[CODE] 2008-08-29,16:27:21 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) - Administrators ======================================== 注册项 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"E:\摩力极速 Mogi\Mogi.exe" -tray> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [(Verified)RealNetworks, Inc., 0.1.0.4279, C:2008-07-04 15:20 M:2008-07-04 15:20] [N/A, C:2008-07-04 15:22 M:2001-10-02 11:23] [Vimicro, 3, 5, 930, 9, C:2008-07-04 15:00 M:2005-10-17 17:45] <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"> [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\"添加到反广告"] <> [N/A, C:2008-07-29 20:08 M:2008-07-29 20:08] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2008-07-04 15:15 M:2008-06-13 09:55] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2008-07-04 15:15 M:2008-06-13 09:55] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon] [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00|(Verified)N/A, C:2008-04-22 04:00 M:2008-04-22 04:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00|(Verified)N/A, C:2008-04-22 04:00 M:2008-04-22 04:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00|(Verified)N/A, C:2008-04-26 14:12 M:2005-01-28 15:25] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}] <启动迅雷5> [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-07-04 15:15 M:2008-07-10 21:15] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E}] [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] ======================================== 启动项 ======================================== 计划任务 ======================================== 组件 IE Extension [Web 流量保护状态] {85E0B171-04FA-11D1-B7DA-00A0C90348D6} [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2008-04-24 15:02 M:2008-04-22 04:00] [ScriptDropShellExt] {97C1D2CE-3AB4-4459-9142-D50D9338CB9A} [Copyright 2001, 0, 5, 0, 1, C:2001-09-05 12:17 M:2001-09-05 12:17] [Shell Extensions for RealOne Player] {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [(Verified)RealNetworks, Inc., 1.0.1.3001, C:2008-07-04 15:20 M:2008-07-04 15:20] [Foxy] {376305F3-4C23-4DE5-AD69-7205BA2DA2C8} [] [Web 流量保护状态] {85E0B171-04FA-11D1-B7DA-00A0C90348D6} [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] Protocols [Microsoft Infotech Storage Protocol for IE 4.0] {0A9007C0-4076-11D3-8789-0000F8105754} [Microsoft Corporation, 05.02.9336.01, C:2000-04-19 18:47 M:2000-04-19 18:47] BrowserHelperObject [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-04 15:15 M:2008-06-13 09:43] [RealPlayer Download and Record Plugin for Internet Explorer] {3049C3E9-B461-4BC5-8870-4C09146192CA} [(Verified)RealPlayer, 1.0.0.522, C:2008-07-04 15:20 M:2008-07-04 15:20] [IEVkbdBHO Class] {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-04 15:15 M:2008-06-13 09:43] [kingsoft browser shield] {D963BE1A-6B35-47DB-B002-49FAE71D85CC} [(Verified)Kingsoft Corporation, 2008,04,15,2, C:2008-08-19 20:11 M:2008-06-17 08:59] ActiveX Extension [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-04 15:15 M:2008-06-13 09:43] [RealPlayer Download and Record Plugin for Internet Explorer] {3049C3E9-B461-4BC5-8870-4C09146192CA} [(Verified)RealPlayer, 1.0.0.522, C:2008-07-04 15:20 M:2008-07-04 15:20] [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-07-04 15:15 M:2008-06-13 09:43] [IEVkbdBHO Class] {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21] [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [Copyright XunLei 2007, 2, 1, 2, 77, C:2008-07-04 15:15 M:2008-08-04 12:58] [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [Copyright XunLei 2007, 1, 0, 0, 7, C:2008-07-04 15:15 M:2008-08-04 12:58] [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [Thunder Networking Technologies,LTD, 3, 1, 5, 78, C:2008-07-04 15:15 M:2008-07-01 15:27] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-04 