[CODE] 2008-08-05,09:30:52 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) - Administrators ======================================== 注册项 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [Microsoft Corporation, 1.0.0129.0, C:2004-10-20 21:24 M:2004-10-20 21:24] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [BIGDOG, 4, 2, 610, 4, C:2006-06-29 21:17 M:2004-06-09 15:37] <"C:\Program Files\PC Tools AntiVirus\PCTAV.exe" /MONITORSCAN> [(Verified)PC Tools Research Pty Ltd, 4, 0, 0, 26, C:2008-05-05 20:46 M:2008-03-05 09:37] <360Safetray> [(Verified)奇虎网, 4, 1, 8, 1004, C:2008-07-04 16:06 M:2008-07-04 16:06] <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)360安全中心, 2, 1, 1, 1002, C:2008-06-11 22:48 M:2008-06-11 22:48] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2008-05-05 20:59 M:2007-12-10 14:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2008-05-05 20:59 M:2007-12-10 14:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\江汉地区便民 供求 招聘 出租 进入江汉百事通] <> [N/A, C:2006-01-04 00:21 M:2006-01-04 00:21] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2008-06-30 17:14 M:2008-06-30 17:14] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00|(Verified)N/A, C:2005-12-15 00:00 M:2005-12-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00|(Verified)N/A, C:2005-12-15 00:00 M:2005-12-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00|(Verified)N/A, C:2006-06-29 20:59 M:2005-01-28 15:25] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1FBA04EE-3024-11D2-8F1F-0000F87ABD16}] <江汉伴侣> [] ======================================== 启动项 ======================================== 计划任务 ======================================== 组件 Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-06-29 20:32 M:2005-12-15 08:00] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2006-06-29 21:04 M:2005-10-20 08:18] [Microsoft Office Binder Unbind] {59850401-6664-101B-B21C-00AA004BA90B} [Microsoft Corporation, 9.0.2720, C:1999-04-29 04:46 M:1999-04-29 04:46] Protocols [] {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC} [酷狗, 5.1.2.0, C:2008-05-25 03:22 M:2008-05-06 14:28] BrowserHelperObject [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 74, C:2008-07-13 19:43 M:2008-02-20 14:57] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] ActiveX Extension [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [(Verified)360.cn, 1, 0, 1, 1027, C:2008-04-09 17:07 M:2008-04-09 17:07] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 74, C:2008-07-13 19:43 M:2008-02-20 14:57] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} [(Verified)深圳腾讯科技, 3, 1, 163, 202, C:2007-05-20 16:38 M:2007-05-20 16:38] Context Menu [PCTAVShellExtension] {AEEAEC2D-7EE9-4C66-937C-80BF8B03FD54} [(Verified)PC Tools Research Pty Ltd, 1.0.0.4, C:2008-05-05 20:46 M:2008-03-05 08:37] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2006-06-29 21:04 M:2005-10-20 08:18] ======================================== 服务 [Help and Support / helpsvc][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] [System Restore Service / srservice][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\srsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] [User Profile Hive Cleanup / UPHClean][Running/Auto Start] [Microsoft Corporation, 1.5.5.21, C:2004-03-05 00:45 M:2004-03-05 00:45] [PC Tools AntiVirus Engine / PCTAVSvc][Running/Auto Start] <"C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe"> [(Verified)PC Tools Research Pty Ltd, 4, 0, 0, 26, C:2008-05-05 20:46 M:2008-03-05 08:37] ======================================== 驱动 [EagleNT / EagleNT][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys> [] [npkcrypt / npkcrypt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkcrypt.sys> [] [npkycryp / npkycryp][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkycryp.sys> [] [sisidex / sisidex][Running/Boot Start] [Windows (R) 2000 DDK provider, 5.1.2600.0 built by: WinDDK, C:2006-06-29 21:09 M:2002-05-28 16:21] [Add Performance Filter Driver / sisperf][Running/Boot Start] [Silicon Integrated Systems Corp., 2.02.03.00 built by: WinDDK, C:2006-06-29 21:09 M:2002-08-20 17:19] [System Restore Filter Driver / sr][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sr.sys> [] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_qfe.080620-1259), C:2005-12-15 00:00 M:2008-06-20 18:44] [Teclast WE PC Camera / ZSMC301b][Running/Manual Start] [VM, 4.2.1010.41, C:2006-06-29 21:17 M:2004-10-15 14:11] [AVFilter / AVFilter][Running/Auto Start] [(Verified)PC Tools Research Pty Ltd, 1, 3, 0, 0, C:2008-05-05 20:46 M:2008-02-12 10:44] [AVHook / AVHook][Running/Manual Start] [(Verified)PC Tools Research Pty Ltd., 3.00.012 Build 012, C:2008-05-05 20:46 M:2007-12-06 15:51] [AVRec / AVRec][Running/Manual Start] [(Verified)PC Tools Research Pty Ltd , 3.00.012 Build 012, C:2008-05-05 20:46 M:2007-12-06 15:51] [HSFHWBS2 / HSFHWBS2][Running/Manual Start] [(Verified)Conexant Systems, Inc., 7.12.09, C:2006-06-29 20:29 M:2004-08-03 22:41] [HSF_DP / HSF_DP][Running/Manual Start] [(Verified)Conexant Systems, Inc., 7.12.09, C:2006-06-29 20:29 M:2004-08-03 22:41] [mdmxsdk / mdmxsdk][Running/Auto Start] [(Verified)Conexant, 1.0.2.006, C:2006-06-29 20:29 M:2004-08-03 22:41] [nv / nv][Running/Manual Start] [(Verified)NVIDIA Corporation, 6.14.10.5673, C:2006-06-29 20:29 M:2004-08-03 22:29] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2005-12-15 00:00 M:2005-12-15 00:00] [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start] [(Verified)Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK, C:2006-06-29 20:28 M:2004-08-03 22:31] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys> [(Verified)360安全中心, 2, 2, 1, 1001, C:2008-06-06 18:31 M:2008-06-06 18:31] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2005-12-15 00:00 M:2007-11-13 18:25] [Service for AC'97 Sample Driver (WDM) / SiS7012][Running/Manual Start] [(Verified)Silicon Integrated Systems Corporation, 5.10.00.6080, C:2006-06-29 21:14 M:2002-09-17 13:46] [SiS AGP Filter / sisagp][Running/Boot Start] [(Verified)Silicon Integrated Systems Corporation, 7.1.12.03 built by: WinDDK, C:2006-06-29 21:10 M:2002-09-26 14:41] [SiSide / SiSide][Running/Boot Start] [(Verified)Silicon Integrated Systems Corp., 2.02.01.00 built by: WinDDK, C:2006-06-29 21:09 M:2002-07-30 16:46] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [(Verified)TENCENT, 0, 0, 8, 2, C:2008-07-13 20:13 M:2008-08-04 21:59] [winachsf / winachsf][Running/Manual Start] [(Verified)Conexant Systems, Inc., 7.12.09 built by: WinDDK, C:2006-06-29 20:29 M:2004-08-03 22:41] ======================================== 进程 [PID: 432 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] [PID: 484 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] [PID: 508 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] [PID: 552 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] [PID: 564 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] [PID: 712 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] [PID: 772 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] [PID: 856 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] [PID: 912 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] [PID: 952 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] [PID: 1036 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2005-12-15 00:00 M:2005-06-11 07:53] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] [PID: 1316 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 18, C:2008-05-05 20:58 M:2008-04-07 15:46] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-05-05 20:58 M:2008-04-07 15:46] C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] C:\Program Files\WinRAR\rarext.dll [N/A, C:2006-06-29 21:04 M:2005-10-20 08:18] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2004-08-16 16:38] [PID: 1620 / Administrator] C:\WINDOWS\VM_STI.EXE [BIGDOG, 4, 2, 610, 4, C:2006-06-29 21:17 M:2004-06-09 15:37] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\VM31bPrp.Ax [Vimicro, 1.00.01.00, C:2006-06-29 21:17 M:2004-08-31 13:26] [PID: 1648 / Administrator] C:\Program Files\PC Tools AntiVirus\PCTAV.exe [(Verified)PC Tools Research Pty Ltd, 4, 0, 0, 26, C:2008-05-05 20:46 M:2008-03-05 09:37] C:\Program Files\PC Tools AntiVirus\xerdom.dll [(Verified)N/A, C:2008-05-05 20:46 M:2007-12-06 15:51] C:\Program Files\PC Tools AntiVirus\Xerces.dll [(Verified)Apache Software Foundation, 2, 7, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] C:\Program Files\PC Tools AntiVirus\Language\Language.dll [(Verified)N/A, C:2008-05-05 20:46 M:2008-03-05 08:37] [PID: 1704 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] [PID: 1732 / Administrator] C:\Program Files\Microsoft Chinese Date & Time\ICalClk.exe [Microsoft Corporation, 1.0.0129.0, C:2004-10-20 21:24 M:2004-10-20 21:24] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] [PID: 1860 / SYSTEM] C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe [(Verified)PC Tools Research Pty Ltd, 4, 0, 0, 26, C:2008-05-05 20:46 M:2008-03-05 08:37] C:\Program Files\PC Tools AntiVirus\xerdom.dll [(Verified)N/A, C:2008-05-05 20:46 M:2007-12-06 15:51] C:\Program Files\PC Tools AntiVirus\Xerces.dll [(Verified)Apache Software Foundation, 2, 7, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] C:\Program Files\PC Tools AntiVirus\PCTCFilter.dll [(Verified)Copyright (C) 2007, 1, 0, 10, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] C:\Program Files\PC Tools AntiVirus\engine.dll [(Verified)PC Tools Research Pty Ltd, 4.4.5, C:2008-05-05 20:46 M:2007-12-06 15:51] C:\Program Files\PC Tools AntiVirus\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-05-05 20:46 M:2007-09-17 12:33] C:\Program Files\PC Tools AntiVirus\refdb.dll [(Verified)N/A, C:2008-05-05 20:46 M:2007-12-06 15:51] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] [PID: 1988 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] [PID: 2004 / SYSTEM] C:\Program Files\UPHClean\uphclean.exe [Microsoft Corporation, 1.5.5.21, C:2004-03-05 00:45 M:2004-03-05 00:45] [PID: 3912 / Administrator] D:\清理助手\arswp2\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 0, 728, C:2008-08-05 07:56 M:2008-07-29 22:36] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2004-08-16 16:38] D:\清理助手\arswp2\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-08-05 07:56 M:2007-11-28 15:19] [PID: 3932 / Administrator] D:\Program Files\Tencent\QQ\QQ.exe [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:50 M:2007-07-01 08:50] D:\Program Files\Tencent\QQ\QQBaseClassInDll.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\QQHelperDll.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\BasicCtrlDll.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:52 M:2007-07-01 08:52] D:\Program Files\Tencent\QQ\MFC42.DLL [Microsoft Corporation, 6.00.8665.0, C:2006-08-31 20:09 M:2006-08-31 20:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] D:\Program Files\Tencent\QQ\RICHED32.DLL [Microsoft Corporation, 5.00.2134.1, C:2006-08-31 20:09 M:2006-08-31 20:09] D:\Program Files\Tencent\QQ\RICHED20.dll [Microsoft Corporation, 5.31.23.1218, C:2006-08-31 20:09 M:2006-08-31 20:09] D:\Program Files\Tencent\QQ\QQAPI.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\LoginCtrl.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:50 M:2007-07-01 08:50] D:\Program Files\Tencent\QQ\LoginCtrlRes.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:50 M:2007-07-01 08:50] D:\Program Files\Tencent\QQ\QQRes.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\QQMainFrame.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\UnReadMsgMgr.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:52 M:2007-07-01 08:52] D:\Program Files\Tencent\QQ\QQPlugin.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\QQAllInOne.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:50 M:2007-07-01 08:50] D:\Program Files\Tencent\QQ\SCCore.dll [(Verified)TENCENT, 1, 6, 0, 2, C:2007-07-01 08:52 M:2007-07-01 08:52] D:\Program Files\Tencent\QQ\CameraDll.