[CODE] 2009-03-02,19:51:37 System Repair Engineer 2.7.0.1210 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描计划任务 API HOOK 隐藏进程启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Component Publisher] <"C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun> [(Verified)DAEMON Tools Code Signing Services] <"C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c> [(Verified)Google Inc] <"C:\Program Files\Messenger\msmsgs.exe" /background> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [Intel Corporation] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)NVIDIA Corporation] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Corporation] <"C:\Program Files\Java\jre6\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."] [] [ Beijing WatchData System Co., Ltd.] <"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"] [(Verified)Apple Inc.] <"C:\Program Files\StormII\Codec\QTTask.exe" -atboottime> [Apple Inc.] <"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.] <"C:\Program Files\Common Files\Symantec Shared\ccApp.exe"> [(Verified)Symantec Corporation] <"C:\Program Files\Norton Internet Security\osCheck.exe"> [(Verified)Symantec Corporation] <"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"> [File is missing] <; C:\Program Files\KTXNews\KTXTray.exe> [北京联动在线通讯科技有限公司] <; C:\Program Files\Common Files\Ulead Systems\AutoDetector\monitor.exe> [Ulead Systems, Inc.] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}> [(Verified)Microsoft Windows Component Publisher] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy] <%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <浏览器自定义组件> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\aetsprov] [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] [(Verified)Microsoft Corporation] ================================== 启动文件夹 [TabUserW.exe] C:\WINDOWS\system32\WTablet\TabUserW.exe [Wacom Technology, Corp.]> ================================== 服务 [a-squared Free Service / a2free][Running/Auto Start] <"C:\Program Files\a-squared Free\a2service.exe"> [Adobe LM Service / Adobe LM Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"> [Apple Mobile Device / Apple Mobile Device][Running/Auto Start] <"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"> [Bonjour 服务 / Bonjour Service][Running/Auto Start] <"C:\Program Files\Bonjour\mDNSResponder.exe"> [Symantec Event Manager / ccEvtMgr][Running/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon> [Symantec Settings Manager / ccSetMgr][Running/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon> [Symantec Lic NetConnect service / CLTNetCnService][Running/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon> [COM Host / comHost][Stopped/Manual Start] <"C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe"> [dlbt_device / dlbt_device][Running/Auto Start] <> [Google Updater Service / gusvc][Stopped/Manual Start] <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"> [Human Interface Device Access / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [IAA Event Monitor / IAANTMon][Running/Auto Start] [iPod 服务 / iPod Service][Running/Manual Start] <"C:\Program Files\iPod\bin\iPodService.exe"> [Symantec IS 密码验证 / ISPwdSvc][Stopped/Manual Start] <"C:\Program Files\Norton Internet Security\isPwdSvc.exe"> [Java Quick Starter / JavaQuickStarterService][Running/Auto Start] <"C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf"> [LiveUpdate / LiveUpdate][Stopped/Manual Start] <"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"> [LiveUpdate Notice Service Ex / LiveUpdate Notice Ex][Running/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon> [LiveUpdate Notice Service / LiveUpdate Notice Service][Stopped/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll"> [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] [PlugServerD / PlugServer][Running/Auto Start] [Qvod Terminal / Qvod Terminal][Stopped/Disabled] [Symantec Core LC / Symantec Core LC][Running/Manual Start] <"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"><> [Symantec AppCore Service / SymAppCore][Running/Auto Start] <"C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe"> [TabletService / TabletService][Running/Auto Start] [WatchData ccb V3.2 / WDMonitorCCB][Running/Auto Start] [自动 LiveUpdate 调度程序 / 自动 LiveUpdate 调度程序][Running/Auto Start] <"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"> ================================== 驱动程序 [360procmon / 360procmon][Stopped/Manual Start] <\??\C:\Program Files\360\360Safe\safemon\360procmon.sys> [Broadcom NetXtreme 57xx Gigabit Controller / b57w2k][Running/Manual Start] [Creative SoundFont Management Device Driver / ctsfm2k][Running/Manual Start] [Symantec Eraser Control driver / eeCtrl][Running/System Start] <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys> [EraserUtilRebootDrv / EraserUtilRebootDrv][Running/Manual Start] <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys> [usb Card Device / ft2kEnum][Running/Manual Start] [USB Chip Holder Service / GDBaseSmc][Running/Manual Start] [USB Chip Service / GD_USB][Stopped/Manual Start] <> [GEAR ASPI Filter Driver / GEARAspiWDM][Running/Manual Start] [Intel AHCI Controller / iastor][Running/Boot Start] <\SystemRoot\system32\DRIVERS\iaStor.sys> [ISO DVD/CD-ROM Device Driver / ISODrive][Running/System Start] <\??