各位高手:
非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
该诊断报告由360安全卫士提供 http://www.360.cn
诊断时间: 2008-07-08 09:18:03
诊断平台: Microsoft Windows XP Service Pack 2
IE版本: Internet Explorer V7.0.5730.13 Build:75730
计算机物理内存:1022.10MB - 当前可用内存:383.37MB
100 - 未知 - Process: rfwstub.exe [Rising Personal FireWall Service Rfwstub ] - C:\Program Files\Rising\Rfw\rfwstub.exe
100 - 未知 - Process: sched.exe [Antivirus Scheduler] - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
100 - 未知 - Process: agrsmsvc.exe [Agere Soft Modem Call Progress Service] - C:\WINDOWS\system32\agrsmsvc.exe
100 - 未知 - Process: avguard.exe [Antivirus On-Access Service] - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
100 - 未知 - Process: AppleMobileDeviceService.exe [Apple Mobile Device Service] - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
100 - 未知 - Process: stormliv.exe [暴风影音媒体控制中心] - D:\Program Files\StormII\stormliv.exe
100 - 未知 - Process: EDSAgent.exe [EDSAgentEx Application] - C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
100 - 未知 - Process: MOM.exe [Catalyst Control Center: Monitoring program] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
100 - 未知 - Process: avgnt.exe [Antivirus System Tray Tool] - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
100 - 未知 - Process: dmhkcore.exe [Easy Display Manager] - C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
100 - 未知 - Process: OlympicNews.exe [搜狐奥运快讯] - D:\Program Files\SogouInput\OlympicNews.exe
100 - 未知 - Process: CCC.exe [Catalyst Control Centre: Host application] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
100 - 未知 - Process: jpg617.exe [] - D:\[读书]\JPG阅读下载\jpg617\jpg617.exe
100 - 未知 - Process: QQ.exe [QQ] - D:\Program Files\Tencent\QQ\QQ.exe
R0 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://lib.jnu.edu.cn/index.jsp
O2 - 未知 - BHO: (FG2CatchUrl) - [BHOCatch] - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - d:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll
O2 - 未知 - BHO: (Adobe PDF Conversion Toolbar Helper) - [Adobe PDF Toolbar for Internet Explorer] - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - 未知 - Toolbar: (Adobe PDF) - [Adobe PDF Toolbar for Internet Explorer] - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - 未知 - HKLM\..\Run: [StartCCC] [] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - 未知 - HKLM\..\Run: [EDS] [EDSAgentEx Application] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe
O4 - 未知 - HKLM\..\Run: [DMHotKey] [Loader of Easy Display Manager - Display Configurations Dialog] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe
O4 - 未知 - HKCU\..\Run: [OlympicExpress] [搜狐奥运快讯] d:\Program Files\SogouInput\OlympicNews.exe
O8 - 未知 - Extra context menu item: &使用快车(FlashGet)下载 - D:\Program Files\FlashGet Network\Flashget\ComDlls\Bholink.htm
O8 - 未知 - Extra context menu item: &使用快车(FlashGet)下载全部链接 - D:\Program Files\FlashGet Network\Flashget\ComDlls\Bhoall.htm
O8 - 未知 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder Network\Thunder\Program\geturl.htm
O8 - 未知 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm
O8 - 未知 - Extra context menu item: 导出当前页到超星阅览器(&A) - D:\Program Files\SSREADER36\ss_all.htm
O8 - 未知 - Extra context menu item: 导出选中部分到超星阅览器(&S) - D:\Program Files\SSREADER36\ss_select.htm
O8 - 未知 - Extra context menu item: 添加到QQ表情 - d:\Program Files\Tencent\QQ\AddEmotion.htm
