请卡饭高手帮我看看!
各位高手:非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
该诊断报告由360安全卫士提供 [url=http://www.360.cn]http://www.360.cn[/url]
诊断时间: 2008-08-25 15:55:45
诊断平台: Microsoft Windows XP Service Pack 3
IE版本: Internet Explorer V6.0.2900.5512 Build:62900.5512
计算机物理内存:239.36MB - 当前可用内存:34.39MB
100 - 未知 - Process: stormliv.exe [暴风影音媒体控制中心] - F:\single\视频\安装\stormliv.exe /asservice
100 - 未知 - Process: msrv.exe [UiPlayer] - C:\Program Files\UiTV\UiPlayer\msrv.exe
100 - 未知 - Process: TXPlatform.exe [Tencent Instant Messaging Platform] - C:\Program Files\Tencent\QQ\TXPlatform.exe
R0 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.baidu.com/
O1 - 未知 - Host: 127.0.0.1 localho
O1 - 未知 - Host: 127.0.0.1 dl2.teenpassage.com
O1 - 未知 - Host: 127.0.0.1 ntkrnlpa.info
O8 - 未知 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm
O9 - 未知 - Extra button: @xpsp3res.dll,-20001(HKLM) - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O15 - 未知 - Trusted Zone: jujumao.2345.com
O15 - 未知 - Trusted Zone: *.jujumao.cn
O15 - 未知 - Trusted Zone: *.jujumao.com
O15 - 未知 - Trusted Zone: bt.jujumao.com
O15 - 未知 - Trusted Zone: down.jujumao.com
O16 - 未知 - DPF: {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} (DLoader) - [url=http://dl.uc.sina.com/cab/downloader.cab]http://dl.uc.sina.com/cab/downloader.cab[/url]
O18 - 未知 - Protocol: 电子书编译工具Web Compiler相关 - {BBCA9F81-8F4F-11D2-90FF-0080C83D3571} - C:\WINDOWS\wc98pp.dll
O23 - 未知 - Service: ccosm [Contrl Center of Storm Media] - F:\single\视频\安装\stormliv.exe /asservice - (running)
O23 - 未知 - Service: mnmsrvc [使授权用户能够通过使用 NetMeeting 跨企业 intranet 远程访问此计算机。如果此服务被停用,远程桌面服务将不可用。如果此服务被禁用,任何依赖它的服务将无法启动。] - - (not running)
O23 - 未知 - Service: UiPlayer [Provides Media Service for Network User] - C:\Program Files\UiTV\UiPlayer\msrv.exe - (running)
=======================================
100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序,用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe
100 - 安全 - Process: avp.exe [卡巴斯基杀毒软件相关程序。] -
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k imgsvc
100 - 安全 - Process: wdfmgr.exe [windows media player播放器相关程序。] - C:\WINDOWS\system32\wdfmgr.exe
100 - 安全 - Process: alg.exe [这是一个应用层网关服务用于网络共享。] - C:\WINDOWS\System32\alg.exe
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件管理。] - C:\WINDOWS\Explorer.EXE
100 - 安全 - Process: 360tray.exe [360安全卫士实时监控程序。] - C:\Program Files\360safe\safemon\360Tray.exe
100 - 安全 - Process: avp.exe [卡巴斯基杀毒软件相关程序。] -
100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\system32\ctfmon.exe
100 - 安全 - Process: QQ.exe [腾讯公司出品的qq即时通讯软件。] - C:\Program Files\Tencent\QQ\QQ.exe
100 - 安全 - Process: iexplore.exe [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\iexplore.exe
100 - 安全 - Process: 360Safe.exe [360安全卫士相关程序。] - C:\Program Files\360safe\360Safe.exe
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
O4 - 安全 - HKLM\..\Run: [360Safetray] [360safe实时保护功能模块。] C:\Program Files\360safe\safemon\360Tray.exe /start
O4 - 安全 - HKLM\..\Run: [AVP] [卡巴斯基杀毒软件相关程序。] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe
O8 - 安全 - Extra context menu item: 使用迅雷下载 - C:\Program Files\Thunder\Program\geturl.htm
O8 - 安全 - Extra context menu item: 使用迅雷下载全部链接 - C:\Program Files\Thunder\Program\getallurl.htm
O8 - 安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - 安全 - Extra button: 卡巴斯基Web反病毒保护插件(HKLM) - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - 安全 - Extra button: Windows Messenger(HKLM) - C:\Program Files\Messenger\msmsgs.exe
