|
不定时假死
各位高手:
电脑可能中了病毒,总是隔个几分钟,假死几十秒(鼠标无法动),然后恢复正常。以下是360诊断报告
非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
该诊断报告由360安全卫士提供
诊断时间: 2009-02-27 11:27:48
诊断平台: microsoft windows xp service pack 3
ie版本: internet explorer v7.0.5730.13 build:75730
计算机物理内存:2.00gb - 当前可用内存:1.22gb
100 - 未知 - process: wpservice.exe [webprotect] - c:\program files\cmbchina\webprotect\wpservice.exe
100 - 未知 - process: apoint.exe [alps pointing-device driver] - c:\program files\delltpad\apoint.exe
100 - 未知 - process: googleupdater.exe [google updater] - c:\program files\google\google updater\googleupdater.exe
100 - 未知 - process: lingoes.exe [lingoes dictionary and text translation tool] - e:\program files\lingoes\translator2\lingoes.exe
100 - 未知 - process: apmsgfwd.exe [apmsgfwd] - c:\program files\delltpad\apmsgfwd.exe
100 - 未知 - process: apntex.exe [alps pointing-device driver for windows nt/2000/xp/vista] - c:\program files\delltpad\apntex.exe
100 - 未知 - process: qq.exe [qq] - e:\program files\tencent\qq\qq.exe
100 - 未知 - process: txplatform.exe [tencent instant messaging platform] - e:\program files\tencent\qq\txplatform.exe
100 - 未知 - process: maxthon.exe [maxthon browser] - e:\program files\maxthon2\maxthon.exe
100 - 未知 - process: winword.exe [microsoft office word] - e:\program files\microsoft office\office11\winword.exe
100 - 未知 - process: excel.exe [microsoft office excel] - e:\program files\microsoft office\office11\excel.exe
100 - 未知 - process: qq.exe [qq] - e:\program files\tencent\qq\qq.exe
r0 - 未知 - hkcu\software\microsoft\internet explorer\main,start page=http://www.google.cn/webhp?hl=zh-cn&rlz=1w1bjyt
r0 - 未知 - hkcu\software\microsoft\internet explorer\main,search page=http://www.google.com
r1 - 未知 - hklm\software\microsoft\internet explorer\main,search bar=http://ie.search.msn.com/{sub_rfc1766}/srchasst/srchasst.htm
r1 - 未知 - hkcu\software\microsoft\internet explorer\main,search bar=http://www.google.com/ie
r1 - 未知 - hkcu\software\microsoft\internet explorer\main,use search asst=no
o1 - 未知 - host: 127.0.0.1 secure.flashfxp.com
o1 - 未知 - host: 127.0.0.1 liveupdate.inicom.net
o2 - 未知 - bho: (adobe pdf link helper) - [adobe pdf helper for internet explorer] - {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll
o2 - 未知 - bho: (webprotect) - [webprotect] - {53763d1d-9ca8-4c7c-9756-a8e6b8fc063b} - c:\program files\cmbchina\webprotect\webprotect.dll
o2 - 未知 - bho: (boc processprotect class) - [processprotection module for bank of china] - {776b71e2-b4cc-4c94-bc7c-09103aa690b6} - processprotection.dll
o2 - 未知 - bho: (adobe pdf conversion toolbar helper) - [adobe ie plugin] - {ae7cd045-e861-484f-8273-0445ee161910} - e:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll
o2 - 未知 - bho: (google toolbar notifier bho) - [googletoolbarnotifier] - {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.0.926.3450\swg.dll
o2 - 未知 - bho: (宏杰加密辅助程序) - [无效的clsid:{be5ead7d-1c3a-4dde-9a8d-5ae1b426e88f}] - {be5ead7d-1c3a-4dde-9a8d-5ae1b426e88f} - c:\windows\system32\hjjm.dll
o3 - 未知 - toolbar: (adobe pdf) - [adobe ie plugin] - {47833539-d0c5-4125-9fa8-0819e2eaac93} - e:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll
o4 - 未知 - hkcu\..\run: [lingoes] [lingoes dictionary and text translation tool] e:\program files\lingoes\translator2\lingoes.exe