O8 - 未知 - Extra context menu item: 转换为 Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - 未知 - Extra context menu item: 转换选取内容为 Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - 未知 - Extra context menu item: 转换选取内容到现有的 PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - 未知 - Extra context menu item: 转换选定的链接到 Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - 未知 - Extra context menu item: 转换选定的链接到现有的 PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - 未知 - Extra context menu item: 转换链接目标为 Adobe PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - 未知 - Extra context menu item: 转换链接目标到现有的 PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - 未知 - Extra context menu item: 追加到现有的 PDF - res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - 未知 - Extra button: 启动迅雷5(HKLM) - C:\Program Files\Thunder Network\Thunder\Thunder.exe
O9 - 未知 - Extra button: 信息检索(HKLM) - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - 未知 - Extra button: @btrez.dll,-12650(HKLM) - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O21 - 未知 - Protocol Icons: HKCR\http\shell\open\command - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1"
O21 - 未知 - Protocol Icons: HKCR\ftp\shell\open\command - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1"
O21 - 未知 - Protocol Icons: HKCR\https\shell\open\command - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE -requestPending -osint -url "%1"
O23 - 未知 - Service: AgereModemAudio [Agere Modem Call Progress Audio] - C:\WINDOWS\system32\agrsmsvc.exe - (running)
O23 - 未知 - Service: AntiVirScheduler [Service to schedule Avira AntiVir Personal – Free Antivirus jobs and updates.] - "C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe" - (running)
O23 - 未知 - Service: AntiVirService [Offers permanent protection against viruses and malware with the AntiVir search engine.] - "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe" - (running)
O23 - 未知 - Service: Apple Mobile Device [为 Apple 移动设备提供接口。] - "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe" - (running)
O23 - 未知 - Service: btwdins [处理 Bluetooth 设备的安装和删除。] - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe - (running)
O23 - 未知 - Service: ccosm [Contrl Center of Storm Media] - D:\Program Files\StormII\stormliv.exe /asservice - (running)
O23 - 未知 - Service: FLEXnet Licensing Service [This service performs licensing functions on behalf of FLEXnet enabled products.] - "C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" - (not running)
O23 - 未知 - Service: iPod Service [iPod 硬件管理服务] - "C:\Program Files\iPod\bin\iPodService.exe" - (not running)
O30 - 未知 - HKCU\..\Desktop: [Scrnsave.exe] [My Pictures Slideshow Screensaver] C:\WINDOWS\system32\ssmypics.scr
=======================================
100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: ati2evxx.exe [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: CCenter.exe [瑞星杀毒软件控制台相关程序。] - C:\Program Files\Rising\Rav\CCenter.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: btwdins.exe [蓝牙软件的一部分。] - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
100 - 安全 - Process: ati2evxx.exe [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: RavMonD.exe [瑞星杀毒软件的一部分。] - C:\PROGRAM FILES\RISING\RAV\ravmond.exe
100 - 安全 - Process: rfwsrv.exe [瑞星出品的防火墙程序,用于抵御黑客攻击。] - C:\Program Files\Rising\Rfw\rfwsrv.exe
100 - 安全 - Process: rfwProxy.exe [瑞星防火墙相关进程。] - C:\Program Files\Rising\Rfw\rfwProxy.exe
100 - 安全 - Process: RavStub.exe [瑞星出品的杀毒软件相关程序。] - C:\PROGRAM FILES\RISING\RAV\RavStub.exe