\C:\Program Files\UltraISO\drivers\ISODrive.sys> [NAVENG / NAVENG][Running/Manual Start] <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090301.005\NAVENG.SYS> [NAVEX15 / NAVEX15][Running/Manual Start] <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090301.005\NAVEX15.SYS> [nv / nv][Running/Manual Start] [OMCI / OMCI][Running/System Start] <\SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS> [Creative OS Services Driver / ossrv][Running/Manual Start] [SB Live! 24-bit / P17][Running/Manual Start] [Pen Class / PenClass][Running/Boot Start] <\SystemRoot\system32\drivers\PenClass.sys> [StarForce Protection Environment Driver v6 / prodrv06][Running/System Start] <\SystemRoot\System32\drivers\prodrv06.sys> [StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start] <\SystemRoot\System32\drivers\prohlp02.sys> [StarForce Protection Synchronization Driver v1 / prosync1][Running/Boot Start] <\SystemRoot\System32\drivers\prosync1.sys> [Protector / Protector][Running/System Start] [ProtectorA / ProtectorA][Running/System Start] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys> [SmartCard Reader Device / Reader_Device][Running/Manual Start] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\Drivers\safeboxkrnl.sys><360安全中心> [Secdrv / Secdrv][Stopped/Manual Start] [StarForce Protection Helper Driver / sfhlp01][Running/Boot Start] <\SystemRoot\System32\drivers\sfhlp01.sys> [SPBBCDrv / SPBBCDrv][Running/System Start] <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys> [sptd / sptd][Running/Boot Start] <\SystemRoot\System32\Drivers\sptd.sys> [SRTSP / SRTSP][Running/Manual Start] [SRTSPL / SRTSPL][Stopped/Manual Start] [SRTSPX / SRTSPX][Running/System Start] [SYMDNS / SYMDNS][Running/Manual Start] <\SystemRoot\System32\Drivers\SYMDNS.SYS> [SymEvent / SymEvent][Running/Manual Start] <\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS> [SYMFW / SYMFW][Running/Manual Start] <\SystemRoot\System32\Drivers\SYMFW.SYS> [SYMIDS / SYMIDS][Running/Manual Start] <\SystemRoot\System32\Drivers\SYMIDS.SYS> [SYMIDSCO / SYMIDSCO][Running/Manual Start] <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20090217.002\SymIDSCo.sys> [SYMNDIS / SYMNDIS][Running/Manual Start] <\SystemRoot\System32\Drivers\SYMNDIS.SYS> [SYMREDRV / SYMREDRV][Running/Manual Start] <\SystemRoot\System32\Drivers\SYMREDRV.SYS> [SYMTDI / SYMTDI][Running/System Start] <\SystemRoot\System32\Drivers\SYMTDI.SYS> [TCP/IP Protocol Driver / Tcpip][Running/System Start] ================================== 浏览器加载项 [Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [] {1E8A6170-7264-4D0F-BEAE-D42A53123C75} [Java(tm) Plug-In SSV Helper] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [Windows Live 登录帮助程序] {9030D464-4C02-4ABF-8ECC-5164760863C6} [CBBrowerBuddy Class] {A412E581-59B2-485E-834F-C5F0C0268C79} [CITICS ProcessProtect Class] {C37F9D60-975D-41f2-A745-4DC934D319AA} [MiniFlashGetBHO] {C74E94A7-B7BD-4891-9328-455395BCC7AD} [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435b-BC74-9C25C1C588A9} [JQSIEStartDetectorImpl Class] {E7E6F031-17CE-4C07-BC86-EABFE594F69C} [BlogThisToolbarButton Class] {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} [CBBrowerBuddy Class] {A412E581-59B2-485E-834F-C5F0C0268C79} [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} [显示 Norton 工具栏] {90222687-F593-4738-B738-FBEE9C7B26DF} [InfosecCertInstall Class] {0EB487C8-E9AC-43A6-8C4C-083999B0622F} [UploadAgent.MultiUpload] {19576354-001A-48F0-9727-29D0D4EBEA8A} [GDGetTokenInfo Class] {3AA9CF07-DF20-48FF-98BE-DED276E40146} [InfoSecNetSign Class] {5CB840B5-A94E-4AD9-B785-4866E3B04476} [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} [Uploader Control] {654921BB-4DEA-41C7-BA97-9A1A5CDA9C72} [MUWebControl Class] {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [AxInputControl Class] {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} [Java Plug-in 1.6.0_11] {8AD9C840-044E-11D1-B3E9-00805F499D93} [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} [Submit Class] {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} [Java Plug-in 1.6.0_07] {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [Java Plug-in 1.6.0_11] {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} [Java Plug-in 1.6.0_11] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [safeInput Class] {ECCBA953-80E5-11D3-9285-0080ADB811C5} [] {00000AAA-A363-466E-BEF5-9BB68697AA7F} <, > [] {03507A1A-E0C5-4404-AA26-205385C0892D} <, > [Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, > [InfosecCertInstall Class] {0EB487C8-E9AC-43A6-8C4C-083999B0622F} [CEnroll Class] {127698E4-E730-4E5C-A2B1-21490A70C8A1} [Fade] {16B280C5-EE70-11D1-9066-00C04FD9189D} [Windows Genuine Advantage Validation