o8 - 未知 - extra context menu item: &使用超级旋风下载 - e:\program files\tencent\qqdownload\geturl.htm
o8 - 未知 - extra context menu item: &使用超级旋风下载全部链接 - e:\program files\tencent\qqdownload\getallurl.htm
o8 - 未知 - extra context menu item: 使用uusee下载 - c:\program files\uusee\geturltodown.htm
o8 - 未知 - extra context menu item: 使用uusee加速播放 - c:\program files\uusee\geturltoplay.htm
o8 - 未知 - extra context menu item: 添加到qq表情 - e:\program files\tencent\qq\addemotion.htm
o8 - 未知 - extra context menu item: 转换为 adobe pdf - res://e:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroiecapture.html
o8 - 未知 - extra context menu item: 转换为现有 pdf - res://e:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroieappend.html
o8 - 未知 - extra context menu item: 转换选定的链接为 adobe pdf - res://e:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroiecapturesellinks.html
o8 - 未知 - extra context menu item: 转换选定的链接为现有 pdf - res://e:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroieappendsellinks.html
o8 - 未知 - extra context menu item: 转换选项为 adobe pdf - res://e:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroiecapture.html
o8 - 未知 - extra context menu item: 转换选项为现有 pdf - res://e:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroieappend.html
o8 - 未知 - extra context menu item: 转换链接目标为 adobe pdf - res://e:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroiecapture.html
o8 - 未知 - extra context menu item: 转换链接目标为现有 pdf - res://e:\program files\adobe\acrobat 7.0\acrobat\acroiefavclient.dll/acroieappend.html
o9 - 未知 - extra button: 百度首页(hklm) - ?tn=lordfox_7_dg
o9 - 未知 - extra button: sun java 控制台(hklm) - c:\program files\java\jre1.6.0_07\bin\ssv.dll
o9 - 未知 - extra button: 启动迅雷5(hklm) - e:\program files\thunder network\thunder\thunder.exe
o9 - 未知 - extra button: 信息检索(hklm) - e:\progra~1\micros~1\office11\refiebar.dll
o9 - 未知 - extra button: pplive(hklm) - e:\program files\pplive\pplive.exe
o9 - 未知 - extra button: 很快视频搜索(hklm) - ?from=iebannel
o9 - 未知 - extra button: 启动uusee 网络电视(hklm) - c:\program files\uusee\uuseeplayer.exe
o9 - 未知 - extra button: @xpsp3res.dll,-20001(hklm) - c:\windows\network diagnostic\xpnetdiag.exe
o11 - 未知 - options group: 百度搜索伴侣
o15 - 未知 - trusted zone: http:221.208.242.29
o15 - 未知 - trusted zone: http:221.208.250.138
o15 - 未知 - trusted zone: https://ebs.boc.cn
o15 - 未知 - trusted zone: http:cncmax.cn
o15 - 未知 - trusted zone: http:cncmax.hl.cn
o15 - 未知 - trusted zone: http:cncmax.tj.cn
o15 - 未知 - trusted zone: https://mail.gmiretail.cn
o15 - 未知 - trusted zone: http:passport.cncmax.cn
o16 - 未知 - dpf: {05f5f404-7c24-4b39-b5cc-340cedeb9c0d} (photodrawex) -
o16 - 未知 - dpf: {1e0dffcf-27ff-4574-849b-55007349feda} (itruspta) - https://img.alipay.com/download/1101/aliedit.cab
o16 - 未知 - dpf: {2375bee5-f175-4f1c-81ec-8e4e2e72e2dd} (photodraw) -
o16 - 未知 - dpf: {488a4255-3236-44b3-8f27-fa1aecaa8844} (editctrl) - https://img.alipay.com/download/2121/aliedit.cab
o16 - 未知 - dpf: {5bdba960-6534-11d3-97c7-00500422b550} (lotusdrscontrol) - https://mail.gmiretail.cn/download/dolcontrol.cab
o16 - 未知 - dpf: {a01eb014-728e-44a0-9d1e-a4fc50abe890} (capture) - https://forum.cmbchina.com/pcs/screen/capscrn.cab
o16 - 未知 - dpf: {cafeefac-0014-0002-0012-abcdeffedcba} (java plug-in 1.4.2_12) -
