[CODE]

2008-08-10,13:28:38

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
注册项

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\ 添加到新浪点点通阅读器]
    <><res://D:\软件\百兆音乐\RssReader\rssreader.exe/RSSFEED.js>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用iTudou下载节目]
    <><D:\软件\it\iTudou\iTudou_Link.HTM>  [N/A, C:2007-03-22 10:28 M:2007-03-22 10:28]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用VV下载]
    <><D:\软件\vv\FreeVV\geturl.htm>  [N/A, C:2008-03-15 22:15 M:2007-12-13 15:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用WEB迅雷下载]
    <><D:\软件\Web迅雷\GetUrl.htm>  [N/A, C:2007-10-12 18:49 M:2007-10-12 18:49]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用WEB迅雷下载全部链接]
    <><D:\软件\Web迅雷\GetAllUrl.htm>  [N/A, C:2006-09-13 16:49 M:2006-09-13 16:49]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><D:\软件\迅雷\Program\geturl.htm>  [N/A, C:2008-03-09 16:19 M:2008-06-13 09:55]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><D:\软件\迅雷\Program\getallurl.htm>  [N/A, C:2008-03-09 16:19 M:2008-06-13 09:55]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\在Foxmail中添加该RSS频道/频道组]
    <><res://C:\WINDOWS\system32\fmrsslink.dll/201>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://D:\软件\OFFICE\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><D:\软件\QQ\AddEmotion.htm>  [N/A, C:2008-01-04 09:17 M:2008-01-04 09:17]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52|(Verified)Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732), C:2004-08-04 08:52 M:2008-04-23 12:16|(Verified)N/A, C:2004-08-04 08:48 M:2004-08-04 08:48]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52|(Verified)Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732), C:2004-08-04 08:52 M:2008-04-23 12:16|(Verified)N/A, C:2004-08-04 08:48 M:2004-08-04 08:48]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52|(Verified)Microsoft Corporation, 7.00.6000.16674 (vista_gdr.080415-1732), C:2004-08-04 08:52 M:2008-04-23 12:16|(Verified)N/A, C:2004-08-04 08:48 M:2004-08-04 08:48]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}]
    <启动迅雷5><D:\软件\迅雷\Thunder.exe>  [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-03-09 16:19 M:2008-07-10 21:15]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{95B3F550-91C4-4627-BCC4-521288C52977}]
    <PPLive><D:\软件\pplive 播放\PPLive\PPLive.exe>  [(Verified)N/A, C:2007-11-18 22:40 M:2007-03-16 13:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{962EFB8E-2683-42d4-AC74-AAA4C759B9C6}]
    <启动WEB迅雷><http://my.xunlei.com>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avast.exe]
    <><IFEOFILE>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe]
    <><IFEOFILE>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe]
    <><IFEOFILE>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\guard.exe]
    <><IFEOFILE>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\kav.exe]
    <><IFEOFILE>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\KVXP.exe]
    <><IFEOFILE>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sched.exe]
    <><IFEOFILE>  []