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:52 M:2007-07-01 08:52] D:\Program Files\Tencent\QQ\CQQApplication.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-25 15:26 M:2007-07-25 15:26] D:\Program Files\Tencent\QQ\FlashAvatarDll.dll [(Verified)版权所有 (C) 2008, 1, 0, 0, 1, C:2007-07-01 08:50 M:2007-07-01 08:50] D:\Program Files\Tencent\QQ\NewSkin.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:50 M:2007-07-01 08:50] D:\Program Files\Tencent\QQ\MailSummary.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:50 M:2007-07-01 08:50] D:\Program Files\Tencent\QQ\QQSpace.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\vbscript.dll [Microsoft Corporation, 5.6.0.7426, C:2006-08-31 20:09 M:2006-08-31 20:09] C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] D:\Program Files\Tencent\QQ\msdmo.dll [(Verified)N/A, C:2007-12-29 12:13 M:2007-12-29 12:13] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] D:\Program Files\Tencent\QQ\OEMApplication.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:50 M:2007-07-01 08:50] D:\Program Files\Tencent\QQ\QQAvatar.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-24 11:12 M:2007-07-24 11:12] D:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\QQGroupMng.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\QQPet.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\UserDefinedHead.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:52 M:2007-07-01 08:52] D:\Program Files\Tencent\QQ\QQSysMsgMng.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-08-01 16:42 M:2007-08-01 16:42] D:\Program Files\Tencent\QQ\QQConfigPlugin.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\QQCustomFace.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\QRingMng.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\LongConnection.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:53 M:2007-07-01 08:53] D:\Program Files\Tencent\QQ\PhoneAPI.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:50 M:2007-07-01 08:50] D:\Program Files\Tencent\QQ\DialerAllinOne.dll [(Verified)tencent, 1, 4, 0, 0, C:2007-07-01 08:50 M:2007-07-01 08:50] D:\Program Files\Tencent\QQ\QQOneClick.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\GroupConnection.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:52 M:2007-07-01 08:52] D:\Program Files\Tencent\QQ\BQQApplication.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:50 M:2007-07-01 08:50] D:\Program Files\Tencent\QQ\CommercesMng.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:50 M:2007-07-01 08:50] D:\Program Files\Tencent\QQ\PersonalDesktop.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:53 M:2007-07-01 08:53] D:\Program Files\Tencent\QQ\QQAddr.dll [(Verified)深圳市腾讯计算机系统有限公司, 5, 0, 101, 330, C:2007-07-01 08:53 M:2007-07-01 08:53] D:\Program Files\Tencent\QQ\ImageOle.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:52 M:2007-07-01 08:52] D:\Program Files\Tencent\QQ\QQSceneMng.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] D:\Program Files\Tencent\QQ\QQLiveQMng.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2004-08-16 16:38] D:\Program Files\Tencent\QQ\AddrSearch.dll [(Verified)腾讯科技(深圳)有限公司, 2, 2, 1, 15, C:2007-07-01 08:49 M:2008-07-29 10:28] D:\Program Files\Tencent\QQ\QQFileTransfer.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:53 M:2007-07-01 08:53] D:\Program Files\Tencent\QQGame\GamePublic.dll [(Verified)N/A, C:2008-01-11 09:05 M:2008-01-11 09:05] D:\Program Files\Tencent\QQGame\Common\Utility.dll [(Verified)N/A, C:2008-01-11 09:05 M:2008-01-11 09:05] D:\Program Files\Tencent\QQGame\Factory.dll [(Verified)N/A, C:2008-01-11 09:05 M:2008-01-11 09:05] D:\Program Files\Tencent\QQGame\Logic\UIStyle.dll [(Verified)N/A, C:2008-01-11 09:06 M:2008-01-11 09:06] D:\Program Files\Tencent\QQGame\ProtHand\QQProt.dll [(Verified)N/A, C:2008-01-11 09:06 M:2008-01-11 09:06] D:\Program Files\Tencent\QQGame\Socket\NetMod.dll [(Verified)N/A, C:2008-01-11 09:06 M:2008-01-11 09:06] D:\Program