o16 - 未知 - dpf: {cafeefac-0016-0000-0007-abcdeffedcba} (java plug-in 1.6.0_07) -
o16 - 未知 - dpf: {e008a543-cefb-4559-912f-c27c2b89f13b} (domino web access 7 control) - https://mail.gmiretail.cn/dwa7w.cab
o16 - 未知 - dpf: {e06e2e99-0aa1-11d4-aba6-0060082aa75c} (gpccontainer) - https://gmiretail.webex.com.cn/client/t26l/webex/ieatgpc.cab
o16 - 未知 - dpf: {f3e70cea-956e-49cc-b444-73afe593ad7f} (xpplayer) -
o18 - 未知 - protocol: 电子书编译工具web compiler相关 - {bbca9f81-8f4f-11d2-90ff-0080c83d3571} - c:\windows\wc98pp.dll
o18 - 未知 - protocol: livecall - {828030a1-22c1-4009-854f-8e305202313f} - c:\progra~1\window~4\messen~1\msgrap~1.dll
o18 - 未知 - protocol: msnim - {828030a1-22c1-4009-854f-8e305202313f} - c:\progra~1\window~4\messen~1\msgrap~1.dll
o21 - 未知 - protocol icons: hkcr\http\shell\open\command - "e:\program files\maxthon2\maxthon.exe" "%1"
o21 - 未知 - protocol icons: hkcr\https\shell\open\command - "e:\program files\maxthon2\maxthon.exe" "%1"
o21 - 未知 - protocol icons: hkcr\htmlfile\shell\open\command - "e:\program files\maxthon2\maxthon.exe" "%1"
o22 - 未知 - filename extention: .pif - "%1" %*"
o23 - 未知 - service: ccosm [contrl center of storm media] - e:\program files\stormii\stormliv.exe /asservice - (not running)
o23 - 未知 - service: cmbwps [招商银行一网通网盾服务模块] - c:\program files\cmbchina\webprotect\wpservice.exe /start - (running)
o23 - 未知 - service: diskeeper [diskeeper] - "e:\program files\diskeeper corporation\diskeeper\dkservice.exe" - (not running)
o23 - 未知 - service: googledesktopmanager-061008-081103 [google 桌面管理器 5.7.806.10245] - "c:\program files\google\google desktop search\googledesktop.exe" - (not running)
o23 - 未知 - service: idsvc [securely enables the creation, management, and disclosure of digital identities.] - "c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe" - (error)
o23 - 未知 - service: nettcpportsharing [provides ability to share tcp ports over the net.tcp protocol.] - "c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe" - (not running)
o23 - 未知 - service: nicconfigsvc [配置内部网卡电源管理设置。] - c:\program files\dell\quickset\nicconfigsvc.exe - (running)
o23 - 未知 - service: pnkbstra [punkbuster service component [v1023] ] - "f:\game\electronic arts\medal of honor airborne\unrealengine3\mohagame\pb\pnkbstra.exe" - (not running)
o23 - 未知 - service: rampartsvc [provides route management api for sonicwall vpn client] - c:\program files\sonicwall\sonicwall global vpn client\rampartsvc.exe - (not running)
o23 - 未知 - service: servicelayer [servicelayer] - "c:\program files\pc connectivity solution\servicelayer.exe" - (not running)
o23 - 未知 - service: stacsv [manages sigmatel audio universal jack configurations.] - c:\program files\sigmatel\c-major audio\dellxpm_5515v131\wdm\stacsv.exe - (not running)
o23 - 未知 - service: stllssvr [stllssvr] - "c:\program files\common files\surething shared\stllssvr.exe" - (not running)
o28 - 未知 - ielink: c:\docume~1\admini~1\「开始~1\程序\附件\系统工具\intern~1.lnk - -extoff
=======================================
100 - 安全 - process: smss.exe [进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - c:\windows\system32\smss.exe
100 - 安全 - process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - c:\windows\system32\csrss.exe objectdirectory=\windows sharedsection=1024,3072,512 windows=on subsystemtype=windows serverdll=base