Tool] {17492023-C23A-453E-A040-C7C580BBF700} [UploadAgent.MultiUpload] {19576354-001A-48F0-9727-29D0D4EBEA8A} [InformationCardSigninHelper Class] {19916E01-B44E-4E31-94A4-4696DF46157B} [] {1E8A6170-7264-4D0F-BEAE-D42A53123C75} [UploadFilePartition Class] {2030B925-DF6E-4535-AB9A-C2787F2FEB53} [] {219C3416-8CB2-491A-A3C7-D9FCDDC9D600} <, > [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} [] {27984DB8-C851-439E-B625-81740482BE7C} <, > [XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} [Detecter Class] {2C48F48F-01A6-4593-A678-C7DA83C55719} [DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} [] {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <, > [Zyzzyva] {30FA9641-9CFE-4D71-A3AA-DF8B6FA02FCC} <, > [Tabular Data Control] {333C7BC4-460F-11D0-BC04-0080C7055A83} [IETag Factory] {38481807-CA0E-42D2-BF39-B33AF135CC4D} [Init_Tool Control] {399C2756-84D4-4AC5-9E86-288340334FB1} [GDGetTokenInfo Class] {3AA9CF07-DF20-48FF-98BE-DED276E40146} [QuickTime Object] {4063BE15-3B08-470D-A0D5-B37161CFFD69} [Microsoft Office Control] {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} [GDCCBCtrl Class] {478AB5EE-5C92-41C3-8339-CFC5BA639733} [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} [Microsoft Terminal Services Client Control (redist)] {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [Microsoft Terminal Services Client Control (redist)] {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [InfoSecNetSign Class] {5CB840B5-A94E-4AD9-B785-4866E3B04476} [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [Uploader Control] {654921BB-4DEA-41C7-BA97-9A1A5CDA9C72} [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [] {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} <, > [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [IJetCarNetscapeMini Class] {6C1C7AF0-0DC2-4770-9B27-517416A85F3B} [] {6DBB2904-082D-4DB0-944A-21C22BA121F4} <, > [MUWebControl Class] {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} [InPutCtrl Control] {7208FB6D-EE30-4734-82C7-59BB71C5C0CE} [Active Desktop Mover] {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A> [Windows Script Host Shell Object] {72C24DD5-D70A-438B-8A42-98424B88AFB8} [Microsoft Terminal Services Client Control (redist)] {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [AxInputControl Class] {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} [Microsoft Terminal Services Client Control (redist)] {7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [Java(tm) Plug-In SSV Helper] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [] {77FEF28E-EB96-44FF-B511-3185DEA48697} <, > [] {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} <, > [Microsoft Web Browser] {8856F961-340A-11D0-A96B-00C04FD705A2} [XML DOM Document 4.0] {88D969C0-F192-11D4-A65F-0040963251E5} <%SystemRoot%\system32\msxml4.dll, (Signed) N/A> [Free Threaded XML DOM Document 4.0] {88D969C1-F192-11D4-A65F-0040963251E5} <%SystemRoot%\system32\msxml4.dll, (Signed) N/A> [XSL Template 4.0] {88D969C3-F192-11D4-A65F-0040963251E5} <%SystemRoot%\system32\msxml4.dll, (Signed) N/A> [XML HTTP 4.0] {88D969C5-F192-11D4-A65F-0040963251E5} <%SystemRoot%\system32\msxml4.dll, (Signed) N/A> [XML DOM 文档 5.0] {88D969E5-F192-11D4-A65F-0040963251E5} [Free Threaded XML DOM Document 5.0] {88D969E6-F192-11D4-A65F-0040963251E5} [XSL Template 5.0] {88D969E8-F192-11D4-A65F-0040963251E5} [XML HTTP 5.0] {88D969EA-F192-11D4-A65F-0040963251E5} [XML DOM Document 6.0] {88D96A05-F192-11D4-A65F-0040963251E5} [XML HTTP 6.0] {88D96A0A-F192-11D4-A65F-0040963251E5} [TTPlayer ActiveX Control] {89AE5F82-410A-4040-9387-68D1144EFD03} [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} [显示 Norton 工具栏] {90222687-F593-4738-B738-FBEE9C7B26DF} [Windows Live 登录帮助程序] {9030D464-4C02-4ABF-8ECC-5164760863C6} [Microsoft Terminal Services Client Control (redist)] {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A> [] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, > [] {962EFB8E-2683-42D4-AC74-AAA4C759B9C6} <, > [] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <, > [Submit Class] {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} [CBBrowerBuddy Class] {A412E581-59B2-485E-834F-C5F0C0268C79} [] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <, > [] {B580CF65-E151-49C3-B73F-70B13FCA8E86} <, > [] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <, > [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} [Windows Live 上载工具] {C2828995-4A83-4100-A212-3024BA117356} [CITICS ProcessProtect Class] {C37F9D60-975D-41F2-A745-4DC934D319AA} [MiniFlashGetBHO] {C74E94A7-B7BD-4891-9328-455395BCC7AD} [CITICS Edit Class] {CAB6E271-C9B9-4A85-96A0-1B3A19A4E6DE} [VIDEO__X_MS_WMV Moniker Class] {CD3AFA94-B84F-48F0-9393-7EDC34128127} [WDCCBCtrl Class] {CE0460F5-48BD-4DC1-A046-0BDCB5A06CEB} [Microsoft Url Search Hook] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <, > [Windows Live 登录控制] {D2517915-48CE-4286-970F-921E881B8C5C} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [Google Update