江民系统诊断报告 V1.0.8.318 诊断时间: 2011-06-14 1:04:16 处理器(CPU): Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz 物理内存: 1.37 GB 操作系统: Microsoft Windows XP Home Edition Service Pack 3 (Build 2600) IE版本: Internet Explorer V8.0.6001.18702 ================================================== 进程和模块列表 ================================================== <1180> smss.exe [\SystemRoot\System32\smss.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] <1284> csrss.exe [C:\WINDOWS\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,3072,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\KERNEL32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] <1316> winlogon.exe [winlogon.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] <1364> services.exe [C:\WINDOWS\system32\services.exe] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <1376> lsass.exe [C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <1532> ati2evxx.exe [C:\WINDOWS\System32\Ati2evxx.exe] [ATI Technologies Inc. / 6.14.10.4132] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <1548> svchost.exe [C:\WINDOWS\system32\svchost -k DcomLaunch] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <1652> svchost.exe [C:\WINDOWS\system32\svchost.exe -k rpcss] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <1704> svchost.exe [C:\WINDOWS\System32\svchost.exe -k netsvcs] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [c:\windows\system32\wzcsvc.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-0852)] <1788> svchost.exe [C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <1968> svchost.exe [C:\WINDOWS\System32\svchost.exe -k NetworkService] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <292> svchost.exe [C:\WINDOWS\System32\svchost.exe -k LocalService] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <652> spoolsv.exe [C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation / 5.1.2600.6024 (xpsp_sp3_gdr.100817-1626)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\bthcrp.dll] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\WidcommSdk.dll] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\wbtapi.dll] [Broadcom Corporation. / 4.0.1.3500] <704> scardsvr.exe [C:\WINDOWS\System32\SCardSvr.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <2028> svchost.exe [C:\WINDOWS\System32\svchost.exe -k LocalService] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <164> AppleMobileDeviceService.exe ["C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"] [Apple Inc. / 17.66.0.47] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <188> mDNSResponder.exe ["C:\Program Files\Bonjour\mDNSResponder.exe"] [Apple Inc. / 2.0.5.0] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] <220> btwdins.exe ["C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe"] [Broadcom Corporation. / 4.0.1.3500] [C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\HID.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2108)] <276> MDM.EXE ["C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE"] [Microsoft Corporation / 7.00.9466] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation / 7.00.9466] <552> SeaPort.exe ["C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"] [Microsoft Corporation / 3.0.126.0] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\SensApi.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <840> svchost.exe [C:\WINDOWS\System32\svchost.exe -k imgsvc] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <856> ULCDRSvr.exe ["C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe"] [Ulead Systems, Inc. / 1, 0, 0, 5] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] <920> DctSer.exe ["C:\Program Files\Thunder Network\Thunder\Program\DctSer.exe"] [深圳市迅雷网络技术有限公司 / 1.0.1.81] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <192> alg.exe [C:\WINDOWS\System32\alg.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <1224> ati2evxx.exe [Ati2evxx.exe -Client] [ATI Technologies Inc. / 6.14.10.4132] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] <1604> WGATray.exe ["C:\WINDOWS\system32\WgaTray.exe"] [Microsoft Corporation / 1.7.0105.14] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SensApi.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2108)] [C:\WINDOWS\system32\WZCSvc.