15:15 M:2008-06-13 09:43] [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [ShenZhen Thunder Networking Technologies Ltd., 2, 1, 5803, 60, C:2008-08-06 07:10 M:2008-08-04 12:58] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [kingsoft browser shield] {D963BE1A-6B35-47DB-B002-49FAE71D85CC} [(Verified)Kingsoft Corporation, 2008,04,15,2, C:2008-08-19 20:11 M:2008-06-17 08:59] [Thunder DapPlayer] {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} [ShenZhen Thunder Networking Technologies Ltd., 3, 0, 5712, 71, C:2008-08-06 07:10 M:2008-08-04 12:58] [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [Xunlei Networking Technologies,LTD, 2, 0, 0, 181, C:2008-08-06 07:10 M:2008-08-04 12:58] Context Menu [Foxy] {376305F3-4C23-4DE5-AD69-7205BA2DA2C8} [] [Kaspersky Anti-Virus] {dd230880-495a-11d1-b064-008048ec2fc5} [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] ======================================== 服务 [Contrl Center of Storm Media / ccosm][Running/Auto Start] [北京暴风网际科技有限公司, 3, 8, 6, 20, C:2008-03-11 14:33 M:2008-05-28 16:40] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-22 04:00 M:2008-04-22 04:00] [Kaspersky Internet Security / AVP][Running/Auto Start] <"C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r> [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:20 M:2008-07-29 20:20] [Kingsoft Uplive Service / kaccore][Running/Auto Start] <"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"> [(Verified)Kingsoft Corporation, 2008,08,15,204, C:2008-08-20 12:34 M:2008-08-15 16:32] ======================================== 驱动 [SATALink driver accelerator / SiFilter][Running/Boot Start] [Silicon Image, Inc., 1.0.0.11, C:2008-04-26 14:25 M:2006-08-08 22:19] [SiSRaid / SiSRaid][Running/Boot Start] [Silicon Integrated Systems, 5.1.1039.1090, C:2008-04-26 14:25 M:2005-05-06 17:14] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249), C:2008-04-22 04:00 M:2008-06-20 19:51] [VIMICRO USB PC Camera (ZC030X) / ZSMC303][Stopped/Manual Start] [VM, 3, 5, 1208, 45, C:2008-07-04 15:00 M:2005-12-08 16:15] [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.00.6280 built by: WinDDK, C:2008-07-04 15:01 M:2008-01-24 16:36] [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] [(Verified)VIA Technologies, Inc. , 2.66, C:2008-04-24 14:57 M:2001-08-17 12:13] [KAVBootC / KAVBootC][Running/Boot Start] [(Verified)Kingsoft Corporation, 2008,04,28,85, C:2008-08-19 20:11 M:2008-06-17 08:59] [KAVSafe / KAVSafe][Running/Auto Start] <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys> [(Verified)Kingsoft Corporation, 2008,04,28,65, C:2008-08-19 20:11 M:2008-06-17 08:59] [Kl1 / kl1][Running/Boot Start] [(Verified)Kaspersky Lab, 6.2.35.0, C:2008-07-21 18:34 M:2008-07-21 18:34] [Kaspersky Lab Boot Guard Driver / klbg][Running/Boot Start] [(Verified)Kaspersky Lab, 8.0.6.2, C:2008-01-29 18:29 M:2008-01-29 18:29] [Kaspersky Lab KLFltDev / KLFLTDEV][Running/Manual Start] [(Verified)Kaspersky Lab, 8.0.0.17, C:2008-03-13 19:02 M:2008-03-13 19:02] [Kaspersky Lab Driver / KLIF][Running/System Start] [(Verified)Kaspersky Lab, 8.1.0.100, C:2008-08-14 11:38 M:2008-08-14 11:43] [Kaspersky Anti-Virus NDIS Filter / klim5][Running/Manual Start] [(Verified)Kaspersky Lab, 6.1.28.0, C:2008-04-30 18:06 M:2008-04-30 18:06] [nv / nv][Stopped/Manual Start] [(Verified)NVIDIA Corporation, 6.14.10.5673, C:2008-04-24 14:57 M:2008-04-13 09:34] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2008-04-22 04:00 M:2008-04-22 04:00] [Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start] [(Verified)Realtek Semiconductor Corporation , 5.687.0225.2008 built by: WinDDK, C:2008-07-04 15:00 M:2008-02-25 20:54] [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start] [(Verified)Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK, C:2008-07-04 