Plugin] {D7107924-65F7-4C32-B9A3-5FB117019FC2} [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435B-BC74-9C25C1C588A9} [QuickTimeCheck Class] {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} [Microsoft Silverlight] {DFEAF541-F3E1-4C24-ACAC-99C30715084A} [] {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} [] {E2E2DD38-D088-4134-82B7-F2BA38496583} <, > [] {E4BFF825-2E50-4BCC-8497-6EFDFB6C9B3D} <, > [JQSIEStartDetectorImpl Class] {E7E6F031-17CE-4C07-BC86-EABFE594F69C} [safeInput Class] {ECCBA953-80E5-11D3-9285-0080ADB811C5} [safeInput Class] {ECCBA956-80E5-11D3-9285-0080ADB811C9} [TimwpDll.TimwpCheck] {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} [Snapshot Viewer Control 11.0] {F0E42D40-368C-11D0-AD81-00A0C90DC8D9} [] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, > [XML DOM Document 3.0] {F5078F32-C551-11D3-89B9-0000F81FE221} [XML HTTP 3.0] {F5078F35-C551-11D3-89B9-0000F81FE221} [XML DOM Document] {F6D90F11-9C73-11D3-B32E-00C04F990BB4} [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} [Init_Tool Control] {F7465932-3C3D-4DA2-8541-406E07C369A9} [IEDown Class] {F917534D-535B-416B-8E8F-0C04756C31A8} [] {FB5F1910-F110-11D2-BB9E-00C04F795683} <, > [&U使用纳米机器人下载并收藏] [Add to Google Photos Screensa&ver] [使用迷你快车下载] [使用迷你快车下载全部链接] [使用迷你快车下载该网页FLV] [导出到 Microsoft Office Excel(&X)] ================================== 正在运行的进程 [PID: 784 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 876 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 900 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [PID: 944 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [PID: 956 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [PID: 1128 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1216 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 1376 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\windows\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 1444 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1612 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1712 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe] [Symantec Corporation, 106.0.1.10] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 106.0.1.10] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETPLG.DLL] [Symantec Corporation, 106.0.1.10] [C:\PROGRA~1\NORTON~1\NORTON~1\AVPSVC32.DLL] [Symantec Corporation, 14.0.0.89] [C:\PROGRA~1\NORTON~1\NORTON~1\AVPSVC32.loc] [Symantec Corporation, 14.0.0.89] [C:\Program Files\Norton Internet Security\Norton AntiVirus\AVSubmit.dll] [Symantec Corporation, 14.0.0.89] [C:\Program Files\Norton Internet Security\Norton AntiVirus\AVSubmit.loc] [Symantec Corporation, 14.0.0.89] [C:\PROGRA~1\NORTON~1\ISDATASV.DLL] [Symantec Corporation, 10.0.0.247] [C:\PROGRA~1\COMMON~1\SYMANT~1\NPC\NPCWMIMN.DLL] [Symantec Corporation, 2007.4.00.2] [C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSVC.DLL] [Symantec Corporation, 7.2.4.405] [C:\Program Files\Common Files\Symantec Shared\ccL60.dll] [Symantec Corporation, 106.0.1.10] [C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SUBENG.DLL] [Symantec Corporation, 2.0.0.164] [C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SUBRES.loc] [Symantec Corporation, 2.0.0.164] [C:\WINDOWS\system32\SymNeti.dll] [Symantec Corporation, 7.2.4.405] [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\TPROCPLG.DLL] [Symantec Corporation, 3.0.1.10] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEVTPLG.DLL] [Symantec Corporation, 106.0.1.10] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\PIFENG.DLL] [Symantec Corporation, 1.4.5.91] [C:\PROGRA~1\COMMON~1\SYMANT~1\OPC\{31011~1\CLTNETCN.DLL] [Symantec Corporation, 7.5.0.33] [C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll] [Symantec Corporation, 106.0.1.10] [C:\PROGRA~1\COMMON~1\SYMANT~1\FIREWALL\FWAGENT.DLL] [Symantec Corporation, 2.0.2.5] [C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL] [Symantec Corporation, 3.0.1.10] [C:\Program Files\Norton Internet Security\SetEvtHp.dll] [Symantec Corporation, 10.0.0.247] [C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\SRTSP32.DLL] [Symantec Corporation, 10.2.2.6] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL] [Symantec Corporation, 106.0.1.10] [C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\PROGRA~1\NORTON~1\ISSVC.DLL] [Symantec Corporation, 10.0.0.86] [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 106.0.1.10] [C:\PROGRA~1\NORTON~1\NORTON~1\NAVEVENT.DLL] [Symantec Corporation, 14.0.0.89] [C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll] [Symantec Corporation, 1.0.00.194] [C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.0.00.101] [C:\Program Files\Norton Internet Security\isDataCl.dll] [Symantec Corporation, 10.0.0.247] [C:\Program Files\Common Files\Symantec Shared\Firewall\FWHelper.dll] [Symantec Corporation, 2.0.2.5] [C:\Program Files\Norton Internet Security\fwPlugin.dll] [Symantec Corporation, 10.0.0.247] [C:\Program Files\Norton Internet Security\fwEvent.dll] [Symantec Corporation, 10.0.0.247] [C:\Program Files\Common Files\Symantec Shared\NcoItf.dll] [Symantec Corporation, 2007.1.00.133] [C:\Program Files\Common Files\Symantec Shared\NPC\npcWmiDt.dll] [Symantec Corporation, 2007.4.00.2] [C:\Program Files\Norton Internet Security\IMCfg.dll] [Symantec Corporation, 10.0.0.247] [C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll] [Symantec Corporation, 3.0.1.10] [C:\Program Files\Common Files\Symantec Shared\ccALEng.