100 - 安全 - process: winlogon.exe [windows nt用户登陆程序。] - c:\windows\system32\winlogon.exe
100 - 安全 - process: services.exe [用于管理windows服务系统进程。] - c:\windows\system32\services.exe
100 - 安全 - process: lsass.exe [本地安全权限服务控制windows安全机制。] - c:\windows\system32\lsass.exe
100 - 安全 - process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - c:\windows\system32\svchost -k dcomlaunch
100 - 安全 - process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - c:\windows\system32\svchost -k rpcss
100 - 安全 - process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - c:\windows\system32\svchost.exe -k netsvcs
100 - 安全 - process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - c:\windows\system32\svchost.exe -k wudfservicegroup
100 - 安全 - process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - c:\windows\system32\svchost.exe -k networkservice
100 - 安全 - process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - c:\windows\system32\svchost.exe -k localservice
100 - 安全 - process: ccsetmgr.exe [symantec公司网络安全套装的一部分。] - c:\program files\common files\symantec shared\ccsetmgr.exe
100 - 安全 - process: ccevtmgr.exe [norton internet security网络安全套装的一部分,该进程会同反病毒与防火墙程序同时安装。] - c:\program files\common files\symantec shared\ccevtmgr.exe
100 - 安全 - process: spoolsv.exe [windows打印任务控制程序,用以打印机就绪。] - c:\windows\system32\spoolsv.exe
100 - 安全 - process: scardsvr.exe [对插入在计算机智能卡阅读器中的智能卡进行管理和访问控制。] - c:\windows\system32\scardsvr.exe
100 - 安全 - process: cdac11ba.exe [macrovision公司的版权保护软件,用于保护一些软件不被非法拷贝复制。] - c:\windows\system32\drivers\cdac11ba.exe
100 - 安全 - process: defwatch.exe [norton anti-virus扫描你的文件和email以检查病毒。] - c:\program files\symantec antivirus\defwatch.exe
100 - 安全 - process: nicconfigsvc.exe [戴尔公司出品的计算机电源管理软件相关程序。] - c:\program files\dell\quickset\nicconfigsvc.exe
100 - 安全 - process: nvsvc32.exe [nvidia driver helper service在nvida显卡驱动中被安装。] - c:\windows\system32\nvsvc32.exe
100 - 安全 - process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - c:\windows\system32\svchost.exe -k imgsvc
100 - 安全 - process: rtvscan.exe [norton anti-virus用以扫描你的文件和email中的病毒。] - c:\program files\symantec antivirus\rtvscan.exe
100 - 安全 - process: wmiprvse.exe [wmi 提供程序 (wmi provider) 在 wmi 和操作系统、应用程序以及其他系统的组件之间充当中介.此进程为合法的系统进程。] - c:\windows\system32\wbem\wmiprvse.exe
100 - 安全 - process: alg.exe [这是一个应用层网关服务用于网络共享。] - c:\windows\system32\alg.exe
100 - 安全 - process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - c:\windows\system32\svchost.exe -k httpfilter
100 - 安全 - process: 360tray.exe [360安全卫士实时保护模块] - e:\program files\360safe\safemon\360tray.exe
100 - 安全 - process: safeboxtray.exe [360安全卫士保险箱相关程序。] - c:\program files\360safebox\safeboxtray.exe
100 - 安全 - process: ccapp.exe [symantec公用应用客户端包含在norton antivirus 2003和norton personal firewall 2003。] - c:\program files\common files\symantec shared\ccapp.exe
100 - 安全 - process: vptray.exe [norton antivirus ce企业版杀毒软件的系统托盘。] - c:\progra~1\symant~1\vptray.exe
100 - 安全 - process: quickset.exe [quickset是戴尔提供的一种应用程序,提供快速访问相关配置。] - c:\program files\dell\quickset\quickset.exe
100 - 安全 - process: ctfmon.exe [office xp输入法图标。] - c:\windows\system32\ctfmon.exe
100 - 安全 - process: 360safe.exe [360安全卫士] - e:\program files\360safe\360safe.exe