========================================
启动项

[Adobe Gamma]
    <C:\Documents and Settings\张炳楠\「开始」菜单\程序\启动\Adobe Gamma.lnk --> "C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe"  > [Adobe Systems, Inc., 1, 0, 0, 1, C:2005-03-16 19:16 M:2005-03-16 19:16]
[QQ游戏启动加速程序]
    <C:\Documents and Settings\张炳楠\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> "D:\Program Files\Tencent\QQGAME\Accel.exe"  > [(Verified)深圳市腾讯计算机系统有限公司, 2, 0, 103, 5, C:2008-03-18 18:09 M:2008-03-18 18:09]
[宽带连接]
    <C:\Documents and Settings\张炳楠\「开始」菜单\程序\启动\宽带连接.lnk --> ""  > []
[64SSKW]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\64SSKW.lnk --> "C:\WINDOWS\7EQEJ4ATNKD.exe"  > []
[C1ZYGW1PK1]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\C1ZYGW1PK1.lnk --> "C:\WINDOWS\4FEXE8FV8K.exe"  > []
[EMJMKW2E]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\EMJMKW2E.lnk --> "C:\WINDOWS\D5O0YE0L827X.exe"  > []
[J9VIDNXIQEY7]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\J9VIDNXIQEY7.lnk --> "C:\WINDOWS\43Q165G5VEY.exe"  > []
[K3BZI3B]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\K3BZI3B.lnk --> "C:\WINDOWS\J5QVRD9HU.exe"  > []
[KUJKVCVNEXB]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\KUJKVCVNEXB.lnk --> "C:\WINDOWS\KO70D4.exe"  > []
[N3AKH]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\N3AKH.lnk --> "C:\WINDOWS\S2L08HTHS94D.exe"  > []
[NOZ3YGUW]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\NOZ3YGUW.lnk --> "C:\WINDOWS\EYWIB3FW.exe"  > []
[O85YOYIX]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\O85YOYIX.lnk --> "C:\WINDOWS\CBDDNKZEXJO.exe"  > []
[PD6NH294XJCJ]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\PD6NH294XJCJ.lnk --> "C:\WINDOWS\6M78SRJ5.exe"  > []
[PNSTDAXIK56M]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\PNSTDAXIK56M.lnk --> "C:\WINDOWS\HHP5U6HVEMW8.exe"  > []
[RVP7CJLZDZK]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\RVP7CJLZDZK.lnk --> "C:\WINDOWS\I1EOY.exe"  > []
[W3FTE37IW2NZ]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\W3FTE37IW2NZ.lnk --> "C:\WINDOWS\P0S2S0U49M.exe"  > []
[Y7PAGI9]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\Y7PAGI9.lnk --> "C:\WINDOWS\BS310W.exe"  > []
[ZHCRSPQY8SI]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\ZHCRSPQY8SI.lnk --> "C:\WINDOWS\YDJ4Z.exe"  > []


========================================
计划任务

[AppleSoftwareUpdate.job]
    <C:\WINDOWS\tasks\AppleSoftwareUpdate.job --> "C:\Program Files\Apple Software Update\SoftwareUpdate.exe" -task > [(Verified)Apple Inc., 2.1.0.110, C:2008-04-11 17:57 M:2008-04-11 17:57]


========================================
组件


Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2007-11-26 11:59 M:2004-06-06 14:13]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <D:\软件\WinRAR\rarext.dll>  [N/A, C:2007-11-26 17:51 M:2007-09-23 18:59]
[DllRegShlExt extension]
    {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C}  <C:\WINDOWS\system32\TudouUpload.dll>  [www.Tudou.com, 1.1.0.0, C:2007-01-24 18:07 M:2007-01-24 18:07]
[iTunes]
    {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}  <D:\软件\iTunes\iTunesMiniPlayer.dll>  [(Verified)Apple Inc., 7.7.0.43, C:2008-07-10 10:51 M:2008-07-10 10:51]

Protocols
[Microsoft Infotech Storage Protocol for IE 4.0]
    {0A9007C0-4076-11D3-8789-0000F8105754}  <C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL>  [Microsoft Corporation, 05.02.9336.01, C:2000-04-19 18:47 M:2000-04-19 18:47]

BrowserHelperObject
[WebThunder Browser Helper]
    {00000AAA-A363-466E-BEF5-9BB68697AA7F}  <D:\软件\Web迅雷\WebThunderBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 75, C:2007-11-20 14:29 M:2008-02-23 10:09]
[ThunderAtOnce Class]
    {01443AEC-0FD1-40fd-9C87-E93D1494C233}  <D:\软件\迅雷\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-03-09 16:20 M:2008-06-13 09:43]
[Adobe PDF Reader Link Helper]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}  <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll>  [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08]
[BandIE Class]
    {77FEF28E-EB96-44FF-B511-3185DEA48697}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [Baidu.com, Inc., 2, 0, 2, 175, C:2007-11-07 14:40 M:2008-01-11 11:45]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <D:\软件\迅雷\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2007-11-18 23:08 M:2008-06-13 09:43]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Technology Co., Ltd., 6, 0, 0, 13, C:2008-07-30 12:05 M:2008-07-30 12:05]
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <D:\软件\360安全卫士\360safe\safemon\safemon.dll>  [(Verified)360.CN, 4, 2, 0, 1005, C:2008-02-20 15:16 M:2008-07-10 17:42]
[MiniFlashGetBHO]
    {C74E94A7-B7BD-4891-9328-455395BCC7AD}  <C:\Program Files\FlashGet Network\FlashGet Mini\libMiniBHO.dll>  [(Verified)FlashGet Inc, 1.0.1.1002, C:2008-06-12 11:22 M:2008-06-12 11:22]