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] <2004> explorer.exe [C:\WINDOWS\Explorer.EXE] [Microsoft Corporation / 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] [C:\WINDOWS\system32\kvinstall.dll] [Jiangmin Co.,Ltd / 2, 0, 7, 831] [C:\WINDOWS\system32\btncopy.dll] [Broadcom Corporation. / 4.0.1.3500] <2444> SafeSignCertReg.exe ["C:\WINDOWS\system32\SafeSignCertReg.exe" ] [A.E.T. Europe B.V. / 2.0.0.2] [C:\WINDOWS\system32\SafeSignCertReg.exe] [A.E.T. Europe B.V. / 2.0.0.2] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <2636> KVMonXP.kxp ["C:\Program Files\JiangMin\AntiVirus\KVMonXP.kxp" ] [Jiangmin Co.Ltd / 2, 0, 8, 411] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kvinstall.dll] [Jiangmin Co.,Ltd / 2, 0, 7, 831] [C:\Program Files\JiangMin\AntiVirus\lang\kvmonxp0804.lng] [ / ] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] [C:\Program Files\JiangMin\common\GUIEXT.DLL] [Jiangmin Co.Ltd / 2, 0, 7, 828] [C:\Program Files\JiangMin\common\lang\guiext0804.lng] [JiangMin Ltd. / 7, 1, 0, 200] [C:\Program Files\JiangMin\Common\KvInterpreter.dll] [Jiangmin Co., Ltd. / 11, 0, 7, 806] [C:\Program Files\JiangMin\AntiVirus\KVFileMon.dll] [Jiangmin Co.Ltd / 2, 0, 7, 823] [C:\Program Files\JiangMin\AntiVirus\KVNotifyUI.dll] [Jiangmin Co.Ltd / 2.0.8.104] [C:\Program Files\JiangMin\AntiVirus\lang\KVNotifyUI0804.lng] [ / ] [C:\Program Files\JiangMin\common\ComUI.dll] [Jiangmin Co., Ltd. / 1.0.7.1114] [C:\Program Files\JiangMin\common\KvDetect.dll] [Jiangmin Co.Ltd / 1, 0, 8, 114] [C:\Program Files\JiangMin\AntiVirus\KVMon.dll] [Jiangmin Co., Ltd. / 1, 0, 7, 1126] [C:\Program Files\JiangMin\AntiVirus\lang\KVMon0804.lng] [Jiangmin Co., Ltd. / 1, 0, 7, 802] [C:\Program Files\JiangMin\AntiVirus\KVNetMon.dll] [Jiangmin Co.Ltd / 2, 0, 7, 707] [C:\Program Files\JiangMin\AntiVirus\JmIMProtectEnum.dll] [Jiangmin Co., Ltd. / 10, 0, 7, 726] [C:\Program Files\JiangMin\AntiVirus\Kvwshm.dll] [Jiangmin Co., Ltd. / 10, 0, 7, 716] [C:\Program Files\JiangMin\Common\AdpLoader.dll] [Jiangmin Co., Ltd. / 11, 0, 7, 831] [C:\Program Files\JiangMin\antivirus\lang\JmTrojDie0804.lng] [ / 10, 0, 7, 816] [C:\Program Files\JiangMin\antivirus\KRegEx.dll] [Jiangmin Co., Ltd. / 10, 0, 7, 725] [C:\Program Files\JiangMin\AntiVirus\lang\KVDetect0804.lng] [ / ] [C:\Program Files\JiangMin\KVFW\FWUI.dll] [Jiangmin Co., Ltd. / 11, 0, 7, 830] [C:\Program Files\JiangMin\KVFW\lang\FWUIRes0804.lng] [ / 1, 0, 0, 1] [C:\Program Files\JiangMin\KVFW\FWLG.dll] [Jiangmin Co., Ltd. / 11, 0, 7, 1019] [C:\Program Files\JiangMin\KVFW\FWLOG.dll] [Jiangmin Co., Ltd. / 11, 0, 7, 608] [C:\Program Files\JiangMin\KVFW\FWPT.dll] [Jiangmin Co., Ltd. / 11, 0, 7, 524] [C:\Program Files\JiangMin\KVFW\XMLBroker.dll] [Jiangmin Co., Ltd. / 11, 0, 7, 1025] [C:\Program Files\JiangMin\KVFW\JmFwDDos.dll] [Jiangmin Co., Ltd. / 11, 0, 7, 827] <2656> iTunesHelper.exe ["C:\Program Files\iTunes\iTunesHelper.exe" ] [Apple Inc. / 10.2.2.14] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] [C:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc. / 7.6.9 (1680.9)] [C:\Program Files\QuickTime\QTSystem\QTCF.dll] [Apple Inc. / 7.6.9 (1680.9)] <2692> ctfmon.exe ["C:\WINDOWS\system32\ctfmon.exe" ] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] <2704> QvodTerminal.exe ["C:\Program Files\QvodPlayer\QvodTerminal.exe" ] [Shenzhen QVOD Technology Co.,Ltd / 3, 5, 0, 65] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] <2712> GoogleToolbarNotifier.exe ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" ] [Google Inc. / 4, 1, 509, 1944] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] <2936> BTTray.exe ["C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe" ] [Broadcom Corporation. / 4.0.1.3500] [C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\wbtapi.dll] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\btosif.dll] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\btwhidcs.DLL] [Broadcom Corporation. / 4.0.1.3500] [C:\Program Files\WIDCOMM\Bluetooth Software\BtBalloon.dll] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\btrez.dll] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\CSH.dll] [Blue Sky Software Corporation / 2.00.039] [C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll] [ / ] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] [C:\WINDOWS\system32\hid.