15:00 M:2008-04-13 09:35] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2008-04-22 04:00 M:2008-04-22 04:00] [SiS315 / SiS315][Running/Manual Start] [(Verified)Silicon Integrated Systems Corporation, 6.14.10.3840, C:2008-07-04 15:00 M:2008-03-20 19:00] [SiSide / SiSide][Running/Boot Start] [(Verified)Silicon Integrated Systems Corp., 2.04.00.00 built by: WinDDK, C:2008-07-04 15:00 M:2003-03-25 17:50] [SiSkp / SiSkp][Running/System Start] [(Verified)Silicon Integrated Systems Corporation, 6.14.10.3840, C:2008-07-04 15:00 M:2008-03-20 19:22] ======================================== 进程 [PID: 908 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 964 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 996 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\system32\klogon.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21] [PID: 1052 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 1064 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 1240 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 1336 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 1504 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 1788 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 1852 / SYSTEM] C:\Program Files\StormII\stormliv.exe [北京暴风网际科技有限公司, 3, 8, 6, 20, C:2008-03-11 14:33 M:2008-05-28 16:40] C:\Program Files\StormII\MSVCP60.dll [Microsoft Corporation, 6.02.3104.0, C:2007-09-21 19:43 M:2007-09-21 19:43] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 1984 / SYSTEM] C:\Program Files\Kingsoft\KAC\Service\kaccore.exe [(Verified)Kingsoft Corporation, 2008,08,15,204, C:2008-08-20 12:34 M:2008-08-15 16:32] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\Program Files\Kingsoft\KAC\Service\corehelper.dll [(Verified)Kingsoft Corporation, 2008,08,15,204, C:2008-08-20 12:34 M:2008-08-15 16:32] C:\Program Files\Kingsoft\KAC\KSA\ksaengine.dll [(Verified)Kingsoft Corporation, 2008,08,15,133, C:2008-08-20 12:34 M:2008-08-15 16:33] C:\Program Files\Kingsoft\KAC\KSA\tuotu_p2sp.dll [N/A, C:2008-08-20 12:34 M:2008-08-15 16:30] [PID: 168 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINPENJR\win32\PPDRAW.DLL [N/A, C:2008-07-04 15:22 M:2001-10-11 16:50] C:\WINPENJR\win32\ppstnt.dll [N/A, C:2008-07-04 15:22 M:2000-12-05 12:09] [PID: 180 / SYSTEM] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [(Verified)Microsoft Corporation, 7.00.9466, C:2003-06-19 23:25 M:2003-06-19 23:25] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll [Microsoft Corporation, 7.00.9466, C:2002-01-29 15:06 M:2002-01-29 15:06] [PID: 336 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 752 / Administrator] C:\Program Files\Common Files\Real\Update_OB\realsched.exe [(Verified)RealNetworks, Inc., 0.1.0.4279, C:2008-07-04 15:20 M:2008-07-04 15:20] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 764 / Administrator] C:\WINPENJR\Win32\pphidpad.exe [N/A, C:2008-07-04 15:22 M:2001-10-02 11:23] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 772 / Administrator] C:\WINDOWS\VM303_STI.EXE [Vimicro, 3, 5, 930, 9, C:2008-07-04 15:00 M:2005-10-17 17:45] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 820 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 812 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 2040 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 3436 / Administrator] D:\Program Files\Tencent\QQ\QQ.exe [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:43 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\QQBaseClassInDll.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:43 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\QQHelperDll.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:44 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\BasicCtrlDll.