ToolBar
[百度工具栏]
    {B580CF65-E151-49C3-B73F-70B13FCA8E86}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [Baidu.com, Inc., 2, 0, 2, 175, C:2007-11-07 14:40 M:2008-01-11 11:45]

ActiveX Extension
[WebThunder Browser Helper]
    {00000AAA-A363-466E-BEF5-9BB68697AA7F}  <D:\软件\Web迅雷\WebThunderBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 75, C:2007-11-20 14:29 M:2008-02-23 10:09]
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <D:\软件\迅雷\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-03-09 16:20 M:2008-06-13 09:43]
[Adobe PDF Reader Link Helper]
    {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}  <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll>  [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08]
[GerneralPeerID Class]
    {0A47E819-F82E-4D5D-B806-6A9EA94D68CD}  <D:\软件\迅雷\Components\InMedia\peerid.dll>  [Copyright 2007, 1, 0, 0, 1, C:2008-03-09 16:19 M:2008-01-24 10:22]
[EWA Control]
    {18226BF8-DC0B-4D81-80E9-A41AE37BB73A}  <D:\软件\PPLIVE~1\PPLive\SYNACA~2.OCX>  [(Verified)Synacast, 1, 9, 0, 2, C:2007-11-18 22:40 M:2008-05-01 03:11]
[iTrusPTA Class]
    {1E0DFFCF-27FF-4574-849B-55007349FEDA}  <C:\WINDOWS\system32\aliedit\pta.dll>  [(Verified)Copyright 2001, 2, 5, 1, 509, C:2007-04-19 18:43 M:2008-04-29 10:36]
[DcciInfo Class]
    {27BEF713-0690-444D-98F5-2BC45501CBB0}  <C:\WINDOWS\system32\ilab.dll>  [www.i-lab.cn, 1.0.0.1, C:2008-04-03 15:16 M:2008-04-03 15:16]
[WebThunder DapPlayer]
    {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555}  <D:\软件\Web迅雷\DownAndPlay\DapPlayer3.0.41.65.428.dll>  [ShenZhen Thunder Networking Technologies Ltd., 3, 0, 41, 65, C:2008-03-09 16:18 M:2007-12-04 11:19]
[RealPlayer RAM Download Handler]
    {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93}  <d:\Program Files\StormII\Codec\rmoc3260.dll>  [(Verified)RealNetworks, Inc., 6.0.9.2568, C:2006-10-18 23:05 M:2006-10-18 23:05]
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <D:\软件\迅雷\ComDlls\ThunderAgent_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-03-09 16:20 M:2008-06-13 09:43]
[IE2EMUrlTaker Class]
    {48618374-565F-4CA0-B8CD-6F496C997FAF}  <D:\软件\eMule\IE2EM.dll>  [(Verified)VeryCD.com, 1.0.0.1, C:2007-11-07 18:25 M:2008-06-27 15:27]
[EditCtrl Class]
    {488A4255-3236-44B3-8F27-FA1AECAA8844}  <C:\WINDOWS\system32\aliedit\aliedit.dll>  [(Verified)Copyright 2007, 2, 1, 2, 1, C:2007-04-19 18:46 M:2008-05-20 10:51]
[PowerPlayer Control]
    {5EC7C511-CD0F-42E6-830C-1BD9882F3458}  <C:\WINDOWS\system32\stsys\POWERP~1.DLL>  []
[XMP Class]
    {6483F145-A768-4C41-AACC-52D4D7845851}  <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work>  [Copyright XunLei 2007, 2, 1, 2, 77, C:2007-12-01 18:31 M:2008-08-04 12:58]
[XDRM]
    {693571CB-54A3-4E90-9D52-EEAE1334E2D3}  <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work>  [Copyright XunLei 2007, 1, 0, 0, 7, C:2007-12-01 18:31 M:2008-08-04 12:58]
[StormPlayer Object]
    {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB}  <d:\Program Files\StormII\mps.dll>  [(Verified)北京暴风网际科技有限公司, 3, 8, 6, 23, C:2008-04-25 18:22 M:2008-07-02 15:44]
[Plugin Class]
    {6FE2FC9F-1203-4688-8764-2D2314579F84}  <C:\WINDOWS\Downloaded Program Files\JerquePlug.dll>  [Copyright 2008, 1, 0, 0, 1, C:2008-03-26 19:49 M:2008-03-26 19:49]
[PPMedia Class]
    {72B15B25-2EC8-4CDD-B284-C89A5F8E8D5F}  <D:\软砑件㘎\新陆建ㄎ文募件夹衆\PPMate\ppmplayer.dll>  []
[MediaComm Class]
    {7670648D-461B-42AF-BDFE-46D26AF5EFF2}  <D:\软件\迅雷\Components\InMedia\MediaAddin17.dll>  [Thunder Networking Technologies,LTD, 3, 1, 5, 78, C:2008-07-19 17:00 M:2008-07-12 09:58]
[BandIE Class]
    {77FEF28E-EB96-44FF-B511-3185DEA48697}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [Baidu.com, Inc., 2, 0, 2, 175, C:2007-11-07 14:40 M:2008-01-11 11:45]