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2108)] <3144> BTSTAC~1.EXE [C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE -Embedding] [Broadcom Corporation. / 4.0.1.3500] [C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\btins.dll] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\btosif.dll] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\BtAudioHelper.dll] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\btrez.dll] [Broadcom Corporation. / 4.0.1.3500] [C:\WINDOWS\system32\CSH.dll] [Blue Sky Software Corporation / 2.00.039] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] <3732> iPodService.exe ["C:\Program Files\iPod\bin\iPodService.exe"] [Apple Inc. / 10.2.2.14] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] <2120> Maxthon.exe ["D:\Maxthon2\Maxthon.exe" ] [Maxthon International ltd. / 2, 5, 16, 1000] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\IMM32.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] [D:\Maxthon2\Modules\MxMute\MxMute.dll] [Maxthon International ltd. / 1, 0, 0, 11] <3744> KVSysCheck.exe ["C:\Program Files\JiangMin\Antivirus\KVSysCheck.exe" ] [Jiangmin Co., Ltd. / 1, 0, 8, 324] [C:\Program Files\JiangMin\Antivirus\KVSysCheck.exe] [Jiangmin Co., Ltd. / 1, 0, 8, 324] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kvinstall.dll] [Jiangmin Co.,Ltd / 2, 0, 7, 831] [C:\Program Files\JiangMin\common\KvDetect.dll] [Jiangmin Co.Ltd / 1, 0, 8, 114] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] [C:\Program Files\JiangMin\common\GUIEXT.DLL] [Jiangmin Co.Ltd / 2, 0, 7, 828] [C:\Program Files\JiangMin\common\lang\guiext0804.lng] [JiangMin Ltd. / 7, 1, 0, 200] [C:\WINDOWS\System32\Msimtf.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\Program Files\JiangMin\AntiVirus\KVAddrDb.dll] [Jiangmin Co., Ltd. / 11, 0, 7, 1015] [C:\WINDOWS\system32\SensApi.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2108)] <784> kvxp.kxp ["C:\Program Files\JiangMin\AntiVirus\kvxp.kxp"] [Jiangmin Co.,Ltd / 2, 0, 8, 516] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kvinstall.dll] [Jiangmin Co.,Ltd / 2, 0, 7, 831] [C:\Program Files\JiangMin\AntiVirus\lang\kvxp0804.lng] [ / ] [C:\Program Files\JiangMin\common\GUIEXT.DLL] [Jiangmin Co.Ltd / 2, 0, 7, 828] [C:\Program Files\JiangMin\common\lang\guiext0804.lng] [JiangMin Ltd. / 7, 1, 0, 200] [C:\WINDOWS\system32\freeime.ime] [极点五笔工作室 / 7.1.0.0] [C:\Program Files\JiangMin\Common\KvInterpreter.dll] [Jiangmin Co., Ltd. / 11, 0, 7, 806] [C:\Program Files\JiangMin\AntiVirus\VirusUpload.dll] [ / 2, 3, 8, 920] <2332> kvsrvxp.exe ["C:\Program Files\JiangMin\AntiVirus\kvsrvxp.exe" /Service] [Jiangmin Co., Ltd. / 10, 0, 8, 507] [C:\Program Files\JiangMin\AntiVirus\kvsrvxp.exe] [Jiangmin Co., Ltd. / 10, 0, 8, 507] [C:\WINDOWS\system32\ntdll.dll] [Microsoft Corporation / 5.1.2600.6055 (xpsp_sp3_gdr.101209-1647)] [C:\WINDOWS\system32\kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [C:\WINDOWS\system32\GDI32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [C:\WINDOWS\system32\ADVAPI32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [C:\WINDOWS\system32\RPCRT4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [C:\WINDOWS\system32\Secur32.dll] [Microsoft Corporation / 5.1.2600.5834 (xpsp_sp3_gdr.090624-1305)] [C:\WINDOWS\system32\SHLWAPI.dll] [Microsoft Corporation / 6.00.2900.5912 (xpsp_sp3_gdr.091207-1454)] [C:\WINDOWS\system32\IMM32.DLL] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kvinstall.dll] [Jiangmin Co.,Ltd / 2, 0, 7, 831] [C:\Program Files\JiangMin\AntiVirus\lang\SvcSafe0804.lng] [ / ] [C:\Program Files\JiangMin\KVOL\autoUpdate.dll] [Jiangmin Co.Ltd / 2, 0, 8, 305] [C:\Program Files\JiangMin\antivirus\KVAutoLS.dll] [Jiangmin Co.Ltd / 2, 0, 7, 904] [C:\Program Files\JiangMin\Kernel\Scan.dll] [Jiangmin Co., Ltd. / 2, 0, 9, 327] [C:\Program Files\JiangMin\AntiVirus\lang\KvMailRes0804.lng] [ / ] [C:\Program Files\JiangMin\AntiVirus\KvAddrDb.dll] [Jiangmin Co., Ltd. / 11, 0, 7, 1015] [C:\Program Files\JiangMin\AntiVirus\KvMailDb.dll] [Jiangmin Co., Ltd. / 10, 0, 7, 707] [C:\Program Files\JiangMin\KVOL\UpdatePlugIn.dll] [Jiangmin Co., Ltd. / 1, 0, 6, 831] ================================================== 启动项列表 ================================================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\run] [IMJPMIG8.1] ["C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32] [Microsoft Corporation / 8.1.4202.0] [CertificateRegistration] [SafeSignCertReg.exe] [A.E.T. Europe B.V. / 2.0.0.2] [High Definition Audio Property Page Shortcut] [; HDAShCut.exe] [ / ] [HornetMonitor] [; C:\Program Files\Common Files\Hornet\MntrHrnt.exe] [ / ] [UUSeeMediaCenter] ["C:\PROGRA~1\COMMON~1\uusee\UUSeeMediaCenter.exe"] [ / ] [KVMON] ["C:\Program Files\JiangMin\AntiVirus\KVMonXP.kxp"] [Jiangmin Co.Ltd / 2, 0, 8, 411] [QuickTime Task] ["C:\Program Files\QuickTime\QTTask.exe" -atboottime] [Apple Inc. / 7.6.9 (1680.9)] [iTunesHelper] ["C:\Program Files\iTunes\iTunesHelper.exe"] [Apple Inc. / 10.2.2.14] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\run] [ctfmon.exe] [C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [QvodPlayer] [C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd / 3, 5, 0, 65] [swg] ["C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"] [Google Inc. / 4, 1, 509, 1944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] [Shell] [Explorer.exe] [Microsoft Corporation / 6.00.2900.5512 (xpsp.080413-2105)] [UIHost] [%SystemRoot%\system32\logonui.exe] [Microsoft Corporation / 6.00.2900.5512 (xpsp.080413-2105)] [Userinit] [C:\WINDOWS\system32\Userinit.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options] [Your Image File Name Here without a path] [ntsd -d] [Microsoft Corporation / 5.1.2600.0 (XPClient.010817-1148)] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [AtiExtEvent] [Ati2evxx.dll] [ATI Technologies Inc. / 6.14.10.4132] [crypt32chain] [crypt32.dll] [Microsoft Corporation / 5.131.2600.5512 (xpsp.080413-2113)] [cryptnet] [cryptnet.dll] [Microsoft Corporation / 5.131.2600.5512 (xpsp.080413-2113)] [cscdll] [cscdll.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [dimsntfy] [%SystemRoot%\System32\dimsntfy.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [ScCertProp] [wlnotify.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [Schedule] [wlnotify.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [sclgntfy] [sclgntfy.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [SensLogn] [WlNotify.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [termsrv] [wlnotify.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [WgaLogon] [WgaLogon.dll] [Microsoft Corporation / 1.7.0018.5] [wlballoon] [wlnotify.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\BootExecute] [BootExecute] [autocheck autochk *] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2111)] [BootExecute] [kvnative.exe] [Jiangmin Co., Ltd. / 2, 1, 8, 708] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs] [advapi32] [advapi32.dll] [Microsoft Corporation / 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)] [comdlg32] [comdlg32.dll] [Microsoft Corporation / 6.00.2900.5512 (xpsp.080413-2105)] [gdi32] [gdi32.dll] [Microsoft Corporation / 5.1.2600.5698 (xpsp_sp3_gdr.081022-1932)] [imagehlp] [imagehlp.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [kernel32] [kernel32.dll] [Microsoft Corporation / 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)] [lz32] [lz32.dll] [Microsoft Corporation / 5.1.2600.0 (xpclient.010817-1148)] [ole32] [ole32.dll] [Microsoft Corporation / 5.1.2600.6010 (xpsp_sp3_gdr.100712-1633)] [oleaut32] [oleaut32.dll] [Microsoft Corporation / 5.1.2600.5512] [olecli32] [olecli32.dll] [Microsoft Corporation / 1.07 (xpsp.080413-2108)] [olecnv32] [olecnv32.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2108)] [olesvr32] [olesvr32.dll] [Microsoft Corporation / 1.09 (XPClient.010817-1148)] [olethk32] [olethk32.dll] [Microsoft Corporation / 5.1.2600.0 (XPClient.010817-1148)] [rpcrt4] [rpcrt4.dll] [Microsoft Corporation / 5.1.2600.6022 (xpsp_sp3_gdr.100813-1643)] [shell32] [shell32.dll] [Microsoft Corporation / 6.00.2900.6072 (xpsp_sp3_gdr.110121-1719)] [url] [url.dll] [Microsoft Corporation / 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] [urlmon] [urlmon.dll] [Microsoft Corporation / 8.00.6001.19048 (longhorn_ie8_gdr.110221-1700)] [user32] [user32.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [version] [version.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [wininet] [wininet.dll] [Microsoft Corporation / 8.00.6001.19044 (longhorn_ie8_gdr.110211-1700)] [wldap32] [wldap32.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] [browseui] [browseui.dll] [Microsoft Corporation / 6.00.2900.5512 (xpsp.080413-2105)] [lpk] [lpk.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [msacm32] [msacm32.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-0845)] [psapi] [psapi.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [shimeng] [shimeng.