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\SPBBC\ccTrstPc.dll] [Symantec Corporation, 3.0.1.10] [C:\WINDOWS\system32\aetsprov.dll] [A.E.T. Europe B.V., 2.3.0.9] [C:\Program Files\Common Files\Symantec Shared\ccScanw.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL] [Symantec Corporation, 61.3.0.17] [C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll] [Symantec Corporation, 3.2.10.0] [C:\Program Files\Common Files\Symantec Shared\MSL\msl.dll] [Symantec Corporation, 5.0.069.000] [C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\PollMgr.dll] [Symantec Corporation, 1.4.5.91] [PID: 1796 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe] [Symantec Corporation, 1.0.00.101] [C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.0.00.101] [C:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll] [Symantec Corporation, 1.0.00.101] [C:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVScan.dll] [Symantec Corporation, 1.0.00.194] [C:\Program Files\Common Files\Symantec Shared\AntiVirus\AV.loc] [Symantec Corporation, 1.0.00.194] [C:\Program Files\Common Files\Symantec Shared\AntiVirus\avDefMgr.dll] [Symantec Corporation, 1.0.00.194] [C:\Program Files\Common Files\Symantec Shared\DefUtDCD.dll] [Symantec Corporation, 3.2.10.0] [C:\Program Files\Common Files\Symantec Shared\AntiVirus\avModule.dll] [Symantec Corporation, 1.0.00.194] [C:\Program Files\Common Files\Symantec Shared\QBackup.dll] [Symantec Corporation, 1.0.00.194] [C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll] [Symantec Corporation, 1.0.00.194] [C:\Program Files\Common Files\Symantec Shared\SRTSP\Srtsp32.dll] [Symantec Corporation, 10.2.2.6] [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 106.0.1.10] [C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\ccScanw.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL] [Symantec Corporation, 61.3.0.17] [C:\Program Files\Common Files\Symantec Shared\MSL\msl.dll] [Symantec Corporation, 5.0.069.000] [PID: 252 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\dlbtlmpm.DLL] [ , 6.4.25.0] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\dlbtPP5C.dll] [Lexmark International, Inc., 3.58.0.0] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 300 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [PID: 1160 / SYSTEM][C:\Program Files\a-squared Free\a2service.exe] [Emsi Software GmbH, 4.0.0.17] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [PID: 1176 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple Inc., 2.12.33.0] [PID: 1272 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe] [Apple Inc., 1,0,6,2] [PID: 1312 / SYSTEM][C:\WINDOWS\system32\dlbtcoms.exe] [ , 6.4.25.0] [PID: 1436 / SYSTEM][C:\Program Files\Intel\Intel Application Accelerator\iaantmon.exe] [Intel Corporation, 4.5.0.6515] [PID: 1516 / SYSTEM][C:\Program Files\Java\jre6\bin\jqs.exe] [Sun Microsystems, Inc., 6.0.110.3] [C:\Program Files\Java\jre6\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [PID: 1696 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466] [PID: 1948 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.11.7813] [C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.7813] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [PID: 360 / SYSTEM][C:\Program Files\StarSec\PlugServer.exe] [GDChina, 1, 1, 0, 2] [C:\Program Files\StarSec\plugins\plugstarkey220.dll] [GDChina, 1, 1, 0, 1] [PID: 536 / jyb][C:\WINDOWS\system32\msfeedssync.exe] [Microsoft Corporation, 7.00.5730.13 (longhorn(wmbla).070711-1130)] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 728 / jyb][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [C:\Program Files\Common Files\Symantec Shared\NPC\NSCEXT.dll] [Symantec Corporation, 2007.4.00.2] [C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [Adobe Systems, Inc., 8.0.0.0] [C:\Program Files\a-squared Free\a2freecontmenu.dll] [Emsi Software GmbH, 3. 0. 0. 63] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.dll] [Symantec Corporation, 14.0.0.89] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.0.1.10] [C:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.loc] [N/A, ] [C:\Program Files\QvodPlayer\QvodBand.dll] [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] [e:\Program Files\NamiRobot\Data\NamipanExt1.dll] [N/A, ] [I:\Program Files\nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll] [Nero AG, 4.0.5.100] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0] [PID: 420 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\dlbtdrs.dll] [Lexmark International, Inc., 3.107.0.0] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [C:\WINDOWS\system32\dlbtcfg.dll] [, 1, 0, 0, 