各位高手:
非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
该诊断报告由360安全卫士提供 http://www.360safe.com
诊断时间: 2007-04-11 19:37:34
诊断平台: Microsoft Windows XP Service Pack 2
IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180
计算机物理内存: 2GB - 当前可用内存: 1GB
100 - 未知 - Process: btwdins.exe [Bluetooth Support Server] - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
100 - 未知 - Process: TPHKMGR.exe [] - C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
100 - 未知 - Process: LPMGR.EXE [ThinkVantage Productivity Center Manager] - C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
100 - 未知 - Process: Amsg.exe [Message Center] - C:\PROGRA~1\THINKV~2\AMSG\Amsg.exe
100 - 未知 - Process: DLACTRLW.EXE [Drive Letter Access Component] - C:\WINDOWS\System32\DLA\DLACTRLW.EXE
100 - 未知 - Process: IPSSVC.EXE [IPS Core Service] - C:\WINDOWS\system32\IPSSVC.EXE
100 - 未知 - Process: AcPrfMgrSvc.exe [] - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
100 - 未知 - Process: scheduler_proxy.exe [scheduler_proxy Application] - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
100 - 未知 - Process: DkService.exe [DKSERVICE.EXE] - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
100 - 未知 - Process: AwaySch.EXE [Away Scheduler] - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
100 - 未知 - Process: suservice.exe [ThinkVantage System Update Service] - c:\program files\lenovo\system update\suservice.exe
100 - 未知 - Process: BTTray.exe [Bluetooth Tray Application] - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
100 - 未知 - Process: tvtsched.exe [ThinkVantage Scheduler] - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
100 - 未知 - Process: AcSvc.exe [ThinkVantage Access Connections Main Service Module] - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
100 - 未知 - Process: SvcGuiHlpr.exe [] - C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
100 - 未知 - Process: QQ.exe [QQ] - D:\qq\QQ.exe
100 - 未知 - Process: TIMPlatform.exe [TIMPlatform] - D:\qq\TIMPlatform.exe -Embedding
R0 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.google.com
R0 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL=http://www.lenovo.com/cn/zh/
R0 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://www.google.com/ie
R1 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://www.google.com/ie
R1 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Use Search Asst=no
O2 - 未知 - BHO: (DriveLetterAccess) - [Drive Letter Access Component] - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O4 - 未知 - HKLM\..\Run: [AMSG] [Message Center] C:\PROGRA~1\THINKV~2\AMSG\Amsg.exe
O4 - 未知 - HKLM\..\Run: [DiskeeperSystray] [DKICON.EXE] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - 未知 - HKLM\..\Run: [ACWLIcon] [] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - 未知 - HKLM\..\Run: [PWRMGRTR] [ThinkPad Power Manager Background Monitor and Tray Battery Gauge] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - 未知 - HKLM\..\Run: [BLOG] [] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - 未知 - HKLM\..\Run: [TVT Scheduler Proxy] [scheduler_proxy Application] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - 未知 - HKLM\..\Run: [AwaySch] [Away Scheduler] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O8 - 未知 - Extra context menu item: &使用BitComet下载 - res://D:\绿色软件\BitComet_0.86\BitComet.exe/AddLink.htm
O8 - 未知 - Extra context menu item: &使用BitComet下载全部链接 - res://D:\绿色软件\BitComet_0.86\BitComet.exe/AddAllLink.htm
O8 - 未知 - Extra context menu item: &使用BitComet下载本页视频 - res://D:\绿色软件\BitComet_0.86\BitComet.exe/AddVideo.htm
O8 - 未知 - Extra context menu item: 上传到QQ网络硬盘 - D:\qq\AddToNetDisk.htm
O8 - 未知 - Extra context menu item: 发送到 Bluetooth 设备(&B)... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - 未知 - Extra context menu item: 发送到 Bluetooth(&B) - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - 未知 - Extra context menu item: 添加到QQ自定义面板 - D:\qq\AddPanel.htm
O8 - 未知 - Extra context menu item: 添加到QQ表情 - D:\qq\AddEmotion.htm
O8 - 未知 - Extra context menu item: 用QQ彩信发送该图片 - D:\qq\SendMMS.htm
O9 - 未知 - Extra button: IBM Java 控制台(HKLM) -
O9 - 未知 - Extra button: 浩方对战平台(HKLM) - E:\复件ya\HFGameOPT\GameClient.exe
O9 - 未知 - Extra button: 信息检索(HKLM) - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - 未知 - Extra button: @btrez.dll,-12650(HKLM) - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - 未知 - Extra button: 更新 ThinkPad 软件(HKLM) - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O10 - 未知 - Winsock LSP: [SOCKS5 EZClient service provider hooks] [{87DFBA7C-682F-42D3-9F59-379E1152E868}]D:\eb\s5spi.dll
O10 - 未知 - Winsock LSP: [SOCKS5 EZClient service provider hooks] [{07B85992-100D-48D9-BDC4-77BACE66A9E6}]D:\eb\s5spi.dll
O10 - 未知 - Winsock LSP: [SOCKS5 EZClient service provider hooks] [{5BCBB4AB-4E5XXB52-905A-F7AAAF16183A}]D:\eb\s5spi.dll
O10 - 未知 - Winsock LSP: [SOCKS5 EZClient service provider hooks] [{20E54B18-85AA-417C-88EE-83B5E6D54A88}]D:\eb\s5spi.dll
O10 - 未知 - Winsock LSP: [SOCKS5 EZClient service provider hooks] [{A7A1CD13-227XXE6A-B039-09E36EF9E35D}]D:\eb\s5spi.dll
O10 - 未知 - Winsock LSP: [SOCKS5 EZClient service provider hooks] [{C07615A0-C5BA-11D1-8063-006008317CEF}]D:\eb\s5spi.dll
O14 - 未知 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/cn/zh/
O15 - 未知 - Trusted Zone: https://mybank.icbc.com.cn
O15 - 未知 - Trusted Zone: http://www.icbc.com.cn
O16 - 未知 - DPF: {488A4255-323XX4B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1009/aliedit.cab
O23 - 未知 - Service: AcPrfMgrSvc [Ac Profile Manager Service] - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe - (running)
O23 - 未知 - Service: AcSvc [Access Connections Main Service] - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe - (running)
O23 - 未知 - Service: btwdins [处理 Bluetooth 设备的安装和删除。] - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe - (running)
O23 - 未知 - Service: Diskeeper [“Diskeeper 治理器”用于存储有关网络上 Diskeeper 数据的位置。] - "C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe" - (running)
O23 - 未知 - Service: IPSSVC [IPS 核心服务] - C:\WINDOWS\system32\IPSSVC.EXE - (running)
O23 - 未知 - Service: ServiceLayer [ServiceLayer] - "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" - (not running)
O23 - 未知 - Service: SUService [System Update] - c:\program files\lenovo\system update\suservice.exe - (running)
O23 - 未知 - Service: TpKmpSVC [IBM KCU Service] - C:\WINDOWS\system32\TpKmpSVC.exe - (running)
O23 - 未知 - Service: TVT Scheduler [TVT Scheduler] - "C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe" - (running)
=======================================
100 - 安全 - Process: smss.exe [进程为会话治理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于治理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: ibmpmsvc.exe [ibm笔记本电源治理相关软件。] - C:\WINDOWS\system32\ibmpmsvc.exe
100 - 安全 - Process: ati2evxx.exe [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: CCenter.exe [瑞星杀毒软件控制台相关程序。] -
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: EvtEng.exe [英特尔公司出品的相关产品。] - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
100 - 安全 - Process: ati2evxx.exe [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe
100 - 安全 - Process: S24EvMon.exe [无线网卡相关驱动程序,用于事件监控。] - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: rfwsrv.exe [瑞星出品的防火墙程序,用于抵御黑客攻击。] -
100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序,用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe
100 - 安全 - Process: scardsvr.exe [对插入在计算机智能卡阅读器中的智能卡进行治理和访问控制。] - C:\WINDOWS\System32\SCardSvr.exe
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件治理。] - C:\WINDOWS\Explorer.EXE
100 - 安全 - Process: TpShocks.exe [ibm笔记本电脑相关驱动程序。] - C:\WINDOWS\system32\TpShocks.exe
