[CODE] 2008-09-14,21:45:34 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) - Administrators ======================================== Registries [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <360Safetray> [(Verified)奇虎网, 5, 0, 0, 1002, C:2008-08-25 14:12 M:2008-08-25 14:12] [3L软件工作室(3LSoft), 5.25.0005, C:2007-01-06 14:14 M:2007-11-14 19:39] <"C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice> [(Verified)ESET, 3.0.672 , C:2008-08-18 13:23 M:2008-08-18 13:23] [N/A, C:2008-08-30 17:16 M:2008-08-30 17:16] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [HKEY_CURRENT_USER\Control Panel\Desktop] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用迅雷下载] <> [N/A, C:2008-09-14 02:15 M:2005-07-15 05:10] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用迅雷下载全部链接] <> [N/A, C:2008-09-14 02:15 M:2005-01-06 18:31] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent] [(Verified)ATI Technologies Inc., 6.14.10.4176, C:2008-09-14 12:22 M:2007-12-05 10:55] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <浏览器自定义组件> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [] ======================================== Startup Folders ======================================== Task ======================================== Components Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-11-07 01:29 M:2004-08-17 20:00] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56] [Eset Smart Security - Context Menu Shell Extension] {B089FE88-FB52-11D3-BDF1-0050DA34150D} [(Verified)ESET, 3.0.672 , C:2008-08-18 13:34 M:2008-08-18 13:34] BrowserHelperObject [ThunderIEHelper Class] {0005A87D-D626-4B3A-84F9-1D9571695F55} [Copyright 2004-2005, 4, 5, 1, 33, C:2008-09-14 14:19 M:2005-08-20 22:05] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] [] {FAB5DB90-F26D-435D-84B2-9FC4B02B630E} [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-09-14 14:28 M:2004-08-17 12:00] ActiveX Extension [ThunderIEHelper Class] {0005A87D-D626-4B3A-84F9-1D9571695F55} [Copyright 2004-2005, 4, 5, 1, 33, C:2008-09-14 14:19 M:2005-08-20 22:05] [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [(Verified)360.cn, 1, 0, 1, 1028, C:2008-07-16 22:00 M:2008-07-16 22:00] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 9,0,115,0, C:2007-11-21 08:04 M:2007-11-21 08:04] [] {FAB5DB90-F26D-435D-84B2-9FC4B02B630E} [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2008-09-14 14:28 M:2004-08-17 12:00] Context Menu [Eset Smart Security - Context Menu Shell Extension] {B089FE88-FB52-11D3-BDF1-0050DA34150D} [(Verified)ESET, 3.0.672 , C:2008-08-18 13:34 M:2008-08-18 13:34] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-02-02 02:17 M:2007-09-21 16:56] ======================================== Services [3ware Controller Service / 3wareSrv][Stopped/Disabled] <%SystemRoot%\System32\3wareSrv.exe> [N/A, C:2008-02-04 20:55 M:2006-02-26 23:21] [Application Layer Gateway Service / ALG][Stopped/Manual Start] <%SystemRoot%\System32\alg.exe> [] [Ati HotKey Poller / Ati HotKey Poller][Stopped/Disabled] <%SystemRoot%\system32\Ati2evxx.exe> [ATI Technologies Inc., 6.14.10.4183, C:2008-09-14 12:22 M:2007-12-05 10:54] [Contrl Center of Storm Media / ccosm][Stopped/Auto Start] [] [Indexing Service / CiSvc][Stopped/Disabled] <%SystemRoot%\system32\cisvc.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [ClipBook / ClipSrv][Stopped/Disabled] <%SystemRoot%\system32\clipsrv.