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:46 M:2008-05-27 09:46] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] D:\Program Files\Tencent\QQ\QQAPI.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:43 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\LoginCtrl.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:42 M:2008-05-27 09:42] D:\Program Files\Tencent\QQ\LoginCtrlRes.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:42 M:2008-05-27 09:42] D:\Program Files\Tencent\QQ\QQRes.dll [(Verified)TENCENT, 8, 0, 830, 1811, C:2008-05-27 09:44 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\QQMainFrame.dll [(Verified)N/A, C:2008-05-27 09:44 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\QQPlugin.dll [(Verified)N/A, C:2008-05-27 09:44 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\UnReadMsgMgr.dll [(Verified)N/A, C:2008-05-27 09:45 M:2008-05-27 09:46] D:\Program Files\Tencent\QQ\CQQApplication.dll [(Verified)N/A, C:2007-07-25 15:54 M:2007-07-25 15:54] D:\Program Files\Tencent\QQ\FlashAvatarDll.dll [(Verified)版权所有 (C) 2005, 1, 4, 0, 1, C:2008-05-27 09:42 M:2008-05-27 09:42] D:\Program Files\Tencent\QQ\NewSkin.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:43 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\MailSummary.dll [(Verified)TENCENT, 8,0,773,1801, C:2008-05-27 09:43 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\QQSpace.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:44 M:2008-05-27 09:45] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2008-04-22 04:00 M:2008-04-22 04:00] D:\Program Files\Tencent\QQ\QQKnowledgeSearch.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:44 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\OEMApplication.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:43 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\QQGroupMng.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 14:13 M:2008-05-27 14:13] D:\Program Files\Tencent\QQ\QQAvatar.dll [(Verified)N/A, C:2008-05-27 09:43 M:2008-05-27 09:43] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] D:\Program Files\Tencent\QQ\QQAllInOne.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:43 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\SCCore.dll [(Verified)TENCENT, 1, 6, 0, 2, C:2008-05-27 09:45 M:2008-05-27 09:45] D:\Program Files\Tencent\QQ\CameraDll.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:46 M:2008-05-27 09:46] D:\Program Files\Tencent\QQ\QQPet.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:44 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\QRingMng.dll [(Verified)N/A, C:2008-05-27 09:45 M:2008-05-27 09:45] D:\Program Files\Tencent\QQ\QQSysMsgMng.dll [(Verified)N/A, C:2007-08-05 22:16 M:2007-08-05 22:16] D:\Program Files\Tencent\QQ\UserDefinedHead.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:46 M:2008-05-27 09:46] D:\Program Files\Tencent\QQ\QQConfigPlugin.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:43 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\QQCustomFace.dll [(Verified)N/A, C:2008-05-27 09:44 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\LongConnection.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:47 M:2008-05-27 09:47] D:\Program Files\Tencent\QQ\PhoneAPI.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:43 M:2008-05-27 09:43] D:\Program Files\Tencent\QQ\DialerAllinOne.dll [(Verified)tencent, 1, 4, 0, 0, C:2008-05-27 09:42 M:2008-05-27 09:42] D:\Program Files\Tencent\QQGame\GamePublic.dll [(Verified)N/A, C:2008-03-18 18:12 M:2008-03-18 18:12] D:\Program Files\Tencent\QQGame\Common\Utility.dll [(Verified)N/A, C:2008-03-18 17:53 M:2008-03-18 17:53] D:\Program Files\Tencent\QQGame\Factory.dll [(Verified)N/A, C:2008-03-18 18:11 M:2008-03-18 18:11] D:\Program Files\Tencent\QQGame\Logic\UIStyle.dll [(Verified)N/A, C:2008-03-18 17:57 M:2008-03-18 17:57] D:\Program Files\Tencent\QQGame\ProtHand\QQProt.dll [(Verified)N/A, C:2008-03-18 17:51 M:2008-03-18 17:51] D:\Program Files\Tencent\QQGame\Socket\NetMod.dll [(Verified)N/A, C:2008-03-18 18:00 M:2008-03-18 18:00] D:\Program Files\Tencent\QQ\QQAddr.dll [(Verified)深圳市腾讯计算机系统有限公司, 5, 0, 101, 330, C:2008-05-27 09:47 M:2008-05-27 09:47] D:\Program Files\Tencent\QQ\BQQApplication.dll [(Verified)N/A, C:2008-05-27 09:42 M:2008-05-27 09:42] D:\Program Files\Tencent\QQ\CommercesMng.