100 - 安全 - process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件管理。] - c:\windows\explorer.exe
100 - 安全 - process: rundll32.exe [windows rundll32为了需要调用dlls的程序。] - c:\windows\system32\rundll32.exe
100 - 安全 - process: conime.exe [console ime ime输入法控制台软件。] - c:\windows\system32\conime.exe
r0 - 安全 - hklm\software\microsoft\internet explorer\main,search page=http://go.microsoft.com/fwlink/?linkid=54896
r0 - 安全 - hklm\software\microsoft\internet explorer\main,default_page_url=http://go.microsoft.com/fwlink/?linkid=69157
r0 - 安全 - hklm\software\microsoft\internet explorer\main,default_search_url=http://go.microsoft.com/fwlink/?linkid=54896
r1 - 安全 - hklm\software\microsoft\internet explorer\main,local page=c:\windows\system32\blank.htm
r1 - 安全 - hkcu\software\microsoft\internet explorer\main,local page=c:\windows\system32\blank.htm
r1 - 安全 - hkcu\software\microsoft\internet explorer\searchurl,(default)=http://www.google.com/keyword/%s
r3 - 安全 - urlsearchhook: (bdsearchhook class) - [百度搜索伴侣相关插件。] - {02496ebd-8455-48db-b3c7-5dac97d9f5a7} - c:\program files\baidu\iexp\bdsrhook.dll
o2 - 安全 - bho: (qqcyclonehelper class) - [腾讯出品的超级旋风下载组件相关文件。] - {00000000-12c9-4305-82f9-43058f20e8d2} - e:\program files\tencent\qqdownload\qqiehelper01.dll
o2 - 安全 - bho: (thunderatonce class) - [迅雷浏览器高级特性支持模块。] - {01443aec-0fd1-40fd-9c87-e93d1494c233} - e:\program files\thunder network\thunder\comdlls\tdatonce_now.dll
o2 - 安全 - bho: (bdsearchhook class) - [百度搜索伴侣相关插件。] - {02496ebd-8455-48db-b3c7-5dac97d9f5a7} - c:\program files\baidu\iexp\bdsrhook.dll
o2 - 安全 - bho: (ssvhelper class) - [sun java runtime environment相关文件。] - {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
o2 - 安全 - bho: (bandie class) - [百度超级搜霸相关插件。] - {77fef28e-eb96-44ff-b511-3185dea48697} - c:\progra~1\baidu\bar\baidubar.dll
o2 - 安全 - bho: (thunder browser helper) - [迅雷附带下载监视器相关文件。] - {889d2feb-5411-4565-8998-1dd2c5261283} - e:\program files\thunder network\thunder\comdlls\xunleibho_now.dll
o2 - 安全 - bho: (download_bho class) - [pplive相关文件。] - {a986e409-30cc-4185-89bb-ab212c104524} - c:\program files\ppliveva\downloadermanager.dll
o2 - 安全 - bho: (google toolbar helper) - [google搜索工具条。] - {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\googletoolbar.dll
o3 - 安全 - toolbar: (百度工具栏) - [百度超级搜霸相关程序。] - {b580cf65-e151-49c3-b73f-70b13fca8e86} - c:\progra~1\baidu\bar\baidubar.dll
o3 - 安全 - toolbar: (&google toolbar) - [google ie 客户端工具栏。] - {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\googletoolbar.dll
o4 - 安全 - hklm\..\run: [360safetray] [360safe实时保护功能模块。] e:\program files\360safe\safemon\360tray.exe /start
o4 - 安全 - hklm\..\run: [360safebox] [360安全卫士保险箱相关程序。] "c:\program files\360safebox\safeboxtray.exe" /r
o4 - 安全 - hklm\..\run: [ccapp] [诺顿杀毒或诺顿防火墙客户端软件] "c:\program files\common files\symantec shared\ccapp.exe"
o4 - 安全 - hklm\..\run: [dell quickset] [quickset是戴尔提供的一种应用程序,提供快速访问相关配置。] c:\program files\dell\quickset\quickset.exe
o4 - 安全 - hklm\..\run: [apoint] [alps公司为笔记本电脑生产的触控板的驱动程序。] c:\program files\delltpad\apoint.exe
o4 - 安全 - hklm\..\run: [bie] [百度搜索伴侣相关程序。] rundll32.exe c:\progra~1\baidu\iexp\bdsrhook.dll,rundll32
o4 - 安全 - hklm\..\runonce: [360safe] [360安全卫士] rundll32.exe e:\progra~1\360safe\antiadwa.dll,killadware