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [COM+ System Application / COMSysApp][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start] <%SystemRoot%\System32\dmadmin.exe /com> [Microsoft Corp., Veritas Software, 2600.2180.503.0, C:2004-08-17 12:00 M:2004-08-17 12:00] [IMAPI CD-Burning COM Service / ImapiService][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [Kingsoft Basic Service / kaccore][Stopped/Manual Start] <"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"> [] [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180, C:2006-11-07 01:31 M:2004-08-17 20:00] [Distributed Transaction Coordinator / MSDTC][Stopped/Manual Start] [Microsoft Corporation, 2001.12.4414.258, C:2006-11-07 01:29 M:2004-08-17 20:00] [Windows Installer / MSIServer][Stopped/Manual Start] [Microsoft Corporation, 3.1.4000.1823, C:2004-08-17 12:00 M:2005-05-04 14:45] [Network DDE / NetDDE][Stopped/Disabled] <%SystemRoot%\system32\netdde.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [Network DDE DSDM / NetDDEdsdm][Stopped/Disabled] <%SystemRoot%\system32\netdde.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [Remote Desktop Help Session Manager / RDSessMgr][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-11-07 01:29 M:2004-08-17 20:00] [Remote Procedure Call (RPC) Locator / RpcLocator][Stopped/Manual Start] <%SystemRoot%\system32\locator.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [QoS RSVP / RSVP][Stopped/Manual Start] <%SystemRoot%\system32\rsvp.exe> [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00] [Smart Card / SCardSvr][Stopped/Manual Start] <%SystemRoot%\System32\SCardSvr.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [MS Software Shadow Copy Provider / SwPrv][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [Performance Logs and Alerts / SysmonLog][Stopped/Manual Start] <%SystemRoot%\system32\smlogsvc.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [Telnet / TlntSvr][Stopped/Disabled] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [Uninterruptible Power Supply / UPS][Stopped/Manual Start] <%SystemRoot%\System32\ups.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [Volume Shadow Copy / VSS][Stopped/Manual Start] <%SystemRoot%\System32\vssvc.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [WMI Performance Adapter / WmiApSrv][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-11-07 01:29 M:2004-08-17 20:00] [Eset HTTP Server / EhttpSrv][Stopped/Manual Start] <"C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe"> [(Verified)ESET, 3.0.672 , C:2008-08-18 13:30 M:2008-08-18 13:30] [Eset Service / ekrn][Running/Auto Start] <"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"> [(Verified)ESET, 3.0.672 , C:2008-08-18 13:25 M:2008-08-18 13:25] ======================================== Drivers [aaatimeo / aaatimeo][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aaatimeo.sys> [Microsoft Corporation, 5.00.1877.1, C:2008-02-04 20:55 M:2006-02-26 23:21] [AFAMgt / AFAMgt][Running/Boot Start] [Adaptec, Inc., 4.1.0.7427, C:2008-02-04 20:55 M:2006-03-28 22:43] [Agm30 / Agm30][Stopped/Boot Start] [] [ahcix86 / ahcix86][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ahcix86.sys> [ATI Technologies Inc., 2.5.1540.39 built by: WinDDK, C:2008-02-04 20:55 M:2007-03-07 18:47] [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] [Realtek Semiconductor Corp., 5.10.00.6280 built by: WinDDK, C:2008-09-14 12:27 M:2008-01-24 16:36] [amdbusdr / amdbusdr][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\amdbusdr.sys> [AMD, 8.2.8, C:2008-02-04 20:55 M:2006-02-26 23:21] [AMD EIDE 驱动程衼E / amdeide][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\AmdEide.sys> [AMD, 8.2.8, C:2008-02-04 20:55 M:2006-02-26 23:21] [SiI-3112 SATALink Controller / ASH1205][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ASH1205.sys> [Silicon Image, Inc., 1, 0, 0, 41, C:2008-02-04 20:55 M:2006-02-26 23:21] [ata1200a / ata1200a][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ata1200a.sys> [Adaptec, Inc., v1.3, C:2008-02-04 20:55 M:2006-02-26 23:21] [atiide / atiide][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\atiide.sys> [ATI Technologies Inc., 1.00.0000.3 built by: WinDDK, C:2008-02-04 20:55 M:2006-02-26 23:21] [Promise driver accelerator / bb-run][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\bb-run.sys> [Promise Technology, Inc., 1.0.1.2 built by: WinDDK, C:2008-02-04 20:55 M:2003-11-05 15:45] [DELL CERC SATA 1.5/6ch RAID Miniport Driver / cercsr6][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\cercsr6.sys> [Adaptec, Inc., 4.1.0.7010, C:2008-02-04 20:55 M:2006-03-28 22:43] [Cpq32fs2 / Cpq32fs2][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\Cpq32fs2.sys> [Hewlett-Packard Company, 5.24.00.0, C:2008-02-04 20:55 M:2002-11-18 23:47] [Promise Removable Disk Control Driver / dontgo][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\DontGo.sys> [Promise Technology, Inc., 1.0.0.3 built by: WinDDK, C:2008-02-04 20:55 M:2006-02-26 23:21] [fttxr52P / fttxr52P][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\fttxr52P.sys> [Promise Technology, Inc., 2.6.0.311 built by: WinDDK, C:2008-02-04 20:55 M:2005-11-09 01:07] [HpCISSm2 / HpCISSm2][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\HpCISSm2.sys> [Hewlett-Packard Company, 5.8.0.32 Build 1 (x86), C:2006-05-28 14:57 M:2006-06-16 18:17] [hptmv6 / hptmv6][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.04, C:2008-02-04 20:55 M:2006-02-26 23:21] [Intel RAID Controller / iaStor55][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\iaStor55.sys> [Intel Corporation, 5.5.0.1035, C:2008-02-04 20:55 M:2005-10-12 18:07] [Kqw74 / Kqw74][Stopped/Boot Start] [] [mv61xx / mv61xx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\mv61xx.sys> [Marvell Semiconductor, Inc., 1.2.0.24 built by: WinDDK, C:2008-02-04 20:55 M:2007-02-09 20:24] [mvSata / mvSata][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\mvsata.sys> [Marvell Semiconductors Inc., 3, 4, 1, 2, C:2008-02-04 20:55 M:2004-09-24 06:34] [nvatabus / nvatabus][Running/Boot Start] [NVIDIA Corporation, 5.10.2600.0666 built by: WinDDK, C:2006-05-26 15:59 M:2006-04-24 17:52] [NVIDIA nForce RAID Driver / nvrd32][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\nvrd32.sys> [NVIDIA Corporation, 10.1.0.20 built by: WinDDK, C:2008-02-04 20:55 M:2007-09-11 15:18] [ql2100 / ql2100][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql2100.sys> [QLogic Corporation, 7.05.05 (W2K), C:2006-08-31 00:17 M:2006-02-26 23:21] [ql2200 / ql2200][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql2200.sys> [QLogic Corporation, 8.1.5.12 (W2K IP), C:2006-08-31 00:17 M:2006-02-26 23:21] [rr172x / rr172x][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.0, C:2008-02-04 20:55 M:2007-06-12 18:06] [rr174x / rr174x][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.02, C:2008-02-04 20:55 M:2007-02-01 21:14] [rr2340 / rr2340][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.4, C:2008-02-04 20:55 M:2007-07-02 23:14] [SATALink External Device Filter / SiRemFil][Running/Boot Start] [Silicon Image, Inc., 1, 1, 6, 0, C:2008-02-04 20:55 M:2006-10-18 20:20] [sisraidx / sisraidx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sisraidx.sys> [Silicon Integrated Systems Corp., 2.11.01 built by: WinDDK, C:2008-02-04 20:55 M:2007-01-12 21:36] [tcpsr / tcpsr][Stopped/Manual Start] <\??