100 - 安全 - Process: rfwmain.exe [瑞星公司出品的瑞星杀毒软件个人防火墙程序,用于抵御黑客攻击。] - c:\program files\rising\rfw\RfwMain.exe
100 - 安全 - Process: EZEJMNAP.EXE [IBM ThinkPad电脑EasyEject工具,用于在你的Thinkpad笔记本电脑上轻易的连接多个设备。 ] - C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
100 - 安全 - Process: SynTPLpr.exe [触摸板相关程序。] - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
100 - 安全 - Process: TPONSCR.exe [IBM笔记本扩展热键配置程序。 ] - C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
100 - 安全 - Process: SynTPEnh.exe [美国新思公司出版的触摸板驱动程序的一部分。] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
100 - 安全 - Process: TpScrex.exe [IBM Thinkpad笔记本UltraZoom功能配置和诊断程序。] - C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
100 - 安全 - Process: issch.exe [installshield software 公司出品的相关软件更新程序。] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
100 - 安全 - Process: PicasaMediaDetector.exe [Google推出的一款免费图像治理工具。] - C:\Program Files\Picasa2\PicasaMediaDetector.exe
100 - 安全 - Process: ACWLIcon.exe [联想推出治理包升级的相关进程。] - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
100 - 安全 - Process: rundll32.exe [windows rundll32为了需要调用dlls的程序。] - C:\WINDOWS\system32\rundll32.exe
100 - 安全 - Process: RavTask.exe [瑞星出品的杀毒软件相关程序。] -
100 - 安全 - Process: CLI.exe [ati公司产品的相关产品。] - C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
100 - 安全 - Process: runiep.exe [卡卡上网安全助手IE防漏墙相关程序。] - C:\Program Files\Rising\AntiSpyware\runiep.exe
100 - 安全 - Process: smax4pnp.exe [声卡相关软件。] - C:\Program Files\Analog Devices\Core\smax4pnp.exe
100 - 安全 - Process: SafeSignCertReg.exe [一款数字证书驱动程序。] - C:\WINDOWS\system32\SafeSignCertReg.exe
100 - 安全 - Process: MDM.EXE [debug除错治理用于调试应用程序和microsoft office中的microsoft script editor脚本编辑器。] - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
100 - 安全 - Process: RegSrvc.exe [intel公司出品的安置在网卡驱动程序(intel proset)旁,用以通信服务。] - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
100 - 安全 - Process: 360tray.exe [360安全卫士实时监控程序。] - C:\Program Files\360safe\safemon\360Tray.exe
100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\system32\ctfmon.exe
100 - 安全 - Process: DLG.exe [bvrp软件classic phone tools sofrware suite的数字连接检测。] - C:\Program Files\Digital Line Detect\DLG.exe
100 - 安全 - Process: TPHDEXLG.exe [ibm公司出品的硬盘自动保护(active protection system)软件。] - C:\WINDOWS\System32\TPHDEXLG.exe
100 - 安全 - Process: TpKmpSvc.exe [ibm thinkpad笔记本相关程序。] - C:\WINDOWS\system32\TpKmpSVC.exe
100 - 安全 - Process: wdfmgr.exe [windows media player播放器相关程序。] - C:\WINDOWS\system32\wdfmgr.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k imgsvc
100 - 安全 - Process: alg.exe [这是一个应用层网关服务用于网络共享。] - C:\WINDOWS\System32\alg.exe
100 - 安全 - Process: CLI.exe [ati公司产品的相关产品。] - C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
100 - 安全 - Process: IEXPLORE.EXE [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\iexplore.exe
100 - 安全 - Process: RsAgent.exe [瑞星助手是瑞星杀毒软件的一部分。] - C:\Program Files\Rising\Rav\RsAgent.exe
100 - 安全 - Process: agentsvr.exe [是一个ActiveX插件,用于多媒体程序。] - C:\WINDOWS\msagent\AgentSvr.exe -Embedding
100 - 安全 - Process: Client.exe [qq堂游戏的相关进程。] - D:\eb\Client.exe
100 - 安全 - Process: RavMonD.exe [瑞星杀毒软件的一部分。] -
100 - 安全 - Process: RavMon.exe [瑞星杀毒软件防火墙。] -
100 - 安全 - Process: RavStub.exe [瑞星出品的杀毒软件相关程序。] - C:\PROGRAM FILES\RISING\RAV\RavStub.exe
100 - 安全 - Process: Rav.exe [瑞星杀毒软件。] -
100 - 安全 - Process: hh.exe [windows help程序用以打开帮助文件和文档,包括在很多windows程序中。] - C:\WINDOWS\hh.exe
100 - 安全 - Process: 360Safe.exe [360安全卫士相关程序。] - C:\Program Files\360safe\360safe.exe
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
O4 - 安全 - HKLM\..\Run: [IMJPMIG8.1] [微软Microsoft输入法编辑器程序。] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 安全 - HKLM\..\Run: [PHIME2002ASync] [输入法软件相关程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 安全 - HKLM\..\Run: [PHIME2002A] [输入法软件相关程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 安全 - HKLM\..\Run: [TPKMAPHELPER] [ibm笔记本电脑相关程序。] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - 安全 - HKLM\..\Run: [TpShocks] [ibm笔记本电脑相关驱动程序。] TpShocks.exe
O4 - 安全 - HKLM\..\Run: [TP4EX] [ibm thinkpad系列笔记本驱动程序。] tp4ex.exe
O4 - 安全 - HKLM\..\Run: [EZEJMNAP] [ibm thinkpad笔记本相关软件。] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - 安全 - HKLM\..\Run: [TPHOTKEY] [ibm thinkpad笔记本应用程序。] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - 安全 - HKLM\..\Run: [SynTPLpr] [新思手写板,多用于各种笔记本触摸板驱动程序设置] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - 安全 - HKLM\..\Run: [SynTPEnh] [新思手写板,多用于各种笔记本触摸板驱动程序设置] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - 安全 - HKLM\..\Run: [SoundMAX] [analog device公司声卡驱动程序。] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - 安全 - HKLM\..\Run: [LPManager] [ibm笔记本电脑相关程序。] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - 安全 - HKLM\..\Run: [DLA] [hp刻录机相关软件。] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - 安全 - HKLM\..\Run: [ISUSPM Startup] [installshield安装包服务计划任务升级程序。] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - 安全 - HKLM\..\Run: [ISUSScheduler] [installshield 公司出品的相关软件。] "c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - 安全 - HKLM\..\Run: [Picasa Media Detector] [google出品的图片治理软件。] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - 安全 - HKLM\..\Run: [IMEKRMIG6.1] [一种输入法] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - 安全 - HKLM\..\Run: [MSPY2002] [是微软Microsoft翻译工具的一部分。] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 安全 - HKLM\..\Run: [ATICCC] [ati显示卡硬件驱动程序。] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - 安全 - HKLM\..\Run: [RavTask] [瑞星杀毒软件的任务计划程序。] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 安全 - HKLM\..\Run: [RfwMain] [瑞星防火墙程序,抵御黑客攻击。] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 安全 - HKLM\..\Run: [runeip] [卡卡上网安全助手相关程序。] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - 安全 - HKLM\..\Run: [SoundMAXPnP] [analog device公司声卡驱动程序。] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - 安全 - HKLM\..\Run: [StormCodec_Helper] [是暴风影音的插件。] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - 安全 - HKLM\..\Run: [CertificateRegistration] [一款数字证书驱动程序。] SafeSignCertReg.exe
O4 - 安全 - HKLM\..\Run: [NEC e-Border Credential] [一款国外代理软件e-Border Driver的相关程序。] D:\eb\s5credmgr.exe
O4 - 安全 - HKLM\..\Run: [PCSuiteTrayApplication] [诺基亚公司出品的一款手机同步的软件,用于数据传输。] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - 安全 - HKLM\..\Run: [360Safetray] [360safe实时保护功能模块。] C:\Program Files\360safe\safemon\360Tray.exe /start
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe
O4 - 安全 - Startup folder: [Digital Line Detect.lnk] [bvrp软件公司出品的电话相关软件。] C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Digital Line Detect.lnk
O4 - 安全 - Startup folder: [蓝牙控制盘.lnk] [蓝牙适配器软件相关程序。] C:\Documents and Settings\All Users\「开始」菜单\程序\启动\蓝牙控制盘.lnk
O8 - 安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - 安全 - Extra button: Windows Messenger(HKLM) - C:\Program Files\Messenger\msmsgs.exe
O11 - 安全 - Options Group: Java (IBM)
O16 - 安全 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in) - http://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab
O16 - 安全 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} (Java Plug-in) - http://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab
O18 - 安全 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O18 - 安全 - Protocol: OFFICE 相关 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O23 - 安全 - Service: Ati HotKey Poller [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe - (running)
O23 - 安全 - Service: EvtEng [EvtEng相关模块,用于支持Intel无线网络连接硬件。] - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe - (running)
O23 - 安全 - Service: IBMPMSVC [IBM笔记本电脑电源治理相关程序。 ] - C:\WINDOWS\system32\ibmpmsvc.exe - (running)
O23 - 安全 - Service: RegSrvc [Intel网络通讯软件相关程序。 ] - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe - (running)