1] [C:\WINDOWS\system32\dlbtcnv4.dll] [N/A, ] [PID: 524 / SYSTEM][C:\WINDOWS\system32\Tablet.exe] [Wacom Technology, Corp., 4.84-6] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [PID: 704 / SYSTEM][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe] [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\TokenMgr.dll] [ Beijing WatchData System Co., Ltd., 3, 6, 3, 2] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDAlg.DLL] [ Beijing WatchData System C0., Ltd., 3, 5, 12, 20] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll] [Watchdata, 1, 0, 0, 11] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDPKCS.dll] [ Beijing WatchData System Co., Ltd., 3, 6, 2, 15] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [PID: 844 / jyb][C:\Program Files\Intel\Intel Application Accelerator\iaanotif.exe] [Intel Corporation, 4.5.0.6515] [C:\Program Files\Intel\Intel Application Accelerator\IAAMon_CHS.dll] [Intel Corporation, 4.5.0.6515] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [PID: 344 / SYSTEM][C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe] [Symantec Corporation, 3.1.0.99] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.0.1.10] [PID: 204 / jyb][C:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NvMcTray.dll] [NVIDIA Corporation, 6.14.11.7813] [C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.7813] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.11.7813] [PID: 1592 / jyb][C:\Program Files\Java\jre6\bin\jusched.exe] [Sun Microsystems, Inc., 6.0.110.3] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 1768 / jyb][C:\Program Files\StarSec\ssMgr_ccb.exe] [, 1, 0, 5, 1026] [C:\WINDOWS\system32\SSP11_CCB.dll] [GDChina, 1, 0, 0, 2] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [PID: 1636 / jyb][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe] [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\TokenMgr.dll] [ Beijing WatchData System Co., Ltd., 3, 6, 3, 2] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDAlg.DLL] [ Beijing WatchData System C0., Ltd., 3, 5, 12, 20] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll] [Watchdata, 1, 0, 0, 11] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDPKCS.dll] [ Beijing WatchData System Co., Ltd., 3, 6, 2, 15] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDEvent.dll] [ Beijing WatchData System Co., Ltd., 1, 0, 0, 1] [PID: 1972 / jyb][C:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 8.0.2.20] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [C:\Program Files\iTunes\iTunesHelper.Resources\zh_CN.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 8.0.2.11] [C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 8.0.2.20] [C:\Program Files\StormII\Codec\QTSystem\QuickTime.qts] [Apple Inc., 7.5.5 (990.7)] [C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll] [Apple Inc., 185.11.0.10] [PID: 2080 / jyb][C:\Program Files\Common Files\Symantec Shared\ccApp.exe] [Symantec Corporation, 106.0.1.10] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Symantec Shared\ccL60U.dll] [Symantec Corporation, 106.0.1.10] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [C:\WINDOWS\system32\SymNeti.dll] [Symantec Corporation, 7.2.4.405] [C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\ccSvc.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\ccSet.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll] [Symantec Corporation, 1.0.00.101] [C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll] [Symantec Corporation, 1.0.00.101] [C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll] [Symantec Corporation, 1.0.00.101] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL] [Symantec Corporation, 106.0.1.10] [C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Norton Internet Security\fwAlert.dll] [Symantec Corporation, 10.0.0.247] [C:\Program Files\Norton Internet Security\fwAlRes.dll] [Symantec Corporation, 10.0.0.247] [C:\PROGRA~1\NORTON~1\NORTON~1\DEFALERT.DLL] [Symantec Corporation, 14.6.0.3] [C:\PROGRA~1\NORTON~1\NORTON~1\AVPAPP32.DLL] [Symantec Corporation, 14.0.0.89] [C:\PROGRA~1\NORTON~1\NISTRAY.DLL] [Symantec Corporation, 10.0.0.86] [C:\PROGRA~1\NORTON~1\ISLALERT.DLL] [Symantec Corporation, 10.6.0.5] [C:\Program Files\Common Files\Symantec Shared\NPC\npcTRAY.dll] [Symantec Corporation, 2007.4.1.1] [C:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll] [Symantec Corporation, 2006.1.00.58] [C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll] [Symantec Corporation, 1.4.5.83] [C:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll] [Symantec Corporation, 6.1.7.18] [C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\ccProSub.dll] [Symantec Corporation, 106.0.1.10] [C:\PROGRA~1\NORTON~1\AlertRes.dll] [Symantec Corporation, 10.0.0.86] [C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\NcoItf.dll] [Symantec Corporation, 2007.1.00.133] [C:\PROGRA~1\NORTON~1\NISTrRes.dll] [Symantec Corporation, 10.0.0.86] [C:\Program Files\Norton Internet Security\SetEvtHp.dll] [Symantec Corporation, 