100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序,用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe
100 - 安全 - Process: alg.exe [这是一个应用层网关服务用于网络共享。] - C:\WINDOWS\System32\alg.exe
100 - 安全 - Process: MDM.EXE [debug除错管理用于调试应用程序和microsoft office中的microsoft script editor脚本编辑器。] - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件管理。] - C:\WINDOWS\Explorer.EXE
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k imgsvc
100 - 安全 - Process: rfwmain.exe [瑞星公司出品的瑞星杀毒软件个人防火墙程序,用于抵御黑客攻击。] - C:\Program Files\Rising\Rfw\RfwMain.exe
100 - 安全 - Process: RTHDCPL.exe [瑞昱出品的声卡相关程序。] - C:\WINDOWS\RTHDCPL.EXE
100 - 安全 - Process: SynTPEnh.exe [美国新思公司出版的触摸板驱动程序的一部分。] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
100 - 安全 - Process: 360tray.exe [360安全卫士实时保护模块] - D:\Program Files\360safe\safemon\360tray.exe
100 - 安全 - Process: RavTask.exe [瑞星出品的杀毒软件相关程序。] - C:\Program Files\Rising\Rav\RavTask.exe
100 - 安全 - Process: RavMon.exe [瑞星杀毒软件防火墙。] - C:\Program Files\Rising\Rav\Ravmon.exe
100 - 安全 - Process: runiep.exe [卡卡上网安全助手IE防漏墙相关程序。] - C:\Program Files\Rising\AntiSpyware\runiep.exe
100 - 安全 - Process: safeboxTray.exe [360安全卫士保险箱相关程序。] - D:\Program Files\360Safebox\safeboxTray.exe
100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\system32\ctfmon.exe
100 - 安全 - Process: firefox.exe [mozilla firefox浏览器相关程序,支持弹出广告拦截。] - C:\Program Files\Mozilla Firefox\firefox.exe
100 - 安全 - Process: WINWORD.EXE [microsoft office办公套件的一部分,word用于文字编辑。] - C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
100 - 安全 - Process: 360Safe.exe [360安全卫士] - D:\Program Files\360safe\360Safe.exe
R0 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL=http://go.microsoft.com/fwlink/?LinkId=54896
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=about:blank
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=about:blank
O2 - 安全 - BHO: (Adobe PDF Reader Link Helper) - [Adobe Reader, 查看和打印 Adobe 便携文档格式 (PDF) 文件。] - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - 安全 - BHO: (Thunder Browser Helper) - [迅雷附带下载监视器相关文件。] - {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll
O3 - 安全 - Toolbar: (卡卡上网安全助手) - [卡卡安全助手工具条软件相关程序。] - {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} - C:\WINDOWS\system32\kakatool.dll
O4 - 安全 - HKLM\..\Run: [RTHDCPL] [realtek声卡特性设置软件相关程序。] RTHDCPL.EXE
O4 - 安全 - HKLM\..\Run: [Alcmtr] [一款声卡相关程序。] ALCMTR.EXE
O4 - 安全 - HKLM\..\Run: [SynTPEnh] [新思手写板,多用于各种笔记本触摸板驱动程序设置] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - 安全 - HKLM\..\Run: [360Safetray] [360safe实时保护功能模块。] d:\Program Files\360safe\safemon\360tray.exe /start
O4 - 安全 - HKLM\..\Run: [RavTask] [瑞星杀毒软件的任务计划程序。] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 安全 - HKLM\..\Run: [RfwMain] [瑞星防火墙程序,抵御黑客攻击。] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 安全 - HKLM\..\Run: [runeip] [卡卡上网安全助手相关程序。] "C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup
O4 - 安全 - HKLM\..\Run: [IMSCMIG40W] [微软拼音输入法相关文件。] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40W\IMSCMIG.EXE /SetPreload /Log
O4 - 安全 - HKLM\..\Run: [360Safebox] [360安全卫士保险箱相关程序。] "d:\Program Files\360Safebox\safeboxTray.exe" /r
O4 - 安全 - HKLM\..\Run: [IMSCMig] [微软拼音输入法安装工具。 ] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload
O4 - 安全 - HKLM\..\Run: [avgnt] [h+bedv反病毒产品相关程序。] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - 安全 - HKLM\..\Run: [QuickTime Task] [quicktime:媒体播放器。] "C:\Program Files\Ringz Studio\Storm Codec\qttask.exe" -atboottime