O18 - 安全 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O21 - 安全 - Protocol Icons: Software\Microsoft\Internet Explorer\View Source Editor\Editor Name - C:\Program Files\IDM Computer Solutions\UltraEdit\uedit32.exe
O22 - 安全 - Filename Extention: UltraEdit-32编辑器 - UltraEdit.htm
O22 - 安全 - Filename Extention: UltraEdit-32编辑器 - UltraEdit.html
O23 - 安全 - Service: AVP [卡巴斯基杀毒软件相关服务。] - "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r - (running)
=======================================
O31 - 未知 - Folder Menu: {F9DB5320-233E-11D1-9F84-707F02C10627} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll - Adobe Systems, Inc. - PDF Shell Extension - 8.1.0.0 - 372736 - 2094bc9a0fc9c0e15eea5f4a9581dd14
O31 - 未知 - Notify: WgaLogon - WgaLogon.dll - - - - 0 -
O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll - - - - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:Shell extensions for file compression - - - - - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:加密上下文菜单 - - - - - 0 -
O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} - - - - - 0 -
O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - - - - - 0 -
O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} - - - - - 0 -
O31 - 未知 - SEApproved: 无效的CLSID:压缩(zipped)文件夹 - - - - - 0 -
O31 - 未知 - SEApproved: {143A62C8-C33B-11D1-84FE-00C04FA34A14} - C:\WINDOWS\msagent\agentpsh.dll - - - - 0 -
O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 127488 - c97844f70cb004b4de641c6f45cbbd01
O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 127488 - c97844f70cb004b4de641c6f45cbbd01
O31 - 未知 - LSA: Security Packages - sv1_0.dll - - - - 0 -
O31 - 未知 - LSA: Security Packages - channel.dll - - - - 0 -
=======================================
O40 - Explorer.EXE - Adobe Systems, Inc. - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll - PDF Shell Extension - 2094bc9a0fc9c0e15eea5f4a9581dd14
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCP80.dll - Microsoft? C++ Runtime Library - f33a2734000fc6d3dbae2e1337e2bb1f
O40 - Explorer.EXE - - C:\Program Files\IDM Computer Solutions\UltraEdit\ue32ctmn.dll - Shell Extension DLL - fda60a5f41c405672ff114d86956d52f
=======================================
O41 - DM9USB - NDIS 5.0 driver - C:\WINDOWS\system32\drivers\dm9usb.sys - (running) - NDIS 5.0 driver - DAVICOM Semiconductor, Inc. - cba7ec7d2cd6082d934ee40038c45d4d
O41 - klif - spuper-ptor - C:\WINDOWS\system32\drivers\klif.sys - (running) - spuper-ptor - Kaspersky Lab - 9256da35cee573515d346b4f3598b72e
O41 - 2310_00 - RR231x/230x Miniport Driver - C:\WINDOWS\system32\drivers\2310_00.sys - (not running) - RR231x/230x Miniport Driver - HighPoint Technologies, Inc. - 0dc1ae59d45a03c1cf20f844fbb2ab9c
O41 - aaatimeo - SRB Timout Control Driver - C:\WINDOWS\system32\drivers\aaatimeo.sys - (not running) - SRB Timout Control Driver - Microsoft Corporation - 700eedfd930871e73999e86e86b6e2e4
O41 - aac - Adaptec RAID Miniport Driver - C:\WINDOWS\system32\drivers\aac.sys - (not running) - Adaptec RAID Miniport Driver - Adaptec, Inc. - 568121a3ecdb569ebcafad40c9ee8844
O41 - aarich - Adaptec hostRAID for Serial ATA - C:\WINDOWS\system32\drivers\aarich.sys - (not running) - Adaptec hostRAID for Serial ATA - Adaptec, Inc. - 082de506b9f4fb9f44066a7a04f5549a
O41 - aec6210 - aec6210 - C:\WINDOWS\system32\drivers\aec6210.sys - (not running) - - ACARD Technology Corp. - 38e6c035e89fb8b079301e71b2523f3d