[360SafeLive]
    {87515F61-A66C-4319-A0E0-D416CB8059E3}  <D:\软件\360安全卫士\360safe\live.dll>  [360.cn, 1, 0, 1, 1027, C:2008-03-28 17:27 M:2008-03-28 17:27]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <D:\软件\迅雷\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2007-11-18 23:08 M:2008-06-13 09:43]
[XML DOM 文档 5.0]
    {88D969E5-F192-11D4-A65F-0040963251E5}  <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL>  [Microsoft Corporation, 5.10.2927.0, C:2004-09-22 17:09 M:2004-09-22 17:09]
[UiManagerCtrl Class]
    {8E620797-825C-4F1C-8876-72E414FC639D}  <C:\Program Files\UitvDll\UiManager.dll>  [(Verified)UiTV Corporation, 3, 0, 6, 1, C:2008-05-01 17:24 M:2008-08-01 16:07]
[SopCore Control]
    {8FEFF364-6A5F-4966-A917-A3AC28411659}  <D:\软件\新建文~1\SopCast\sopocx.ocx>  [SopCast.com, 3.0.3.501, C:2008-04-30 16:32 M:2008-04-30 16:32]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Technology Co., Ltd., 6, 0, 0, 13, C:2008-07-30 12:05 M:2008-07-30 12:05]
[LiveClientPlayer Class]
    {9D8BB197-DD33-44F7-90D0-96F6EDE0D25F}  <D:\软件\插件\nubb\DopLive\LiveClientPlugIn.dll>  [(Verified)Dopool, 1.3.313.1, C:2008-03-27 12:48 M:2008-03-14 09:39]
[Tool Class]
    {A7F05EE4-0426-454F-8013-C41E3596E9E9}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [Baidu.com, Inc., 2, 0, 2, 175, C:2007-11-07 14:40 M:2008-01-11 11:45]
[DapCtrl Class]
    {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}  <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5803.60.(439).dll>  [ShenZhen Thunder Networking Technologies Ltd., 2, 1, 5803, 60, C:2008-08-05 16:28 M:2008-08-04 12:58]
[百度工具栏]
    {B580CF65-E151-49C3-B73F-70B13FCA8E86}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [Baidu.com, Inc., 2, 0, 2, 175, C:2007-11-07 14:40 M:2008-01-11 11:45]
[SafeMon Class]
    {B69F34DD-F0F9-42DC-9EDD-957187DA688D}  <D:\软件\360安全卫士\360safe\safemon\safemon.dll>  [(Verified)360.CN, 4, 2, 0, 1005, C:2008-02-20 15:16 M:2008-07-10 17:42]
[MiniFlashGetBHO]
    {C74E94A7-B7BD-4891-9328-455395BCC7AD}  <C:\Program Files\FlashGet Network\FlashGet Mini\libMiniBHO.dll>  [(Verified)FlashGet Inc, 1.0.1.1002, C:2008-06-12 11:22 M:2008-06-12 11:22]
[CUiCheckCtrl Object]
    {CC2FF467-0BD8-408A-B591-07F8790C7321}  <C:\Program Files\UitvDll\UiCheck.dll>  [(Verified)UiTV Corporation, 1.0.0.6, C:2008-05-01 17:24 M:2008-06-20 10:06]
[QQPlayerSvr Proxy Control]
    {CD108273-D434-43E6-AA90-1469F97EB398}  <D:\软件\QQ\QzoneMusic.dll>  [(Verified)腾讯科技, 2, 11, 112, 140, C:2007-12-11 20:01 M:2007-12-11 20:01]
[RealPlayer G2 Control]
    {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}  <d:\Program Files\StormII\Codec\rmoc3260.dll>  [(Verified)RealNetworks, Inc., 6.0.9.2568, C:2006-10-18 23:05 M:2006-10-18 23:05]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <D:\Program Files\IVMLAB\IVMDecoder\Flash9f.ocx>  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-08-01 01:46 M:2008-03-25 10:32]
[ARMP Control]
    {D5CD69C4-F983-46E2-AF79-455E892729FA}  <C:\WINDOWS\system32\stsys\ARMP.ocx>  []
[Thunder DapPlayer]
    {EEDD6FF9-13DE-496B-9A1C-D78B3215E266}  <D:\软件\迅雷\Components\DownAndPlay\DapPlayer3.0.5712.71.438.dll>  [ShenZhen Thunder Networking Technologies Ltd., 3, 0, 5712, 71, C:2008-08-05 16:28 M:2008-08-04 12:58]
[Thunder DapCtrl]
    {EF1EA76E-5428-4e40-85A1-D4DD2893183A}  <D:\软件\Web迅雷\DownAndPlay\DapCtrl1.3.17.20.428.dll>  [ShenZhen Thunder Networking Technologies Ltd., 1.3.17.20, C:2008-03-09 16:18 M:2008-01-02 10:10]
[XPPlayer Class]
    {F3E70CEA-956E-49CC-B444-73AFE593AD7F}  <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.181.(439).dll>  [Xunlei Networking Technologies,LTD, 2, 0, 0, 181, C:2008-08-05 16:28 M:2008-08-04 12:58]