O23 - 安全 - Service: RfwProxySrv [瑞星防火墙相关程序。] - c:\program files\rising\rfw\rfwproxy.exe - (not running)
O23 - 安全 - Service: RfwService [是瑞星个人防火墙相关程序。] - c:\program files\rising\rfw\rfwsrv.exe - (running)
O23 - 安全 - Service: RsCCenter [是瑞星杀毒软件控制台相关程序。] - "C:\Program Files\Rising\Rav\CCenter.exe" - (running)
O23 - 安全 - Service: RsRavMon [是瑞星杀毒软件相关监控程序。] - "C:\PROGRAM FILES\RISING\RAV\Ravmond.exe" - (running)
O23 - 安全 - Service: S24EventMonitor [无线网卡配置和诊断程序。] - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe - (running)
O23 - 安全 - Service: TPHDEXLGSVC [ibm笔记本电脑的主动保护系统相关程序。] - System32\TPHDEXLG.exe - (running)
=======================================
O40 - winlogon.exe - - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll - - 51e9e4ae981ffd92538bc0fe19d2bd82
O40 - winlogon.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll - - 9f40aad6d6e3fb323edef1552f526495
O40 - winlogon.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll - - 83dc3fd87b8783bedee9415e8e0bf64a
O40 - winlogon.exe - Microsoft Corporation - C:\WINDOWS\system32\MSVCP71.dll - Microsoft? C Runtime Library - 561fa2abb31dfa8fab762145f81667c2
O40 - winlogon.exe - Microsoft Corporation - C:\WINDOWS\system32\MSVCR71.dll - Microsoft? C Runtime Library - 86f1895ae8c5e8b17d99ece768a70732
O40 - winlogon.exe - - C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll - - 2e4775555e0dfb234eb5118283614611
O40 - winlogon.exe - UPEK Inc. - C:\WINDOWS\system32\psqlpwd.dll - Logon stub - 4fa3eac2d310ebf840494416cef19664
O40 - winlogon.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\infra.dll - Infrastructure utility library - 107b4a65398edcb26861e3e7fb9dbdb9
O40 - winlogon.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll - PS QL Logon Kernel - 9203d6f201b763bddd151afe9f880854
O40 - winlogon.exe - Microsoft Corporation - C:\WINDOWS\system32\biologon.dll - Biologon service - 8079c366f987682e705d81fad42b6e65
O40 - winlogon.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll - LocalPassport - fd961ec60388f742365f3a301bf6143d
O40 - winlogon.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\bio.dll - Biometrics support - 92d88957e4f814ffb42aca1f983474de
O40 - winlogon.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\remote.dll - Remote object access - 2965df5485c9281febf08e476863255c
O40 - winlogon.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\ps2css.dll - PS QL to Lenovo CSS interface - 59d68efa2e0cd957f88b35eb3ce95057
O40 - winlogon.exe - - C:\WINDOWS\system32\tphklock.dll - - e270fcccf7d413610a0f6a5266ada43a
O40 - winlogon.exe - Lenovo Group Limited - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll - Away Manager notification package. - b4f7bf8d1c3ea0fcffbccdd23c2735bc
O40 - lsass.exe - UPEK Inc. - C:\WINDOWS\system32\psqlpwd.dll - Logon stub - 4fa3eac2d310ebf840494416cef19664
O40 - lsass.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\infra.dll - Infrastructure utility library - 107b4a65398edcb26861e3e7fb9dbdb9
O40 - lsass.exe - Microsoft Corporation - C:\WINDOWS\system32\MSVCR71.dll - Microsoft? C Runtime Library - 86f1895ae8c5e8b17d99ece768a70732
O40 - lsass.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll - PS QL Logon Kernel - 9203d6f201b763bddd151afe9f880854
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\ACGina.dll - - 9000256b8413765bf238133e116a0bf6
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll - - 2e4775555e0dfb234eb5118283614611
O40 - lsass.exe - Microsoft Corporation - C:\WINDOWS\system32\MSVCP71.dll - Microsoft? C Runtime Library - 561fa2abb31dfa8fab762145f81667c2
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll - - 9f40aad6d6e3fb323edef1552f526495
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll - - 83dc3fd87b8783bedee9415e8e0bf64a
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll - - e1168551ab048893bfe644b8563e65c7
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll - - 3e8da280f8daa16f12952d841867bdea
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll - - cdbea1b2fd698d134230ee9d23577296
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll - - fe5c33832bacad43c30c3f10d8f9703e
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll - - 517c5c51a527390583183b8b9fa7d2ad
O40 - lsass.exe - NEC Corporation - D:\eb\s5spi.dll - SOCKS5 EZClient service provider hooks - 2859add268949b6fe6c5366330fb0f6a
O40 - svchost.exe - NEC Corporation - D:\eb\s5spi.dll - SOCKS5 EZClient service provider hooks - 2859add268949b6fe6c5366330fb0f6a
O40 - svchost.exe - NEC Corporation - D:\eb\s5spi.dll - SOCKS5 EZClient service provider hooks - 2859add268949b6fe6c5366330fb0f6a
O40 - svchost.exe - NEC Corporation - D:\eb\s5spi.dll - SOCKS5 EZClient service provider hooks - 2859add268949b6fe6c5366330fb0f6a
O40 - svchost.exe - NEC Corporation - D:\eb\s5spi.dll - SOCKS5 EZClient service provider hooks - 2859add268949b6fe6c5366330fb0f6a
O40 - Explorer.EXE - Beijing Rising Technology Co., Ltd. - C:\WINDOWS\system32\RavExt.dll - Rising Shell Ext Module - fa20734a7acabcfe9d727fb343da4e8a
O40 - Explorer.EXE - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\AntiSpyware\ieprot.dll - IE Protector - 369c1d78953b00cf8306e7028654092d
O40 - Explorer.EXE - Lenovo Group Limited - C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL - ThinkPad Power Manager Background Monitor and Tray Battery Gauge - fb454ecb2b5846d70a91beedbf31f435
O40 - Explorer.EXE - - C:\PROGRA~1\ThinkPad\UTILIT~1\SC\PWRMGRRT.DLL - - c9b23e6a495179629afcec5f5ae9cb67
O40 - Explorer.EXE - - C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL - - eac0e0fe4d8e2e9779596953358970fe
O40 - Explorer.EXE - Lenovo Group Limited - C:\WINDOWS\system32\PROCHLP.DLL - IPS Helper DLL - eb8b00829956a6db0a483a187e0051ac
O40 - Explorer.EXE - Broadcom Corporation. - C:\WINDOWS\system32\btmmhook.dll - Multimedia Keys Hook DLL - dd1313675117570eb1c8c7de3557a2ec
O40 - Explorer.EXE - - D:\绿色软件\winrar\rarext.dll - - 511d8ec5e4051fdcff72064cb1eb4a00
O40 - Explorer.EXE - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\RSCOMMON.DLL - Rising Common Function Dynamic Link Library - 58432e6c58f1b4c339adc1a79bf864b6
O40 - Explorer.EXE - Broadcom Corporation. - C:\WINDOWS\system32\btncopy.dll - BTNCopy Module - f25c136b4947586d1cc9c701ecef154c
O40 - Explorer.EXE - Nokia - C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll - Phone Browser - d1d12242118ccef2e2279df2182ca2d6
O40 - Explorer.EXE - Nokia - C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll - PC Suite Common Modules - ca33b4b0aafe8c667b330738c8623a61
O40 - Explorer.EXE - Nokia. - C:\Program Files\PC Connectivity Solution\ConnAPI.DLL - Nokia Connectivity API - 3a42e0ce06b4ad78c07c80a419ad039c
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCP80.dll - Microsoft? C Runtime Library - f33a2734000fc6d3dbae2e1337e2bb1f
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\MSVCP71.dll - Microsoft? C Runtime Library - 561fa2abb31dfa8fab762145f81667c2
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\MSVCR71.dll - Microsoft? C Runtime Library - 86f1895ae8c5e8b17d99ece768a70732
O40 - Explorer.EXE - - C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll - ACE Context Menu - 649e3ab705eb0f3af213dcd4378515cf
O40 - rundll32.exe - Lenovo Group Limited - C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL - ThinkPad Power Manager Background Monitor and Tray Battery Gauge - fb454ecb2b5846d70a91beedbf31f435
O40 - rundll32.exe - - C:\PROGRA~1\ThinkPad\UTILIT~1\SC\PWRMGRRT.DLL - - c9b23e6a495179629afcec5f5ae9cb67
O40 - rundll32.exe - - C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL - - eac0e0fe4d8e2e9779596953358970fe