O41 - aec6260 - ID=0006, 0007 - C:\WINDOWS\system32\drivers\aec6260.sys - (not running) - ID=0006, 0007 - ACARD Technology Corp. - db227bd0ba1f29bb38950f8fd97caa35
O41 - aec6280 - AEC6280 Miniport Driver - C:\WINDOWS\system32\drivers\aec6280.sys - (not running) - AEC6280 Miniport Driver - ACARD Technology Corp. - 71c3ab81b22c151a2e2ba97ec53430ca
O41 - AEC6880 - AEC6880/90 PCI Ultra ATA133 RAID Adapter Driver - C:\WINDOWS\system32\drivers\AEC6880.sys - (not running) - AEC6880/90 PCI Ultra ATA133 RAID Adapter Driver - ACARD Technology Corp. - 415f252cee34bbf839acbcadb2bc85ce
O41 - aec6897 - RAID miniport driver for AEC6897/AEC6898 - C:\WINDOWS\system32\drivers\aec6897.sys - (not running) - RAID miniport driver for AEC6897/AEC6898 - ACARD Technology Corp. - 9941c8c24a5e40a65b347680ad98e000
O41 - Bgk04 - Bgk04 - C:\WINDOWS\System32\Drivers\Bgk04.sys - (not running) - - -
O41 - cda1000 - Adaptec Array1000Ultra160 Family Manager Set - C:\WINDOWS\system32\drivers\cda1000.sys - (not running) - Adaptec Array1000Ultra160 Family Manager Set - Adaptec, Inc. - 5de1200c99da1a5d7dc8b6509d95ca6e
O41 - FastSx - Promise FastTRAK SX4/SX4000 Driver for Windows - C:\WINDOWS\system32\drivers\FastSx.sys - (not running) - Promise FastTRAK SX4/SX4000 Driver for Windows - Promise Technology, Inc. - 7233d82f035917304849f35f521bdbc0
O41 - fasttrak - Promise FastTrak Series Driver for WinXP - C:\WINDOWS\system32\drivers\Fasttrak.sys - (not running) - Promise FastTrak Series Driver for WinXP - Promise Technology, Inc. - eb1c078d99cc081c1d2ae3a19e2284cc
O41 - fasttx2k - Promise Driver for Windows XP - C:\WINDOWS\system32\drivers\Fasttx2k.sys - (not running) - Promise Driver for Windows XP - Promise Technology, Inc. - 5d95724d3c3923449c02be1106657bcd
O41 - hpt374 - HPT374 Miniport Driver - C:\WINDOWS\system32\drivers\hpt374.sys - (not running) - HPT374 Miniport Driver - HighPoint Technologies, Inc. - 4f824641fb33e1376d34d6f3d9e7d338
O41 - hpt3xx - HPT3xx Miniport Driver - C:\WINDOWS\system32\drivers\hpt3xx.sys - (not running) - HPT3xx Miniport Driver - HighPoint Technologies, Inc. - 9f2dfe54317b1cd38143686935a278d9
O41 - hptmv - hptmv Miniport Driver - C:\WINDOWS\system32\drivers\hptmv.sys - (not running) - hptmv Miniport Driver - HighPoint Technologies, Inc. - 6b78e1bcc8dbd7f2b1a21843cb2b2254
O41 - hptmv6 - hptmv6 Miniport Driver - C:\WINDOWS\system32\drivers\hptmv6.sys - (not running) - hptmv6 Miniport Driver - HighPoint Technologies, Inc. - ca91cb60e08f18f4d678b74040f7c58e
O41 - hptpro - Hptpro - C:\WINDOWS\system32\drivers\hptpro.sys - (not running) - Hptpro - HighPoint Technologies, Inc. - 977716f8a6edda986fdb41de52bdb689
O41 - m5281 - ALi SATA RAID Controller Driver - C:\WINDOWS\system32\drivers\m5281.sys - (not running) - ALi SATA RAID Controller Driver - ALi Corporation - a51cd61975297508d4483fcbf931d86c
O41 - NPF - NPF Driver - TME extensions - C:\WINDOWS\system32\drivers\npf.sys - (not running) - NPF Driver - TME extensions - Politecnico di Torino - f498c5c3399a60933196fc215ef074f9
O41 - Pnp649r - IDE RAID miniport driver - C:\WINDOWS\system32\drivers\pnp649r.sys - (not running) - IDE RAID miniport driver - CMD Technology, Inc. - 5a5a6a1003eecd15df2f383972e86188
O41 - raidsrc - Intel(r) Miniport Driver - C:\WINDOWS\system32\drivers\raidsrc.sys - (not running) - Intel(r) Miniport Driver - Intel - c46d405124b1eeab53cd7886781a26bd