Context Menu
[DLLRegSvr]
    {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C}  <C:\WINDOWS\system32\TudouUpload.dll>  [www.Tudou.com, 1.1.0.0, C:2007-01-24 18:07 M:2007-01-24 18:07]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <D:\软件\WinRAR\rarext.dll>  [N/A, C:2007-11-26 17:51 M:2007-09-23 18:59]


========================================
服务

[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
    <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe">  [Adobe Systems, 2.67.010, C:2008-07-30 19:17 M:2008-07-30 19:17]
[Bonjour 服务 / Bonjour Service][Running/Auto Start]
    <"C:\Program Files\Bonjour\mDNSResponder.exe">  [Apple Inc., 1,0,4,12, C:2007-07-24 15:17 M:2007-07-24 15:17]
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
    <d:\Program Files\StormII\stormliv.exe /asservice>  [北京暴风网际科技有限公司, 3, 8, 6, 20, C:2008-03-11 14:33 M:2008-05-28 16:40]
[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
    <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe">  [Macrovision Corporation, 10.50.125, C:2004-10-22 03:24 M:2004-10-22 03:24]
[Macromedia Licensing Service / Macromedia Licensing Service][Stopped/Manual Start]
    <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe">  [Copyright (c) 1998-2003 Macrovision Corp., 2.42.000, C:2007-12-19 19:49 M:2007-12-19 19:49]
[NRS_Service / NRS_Service][Running/Auto Start]
    <C:\WINDOWS\system32\srvany.exe>  [N/A, C:2008-07-21 17:58 M:2008-07-21 17:58]
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
    <"d:\Program Files\Rising\Rav\CCenter.exe">  []
[ci / tcim][Running/Auto Start]
    <C:\WINDOWS\system32\tcim.exe>  [N/A, C:2008-08-09 12:41 M:2008-08-09 12:41]
[mspx / TOlb][Stopped/Auto Start]
    <C:\WINDOWS\system32\toolba.exe>  []
[Winupdate / Winupdate][Stopped/Auto Start]
    <C:\WINDOWS\0806.exe>  [, 1.2.2.0, C:2008-08-06 11:06 M:2008-08-06 11:06]

[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
    <"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe">  [(Verified)Apple Inc., 2.0.28.0, C:2008-07-10 09:47 M:2008-07-10 09:47]
[iPod 服务 / iPod Service][Stopped/Manual Start]
    <"C:\Program Files\iPod\bin\iPodService.exe">  [(Verified)Apple Inc., 7.7.0.43, C:2008-07-10 10:51 M:2008-07-10 10:51]
[Windows Network Media Service / UiPlayer][Running/Auto Start]
    <C:\Program Files\UitvDll\msrv.exe>  [(Verified)UiTV Corporation, 1, 0, 1, 4, C:2008-05-01 17:24 M:2008-07-01 11:56]