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [usp10] [usp10.dll] [Microsoft Corporation / 1.0420.2600.5969 (xpsp_sp3_gdr.100416-1716)] [uxtheme] [uxtheme.dll] [Microsoft Corporation / 6.00.2900.5512 (xpsp.080413-2105)] [ws2_32] [ws2_32.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-0852)] [mfc40] [mfc40.dll] [Microsoft Corporation / 4.1.6151] [imm32] [imm32.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2105)] [d3d9] [d3d9.dll] [Microsoft Corporation / 5.03.2600.5512 (xpsp.080413-0845)] ================================================== 服务项列表 ================================================== 6to4 WIN32 SHARE PROCESS AUTO START RUNNING [C:\WINDOWS\system32\svchost.exe -k netsvcs -- C:\WINDOWS\System32\6to4svc.dll] [Microsoft Corporation / 5.1.2600.5935 (xpsp_sp3_gdr.100211-1404)] AppMgmt WIN32 SHARE PROCESS DEMAND START STOPPED [C:\WINDOWS\system32\svchost.exe -k netsvcs -- C:\WINDOWS\System32\appmgmts.dll] [ / ] btwdins WIN32 OWN PROCESS AUTO START RUNNING [C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe] [Broadcom Corporation. / 4.0.1.3500] FLEXnet Licensing Service WIN32 OWN PROCESS DEMAND START STOPPED ["C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"] [Macrovision Europe Ltd. / 11.03.005] HidServ WIN32 SHARE PROCESS DISABLED STOPPED [C:\WINDOWS\System32\svchost.exe -k netsvcs -- C:\WINDOWS\System32\hidserv.dll] [ / ] IDriverT WIN32 OWN PROCESS DEMAND START STOPPED ["C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"] [Macrovision Corporation / 11.00.28844] KVSrvXP WIN32 OWN PROCESS AUTO START RUNNING [C:\Program Files\JiangMin\AntiVirus\kvsrvxp.exe /Service] [Jiangmin Co., Ltd. / 10, 0, 8, 507] Netlogon WIN32 SHARE PROCESS DEMAND START STOPPED [C:\WINDOWS\System32\lsass.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] NetTcpPortSharing WIN32 SHARE PROCESS DISABLED STOPPED ["c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe" -- ] [ / ] NtLmSsp WIN32 SHARE PROCESS DEMAND START STOPPED [C:\WINDOWS\System32\lsass.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] PolicyAgent WIN32 SHARE PROCESS AUTO START RUNNING [C:\WINDOWS\System32\lsass.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] ProtectedStorage WIN32 SHARE PROCESS AUTO START RUNNING [C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] SamSs WIN32 SHARE PROCESS AUTO START RUNNING [C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-2113)] vbvuewn WIN32 SHARE PROCESS AUTO START STOPPED [C:\WINDOWS\system32\svchost.exe -k netsvcs -- C:\WINDOWS\system32\tjxacvi.dll] [ / ] WZCSVC WIN32 SHARE PROCESS AUTO START RUNNING [C:\WINDOWS\System32\svchost.exe -k netsvcs -- C:\WINDOWS\System32\wzcsvc.dll] [Microsoft Corporation / 5.1.2600.5512 (xpsp.080413-0852)] ================================================== 驱动列表 ================================================== AegisP KERNEL DRIVER AUTO START PNP_TDI [C:\WINDOWS\system32\DRIVERS\AegisP.sys] [Meetinghouse Data Communications / 3.4.5.0] Alidevice KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\Alidevice.sys] [alipay.com / 1.00 built by: WinDDK] BTDriver KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\DRIVERS\btport.sys] [Broadcom Corporation. / 4.0.1.3500] BTKRNL KERNEL DRIVER DEMAND START Extended Base [C:\WINDOWS\system32\DRIVERS\btkrnl.sys] [Broadcom Corporation. / 4.0.1.3500] btwmodem KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\DRIVERS\btwmodem.sys] [Broadcom Corporation. / 4.0.1.3500] BTWUSB KERNEL DRIVER DEMAND START Base [C:\WINDOWS\System32\Drivers\btwusb.sys] [Broadcom Corporation. / 4.0.1.3500] d347bus KERNEL DRIVER BOOT START Boot Bus Extender [C:\WINDOWS\system32\DRIVERS\d347bus.sys] [ / 3.47.0.0 built by: WinDDK] d347prt KERNEL DRIVER BOOT START SCSI miniport [C:\WINDOWS\System32\Drivers\d347prt.sys] [ / 3.47.0.0 built by: WinDDK] hwusbser KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\DRIVERS\ewusbser.sys] [QUALCOMM Incorporated / 2. 0. 2. 2] JmFwDDos KERNEL DRIVER AUTO START None [C:\WINDOWS\system32\DRIVERS\JmFwDDos.sys] [Jiangmin Co., Ltd. / 11, 0, 7, 807] KSysMon KERNEL DRIVER SYSTEM START None [C:\Program Files\JiangMin\AntiVirus\KSysMon.sys] [Jiangmin Co., Ltd. / 11, 0, 9, 108] NPF KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\npf.sys] [Politecnico di Torino / 3, 0, 0, 18] npkcrypt KERNEL DRIVER AUTO START Keyboard [C:\Program Files\Tencent\QQ\npkcrypt.sys] [INCA Internet Co., Ltd. / 2005. 11. 1. 