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:42 M:2008-05-27 09:42] D:\Program Files\Tencent\QQ\PersonalDesktop.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:47 M:2008-05-27 09:47] D:\Program Files\Tencent\QQ\QQSceneMng.dll [(Verified)N/A, C:2008-05-27 09:44 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\AddrSearch.dll [(Verified)腾讯科技(深圳)有限公司, 2, 2, 1, 15, C:2008-05-27 09:42 M:2008-06-30 18:35] D:\Program Files\Tencent\QQ\QQFileTransfer.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:47 M:2008-05-27 09:47] C:\WINPENJR\win32\PPDRAW.DLL [N/A, C:2008-07-04 15:22 M:2001-10-11 16:50] C:\WINPENJR\win32\ppstnt.dll [N/A, C:2008-07-04 15:22 M:2000-12-05 12:09] D:\Program Files\Tencent\QQ\ImageOle.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:46 M:2008-05-27 09:46] D:\Program Files\Tencent\QQ\QQLiveQMng.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:44 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\QQMagicFace.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:44 M:2008-05-27 09:44] D:\Program Files\Tencent\QQ\GroupConnection.dll [(Verified)TENCENT, 8,0,830,1811, C:2008-05-27 09:46 M:2008-05-27 09:46] [PID: 1068 / Administrator] D:\Program Files\Tencent\QQ\TXPlatform.exe [(Verified)Tencent, 1, 5, 225, 0, C:2008-04-22 17:15 M:2008-04-22 17:15] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 3316 / Administrator] C:\WINPENJR\win32\Custom.exe [N/A, C:2008-07-04 15:22 M:2005-05-19 21:45] C:\WINPENJR\win32\pptltc32.dll [N/A, C:2008-07-04 15:22 M:2000-03-01 14:12] C:\WINPENJR\win32\uni2000.dll [N/A, C:2008-07-04 15:22 M:2000-08-15 16:37] C:\WINPENJR\win32\ppconv.dll [N/A, C:2008-07-04 15:22 M:2000-04-19 14:14] C:\WINPENJR\win32\ppdraw.dll [N/A, C:2008-07-04 15:22 M:2001-10-11 16:50] C:\WINPENJR\win32\PPGHOST.dll [N/A, C:2008-07-04 15:22 M:2005-05-19 21:31] C:\WINPENJR\win32\RECOGBIG.DLL [N/A, C:2008-07-04 15:22 M:2001-11-30 12:27] C:\WINPENJR\win32\PPSET.DLL [N/A, C:2008-07-04 15:22 M:2005-03-20 10:07] C:\WINPENJR\win32\TTSUNI.DLL [N/A, C:2008-07-04 15:22 M:2001-12-11 10:42] C:\WINPENJR\win32\PPHBDLL.DLL [N/A, C:2008-07-04 15:22 M:2000-01-20 15:05] C:\WINDOWS\system32\ppadapi.dll [N/A, C:2008-07-04 15:22 M:2001-11-28 12:48] C:\WINPENJR\win32\PHONDLL.DLL [N/A, C:2008-07-04 15:22 M:2000-11-28 14:37] C:\WINPENJR\win32\PPHRASE.DLL [N/A, C:2008-07-04 15:22 M:2005-03-20 10:02] C:\WINPENJR\win32\PPInput.DLL [N/A, C:2008-07-04 15:22 M:2005-03-20 10:03] C:\WINPENJR\win32\PPSTDINK.DLL [N/A, C:2008-07-04 15:22 M:2005-03-20 11:09] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINPENJR\win32\ppstnt.dll [N/A, C:2008-07-04 15:22 M:2000-12-05 12:09] [PID: 2076 / Administrator] C:\WINPENJR\win32\DRAWOBJ.EXE [N/A, C:2008-07-04 15:22 M:2000-01-05 07:50] C:\WINPENJR\win32\PPDRAW.DLL [N/A, C:2008-07-04 15:22 M:2001-10-11 16:50] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] [PID: 2068 / Administrator] C:\WINPENJR\win32\PPHBUF.EXE [N/A, C:2008-07-04 15:22 M:2002-01-09 14:59] C:\WINPENJR\win32\PPDRAW.DLL [N/A, C:2008-07-04 15:22 M:2001-10-11 16:50] C:\WINPENJR\win32\PPCONV.DLL [N/A, C:2008-07-04 15:22 M:2000-04-19 14:14] C:\WINPENJR\win32\uni2000.dll [N/A, C:2008-07-04 15:22 M:2000-08-15 16:37] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINPENJR\win32\ppstnt.dll [N/A, C:2008-07-04 15:22 M:2000-12-05 12:09] [PID: 