o4 - 安全 - hkcu\..\run: [ctfmon.exe] [office xp输入法图标。] c:\windows\system32\ctfmon.exe
o4 - 安全 - startup folder: [腾讯qq.lnk] [qq:即时通讯软件] c:\documents and settings\administrator\「开始」菜单\程序\启动\腾讯qq.lnk
o8 - 安全 - extra context menu item: 使用迅雷下载 - e:\program files\thunder network\thunder\program\geturl.htm
o8 - 安全 - extra context menu item: 使用迅雷下载全部链接 - e:\program files\thunder network\thunder\program\getallurl.htm
o8 - 安全 - extra context menu item: 导出到 microsoft office excel(&x) - res://e:\progra~1\micros~1\office11\excel.exe/3000
o9 - 安全 - extra button: windows messenger(hklm) - c:\program files\messenger\msmsgs.exe
o11 - 安全 - options group: international*
o11 - 安全 - options group: java sun
o16 - 安全 - dpf: {8ad9c840-044e-11d1-b3e9-00805f499d93} (java plug-in) -
o16 - 安全 - dpf: {cafeefac-ffff-ffff-ffff-abcdeffedcba} (java plug-in 1.5.0_11) -
o16 - 安全 - dpf: {f2eb8999-766e-4bf6-aaad-188d398c0d0b} (招商银行专业版) -
o18 - 安全 - protocol: office 相关 - {807553e5-5146-11d5-a672-00b0d022e945} - c:\program files\common files\microsoft shared\office11\msoxmlmf.dll
o18 - 安全 - protocol: office 相关 - {32505114-5902-49b2-880a-1f7738e5a384} - c:\progra~1\common~1\micros~1\webcom~1\11\owc11.dll
o23 - 安全 - service: c-dillacdac11ba [是macrovision safecast反复制保护软件。该进程是一些软件为了保护其产品不被盗版而安装的。] - c:\windows\system32\drivers\cdac11ba.exe - (running)
o23 - 安全 - service: ccevtmgr [诺顿防病毒软件相关程序。] - "c:\program files\common files\symantec shared\ccevtmgr.exe" - (running)
o23 - 安全 - service: ccpwdsvc [诺顿防病毒软件相关程序。] - "c:\program files\common files\symantec shared\ccpwdsvc.exe" - (not running)
o23 - 安全 - service: ccsetmgr [诺顿防病毒软件相关程序。] - "c:\program files\common files\symantec shared\ccsetmgr.exe" - (running)
o23 - 安全 - service: defwatch [诺顿防毒软件相关程序。] - "c:\program files\symantec antivirus\defwatch.exe" - (running)
o23 - 安全 - service: gusvc [google升级相关服务。] - "c:\program files\google\common\google updater\googleupdaterservice.exe" - (not running)
o23 - 安全 - service: nvsvc [是nvidia显示卡相关程序。] - c:\windows\system32\nvsvc32.exe - (running)
o23 - 安全 - service: pml driver hpz12 [是惠普psc 2100、2200、4100和6100系列打印机驱动服务。] - c:\windows\system32\hpzipm12.exe - (not running)
o23 - 安全 - service: savroam [诺顿防毒软件相关程序] - "c:\program files\symantec antivirus\savroam.exe" - (not running)
o23 - 安全 - service: sndsrvc [诺顿防毒软件相关程序。] - "c:\program files\common files\symantec shared\sndsrvc.exe" - (not running)
o23 - 安全 - service: spbbcsvc [诺顿防毒软件相关程序。] - "c:\program files\common files\symantec shared\spbbc\spbbcsvc.exe" - (not running)
o23 - 安全 - service: symantec antivirus [诺顿防毒软件相关程序。] - "c:\program files\symantec antivirus\rtvscan.exe" - (running)
o23 - 安全 - service: usnjsvc [windows live相关服务。] - "c:\program files\windows live\messenger\usnsvc.exe" - (not running)
o25 - 安全 - about: desktopitemnavigationfailure - res://ieframe.dll/navcancl.htm
o25 - 安全 - about: navigationcanceled - res://ieframe.dll/navcancl.htm
o25 - 安全 - about: navigationfailure - res://ieframe.dll/navcancl.htm
o25 - 安全 - about: offlineinformation - res://ieframe.dll/offcancl.htm
o25 - 安全 - about: postnotcached - res://ieframe.dll/repost.htm
=======================================
o31 - 未知 - seapproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll - - - - 0 -