\C:\WINDOWS\System32\drivers\tcpsr.sys> [] [ViBus / ViBus][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ViBus.sys> [VIA Technologies, Inc., 6.0.6000.212, C:2008-02-04 20:55 M:2007-03-26 21:26] [videX32 / videX32][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\videX32.sys> [VIA Technologies, Inc., 6.0.3790.160, C:2008-02-04 20:55 M:2006-10-18 03:22] [VIA SATA IDE Device Driver / ViPrt][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ViPrt.sys> [VIA Technologies, Inc., 6.0.6000.212, C:2008-02-04 20:55 M:2007-03-26 21:26] [VIA SATA IDE Hot-plug Driver / xfilt][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\xfilt.sys> [VIA Technologies,Inc, 6.0.5728.160, C:2008-02-04 20:55 M:2006-10-19 00:39] [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start] [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2006-11-07 01:20 M:2001-08-17 12:20] [AliIde / AliIde][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aliide.sys> [(Verified)Acer Laboratories Inc., 1.20, C:2005-06-29 18:14 M:2005-06-16 08:58] [AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\amdagp.sys> [(Verified)Advanced Micro Devices, Inc., 5.00 (xpsp_sp2_rtm.040803-2158), C:2008-02-04 20:55 M:2004-08-03 23:07] [AMD Processor Driver / AmdK8][Running/System Start] [(Verified)Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226), C:2005-08-12 09:09 M:2006-07-01 22:43] [ati2mtag / ati2mtag][Running/Manual Start] [(Verified)ATI Technologies Inc., 6.14.10.6755, C:2008-09-14 12:22 M:2007-12-05 13:26] [CmdIde / CmdIde][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\cmdide.sys> [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148), C:2004-04-12 20:37 M:2001-08-31 15:29] [EAMON / eamon][Running/Auto Start] [(Verified)ESET, 3.0.672 , C:2008-08-18 13:18 M:2008-08-18 13:18] [easdrv / easdrv][Running/System Start] [(Verified)ESET, 3.0.672 , C:2008-08-18 13:19 M:2008-08-18 13:19] [epfwtdir / epfwtdir][Running/System Start] [(Verified)N/A, C:2008-08-18 13:27 M:2008-08-18 13:27] [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] [(Verified)VIA Technologies, Inc. , 2.66, C:2006-11-07 01:20 M:2001-08-17 12:13] [Intel RAID Controller / iaStor70][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\iaStor70.sys> [(Verified)Intel Corporation, 7.0.0.1020, C:2008-02-04 20:55 M:2007-02-12 19:36] [KAVBootC / KAVBootC][Running/Boot Start] [(Verified)Kingsoft Corporation, 2008,04,28,85, C:2008-09-14 21:42 M:2008-06-17 08:59] [KAVSafe / KAVSafe][Running/Auto Start] <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys> [(Verified)Kingsoft Corporation, 2008,04,28,65, C:2008-09-14 21:42 M:2008-06-17 08:59] [nv / nv][Stopped/Manual Start] [(Verified)NVIDIA Corporation, 6.14.10.5673, C:2006-11-07 01:20 M:2004-08-03 22:29] [nvata / nvata][Running/Boot Start] [(Verified)NVIDIA Corporation, 5.10.2600.0552 built by: WinDDK, C:2008-09-14 12:21 M:2005-08-18 17:52] [NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start] [(Verified)NVIDIA Corporation, 1.00.03.05025, C:2008-09-14 12:22 M:2006-04-14 20:09] [nvgts / nvgts][Running/Boot Start] [(Verified)NVIDIA Corporation, 5.10.2600.0998 built by: WinDDK, C:2008-02-04 20:55 M:2007-08-09 11:11] [NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start] [(Verified)NVIDIA Corporation, 1.00.00.05025, C:2008-09-14 12:22 M:2006-04-14 20:09] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys> [(Verified)360安全中心, 2, 2, 2, 1007, C:2008-09-02 18:12 M:2008-09-02 18:12] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25] [SIS AGP Bus Filter / sisagp][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sisagp.sys> [(Verified)Silicon Integrated Systems Corporation, 5.12.01.2010 (xpsp_sp2_rtm.040803-2158), C:2008-02-04 20:55 M:2004-08-03 23:07] ======================================== Running Processes [PID: 604 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [PID: 680 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [PID: 716 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2006-09-24 16:42] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\WINDOWS\system32\Ati2evxx.dll [(Verified)ATI Technologies Inc., 6.14.10.4176, C:2008-09-14 12:22 M:2007-12-05 10:55] [PID: 760 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 772 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 916 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 984 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1100 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1160 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1264 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1440 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 12:00 M:2005-06-11 07:53] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 1644 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 12:00 M:2007-06-13 21:21] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] C:\WINDOWS\system32\browselc.dll [Microsoft Corporation, 6.00.2600.0000, C:1980-01-01 00:00 M:2001-09-29 14:39] [PID: 1776 / Administrator] C:\Program Files\360safe\safemon\360tray.exe [(Verified)奇虎网, 5, 0, 0, 1002, C:2008-08-25 14:12 M:2008-08-25 14:12] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] C:\Program Files\360safe\safemon\SafeKrnl.dll [(Verified)奇虎网, 4, 3, 0, 1003, C:2008-08-26 16:55 M:2008-08-26 16:55] C:\Program Files\360safe\AntiAdwa.dll [(Verified)360Safe.com, 4, 2, 0, 1001, C:2008-06-13 20:16 M:2008-06-13 20:16] C:\Program Files\360safe\live.dll [(Verified)360.cn, 1, 0, 1, 1028, C:2008-07-16 22:00 M:2008-07-16 22:00] [PID: 1796 / Administrator] D:\安装软件\系统工具--音速启动VStart50\VStart.exe [3L软件工作室(3LSoft), 5.25.0005, C:2007-01-06 14:14 M:2007-11-14 19:39] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] [PID: 1804 / Administrator] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [(Verified)ESET, 3.0.672 , C:2008-08-18 13:23 M:2008-08-18 13:23] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:28 M:2008-08-18 13:28] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:19 M:2008-08-18 13:19] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:22 M:2008-08-18 13:22] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:27 M:2008-08-18 13:27] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:36 M:2008-08-18 13:36] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:33 M:2008-08-18 13:33] [PID: 2000 / SYSTEM] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [(Verified)ESET, 3.0.672 , C:2008-08-18 13:25 M:2008-08-18 13:25] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:28 M:2008-08-18 13:28] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:19 M:2008-08-18 13:19] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:22 M:2008-08-18 13:22] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:27 M:2008-08-18 13:27] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:36 M:2008-08-18 13:36] C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:36 M:2008-08-18 13:36] C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll [(Verified)ESET, 3.0.672 , C:2008-08-18 13:33 M:2008-08-18 13:33] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 420 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] [PID: 