thunder Networking Technologies,LTD - d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll - DataProcessor - ba5ed4f49763a00ed9ca06e8b346dc94
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll - Microsoft GDI+ - a08ef2fc9b3e688128e89d9c193f7652
O40 - Explorer.EXE - Nero AG - D:\Program Files\Nero 7\Nero BackItUp\NBShell.dll - Nero BackItUp Application - c44757f39ef1b1fb10d89181928694e0
O40 - Explorer.EXE - Microsoft Corporation - D:\Program Files\Nero 7\Nero BackItUp\MFC71U.DLL - MFCDLL Shared Library - Retail Version - 7b93c623333f121dc9e689ccb1b7a733
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll - Microsoft? C++ Runtime Library - 4c8a880eabc0b4d462cc4b2472116ea1
O40 - Explorer.EXE -  - D:\Program Files\NamiRobot\Data\NamipanExt1.dll -  - da89e1082d8016414c90aaaaea840756
O40 - Explorer.EXE - Nero AG - C:\Program Files\Common Files\Ahead\lib\MediaLibraryNSE.dll - Nero File Dialog - 085a3278352f4fff975924542cdc0657
O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll - Microsoft GDI+ - a08ef2fc9b3e688128e89d9c193f7652

=======================================

O41 - AegisP - IEEE 802.1X Protocol Driver - C:\WINDOWS\system32\drivers\AegisP.sys - (running) - IEEE 802.1X Protocol Driver - Meetinghouse Data Communications - 12dafd934641dcf61e446313bc261ec2
O41 - IEProtector - IEProtector - C:\Program Files\IEMate\IEProtector.sys - (running) -  -  - 
O41 - s24trans - Intel WLAN Packet Driver - C:\WINDOWS\system32\drivers\s24trans.sys - (running) - Intel WLAN Packet Driver - Intel Corporation - 1cc074e0d48383d4e9bffc6a26c2a58a
O41 - sptd - sptd - C:\WINDOWS\system32\drivers\sptd.sys - (running) -  -  - 
O41 - tosporte - TOSHIBA Bluetooth Port Emulation Driver - C:\WINDOWS\system32\drivers\tosporte.sys - (running) - TOSHIBA Bluetooth Port Emulation Driver - TOSHIBA Corporation - 6a404454c6133e749be33892eb6ffa35
O41 - Tosrfcom - Bluetooth RFCOMM Driver - C:\WINDOWS\system32\drivers\tosrfcom.sys - (running) - Bluetooth RFCOMM Driver - TOSHIBA Corporation - 5ba1ca3b3cddb1ddc67df473f05d1ec2
O41 - toshidpt - Toshiba Bluetooth HID mini port driver - C:\WINDOWS\system32\drivers\toshidpt.sys - (not running) - Toshiba Bluetooth HID mini port driver - TOSHIBA Corporation. - e362d54fd394999c4178936396664e57
O41 - Tosrfbd - Bluetooth RF Bus Driver - C:\WINDOWS\system32\drivers\tosrfbd.sys - (not running) - Bluetooth RF Bus Driver - TOSHIBA CORPORATION - e4901804c4d8d613fa3560de2c2e0261
O41 - Tosrfbnp - Bluetooth RFBNEP Driver - C:\WINDOWS\system32\drivers\tosrfbnp.sys - (not running) - Bluetooth RFBNEP Driver - TOSHIBA Corporation - 613e09572f4c5b92ca6be8bdc4cc5b7d
O41 - Tosrfhid - Bluetooth HID Driver from TOSHIBA - C:\WINDOWS\system32\drivers\tosrfhid.sys - (not running) - Bluetooth HID Driver from TOSHIBA - TOSHIBA Corporation. - 7726332391d8fca1a491a17f592fd6b3
O41 - tosrfnds - Bluetooth BNEP Driver - C:\WINDOWS\system32\drivers\tosrfnds.sys - (not running) - Bluetooth BNEP Driver - TOSHIBA Corporation. - c52fd27b9adf3a1f22cb90e6bcf9b0cb
O41 - TosRfSnd - Bluetooth Audio Driver (WDM) - C:\WINDOWS\system32\drivers\tosrfsnd.sys - (not running) - Bluetooth Audio Driver (WDM) - TOSHIBA Corporation - 0d86d15caff2b3203c785d604ec7c942
O41 - Tosrfusb - Bluetooth USB Miniport Driver - C:\WINDOWS\system32\drivers\tosrfusb.sys - (not running) - Bluetooth USB Miniport Driver - TOSHIBA CORPORATION - 7414a6461bc83a22b0ae009ace3e375b

=======================================
360Safe.exe=5.2.0.1014
AntiAdwa.dll=4.2.0.1002
AntiEng.dll=5.0.0.1005
AntiActi.dll=2.0.0.3000
CleanHis.dll=4.2.0.1003
live.dll=1.0.2.1006

=======================================
操作历史报告：

2009-07-04 16:58
清理其它插件 - 百度工具栏 - C:\PROGRA~1\Baidu\Toolbar\BAIDUB~1.DLL

----------全面诊断修复历史----------

2009-07-04 17:00
O6 - 危险 - 禁止IE首页相关设置 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel

----------修复IE浏览器操作历史----------

2009-07-19 08:17
R0 - 危险 - IE默认搜索页 - HKLM\Software\Microsoft\Internet Explorer\Main
R1 - 危险 - IE默认搜索页 - HKCU\Software\Microsoft\Internet Explorer\Main
O20 - 危险 - 自启动项AppInit_DLLs - kmon*dll
O28 - 危险 - IE链接的参数 - C:\DOCUME~1\ADMINI~1\APPLIC~1\MICROS~1\INTERN~1\QUICKL~1\INTERN~1.LNK
2009-07-19 09:53
O20 - 危险 - 自启动项AppInit_DLLs - kmon*dll

=======================================