O40 - rundll32.exe - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\AntiSpyware\ieprot.dll - IE Protector - 369c1d78953b00cf8306e7028654092d
=======================================
O41 - AegisP - IEEE 802.1X Protocol Driver - C:\WINDOWS\system32\drivers\AegisP.sys - (running) - IEEE 802.1X Protocol Driver - Meetinghouse Data Communications - 375eb0b97e3950adef3633c27a82438b
O41 - ANC - IBM Access Connections - ANC - C:\WINDOWS\system32\drivers\ANC.sys - (running) - IBM Access Connections - ANC - IBM Corp. - 11ab185a7af224800bbfb5b836974a17
O41 - BaseTDI - basetdi - C:\WINDOWS\system32\drivers\basetdi.sys - (running) - basetdi - Beijing Rising Technology Co., Ltd. - 0064810c1b03f2c889130b669a4ce937
O41 - btaudio - Bluetooth Audio Device - C:\WINDOWS\system32\drivers\btaudio.sys - (running) - Bluetooth Audio Device - Broadcom Corporation. - f9457b95d98e5dda90f8efca98a1c7fa
O41 - BTKRNL - Bluetooth Bus Enumerator - C:\WINDOWS\system32\drivers\btkrnl.sys - (running) - Bluetooth Bus Enumerator - Broadcom Corporation. - 62c53cc7d8fc4848bb7a492faa2edef4
O41 - DLABOIOM - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLABOIOM.SYS - (running) - Drive Letter Access Component - Sonic Solutions - efae981c8ba3dad4103a76bcb5955b07
O41 - DLACDBHM - Shared Driver Component - C:\WINDOWS\system32\drivers\DLACDBHM.SYS - (running) - Shared Driver Component - Sonic Solutions - 8d45ac148fd8c1a25204aeca1397fa7e
O41 - DLADResN - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLADResN.SYS - (running) - Drive Letter Access Component - Sonic Solutions - edf7dc4b48e206af188d4841152be53f
O41 - DLAIFS_M - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLAIFS_M.SYS - (running) - Drive Letter Access Component - Sonic Solutions - 2aef49904bde7398d0f09b6a603738ef
O41 - DLAOPIOM - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLAOPIOM.SYS - (running) - Drive Letter Access Component - Sonic Solutions - 46fa268a829384256179f4ccb6eb308f
O41 - DLAPoolM - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLAPoolM.SYS - (running) - Drive Letter Access Component - Sonic Solutions - 26e89839af248625a4e7c4cf5873375d
O41 - DLARTL_N - Shared Driver Component - C:\WINDOWS\system32\drivers\DLARTL_N.SYS - (running) - Shared Driver Component - Sonic Solutions - 94accf8f7b87fbeaa27266927319e6ba
O41 - DLAUDFAM - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLAUDFAM.SYS - (running) - Drive Letter Access Component - Sonic Solutions - 5e914bd7f68dde3fb4bffe005162c1e6
O41 - DLAUDF_M - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLAUDF_M.SYS - (running) - Drive Letter Access Component - Sonic Solutions - 8c3cfb22a7fb3be67e0c321fa10b8b50
O41 - DRVMCDB - Device Driver - C:\WINDOWS\system32\drivers\DRVMCDB.SYS - (running) - Device Driver - Sonic Solutions - ab6c5c26fff9b3c456aeaf7e0093c2fe
O41 - DRVNDDM - Device Driver Manager - C:\WINDOWS\system32\drivers\DRVNDDM.SYS - (running) - Device Driver Manager - Sonic Solutions - 4a307ade1638d9358b6eb90076481cc6
O41 - ExpScaner - ExpScan.sys - C:\PROGRAM FILES\Rising\Rav\ExpScan.sys - (running) - ExpScan.sys - - 5a690926c7181d5c0b2721016442c9c3
O41 - HookCont - HookCont - C:\PROGRAM FILES\Rising\Rav\HookCont.sys - (running) - HookCont - Rising - 3926cb7b005564bc77d6b40235c53817
O41 - HookReg - HookReg - C:\PROGRAM FILES\Rising\Rav\HOOKREG.sys - (running) - - - 997c395147f8e5b3f714bdd112fe8945
O41 - HookSys - Hooksys - C:\PROGRAM FILES\Rising\Rav\HookSys.sys - (running) - Hooksys - Rising - 265b67f85db6226f2439e13e7c1fa8bf
O41 - HookUrl - HookUrl - C:\Program Files\Rising\Rfw\HookUrl.sys - (running) - HookUrl - Beijing Rising Technology Co., Ltd. - 93768ab1e576eef2de107eddbc586e9b
O41 - IBMTPCHK - IBMTPCHK - C:\WINDOWS\system32\drivers\IBMBLDID.sys - (running) - - - bfc9f3adaad74e13f9ce16c8bd336f95
O41 - MEMSCAN - MemScan Driver - C:\PROGRAM FILES\Rising\Rav\MemScan.sys - (running) - MemScan Driver - 瑞星软件有限公司 - 9811b256023dd985cbc5bad790e5bb84
O41 - mProcRs - Rising Personal FireWall mprocrs.sys - c:\program files\Rising\Rfw\mProcRs.sys - (running) - Rising Personal FireWall mprocrs.sys - Beijing Rising Technology Co., Ltd. - f19fe6ccade903d285208247056daf6a
O41 - npkcrypt - nProtect KeyCrypt Driver - D:\qq\npkcrypt.sys - (running) - nProtect KeyCrypt Driver - INCA Internet Co., Ltd. - 8bcb281a2540e7aff0cd00f9878fe21f
O41 - oreans32 - oreans32 - C:\WINDOWS\system32\drivers\oreans32.sys - (running) - - - aad837bf3b475092fd515cd0842334e9
O41 - PMEM - Physical Memory Driver - C:\WINDOWS\system32\drivers\PMEMNT.SYS - (running) - Physical Memory Driver - Microsoft Corporation - fa292805788528c083f416e151b60ab6
O41 - PROCDD - IPS Helper Driver - C:\WINDOWS\system32\drivers\PROCDD.SYS - (running) - IPS Helper Driver - Lenovo Group Limited - 6f9e6e874fd74ee6dd0bbecde9d3f795
O41 - PxHelp20 - Px Engine Device Driver for Windows 2000/XP - C:\WINDOWS\system32\drivers\pxhelp20.sys - (running) - Px Engine Device Driver for Windows 2000/XP - Sonic Solutions - 183ef96bcc2ec3d5294cb2c2c0ecbcd1
O41 - RsAntiSpyware - RsBoot - C:\WINDOWS\system32\drivers\RsBoot.sys - (running) - RsBoot - Beijing Rising - c79cf8d2f5225a2216fe3b91ceb8b225
O41 - RsFwDrv - nt_fwdrv - C:\Program Files\Rising\Rfw\rsfwdrv.sys - (running) - nt_fwdrv - Beijing Rising Technology Co., Ltd. - 1869e55cfacff0ff786d4ba6d2340ee2
O41 - RsNTGDI - RsNTGDI - C:\WINDOWS\system32\drivers\RsNTGdi.sys - (running) - RsNTGDI - Beijing Rising Technology Co., Ltd. - 17214e7b192cb93ff014fca1484b97ad
O41 - RSPPSYS - RSPPSYS.SYS - C:\PROGRAM FILES\Rising\Rav\rsppsys.sys - (running) - RSPPSYS.SYS - Rising - f38c10d8c21626a4878ea16717e971fa
O41 - s24trans - Intel WLAN Packet Driver - C:\WINDOWS\system32\drivers\s24trans.sys - (running) - Intel WLAN Packet Driver - Intel Corporation - e6a330f5ebc184aef5ca8f1953ca08d2
O41 - Smapint - SMAPI I/O - C:\WINDOWS\system32\drivers\SMAPINT.SYS - (running) - SMAPI I/O - Microsoft Corporation - 26341d0dd225d19fd50e0ee3c3c77502
O41 - smihlp - SMI helper driver - C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys - (running) - SMI helper driver - UPEK Inc. - 3eee2c9a0b3ae9ae0e828c76d910c4f7
O41 - TDSMAPI - TDSMAPI - C:\WINDOWS\system32\drivers\TDSMAPI.SYS - (running) - - - 564b337034271b7bddcabfddc91c6b7a
O41 - TPPWRIF - TPPWRIF - C:\WINDOWS\system32\drivers\TPPWRIF.SYS - (running) - - - 44672de6cea9569c21c4b7a8d2560750
O41 - TSMAPIP - TSMAPIP - C:\WINDOWS\system32\drivers\TSMAPIP.SYS - (running) - - - f2aba3066d7921d7fcdbd66dea88be11
O41 - BTDriver - Bluetooth BTPORT Driver for Windows 2000 - C:\WINDOWS\system32\drivers\btport.sys - (not running) - Bluetooth BTPORT Driver for Windows 2000 - Broadcom Corporation. - 3944041e640710afffaec52b7957ef5d
O41 - BTWDNDIS - Bluetooth LAN Access Server Driver - C:\WINDOWS\system32\drivers\btwdndis.sys - (not running) - Bluetooth LAN Access Server Driver - Broadcom Corporation. - 054ee206461237e3399708ea4543138f
O41 - BTWUSB - Driver for Bluetooth USB Devices - C:\WINDOWS\system32\drivers\btwusb.sys - (not running) - Driver for Bluetooth USB Devices - Broadcom Corporation. - 8fe038caf82e18260e8230a9bb8b98ab
O41 - netpasadapter1 - Netpas Win32 Virtual Network Driver - C:\WINDOWS\system32\drivers\netpas.sys - (not running) - Netpas Win32 Virtual Network Driver - Netpas - ccb91d17c78ac1a9e1a5065eb2f6e7e0
O41 - UIUSys - UIUSys - C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS - (not running) - - -
=======================================
360Safe.exe=3.2.1.1002
AntiAdwa.dll=3.2.0.1001
AntiEng.dll=3.0.2.2000
AntiActi.dll=2.0.0.3000
CleanHis.dll=3.0.2.1000
safelive.exe=1.0.0.2007
live.dll=1.0.0.1011
=======================================
操作历史报告:
=======================================
非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助!