4084 / Administrator] D:\Program Files\Maxthon2\Maxthon.exe [(Verified)Maxthon International ltd., 2, 0, 3, 4643, C:2007-08-31 16:25 M:2007-08-31 16:25] D:\Program Files\Maxthon2\MxExt.dll [(Verified)N/A, C:2007-08-31 16:27 M:2007-08-31 16:27] D:\Program Files\Maxthon2\mxpp.dll [(Verified)Maxthon, 1, 0, 0, 61, C:2007-08-31 16:27 M:2007-08-31 16:27] D:\Program Files\Maxthon2\MxSk.dll [(Verified)Maxthon, 1, 0, 0, 119, C:2007-08-31 16:27 M:2007-08-31 16:27] D:\Program Files\Maxthon2\MxProxy2.dll [(Verified)Maxthon Copyright (C) 2007, 1, 0, 0, 3531, C:2007-08-31 16:27 M:2007-08-31 16:27] D:\Program Files\Maxthon2\IMxWebBoost.dll [(Verified)Maxthon, 1, 0, 0, 67, C:2007-08-31 16:27 M:2007-08-31 16:27] D:\Program Files\Maxthon2\mxdb.dll [(Verified)N/A, C:2007-08-31 16:27 M:2007-08-31 16:27] D:\Program Files\Maxthon2\mxsafe.dll [(Verified)Maxthon, 1, 0, 0, 477, C:2007-08-31 16:27 M:2007-08-31 16:27] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] D:\Program Files\Maxthon2\MxFav.dll [(Verified)Maxthon, 1, 0, 0, 220, C:2007-08-31 16:27 M:2007-08-31 16:27] D:\Program Files\Maxthon2\maxzlib.dll [(Verified)(C) 1995-2004 Jean-loup Gailly & Mark Adler, 1.2.3, C:2007-08-31 16:27 M:2007-08-31 16:27] D:\Program Files\Maxthon2\mxtool.dll [(Verified)Copyright 2005, 1, 0, 0, 1, C:2007-08-31 16:28 M:2007-08-31 16:28] D:\Program Files\Maxthon2\mxfeedU.dll [(Verified)Maxthon (C) 2007, 1, 0, 45, 82, C:2007-08-31 16:27 M:2007-08-31 16:27] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 12:00] C:\WINDOWS\system32\SOGOUPY.IME [Sohu.com Inc., 3, 1, 0, 0, C:2008-01-02 10:29 M:2008-01-02 10:29] C:\Program Files\SogouInput\Plugin\SgImeWord.dll [Copyright 2006, 1, 0, 0, 31, C:2008-01-02 10:27 M:2008-01-02 10:27] C:\Program Files\SogouInput\ZipLib.dll [N/A, C:2008-01-02 10:23 M:2008-01-02 10:23] C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx [(Verified)Adobe Systems, Inc., 9,0,115,0, C:2007-11-21 08:04 M:2007-11-21 08:04] [PID: 172 / Administrator] D:\安装软件\FQQ1\QQ\QQ.exe [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 13:44] D:\安装软件\FQQ1\QQ\QQBaseClassInDll.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 13:45] D:\安装软件\FQQ1\QQ\QQHelperDll.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 13:46] D:\安装软件\FQQ1\QQ\BasicCtrlDll.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:13 M:2008-04-07 13:51] D:\安装软件\FQQ1\QQ\MSIMG32.dll [N/A, C:2008-08-02 19:14 M:2000-01-01 00:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] D:\安装软件\FQQ1\QQ\FinePlus.dll [N/A, C:2008-08-02 19:14 M:2000-01-01 00:00] D:\安装软件\FQQ1\QQ\fphelper.dll [N/A, C:2008-08-02 19:14 M:2000-01-01 00:00] D:\安装软件\FQQ1\QQ\QQAPI.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 13:45] D:\安装软件\FQQ1\QQ\LoginCtrl.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:13 M:2008-04-07 13:42] D:\安装软件\FQQ1\QQ\LoginCtrlRes.dll [TENCENT, 8,0,775,1803, C:2008-08-02 19:13 M:2008-04-07 13:42] D:\安装软件\FQQ1\QQ\QQRes.dll [TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 15:29] D:\安装软件\FQQ1\QQ\QQMainFrame.dll [(Verified)N/A, C:2008-08-02 19:14 M:2008-04-07 13:47] D:\安装软件\FQQ1\QQ\QQPlugin.dll [(Verified)N/A, C:2008-08-02 19:14 M:2008-04-07 13:48] D:\安装软件\FQQ1\QQ\UnReadMsgMgr.dll [(Verified)N/A, C:2008-08-02 19:14 M:2008-04-07 13:50] D:\安装软件\FQQ1\QQ\CQQApplication.dll [(Verified)N/A, C:2008-08-02 19:13 M:2008-04-07 14:07] D:\安装软件\FQQ1\QQ\FlashAvatarDll.dll [(Verified)版权所有 (C) 2005, 1, 4, 0, 1, C:2008-08-02 19:13 M:2008-04-07 13:42] D:\安装软件\FQQ1\QQ\NewSkin.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:13 M:2008-04-07 13:43] D:\安装软件\FQQ1\QQ\MailSummary.