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe
O8 - 安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O11 - 安全 - Options Group: International*
O18 - 安全 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O18 - 安全 - Protocol: OFFICE 相关 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O21 - 安全 - Protocol Icons: HKCR\http\DefaultIcon - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE,1
O21 - 安全 - Protocol Icons: HKCR\ftp\DefaultIcon - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE,1
O21 - 安全 - Protocol Icons: HKCR\https\DefaultIcon - C:\PROGRA~1\MOZILL~1\FIREFOX.EXE,1
O22 - 安全 - Filename Extention: FIREFOX第三方浏览器 - FirefoxHTML
O22 - 安全 - Filename Extention: FIREFOX第三方浏览器 - FirefoxHTML
O23 - 安全 - Service: Ati HotKey Poller [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe - (running)
O23 - 安全 - Service: RfwProxySrv [瑞星防火墙相关程序。] - C:\Program Files\Rising\Rfw\rfwProxy.exe - (running)
O23 - 安全 - Service: RfwService [是瑞星个人防火墙相关程序。] - C:\Program Files\Rising\Rfw\rfwsrv.exe - (running)
O23 - 安全 - Service: RsCCenter [是瑞星杀毒软件控制台相关程序。] - "C:\Program Files\Rising\Rav\CCenter.exe" - (running)
O23 - 安全 - Service: RsRavMon [是瑞星杀毒软件相关监控程序。] - "C:\PROGRAM FILES\RISING\RAV\Ravmond.exe" - (not running)
O25 - 安全 - ABOUT: DesktopItemNavigationFailure - res://ieframe.dll/navcancl.htm
O25 - 安全 - ABOUT: NavigationCanceled - res://ieframe.dll/navcancl.htm
O25 - 安全 - ABOUT: NavigationFailure - res://ieframe.dll/navcancl.htm
O25 - 安全 - ABOUT: OfflineInformation - res://ieframe.dll/offcancl.htm
O25 - 安全 - ABOUT: PostNotCached - res://ieframe.dll/repost.htm
=======================================
O31 - 未知 - Folder Menu: {F9DB5320-233E-11D1-9F84-707F02C10627} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll - Adobe Systems, Inc. - PDF Shell Extension - 8.1.0.0 - 372736 - 2094bc9a0fc9c0e15eea5f4a9581dd14
O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll - - - - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Shell extensions for file compression - - - - - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:加密上下文菜单 - - - - - 0 -
O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} - - - - - 0 -
O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - - - - - 0 -
O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} - - - - - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Shell Extensions for RealOne Player - - - - - 0 -
O31 - 未知 - SEApproved: {e82a2d71-5b2f-43a0-97b8-81be15854de8} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
O31 - 未知 - SEApproved: {E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} - C:\WINDOWS\system32\dfshim.dll - Microsoft Corporation - Application Deployment Support Library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
O31 - 未知 - SEApproved: {5E2121EE-0300-11D4-8D3B-444553540000} - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll - - ACE Context Menu - 2.0.0.0 - 73728 - 3a9f70479a886dcc8e5151326156472d
O31 - 未知 - SEApproved: 无效的CLSID: - - - - - 0 -
O31 - 未知 - SEApproved: {6af09ec9-b429-11d4-a1fb-0090960218cb} - C:\WINDOWS\system32\BTNeighborhood.dll - Broadcom Corporation. - BTNeighborhood DLL - 5.1.0.3300 - 962637 - 400cec59157de8baa2533fd56a18b5aa
O31 - 未知 - SEApproved: {7842554E-6BED-11D2-8CDB-B05550C10000} - C:\WINDOWS\system32\BTNCopy.dll - Broadcom Corporation. - BTNCopy Module - 5.1.0.3300 - 65536 - 5aba42ae8fbfd4c5d309406227643cab