O41 - rr232x - RR232x Miniport Driver - C:\WINDOWS\system32\drivers\rr232x.sys - (not running) - RR232x Miniport Driver - HighPoint Technologies, Inc. - 7c0ba4a5d617210f0be8baaecc60c1c9
O41 - sptrak - Promise SuperTrak Family Driver for WindowsNT - C:\WINDOWS\system32\drivers\sptrak.sys - (not running) - Promise SuperTrak Family Driver for WindowsNT - Promise Technology, Inc. - b04bdc24f80ecb319f64189194399989
O41 - Symmpi - LSI Logic Fusion-MPT MiniPort Driver (ScsiPort) - C:\WINDOWS\system32\drivers\symmpi.sys - (not running) - LSI Logic Fusion-MPT MiniPort Driver (ScsiPort) - LSI Logic - 24a0901cafcee7343ee62565bcfb7c9a
O41 - TesSafe - TesSafe NT Driver - C:\WINDOWS\system32\TesSafe.sys - (not running) - TesSafe NT Driver - TENCENT - 71d1b784049c48e92b5875d693f8e985
O41 - ultra - Promise Ultra Series Driver for WindowsXP - C:\WINDOWS\system32\drivers\Ultra.sys - (not running) - Promise Ultra Series Driver for WindowsXP - Promise Technology, Inc. - 41202827a5d13905ddd84e9f3219ddfc
O41 - viamraid - VIA AHCI RAID DRIVER FOR WIN XP/SRV2003 - C:\WINDOWS\system32\drivers\viamraid.sys - (not running) - VIA AHCI RAID DRIVER FOR WIN XP/SRV2003 - VIA Technologies inc,.ltd - 7dc3e1dc6e4f8be381c31bfea578412a
=======================================
360Safe.exe=4.2.0.1010
AntiAdwa.dll=4.2.0.1001
AntiEng.dll=4.2.0.1001
AntiActi.dll=2.0.0.3000
CleanHis.dll=4.2.0.1002
live.dll=1.0.1.1027
=======================================
操作历史报告:
----------清理恶评及系统插件历史----------
2008-08-24 15:28
清理恶评软件 - nordsys.exe木马 -
清理恶评软件 - Dljj恶意程序 -
清理恶评软件 - Xxpopo恶意程序 -
清理恶评软件 - Win32.Agent.wbem恶意木马 -
2008-08-24 22:12
清理恶评软件 - Win32.Agent.wbem恶意木马 -
2008-04-01 13:47
清理恶评插件 - 百度超级搜霸 - C:\Program Files\baidu\bar
清理恶评插件 - 百度搜索伴侣 - C:\Program Files\baidu\iexp
2008-04-01 13:47
清理好评插件 - 超级旋风下载组件 -
清理好评插件 - KooWo - C:\Program Files\KWMUSIC
2008-05-06 16:14
清理好评插件 - 悠视网络电视 -
2008-08-14 11:11
清理其它插件 - 超级旋风下载组件 -
2008-08-24 15:21
清理恶评插件 - 未知自动运行程序(Autorun) - C:\autorun.inf
清理恶评插件 - nordsys.exe木马 - C:\WINDOWS\system32\SVCP.CSV
清理恶评插件 - 任务管理器被禁用 -
清理恶评插件 - HBmhly恶意木马 - C:\WINDOWS\system32\BACKEX~1.EXE
清理恶评插件 - Dljj恶意程序 - C:\WINDOWS\neos.exe
清理恶评插件 - Xxpopo恶意程序 - C:\WINDOWS\CROCK_~1.CON
清理恶评插件 - Trojan.dl.WinCtrl32恶意木马 - C:\WINDOWS\system32\MYBHO.DLL
清理恶评插件 - Win32.Agent.wbem恶意木马 - C:\WINDOWS\FACEBA~1.EXE
2008-08-24 20:43
清理恶评插件 - 未知自动运行程序(Autorun) - C:\autorun.inf
清理恶评插件 - 任务管理器被禁用 -
2008-08-24 21:58
清理恶评插件 - retadpu风险程序 -
清理恶评插件 - 伪spool服务后门木马 -
清理恶评插件 - Win32.Agent.wbem恶意木马 - C:\WINDOWS\FACEBA~1.EXE
2008-08-25 11:18
清理恶评插件 - 任务管理器被禁用 -
----------全面诊断修复历史----------
2008-08-24 20:44
100 - 危险 - EXPLORER.EXE - C:\Program Files\EXPLORER.EXE
O7 - 危险 - 禁止使用注册表编辑器 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
2008-08-25 15:55
100 - 危险 - EXPLORER.EXE - C:\Program Files\EXPLORER.EXE
O7 - 危险 - 禁止使用注册表编辑器 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System
----------修复IE浏览器操作历史----------
2008-04-01 13:47
R0 - 危险 - IE搜索页 - HKCU\Software\Microsoft\Internet Explorer\Main
R1 - 危险 - IE左侧搜索页 - HKLM\Software\Microsoft\Internet Explorer\Main
R1 - 危险 - 启用备用搜索引擎 - HKCU\Software\Microsoft\Internet Explorer\Main
2008-08-13 13:44
R0 - 危险 - IE首页 - HKCU\Software\Microsoft\Internet Explorer\Main
O22 - 危险 - .TXT文件关联 - "C:\Program Files\IDM Computer Solutions\UltraEdit\UEdit32.exe" "%1" 有疑问请按版规扫描完整SRE日志上来 不知道这个是什么东东
O41 - Bgk04 - Bgk04 - C:\WINDOWS\System32\Drivers\Bgk04.sys - (not running) - - -
扫sreng日志上来看看
页:
[1]