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:13 M:2008-04-07 13:43] D:\安装软件\FQQ1\QQ\QQSpace.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 14:07] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00] D:\安装软件\FQQ1\QQ\QQKnowledgeSearch.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 13:46] D:\安装软件\FQQ1\QQ\OEMApplication.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:13 M:2008-04-07 13:43] D:\安装软件\FQQ1\QQ\QQGroupMng.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 13:46] D:\安装软件\FQQ1\QQ\QQAllInOne.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 17:13] D:\安装软件\FQQ1\QQ\SCCore.dll [(Verified)TENCENT, 1, 6, 0, 2, C:2008-08-02 19:14 M:2008-04-07 13:49] D:\安装软件\FQQ1\QQ\CameraDll.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:13 M:2008-04-07 13:51] D:\安装软件\FQQ1\QQ\QQPet.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 13:48] D:\安装软件\FQQ1\QQ\UserDefinedHead.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 13:50] D:\安装软件\FQQ1\QQ\QQConfigPlugin.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 14:07] D:\安装软件\FQQ1\QQ\QQCustomFace.dll [(Verified)N/A, C:2008-08-02 19:14 M:2008-04-07 13:45] D:\安装软件\FQQ1\QQ\QQAvatar.dll [(Verified)N/A, C:2008-08-02 19:14 M:2008-04-07 13:45] D:\安装软件\FQQ1\QQ\LongConnection.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:13 M:2008-04-07 13:52] D:\安装软件\FQQ1\QQ\PhoneAPI.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 13:43] D:\安装软件\FQQ1\QQ\DialerAllinOne.dll [(Verified)tencent, 1, 4, 0, 0, C:2008-08-02 19:13 M:2008-04-07 13:42] D:\安装软件\FQQ1\QQ\BQQApplication.dll [(Verified)N/A, C:2008-08-02 19:13 M:2008-04-07 13:41] D:\安装软件\FQQ1\QQ\PersonalDesktop.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:14 M:2008-04-07 13:52] D:\安装软件\FQQ1\QQ\QQSysMsgMng.dll [(Verified)N/A, C:2008-08-02 19:14 M:2008-04-07 13:48] D:\安装软件\FQQ1\QQ\CommercesMng.dll [(Verified)TENCENT, 8,0,775,1803, C:2008-08-02 19:13 M:2008-04-07 13:41] D:\安装软件\FQQ1\QQ\QQAddr.dll [(Verified)深圳市腾讯计算机系统有限公司, 5, 0, 101, 330, C:2008-08-02 19:14 M:2008-04-07 13:53] D:\安装软件\FQQ1\QQ\QQSceneMng.dll [(Verified)N/A, C:2008-08-02 19:14 M:2008-04-07 13:48] D:\安装软件\FQQ1\QQ\AddrSearch.dll [(Verified)腾讯科技(深圳)有限公司, 2, 0, 1, 10, C:2008-08-02 19:13 M:2008-04-07 14:06] [PID: 1860 / Administrator] D:\安装软件\FQQ1\QQ\TXPlatform.exe [(Verified)Tencent, 1, 0, 170, 0, C:2008-08-02 19:14 M:2007-11-18 09:53] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] [PID: 1584 / Administrator] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.906\Syslog.exe [N/A, C:2008-09-14 21:45 M:2008-08-27 08:39] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] [PID: 2996 / Administrator] C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX0\1.exe [N/A, C:2008-09-14 21:45 M:2008-08-04 21:19] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-07-10 17:42 M:2008-07-10 17:42] ======================================== File Link [.txt] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-11-07 01:16 M:2004-08-17 20:00] [.log] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-11-07 01:16 M:2004-08-17 20:00] [.ini] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00] [.hlp] [N/A, C:1601-01-01 08:00 M:1601-01-01 08:00] [.vbs] [] [.js] [] [.chm] <"hh.exe" %1> [Microsoft Corporation, 5.2.3790.2453 (srv03_sp1_gdr.050525-1542), C:2004-08-17 12:00 M:2005-05-27 07:22] ======================================== Autorun ======================================== Winsock Providers ======================================== HOSTS 127.0.0.1 NtKrnlpa.info 127.0.0.1 localhost 127.0.0.1 dl2.teenpassage.com 127.0.0.1 ntkrnlpa.info [/CODE]