该诊断报告由360安全卫士提供 http://www.360safe.com
诊断时间: 2007-04-11 19:37:34
诊断平台: Microsoft Windows XP Service Pack 2
IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180
计算机物理内存: 2GB - 当前可用内存: 1GB
100 - 未知 - Process: btwdins.exe [Bluetooth Support Server] - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
100 - 未知 - Process: TPHKMGR.exe [] - C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
100 - 未知 - Process: LPMGR.EXE [ThinkVantage Productivity Center Manager] - C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
100 - 未知 - Process: Amsg.exe [Message Center] - C:\PROGRA~1\THINKV~2\AMSG\Amsg.exe
100 - 未知 - Process: DLACTRLW.EXE [Drive Letter Access Component] - C:\WINDOWS\System32\DLA\DLACTRLW.EXE
100 - 未知 - Process: IPSSVC.EXE [IPS Core Service] - C:\WINDOWS\system32\IPSSVC.EXE
100 - 未知 - Process: AcPrfMgrSvc.exe [] - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
100 - 未知 - Process: scheduler_proxy.exe [scheduler_proxy Application] - C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
100 - 未知 - Process: DkService.exe [DKSERVICE.EXE] - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
100 - 未知 - Process: AwaySch.EXE [Away Scheduler] - C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
100 - 未知 - Process: suservice.exe [ThinkVantage System Update Service] - c:\program files\lenovo\system update\suservice.exe
100 - 未知 - Process: BTTray.exe [Bluetooth Tray Application] - C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe
100 - 未知 - Process: tvtsched.exe [ThinkVantage Scheduler] - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe
100 - 未知 - Process: AcSvc.exe [ThinkVantage Access Connections Main Service Module] - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
100 - 未知 - Process: SvcGuiHlpr.exe [] - C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
100 - 未知 - Process: QQ.exe [QQ] - D:\qq\QQ.exe
100 - 未知 - Process: TIMPlatform.exe [TIMPlatform] - D:\qq\TIMPlatform.exe -Embedding
R0 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page=http://www.google.com
R0 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL=http://www.lenovo.com/cn/zh/
R0 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant=http://www.google.com/ie
R1 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar=http://www.google.com/ie
R1 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Use Search Asst=no
O2 - 未知 - BHO: (DriveLetterAccess) - [Drive Letter Access Component] - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O4 - 未知 - HKLM\..\Run: [AMSG] [Message Center] C:\PROGRA~1\THINKV~2\AMSG\Amsg.exe
O4 - 未知 - HKLM\..\Run: [DiskeeperSystray] [DKICON.EXE] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - 未知 - HKLM\..\Run: [ACWLIcon] [] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - 未知 - HKLM\..\Run: [PWRMGRTR] [ThinkPad Power Manager Background Monitor and Tray Battery Gauge] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
O4 - 未知 - HKLM\..\Run: [BLOG] [] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - 未知 - HKLM\..\Run: [TVT Scheduler Proxy] [scheduler_proxy Application] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - 未知 - HKLM\..\Run: [AwaySch] [Away Scheduler] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
O8 - 未知 - Extra context menu item: &使用BitComet下载 - res://D:\绿色软件\BitComet_0.86\BitComet.exe/AddLink.htm
O8 - 未知 - Extra context menu item: &使用BitComet下载全部链接 - res://D:\绿色软件\BitComet_0.86\BitComet.exe/AddAllLink.htm
O8 - 未知 - Extra context menu item: &使用BitComet下载本页视频 - res://D:\绿色软件\BitComet_0.86\BitComet.exe/AddVideo.htm
O8 - 未知 - Extra context menu item: 上传到QQ网络硬盘 - D:\qq\AddToNetDisk.htm
O8 - 未知 - Extra context menu item: 发送到 Bluetooth 设备(&B)... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - 未知 - Extra context menu item: 发送到 Bluetooth(&B) - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
O8 - 未知 - Extra context menu item: 添加到QQ自定义面板 - D:\qq\AddPanel.htm
O8 - 未知 - Extra context menu item: 添加到QQ表情 - D:\qq\AddEmotion.htm
O8 - 未知 - Extra context menu item: 用QQ彩信发送该图片 - D:\qq\SendMMS.htm
O9 - 未知 - Extra button: IBM Java 控制台(HKLM) -
O9 - 未知 - Extra button: 浩方对战平台(HKLM) - E:\复件ya\HFGameOPT\GameClient.exe
O9 - 未知 - Extra button: 信息检索(HKLM) - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - 未知 - Extra button: @btrez.dll,-12650(HKLM) - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie.htm
O9 - 未知 - Extra button: 更新 ThinkPad 软件(HKLM) - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
O10 - 未知 - Winsock LSP: [SOCKS5 EZClient service provider hooks] [{87DFBA7C-682F-42D3-9F59-379E1152E868}]D:\eb\s5spi.dll
O10 - 未知 - Winsock LSP: [SOCKS5 EZClient service provider hooks] [{07B85992-100D-48D9-BDC4-77BACE66A9E6}]D:\eb\s5spi.dll
O10 - 未知 - Winsock LSP: [SOCKS5 EZClient service provider hooks] [{5BCBB4AB-4E5XXB52-905A-F7AAAF16183A}]D:\eb\s5spi.dll
O10 - 未知 - Winsock LSP: [SOCKS5 EZClient service provider hooks] [{20E54B18-85AA-417C-88EE-83B5E6D54A88}]D:\eb\s5spi.dll
O10 - 未知 - Winsock LSP: [SOCKS5 EZClient service provider hooks] [{A7A1CD13-227XXE6A-B039-09E36EF9E35D}]D:\eb\s5spi.dll
O10 - 未知 - Winsock LSP: [SOCKS5 EZClient service provider hooks] [{C07615A0-C5BA-11D1-8063-006008317CEF}]D:\eb\s5spi.dll
O14 - 未知 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/cn/zh/
O15 - 未知 - Trusted Zone: https://mybank.icbc.com.cn
O15 - 未知 - Trusted Zone: http://www.icbc.com.cn
O16 - 未知 - DPF: {488A4255-323XX4B3-8F27-FA1AECAA8844} (CEditCtrl Object) - https://img.alipay.com/download/1009/aliedit.cab
O23 - 未知 - Service: AcPrfMgrSvc [Ac Profile Manager Service] - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe - (running)
O23 - 未知 - Service: AcSvc [Access Connections Main Service] - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe - (running)
O23 - 未知 - Service: btwdins [处理 Bluetooth 设备的安装和删除。] - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe - (running)
O23 - 未知 - Service: Diskeeper [“Diskeeper 治理器”用于存储有关网络上 Diskeeper 数据的位置。] - "C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe" - (running)
O23 - 未知 - Service: IPSSVC [IPS 核心服务] - C:\WINDOWS\system32\IPSSVC.EXE - (running)
O23 - 未知 - Service: ServiceLayer [ServiceLayer] - "C:\Program Files\PC Connectivity Solution\ServiceLayer.exe" - (not running)
O23 - 未知 - Service: SUService [System Update] - c:\program files\lenovo\system update\suservice.exe - (running)
O23 - 未知 - Service: TpKmpSVC [IBM KCU Service] - C:\WINDOWS\system32\TpKmpSVC.exe - (running)
O23 - 未知 - Service: TVT Scheduler [TVT Scheduler] - "C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe" - (running)
=======================================
100 - 安全 - Process: smss.exe [进程为会话治理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe
100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base
100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe
100 - 安全 - Process: services.exe [用于治理windows服务系统进程。] - C:\WINDOWS\system32\services.exe
100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe
100 - 安全 - Process: ibmpmsvc.exe [ibm笔记本电源治理相关软件。] - C:\WINDOWS\system32\ibmpmsvc.exe
100 - 安全 - Process: ati2evxx.exe [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss
100 - 安全 - Process: CCenter.exe [瑞星杀毒软件控制台相关程序。] -
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs
100 - 安全 - Process: EvtEng.exe [英特尔公司出品的相关产品。] - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
100 - 安全 - Process: ati2evxx.exe [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe
100 - 安全 - Process: S24EvMon.exe [无线网卡相关驱动程序,用于事件监控。] - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService
100 - 安全 - Process: rfwsrv.exe [瑞星出品的防火墙程序,用于抵御黑客攻击。] -
100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序,用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe
100 - 安全 - Process: scardsvr.exe [对插入在计算机智能卡阅读器中的智能卡进行治理和访问控制。] - C:\WINDOWS\System32\SCardSvr.exe
