各位高手: 非常感谢您留心我这份系统诊断报告,小菜鸟十万火急等待您的帮助! 该诊断报告由360安全卫士提供 http://www.360.cn 诊断时间: 2008-09-13 15:49:38 诊断平台: Microsoft Windows XP Service Pack 3 IE版本: Internet Explorer V6.0.2900.2180 Build:62900.2180 计算机物理内存:511.36MB - 当前可用内存:33.10MB [color=sienna]100 - 未知 - Process: MPSVC.exe [MPSVC] - [/color] [color=sienna]100 - 未知 - Process: MPSVC2.exe [MPSVC2] - [/color] [color=sienna]100 - 未知 - Process: MPSVC1.exe [MPSVC1] - [/color] [color=sienna]100 - 未知 - Process: rfwsrv.exe [Rising Personal FireWall Service] - E:\Program Files\Rising\Rfw\rfwsrv.exe[/color] [color=sienna]100 - 未知 - Process: rfwProxy.exe [Rising Personal Proxy Service] - E:\Program Files\Rising\Rfw\rfwProxy.exe[/color] [color=sienna]100 - 未知 - Process: rfwstub.exe [Rising Personal FireWall Service Rfwstub ] - E:\Program Files\Rising\Rfw\rfwstub.exe[/color] [color=sienna]100 - 未知 - Process: MPMon.exe [MPMon] - [/color] [color=sienna]100 - 未知 - Process: ashServ.exe [avast! antivirus service] - E:\Program Files\Alwil Software\Avast4\ashServ.exe[/color] [color=sienna]100 - 未知 - Process: rfwmain.exe [Rising Personal FireWall Main Program] - E:\Program Files\Rising\Rfw\RfwMain.exe[/color] [color=sienna]100 - 未知 - Process: stormliv.exe [暴风影音媒体控制中心] - G:\Program Files\StormII\stormliv.exe[/color] [color=sienna]100 - 未知 - Process: hotkey.exe [hotkey driver] - C:\Program Files\KDriver\hotkey.exe[/color] [color=sienna]100 - 未知 - Process: HotKeyPlatForm.exe [StarCenter] - C:\Program Files\StarSoftComm\StarCenter2.5\HotKeyPlatForm.exe[/color] [color=sienna]100 - 未知 - Process: lmkx.exe [Lmkx] - C:\Program Files\lmkx\lmkx\lmkx.exe[/color] [color=sienna]100 - 未知 - Process: ashDisp.exe [avast! service GUI component] - E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe[/color] [color=sienna]100 - 未知 - Process: 360tray.exe [360安全卫士实时保护模块] - E:\Program Files\360safe\safemon\360tray.exe[/color] [color=sienna]100 - 未知 - Process: VMSnap5.EXE [Vimicro] - C:\WINDOWS\VMSnap5.EXE[/color] [color=sienna]100 - 未知 - Process: Domino.EXE [Vimicro] - C:\WINDOWS\Domino.EXE[/color] [color=sienna]100 - 未知 - Process: winpatrol.exe [WinPatrol System Monitor] - E:\Program Files\BillP Studios\WinPatrol\winpatrol.exe[/color] [color=sienna]100 - 未知 - Process: OlympicNews.exe [搜狐奥运快讯] - G:\Program Files\SogouInput\OlympicNews.exe[/color] [color=sienna]100 - 未知 - Process: XDict.exe [Kingsoft PowerWord] - G:\Program Files\Kingsoft\PowerWord Lite\XDict.exe[/color] [color=sienna]100 - 未知 - Process: Thunder5.exe [Thunder] - G:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe[/color] [color=sienna]100 - 未知 - Process: AnAnKernel.exe [] - E:\Program Files\Mozhe\AnanClient\AnAnKernel.exe[/color] [color=sienna]100 - 未知 - Process: CompCenter.exe [墨者安全专家升级程序] - E:\Program Files\Mozhe\AnanClient\CompCenter.exe[/color] [color=sienna]100 - 未知 - Process: AnAnWidget.exe [墨者安全专家] - E:\Program Files\Mozhe\AnanClient\AnAnWidget.exe[/color] [color=sienna]100 - 未知 - Process: Maxthon.exe [Maxthon Browser] - G:\Program Files\Maxthon2\Maxthon.exe[/color] [color=sienna]100 - 未知 - Process: ashMaiSv.exe [avast! e-Mail Scanner Service] - E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe[/color] [color=sienna]100 - 未知 - Process: ashWebSv.exe [avast! Web Scanner] - E:\Program Files\Alwil Software\Avast4\ashWebSv.exe[/color] [color=sienna]100 - 未知 - Process: RepairTool.exe [RepairTool] - F:\setup\RepairTool\RepairTool.exe[/color] [color=sienna]100 - 未知 - Process: SuperKiller.exe [] - C:\DOCUME~1\trhtf\LOCALS~1\Temp\Rar$EX02.703\SuperKiller.exe[/color] [color=sienna]R0 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page=http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home[/color] [color=sienna]R0 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page=http://576495705.t3j4.com[/color] [color=sienna]R1 - 未知 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm[/color] [color=sienna]R1 - 未知 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page=C:\WINDOWS\system32\blank.htm[/color] [color=sienna]O2 - 未知 - BHO: (FG2CatchUrl) - [BHOCatch] - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - G:\Program Files\FlashGet Network\Flashget\ComDlls\bhoCATCH.dll[/color] [color=sienna]O3 - 未知 - Toolbar: (流氓克星工具条) - [Adblock] - {9D328710-7964-4306-964E-8C1C072321DB} - C:\PROGRA~1\lmkx\lmkx\adblock.dll[/color] [color=sienna]O4 - 未知 - HKLM\..\Run: [KBHotkey] [hotkey driver] C:\Program Files\KDriver\hotkey.exe[/color] [color=sienna]O4 - 未知 - HKLM\..\Run: [StarCenter2.5] [StarCenter] C:\Program Files\StarSoftComm\StarCenter2.5\HotKeyPlatForm.exe[/color] [color=sienna]O4 - 未知 - HKLM\..\Run: [lmkxShort.exe] [Lmkx] C:\Program Files\lmkx\lmkx\lmkx.exe /shortcut[/color] [color=sienna]O4 - 未知 - HKLM\..\Run: [AnAnWidget] [墨者安全专家] "E:\Program Files\Mozhe\AnanClient\AnAnWidget.exe"[/color] [color=sienna]O4 - 未知 - HKLM\..\Run: [VMSnap5] [Vimicro] C:\WINDOWS\VMSnap5.EXE[/color] [color=sienna]O4 - 未知 - HKLM\..\Run: [Domino] [Vimicro] C:\WINDOWS\Domino.EXE[/color] [color=sienna]O4 - 未知 - HKLM\..\Run: [WinPatrol] [] E:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot[/color] [color=sienna]O4 - 未知 - HKLM\..\Run: [inquiry] [] [/color] [color=sienna]O4 - 未知 - HKCU\..\Run: [LmkxAnti] [killad] Rundll32.exe C:\PROGRA~1\lmkx\lmkx\killad.dll,KillAdware[/color] [color=sienna]O4 - 未知 - HKCU\..\Run: [OlympicExpress] [搜狐奥运快讯] "G:\Program Files\SogouInput\OlympicNews.exe"[/color] [color=sienna]O4 - 未知 - Startup folder: [谷歌金山词霸合作版.lnk] [] C:\Documents and Settings\All Users\「开始」菜单\程序\启动\谷歌金山词霸合作版.lnk[/color] [color=sienna]O8 - 未知 - Extra context menu item: 上传到QQ网络硬盘 - C:\Program Files\Tencent\QQ\AddToNetDisk.htm[/color] [color=sienna]O8 - 未知 - Extra context menu item: 使用快车(Flas&hGet)下载 - G:\Program Files\FlashGet Network\Flashget\ComDlls\Bholink.htm[/color] [color=sienna]O8 - 未知 - Extra context menu item: 使用快车(Flash&Get)下载全部链接 - G:\Program Files\FlashGet Network\Flashget\ComDlls\Bhoall.htm[/color] [color=sienna]O8 - 未知 - Extra context menu item: 使用迅雷下载 - G:\Program Files\Thunder Network\Thunder\Program\geturl.htm[/color] [color=sienna]O8 - 未知 - Extra context menu item: 使用迅雷下载全部链接 - G:\Program Files\Thunder Network\Thunder\Program\getallurl.htm[/color] [color=sienna]O8 - 未知 - Extra context menu item: 导出到 Microsoft Office Excel(&X) - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000[/color] [color=sienna]O8 - 未知 - Extra context menu item: 添加到QQ自定义面板 - C:\Program Files\Tencent\QQ\AddPanel.htm[/color] [color=sienna]O8 - 未知 - Extra context menu item: 添加到QQ表情 - C:\Program Files\Tencent\QQ\AddEmotion.htm[/color] [color=sienna]O8 - 未知 - Extra context menu item: 用QQ彩信发送该图片 - C:\Program Files\Tencent\QQ\SendMMS.htm[/color] [color=sienna]O8 - 未知 - Extra context menu item: 豪杰超级解霸V8实时播放 - C:\Herosoft\HeroV8\MPURLGET.HTM[/color] [color=sienna]O9 - 未知 - Extra button: 启动迅雷5(HKLM) - G:\Program Files\Thunder Network\Thunder\Thunder.exe[/color] [color=sienna]O9 - 未知 - Extra button: 豪杰超级解霸V8(HKLM) - C:\Herosoft\HeroV8\STHSDVD.EXE[/color] [color=sienna]O9 - 未知 - Extra button: 信息检索(HKLM) - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL[/color] [color=sienna]O9 - 未知 - Extra button: 腾讯QQ(HKLM) - C:\Program Files\Tencent\QQ\QQ.EXE[/color] [color=sienna]O9 - 未知 - Extra button: @xpsp3res.dll,-20001(HKLM) - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe[/color] [color=sienna]O9 - 未知 - Extra button: Windows Messenger(HKLM) - C:\Program Files\Messenger\msmsgs.exe[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{E70F1AA0-AB8B-11CF-8CA3-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{E70F1AA0-AB8B-11CF-8CA3-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{E70F1AA0-AB8B-11CF-8CA3-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Rsvp 1.0 Service Provider] [{9D60A9E0-337A-11D0-BD88-0000C082E69A}]C:\WINDOWS\system32\rsvpsp.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Rsvp 1.0 Service Provider] [{9D60A9E0-337A-11D0-BD88-0000C082E69A}]C:\WINDOWS\system32\rsvpsp.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O10 - 未知 - Winsock LSP: [Microsoft Windows Sockets 2.0 Service Provider] [{8D5F1830-C273-11CF-95C8-00805F48A192}]C:\WINDOWS\system32\mswsock.dll[/color] [color=sienna]O14 - 未知 - IERESET.INF: START_PAGE_URL=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome[/color] [color=sienna]O16 - 未知 - DPF: 无效的CLSID:CabOCX (CabOCX) - http://jifen.cnzz.com/activex/Cnzz.Visa.Certification.CAB[/color] [color=sienna]O16 - 未知 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1219486890281[/color] [color=sienna]O16 - 未知 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab[/color] [color=sienna]O18 - 未知 - Protocol: AP Class Install Handler filter - {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\system32\urlmon.dll[/color] [color=sienna]O18 - 未知 - Protocol: AP lzdhtml encoding/decoding Filter - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll[/color] [color=sienna]O18 - 未知 - Protocol: AP lzdhtml encoding/decoding Filter - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll[/color] [color=sienna]O18 - 未知 - Protocol: AP lzdhtml encoding/decoding Filter - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll[/color] [color=sienna]O18 - 未知 - Protocol: WebView MIME Filter - {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\system32\SHELL32.dll[/color] [color=sienna]O18 - 未知 - Protocol: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL[/color] [color=sienna]O18 - 未知 - Protocol: Microsoft HTML About Pluggable Protocol - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll[/color] [color=sienna]O18 - 未知 - Protocol: CDL: Asychronous Pluggable Protocol Handler - {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\system32\urlmon.dll[/color] [color=sienna]O18 - 未知 - Protocol: DVD: 可插入协议 - {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\system32\msvidctl.dll[/color] [color=sienna]O18 - 未知 - Protocol: file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll[/color] [color=sienna]O18 - 未知 - Protocol: ftp: Asychronous Pluggable Protocol Handler - {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll[/color] [color=sienna]O18 - 未知 - Protocol: gopher: Asychronous Pluggable Protocol Handler - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll[/color] [color=sienna]O18 - 未知 - Protocol: http: Asychronous Pluggable Protocol Handler - {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll[/color] [color=sienna]O18 - 未知 - Protocol: https: Asychronous Pluggable Protocol Handler - {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll[/color] [color=sienna]O18 - 未知 - Protocol: Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll[/color] [color=sienna]O18 - 未知 - Protocol: Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll[/color] [color=sienna]O18 - 未知 - Protocol: file:, local: Asychronous Pluggable Protocol