Files\Tencent\QQGame\ProtHand\BaseProt.dll [(Verified)N/A, C:2008-01-11 09:06 M:2008-01-11 09:06] D:\Program Files\Tencent\QQGame\ProtHand\ScatProt.dll [(Verified)N/A, C:2008-01-11 09:06 M:2008-01-11 09:06] D:\Program Files\Tencent\QQGame\Common\Compress.dll [(Verified)N/A, C:2008-01-11 09:05 M:2008-01-11 09:05] D:\Program Files\Tencent\QQ\QQMagicFace.dll [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:51 M:2007-07-01 08:51] [PID: 4088 / Administrator] D:\Program Files\Tencent\QQ\TXPlatform.exe [(Verified)Tencent, 1, 5, 225, 0, C:2008-05-20 17:53 M:2008-05-20 17:53] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] [PID: 1244 / Administrator] D:\Program Files\Tencent\QQ\QQMusic.exe [(Verified)Tencent, 7, 19, 170, 202, C:2007-07-28 15:19 M:2007-07-28 15:19] D:\Program Files\Tencent\QQ\MFC42.DLL [Microsoft Corporation, 6.00.8665.0, C:2006-08-31 20:09 M:2006-08-31 20:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] D:\Program Files\Tencent\QQ\QQMusicPlayer.dll [(Verified)Tencent, 1, 6, 55, 207, C:2007-07-28 15:19 M:2007-07-28 15:19] D:\Program Files\Tencent\QQ\QQMediaPlayer.dll [(Verified)Tencent, 1, 6, 55, 207, C:2007-07-28 15:19 M:2007-07-28 15:19] D:\Program Files\Tencent\QQ\msdmo.dll [(Verified)N/A, C:2007-12-29 12:13 M:2007-12-29 12:13] D:\Program Files\Tencent\QQ\QQMusicUI.dll [(Verified)Tencent, 7, 19, 170, 202, C:2007-07-29 14:37 M:2007-07-29 14:37] D:\Program Files\Tencent\QQ\riched20.dll [Microsoft Corporation, 5.31.23.1218, C:2006-08-31 20:09 M:2006-08-31 20:09] D:\Program Files\Tencent\QQ\QQMusicSkin.dll [(Verified)Copyright 2007, 3, 1, 103, 70, C:2007-07-18 20:25 M:2007-07-18 20:25] D:\Program Files\Tencent\QQ\VBScript.dll [Microsoft Corporation, 5.6.0.7426, C:2006-08-31 20:09 M:2006-08-31 20:09] C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2004-08-16 16:38] D:\Program Files\Tencent\QQ\vqqsdl.dll [(Verified)Tencent Technology (Shenzhen) Company Limited, 3, 15, 160, 216, C:2007-07-18 20:25 M:2007-07-18 20:25] D:\Program Files\Tencent\QQ\TNProxy.dll [Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 10, C:2006-08-31 20:12 M:2006-08-31 20:12] D:\Program Files\Tencent\QQ\QQMusicDldEx.dll [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 2, 84, 84, C:2008-04-02 16:16 M:2008-04-02 16:16] D:\Program Files\Tencent\QQ\LyricDisp.dll [(Verified)Tencent, 1, 0, 102, 34, C:2007-07-18 20:24 M:2007-07-18 20:24] D:\Program Files\Tencent\QQ\QQMusicAddin\qmp_mp3.dll [(Verified)Tencent, 1, 4, 53, 205, C:2007-07-28 15:19 M:2007-07-28 15:19] [PID: 904 / Administrator] c:\Temp\gpatch.exe [Netease, 1.0.0.1, C:2008-08-04 22:12 M:2008-08-04 22:13] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] C:\Program Files\Common Files\PC Tools\Lsp\PCTLsp.dll [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] [PID: 2812 / Administrator] C:\WINDOWS\system32\conime.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2005-12-15 00:00 M:2005-12-15 00:00] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 PCTOOLS over [MSAFD Tcpip [TCP/IP]] [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] PCTOOLS over [MSAFD Tcpip [UDP/IP]] [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] PCTOOLS over [MSAFD Tcpip [RAW/IP]] [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] PCTOOLS CONTENT FILTER PROVIDER [(Verified)PC Tools Research Pty Ltd., 1, 0, 88, 0, C:2008-05-05 20:46 M:2007-12-06 15:51] ======================================== HOSTS 127.0.0.1 localhost 127.0.0.1 yu.8s7.net 127.0.0.1 2.joppnqq.com 127.0.0.1 1.joppnqq.com 127.0.0.1 1.jopenqc.com 127.0.0.1 xxx.vh7.biz 127.0.0.1 3.joppnqq.com 127.0.0.1 www.868wg.com 127.0.0.1 ilove.com 127.0.0.1 www.tomwg.com 127.0.0.1 www.22aaa.com 127.0.0.1 new.749571.com 127.0.0.1 cao.kv8.info 127.0.0.1 171817.171817.com 127.0.0.1 down.malasc.cn 127.0.0.1 nx.51ylb.cn 127.0.0.1 qqq.dzydhx.com 127.0.0.1 www.333292.com 127.0.0.1 up.22x44.com 127.0.0.1 bad.tqdlt.cn 127.0.0.1 c3.aishangai.net 127.0.0.1 xxx.188dm.com 127.0.0.1 d1.163500.net 127.0.0.1 gxgxy.net [/CODE]