1] softctrl KERNEL DRIVER DEMAND START PNP Filter [C:\WINDOWS\system32\DRIVERS\softctrl.sys] [Alcor Micro Corp. / 1, 0, 2, 2] Tcpip KERNEL DRIVER SYSTEM START PNP_TDI [C:\WINDOWS\System32\DRIVERS\tcpip.sys] [Microsoft Corporation / 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] UIUSys KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\DRIVERS\UIUSYS.SYS] [Conexant Systems, Inc / 4.0.0.1] ******************************** File not found ******************************** Abiosdsk KERNEL DRIVER DISABLED Primary disk [C:\WINDOWS\system32\drivers\Abiosdsk.sys] [ / ] abp480n5 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\abp480n5.sys] [ / ] adpu160m KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\adpu160m.sys] [ / ] Aha154x KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\Aha154x.sys] [ / ] aic78u2 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\aic78u2.sys] [ / ] aic78xx KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\aic78xx.sys] [ / ] AliIde KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\drivers\AliIde.sys] [ / ] amsint KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\amsint.sys] [ / ] asc KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\asc.sys] [ / ] asc3350p KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\asc3350p.sys] [ / ] asc3550 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\asc3550.sys] [ / ] Atdisk KERNEL DRIVER DISABLED Primary disk [C:\WINDOWS\system32\drivers\Atdisk.sys] [ / ] cd20xrnt KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\cd20xrnt.sys] [ / ] Changer KERNEL DRIVER SYSTEM START Filter [C:\WINDOWS\system32\drivers\Changer.sys] [ / ] CmdIde KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\drivers\CmdIde.sys] [ / ] Cpqarray KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\Cpqarray.sys] [ / ] dac2w2k KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\dac2w2k.sys] [ / ] dac960nt KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\dac960nt.sys] [ / ] dpti2o KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\dpti2o.sys] [ / ] hpn KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\hpn.sys] [ / ] hwusbfake KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\DRIVERS\ewusbfake.sys] [ / ] i2omgmt KERNEL DRIVER SYSTEM START SCSI Class [C:\WINDOWS\system32\drivers\i2omgmt.sys] [ / ] i2omp KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\i2omp.sys] [ / ] ini910u KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\ini910u.sys] [ / ] IntelIde KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\drivers\IntelIde.sys] [ / ] KAVSafe KERNEL DRIVER AUTO START PNP_TDI [C:\WINDOWS\system32\Drivers\KAVSafe.sys] [ / ] lbrtfdc KERNEL DRIVER SYSTEM START System Bus Extender [C:\WINDOWS\system32\drivers\lbrtfdc.sys] [ / ] MMTUsb KERNEL DRIVER DEMAND START PNP Filter [C:\WINDOWS\system32\DRIVERS\MMTUsb.sys] [ / ] mraid35x KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\mraid35x.sys] [ / ] npkycryp KERNEL DRIVER DEMAND START Keyboard [C:\Program Files\Tencent\QQ\npkycryp.sys] [ / ] PCIDump KERNEL DRIVER SYSTEM START PCI Configuration [C:\WINDOWS\system32\drivers\PCIDump.sys] [ / ] PDCOMP KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\PDCOMP.sys] [ / ] PDFRAME KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\PDFRAME.sys] [ / ] PDRELI KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\PDRELI.sys] [ / ] PDRFRAME KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\PDRFRAME.sys] [ / ] perc2 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\perc2.sys] [ / ] perc2hib KERNEL DRIVER DISABLED Filter [C:\WINDOWS\system32\drivers\perc2hib.sys] [ / ] qccdcmdm1 KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\DRIVERS\qcusbmdm.sys] [ / ] ql1080 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\ql1080.sys] [ / ] Ql10wnt KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\Ql10wnt.sys] [ / ] ql12160 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\ql12160.sys] [ / ] ql1240 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\ql1240.sys] [ / ] ql1280 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\ql1280.sys] [ / ] RTL8187B KERNEL DRIVER DEMAND START NDIS [C:\WINDOWS\system32\DRIVERS\wg111v3.sys] [ / ] Simbad KERNEL DRIVER DISABLED Filter [C:\WINDOWS\system32\drivers\Simbad.sys] [ / ] Sparrow KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\Sparrow.sys] [ / ] symc810 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\symc810.sys] [ / ] symc8xx KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\symc8xx.sys] [ / ] sym_hi KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\sym_hi.sys] [ / ] sym_u3 KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\sym_u3.sys] [ / ] TosIde KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\drivers\TosIde.sys] [ / ] ultra KERNEL DRIVER DISABLED SCSI miniport [C:\WINDOWS\system32\drivers\ultra.sys] [ / ] ViaIde KERNEL DRIVER DISABLED System Bus Extender [C:\WINDOWS\system32\drivers\ViaIde.sys] [ / ] WDICA KERNEL DRIVER DEMAND START None [C:\WINDOWS\system32\drivers\WDICA.sys] [ / ] ================================================== 浏览器加载项列表 ================================================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] [江民杀毒工具栏] [C:\Program Files\JiangMin\AntiVirus\KVshell.dll] [Jiangmin Co.Ltd / 2, 0, 7, 1018] {B5A34A93-D538-43A7-8371-864CB6148D12} [&Windows Live Toolbar] [C:\Program Files\Windows Live\Toolbar\wltcore.dll] [Microsoft Corporation / 14.0.8117.0416] {21FA44EF-376D-4D53-9B0F-8A89D3229068} [Google Toolbar] [C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll] [Google Inc. / 7, 0, 1710, 2246 ] {2318C2B1-4965-11d4-9B18-009027A5CD4F} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions] [写入日志] [C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll] [Google Inc. / 7, 0, 1710, 2246 ] {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [信息检索] [C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll] [Google Inc. / 7, 0, 1710, 2246 ] {92780B25-18CC-41C8-B9BE-3C9C571A8263} [PPLive] [C:\Program Files\PPLive\PPTV\PPLive.exe] [PPLive Corporation / 2, 3, 0, 2] {95B3F550-91C4-4627-BCC4-521288C52977} [PPLive] [%windir%\Network Diagnostic\xpnetdiag.exe] [ / ] {e2e2dd38-d088-4134-82b7-f2ba38496583} [Messenger] [C:\Program Files\Messenger\msmsgs.exe] [Microsoft Corporation / 4.7.3001] {FB5F1910-F110-11d2-BB9E-00C04F795683} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] [0B9A87C2-967A-F748-06BD-695410BF6BB9 Class] [C:\Program Files\QvodPlayer\AddIn\QvodAddr.dll] [ / 1, 0, 2, 23] {0B9A87C2-967A-F748-06BD-695410BF6BB9} [522E222C-0826-E9CA-D964-B48F35705B68 Class] [C:\Program Files\QvodPlayer\AddIn\QvodAddr.dll] [ / 1, 0, 2, 23] {522E222C-0826-E9CA-D964-B48F35705B68} [QvodExtend] [C:\Program Files\0056\QVOD\QvodExtend.dll] [ / ] {53AC8551-0DE0-4606-8A1E-A51AF20ADD60} [Search Helper] [C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll] [Microsoft Corporation / 3.0.126.0] {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} [BOC ProcessProtect Class] [C:\WINDOWS\system32\ProcessProtection.dll] [www.ISRA.org.cn / 1, 3, 7, 17] {776B71E2-B4CC-4C94-BC7C-09103AA690B6} [BrowseHelper Class] [C:\Program Files\JiangMin\AntiVirus\KVshell.dll] [Jiangmin Co.Ltd / 2, 0, 7, 1018] {80BF4637-D65B-43F3-BB60-C5DD3D5FB7B9} [迅雷下载支持] [C:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.4.2104.dll] [深圳市迅雷网络技术有限公司 / 7,1,4,2104] {889D2FEB-5411-4565-8998-1DD2C5261283} [Windows Live 登录帮助程序] [C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll] [Microsoft Corporation / 5.000.818.5] {9030D464-4C02-4ABF-8ECC-5164760863C6} [{951C2E2E-0233-4C10-A4F4-858354DC2EE8}] [] [ / ] {951C2E2E-0233-4C10-A4F4-858354DC2EE8} [Google Toolbar Notifier BHO] [C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll] [Google Inc. / 5, 7, 6406, 1642] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [Windows Live Toolbar Helper] [C:\Program Files\Windows Live\Toolbar\wltcore.dll] [Microsoft Corporation / 14.0.8117.0416] {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} [RegisterHelper Class] [C:\Program Files\JiangMin\AntiVirus\UrlGuard.dll] [Jiangmin Co., Ltd. / 1, 0, 8, 204] {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt] [Add to Windows &Live Favorites] [http://favorites.live.com/quickadd.aspx] [ / ] {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} [Google 边栏评注...] [res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html] [ / ] {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} [上传到淘江湖相册] [C:\Program Files\Alisoft\WangWang\AddToAlbum.htm] [ / ] {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} [使用迅雷下载] [C:\Program Files\Thunder Network\Thunder\BHO\geturl.htm] [ / ] {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} [使用迅雷下载全部链接] [C:\Program Files\Thunder Network\Thunder\BHO\GetAllUrl.htm] [ / ] {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} [使用迅雷查看图片] [C:\Program