O31 - 未知 - SEApproved: {AD392E40-428C-459F-961E-9B147782D099} - d:\Program Files\UltraISO\isoshell.dll - EZB Systems, Inc. - ISOShell - 1.0.0.2 - 53248 - 9c9e7dd001b69e4e4a70f8dadf454867
O31 - 未知 - SEApproved: {8f7261d0-d2b9-11d2-9909-00605205b24c} - d:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\CuteShell.dll - GlobalSCAPE Texas, LP. - - 50.6.3.2 - 163840 - 9e29ac81e4303ff0878fb4ba100b688f
O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 128512 - 2b7421a2351fbfa6e29141c46aea6b57
O31 - 未知 - SEApproved: 无效的CLSID:Windows木马清道夫 - - - - - 0 -
O31 - 未知 - SEApproved: {C30F74E2-EA0E-43EA-8E44-C97A1400BFC6} - C:\WINDOWS\system32\FFRenPro.dll - FFHOME.COM - FF's Rename Professional Service - 1.0.0.1 - 219136 - 2ac49253011c30096cac9455054ec12b
O31 - 未知 - SEApproved: {45AC2688-0253-4ED8-97DE-B5370FA7D48A} - C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll - Avira GmbH - ShlExt.dll - 7.0.0.11 - 69889 - 655a36ab49696ffe33fb376719b298c1
O31 - 未知 - Directory Menu: {8f7261d0-d2b9-11d2-9909-00605205b24c} - d:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\CuteShell.dll - GlobalSCAPE Texas, LP. - - 50.6.3.2 - 163840 - 9e29ac81e4303ff0878fb4ba100b688f
O31 - 未知 - Directory Menu: {C30F74E2-EA0E-43EA-8E44-C97A1400BFC6} - C:\WINDOWS\system32\FFRenPro.dll - FFHOME.COM - FF's Rename Professional Service - 1.0.0.1 - 219136 - 2ac49253011c30096cac9455054ec12b
O31 - 未知 - Directory Menu: {AD392E40-428C-459F-961E-9B147782D099} - d:\Program Files\UltraISO\isoshell.dll - EZB Systems, Inc. - ISOShell - 1.0.0.2 - 53248 - 9c9e7dd001b69e4e4a70f8dadf454867
O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 128512 - 2b7421a2351fbfa6e29141c46aea6b57
O31 - 未知 - BootExecute: bsmain - - - - 0 -
O31 - 未知 - LSA: Security Packages - C:\WINDOWS\system32\kerberos.dll - Microsoft Corporation - Kerberos Security Package - 5.1.2600.2698 - 295936 - e5f30164055d6441a4def03a97158f49
O31 - 未知 - LSA: Security Packages - sv1_0.dll - - - - 0 -
O31 - 未知 - LSA: Security Packages - channel.dll - - - - 0 -
=======================================
O40 - Explorer.EXE - Adobe Systems, Inc. - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll - PDF Shell Extension - 2094bc9a0fc9c0e15eea5f4a9581dd14
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll - Microsoft? C Runtime Library - e4fece18310e23b1d8fee993e35e7a6f
O40 - Explorer.EXE - - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll - ACE Context Menu - 3a9f70479a886dcc8e5151326156472d
O40 - Explorer.EXE - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\shlext.dll - ShlExt.dll - 655a36ab49696ffe33fb376719b298c1
O40 - Explorer.EXE - Microsoft Corporation - C:\Program Files\Avira\AntiVir PersonalEdition Classic\MFC71U.DLL - MFCDLL Shared Library - Retail Version - 7b93c623333f121dc9e689ccb1b7a733
O40 - Explorer.EXE - Microsoft Corporation - C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCR71.dll - Microsoft? C Runtime Library - 86f1895ae8c5e8b17d99ece768a70732
O40 - Explorer.EXE - Microsoft Corporation - C:\Program Files\Avira\AntiVir PersonalEdition Classic\MSVCP71.dll - Microsoft? C++ Runtime Library - 561fa2abb31dfa8fab762145f81667c2
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\MFC71CHS.DLL - MFC Language Specific Resources - ecfff2dffbb1cae3a00cb2ab9bff8cef
O40 - Explorer.EXE - FFHOME.COM - C:\WINDOWS\system32\FFRenPro.dll - FF's Rename Professional Service - 2ac49253011c30096cac9455054ec12b
O40 - Explorer.EXE - GlobalSCAPE Texas, LP. - d:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\CuteShell.dll - - 9e29ac81e4303ff0878fb4ba100b688f