Handler - {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll[/color] [color=sienna]O18 - 未知 - Protocol: Microsoft HTML Mailto Pluggable Protocol - {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll[/color] [color=sienna]O18 - 未知 - Protocol: MHTML Asychronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\system32\inetcomm.dll[/color] [color=sienna]O18 - 未知 - Protocol: mk: Asychronous Pluggable Protocol Handler - {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\system32\urlmon.dll[/color] [color=sienna]O18 - 未知 - Protocol: Microsoft InfoTech Protocols for IE 4.0 - {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\system32\itss.dll[/color] [color=sienna]O18 - 未知 - Protocol: Microsoft Infotech Storage Protocol for IE 4.0 - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL[/color] [color=sienna]O18 - 未知 - Protocol: Data Page Pluggable Protocol mso-offdap Handler - {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL[/color] [color=sienna]O18 - 未知 - Protocol: Data Page Plugable Protocal mso-offdap11 Handler - {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL[/color] [color=sienna]O18 - 未知 - Protocol: Microsoft HTML Resource Pluggable Protocol - {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll[/color] [color=sienna]O18 - 未知 - Protocol: Microsoft HTML Resource Pluggable Protocol - {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\system32\mshtml.dll[/color] [color=sienna]O18 - 未知 - Protocol: TV: 可插入协议 - {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\system32\msvidctl.dll[/color] [color=sienna]O18 - 未知 - Protocol: Microsoft HTML Javascript Pluggable Protocol - {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\system32\mshtml.dll[/color] [color=sienna]O18 - 未知 - Protocol: WiaProtocol - {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\system32\wiascr.dll[/color] [color=sienna]O21 - 未知 - Protocol Icons: HKCR\ftp\DefaultIcon - C:\WINDOWS\system32\msieftp.dll,0[/color] [color=sienna]O21 - 未知 - Protocol Icons: HKCR\htmlfile\DefaultIcon - "%1"[/color] [color=sienna][color=sienna]O23 - 未知 - Service: AnAnKernel [墨者安全专家服务程序] - E:\Program Files\Mozhe\AnanClient\AnAnKernel.exe - (running)[/color][/color] [color=sienna][color=slategray]O23 - 未知 - Service: aswUpdSv [为 avast! 杀毒软件提供自动更新。] - "E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" - (not running)[/color][/color] [color=sienna][color=sienna]O23 - 未知 - Service: avast! Antivirus [管理并执行本计算机中的 avast! 杀毒服务。包括常驻防护、病毒隔离区和调度器。] - "E:\Program Files\Alwil Software\Avast4\ashServ.exe" - (running)[/color][/color] [color=sienna][color=sienna]O23 - 未知 - Service: avast! Mail Scanner [为 avast! 杀毒软件执行电子邮件扫描。] - "E:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service - (running)[/color][/color] [color=sienna][color=sienna]O23 - 未知 - Service: avast! Web Scanner [为 avast! 杀毒软件执行网页(HTTP)扫描。] - "E:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service - (running)[/color][/color] [color=sienna][color=sienna]O23 - 未知 - Service: ccosm [Contrl Center of Storm Media] - G:\Program Files\StormII\stormliv.exe /asservice - (running)[/color][/color] [color=sienna][color=slategray]O23 - 未知 - Service: getPlus(R) Helper [getPlus(R) Helper] - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe - (not running)[/color][/color] [color=sienna][color=sienna]O23 - 未知 - Service: MPSVCService [微点主动防御软件] - E:\Program Files\Micropoint\MPSVC.exe - (running)[/color][/color] [color=sienna][color=sienna]O23 - 未知 - Service: RfwProxySrv [Rising Personal Proxy Service] - E:\Program Files\Rising\Rfw\rfwProxy.exe - (running)[/color][/color] [color=sienna][color=sienna]O23 - 未知 - Service: RfwService [Rising Personal Firewall Service] - E:\Program Files\Rising\Rfw\rfwsrv.exe - (running)[/color][/color] [color=sienna][color=slategray]O23 - 未知 - Service: SOSSrv [SOSSrv] - c:\Program files\StarSoftComm\StarOS3.0\SOSSrv.exe - (not running)[/color][/color] O30 - 未知 - HKLM\..\Winlogon: [Userinit] [Userinit Logon Application] C:\WINDOWS\system32\userinit.exe O30 - 未知 - HKLM\..\Winlogon: [Shell] [Windows Explorer] Explorer.exe O30 - 未知 - HKLM\..\Winlogon: [UIHost] [Windows Logon UI] logonui.exe ======================================= 100 - 安全 - Process: smss.exe [进程为会话管理子系统用以初始化系统变量,ms-dos驱动名称类似lpt1以及com,调用win32壳子系统和运行在windows登陆过程。] - C:\WINDOWS\System32\smss.exe 100 - 安全 - Process: csrss.exe [客户端服务子系统,用以控制windows图形相关子系统。] - C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=base 100 - 安全 - Process: winlogon.exe [windows nt用户登陆程序。] - C:\WINDOWS\system32\winlogon.exe 100 - 安全 - Process: services.exe [用于管理windows服务系统进程。] - C:\WINDOWS\system32\services.exe 100 - 安全 - Process: lsass.exe [本地安全权限服务控制windows安全机制。] - C:\WINDOWS\system32\lsass.exe 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k DcomLaunch 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost -k rpcss 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\System32\svchost.exe -k netsvcs 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k NetworkService 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k LocalService 100 - 安全 - Process: explorer.exe [windows program manager或者windows explorer用于控制windows图形shell,包括开始菜单、任务栏,桌面和文件管理。] - C:\WINDOWS\Explorer.EXE 100 - 安全 - Process: spoolsv.exe [windows打印任务控制程序,用以打印机就绪。] - C:\WINDOWS\system32\spoolsv.exe 100 - 安全 - Process: MDM.EXE [debug除错管理用于调试应用程序和microsoft office中的microsoft script editor脚本编辑器。] - C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 100 - 安全 - Process: nvsvc32.exe [nvidia driver helper service在nvida显卡驱动中被安装。] - C:\WINDOWS\system32\nvsvc32.exe 100 - 安全 - Process: svchost.exe [service host process是一个标准的动态连接库主机处理服务。] - C:\WINDOWS\system32\svchost.exe -k imgsvc 100 - 安全 - Process: alg.exe [这是一个应用层网关服务用于网络共享。] - C:\WINDOWS\System32\alg.exe 100 - 安全 - Process: soundman.exe [一个软声卡控制台软件。] - C:\WINDOWS\SOUNDMAN.EXE 100 - 安全 - Process: rundll32.exe [windows rundll32为了需要调用dlls的程序。] - C:\WINDOWS\system32\RUNDLL32.EXE 100 - 安全 - Process: realsched.exe [realone播放器安装时附带的升级提醒程序。] - C:\Program Files\Common Files\Real\Update_OB\realsched.exe 100 - 安全 - Process: SysExplr.exe [超级解霸软件,用于播放媒体文件。] - C:\Herosoft\HeroV8\SYSEXPLR.EXE 100 - 安全 - Process: unsecapp.exe [windows管理规范(wmi)相关程序,管理本地和远程计算机。] - C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding 100 - 安全 - Process: ctfmon.exe [office xp输入法图标。] - C:\WINDOWS\system32\ctfmon.exe 100 - 安全 - Process: VnetClient.exe [vnet虚拟拨号软件,用于adsl宽带拨号。] - C:\Program Files\ChinaNet\VnetClient.exe 100 - 安全 - Process: iexplore.exe [microsoft internet explorer浏览器用于浏览网页。] - C:\Program Files\Internet Explorer\iexplore.exe 100 - 安全 - Process: conime.exe [console ime ime输入法控制台软件。] - C:\WINDOWS\system32\conime.exe O2 - 安全 - BHO: (ThunderAtOnce Class) - [迅雷浏览器高级特性支持模块。] - {01443AEC-0FD1-40fd-9C87-E93D1494C233} - G:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll O2 - 安全 - BHO: (AcroIEHlprObj Class) - [Adobe Reader, 查看和打印 Adobe 便携文档格式 (PDF) 文件。] - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - 安全 - BHO: (QQToolbar) - [QQ工具栏。] - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - C:\Program Files\Tencent\QQToolbar\IEBar.dll O2 - 安全 - BHO: (VnetCookie Class) - [星空极速, 拨号软件。] - {4E83D567-4697-4F7B-B1F0-A513B01DB89A} - C:\PROGRA~1\ChinaNet\VNETTR~1.DLL O2 - 安全 - BHO: (Thunder Browser Helper) - [迅雷附带下载监视器相关文件。] - {889D2FEB-5411-4565-8998-1DD2C5261283} - G:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll O3 - 安全 - Toolbar: (QQToolbar) - [QQ工具栏。] - {29CF293A-1E7D-4069-9E11-E39698D0AF95} - C:\Program Files\Tencent\QQToolbar\IEBar.dll O4 - 安全 - HKLM\..\Run: [IMJPMIG8.1] [微软Microsoft输入法编辑器程序。] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - 安全 - HKLM\..\Run: [PHIME2002ASync] [输入法软件相关程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - 安全 - HKLM\..\Run: [PHIME2002A] [输入法软件相关程序。] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - 安全 - HKLM\..\Run: [SoundMan] [Realtek声卡相关程序。] SOUNDMAN.EXE O4 - 安全 - HKLM\..\Run: [NvCplDaemon] [是NVIDIA显示卡相关动态链接库文件。] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - 安全 - HKLM\..\Run: [nwiz] [是NVidia的Nview特性相关程序。该程序用于用户对其特性进行配置,将桌面扩展到多台显示器上。 ] nwiz.exe /install O4 - 安全 - HKLM\..\Run: [NvMediaCenter] [是NVidia显示卡相关文件。] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - 安全 - HKLM\..\Run: [TkBellExe] [是Real Networks产品定时升级检测程序。] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - 安全 - HKLM\..\Run: [SysExplr] [超级解霸] C:\Herosoft\HeroV8\SYSEXPLR.EXE O4 - 安全 - HKLM\..\Run: [IMSCMig] [微软拼音输入法安装工具。 ] C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload O4 - 安全 - HKLM\..\Run: [RfwMain] [瑞星防火墙程序,抵御黑客攻击。] "E:\Program Files\Rising\Rfw\rfwmain.exe" -Startup O4 - 安全 - HKLM\..\Run: [avast!] [avast网络安全套装的一部分。] E:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - 安全 - HKLM\..\Run: [360Safetray] [360safe实时保护功能模块。] E:\Program Files\360safe\safemon\360tray.exe /start O4 - 安全 - HKLM\..\Run: [BigDog305] [一款摄像头相关程序。] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305) O4 - 安全 - HKLM\..\Run: [360Safebox] [360安全卫士保险箱相关程序。] "C:\Program Files\360Safebox\safeboxTray.exe" /r O4 - 安全 - HKLM\..\Run: [KernelFaultCheck] [windows的错误报告工具] %systemroot%\system32\dumprep 0 -k O4 - 安全 - HKCU\..\Run: [ctfmon.exe] [office xp输入法图标。] C:\WINDOWS\system32\ctfmon.exe O4 - 安全 - Startup folder: [星空极速.lnk] [星空极速拨号客户端。] C:\Documents and Settings\All Users\「开始」菜单\程序\启动\星空极速.lnk [color=sienna]O23 - 安全 - Service: NVSvc [是NVIDIA显示卡相关程序。] - C:\WINDOWS\system32\nvsvc32.exe - (running)[/color] ======================================= O31 - 未知 - Notify: crypt32chain - C:\WINDOWS\system32\crypt32.dll - Microsoft Corporation - Crypto API32 - 5.131.2600.5512 - 591872 - 37b151c5364617bfef0f3e6cd4b4f8ef O31 - 未知 - Notify: cryptnet - C:\WINDOWS\system32\cryptnet.dll - Microsoft Corporation - Crypto Network Related API - 5.131.2600.5512 - 64512 - 3a3345f46a0c1efcf7cf3c7011f75270 O31 - 未知 - Notify: cscdll - C:\WINDOWS\system32\cscdll.dll - Microsoft Corporation - Offline Network Agent - 5.1.2600.5512 - 99840 - 5367c2839ecc3eede4c26ea4c16c5900 O31 - 未知 - Notify: dimsntfy - C:\WINDOWS\System32\dimsntfy.dll - Microsoft Corporation - DIMS Notification Handler - 5.1.2600.5512 - 19456 - b568e33952b4fa3806b0da12226a9712 O31 - 未知 - Notify: ScCertProp - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - Common DLL to receive Winlogon notifications - 5.1.2600.5512 - 89088 - 1761a1916119b4e34be1521a9e6876a5 O31 - 未知 - Notify: Schedule - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - Common DLL to receive Winlogon notifications - 5.1.2600.5512 - 89088 - 1761a1916119b4e34be1521a9e6876a5 O31 - 未知 - Notify: sclgntfy - C:\WINDOWS\system32\sclgntfy.dll - Microsoft Corporation - Secondary Logon Service Notification DLL - 5.1.2600.5512 - 18944 - 85b08d62a6dde9c39c1bf5a916ab46af O31 - 未知 - Notify: SensLogn - C:\WINDOWS\system32\WlNotify.dll - Microsoft Corporation - Common DLL to receive Winlogon notifications - 5.1.2600.5512 - 89088 - 1761a1916119b4e34be1521a9e6876a5 O31 - 未知 - Notify: termsrv - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - Common DLL to receive Winlogon notifications - 5.1.2600.5512 - 89088 - 1761a1916119b4e34be1521a9e6876a5 O31 - 未知 - Notify: wlballoon - C:\WINDOWS\system32\wlnotify.dll - Microsoft Corporation - Common DLL to receive Winlogon notifications - 5.1.2600.5512 - 89088 - 1761a1916119b4e34be1521a9e6876a5 O31 - 未知 - SODL: {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation - Windows Shell Common Dll - 6.0.2900.5512 - 8318976 - O31 - 未知 - SODL: {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation - Windows Shell Common Dll - 6.0.2900.5512 - 8318976 - O31 - 未知 - SODL: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.5512 - 265728 - 8ef94370fa71c84bdb7bd17831bbe255 O31 - 未知 - SODL: {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll - Microsoft Corporation - Systray shell service object - 5.1.2600.5512 - 121344 - 453b554fc3830752eddddc473a1ea5a4 O31 - 未知 - SODL: {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll - Microsoft Corporation - Windows Portable Device Shell Service Object - 5.2.5358.4827 - 52224 - 8f9a244a9e6d7c3566c9c6b064d8767c O31 - 未知 - SEApproved: {00022613-0000-0000-C000-000000000046} - C:\WINDOWS\system32\mmsys.cpl - Microsoft Corporation - Control Panel Drivers Applet - 5.1.2600.5512 - 600064 - ad498384d552295103b6d887a5ef90f6 O31 - 未知 - SEApproved: {176d6597-26d3-11d1-b350-080036a75b03} - C:\WINDOWS\system32\icmui.dll - Microsoft Corporation - Microsoft Color Matching System User Interface DLL - 5.1.2600.0 - 54784 - 25e23917a19873e24457d9bd433108e8 O31 - 未知 - SEApproved: {1F2E5C40-9550-11CE-99D2-00AA006E086C} - C:\WINDOWS\system32\rshx32.dll - Microsoft Corporation - Security Shell Extension - 5.1.2600.5512 - 37888 - 43e1472143fac3607cc837359a404455 O31 - 未知 - SEApproved: {3EA48300-8CF6-101B-84FB-666CCB9BCD32} - C:\WINDOWS\system32\docprop.dll - Microsoft Corporation - OLE DocFile Property Page - 5.1.2600.0 - 46080 - b6f75dd82f6a3596ef934b0e648f4199 O31 - 未知 - SEApproved: {40dd6e20-7c17-11ce-a804-00aa003ca9f6} - C:\WINDOWS\system32\ntshrui.dll - Microsoft Corporation - Shell extensions for sharing - 5.1.2600.5512 - 137216 - adf07c8087d3357efaa66b0e88720fef O31 - 未知 - SEApproved: {41E300E0-78B6-11ce-849B-444553540000} - C:\WINDOWS\system32\themeui.dll - Microsoft Corporation - Windows Theme API - 6.0.2900.5512 - 371200 - 329fe82e19db9844f43f05d043163f8a O31 - 未知 - SEApproved: {42071712-76d4-11d1-8b24-00a0c9068ff3} - C:\WINDOWS\system32\deskadp.dll - Microsoft Corporation - Advanced display adapter properties - 6.0.2600.0 - 16384 - 2df0148bcdf1a691e47ae5fe7a3220c0 O31 - 未知 - SEApproved: {42071713-76d4-11d1-8b24-00a0c9068ff3} - C:\WINDOWS\system32\deskmon.dll - Microsoft Corporation - Advanced display monitor properties - 6.0.2600.0 - 16896 - 1ae273152358333693595948a63c0ea7 O31 - 未知 - SEApproved: {42071714-76d4-11d1-8b24-00a0c9068ff3} - deskpan.dll - - - - 0 - O31 - 未知 - SEApproved: {4E40F770-369C-11d0-8922-00A024AB2DBB} - C:\WINDOWS\system32\dssec.dll - Microsoft Corporation - Directory Service Security UI - 5.1.2600.5512 - 48640 - 84c866ee9eee2e3edc2afb16f5be6424 O31 - 未知 - SEApproved: {513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} - C:\WINDOWS\system32\SlayerXP.dll - Microsoft Corporation - Compatibility Tab Shell Extension DLL - 5.1.2600.5512 - 24576 - db0a4131a745ee5c1bf6cd05264faf01 O31 - 未知 - SEApproved: {56117100-C0CD-101B-81E2-00AA004AE837} - C:\WINDOWS\system32\shscrap.dll - Microsoft Corporation - Shell scrap object handler - 5.1.2600.5512 - 25600 - 14100aa1fcfff21ede1cfd91966e0cfd O31 - 未知 - SEApproved: {59099400-57FF-11CE-BD94-0020AF85B590} - C:\WINDOWS\system32\diskcopy.dll - Microsoft Corporation - Windows DiskCopy - 6.0.2900.5512 - 1502208 - 14bf085180acb98f9bbb14ef98625748 O31 - 未知 - SEApproved: {59be4990-f85c-11ce-aff7-00aa003ca9f6} - C:\WINDOWS\system32\ntlanui2.dll - Microsoft Corporation - Network object shell UI - 5.1.2600.0 - 14336 - 36feaeb24262211c77548bd118eb82d6 O31 - 未知 - SEApproved: {5DB2625A-54DF-11D0-B6C4-0800091AA605} - C:\WINDOWS\System32\icmui.dll - Microsoft Corporation - Microsoft Color Matching System User Interface DLL - 5.1.2600.0 - 54784 - 25e23917a19873e24457d9bd433108e8 O31 - 未知 - SEApproved: {675F097E-4C4D-11D0-B6C1-0800091AA605} - C:\WINDOWS\system32\icmui.dll - Microsoft Corporation - Microsoft Color Matching System User Interface DLL - 5.1.2600.0 - 54784 - 25e23917a19873e24457d9bd433108e8 O31 - 未知 - SEApproved: 无效的CLSID:Shell extensions for file compression - - - - - 0 - O31 - 未知 - SEApproved: {77597368-7b15-11d0-a0c2-080036af3f03} - C:\WINDOWS\system32\printui.dll - Microsoft Corporation - Print UI DLL - 5.1.2600.5512 - 524288 - da7346950a3282a6db8a327ec0e5fbe7 O31 - 未知 - SEApproved: {7988B573-EC89-11cf-9C00-00AA00A14F56} - C:\WINDOWS\system32\dskquoui.dll - Microsoft Corporation - Windows Shell Disk Quota UI DLL - 5.1.2600.5512 - 146432 - d0ed2bc0f0dabcbb693794f6b95f085f O31 - 未知 - SEApproved: 无效的CLSID:加密上下文菜单 - - - - - 0 - O31 - 未知 - SEApproved: {85BBD920-42A0-1069-A2E4-08002B30309D} - C:\WINDOWS\system32\syncui.dll - Microsoft Corporation - Windows Briefcase - 5.1.2600.5512 - 177152 - a1c52eb02259c0f3f2eac6fea99c6b1d O31 - 未知 - SEApproved: {88895560-9AA2-1069-930E-00AA0030EBC8} - C:\WINDOWS\system32\hticons.dll - Hilgraeve, Inc. - HyperTerminal Applet Library - 5.1.2600.0 - 44544 - 455e63cc325be7a6d87059b0e457bcc9 O31 - 未知 - SEApproved: {BD84B380-8CA2-1069-AB1D-08000948F534} - C:\WINDOWS\system32\fontext.dll - Microsoft Corporation - Windows Font Folder - 5.1.2600.5512 - 375808 - e5e3ea01148fd995fc6f4fa16e28bd85 O31 - 未知 - SEApproved: {DBCE2480-C732-101B-BE72-BA78E9AD5B27} - C:\WINDOWS\system32\icmui.dll - Microsoft Corporation - Microsoft Color Matching System User Interface DLL - 5.1.2600.0 - 54784 - 25e23917a19873e24457d9bd433108e8 O31 - 未知 - SEApproved: {F37C5810-4D3F-11d0-B4BF-00AA00BBB723} - C:\WINDOWS\system32\rshx32.dll - Microsoft Corporation - Security Shell Extension - 5.1.2600.5512 - 37888 - 43e1472143fac3607cc837359a404455 O31 - 未知 - SEApproved: {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} - C:\WINDOWS\system32\ntshrui.dll - Microsoft Corporation - Shell extensions for sharing - 5.1.2600.5512 - 137216 - adf07c8087d3357efaa66b0e88720fef O31 - 未知 - SEApproved: {f92e8c40-3d33-11d2-b1aa-080036a75b03} - C:\WINDOWS\system32\deskperf.dll - Microsoft Corporation - Advanced display performance properties - 5.1.2600.0 - 18432 - 82f4dd2113aff745c63abdba3ecf2c56 O31 - 未知 - SEApproved: {7444C717-39BF-11D1-8CD9-00C04FC29D45} - C:\WINDOWS\system32\cryptext.dll - Microsoft Corporation - Crypto Shell Extensions - 5.131.2600.5512 - 52736 - 1acced98a7803c8a0d109a8fc9a935e6 O31 - 未知 - SEApproved: {7444C719-39BF-11D1-8CD9-00C04FC29D45} - C:\WINDOWS\system32\cryptext.dll - Microsoft Corporation - Crypto Shell Extensions - 5.131.2600.5512 - 52736 - 1acced98a7803c8a0d109a8fc9a935e6 O31 - 未知 - SEApproved: {7007ACC7-3202-11D1-AAD2-00805FC1270E} - C:\WINDOWS\system32\NETSHELL.dll - Microsoft Corporation - Network Connections Shell - 5.1.2600.5512 - 1651712 - a051fa53df49078385f6c960b8e81841 O31 - 未知 - SEApproved: {992CFFA0-F557-101A-88EC-00DD010CCC48} - C:\WINDOWS\system32\NETSHELL.dll - Microsoft Corporation - Network Connections Shell - 5.1.2600.5512 - 1651712 - a051fa53df49078385f6c960b8e81841 O31 - 未知 - SEApproved: {E211B736-43FD-11D1-9EFB-0000F8757FCD} - C:\WINDOWS\system32\wiashext.dll - Microsoft Corporation - Imaging Devices Shell Folder UI - 5.1.2600.5512 - 579072 - dfdf35dd0ab1904d2afc3080d29df4eb O31 - 未知 - SEApproved: {FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD} - C:\WINDOWS\system32\wiashext.dll - Microsoft Corporation - Imaging Devices Shell Folder UI - 5.1.2600.5512 - 579072 - dfdf35dd0ab1904d2afc3080d29df4eb O31 - 未知 - SEApproved: {905667aa-acd6-11d2-8080-00805f6596d2} - C:\WINDOWS\system32\wiashext.dll - Microsoft Corporation - Imaging Devices Shell Folder UI - 5.1.2600.5512 - 579072 - dfdf35dd0ab1904d2afc3080d29df4eb O31 - 未知 - SEApproved: {3F953603-1008-4f6e-A73A-04AAC7A992F1} - C:\WINDOWS\system32\wiashext.dll - Microsoft Corporation - Imaging Devices Shell Folder UI - 5.1.2600.5512 - 579072 - dfdf35dd0ab1904d2afc3080d29df4eb O31 - 未知 - SEApproved: {83bbcbf3-b28a-4919-a5aa-73027445d672} - C:\WINDOWS\system32\wiashext.dll - Microsoft Corporation - Imaging Devices Shell Folder UI - 5.1.2600.5512 - 579072 - dfdf35dd0ab1904d2afc3080d29df4eb O31 - 未知 - SEApproved: {F0152790-D56E-4445-850E-4F3117DB740C} - C:\WINDOWS\system32\remotepg.dll - Microsoft Corporation - Remote Sessions CPL Extension - 5.1.2600.5512 - 57344 - b3e21dc65276c67b90791c43a53c4b2a O31 - 未知 - SEApproved: {60254CA5-953B-11CF-8C96-00AA00B8708C} - C:\WINDOWS\system32\wshext.dll - Microsoft Corporation - Microsoft (R) Shell Extension for Windows Script Host - 5.7.0.18066 - 90112 - 9998e051b817213c3fa7b0c9bd829d78 O31 - 未知 - SEApproved: {2206CDB2-19C1-11D1-89E0-00C04FD7A829} - C:\Program Files\Common Files\System\Ole DB\oledb32.dll - Microsoft Corporation - Microsoft Data Access - OLE DB Core Services - 2.81.1132.0 - 487424 - 6c2146012bc6838a1e1d3d7237f7443d O31 - 未知 - SEApproved: {DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF} - C:\WINDOWS\system32\mstask.dll - Microsoft Corporation - Task Scheduler interface DLL - 5.1.2600.5512 - 260096 - e47f7e7d6cef319cc29fde57ccf7e000 O31 - 未知 - SEApproved: {797F1E90-9EDD-11cf-8D8E-00AA0060F5BF} - C:\WINDOWS\system32\mstask.dll - Microsoft Corporation - Task Scheduler interface DLL - 5.1.2600.5512 - 260096 - e47f7e7d6cef319cc29fde57ccf7e000 O31 - 未知 - SEApproved: {D6277990-4C6A-11CF-8D87-00AA0060F5BF} - C:\WINDOWS\system32\mstask.dll - Microsoft Corporation - Task Scheduler interface DLL - 5.1.2600.5512 - 260096 - e47f7e7d6cef319cc29fde57ccf7e000 O31 - 未知 - SEApproved: {2559a1f7-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {5F327514-6C5E-4d60-8F16-D07FA08A78ED} - C:\WINDOWS\system32\wuaucpl.cpl - Microsoft Corporation - Automatic Updates Control Panel - 7.2.6001.784 - 215752 - 762d61fbdb208fa6469a505325e9457e O31 - 未知 - SEApproved: {0DF44EAA-FF21-4412-828E-260A8728E7F1} - - - - - 0 - O31 - 未知 - SEApproved: {2559a1f0-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {2559a1f1-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {2559a1f2-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {2559a1f3-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {2559a1f4-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {2559a1f5-21d7-11d4-bdaf-00c04f60b9f0} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {D20EA4E1-3957-11d2-A40B-0C5020524152} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {D20EA4E1-3957-11d2-A40B-0C5020524153} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {596AB062-B4D2-4215-9F74-E9109B0A8153} - C:\WINDOWS\system32\twext.dll - Microsoft Corporation - Previous Versions property page - 6.0.3800.5512 - 57856 - 2af1e5899c0d6e158ebc22bb5b55abdf O31 - 未知 - SEApproved: {9DB7A13C-F208-4981-8353-73CC61AE2783} - C:\WINDOWS\system32\twext.dll - Microsoft Corporation - Previous Versions property page - 6.0.3800.5512 - 57856 - 2af1e5899c0d6e158ebc22bb5b55abdf O31 - 未知 - SEApproved: {875CB1A1-0F29-45de-A1AE-CFB4950D0B78} - C:\WINDOWS\system32\shmedia.dll - Microsoft Corporation - Media File Property Extractor Shell Extension - 6.0.2900.5512 - 148480 - c5fddcf7a4c46e10fd490787268e6186 O31 - 未知 - SEApproved: {40C3D757-D6E4-4b49-BB41-0E5BBEA28817} - C:\WINDOWS\system32\shmedia.dll - Microsoft Corporation - Media File Property Extractor Shell Extension - 6.0.2900.5512 - 148480 - c5fddcf7a4c46e10fd490787268e6186 O31 - 未知 - SEApproved: {E4B29F9D-D390-480b-92FD-7DDB47101D71} - C:\WINDOWS\system32\shmedia.dll - Microsoft Corporation - Media File Property Extractor Shell Extension - 6.0.2900.5512 - 148480 - c5fddcf7a4c46e10fd490787268e6186 O31 - 未知 - SEApproved: {87D62D94-71B3-4b9a-9489-5FE6850DC73E} - C:\WINDOWS\system32\shmedia.dll - Microsoft Corporation - Media File Property Extractor Shell Extension - 6.0.2900.5512 - 148480 - c5fddcf7a4c46e10fd490787268e6186 O31 - 未知 - SEApproved: {A6FD9E45-6E44-43f9-8644-08598F5A74D9} - C:\WINDOWS\system32\shmedia.dll - Microsoft Corporation - Media File Property Extractor Shell Extension - 6.0.2900.5512 - 148480 - c5fddcf7a4c46e10fd490787268e6186 O31 - 未知 - SEApproved: {c5a40261-cd64-4ccf-84cb-c394da41d590} - C:\WINDOWS\system32\shmedia.dll - Microsoft Corporation - Media File Property Extractor Shell Extension - 6.0.2900.5512 - 148480 - c5fddcf7a4c46e10fd490787268e6186 O31 - 未知 - SEApproved: {5E6AB780-7743-11CF-A12B-00AA004AE837} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {22BF0C20-6DA7-11D0-B373-00A0C9034938} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {91EA3F8B-C99B-11d0-9815-00C04FD91972} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {6413BA2C-B461-11d1-A18A-080036B11A03} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {F61FFEC1-754F-11d0-80CA-00AA005B4383} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {7BA4C742-9E81-11CF-99D3-00AA004AE837} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {30D02401-6A81-11d0-8274-00C04FD5AE38} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {169A0691-8DF9-11d1-A1C4-00C04FD75D13} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {07798131-AF23-11d1-9111-00A0C98BA67D} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {AF4F6510-F982-11d0-8595-00AA004CD6D8} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {01E04581-4EEE-11d0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {A08C11D2-A228-11d0-825B-00AA005B4383} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {00BB2763-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {7376D660-C583-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {6756A641-DE71-11d0-831B-00AA005B4383} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {6935DB93-21E8-4ccc-BEB9-9FE3C77A297A} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {7e653215-fa25-46bd-a339-34a2790f3cb7} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {acf35015-526e-4230-9596-becbe19f0ac9} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {00BB2764-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {03C036F1-A186-11D0-824A-00AA005B4383} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {00BB2765-6A77-11D0-A535-00C04FD7D062} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {ECD4FC4E-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {3CCF8A41-5C85-11d0-9796-00AA00B90ADF} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {ECD4FC4C-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {ECD4FC4D-521C-11D0-B792-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {DD313E04-FEFF-11d1-8ECD-0000F87A470C} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {EF8AD2D1-AE36-11D1-B2D2-006097DF8C11} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {EFA24E61-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {0A89A860-D7B1-11CE-8350-444553540000} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {E7E4BC40-E76A-11CE-A9BB-00AA004AE837} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {A5E46E3A-8849-11D1-9D8C-00C04FC99D61} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {FBF23B40-E3F0-101B-8488-00AA003E56F8} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {3C374A40-BAE4-11CF-BF7D-00AA006946EE} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {FF393560-C2A7-11CF-BFF4-444553540000} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {7BD29E00-76C1-11CF-9DD0-00A0C9034933} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {7BD29E01-76C1-11CF-9DD0-00A0C9034933} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {A2B0DD40-CC59-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {67EA19A0-CCEF-11d0-8024-00C04FD75D13} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {131A6951-7F78-11D0-A979-00C04FD705A2} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {9461b922-3c5a-11d2-bf8b-00c04fb93661} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {3DC7A020-0ACD-11CF-A9BB-00AA004AE837} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {871C5380-42A0-1069-A2EA-08002B30309D} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {EFA24E64-B078-11d0-89E4-00C04FC9E26E} - C:\WINDOWS\system32\shdocvw.dll - Microsoft Corporation - Shell Doc Object and Control Library - 6.0.2900.5628 - 1498624 - 92416fd65b33189b4a843c9c001abddd O31 - 未知 - SEApproved: {9E56BE60-C50F-11CF-9A2C-00A0C90A90CE} - C:\WINDOWS\system32\sendmail.dll - Microsoft Corporation - Send Mail - 6.0.2900.5512 - 54272 - e9b841d97bbfa1dfca71da56baee134b O31 - 未知 - SEApproved: {9E56BE61-C50F-11CF-9A2C-00A0C90A90CE} - C:\WINDOWS\system32\sendmail.dll - Microsoft Corporation - Send Mail - 6.0.2900.5512 - 54272 - e9b841d97bbfa1dfca71da56baee134b O31 - 未知 - SEApproved: {88C6C381-2E85-11D0-94DE-444553540000} - C:\WINDOWS\system32\occache.dll - Microsoft Corporation - Object Control Viewer - 6.0.2900.5512 - 93696 - 761761327450221ed753839a11189a02 O31 - 未知 - SEApproved: {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.5512 - 265728 - 8ef94370fa71c84bdb7bd17831bbe255 O31 - 未知 - SEApproved: {ABBE31D0-6DAE-11D0-BECA-00C04FD940BE} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.5512 - 265728 - 8ef94370fa71c84bdb7bd17831bbe255 O31 - 未知 - SEApproved: {F5175861-2688-11d0-9C5E-00AA00A45957} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.5512 - 265728 - 8ef94370fa71c84bdb7bd17831bbe255 O31 - 未知 - SEApproved: {08165EA0-E946-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.5512 - 265728 - 8ef94370fa71c84bdb7bd17831bbe255 O31 - 未知 - SEApproved: {E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.5512 - 265728 - 8ef94370fa71c84bdb7bd17831bbe255 O31 - 未知 - SEApproved: {E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.5512 - 265728 - 8ef94370fa71c84bdb7bd17831bbe255 O31 - 未知 - SEApproved: {7D559C10-9FE9-11d0-93F7-00AA0059CE02} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.5512 - 265728 - 8ef94370fa71c84bdb7bd17831bbe255 O31 - 未知 - SEApproved: {E6CC6978-6B6E-11D0-BECA-00C04FD940BE} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.5512 - 265728 - 8ef94370fa71c84bdb7bd17831bbe255 O31 - 未知 - SEApproved: {D8BD2030-6FC9-11D0-864F-00AA006809D9} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.5512 - 265728 - 8ef94370fa71c84bdb7bd17831bbe255 O31 - 未知 - SEApproved: {7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB} - C:\WINDOWS\system32\webcheck.dll - Microsoft Corporation - Web Site Monitor - 6.0.2900.5512 - 265728 - 8ef94370fa71c84bdb7bd17831bbe255 O31 - 未知 - SEApproved: {352EC2B7-8B9A-11D1-B8AE-006008059382} - C:\WINDOWS\system32\appwiz.cpl - Microsoft Corporation - Shell Application Manager - 5.1.2600.5512 - 538112 - 41ea85bf563a1dbfbe9986592be7bb02 O31 - 未知 - SEApproved: {0B124F8F-91F0-11D1-B8B5-006008059382} - C:\WINDOWS\system32\appwiz.cpl - Microsoft Corporation - Shell Application Manager - 5.1.2600.5512 - 538112 - 41ea85bf563a1dbfbe9986592be7bb02 O31 - 未知 - SEApproved: {CFCCC7A0-A282-11D1-9082-006008059382} - C:\WINDOWS\system32\appwiz.cpl - Microsoft Corporation - Shell Application Manager - 5.1.2600.5512 - 538112 - 41ea85bf563a1dbfbe9986592be7bb02 O31 - 未知 - SEApproved: {e84fda7c-1d6a-45f6-b725-cb260c236066} - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation - Windows 图片和传真查看器 - 6.0.2900.5512 - 434176 - 3bb922990fab3e17fdc21102ee23219d O31 - 未知 - SEApproved: {66e4e4fb-f385-4dd0-8d74-a2efd1bc6178} - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation - Windows 图片和传真查看器 - 6.0.2900.5512 - 434176 - 3bb922990fab3e17fdc21102ee23219d O31 - 未知 - SEApproved: {00E7B358-F65B-4dcf-83DF-CD026B94BFD4} - - - - - 0 - O31 - 未知 - SEApproved: {3F30C968-480A-4C6C-862D-EFC0897BB84B} - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation - Windows 图片和传真查看器 - 6.0.2900.5512 - 434176 - 3bb922990fab3e17fdc21102ee23219d O31 - 未知 - SEApproved: {9DBD2C50-62AD-11d0-B806-00C04FD706EC} - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation - Windows 图片和传真查看器 - 6.0.2900.5512 - 434176 - 3bb922990fab3e17fdc21102ee23219d O31 - 未知 - SEApproved: {EAB841A0-9550-11cf-8C16-00805F1408F3} - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation - Windows 图片和传真查看器 - 6.0.2900.5512 - 434176 - 3bb922990fab3e17fdc21102ee23219d O31 - 未知 - SEApproved: {eb9b1153-3b57-4e68-959a-a3266bc3d7fe} - C:\WINDOWS\system32\shimgvw.dll - Microsoft Corporation - Windows 图片和传真查看器 - 6.0.2900.5512 - 434176 - 3bb922990fab3e17fdc21102ee23219d O31 - 未知 - SEApproved: {CC6EEFFB-43F6-46c5-9619-51D571967F7D} - C:\WINDOWS\system32\netplwiz.dll - Microsoft Corporation - Map Network Drives/Network Places Wizard - 5.1.2600.5512 - 847360 - 4ecb1555c502769a8250490fd04243e8 O31 - 未知 - SEApproved: {add36aa8-751a-4579-a266-d66f5202ccbb} - C:\WINDOWS\system32\netplwiz.dll - Microsoft Corporation - Map Network Drives/Network Places Wizard - 5.1.2600.5512 - 847360 - 4ecb1555c502769a8250490fd04243e8 O31 - 未知 - SEApproved: {6b33163c-76a5-4b6c-bf21-45de9cd503a1} - C:\WINDOWS\system32\netplwiz.dll - Microsoft Corporation - Map Network Drives/Network Places Wizard - 5.1.2600.5512 - 847360 - 4ecb1555c502769a8250490fd04243e8 O31 - 未知 - SEApproved: {58f1f272-9240-4f51-b6d4-fd63d1618591} - C:\WINDOWS\system32\netplwiz.dll - Microsoft Corporation - Map Network Drives/Network Places Wizard - 5.1.2600.5512 - 847360 - 4ecb1555c502769a8250490fd04243e8 O31 - 未知 - SEApproved: {7A9D77BD-5403-11d2-8785-2E0420524153} - - - - - 