各位高手:
非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
诊断时间: 2007-06-24 18:21:28
诊断平台: Microsoft Windows 2000 Service Pack 4
IE版本: Internet Explorer V6.0.2800.1106 Build:62800.1106
100 - 未知 - Process: eDial.exe [eDial 一点通] - C:\Program Files\Coopen Technologies\EDial\EDial.exeR0 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htmO2 - 未知 - BHO: (ThunderAtOnce Class) - [迅雷浏览器高级特性支持模块] - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dllO8 - 未知 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htmO8 - 未知 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htmO8 - 未知 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htmO8 - 未知 - Extra context menu item: 导出到 Microsoft Excel(&x) - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - 未知 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htmO8 - 未知 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htmO8 - 未知 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htmO9 - 未知 - Extra button: 启动迅雷5(HKLM) - C:\Program Files\Thunder Network\Thunder\Thunder.exeO9 - 未知 - Extra button: 腾讯QQ(HKLM) - C:\Program Files\Tencent\QQ\QQ.EXE=======================================
100 - 安全 - Process: smss.exe [该进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - C:\WINNT\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINNT\system32\csrss.exe
ObjectDirectory=\Windows SharedSection=1024,3072,512,512 Windows=On SubSystemType=Windows ServerDll=ba
100 - 安全 - Process: WINLOGON.EXE [windows nt用户登陆程序。] - C:\WINNT\system32\winlogon.exe
100 - 安全 - Process: SERVICES.EXE [用于管理windows服务系统进程。] - C:\WINNT\system32\services.exe
100 - 安全 - Process: LSASS.EXE [本地安全权限服务控制windows安全机制。] - C:\WINNT\system32\lsass.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINNT\system32\svchost -k rpcss
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINNT\system32\svchost.exe -k netsvcs
100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序,用以打印机就绪。] - C:\WINNT\system32\spoolsv.exe
100 - 安全 - Process: avp.exe [卡巴斯基杀毒软件相关程序。] -
100 - 安全 - Process: regsvc.exe [远程注册表服务用于访问在远程计算机的注册表。] - C:\WINNT\system32\regsvc.exe
100 - 安全 - Process: mstask.exe [windows计划任务用于设定继承在什么时间或者什么日期备份或者运行。] - C:\WINNT\system32\MSTask.exe
100 - 安全 - Process: winmgmt.exe [windows management service透过windows management instrumentation data (wmi)技术处理来自应用客户端的请求。] - C:\WINNT\System32\WBEM\WinMgmt.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINNT\system32\svchost.exe -k wugroup
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件管理。] - C:\WINNT\Explorer.EXE
100 - 安全 - Process: igfxtray.exe [intel显卡相关软件。] - C:\WINNT\system32\igfxtray.exe
100 - 安全 - Process: hkcmd.exe [intel显卡驱动相关软件。] - C:\WINNT\system32\hkcmd.exe
100 - 安全 - Process: avp.exe [卡巴斯基杀毒软件相关程序。] -
100 - 安全 - Process: 360tray.exe [360安全卫士实时监控程序。] - C:\Program Files\360safe\safemon\360Tray.exe
100 - 安全 - Process: CTFMON.EXE [office xp输入法图标。] - C:\WINNT\system32\ctfmon.exe
100 - 安全 - Process: IEXPLORE.EXE [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\iexplore.exe
100 - 安全 - Process: IEXPLORE.EXE [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\iexplore.exe
100 - 安全 - Process: 360Safe.exe [360安全卫士相关程序。] - C:\Program Files\360safe\360safe.exe
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINNT\system32\blank.htm
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINNT\system32\blank.htm
O2 - 安全 - BHO: (Thunder Browser Helper) - [迅雷附带下载监视器相关文件。] - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O3 - 安全 - Toolbar: (@msdxmLC.dll,-1@2052,电台(&R)) - [是Windows Media Player播放器ActiveX控制相关文件。] - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O4 - 安全 - HKLM\..\Run: [Synchronization Manager] [资料同步管理器] mobsync.exe /logon
O4 - 安全 - HKLM\..\Run: [IgfxTray] [是Intel显卡配置和诊断程序,会同Intel 810芯片组的集成显卡安装。] C:\WINNT\system32\igfxtray.exe