100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件治理。] - C:\WINDOWS\Explorer.EXE
100 - 安全 - Process: TpShocks.exe [ibm笔记本电脑相关驱动程序。] - C:\WINDOWS\system32\TpShocks.exe
100 - 安全 - Process: rfwmain.exe [瑞星公司出品的瑞星杀毒软件个人防火墙程序,用于抵御黑客攻击。] - c:\program files\rising\rfw\RfwMain.exe
100 - 安全 - Process: EZEJMNAP.EXE [IBM ThinkPad电脑EasyEject工具,用于在你的Thinkpad笔记本电脑上轻易的连接多个设备。 ] - C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
100 - 安全 - Process: SynTPLpr.exe [触摸板相关程序。] - C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
100 - 安全 - Process: TPONSCR.exe [IBM笔记本扩展热键配置程序。 ] - C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
100 - 安全 - Process: SynTPEnh.exe [美国新思公司出版的触摸板驱动程序的一部分。] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
100 - 安全 - Process: TpScrex.exe [IBM Thinkpad笔记本UltraZoom功能配置和诊断程序。] - C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
100 - 安全 - Process: issch.exe [installshield software 公司出品的相关软件更新程序。] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
100 - 安全 - Process: PicasaMediaDetector.exe [Google推出的一款免费图像治理工具。] - C:\Program Files\Picasa2\PicasaMediaDetector.exe
100 - 安全 - Process: ACWLIcon.exe [联想推出治理包升级的相关进程。] - C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
100 - 安全 - Process: rundll32.exe [windows rundll32为了需要调用dlls的程序。] - C:\WINDOWS\system32\rundll32.exe
100 - 安全 - Process: RavTask.exe [瑞星出品的杀毒软件相关程序。] -
100 - 安全 - Process: CLI.exe [ati公司产品的相关产品。] - C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
100 - 安全 - Process: runiep.exe [卡卡上网安全助手IE防漏墙相关程序。] - C:\Program Files\Rising\AntiSpyware\runiep.exe
100 - 安全 - Process: smax4pnp.exe [声卡相关软件。] - C:\Program Files\Analog Devices\Core\smax4pnp.exe
100 - 安全 - Process: SafeSignCertReg.exe [一款数字证书驱动程序。] - C:\WINDOWS\system32\SafeSignCertReg.exe
100 - 安全 - Process: MDM.EXE [debug除错治理用于调试应用程序和microsoft office中的microsoft script editor脚本编辑器。] - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
100 - 安全 - Process: RegSrvc.exe [intel公司出品的安置在网卡驱动程序(intel proset)旁,用以通信服务。] - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
100 - 安全 - Process: 360tray.exe [360安全卫士实时监控程序。] - C:\Program Files\360safe\safemon\360Tray.exe
100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\system32\ctfmon.exe
100 - 安全 - Process: DLG.exe [bvrp软件classic phone tools sofrware suite的数字连接检测。] - C:\Program Files\Digital Line Detect\DLG.exe
100 - 安全 - Process: TPHDEXLG.exe [ibm公司出品的硬盘自动保护(active protection system)软件。] - C:\WINDOWS\System32\TPHDEXLG.exe
100 - 安全 - Process: TpKmpSvc.exe [ibm thinkpad笔记本相关程序。] - C:\WINDOWS\system32\TpKmpSVC.exe
100 - 安全 - Process: wdfmgr.exe [windows media player播放器相关程序。] - C:\WINDOWS\system32\wdfmgr.exe
100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k imgsvc
100 - 安全 - Process: alg.exe [这是一个应用层网关服务用于网络共享。] - C:\WINDOWS\System32\alg.exe
100 - 安全 - Process: CLI.exe [ati公司产品的相关产品。] - C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
100 - 安全 - Process: IEXPLORE.EXE [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\iexplore.exe
100 - 安全 - Process: RsAgent.exe [瑞星助手是瑞星杀毒软件的一部分。] - C:\Program Files\Rising\Rav\RsAgent.exe
100 - 安全 - Process: agentsvr.exe [是一个ActiveX插件,用于多媒体程序。] - C:\WINDOWS\msagent\AgentSvr.exe -Embedding
100 - 安全 - Process: Client.exe [qq堂游戏的相关进程。] - D:\eb\Client.exe
100 - 安全 - Process: RavMonD.exe [瑞星杀毒软件的一部分。] -
100 - 安全 - Process: RavMon.exe [瑞星杀毒软件防火墙。] -
100 - 安全 - Process: RavStub.exe [瑞星出品的杀毒软件相关程序。] - C:\PROGRAM FILES\RISING\RAV\RavStub.exe
100 - 安全 - Process: Rav.exe [瑞星杀毒软件。] -
100 - 安全 - Process: hh.exe [windows help程序用以打开帮助文件和文档,包括在很多windows程序中。] - C:\WINDOWS\hh.exe
100 - 安全 - Process: 360Safe.exe [360安全卫士相关程序。] - C:\Program Files\360safe\360safe.exe
R1 - 安全 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
R1 - 安全 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm
O4 - 安全 - HKLM\..\Run: [IMJPMIG8.1] [微软Microsoft输入法编辑器程序。] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - 安全 - HKLM\..\Run: [PHIME2002ASync] [输入法软件相关程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - 安全 - HKLM\..\Run: [PHIME2002A] [输入法软件相关程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - 安全 - HKLM\..\Run: [TPKMAPHELPER] [ibm笔记本电脑相关程序。] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - 安全 - HKLM\..\Run: [TpShocks] [ibm笔记本电脑相关驱动程序。] TpShocks.exe
O4 - 安全 - HKLM\..\Run: [TP4EX] [ibm thinkpad系列笔记本驱动程序。] tp4ex.exe
O4 - 安全 - HKLM\..\Run: [EZEJMNAP] [ibm thinkpad笔记本相关软件。] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - 安全 - HKLM\..\Run: [TPHOTKEY] [ibm thinkpad笔记本应用程序。] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - 安全 - HKLM\..\Run: [SynTPLpr] [新思手写板,多用于各种笔记本触摸板驱动程序设置] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - 安全 - HKLM\..\Run: [SynTPEnh] [新思手写板,多用于各种笔记本触摸板驱动程序设置] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - 安全 - HKLM\..\Run: [SoundMAX] [analog device公司声卡驱动程序。] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - 安全 - HKLM\..\Run: [LPManager] [ibm笔记本电脑相关程序。] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
O4 - 安全 - HKLM\..\Run: [DLA] [hp刻录机相关软件。] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - 安全 - HKLM\..\Run: [ISUSPM Startup] [installshield安装包服务计划任务升级程序。] c:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - 安全 - HKLM\..\Run: [ISUSScheduler] [installshield 公司出品的相关软件。] "c:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - 安全 - HKLM\..\Run: [Picasa Media Detector] [google出品的图片治理软件。] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - 安全 - HKLM\..\Run: [IMEKRMIG6.1] [一种输入法] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - 安全 - HKLM\..\Run: [MSPY2002] [是微软Microsoft翻译工具的一部分。] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - 安全 - HKLM\..\Run: [ATICCC] [ati显示卡硬件驱动程序。] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - 安全 - HKLM\..\Run: [RavTask] [瑞星杀毒软件的任务计划程序。] "C:\Program Files\Rising\Rav\RavTask.exe" -system
O4 - 安全 - HKLM\..\Run: [RfwMain] [瑞星防火墙程序,抵御黑客攻击。] "C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup
O4 - 安全 - HKLM\..\Run: [runeip] [卡卡上网安全助手相关程序。] C:\Program Files\Rising\AntiSpyware\runiep.exe
O4 - 安全 - HKLM\..\Run: [SoundMAXPnP] [analog device公司声卡驱动程序。] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - 安全 - HKLM\..\Run: [StormCodec_Helper] [是暴风影音的插件。] "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti
O4 - 安全 - HKLM\..\Run: [CertificateRegistration] [一款数字证书驱动程序。] SafeSignCertReg.exe
O4 - 安全 - HKLM\..\Run: [NEC e-Border Credential] [一款国外代理软件e-Border Driver的相关程序。] D:\eb\s5credmgr.exe
O4 - 安全 - HKLM\..\Run: [PCSuiteTrayApplication] [诺基亚公司出品的一款手机同步的软件,用于数据传输。] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - 安全 - HKLM\..\Run: [360Safetray] [360safe实时保护功能模块。] C:\Program Files\360safe\safemon\360Tray.exe /start
O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe
O4 - 安全 - Startup folder: [Digital Line Detect.lnk] [bvrp软件公司出品的电话相关软件。] C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Digital Line Detect.lnk
O4 - 安全 - Startup folder: [蓝牙控制盘.lnk] [蓝牙适配器软件相关程序。] C:\Documents and Settings\All Users\「开始」菜单\程序\启动\蓝牙控制盘.lnk
O8 - 安全 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - 安全 - Extra button: Windows Messenger(HKLM) - C:\Program Files\Messenger\msmsgs.exe
O11 - 安全 - Options Group: Java (IBM)
O16 - 安全 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in) - http://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab
O16 - 安全 - DPF: {CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA} (Java Plug-in) - http://java.sun.com/products/plugin/1.4.2/jinstall-142-win.cab
O18 - 安全 - Protocol: OFFICE 相关 - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL
O18 - 安全 - Protocol: OFFICE 相关 - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL
O23 - 安全 - Service: Ati HotKey Poller [ati显卡相关后台程序。] - C:\WINDOWS\system32\Ati2evxx.exe - (running)
O23 - 安全 - Service: EvtEng [EvtEng相关模块,用于支持Intel无线网络连接硬件。] - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe - (running)