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_39049d00\MFC80U.DLL - MFCDLL Shared Library - Retail Version - 6a9307604579161a739d79ffacf7d31b
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll - Microsoft? C++ Runtime Library - 4c8a880eabc0b4d462cc4b2472116ea1
O40 - Explorer.EXE - EZB Systems, Inc. - d:\Program Files\UltraISO\isoshell.dll - ISOShell - 9c9e7dd001b69e4e4a70f8dadf454867
O40 - Explorer.EXE - - C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll - DsBho - 38a3d26da8d501b0759b5271c8d8fbc9
O40 - Explorer.EXE - Thunder Networking Technologies,LTD - C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll - DataProcessor - c6dad0e7c33273f16614577ba0982a16
O40 - Explorer.EXE - Broadcom Corporation. - C:\WINDOWS\system32\BTNCopy.dll - BTNCopy Module - 5aba42ae8fbfd4c5d309406227643cab
O40 - svchost.exe - Microsoft Corporation - c:\windows\system32\wiaservc.dll - Still Image Devices Service - dc750a7adc5ecb85a12729285fb72653
=======================================
O41 - DNSeFilter - EDS Filter Driver (DNSe V47) - C:\WINDOWS\system32\drivers\SamsungEDS.sys - (running) - EDS Filter Driver (DNSe V47) - Samsung Electronics,.LTD - 7a46d39bc347af729366179cc177fbf1
O41 - DOSMEMIO - DOSMEMIO - C:\WINDOWS\system32\MEMIO.SYS - (running) - - - 8a4cb9438571814b128b6dc30d698064
O41 - ISODrive - ISO DVD/CD-ROM Device Driver - d:\Program Files\UltraISO\drivers\ISODrive.sys - (running) - ISO DVD/CD-ROM Device Driver - EZB Systems, Inc. - 4871d582ac62422594b46f79a8243029
O41 - oreans32 - oreans32 - C:\WINDOWS\system32\drivers\oreans32.sys - (running) - - - 21dc5b289dce2d32a32baab7bcf29a6a
O41 - RsAntiSpyware - Anti-RootKit Driver - C:\WINDOWS\system32\drivers\RsBoot.sys - (running) - Anti-RootKit Driver - Beijing Rising Technology Co., Ltd. - f9edc97f228c046832a24b5a76017912
O41 - SnaKillDrv - SnaKillDrv - C:\WINDOWS\system32\drivers\SnaKillDrv.sys - (running) - - - 24d2c49c8b2bc4316ebe02e843991a9a
O41 - ASTDriver - ASTDriver - D:\[软件]\杀毒\ast\ast\ASTDriver.sys - (not running) - - Windows (R) Server 2003 DDK provider - 4ac15233b837bc5384ed54802f1272e9
O41 - bootdrv - bootdrv - C:\WINDOWS\System32\Drivers\bootdrv.sys - (not running) - - -
O41 - FTCProtect - FTCProtect - C:\WINDOWS\System32\Drivers\FTCProtect.sys - (not running) - - -
O41 - FTCProTime - FTCProTime - C:\WINDOWS\System32\Drivers\FTCProTime.sys - (not running) - - -
O41 - PCANDIS5 - PCANDIS5 - C:\WINDOWS\system32\PCANDIS5.SYS - (not running) - - -
O41 - ViBus - VIA SATA IDE Driver - C:\WINDOWS\system32\drivers\ViBus.sys - (not running) - VIA SATA IDE Driver - VIA Technologies, Inc. - fd85c55b66797542a8c8a7348ed0675a
=======================================
360Safe.exe=4.1.8.1004
AntiAdwa.dll=4.1.5.1001
AntiEng.dll=4.1.8.1001
AntiActi.dll=2.0.0.3000
CleanHis.dll=4.0.0.1001
live.dll=1.0.1.1027
=======================================
操作历史报告:
2008-03-18 16:33
清理其它插件 - 百度超级搜霸 - C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\因特网搜索.lnk
----------修复IE浏览器操作历史----------
2008-06-14 09:15
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
R1 - 危险 - IE左侧搜索页 - HKLM\Software\Microsoft\Internet Explorer\Main
R1 - 危险 - 启用备用搜索引擎 - HKCU\Software\Microsoft\Internet Explorer\Main
O28 - 危险 - IE链接的参数 - C:\DOCUME~1\ADMINI~1\「开始~1\程序\附件\系统工具\INTERN~1.LNK
2008-06-16 20:52
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
======================================= |