========================================
驱动

[360TimeProt / 360TimeProt][Running/Auto Start]
    <\??\C:\WINDOWS\system32\drivers\360TimeProt.sys>  [N/A, C:2008-06-21 13:04 M:2008-06-21 13:04]
[BdGuard / BdGuard][Running/Boot Start]
    <system32\drivers\BDGuard.SYS>  [Copyright (C) 2005, 1, 0, 12, 0, C:2008-05-09 19:17 M:2008-05-09 19:17]
[npkcrypt / npkcrypt][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\npkcrypt.sys>  []
[npkycryp / npkycryp][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\npkycryp.sys>  []
[PxHelp20 / PxHelp20][Running/Boot Start]
    <System32\Drivers\PxHelp20.sys>  [Sonic Solutions, 2.03.28a, C:2005-10-27 04:12 M:2005-10-27 04:12]
[SkyProcs / SkyProcs][Stopped/Manual Start]
    <\??\D:\软件\Firewall\SkyProcs.sys>  []
[sptd / sptd][Running/Boot Start]
    <System32\Drivers\sptd.sys>  [N/A, C:2007-12-31 10:23 M:2007-12-31 10:23]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245), C:2004-08-04 07:14 M:2008-06-20 18:45]
[TesSafe / TesSafe][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesSafe.sys>  [TENCENT, 0, 0, 5, 2, C:2007-11-26 12:21 M:2008-04-26 18:46]

[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
    <system32\drivers\ac97intc.sys>  [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2007-11-26 11:55 M:2001-08-17 12:20]
[Crystal SoundFusion(tm) Driver / cwcspud][Running/Manual Start]
    <system32\drivers\cwcspud.sys>  [(Verified)Crystal Semiconductor Corp., 5.1.2501.0 built by: WinDDK, C:2007-11-26 11:55 M:2001-08-17 12:19]
[Crystal SoundFusion(tm) WDM Driver / cwcwdm][Running/Manual Start]
    <system32\drivers\cwcwdm.sys>  [(Verified)Crystal Semiconductor Corp., 5.1.2501.0 built by: WinDDK, C:2007-11-26 11:56 M:2001-08-17 12:19]
[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
    <System32\Drivers\GEARAspiWDM.sys>  [(Verified)GEAR Software Inc., 2.00.07.03, C:2008-01-29 12:01 M:2008-01-29 12:01]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-06-06 14:13 M:2004-06-06 14:13]
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
    <system32\DRIVERS\RTL8139.SYS>  [(Verified)Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK, C:2007-11-26 11:56 M:2004-08-03 22:31]
[s3m / s3m][Running/Manual Start]
    <system32\DRIVERS\s3m.sys>  [(Verified)S3 Incorporated, 5.1024.329.0002 (ReleasedBinaries.010308-1115), C:2007-11-26 11:55 M:2001-08-17 12:50]
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
    <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys>  [(Verified)360安全中心, 2, 2, 1, 1001, C:2008-06-06 18:31 M:2008-06-06 18:31]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-07-17 19:36 M:2007-11-13 18:25]


========================================
进程

[PID: 448 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]

[PID: 508 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]

[PID: 532 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]

[PID: 576 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]

[PID: 588 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]

[PID: 736 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]

[PID: 784 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Inc., 1,0,4,12, C:2007-07-24 15:17 M:2007-07-24 15:17]

[PID: 848 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]

[PID: 896 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]

[PID: 940 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]

[PID: 1164 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-04 08:52 M:2005-06-11 07:53]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Inc., 1,0,4,12, C:2007-07-24 15:17 M:2007-07-24 15:17]

[PID: 1304 / 张炳楠]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll  [Adobe Systems, Inc., 8.1.0.0, C:2007-05-10 22:54 M:2007-05-10 22:54]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll  [Microsoft Corporation, 8.00.50727.762, C:2006-12-01 22:54 M:2006-12-01 22:54]
    C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS  [Adobe Systems, Inc., 8.0.0.0, C:2006-11-17 00:37 M:2006-11-17 00:37]
    D:\软件\迅雷\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-03-09 16:20 M:2008-06-13 09:43]
    D:\软件\迅雷\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2007-11-18 23:08 M:2008-06-13 09:43]
    D:\软件\迅雷\Components\ResWorker\DsBho_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2000-11-13 22:01 M:2008-08-04 12:58]
    D:\软件\迅雷\Components\ResWorker\DataProcessor_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2000-11-13 22:01 M:2008-08-04 12:58]
    D:\软件\WinRAR\rarext.dll  [N/A, C:2007-11-26 17:51 M:2007-09-23 18:59]
    C:\WINDOWS\system32\TudouUpload.dll  [www.Tudou.com, 1.1.0.0, C:2007-01-24 18:07 M:2007-01-24 18:07]