1300 / Administrator] D:\Program Files\Tencent\QQ\QQMusic.exe [Tencent, 7, 12, 110, 120, C:2007-12-12 12:38 M:2007-12-12 12:38] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] D:\Program Files\Tencent\QQ\QQMusicUI.dll [Tencent, 7, 12, 110, 120, C:2007-12-12 12:29 M:2007-12-12 12:29] C:\WINPENJR\win32\PPDRAW.DLL [N/A, C:2008-07-04 15:22 M:2001-10-11 16:50] D:\Program Files\Tencent\QQ\QQMusicSkin.dll [Copyright 2007, 3, 0, 101, 57, C:2007-11-15 22:17 M:2007-11-15 22:17] D:\PROGRA~1\Tencent\QQ\VQQPLA~1.OCX [(Verified)Tencent Technology (Shenzhen) Company Limited, 3, 11, 112, 110, C:2007-11-22 15:16 M:2007-11-22 15:16] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\scrchpg.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\klscav.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\MSVCR80.dll [Microsoft Corporation, 8.00.50727.762, C:2008-07-29 20:08 M:2008-07-29 20:08] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prremote.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\MSVCP80.dll [Microsoft Corporation, 8.00.50727.762, C:2008-07-29 20:08 M:2008-07-29 20:08] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prloader.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prkernel.ppl [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25] c:\program files\kaspersky lab\kaspersky internet security 2009\params.ppl [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25] c:\program files\kaspersky lab\kaspersky internet security 2009\pxstub.ppl [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25] c:\program files\kaspersky lab\kaspersky internet security 2009\tempfile.ppl [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:26 M:2008-07-29 20:26] D:\PROGRA~1\Tencent\QQ\vqqsdl.dll [(Verified)Tencent Technology (Shenzhen) Company Limited, 3, 11, 112, 110, C:2007-11-22 15:16 M:2007-11-22 15:16] D:\PROGRA~1\Tencent\QQ\TNProxy.dll [(Verified)Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 60, C:2007-11-22 15:16 M:2007-11-22 15:16] C:\WINPENJR\win32\ppstnt.dll [N/A, C:2008-07-04 15:22 M:2000-12-05 12:09] C:\WINDOWS\system32\WMASF.DLL [Microsoft Corporation, 10.00.00.4060 built by: Microsoft, C:2008-04-22 04:00 M:2007-10-20 06:01] C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xmvsource.dll_1_work [XunLei, 1, 0, 0, 5, C:2008-07-04 15:15 M:2008-08-04 12:58] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [PID: 2204 / Administrator] C:\Program Files\Tencent\TT\bin\TTraveler.exe [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:35 M:2008-06-20 18:35] C:\Program Files\Tencent\TT\bin\TTUtilWidget.dll [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:36 M:2008-06-20 18:36] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\Program Files\Tencent\TT\bin\TTStore.dll [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:36 M:2008-06-20 18:36] C:\Program Files\Tencent\TT\bin\sqlite3.dll [(Verified)N/A, C:2008-06-20 18:34 M:2008-06-20 18:34] C:\Program Files\Tencent\TT\bin\PlatformWidget.dll [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:34 M:2008-06-20 18:34] C:\Program Files\Tencent\TT\bin\TTMainFrame.dll [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:35 M:2008-06-20 18:35] C:\Program Files\Tencent\TT\bin\TTMBrowser.dll [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:35 M:2008-06-20 18:35] C:\Program Files\Tencent\TT\bin\TTabMgr.dll [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:34 M:2008-06-20 18:34] C:\WINPENJR\win32\PPDRAW.DLL [N/A, C:2008-07-04 15:22 M:2001-10-11 16:50] C:\Program Files\Tencent\TT\bin\TTPluginMng.dll [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:35 M:2008-06-20 18:35] C:\Program Files\Tencent\TT\Plugins\3TTWeather\TTWeather.dll [TODO: <公司名>, 1.0.0.1, C:2008-06-20 17:19 M:2008-06-20 17:19] C:\Program Files\Tencent\TT\bin\TTSkin.dll [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:35 M:2008-06-20 18:35] C:\Program Files\Tencent\TT\bin\FavoriteLogical.dll [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:34 M:2008-06-20 18:34] C:\Program Files\Tencent\TT\bin\TSupport.dll [(Verified)TENCENT Inc., 1, 2, 11, 201, C:2008-06-20 18:34 M:2008-06-20 18:34] C:\WINPENJR\win32\ppstnt.dll [N/A, C:2008-07-04 15:22 M:2000-12-05 12:09] C:\Program Files\Tencent\TT\bin\TTHtmlApp.dll [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:35 M:2008-06-20 18:35] C:\Program Files\Tencent\TT\bin\TTFilter.dll [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:35 M:2008-06-20 18:35] C:\Program Files\Tencent\TT\bin\TTNetwork.dll [(Verified)Tencent, 4, 6, 0, 9, C:2008-06-20 18:35 M:2008-06-20 18:35] C:\Program Files\Tencent\TT\bin\UpdateUtil.dll [(Verified)N/A, C:2008-06-20 18:36 M:2008-06-20 18:36] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\scrchpg.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\klscav.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\MSVCR80.dll [Microsoft Corporation, 8.00.50727.762, C:2008-07-29 20:08 M:2008-07-29 20:08] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prremote.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\MSVCP80.dll [Microsoft Corporation, 8.00.50727.762, C:2008-07-29 20:08 M:2008-07-29 20:08] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prloader.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prkernel.ppl [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25] c:\program files\kaspersky lab\kaspersky internet security 2009\params.ppl [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25] c:\program files\kaspersky lab\kaspersky internet security 2009\pxstub.ppl [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25] c:\program files\kaspersky lab\kaspersky internet security 2009\tempfile.ppl [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:26 M:2008-07-29 20:26] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [PID: 3388 / Administrator] E:\arswp\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 1, 815, C:2008-08-15 22:25 M:2008-08-15 22:25] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2008-04-22 04:00 M:2008-04-22 04:00] C:\WINPENJR\win32\PPDRAW.DLL [N/A, C:2008-07-04 15:22 M:2001-10-11 16:50] E:\arswp\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2007-11-28 15:19 M:2007-11-28 15:19] C:\WINPENJR\win32\ppstnt.dll [N/A, C:2008-07-04 15:22 M:2000-12-05 12:09] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\scrchpg.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\klscav.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:21 M:2008-07-29 20:21] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\MSVCR80.dll [Microsoft Corporation, 8.00.50727.762, C:2008-07-29 20:08 M:2008-07-29 20:08] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prremote.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\MSVCP80.dll [Microsoft Corporation, 8.00.50727.762, C:2008-07-29 20:08 M:2008-07-29 20:08] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prloader.dll [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:22 M:2008-07-29 20:22] C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prkernel.ppl [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25] c:\program files\kaspersky lab\kaspersky internet security 2009\params.ppl [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25] c:\program files\kaspersky lab\kaspersky internet security 2009\pxstub.ppl [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:25 M:2008-07-29 20:25] c:\program files\kaspersky lab\kaspersky internet security 2009\tempfile.ppl [(Verified)Kaspersky Lab, 8.0.0.454, C:2008-07-29 20:26 M:2008-07-29 20:26] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 localhost [/CODE]