10.0.0.247] [C:\PROGRA~1\NORTON~1\NORTON~1\AVPAPP32.loc] [Symantec Corporation, 14.0.0.89] [C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll] [Symantec Corporation, 1.0.00.194] [C:\Program Files\Norton Internet Security\isDataCl.dll] [Symantec Corporation, 10.0.0.247] [C:\Program Files\Norton Internet Security\fwEvent.dll] [Symantec Corporation, 10.0.0.247] [C:\Program Files\Common Files\Symantec Shared\NPC\DataPvdr.dll] [Symantec Corporation, 2007.4.00.2] [C:\Program Files\Common Files\Symantec Shared\COH\sH0007.dll] [Symantec Corporation, 6,1,7,18] [C:\Program Files\Common Files\Symantec Shared\NPC\NSCHlpr2.dll] [Symantec Corporation, 2007.4.00.2] [C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll] [Symantec Corporation, 106.0.1.10] [C:\WINDOWS\system32\SymRedir.dll] [Symantec Corporation, 7.2.4.405] [C:\Program Files\Common Files\Symantec Shared\NPC\pcStatus.dll] [Symantec Corporation, 2007.4.1.1] [C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMail.dll] [Symantec Corporation, 1.0.00.194] [C:\Program Files\Common Files\Symantec Shared\NPC\uiLicPlg.dll] [Symantec Corporation, 2007.4.00.2] [C:\Program Files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL] [Symantec Corporation, 2007.4.00.2] [C:\Program Files\Common Files\Symantec Shared\NPC\npcWmiCl.dll] [Symantec Corporation, 2007.4.00.2] [C:\Program Files\Common Files\Symantec Shared\NPC\npcWmiDt.dll] [Symantec Corporation, 2007.4.00.2] [C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll] [Symantec Corporation, 1.0.00.194] [C:\Program Files\Norton Internet Security\IMCfg.dll] [Symantec Corporation, 10.0.0.247] [C:\Program Files\Common Files\Symantec Shared\NPC\PEPEvnt.dll] [Symantec Corporation, 2007.4.00.2] [C:\Program Files\Common Files\Symantec Shared\NPC\NSCEXT.dll] [Symantec Corporation, 2007.4.00.2] [C:\PROGRA~1\COMMON~1\SYMANT~1\rcAlert.dll] [Symantec Corporation, 106.0.1.10] [C:\Program Files\Common Files\Symantec Shared\CF\cfV2Pack.dll] [Symantec Corporation, 2006.1.00.58] [C:\Program Files\Common Files\Symantec Shared\CF\cfEPack.dll] [Symantec Corporation, 2006.1.00.58] [C:\WINDOWS\system32\aetsprov.dll] [A.E.T. Europe B.V., 2.3.0.9] [C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\AlertUi.dll] [Symantec Corporation, 1.4.5.83] [PID: 2564 / jyb][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [PID: 2632 / jyb][C:\Program Files\DAEMON Tools Lite\daemon.exe] [DT Soft Ltd, 4.30.2] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [C:\Program Files\DAEMON Tools Lite\DaemonPlugin.dll] [N/A, ] [C:\Program Files\DAEMON Tools Lite\DTCommonRes.dll] [DTSoft Ltd., 4.30.2] [C:\Program Files\DAEMON Tools Lite\Engine.dll] [DTSoft Ltd, 4.30.2] [C:\Program Files\DAEMON Tools Lite\daemon.dll] [DT Soft Ltd., 4.30.0.0] [C:\Program Files\DAEMON Tools Lite\imgengine.dll] [DT Soft Ltd., 1.17.0.0] [PID: 2664 / jyb][C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Update\GoogleUpdate.exe] [Google Inc., 1.2.131.7] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Update\1.2.141.5\goopdate.dll] [Google Inc., 1.2.141.5] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [PID: 3272 / jyb][C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation, 4.7.3001] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [PID: 2824 / jyb][C:\WINDOWS\system32\WTablet\TabUserW.exe] [Wacom Technology, Corp., 4.84-6] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [PID: 2992 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe] [Apple Inc., 8.0.2.20] [C:\Program Files\iPod\bin\iPodService.Resources\zh_CN.lproj\iPodServiceLocalized.DLL] [Apple Inc., 8.0.2.11] [C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] [Apple Inc., 8.0.2.20] [PID: 3656 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 3096 / jyb][C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\chrome.dll] [Google Inc., 1.0.154.48] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\icudt38.dll] [IBM Corporation and others, 3, 8, 0, 0] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\locales\zh-CN.dll] [N/A, ] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\themes\default.dll] [N/A, ] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [c:\documents and settings\jyb\local settings\application data\google\chrome\application\1.0.154.48\gears.dll] [Google Inc., 0.5.8.0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\rlz.dll] [N/A, ] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.0.0.2093] [PID: 3312 / jyb][C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\chrome.dll] [Google Inc., 1.0.154.48] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\icudt38.dll] [IBM Corporation and others, 3, 8, 0, 0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\locales\zh-CN.dll] [N/A, ] [PID: 3172 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe] [, ] [C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcnet.dll] [, ] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [PID: 3540 / jyb][C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\chrome.dll] [Google Inc., 