[PID: 1512 / SYSTEM]   C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe   [(Verified)Apple Inc., 2.0.28.0, C:2008-07-10 09:47 M:2008-07-10 09:47]

[PID: 1524 / SYSTEM]   C:\Program Files\Bonjour\mDNSResponder.exe   [Apple Inc., 1,0,4,12, C:2007-07-24 15:17 M:2007-07-24 15:17]

[PID: 1592 / SYSTEM]   d:\Program Files\StormII\stormliv.exe   [北京暴风网际科技有限公司, 3, 8, 6, 20, C:2008-03-11 14:33 M:2008-05-28 16:40]
    d:\Program Files\StormII\MSVCP60.dll  [Microsoft Corporation, 6.02.3104.0, C:2007-09-21 19:43 M:2007-09-21 19:43]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Inc., 1,0,4,12, C:2007-07-24 15:17 M:2007-07-24 15:17]

[PID: 1648 / SYSTEM]   C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE   [(Verified)Microsoft Corporation, 7.00.9466, C:2003-06-19 23:25 M:2003-06-19 23:25]
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll  [Microsoft Corporation, 7.00.9466, C:2002-01-29 15:06 M:2002-01-29 15:06]

[PID: 1680 / SYSTEM]   C:\WINDOWS\system32\srvany.exe   [N/A, C:2008-07-21 17:58 M:2008-07-21 17:58]

[PID: 1724 / SYSTEM]   C:\WINDOWS\system32\winrs.exe   [N/A, C:2008-07-21 17:58 M:2008-07-21 17:58]
    C:\WINDOWS\TEMP\E_4\krnln.fnr  [1, 0, 0, 1, C:2008-07-30 12:13 M:2008-08-10 13:23]
    C:\WINDOWS\TEMP\E_4\Exmlrpc.fne  [N/A, C:2008-07-30 12:13 M:2008-08-10 13:23]
    C:\WINDOWS\TEMP\E_4\dp1.fne  [N/A, C:2008-07-30 12:13 M:2008-08-10 13:23]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Inc., 1,0,4,12, C:2007-07-24 15:17 M:2007-07-24 15:17]

[PID: 1792 / SYSTEM]   C:\WINDOWS\system32\tcim.exe   [N/A, C:2008-08-09 12:41 M:2008-08-09 12:41]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Inc., 1,0,4,12, C:2007-07-24 15:17 M:2007-07-24 15:17]

[PID: 1904 / SYSTEM]   C:\Program Files\UitvDll\msrv.exe   [(Verified)UiTV Corporation, 1, 0, 1, 4, C:2008-05-01 17:24 M:2008-07-01 11:56]
    C:\Program Files\UitvDll\UiPlay.dll  [(Verified)UiTV Corporation, 3.0.5.2, C:2008-05-01 17:24 M:2008-08-06 12:38]
    C:\WINDOWS\system32\msdmo.dll  [(Verified)N/A, C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Inc., 1,0,4,12, C:2007-07-24 15:17 M:2007-07-24 15:17]

[PID: 472 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Inc., 1,0,4,12, C:2007-07-24 15:17 M:2007-07-24 15:17]

[PID: 1172 / SYSTEM]   C:\WINDOWS\system32\wuauclt.exe   [(Verified)Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740), C:2007-11-26 12:01 M:2007-07-30 19:19]

[PID: 208 / 张炳楠]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]

[PID: 1340 / 张炳楠]   C:\Documents and Settings\张炳楠\桌面\arswp\ArSwp.exe   []
    C:\Documents and Settings\张炳楠\桌面\arswp\plugin\ArFix.dll  []
    C:\Program Files\Bonjour\mdnsNSP.dll  [Apple Inc., 1,0,4,12, C:2007-07-24 15:17 M:2007-07-24 15:17]


========================================
文件关联



========================================
AutoRun.INF



========================================
Winsock提供者



[/CODE]