O4 - 安全 - HKLM\..\Run: [HotKeysCmds] [是Intel显示卡相关程序,用于配置和诊断相关设备。] C:\WINNT\system32\hkcmd.exe
O4 - 安全 - HKLM\..\Run: [kav] [卡巴斯基杀毒软件相关程序。] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - 安全 - HKLM\..\Run: [360Safetray] [360safe实时保护功能模块。] C:\Program Files\360safe\safemon\360Tray.exe /start
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] ctfmon.exe
O4 - 安全 - Startup folder: [Microsoft Office.lnk] [是offfice的一个快捷方式。 ] C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Microsoft Office.lnk
O9 - 安全 - Extra button: 卡巴斯基Web反病毒保护插件(HKLM) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - 安全 - Extra button: 电台(HKLM) - C:\WINNT\web\related.htm
O23 - 安全 - Service: AVP [卡巴斯基杀毒软件相关程序。] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe -r - (running)O23 - 安全 - Service: Fax [微软Microsoft传真服务相关程序,该服务允许用户创建和发送传真到微软Office组件中。] - C:\WINNT\system32\faxsvc.exe - (not running)=======================================
O31 - 未知 - Notify: klogon - C:\WINNT\system32\klogon.dll - Kaspersky Lab - Logon Visualizer - 6.0.0.299 - 28778 - 7072750eb5c0f0cd54b48f972855ca61
O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll - - - - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Shell extensions for file compression - - - - - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:加密上下文菜单 - - - - - 0 -
O31 - 未知 - SEApproved: {BDEADF00-C265-11D0-BCED-00A0C90AB50F} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL - Microsoft Corporation - Microsoft Web Folders - 10.145.3810.0 - 1318912 - 77264964a2b836234341006159fe89a3
O31 - 未知 - SEApproved: 无效的CLSID:Shell Extensions for RealOne Player - - - - - 0 -
O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 124416 - ce26788c6b70ced9af0d1e7174a9ddcc
O31 - 未知 - SEApproved: {85E0B171-04FA-11D1-B7DA-00A0C90348D6} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll - Kaspersky Lab - Script Monitor Internet Explorer plugin - 6.0.0.299 - 184430 - 3f6db09f466b9e4f252549e62a21d6a5
O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 124416 - ce26788c6b70ced9af0d1e7174a9ddcc
O31 - 未知 - LSA: Security Packages - sv1_0.dll - - - - 0 -
O31 - 未知 - LSA: Security Packages - channel.dll - - - - 0 -
=======================================
O40 - winlogon.exe - Kaspersky Lab - C:\WINNT\system32\klogon.dll - Logon Visualizer - 7072750eb5c0f0cd54b48f972855ca61O40 - Explorer.EXE - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\shellex.dll - Windows Shell Extension - 62281a8da78c81f4f4695c3de52ba680O40 - Explorer.EXE - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\pr_remote.dll - PR_REMOTE - 5f6e14e8290e10b4fac233b7cca87430O40 - Explorer.EXE - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll - Prague Loader - ebf71aa09b2418a0c79a406255862ab5=======================================
O41 - kl1 - Kaspersky Unified Driver - C:\WINNT\system32\drivers\kl1.sys - (running) - Kaspersky Unified Driver - Kaspersky Lab - 5445b03cd42dedf5f85b9daf712fdd09O41 - klif - spuper-ptor - C:\WINNT\system32\drivers\klif.sys - (running) - spuper-ptor - Kaspersky Lab - 2985985b39e13643f941b6396fb915ddO41 - RMSPPPOE - PPP over Ethernet Protocol NDIS Intermediate Driver - C:\WINNT\system32\drivers\PPPOE32.SYS - (running) - PPP over Ethernet Protocol NDIS Intermediate Driver - Robert Schlabbach - 1386e0ba86c3c86172e8eb3b05536350O41 - npkcusb - nProtect KeyCrypt Driver - C:\Program Files\Tencent\QQ\npkcusb.sys - (not running) - nProtect KeyCrypt Driver - INCA Internet Co., Ltd. - cab3f211df47ebbe6dd3d9c9995060ad=======================================
360Safe.exe=3.5.1.1001
AntiAdwa.dll=3.5.1.1001
AntiEng.dll=3.5.1.1001
AntiActi.dll=2.0.0.3000
CleanHis.dll=3.0.2.1000
live.dll=1.0.1.1016
=======================================
操作历史报告:
=======================================