1.0.154.48] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\icudt38.dll] [IBM Corporation and others, 3, 8, 0, 0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\locales\zh-CN.dll] [N/A, ] [PID: 2988 / jyb][C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\chrome.dll] [Google Inc., 1.0.154.48] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\icudt38.dll] [IBM Corporation and others, 3, 8, 0, 0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\locales\zh-CN.dll] [N/A, ] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [c:\windows\system32\macromed\flash\npswf32.dll] [, ] [PID: 2904 / jyb][e:\Program Files\NamiRobot\DUTool.exe] [, 1, 3, 10, 20] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [C:\Program Files\Common Files\Microsoft Shared\INK\SKCHUI.DLL] [Microsoft Corporation, 1.0.1038.0] [C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx] [Adobe Systems, Inc., 10,0,12,36] [PID: 2828 / jyb][C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\chrome.exe] [Google Inc., 0.0.0.0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\chrome.dll] [Google Inc., 1.0.154.48] [C:\WINDOWS\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8972.0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\icudt38.dll] [IBM Corporation and others, 3, 8, 0, 0] [C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Chrome\Application\1.0.154.48\locales\zh-CN.dll] [N/A, ] [PID: 4024 / jyb][C:\DOCUME~1\jyb\LOCALS~1\Temp\Rar$EX00.141\SREngLdr.EXE] [Smallfrogs Studio, 2.7.0.1210] [PID: 3620 / jyb][C:\DOCUME~1\jyb\LOCALS~1\Temp\Rar$EX00.141\SRE441892fb.EXE] [Smallfrogs Studio, 2.7.0.1210] [C:\WINDOWS\system32\tabhook.dll] [Wacom Technology, Corp., 4.84-6] [C:\DOCUME~1\jyb\LOCALS~1\Temp\Rar$EX00.141\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [C:\WINDOWS\system32\aetsprov.dll] [A.E.T. Europe B.V., 2.3.0.9] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] ================================== 文件关联 .TXT Error. [C:\WINDOWS\notepad.exe %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost ------fs2you patch by vadera@pdahd.cn------ 59.63.157.25 www.fs2you.com 222.169.230.101 dyn.www.fs2you.com 59.32.232.195 file1.fs2you.com 222.169.230.98 file2.fs2you.com 221.204.246.79 file3.fs2you.com 61.150.85.80 file4.fs2you.com 60.2.139.27 file5.fs2you.com 61.184.189.10 file6.fs2you.com 61.174.62.132 file7.fs2you.com 58.211.75.49 file8.fs2you.com 61.134.84.238 file9.fs2you.com 61.156.40.181 file10.fs2you.com 218.75.151.4 file11.fs2you.com 58.211.75.31 file12.fs2you.com 124.94.101.133 file13.fs2you.com 221.204.246.115 file14.fs2you.com 218.75.151.10 file15.fs2you.com 58.218.209.126 file16.fs2you.com ------fs2you patch by vadera@pdahd.cn------ 59.63.157.25 www.fs2you.com 222.169.230.101 dyn.www.fs2you.com 59.32.232.195 file1.fs2you.com 222.169.230.98 file2.fs2you.com 221.204.246.79 file3.fs2you.com 61.150.85.80 file4.fs2you.com 60.2.139.27 file5.fs2you.com 61.184.189.10 file6.fs2you.com 61.174.62.132 file7.fs2you.com 58.211.75.49 file8.fs2you.com 61.134.84.238 file9.fs2you.com 61.156.40.181 file10.fs2you.com 218.75.151.4 file11.fs2you.com 58.211.75.31 file12.fs2you.com 124.94.101.133 file13.fs2you.com 221.204.246.115 file14.fs2you.com 218.75.151.10 file15.fs2you.com 58.218.209.126 file16.fs2you.com 61.157.152.173 file17.fs2you.com 125.46.41.27 file18.fs2you.com 125.91.11.223 file19.fs2you.com 59.53.48.134 file20.fs2you.com 59.53.48.136 file21.fs2you.com 59.53.48.144 file22.fs2you.com 61.139.106.204 file23.fs2you.com 59.53.48.172 file24.fs2you.com 124.94.101.146 file25.fs2you.com 61.166.111.227 file26.fs2you.com ------fs2you patch end------ ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 360, C:\PROGRAM FILES\STARSEC\PLUGSERVER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 524, C:\WINDOWS\SYSTEM32\TABLET.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 704, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDKEYMONITORCCB.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1636, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDCERTM_CCB.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2824, C:\WINDOWS\SYSTEM32\WTABLET\TABUSERW.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2904, E:\PROGRAM FILES\NAMIROBOT\DUTOOL.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1004, C:\PROGRAM FILES\WINRAR\WINRAR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 4024, C:\DOCUME~1\JYB\LOCALS~1\TEMP\RAR$EX00.141\SRENGLDR.EXE] ================================== 计划任务 [已启用] User_Feed_Synchronization-{4B4035C8-B96F-471A-AE5A-92B28D985AE4}.job C:\WINDOWS\system32\msfeedssync.exe [已启用] SogouImeMgr.job C:\PROGRA~1\SOGOUI~1\400~1.209\PinyinRepair.exe [已启用] Norton Internet Security - 运行全面系统扫描 - jyb.job C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe [已启用] GoogleUpdateTaskUserS-1-5-21-746137067-682003330-725345543-1003.job C:\Documents and Settings\jyb\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [已启用] AppleSoftwareUpdate.job C:\Program Files\Apple Software Update\SoftwareUpdate.exe ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]