o31 - 未知 - seapproved: 无效的clsid:shell extensions for file compression - - - - - 0 -
o31 - 未知 - seapproved: 无效的clsid:加密上下文菜单 - - - - - 0 -
o31 - 未知 - seapproved: {0df44eaa-ff21-4412-828e-260a8728e7f1} - - - - - 0 -
o31 - 未知 - seapproved: {00e7b358-f65b-4dcf-83df-cd026b94bfd4} - - - - - 0 -
o31 - 未知 - seapproved: {7a9d77bd-5403-11d2-8785-2e0420524153} - - - - - 0 -
o31 - 未知 - seapproved: {b41db860-8ee4-11d2-9906-e49fadc173ca} - e:\program files\winrar\rarext.dll - - - - 129024 - 60fe004235a8108446dcfc1e526fde0e
o31 - 未知 - seapproved: {32020a01-506e-484d-a2a8-be3cf17601c3} - c:\progra~1\alcoho~1\alcoho~1\axshlex.dll - alcohol soft development team - axshlex.dll - 1.4.7.1024 - 387584 - 0c1d3ca7d2c8a48ab01dfa958e150169
o31 - 未知 - seapproved: {d25b2cab-8a9a-4517-a9b2-cb5f68a5a802} - e:\program files\adobe\acrobat 7.0\acrobat elements\contextmenu.dll - adobe systems inc. - adobe acrobat context menu - 7.0.7.142 - 581632 - f72f179a6a23c77988f31cee8c5d2326
o31 - 未知 - seapproved: {e82a2d71-5b2f-43a0-97b8-81be15854de8} - c:\windows\system32\dfshim.dll - microsoft corporation - application deployment support library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
o31 - 未知 - seapproved: {e37e2028-ce1a-4f42-af05-6ceabc4e5d75} - c:\windows\system32\dfshim.dll - microsoft corporation - application deployment support library - 2.0.50727.42 - 83456 - b3511383c8be3a8c5b88a78971fc1141
o31 - 未知 - seapproved: {1cdb2949-8f65-4355-8456-263e7c208a5d} - c:\windows\system32\nvshell.dll - - - 6.14.10.11154 - 466944 - f09fd7d8b7f61094b99fde59c5ca4450
o31 - 未知 - seapproved: {1e9b04fb-f9e5-4718-997b-b8da88302a47} - c:\windows\system32\nvshell.dll - - - 6.14.10.11154 - 466944 - f09fd7d8b7f61094b99fde59c5ca4450
o31 - 未知 - seapproved: {1e9b04fb-f9e5-4718-997b-b8da88302a48} - c:\windows\system32\nvshell.dll - - - 6.14.10.11154 - 466944 - f09fd7d8b7f61094b99fde59c5ca4450
o31 - 未知 - directory menu: {b41db860-8ee4-11d2-9906-e49fadc173ca} - e:\program files\winrar\rarext.dll - - - - 129024 - 60fe004235a8108446dcfc1e526fde0e
o31 - 未知 - lsa: security packages - sv1_0.dll - - - - 0 -
o31 - 未知 - lsa: security packages - channel.dll - - - - 0 -
=======================================
o40 - explorer.exe - - c:\program files\filezilla ftp client\fzshellext.dll - fzshellext dynamic link library - 27ee63046e4a98f15624f9b09a9c8788
o40 - explorer.exe - - e:\program files\lingoes\translator2\opentext.dll - - b6cbb18b5cd0908ce4c611197a18e212
o40 - explorer.exe - microsoft corporation - c:\windows\system32\msvcp71.dll - microsoft? c++ runtime library - 561fa2abb31dfa8fab762145f81667c2
o40 - explorer.exe - microsoft corporation - c:\windows\system32\msvcr71.dll - microsoft? c runtime library - 86f1895ae8c5e8b17d99ece768a70732
o40 - explorer.exe - - c:\program files\baidu\iexp\bdsrhook.dll - baidu search companion - d743a3f31b9a678c95e36b737255e2e9
o40 - explorer.exe - thunder networking technologies,ltd - e:\program files\thunder network\thunder\components\resworker\dsbho_00.dll - dsbho - bbd8a50b5c0e2ae52bc5ef5aa9a6c7dd
o40 - explorer.exe - thunder networking technologies,ltd - e:\program files\thunder network\thunder\components\resworker\dataprocessor_00.dll - dataprocessor - 372a011aafddd3f8f6e7bb6fc8ad16c4