0 - O31 - 未知 - SEApproved: {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} - C:\WINDOWS\system32\zipfldr.dll - Microsoft Corporation - Compressed (zipped) Folders - 6.0.2900.5512 - 328704 - ebb68b43f6424aa37c59ba1775cf68db O31 - 未知 - SEApproved: {BD472F60-27FA-11cf-B8B4-444553540000} - C:\WINDOWS\system32\zipfldr.dll - Microsoft Corporation - Compressed (zipped) Folders - 6.0.2900.5512 - 328704 - ebb68b43f6424aa37c59ba1775cf68db O31 - 未知 - SEApproved: {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - C:\WINDOWS\system32\zipfldr.dll - Microsoft Corporation - Compressed (zipped) Folders - 6.0.2900.5512 - 328704 - ebb68b43f6424aa37c59ba1775cf68db O31 - 未知 - SEApproved: {f39a0dc0-9cc8-11d0-a599-00c04fd64433} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.5512 - 150016 - 8bb94215ea04f73a92a1b6966718d6fe O31 - 未知 - SEApproved: {f3aa0dc0-9cc8-11d0-a599-00c04fd64434} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.5512 - 150016 - 8bb94215ea04f73a92a1b6966718d6fe O31 - 未知 - SEApproved: {f3ba0dc0-9cc8-11d0-a599-00c04fd64435} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.5512 - 150016 - 8bb94215ea04f73a92a1b6966718d6fe O31 - 未知 - SEApproved: {f3da0dc0-9cc8-11d0-a599-00c04fd64437} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.5512 - 150016 - 8bb94215ea04f73a92a1b6966718d6fe O31 - 未知 - SEApproved: {f3ea0dc0-9cc8-11d0-a599-00c04fd64438} - C:\WINDOWS\system32\cdfview.dll - Microsoft Corporation - Channel Definition File Viewer - 6.0.2900.5512 - 150016 - 8bb94215ea04f73a92a1b6966718d6fe O31 - 未知 - SEApproved: {692F0339-CBAA-47e6-B5B5-3B84DB604E87} - C:\WINDOWS\system32\extmgr.dll - Microsoft Corporation - Extensions Manager - 6.0.2900.5512 - 55808 - d01d664b054090cb207ef58d420ebb5d O31 - 未知 - SEApproved: {63da6ec0-2e98-11cf-8d82-444553540000} - C:\WINDOWS\system32\msieftp.dll - Microsoft Corporation - Microsoft Internet Explorer FTP Folder Shell Extension - 6.0.2900.5512 - 240128 - af650a1ff69d061293458f294b5801a8 O31 - 未知 - SEApproved: {883373C3-BF89-11D1-BE35-080036B11A03} - C:\WINDOWS\system32\docprop2.dll - Microsoft Corporation - Microsoft DocProp Shell Ext - 5.1.2600.5512 - 47104 - 1807bd58214fb7bd720f02cfbd6b44d2 O31 - 未知 - SEApproved: {A9CF0EAE-901A-4739-A481-E35B73E47F6D} - C:\WINDOWS\system32\docprop2.dll - Microsoft Corporation - Microsoft DocProp Shell Ext - 5.1.2600.5512 - 47104 - 1807bd58214fb7bd720f02cfbd6b44d2 O31 - 未知 - SEApproved: {8EE97210-FD1F-4B19-91DA-67914005F020} - C:\WINDOWS\system32\docprop2.dll - Microsoft Corporation - Microsoft DocProp Shell Ext - 5.1.2600.5512 - 47104 - 1807bd58214fb7bd720f02cfbd6b44d2 O31 - 未知 - SEApproved: {0EEA25CC-4362-4A12-850B-86EE61B0D3EB} - C:\WINDOWS\system32\docprop2.dll - Microsoft Corporation - Microsoft DocProp Shell Ext - 5.1.2600.5512 - 47104 - 1807bd58214fb7bd720f02cfbd6b44d2 O31 - 未知 - SEApproved: {6A205B57-2567-4A2C-B881-F787FAB579A3} - C:\WINDOWS\system32\docprop2.dll - Microsoft Corporation - Microsoft DocProp Shell Ext - 5.1.2600.5512 - 47104 - 1807bd58214fb7bd720f02cfbd6b44d2 O31 - 未知 - SEApproved: {28F8A4AC-BBB3-4D9B-B177-82BFC914FA33} - C:\WINDOWS\system32\docprop2.dll - Microsoft Corporation - Microsoft DocProp Shell Ext - 5.1.2600.5512 - 47104 - 1807bd58214fb7bd720f02cfbd6b44d2 O31 - 未知 - SEApproved: {8A23E65E-31C2-11d0-891C-00A024AB2DBB} - C:\WINDOWS\system32\dsquery.dll - Microsoft Corporation - Directory Service Find - 5.1.2600.5512 - 235520 - 9a2a9abb42ff67db6b69af22cb9da05e O31 - 未知 - SEApproved: {9E51E0D0-6E0F-11d2-9601-00C04FA31A86} - C:\WINDOWS\system32\dsquery.dll - Microsoft Corporation - Directory Service Find - 5.1.2600.5512 - 235520 - 9a2a9abb42ff67db6b69af22cb9da05e O31 - 未知 - SEApproved: {163FDC20-2ABC-11d0-88F0-00A024AB2DBB} - C:\WINDOWS\system32\dsquery.dll - Microsoft Corporation - Directory Service Find - 5.1.2600.5512 - 235520 - 9a2a9abb42ff67db6b69af22cb9da05e O31 - 未知 - SEApproved: {F020E586-5264-11d1-A532-0000F8757D7E} - C:\WINDOWS\system32\dsquery.dll - Microsoft Corporation - Directory Service Find - 5.1.2600.5512 - 235520 - 9a2a9abb42ff67db6b69af22cb9da05e O31 - 未知 - SEApproved: {0D45D530-764B-11d0-A1CA-00AA00C16E65} - C:\WINDOWS\system32\dsuiext.dll - Microsoft Corporation - Directory Service Common UI - 5.1.2600.5512 - 112128 - 9a2eb718d96b5a6ea1b17bca09cc62a0 O31 - 未知 - SEApproved: {62AE1F9A-126A-11D0-A14B-0800361B1103} - C:\WINDOWS\system32\dsuiext.dll - Microsoft Corporation - Directory Service Common UI - 5.1.2600.5512 - 112128 - 9a2eb718d96b5a6ea1b17bca09cc62a0 O31 - 未知 - SEApproved: {ECF03A33-103D-11d2-854D-006008059367} - C:\WINDOWS\system32\mydocs.dll - Microsoft Corporation - My Documents Folder UI - 6.0.2900.5512 - 88576 - 94d15492ff46b5e6d82b9ae7a4a4f531 O31 - 未知 - SEApproved: {ECF03A32-103D-11d2-854D-006008059367} - C:\WINDOWS\system32\mydocs.dll - Microsoft Corporation - My Documents Folder UI - 6.0.2900.5512 - 88576 - 94d15492ff46b5e6d82b9ae7a4a4f531 O31 - 未知 - SEApproved: {4a7ded0a-ad25-11d0-98a8-0800361b1103} - C:\WINDOWS\system32\mydocs.dll - Microsoft Corporation - My Documents Folder UI - 6.0.2900.5512 - 88576 - 94d15492ff46b5e6d82b9ae7a4a4f531 O31 - 未知 - SEApproved: {750fdf0e-2a26-11d1-a3ea-080036587f03} - C:\WINDOWS\System32\cscui.dll - Microsoft Corporation - Client Side Caching UI - 5.1.2600.5512 - 304128 - 5e39348149e8f5b0ff1ee0bc1384665e O31 - 未知 - SEApproved: {10CFC467-4392-11d2-8DB4-00C04FA31A66} - C:\WINDOWS\System32\cscui.dll - Microsoft Corporation - Client Side Caching UI - 5.1.2600.5512 - 304128 - 5e39348149e8f5b0ff1ee0bc1384665e O31 - 未知 - SEApproved: {AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E} - C:\WINDOWS\System32\cscui.dll - Microsoft Corporation - Client Side Caching UI - 5.1.2600.5512 - 304128 - 5e39348149e8f5b0ff1ee0bc1384665e O31 - 未知 - SEApproved: {143A62C8-C33B-11D1-84FE-00C04FA34A14} - C:\WINDOWS\msagent\agentpsh.dll - Microsoft Corporation - Microsoft Agent Property Sheet Handler - 2.0.0.3427 - 24064 - 85b7be09e1e09653d349b44f1a72ee4e O31 - 未知 - SEApproved: {ECCDF543-45CC-11CE-B9BF-0080C87CDBA6} - C:\WINDOWS\system32\dfsshlex.dll - Microsoft Corporation - Distributed File System shell extension - 5.1.2600.5512 - 28672 - a624223fbccda3dcd55cad6306ab047a O31 - 未知 - SEApproved: {60fd46de-f830-4894-a628-6fa81bc0190d} - C:\WINDOWS\system32\photowiz.dll - Microsoft Corporation - Photo Printing Wizard - 5.1.2600.5512 - 167424 - dfca1b888f23ef94007d9235f0fc4ea3 O31 - 未知 - SEApproved: {7A80E4A8-8005-11D2-BCF8-00C04F72C717} - C:\WINDOWS\System32\mmcshext.dll - Microsoft Corporation - MMC Shell Extension DLL - 5.2.3790.4136 - 61440 - 34d4baf7dfae03c45718bd56f143e4be O31 - 未知 - SEApproved: {0CD7A5C0-9F37-11CE-AE65-08002B2E1262} - C:\WINDOWS\system32\cabview.dll - Microsoft Corporation - Cabinet File Viewer Shell Extension - 6.0.2900.5512 - 83456 - 2d02e0dc345507a78aafd5500043418d O31 - 未知 - SEApproved: {32714800-2E5F-11d0-8B85-00AA0044F941} - C:\Program Files\Outlook Express\wabfind.dll - Microsoft Corporation - Find People - 6.0.2900.5512 - 32768 - 72751f9b5874efc8b0f6220472b000d6 O31 - 未知 - SEApproved: {8DD448E6-C188-4aed-AF92-44956194EB1F} - C:\WINDOWS\system32\wmpshell.dll - Microsoft Corporation - Windows Media Player Launcher - 11.0.5358.4827 - 97792 - 72538b5c87e7d61ac3f16b77cc6763c0 O31 - 未知 - SEApproved: {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} - C:\WINDOWS\system32\wmpshell.dll - Microsoft Corporation - Windows Media Player Launcher - 11.0.5358.4827 - 97792 - 72538b5c87e7d61ac3f16b77cc6763c0 O31 - 未知 - SEApproved: {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} - C:\WINDOWS\system32\wmpshell.dll - Microsoft Corporation - Windows Media Player Launcher - 11.0.5358.4827 - 97792 - 72538b5c87e7d61ac3f16b77cc6763c0 O31 - 未知 - SEApproved: {21569614-B795-46b1-85F4-E737A8DC09AD} - C:\WINDOWS\system32\browseui.dll - Microsoft Corporation - Shell Browser UI Library - 6.0.2900.5512 - 1024512 - 1696bc86a75343c45c32c2428baef4f9 O31 - 未知 - SEApproved: {A70C977A-BF00-412C-90B7-034C51DA2439} - C:\WINDOWS\system32\nvcpl.dll - NVIDIA Corporation - NVIDIA Display Properties Extension - 6.14.10.9380 - 7700480 - O31 - 未知 - SEApproved: {FFB699E0-306A-11d3-8BD1-00104B6F7516} - C:\WINDOWS\system32\nvcpl.dll - NVIDIA Corporation - NVIDIA Display Properties Extension - 6.14.10.9380 - 7700480 - O31 - 未知 - SEApproved: {1CDB2949-8F65-4355-8456-263E7C208A5D} - C:\WINDOWS\system32\nvshell.dll - - - 6.14.10.11060 - 466944 - 4450bbaf1b77f2b87ab9c5ee4e69532c O31 - 未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A47} - C:\WINDOWS\system32\nvshell.dll - - - 6.14.10.11060 - 466944 - 4450bbaf1b77f2b87ab9c5ee4e69532c O31 - 未知 - SEApproved: {1E9B04FB-F9E5-4718-997B-B8DA88302A48} - C:\WINDOWS\system32\nvshell.dll - - - 6.14.10.11060 - 466944 - 4450bbaf1b77f2b87ab9c5ee4e69532c O31 - 未知 - SEApproved: {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - C:\Program Files\Real\RealPlayer\rpshell.dll - RealNetworks, Inc. - RealPlayer Shell Extensions - 1.0.1.2488 - 54848 - 60e2733856671fb24d386a4d0c976285 O31 - 未知 - SEApproved: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 121344 - db85440d8d5cfede55eab0f44edfb16f O31 - 未知 - SEApproved: {BDEADF00-C265-11D0-BCED-00A0C90AB50F} - C:\PROGRA~1\COMMON~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL - Microsoft Corporation - Microsoft Web Folders - 11.0.5510.0 - 1292872 - bdbf48d13c5343cced93e675effdb72c O31 - 未知 - SEApproved: {00020D75-0000-0000-C000-000000000046} - C:\PROGRA~1\MICROS~2\OFFICE11\MLSHEXT.DLL - Microsoft Corporation - Microsoft Shell Extension Library - 11.0.5510.0 - 29752 - 8e9f9e73497de21ec9f80806b339b68d O31 - 未知 - SEApproved: {0006F045-0000-0000-C000-000000000046} - C:\PROGRA~1\MICROS~2\OFFICE11\OLKFSTUB.DLL - Microsoft Corporation - Outlook Shell Hook for Start/Find - 11.0.5510.0 - 234048 - 5b6a43eab3c457639fcd4d8788d8a4d2 O31 - 未知 - SEApproved: {42042206-2D85-11D3-8CFF-005004838597} - C:\Program Files\Microsoft Office\OFFICE11\msohev.dll - Microsoft Corporation - Microsoft Office 2003 component - 11.0.5510.0 - 67128 - 165ae7a443f2139dd2c078ad87699f91 O31 - 未知 - SEApproved: {97C1D2CE-3AB4-4459-9142-D50D9338CB9A} - C:\Program Files\ACD Systems\RoboEnhancer\ScriptDropShellExt.dll - - RoboEnhancer ScriptDropShellExt Module - 0.5.0.1 - 135168 - dfa596039ed8cc4739e981af05412c1f O31 - 未知 - SEApproved: {A3AA3CE9-85F5-4EA0-85C9-3789D172A8CB} - E:\Program Files\Mozhe\AnanClient\DeletExt.dll - 墨者在线网络技术(北京)有限公司 - Mozhe Shell Ext Module - 1.0.0.1 - 123904 - 9bcbc5f57b6e1ecfe7df9272468789ea O31 - 未知 - SEApproved: {2CD8DCE9-8653-44f5-AC03-86B923FEAE22} - E:\Program Files\Mozhe\AnanClient\RunAsExt.dll - 墨者在线网络技术(北京)有限公司 - Mozhe Shell Ext Module - 1.0.0.1 - 262656 - e22211ac1c5b300b5a792a5549b47a94 O31 - 未知 - SEApproved: {640167b4-59b0-47a6-b335-a6b3c0695aea} - C:\WINDOWS\system32\Audiodev.dll - Microsoft Corporation - Portable Media Devices Shell Extension - 5.2.5358.4827 - 267776 - 8144dedfe7b8d6ed73e1f14dfc31019d O31 - 未知 - SEApproved: {35786D3C-B075-49b9-88DD-029876E11C01} - C:\WINDOWS\system32\wpdshext.dll - Microsoft Corporation - Portable Devices Shell Extension - 5.2.5358.4827 - 3745280 - O31 - 未知 - SEApproved: {D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} - C:\WINDOWS\system32\wpdshext.dll - Microsoft Corporation - Portable Devices Shell Extension - 5.2.5358.4827 - 3745280 - O31 - 未知 - Directory Menu: {A470F8CF-A1E8-4f65-8335-227475AA5C46} - C:\WINDOWS\system32\SHELL32.dll - Microsoft Corporation - Windows Shell Common Dll - 6.0.2900.5512 - 8318976 - O31 - 未知 - Directory Menu: {A3AA3CE9-85F5-4EA0-85C9-3789D172A8CB} - E:\Program Files\Mozhe\AnanClient\DeletExt.dll - 墨者在线网络技术(北京)有限公司 - Mozhe Shell Ext Module - 1.0.0.1 - 123904 - 9bcbc5f57b6e1ecfe7df9272468789ea O31 - 未知 - Directory Menu: {750fdf0e-2a26-11d1-a3ea-080036587f03} - C:\WINDOWS\System32\cscui.dll - Microsoft Corporation - Client Side Caching UI - 5.1.2600.5512 - 304128 - 5e39348149e8f5b0ff1ee0bc1384665e O31 - 未知 - Directory Menu: {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} - C:\WINDOWS\system32\ntshrui.dll - Microsoft Corporation - Shell extensions for sharing - 5.1.2600.5512 - 137216 - adf07c8087d3357efaa66b0e88720fef O31 - 未知 - Directory Menu: {B41DB860-8EE4-11D2-9906-E49FADC173CA} - C:\Program Files\WinRAR\rarext.dll - - - - 121344 - db85440d8d5cfede55eab0f44edfb16f O31 - 未知 - LSA: Authentication Packages - C:\WINDOWS\system32\msv1_0.dll - Microsoft Corporation - Microsoft Authentication Package v1.0 - 5.1.2600.5512 - 132608 - d1deba18e905c45d982b13d7d22d7cc6 O31 - 未知 - LSA: Notification Packages - C:\WINDOWS\system32\scecli.dll - Microsoft Corporation - Windows Security Configuration Editor Client Engine - 5.1.2600.5512 - 172032 - a1eef4afe28750729b5d085c19f2d5a6 O31 - 未知 - LSA: Security Packages - C:\WINDOWS\system32\kerberos.dll - Microsoft Corporation - Kerberos Security Package - 5.1.2600.5512 - 299520 - dbbed940a56f4cba33371d536b006171 O31 - 未知 - LSA: Security Packages - sv1_0.dll - - - - 0 - O31 - 未知 - LSA: Security Packages - channel.dll - - - - 0 - O31 - 未知 - LSA: Security Packages - C:\WINDOWS\system32\digest.dll - Microsoft Corporation - Digest SSPI Authentication Package - 6.0.2900.5512 - 68096 - 10b00da86a99b2efddcc79a6537c5916 ======================================= [color=sienna]O40 - csrss.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\ijt_base.dll - Inject Base - ab3aa4527440a0240c5ce1ad587fa52a[/color] [color=sienna]O40 - csrss.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\olemon.dll - Ole Mon Dll - 1bdf363f67e6554adb587da9b74d1ed1[/color] [color=sienna]O40 - winlogon.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - User Experience Controls Library - 2e641e9df345d202726eb2daf9d3f453[/color] [color=sienna]O40 - winlogon.exe - Micropoint Corporation - E:\Program Files\Micropoint\mp110031.dll - mp110031 - 93079e2a8882c9c57a43a25ca9b26bf3[/color] [color=sienna]O40 - winlogon.exe - Microsoft Corporation - C:\WINDOWS\System32\dimsntfy.dll - DIMS Notification Handler - b568e33952b4fa3806b0da12226a9712[/color] [color=sienna]O40 - winlogon.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\ijt_base.dll - Inject Base - ab3aa4527440a0240c5ce1ad587fa52a[/color] [color=sienna]O40 - winlogon.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\olemon.dll - Ole Mon Dll - 1bdf363f67e6554adb587da9b74d1ed1[/color] [color=sienna]O40 - services.exe - Microsoft Corporation - C:\WINDOWS\AppPatch\AcAdProc.dll - Windows Compatibility DLL - baf08d6d5abbed726c6d9da2617b5175[/color] [color=sienna]O40 - services.exe - Micropoint Corporation - E:\Program Files\Micropoint\mp110031.dll - mp110031 - 93079e2a8882c9c57a43a25ca9b26bf3[/color] [color=sienna]O40 - services.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - User Experience Controls Library - 2e641e9df345d202726eb2daf9d3f453[/color] [color=sienna]O40 - services.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\ijt_base.dll - Inject Base - ab3aa4527440a0240c5ce1ad587fa52a[/color] [color=sienna]O40 - services.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\olemon.dll - Ole Mon Dll - 1bdf363f67e6554adb587da9b74d1ed1[/color] [color=sienna]O40 - lsass.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - User Experience Controls Library - 2e641e9df345d202726eb2daf9d3f453[/color] [color=sienna]O40 - lsass.exe - Micropoint Corporation - E:\Program Files\Micropoint\mp110031.dll - mp110031 - 93079e2a8882c9c57a43a25ca9b26bf3[/color] [color=sienna]O40 - lsass.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\ijt_base.dll - Inject Base - ab3aa4527440a0240c5ce1ad587fa52a[/color] [color=sienna]O40 - lsass.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\olemon.dll - Ole Mon Dll - 1bdf363f67e6554adb587da9b74d1ed1[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - User Experience Controls Library - 2e641e9df345d202726eb2daf9d3f453[/color] [color=sienna]O40 - svchost.exe - Micropoint Corporation - E:\Program Files\Micropoint\mp110031.dll - mp110031 - 93079e2a8882c9c57a43a25ca9b26bf3[/color] [color=sienna]O40 - svchost.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\ijt_base.dll - Inject Base - ab3aa4527440a0240c5ce1ad587fa52a[/color] [color=sienna]O40 - svchost.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\olemon.dll - Ole Mon Dll - 1bdf363f67e6554adb587da9b74d1ed1[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - User Experience Controls Library - 2e641e9df345d202726eb2daf9d3f453[/color] [color=sienna]O40 - svchost.exe - Micropoint Corporation - E:\Program Files\Micropoint\mp110031.dll - mp110031 - 93079e2a8882c9c57a43a25ca9b26bf3[/color] [color=sienna]O40 - svchost.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\ijt_base.dll - Inject Base - ab3aa4527440a0240c5ce1ad587fa52a[/color] [color=sienna]O40 - svchost.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\olemon.dll - Ole Mon Dll - 1bdf363f67e6554adb587da9b74d1ed1[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - User Experience Controls Library - 2e641e9df345d202726eb2daf9d3f453[/color] [color=sienna]O40 - svchost.exe - Micropoint Corporation - E:\Program Files\Micropoint\mp110031.dll - mp110031 - 93079e2a8882c9c57a43a25ca9b26bf3[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - c:\windows\system32\EapolQec.dll - Microsoft EAPOL NAP 强制客户端 - 70728e8880dd1340e6d142a2f94da2b5[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - c:\windows\system32\dot3api.dll - 802.3 自动配置 API - 2b827a509f34d1162cc48515a923d932[/color] [color=sienna]O40 - svchost.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\ijt_base.dll - Inject Base - ab3aa4527440a0240c5ce1ad587fa52a[/color] [color=sienna]O40 - svchost.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\olemon.dll - Ole Mon Dll - 1bdf363f67e6554adb587da9b74d1ed1[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\System32\dot3dlg.dll - 802.3 UI 帮助程序 - b57ebc7f350deb98ab761760c5faf04b[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - User Experience Controls Library - 2e641e9df345d202726eb2daf9d3f453[/color] [color=sienna]O40 - svchost.exe - Micropoint Corporation - E:\Program Files\Micropoint\mp110031.dll - mp110031 - 93079e2a8882c9c57a43a25ca9b26bf3[/color] [color=sienna]O40 - svchost.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\ijt_base.dll - Inject Base - ab3aa4527440a0240c5ce1ad587fa52a[/color] [color=sienna]O40 - svchost.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\olemon.dll - Ole Mon Dll - 1bdf363f67e6554adb587da9b74d1ed1[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - User Experience Controls Library - 2e641e9df345d202726eb2daf9d3f453[/color] [color=sienna]O40 - svchost.exe - Micropoint Corporation - E:\Program Files\Micropoint\mp110031.dll - mp110031 - 93079e2a8882c9c57a43a25ca9b26bf3[/color] [color=sienna]O40 - svchost.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\ijt_base.dll - Inject Base - ab3aa4527440a0240c5ce1ad587fa52a[/color] [color=sienna]O40 - svchost.exe - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\olemon.dll - Ole Mon Dll - 1bdf363f67e6554adb587da9b74d1ed1[/color] [color=sienna]O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - User Experience Controls Library - 2e641e9df345d202726eb2daf9d3f453[/color] [color=sienna]O40 - Explorer.EXE - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\ijt_base.dll - Inject Base - ab3aa4527440a0240c5ce1ad587fa52a[/color] [color=sienna]O40 - Explorer.EXE - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\olemon.dll - Ole Mon Dll - 1bdf363f67e6554adb587da9b74d1ed1[/color] [color=sienna]O40 - Explorer.EXE - Micropoint Corporation - E:\Program Files\Micropoint\mp110031.dll - mp110031 - 93079e2a8882c9c57a43a25ca9b26bf3[/color] [color=sienna]O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\dot3api.dll - 802.3 自动配置 API - 2b827a509f34d1162cc48515a923d932[/color] [color=sienna]O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\dot3dlg.dll - 802.3 UI 帮助程序 - b57ebc7f350deb98ab761760c5faf04b[/color] [color=sienna]O40 - Explorer.EXE - BillP Studios - E:\Program Files\BillP Studios\WinPatrol\PATROLPRO.DLL - WinPatrol Helper DLL - e3d474c28f53aa9b9a436b8d94cc19a4[/color] [color=sienna]O40 - Explorer.EXE - 360.CN - E:\Program Files\360safe\safemon\safemon.dll - 360安全卫士实时保护模块 - bee3f04837bbef6018bda79b4016d435[/color] [color=sienna]O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\mslbui.dll - LangageBar Add In - 466fb377a23645db3cc67e4af39feed6[/color] [color=sienna]O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\usbui.dll - USB UI Dll - 7f85021dc5dabd4c9459216d15997eca[/color] [color=sienna]O40 - Explorer.EXE - NVIDIA Corporation - C:\WINDOWS\system32\nvcpl.dll - NVIDIA Display Properties Extension - [/color] [color=sienna]O40 - Explorer.EXE - NVIDIA Corporation - C:\WINDOWS\system32\NVRSZHC.DLL - NVIDIA Simplified Chinese language resource library - a49c2d1c05ec8a9dc547dfac821dd1fc[/color] [color=sienna]O40 - Explorer.EXE - NVIDIA Corporation - C:\WINDOWS\system32\nvapi.dll - NVIDIA NVAPI Library, Version 93.80 - 1589e88be603ec8128a727229b83f038[/color] [color=sienna]O40 - Explorer.EXE - - C:\WINDOWS\system32\nvshell.dll - - 4450bbaf1b77f2b87ab9c5ee4e69532c[/color] [color=sienna]O40 - Explorer.EXE - Thunder Networking Technologies,LTD - G:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll - 迅雷浏览器高级特性支持模块 - a4800a943cf9664b8650ab295aea83c7[/color] [color=sienna]O40 - Explorer.EXE - Thunder Networking Technologies,LTD - G:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll - XunLeiBHO - 0ce577e907c45ec8337be8e2a02c69aa[/color] [color=sienna]O40 - Explorer.EXE - Thunder Networking Technologies,LTD - G:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll - DsBho - ee3adee73e96bc55d6209be46facd2c9[/color] [color=sienna]O40 - Explorer.EXE - Thunder Networking Technologies,LTD - G:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll - DataProcessor - 0ab986e0ca1178bf2a3136a51fbe4f59[/color] [color=sienna]O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\DSOUND.dll - DirectSound - a494c2e22412aa91ea176af45f204a8b[/color] [color=sienna]O40 - Explorer.EXE - 墨者在线网络技术(北京)有限公司 - E:\Program Files\Mozhe\AnanClient\DeletExt.dll - Mozhe Shell Ext Module - 9bcbc5f57b6e1ecfe7df9272468789ea[/color] [color=sienna]O40 - Explorer.EXE - - E:\Program Files\Mozhe\AnanClient\KernelConnector.dll - - c964ead6341d7aaa950243b92bbc352e[/color] [color=sienna]O40 - Explorer.EXE - ALWIL Software - E:\Program Files\Alwil Software\Avast4\ashShell.dll - avast! Shell Extension - 6b418cd914e9580bdaeba17d62a19198[/color] [color=sienna]O40 - Explorer.EXE - herosoft - C:\Herosoft\HeroV8\VCvtShell.dll - VCvtShell - 0303f471b69eb38bf96a902bad93780f[/color] [color=sienna]O40 - Explorer.EXE - 墨者在线网络技术(北京)有限公司 - E:\Program Files\Mozhe\AnanClient\RunAsExt.dll - Mozhe Shell Ext Module - e22211ac1c5b300b5a792a5549b47a94[/color] [color=sienna]O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll - Microsoft GDI+ - 8fa4be1434f4cd783036a8519bfdd8dd[/color] [color=sienna]O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\xpsp1res.dll - Service Pack 1 Messages - a647a5ff4b8d0c5001eaf58cf91a8101[/color] [color=sienna]O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\RichEd32.dll - Wrapper Dll for Richedit 1.0 - 5ae867ffb45eeca5e10153e5b265b074[/color] [color=sienna]O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\RICHED20.dll - Rich Text Edit Control, v3.0 - 0c07bdca334f542642c1ce1c5c6e93d2[/color] [color=sienna]O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\sti.dll - Still Image Devices client DLL - 7ad575e1c90b75114ea891a51a2457fb[/color] [color=sienna]O40 - Explorer.EXE - Adobe Systems Incorporated - G:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll - Adobe Acrobat IE Helper Version 6.0 for ActivieX - 0c0e1b2bcaed8df401be94d538bcb412[/color] [color=sienna]O40 - Explorer.EXE - Microsoft Corporation - C:\WINDOWS\system32\wiashext.dll - Imaging Devices Shell Folder UI - dfdf35dd0ab1904d2afc3080d29df4eb[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - User Experience Controls Library - 2e641e9df345d202726eb2daf9d3f453[/color] [color=sienna]O40 - svchost.exe - Micropoint Corporation - E:\Program Files\Micropoint\mp110031.dll - mp110031 - 93079e2a8882c9c57a43a25ca9b26bf3[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - c:\windows\system32\wiaservc.dll - Still Image Devices Service - e7906e5b988835f0d5c592e84a76a1bd[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\system32\wiavusd.dll - WIA Video Stream device USD - 41f1dcaecadd934366600f0e6750fb20[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll - Microsoft GDI+ - 8fa4be1434f4cd783036a8519bfdd8dd[/color] [color=sienna]O40 - svchost.exe - Microsoft Corporation - C:\WINDOWS\system32\sti.dll - Still Image Devices client DLL - 7ad575e1c90b75114ea891a51a2457fb[/color] [color=sienna]O40 - RUNDLL32.EXE - Microsoft Corporation - C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - User Experience Controls Library - 2e641e9df345d202726eb2daf9d3f453[/color] [color=sienna]O40 - RUNDLL32.EXE - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\ijt_base.dll - Inject Base - ab3aa4527440a0240c5ce1ad587fa52a[/color] [color=sienna]O40 - RUNDLL32.EXE - Beijing Rising Information Technology Co., Ltd. - E:\Program Files\Rising\Rfw\olemon.dll - Ole Mon Dll - 1bdf363f67e6554adb587da9b74d1ed1[/color] [color=sienna]O40 - RUNDLL32.EXE - NVIDIA Corporation - C:\WINDOWS\system32\NvMcTray.dll - NVIDIA Media Center Library - 426b6992fbb107d9175f649581030c45[/color] [color=sienna]O40 - RUNDLL32.EXE - NVIDIA Corporation - C:\WINDOWS\system32\nvapi.dll - NVIDIA NVAPI Library, Version 93.80 - 1589e88be603ec8128a727229b83f038[/color] [color=sienna]O40 - RUNDLL32.EXE - NVIDIA Corporation - C:\WINDOWS\system32\NVRSZHC.DLL - NVIDIA Simplified Chinese language resource library - a49c2d1c05ec8a9dc547dfac821dd1fc[/color] [color=sienna]O40 - RUNDLL32.EXE - Micropoint Corporation - E:\Program Files\Micropoint\mp110031.dll - mp110031 - 93079e2a8882c9c57a43a25ca9b26bf3[/color] ======================================= [color=sienna]O41 - ActMon - Active Monitor Driver - C:\WINDOWS\system32\drivers\ActMon.sys - (running) - Active Monitor Driver - 墨者在线网络技术(北京)有限公司 - ca01bc626e3f85ab53818de9f2cc6ae2[/color] [color=sienna]O41 - aswFsBlk - avast! File System Access Blocking Driver - C:\WINDOWS\system32\drivers\aswFsBlk.sys - (running) - avast! File System Access Blocking Driver - ALWIL Software - 976e2ad5a62044629c2de2ca8563722a[/color] [color=sienna]O41 - HookUrl - URL Filter Driver - E:\Program Files\Rising\Rfw\HookUrl.sys - (running) - URL Filter Driver - Beijing Rising Information Technology Co., Ltd. - ae55ccda611942855133257a0a195416[/color] [color=sienna]O41 - mp110001 - mp110001 - C:\WINDOWS\system32\drivers\MP110001.SYS - (running) - mp110001 - MicroPoint Corporation - a9b4ea4aaeb3b1f691e80ad00ee9a822[/color] [color=sienna]O41 - mp110002 - mp110002 - C:\WINDOWS\system32\drivers\MP110002.SYS - (running) - mp110002 - Micropoint Corporation - e50c4dd05b90ae9656e720f4c1098200[/color] [color=sienna]O41 - mp110003 - mp110003 - C:\WINDOWS\system32\drivers\MP110003.SYS - (running) - mp110003 - Micropoint Corporation - a984a579f756697d86210d8985047280[/color] [color=sienna]O41 - mp110004 - mp110004 - C:\WINDOWS\system32\drivers\MP110004.SYS - (running) - mp110004 - Micropoint Corporation - 5d41ecc4a38599de56c097f5e81c9bc8[/color] [color=sienna]O41 - mp110005 - mp110005 - C:\WINDOWS\system32\drivers\MP110005.SYS - (running) - mp110005 - Micropoint Corporation - 5f2cbb5fd38ec72edae35ccae611bbf7[/color] [color=sienna]O41 - mp110006 - mp110006 - C:\WINDOWS\system32\drivers\MP110006.SYS - (running) - mp110006 - Micropoint Corporation - 2e737a47e5824198477966c7ec0d8dc9[/color] [color=sienna]O41 - mp110007 - mp110007 - C:\WINDOWS\system32\drivers\MP110007.SYS - (running) - mp110007 - Micropoint Corporation - 3cdd1407c2959d0fcbb253bd7464ce9d[/color] [color=sienna]O41 - mp110008 - mp110008 - C:\WINDOWS\system32\drivers\MP110008.SYS - (running) - mp110008 - Micropoint Corporation - fe5e48f05ccae50f4556d1898331169d[/color] [color=sienna]O41 - mp110009 - mp110009 - C:\WINDOWS\system32\drivers\MP110009.SYS - (running) - mp110009 - Micropoint Corporation - bd6c377dc11d206df86a5292497b2b58[/color] [color=sienna]O41 - mp110010 - mp110010 - C:\WINDOWS\system32\drivers\MP110010.SYS - (running) - mp110010 - Micropoint Corporation - 876bbf572431e5ac7d26ba9029a9c86f[/color] [color=sienna]O41 - mp110011 - mp110011 - C:\WINDOWS\system32\drivers\MP110011.SYS - (running) - mp110011 - Micropoint Corporation - 5b3297d17beda047e1320f13a778aa47[/color] [color=sienna]O41 - mp110013 - mp110013 - C:\WINDOWS\system32\drivers\MP110013.SYS - (running) - mp110013 - Micropoint Corporation - 09eb74b8c7aefd045b25d48612e616f6[/color] [color=sienna]O41 - NPF - NPF Driver - TME extensions - C:\WINDOWS\system32\drivers\npf.sys - (running) - NPF Driver - TME extensions - Politecnico di Torino - f498c5c3399a60933196fc215ef074f9[/color] [color=sienna]O41 - npkcrypt - nProtect KeyCrypt Driver - C:\Program Files\Tencent\QQ\npkcrypt.sys - (running) - nProtect KeyCrypt Driver - INCA Internet Co., Ltd. - 8bcb281a2540e7aff0cd00f9878fe21f[/color] [color=sienna]O41 - RfwBase - net base driver - C:\WINDOWS\system32\drivers\rfwbase.sys - (running) - net base driver - Beijing Rising Information Technology Co., Ltd. - 855e2a9a30b8612a7841bd0ca8c5e1d1[/color] [color=sienna]O41 - RsFwDrv - Rules Driver - E:\Program Files\Rising\Rfw\rsfwdrv.sys - (running) - Rules Driver - Beijing Rising Information Technology Co., Ltd. - 5393fe5b16d665346375976335474270[/color] [color=sienna]O41 - SafeBoxKrnl - 360安全卫士 - 保险箱 - C:\Program Files\360Safebox\SafeBoxKrnl.sys - (running) - 360安全卫士 - 保险箱 - 奇虎网 - a608632e0987b3983753ed3d9795941d[/color] [color=sienna]O41 - ScbkEx - StarCenter - C:\WINDOWS\system32\drivers\ScbkEx.sys - (running) - StarCenter - Windows (R) 2000 DDK provider - ff48ceedd4d719b8b2372cb783ee5539[/color] [color=sienna]O41 - ScCchMgr - StarCenter - C:\WINDOWS\system32\drivers\ScCchMgr.sys - (running) - StarCenter - Windows (R) 2000 DDK provider - b8edf5462b769fb30057b1acbeea73d3[/color] [color=sienna]O41 - sscfs - StarCenter - C:\WINDOWS\system32\drivers\sscfs.sys - (running) - StarCenter - StarSoftComm Corporation - 539e0b91bd2bcc3209dbab8ba4848e54[/color] [color=sienna]O41 - sscmon - StarCenter - C:\WINDOWS\system32\drivers\sscmon.sys - (running) - StarCenter - StarSoftComm Corporation - bea611f9cb280942f55a3109c6e7d82a[/color] [color=sienna]O41 - ssfltpt - StarCenter - C:\WINDOWS\system32\drivers\ssfltpt.sys - (running) - StarCenter - StarSoftComm Corporation - d90ce7c1e192b1760c0f337ec0615843[/color] [color=sienna]O41 - ZSMC0305 - Video streaming and Capture Device Driver - C:\WINDOWS\system32\drivers\usbVM305.sys - (running) - Video streaming and Capture Device Driver - Vimicro Corporation - e0ef9025912b72b7e23301e06f2e106f[/color] [color=slategray]O41 - CCDECODE - WDM Closed Caption VBI Codec - C:\WINDOWS\system32\drivers\ccdecode.sys - (not running) - WDM Closed Caption VBI Codec - Microsoft Corporation - 0be5aef125be881c4f854c554f2b025c[/color] [color=slategray]O41 - MSTEE - WDM Tee/Communication Transform Filter - C:\WINDOWS\system32\drivers\mstee.sys - (not running) - WDM Tee/Communication Transform Filter - Microsoft Corporation - e53736a9e30c45fa9e7b5eac55056d1d[/color] [color=slategray]O41 - NABTSFEC - WDM NABTS/FEC VBI Codec - C:\WINDOWS\system32\drivers\nabtsfec.sys - (not running) - WDM NABTS/FEC VBI Codec - Microsoft Corporation - 5b50f1b2a2ed47d560577b221da734db[/color] [color=slategray]O41 - NdisIP - Microsoft IP Driver - C:\WINDOWS\system32\drivers\NdisIP.sys - (not running) - Microsoft IP Driver - Microsoft Corporation - 7ff1f1fd8609c149aa432f95a8163d97[/color] [color=slategray]O41 - SLIP - Microsoft Slip Deframing Filter Minidriver - C:\WINDOWS\system32\drivers\slip.sys - (not running) - Microsoft Slip Deframing Filter Minidriver - Microsoft Corporation - 866d538ebe33709a5c9f5c62b73b7d14[/color] [color=slategray]O41 - streamip - Microsoft IP Test Driver - C:\WINDOWS\system32\drivers\StreamIP.sys - (not running) - Microsoft IP Test Driver - Microsoft Corporation - 77813007ba6265c4b6098187e6ed79d2[/color] [color=slategray]O41 - WSTCODEC - WDM WST Codec Driver - C:\WINDOWS\system32\drivers\wstcodec.sys - (not running) - WDM WST Codec Driver - Microsoft Corporation - c98b39829c2bbd34e454150633c62c78[/color] ======================================= AntiEng.dll=4.3.0.1001 [userinit.exe情况] MD5: 431FED77E71B1831CD485890159D467C 文件大小: 25088 版本信息: 5.1.2600.5512 (xpsp.080413-2113) 是否签名: 是 未被感染 ======================================= [桌面快捷方式情况] E:\Program Files\360safe\360Safe.exe ======================================= [URL历史情况] [code] http://www.163disk.com/ContentPane.aspx?down=ok&filepath=raozehua%2f%cd%a6%bd%f8%d5%dfQQ%b4%f3%b5%c1.exe http://download.microsoft.com/download/7/7/3/773d0871-778d-4296-86c1-7a2bb1ae6bf7/WindowsXP-KB938464-x86-CHS.exe http://zhidao.baidu.com/q?word=Svchost.exe&ct=17&pn=0&tn=ikaslist&rn=10 http://static.getclicky.com/in.php?site_id=23964&srv=db3&title=WinPatrol%20%3A%20WinPatrol%20Non-PLUS%20Member%20Page&href=%2Fnonplus.html%3Fashdisp.exe&ref=&res=1024x768&lang=zh&x=0.8218745931976986 http://www.winpatrol.com/nonplus.html?ashdisp.exe http://static.getclicky.com/in.php?site_id=23964&srv=db3&title=WinPatrol%20%3A%20WinPatrol%20Non-PLUS%20Member%20Page&href=%2Fnonplus.html%3Fashdisp.exe&ref=&res=1024x768&lang=zh&x=0.5537256083131772 http://jifen.cnzz.com/soft/client_download/cspsetup.exe http://219.232.241.22:8080/cl/313/Fetion2008_3.1.0480.exe http://zhidao.baidu.com/q?word=Svchost.exe&ct=17&pn=0&tn=ikaslist&rn=10 http://219.232.241.22:8080/cl/66/Fetion2008_3.1.0480.exe http://www.ourboy.com.cn/SkypeClient.exe http://www.163disk.com/ContentPane.aspx?down=ok&filepath=raozehua%2f%cd%a6%bd%f8%d5%dfQQ%b4%f3%b5%c1.exe http://dl.idospace.com/cl/271/Fetion2008_3.1.0480.exe http://download.uusee.com/pop/UUSEE_u1th_Setup_js200627879.exe http://client.download.duba.net/KASSetupWithantiArp.exe http://www.winpatrol.com/nonplus.html?ashdisp.exe http://ftp-idc.pconline.com.cn/pub/download/200304/TypeEase2003SP1.exe http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=809984&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=2130125&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=1469921&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=2789921&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=4109921&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=3449921&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=5610078&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=4769921&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=2512703&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=3172484&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=6269937&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=1852718&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=39728375&ver=4.3.0.1008 http://dl.flashget.com/flashget2/fgspini.cab?Channel1=11155&Channel2=1 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=803921&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=1463859&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=39068531&ver=4.3.0.1008 http://dl.flashget.com/flashget2/fgspstu.cab http://scdown.qq.com/toolbar/download/TBAddr.cab http://scdown.qq.com/toolbar/download/Shuqian.cab http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=807296&ver=4.3.0.1008 http://dl.360safe.com/libspywa.dat/libspywa.dat.1.0.1.1520-1.0.1.1521.cab?t=5561234 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=7536234&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=1467453&ver=4.3.0.1008 http://scdown.qq.com/toolbar/download/IEBar21.cab http://dl.360safe.com/libspywa.dat/libspywa.dat.1.0.1.1524-1.0.1.1525.cab?t=5574484 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=6216234&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=8856859&ver=4.3.0.1008 http://dl.360safe.com/libleak2.cab?t=9785437 http://dl.360safe.com/libspywa.dat/libspywa.dat.1.0.1.1523-1.0.1.1524.cab?t=5571265 http://dl.360safe.com/libspyerp.dat/libspyerp.dat.1.0.0.1332-1.0.0.1333.cab?t=9750812 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=8196484&ver=4.3.0.1008 http://update.360safe.com/safe/safeup.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=9746640&ver=4.3.0.1008 http://dl.360safe.com/libspywa.dat/libspywa.dat.1.0.1.1519-1.0.1.1520.cab?t=5557437 http://dl.360safe.com/libspywa.dat/libspywa.dat.1.0.1.1525-1.0.1.1526.cab?t=6876500 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=3142500&ver=4.3.0.1008 http://dl.360safe.com/libdefa.cab?t=9771984 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=3802421&ver=4.3.0.1008 http://dl.360safe.com/siterule.dat/siterule.dat.1.0.1.1301-1.0.1.1302.cab?t=9774718 http://dl.360safe.com/libspywa.dat/libspywa.dat.1.0.1.1522-1.0.1.1523.cab?t=5567750 http://dl.360safe.com/libspywa.dat/libspywa.dat.1.0.1.1521-1.0.1.1522.cab?t=5564484 http://dl.360safe.com/cataloglib.cab?t=9785937 http://dl.360safe.com/libspyerp.dat/libspyerp.dat.1.0.0.1333-1.0.0.1338.cab?t=9754234 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=1470921&ver=4.3.0.1008 http://dl.360safe.com/siterule.dat/siterule.dat.1.0.1.1304-1.0.1.1305.cab?t=9777937 http://dl.360safe.com/siterule.dat/siterule.dat.1.0.1.1305-1.0.1.1306.cab?t=9778312 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=6876234&ver=4.3.0.1008 http://dl.360safe.com/libspyerp.dat/libspyerp.dat.1.0.0.1339-1.0.0.1340.cab?t=9763453 http://dl.360safe.com/libleak.dat/libleak.dat.1.0.1.1118-1.0.1.1119.cab?t=9768093 http://dl.360safe.com/links.cab?t=9768703 http://dl.360safe.com/libclsid.cab?t=9772734 http://dl.360safe.com/esslibupdate.cab?t=9778859 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=10451921&ver=4.3.0.1008 http://dl.360safe.com/siterule.dat/siterule.dat.1.0.1.1303-1.0.1.1304.cab?t=9777578 http://dl.360safe.com/libleak.dat/libleak.dat.1.0.1.1116-1.0.1.1117.cab?t=9766625 http://dl.360safe.com/siterule.dat/siterule.dat.1.0.1.1302-1.0.1.1303.cab?t=9775078 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=9516640&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=5556437&ver=4.3.0.1008 http://dl.360safe.com/libleak.dat/libleak.dat.1.0.1.1117-1.0.1.1118.cab?t=9767734 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=5168468&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=4508500&ver=4.3.0.1008 http://dl.360safe.com/libspyerp.dat/libspyerp.dat.1.0.0.1338-1.0.0.1339.cab?t=9759609 http://dl.360safe.com/libspyerp.dat/libspyerp.dat.1.0.0.1331-1.0.0.1332.cab?t=9747390 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=6488468&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=5828468&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=2130890&ver=4.3.0.1008 http://update.360safe.com/safe/safeup.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=7403468&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=14751671&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=16071937&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=10448109&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=12111781&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=7148468&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=9788140&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=22273250&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=15411984&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=7808109&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=13431671&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=12771687&ver=4.3.0.1008 http://update.360safe.com/safe/safeup.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=14666671&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=20293343&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=17394218&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=24253250&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=22933234&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=21613250&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=24913546&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=9128109&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=8468000&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=18054234&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=23593250&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=20953343&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=26893734&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=26233562&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=27553421&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=25573562&ver=4.3.0.1008 http://updatem.360safe.com/safe/safeupm.cab?type=tray&m=a4b588f42e4aa1283307abaa286f5d40&t=16734640&ver=4.3.0.1008 http://222.77.187.108/stat.htm?id=1010821&agt=mozilla/4.0%20%28compatible%3B%20msie%206.0%3B%20windows%20nt%205.1%3B%20sv1%3B%20ciba%3B%20maxthon%202.0%29&r=http%3A//61.132.216.243/alarm/alarm.html%3Fuser%3Dth5147998%26uip%3D60.168.8.206%26AVPASS%3DPHDGBITAVPASS%26AVURL%3Dhttp%3A//j.99081.com/lh123/QQdao2008.rar&aN=Microsoft%20Internet%20Explorer&lg=zh-cn&OS=Win32&aV=4.0%20%28compatible%3B%20MSIE%206.0%3B%20Windows%20NT%205.1%3B%20SV1%3B%20CIBA%29&ntime=0.18448600%201221216110&repeatip=0&rtime=1&cnzz_eid=90116533-http%3A//61.132.216.243/alarm/alarm.html%3Fuser%3Dth5147998%26uip%3D60.166.206.21%26AVPASS%3DPHDGBITAVPASS%26AVURL%3Dhttp%3A//lisen1987.bokee.com/5445723.html&showp=1024x768 http://dt.tongji.cn.yahoo.com/ystat.do?unit_id=746372&uv=16956713861801998938&nuv=0&cna=&cg=0&mid=0&mmland=0&ade=0&adtm=0&sttm=0&cpa=0&ss=1362196994&usn=0&ec=1&ref=http%3A//61.132.216.243/alarm/alarm.html%3Fuser%3Dth5147998%26uip%3D60.168.8.206%26AVPASS%3DPHDGBITAVPASS%26AVURL%3Dhttp%3A//j.99081.com/lh123/QQdao2008.rar&url=http%3A//61.132.216.243/alarm/online.html&dom=61.132.216.243&host=61.132.216.243&nac=Microsoft%20Internet%20Explorer&agt=Mozilla/4.0%20%28compatible%3B%20MSIE%206.0%3B%20Windows%20NT%205.1%3B%20SV1%3B%20CIBA%3B%20MAXTHON%202.0%29&clr=16-bit&scr=1024x768&lng=zh-cn&jvm=1&flu=9.0&tm=1221216107&tc=b144948d&ut=0&cnu=0.28097148907186126 http://61.132.216.243/alarm/alarm.html?user=th5147998&uip=60.168.8.206&AVPASS=PHDGBITAVPASS&AVURL=http://j.99081.com/lh123/QQdao2008.rar http://www.namipan.com/downfile/%E5%A4%A7%E9%99%86%E8%BA%AB%E4%BB%BD%E8%AF%81%E5%8F%B7%E7%94%9F%E6%88%90%E5%99%A8.rar/76a1f67f6cf4cdfbe021304ee1d56e41ed6403143d710900 http://222.186.8.197:8080/d/fid/76a1f67f6cf4cdfbe021304ee1d56e41ed6403143d710900/sid/56b0ce104a1bc9/fn/%E5%A4%A7%E9%99%86%E8%BA%AB%E4%BB%BD%E8%AF%81%E5%8F%B7%E7%94%9F%E6%88%90%E5%99%A8.rar http://img.namipan.com/downfile/76a1f67f6cf4cdfbe021304ee1d56e41ed6403143d710900/%E5%A4%A7%E9%99%86%E8%BA%AB%E4%BB%BD%E8%AF%81%E5%8F%B7%E7%94%9F%E6%88%90%E5%99%A8.rar http://61.132.216.243/alarm/alarm.html?user=th5147998&uip=60.168.8.206&AVPASS=PHDGBITAVPASS&AVURL=http://j.99081.com/lh123/QQdao2008.rar http://j.99081.com/lh123/QQdao2008.rar [/code] =======================================