O23 - 安全 - Service: IBMPMSVC [IBM笔记本电脑电源治理相关程序。 ] - C:\WINDOWS\system32\ibmpmsvc.exe - (running)
O23 - 安全 - Service: RegSrvc [Intel网络通讯软件相关程序。 ] - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe - (running)
O23 - 安全 - Service: RfwProxySrv [瑞星防火墙相关程序。] - c:\program files\rising\rfw\rfwproxy.exe - (not running)
O23 - 安全 - Service: RfwService [是瑞星个人防火墙相关程序。] - c:\program files\rising\rfw\rfwsrv.exe - (running)
O23 - 安全 - Service: RsCCenter [是瑞星杀毒软件控制台相关程序。] - "C:\Program Files\Rising\Rav\CCenter.exe" - (running)
O23 - 安全 - Service: RsRavMon [是瑞星杀毒软件相关监控程序。] - "C:\PROGRAM FILES\RISING\RAV\Ravmond.exe" - (running)
O23 - 安全 - Service: S24EventMonitor [无线网卡配置和诊断程序。] - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe - (running)
O23 - 安全 - Service: TPHDEXLGSVC [ibm笔记本电脑的主动保护系统相关程序。] - System32\TPHDEXLG.exe - (running)
=======================================
O40 - winlogon.exe - - C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll - - 51e9e4ae981ffd92538bc0fe19d2bd82
O40 - winlogon.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll - - 9f40aad6d6e3fb323edef1552f526495
O40 - winlogon.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll - - 83dc3fd87b8783bedee9415e8e0bf64a
O40 - winlogon.exe - Microsoft Corporation - C:\WINDOWS\system32\MSVCP71.dll - Microsoft? C Runtime Library - 561fa2abb31dfa8fab762145f81667c2
O40 - winlogon.exe - Microsoft Corporation - C:\WINDOWS\system32\MSVCR71.dll - Microsoft? C Runtime Library - 86f1895ae8c5e8b17d99ece768a70732
O40 - winlogon.exe - - C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll - - 2e4775555e0dfb234eb5118283614611
O40 - winlogon.exe - UPEK Inc. - C:\WINDOWS\system32\psqlpwd.dll - Logon stub - 4fa3eac2d310ebf840494416cef19664
O40 - winlogon.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\infra.dll - Infrastructure utility library - 107b4a65398edcb26861e3e7fb9dbdb9
O40 - winlogon.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll - PS QL Logon Kernel - 9203d6f201b763bddd151afe9f880854
O40 - winlogon.exe - Microsoft Corporation - C:\WINDOWS\system32\biologon.dll - Biologon service - 8079c366f987682e705d81fad42b6e65
O40 - winlogon.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\homepass.dll - LocalPassport - fd961ec60388f742365f3a301bf6143d
O40 - winlogon.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\bio.dll - Biometrics support - 92d88957e4f814ffb42aca1f983474de
O40 - winlogon.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\remote.dll - Remote object access - 2965df5485c9281febf08e476863255c
O40 - winlogon.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\ps2css.dll - PS QL to Lenovo CSS interface - 59d68efa2e0cd957f88b35eb3ce95057
O40 - winlogon.exe - - C:\WINDOWS\system32\tphklock.dll - - e270fcccf7d413610a0f6a5266ada43a
O40 - winlogon.exe - Lenovo Group Limited - C:\Program Files\Lenovo\AwayTask\AwayNotify.dll - Away Manager notification package. - b4f7bf8d1c3ea0fcffbccdd23c2735bc
O40 - lsass.exe - UPEK Inc. - C:\WINDOWS\system32\psqlpwd.dll - Logon stub - 4fa3eac2d310ebf840494416cef19664
O40 - lsass.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\infra.dll - Infrastructure utility library - 107b4a65398edcb26861e3e7fb9dbdb9
O40 - lsass.exe - Microsoft Corporation - C:\WINDOWS\system32\MSVCR71.dll - Microsoft? C Runtime Library - 86f1895ae8c5e8b17d99ece768a70732
O40 - lsass.exe - UPEK Inc. - C:\Program Files\ThinkVantage Fingerprint Software\homefus2.dll - PS QL Logon Kernel - 9203d6f201b763bddd151afe9f880854
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\ACGina.dll - - 9000256b8413765bf238133e116a0bf6
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll - - 2e4775555e0dfb234eb5118283614611
O40 - lsass.exe - Microsoft Corporation - C:\WINDOWS\system32\MSVCP71.dll - Microsoft? C Runtime Library - 561fa2abb31dfa8fab762145f81667c2
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll - - 9f40aad6d6e3fb323edef1552f526495
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll - - 83dc3fd87b8783bedee9415e8e0bf64a
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll - - e1168551ab048893bfe644b8563e65c7
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll - - 3e8da280f8daa16f12952d841867bdea
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll - - cdbea1b2fd698d134230ee9d23577296
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll - - fe5c33832bacad43c30c3f10d8f9703e
O40 - lsass.exe - - C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll - - 517c5c51a527390583183b8b9fa7d2ad
O40 - lsass.exe - NEC Corporation - D:\eb\s5spi.dll - SOCKS5 EZClient service provider hooks - 2859add268949b6fe6c5366330fb0f6a
O40 - svchost.exe - NEC Corporation - D:\eb\s5spi.dll - SOCKS5 EZClient service provider hooks - 2859add268949b6fe6c5366330fb0f6a
O40 - svchost.exe - NEC Corporation - D:\eb\s5spi.dll - SOCKS5 EZClient service provider hooks - 2859add268949b6fe6c5366330fb0f6a
O40 - svchost.exe - NEC Corporation - D:\eb\s5spi.dll - SOCKS5 EZClient service provider hooks - 2859add268949b6fe6c5366330fb0f6a
O40 - svchost.exe - NEC Corporation - D:\eb\s5spi.dll - SOCKS5 EZClient service provider hooks - 2859add268949b6fe6c5366330fb0f6a
O40 - Explorer.EXE - Beijing Rising Technology Co., Ltd. - C:\WINDOWS\system32\RavExt.dll - Rising Shell Ext Module - fa20734a7acabcfe9d727fb343da4e8a
O40 - Explorer.EXE - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\AntiSpyware\ieprot.dll - IE Protector - 369c1d78953b00cf8306e7028654092d
O40 - Explorer.EXE - Lenovo Group Limited - C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL - ThinkPad Power Manager Background Monitor and Tray Battery Gauge - fb454ecb2b5846d70a91beedbf31f435
O40 - Explorer.EXE - - C:\PROGRA~1\ThinkPad\UTILIT~1\SC\PWRMGRRT.DLL - - c9b23e6a495179629afcec5f5ae9cb67
O40 - Explorer.EXE - - C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL - - eac0e0fe4d8e2e9779596953358970fe
O40 - Explorer.EXE - Lenovo Group Limited - C:\WINDOWS\system32\PROCHLP.DLL - IPS Helper DLL - eb8b00829956a6db0a483a187e0051ac
O40 - Explorer.EXE - Broadcom Corporation. - C:\WINDOWS\system32\btmmhook.dll - Multimedia Keys Hook DLL - dd1313675117570eb1c8c7de3557a2ec
O40 - Explorer.EXE - - D:\绿色软件\winrar\rarext.dll - - 511d8ec5e4051fdcff72064cb1eb4a00
O40 - Explorer.EXE - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\Rav\RSCOMMON.DLL - Rising Common Function Dynamic Link Library - 58432e6c58f1b4c339adc1a79bf864b6
O40 - Explorer.EXE - Broadcom Corporation. - C:\WINDOWS\system32\btncopy.dll - BTNCopy Module - f25c136b4947586d1cc9c701ecef154c
O40 - Explorer.EXE - Nokia - C:\Program Files\Nokia\Nokia PC Suite 6\PhoneBrowser.dll - Phone Browser - d1d12242118ccef2e2279df2182ca2d6
O40 - Explorer.EXE - Nokia - C:\Program Files\Nokia\Nokia PC Suite 6\PCSCM.dll - PC Suite Common Modules - ca33b4b0aafe8c667b330738c8623a61
O40 - Explorer.EXE - Nokia. - C:\Program Files\PC Connectivity Solution\ConnAPI.DLL - Nokia Connectivity API - 3a42e0ce06b4ad78c07c80a419ad039c
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCP80.dll - Microsoft? C Runtime Library - f33a2734000fc6d3dbae2e1337e2bb1f
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\MSVCP71.dll - Microsoft? C Runtime Library - 561fa2abb31dfa8fab762145f81667c2
O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\MSVCR71.dll - Microsoft? C Runtime Library - 86f1895ae8c5e8b17d99ece768a70732
O40 - Explorer.EXE - - C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll - ACE Context Menu - 649e3ab705eb0f3af213dcd4378515cf
O40 - rundll32.exe - Lenovo Group Limited - C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL - ThinkPad Power Manager Background Monitor and Tray Battery Gauge - fb454ecb2b5846d70a91beedbf31f435
O40 - rundll32.exe - - C:\PROGRA~1\ThinkPad\UTILIT~1\SC\PWRMGRRT.DLL - - c9b23e6a495179629afcec5f5ae9cb67