Files\Thunder Network\Thunder\Program\repairimage.htm] [ / ] {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} [使用迅雷离线下载] [C:\Program Files\Thunder Network\Thunder\Program\OfflineDownload.htm] [ / ] {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} [发送到 Bluetooth(&B)] [C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm] [ / ] {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} [导出到 Microsoft Office Excel(&X)] [res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000] [ / ] {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} [添加为阿里旺旺表情] [C:\Program Files\Alisoft\WangWang\AddNewEmotion.htm] [ / ] {FF354A24-B490-4D4F-8EEC-B3ACD6E681A4} [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] [Microsoft Url Search Hook] [C:\WINDOWS\system32\ieframe.dll] [Microsoft Corporation / 8.00.6001.19048 (longhorn_ie8_gdr.110221-1700)] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars] [每日提示(&T)] [C:\WINDOWS\System32\shdocvw.dll] [Microsoft Corporation / 6.00.2900.5512 (xpsp.080413-2105)] {4D5C8C25-D075-11d0-B416-00C04FB90376} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] [URL 执行挂钩] [C:\WINDOWS\System32\shell32.dll] [Microsoft Corporation / 6.00.2900.6072 (xpsp_sp3_gdr.110121-1719)] {AEB6717E-7E19-11d0-97EE-00C04FD91972} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] [Browseui 预加载程序] [C:\WINDOWS\System32\browseui.dll] [Microsoft Corporation / 6.00.2900.5512 (xpsp.080413-2105)] {438755C2-A8BA-11D1-B96B-00A0C90312E1} [组件类别缓存程序] [C:\WINDOWS\System32\browseui.dll] [Microsoft Corporation / 6.00.2900.5512 (xpsp.080413-2105)] {8C7461EF-2B13-11d2-BE35-3078302C2030} ================================================== 文件关联信息 ================================================== .txt txtfile C:\WINDOWS\notepad.exe %1 .exe ExeFile "%1" %* .com ComFile "%1" %* .pif pifFile "%1" %* .reg regFile regedit.exe "%1" .bat batFile "%1" %* .scr scrFile "%1" /S .chm chm.file "hh.exe" %1 .hlp hlpfile %SystemRoot%\System32\winhlp32.exe %1 .ini inifile C:\WINDOWS\System32\NOTEPAD.EXE %1 .inf inffile %SystemRoot%\System32\NOTEPAD.EXE %1 .vbs VBSFile %SystemRoot%\System32\WScript.exe "%1" %* .js JSFile %SystemRoot%\System32\WScript.exe "%1" %* .lnk lnkfile {00021401-0000-0000-C000-000000000046} ================================================== Winsock服务提供者信息 ================================================== 000000000001 C:\WINDOWS\system32\mswsock.dll 000000000002 C:\WINDOWS\system32\mswsock.dll 000000000003 C:\WINDOWS\system32\mswsock.dll 000000000004 C:\WINDOWS\system32\rsvpsp.dll 000000000005 C:\WINDOWS\system32\rsvpsp.dll 000000000006 C:\WINDOWS\system32\mswsock.dll 000000000007 C:\WINDOWS\system32\mswsock.dll 000000000008 C:\WINDOWS\system32\mswsock.dll 000000000009 C:\WINDOWS\system32\mswsock.dll 000000000010 C:\WINDOWS\system32\mswsock.dll 000000000011 C:\WINDOWS\system32\mswsock.dll 000000000012 C:\WINDOWS\system32\mswsock.dll 000000000013 C:\WINDOWS\system32\mswsock.dll 000000000014 C:\WINDOWS\system32\mswsock.dll 000000000015 C:\WINDOWS\system32\mswsock.dll 000000000016 C:\WINDOWS\system32\mswsock.dll 000000000017 C:\WINDOWS\system32\mswsock.dll 000000000018 C:\WINDOWS\system32\mswsock.dll 000000000019 C:\WINDOWS\system32\mswsock.dll 000000000020 C:\WINDOWS\system32\mswsock.dll 000000000021 C:\WINDOWS\system32\mswsock.dll 000000000022 C:\WINDOWS\system32\mswsock.dll 000000000023 C:\WINDOWS\system32\mswsock.dll 000000000024 C:\WINDOWS\system32\mswsock.dll 000000000025 C:\WINDOWS\system32\mswsock.dll 000000000026 C:\WINDOWS\system32\mswsock.dll 000000000027 C:\WINDOWS\system32\mswsock.dll 000000000028 C:\WINDOWS\system32\mswsock.dll 000000000029 C:\WINDOWS\system32\mswsock.dll 000000000030 C:\WINDOWS\system32\mswsock.dll 000000000031 C:\WINDOWS\system32\mswsock.dll 000000000032 C:\WINDOWS\system32\mswsock.dll ================================================== 自动播放文件 ================================================== ================================================== Hosts文件 ================================================== ================================================== 隐藏文件列表 ================================================== C:\Documents and Settings\user\Cookies\user@atpanel[6].txt C:\Documents and Settings\user\Cookies\user@taobao[2].txt C:\Program Files\Internet Explorer\iexplore.exe ================================================== 隐藏注册表列表 ==================================================