o40 - explorer.exe - microsoft corporation - c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll - microsoft? c runtime library - e4fece18310e23b1d8fee993e35e7a6f
o40 - rundll32.exe - - c:\progra~1\baidu\iexp\bdsrhook.dll - baidu search companion - d743a3f31b9a678c95e36b737255e2e9
=======================================
o41 - a347bus - plug and play bios extension - c:\windows\system32\drivers\a347bus.sys - (running) - plug and play bios extension - - 1f61cacacb521215f39061789147968c
o41 - a347scsi - scsi miniport - c:\windows\system32\drivers\a347scsi.sys - (running) - scsi miniport - - 113e4b318bbaa7483ca4e582a4d63f49
o41 - adsrsvc - dynamic link library - c:\windows\system32\drivers\adsrsvc.sys - (running) - dynamic link library - - d14bdc5d744a78b841684d78434ef1ea
o41 - appdrv - app support driver - c:\windows\system32\drivers\appdrv.sys - (running) - app support driver - dell inc - ec94e05b76d033b74394e7b2175103cf
o41 - bdguard - bdguard dynamic link library - c:\windows\system32\drivers\bdguard.sys - (running) - bdguard dynamic link library - - d8ad2f959208197455aa4a2a67be9f69
o41 - cdac15ba - macrovision security driver - c:\windows\system32\drivers\cdac15ba.sys - (running) - macrovision security driver - macrovision europe ltd - 08f60f40d1a2a95a1f12eddbd9f25c1c
o41 - cmb8100 - cmb8100 - c:\windows\system32\drivers\certclient.dat - (running) - - - 2952e136a2e7b7b6b55e9ad125b11489
o41 - cmbprotector - cmbprotector - c:\windows\system32\drivers\cmbprotector.dat - (running) - - - ba2e66e85dd0af4c5414f7b58ad5fc64
o41 - protector - protector - c:\windows\system32\drivers\protector.sys - (running) - - - 3fc37041f6de8265f91b3de2cdedf622
o41 - protectora - protectora - c:\windows\system32\drivers\protectora.sys - (running) - - - 73e02417eccee528729bf3924baea02b
o41 - rcfox - sonicwall vpn client ipsec driver for windows 98/me/nt/2000/xp/pocket pc - c:\windows\system32\drivers\rcfox.sys - (running) - sonicwall vpn client ipsec driver for windows 98/me/nt/2000/xp/pocket pc - sonicwall, inc. - c0bd2630706b705557f7c74a4d5fd20b
o41 - npf - npf - c:\windows\system32\drivers\npf.sys - (not running) - npf - cace technologies - 2c19036687354db0ed375040afa0d735
=======================================
360safe.exe=5.0.0.1030
antiadwa.dll=4.2.0.1002
antieng.dll=4.4.0.1003
antiacti.dll=2.0.0.3000
cleanhis.dll=4.2.0.1002
live.dll=1.0.1.1030
=======================================
操作历史报告:
2008-10-13 11:11
清理恶评插件 - cnwin class -
清理恶评插件 - pctools -
清理恶评插件 - windows临时文件 - c:\docume~1\admini~1\locals~1\temp\setb0.tmp
清理恶评插件 - 浏览器访问劫持hjtool - c:\windows\system32\hjtool~1.dll
2008-11-01 20:41
清理恶评插件 - windows临时文件 - c:\docume~1\admini~1\locals~1\temp\glb4.tmp
2009-01-21 13:16
清理恶评插件 - windows临时文件 - c:\docume~1\admini~1\locals~1\temp\~e5d141.tmp
2009-02-27 11:09
清理恶评插件 - windows临时文件 - c:\docume~1\admini~1\locals~1\temp\set1.tmp
清理恶评插件 - 百度搜索伴侣 - c:\progra~1\baidu\iexp\bdsrhook.dll
----------全面诊断修复历史----------
2009-02-27 11:24
100 - 未知 - stacsv.exe - c:\program files\sigmatel\c-major audio\dellxpm_5515v131\wdm\stacsv.exe
100 - 未知 - hidfind.exe - c:\program files\delltpad\hidfind.exe
100 - 未知 - pltbar.exe - e:\program files\rds\pltbar.exe
o2 - 未知 - 浏览器辅助对象(bho) -
=======================================
360安全卫士,彻底查杀各种流氓软件,全面保护系统安全
最新免费下载:
(责任编辑:admin) |