O40 - rundll32.exe - - C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRIF.DLL - - eac0e0fe4d8e2e9779596953358970fe
O40 - rundll32.exe - Beijing Rising Technology Co., Ltd. - C:\Program Files\Rising\AntiSpyware\ieprot.dll - IE Protector - 369c1d78953b00cf8306e7028654092d
=======================================
O41 - AegisP - IEEE 802.1X Protocol Driver - C:\WINDOWS\system32\drivers\AegisP.sys - (running) - IEEE 802.1X Protocol Driver - Meetinghouse Data Communications - 375eb0b97e3950adef3633c27a82438b
O41 - ANC - IBM Access Connections - ANC - C:\WINDOWS\system32\drivers\ANC.sys - (running) - IBM Access Connections - ANC - IBM Corp. - 11ab185a7af224800bbfb5b836974a17
O41 - BaseTDI - basetdi - C:\WINDOWS\system32\drivers\basetdi.sys - (running) - basetdi - Beijing Rising Technology Co., Ltd. - 0064810c1b03f2c889130b669a4ce937
O41 - btaudio - Bluetooth Audio Device - C:\WINDOWS\system32\drivers\btaudio.sys - (running) - Bluetooth Audio Device - Broadcom Corporation. - f9457b95d98e5dda90f8efca98a1c7fa
O41 - BTKRNL - Bluetooth Bus Enumerator - C:\WINDOWS\system32\drivers\btkrnl.sys - (running) - Bluetooth Bus Enumerator - Broadcom Corporation. - 62c53cc7d8fc4848bb7a492faa2edef4
O41 - DLABOIOM - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLABOIOM.SYS - (running) - Drive Letter Access Component - Sonic Solutions - efae981c8ba3dad4103a76bcb5955b07
O41 - DLACDBHM - Shared Driver Component - C:\WINDOWS\system32\drivers\DLACDBHM.SYS - (running) - Shared Driver Component - Sonic Solutions - 8d45ac148fd8c1a25204aeca1397fa7e
O41 - DLADResN - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLADResN.SYS - (running) - Drive Letter Access Component - Sonic Solutions - edf7dc4b48e206af188d4841152be53f
O41 - DLAIFS_M - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLAIFS_M.SYS - (running) - Drive Letter Access Component - Sonic Solutions - 2aef49904bde7398d0f09b6a603738ef
O41 - DLAOPIOM - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLAOPIOM.SYS - (running) - Drive Letter Access Component - Sonic Solutions - 46fa268a829384256179f4ccb6eb308f
O41 - DLAPoolM - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLAPoolM.SYS - (running) - Drive Letter Access Component - Sonic Solutions - 26e89839af248625a4e7c4cf5873375d
O41 - DLARTL_N - Shared Driver Component - C:\WINDOWS\system32\drivers\DLARTL_N.SYS - (running) - Shared Driver Component - Sonic Solutions - 94accf8f7b87fbeaa27266927319e6ba
O41 - DLAUDFAM - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLAUDFAM.SYS - (running) - Drive Letter Access Component - Sonic Solutions - 5e914bd7f68dde3fb4bffe005162c1e6
O41 - DLAUDF_M - Drive Letter Access Component - C:\WINDOWS\system32\DLA\DLAUDF_M.SYS - (running) - Drive Letter Access Component - Sonic Solutions - 8c3cfb22a7fb3be67e0c321fa10b8b50
O41 - DRVMCDB - Device Driver - C:\WINDOWS\system32\drivers\DRVMCDB.SYS - (running) - Device Driver - Sonic Solutions - ab6c5c26fff9b3c456aeaf7e0093c2fe
O41 - DRVNDDM - Device Driver Manager - C:\WINDOWS\system32\drivers\DRVNDDM.SYS - (running) - Device Driver Manager - Sonic Solutions - 4a307ade1638d9358b6eb90076481cc6
O41 - ExpScaner - ExpScan.sys - C:\PROGRAM FILES\Rising\Rav\ExpScan.sys - (running) - ExpScan.sys - - 5a690926c7181d5c0b2721016442c9c3
O41 - HookCont - HookCont - C:\PROGRAM FILES\Rising\Rav\HookCont.sys - (running) - HookCont - Rising - 3926cb7b005564bc77d6b40235c53817
O41 - HookReg - HookReg - C:\PROGRAM FILES\Rising\Rav\HOOKREG.sys - (running) - - - 997c395147f8e5b3f714bdd112fe8945
O41 - HookSys - Hooksys - C:\PROGRAM FILES\Rising\Rav\HookSys.sys - (running) - Hooksys - Rising - 265b67f85db6226f2439e13e7c1fa8bf
O41 - HookUrl - HookUrl - C:\Program Files\Rising\Rfw\HookUrl.sys - (running) - HookUrl - Beijing Rising Technology Co., Ltd. - 93768ab1e576eef2de107eddbc586e9b
O41 - IBMTPCHK - IBMTPCHK - C:\WINDOWS\system32\drivers\IBMBLDID.sys - (running) - - - bfc9f3adaad74e13f9ce16c8bd336f95
O41 - MEMSCAN - MemScan Driver - C:\PROGRAM FILES\Rising\Rav\MemScan.sys - (running) - MemScan Driver - 瑞星软件有限公司 - 9811b256023dd985cbc5bad790e5bb84
O41 - mProcRs - Rising Personal FireWall mprocrs.sys - c:\program files\Rising\Rfw\mProcRs.sys - (running) - Rising Personal FireWall mprocrs.sys - Beijing Rising Technology Co., Ltd. - f19fe6ccade903d285208247056daf6a
O41 - npkcrypt - nProtect KeyCrypt Driver - D:\qq\npkcrypt.sys - (running) - nProtect KeyCrypt Driver - INCA Internet Co., Ltd. - 8bcb281a2540e7aff0cd00f9878fe21f
O41 - oreans32 - oreans32 - C:\WINDOWS\system32\drivers\oreans32.sys - (running) - - - aad837bf3b475092fd515cd0842334e9
O41 - PMEM - Physical Memory Driver - C:\WINDOWS\system32\drivers\PMEMNT.SYS - (running) - Physical Memory Driver - Microsoft Corporation - fa292805788528c083f416e151b60ab6
O41 - PROCDD - IPS Helper Driver - C:\WINDOWS\system32\drivers\PROCDD.SYS - (running) - IPS Helper Driver - Lenovo Group Limited - 6f9e6e874fd74ee6dd0bbecde9d3f795
O41 - PxHelp20 - Px Engine Device Driver for Windows 2000/XP - C:\WINDOWS\system32\drivers\pxhelp20.sys - (running) - Px Engine Device Driver for Windows 2000/XP - Sonic Solutions - 183ef96bcc2ec3d5294cb2c2c0ecbcd1
O41 - RsAntiSpyware - RsBoot - C:\WINDOWS\system32\drivers\RsBoot.sys - (running) - RsBoot - Beijing Rising - c79cf8d2f5225a2216fe3b91ceb8b225
O41 - RsFwDrv - nt_fwdrv - C:\Program Files\Rising\Rfw\rsfwdrv.sys - (running) - nt_fwdrv - Beijing Rising Technology Co., Ltd. - 1869e55cfacff0ff786d4ba6d2340ee2
O41 - RsNTGDI - RsNTGDI - C:\WINDOWS\system32\drivers\RsNTGdi.sys - (running) - RsNTGDI - Beijing Rising Technology Co., Ltd. - 17214e7b192cb93ff014fca1484b97ad
O41 - RSPPSYS - RSPPSYS.SYS - C:\PROGRAM FILES\Rising\Rav\rsppsys.sys - (running) - RSPPSYS.SYS - Rising - f38c10d8c21626a4878ea16717e971fa
O41 - s24trans - Intel WLAN Packet Driver - C:\WINDOWS\system32\drivers\s24trans.sys - (running) - Intel WLAN Packet Driver - Intel Corporation - e6a330f5ebc184aef5ca8f1953ca08d2
O41 - Smapint - SMAPI I/O - C:\WINDOWS\system32\drivers\SMAPINT.SYS - (running) - SMAPI I/O - Microsoft Corporation - 26341d0dd225d19fd50e0ee3c3c77502
O41 - smihlp - SMI helper driver - C:\Program Files\ThinkVantage Fingerprint Software\smihlp.sys - (running) - SMI helper driver - UPEK Inc. - 3eee2c9a0b3ae9ae0e828c76d910c4f7
O41 - TDSMAPI - TDSMAPI - C:\WINDOWS\system32\drivers\TDSMAPI.SYS - (running) - - - 564b337034271b7bddcabfddc91c6b7a
O41 - TPPWRIF - TPPWRIF - C:\WINDOWS\system32\drivers\TPPWRIF.SYS - (running) - - - 44672de6cea9569c21c4b7a8d2560750
O41 - TSMAPIP - TSMAPIP - C:\WINDOWS\system32\drivers\TSMAPIP.SYS - (running) - - - f2aba3066d7921d7fcdbd66dea88be11
O41 - BTDriver - Bluetooth BTPORT Driver for Windows 2000 - C:\WINDOWS\system32\drivers\btport.sys - (not running) - Bluetooth BTPORT Driver for Windows 2000 - Broadcom Corporation. - 3944041e640710afffaec52b7957ef5d
O41 - BTWDNDIS - Bluetooth LAN Access Server Driver - C:\WINDOWS\system32\drivers\btwdndis.sys - (not running) - Bluetooth LAN Access Server Driver - Broadcom Corporation. - 054ee206461237e3399708ea4543138f
O41 - BTWUSB - Driver for Bluetooth USB Devices - C:\WINDOWS\system32\drivers\btwusb.sys - (not running) - Driver for Bluetooth USB Devices - Broadcom Corporation. - 8fe038caf82e18260e8230a9bb8b98ab
O41 - netpasadapter1 - Netpas Win32 Virtual Network Driver - C:\WINDOWS\system32\drivers\netpas.sys - (not running) - Netpas Win32 Virtual Network Driver - Netpas - ccb91d17c78ac1a9e1a5065eb2f6e7e0
O41 - UIUSys - UIUSys - C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS - (not running) - - -
=======================================
360Safe.exe=3.2.1.1002
AntiAdwa.dll=3.2.0.1001
AntiEng.dll=3.0.2.2000
AntiActi.dll=2.0.0.3000
CleanHis.dll=3.0.2.1000
safelive.exe=1.0.0.2007
live.dll=1.0.0.1011
=======================================
操作历史报告:
=======================================