求教高手,我的控制面板切换到经典视图后出现个未知的图标。点击后没有反应。右键点击后只有打开和创建快捷方式两个选项,点击打开没有反应,电极创建快捷方式后瑞星提示木马病毒自动查杀。附件已上传,请大虾们帮忙看看
2010-11-01,23:06:54
System Repair Engineer 2.8.2.1321Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中: 所有的启动项目(包括注册表、启动文件夹、服务等) 浏览器加载项 正在运行的进程(包括进程模块信息) 文件关联 Winsock 提供者 Autorun.inf HOSTS 文件 进程特权扫描 计划任务 Windows 安全更新检查 API HOOK 隐藏进程
启动项目注册表[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher] <OfficeSyncProcess><D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE> [(Verified)Microsoft Corporation] <PPAP><"C:\Program Files\Common Files\PPLiveNetwork\PPAP.EXE" -background> [(Verified)PPLive Corporation] <PPLiveVA><"d:\Program Files\PPLive\PPVA\PPLiveVA.exe" /LoadModule PPVA.DLL /M REAL /S 0 /T 0> [(Verified)PPLive Corporation] <FlashGetBHO><; > [N/A][HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] <shell><> [N/A][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <RFWTray><"C:\Program Files\Rising\Rfw\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Corporation Limited] <EvtMgr6><C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming> [(Verified)Logitech] <Adobe ARM><; "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"> [(Verified)Adobe Systems, Incorporated] <wdcertm_ccb><C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe> [ Beijing WatchData System Co., Ltd.] <Acrobat Assistant 8.0><"D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"> [(Verified)Adobe Systems, Incorporated] <USBKeyTools.exe><C:\Program Files\CCBComponents\HDZB\USBKeyTools.exe> [北京华大智宝电子系统有限公司] <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)NVIDIA Corporation] <IME14 CHS Setup><C:\PROGRA~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /CHS /Log> [(Verified)Microsoft Corporation] <BCSSync><"D:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices> [(Verified)Microsoft Corporation] <ComputerZ><; > [N/A] <LogitechQuickCamRibbon><; "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide> [(Verified)Logitech Inc][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] <Rav><"C:\PROGRAM FILES\RISING\RAV\Upgrade\Setup.exe" /TRAY /PRODUCT=Rav /BIGUPDATE /CUSTOM=C:\PROGRAM FILES\RISING\RAV\Upgrade\Upgrade.xml> [File is missing][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher] <Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <AppInit_DLLs><> [N/A][HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <WebCheck><C:\WINDOWS\system32\webcheck.dll> [(Verified)Microsoft Windows] <SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher] <UPnPMonitor><C:\WINDOWS\system32\upnpui.dll> [(Verified)Microsoft Windows Component Publisher] <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] <WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] <WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] <WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy] <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn] <WinlogonNotify: LBTWlgn><c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll> [(Verified)Logitech][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] <WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] <WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] <WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] <WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] <WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] <WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] <Internet Explorer 版本更新><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] <Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] <Browser Customizations><"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\aetsprov] <N/A><C:\WINDOWS\system32\regsvr32.exe /s C:\WINDOWS\system32\aetsprov.dll> [File is missing][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] <LightScribe Control Panel><"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"> [(Verified)Hewlett-Packard Company][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows Component Publisher][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [(Verified)Microsoft Corporation][HKEY_CURRENT_USER\Control Panel\Desktop] <SCRNSAVE.EXE><C:\WINDOWS\system32\logon.scr> [(Verified)Microsoft Windows Component Publisher]
==================================启动文件夹[QQ游戏启动加速程序] <C:\Documents and Settings\DEREK\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> D:\PROGRA~1\腾讯游戏\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
==================================服务[Firebird Guardian - DefaultInstance / FirebirdGuardianDefaultInstance][Running/Auto Start] <C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe -s><FirebirdSQL Project>[Firebird Server - DefaultInstance / FirebirdServerDefaultInstance][Running/Manual Start] <C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe -s><FirebirdSQL Project>[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>[Google Update Service (gupdate1c9b01cf81d1c40) / gupdate1c9b01cf81d1c40][Stopped/Auto Start] <"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc><Google Inc.>[hpqcxs08 / hpqcxs08][Running/Manual Start] <C:\WINDOWS\system32\svchost.exe -k hpdevmgmt-->c:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll><Hewlett-Packard Co.>[HP CUE DeviceDiscovery 服务 / hpqddsvc][Running/Auto Start] <C:\WINDOWS\system32\svchost.exe -k hpdevmgmt-->C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll><Hewlett-Packard Co.>[HDZB Comm Service For V2.0 / HZ_CommSrv][Running/Auto Start] <C:\WINDOWS\system32\HZ_CommSrv.exe><华大智宝电子系统有限公司>[InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>[Kingsoft Rescue Service / Kingsoft Rescue Service][Running/Auto Start] <C:\Program Files\kingsoft\KSM\ksmsvc.exe><>[Logitech Bluetooth Service / LBTServ][Running/Auto Start] <C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe><Logitech, Inc.>[LightScribeService Direct Disc Labeling Service / LightScribeService][Stopped/Disabled] <"C:\Program Files\Common Files\LightScribe\LSSrvc.exe"><Hewlett-Packard Company>[Process Monitor / LVPrcSrv][Running/Auto Start] <"C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe"><Logitech Inc.>[Net Driver HPZ12 / Net Driver HPZ12][Running/Auto Start] <C:\WINDOWS\System32\svchost.exe -k HPZ12-->C:\WINDOWS\system32\HPZinw12.dll><Hewlett-Packard>[NMIndexingService / NMIndexingService][Stopped/Manual Start] <"C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"><(File is missing)>[NVIDIA Display Driver Service / nvsvc][Running/Auto Start] <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>[Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start] <C:\WINDOWS\System32\svchost.exe -k HPZ12-->C:\WINDOWS\system32\HPZipm12.dll><Hewlett-Packard>[PnkBstrA / PnkBstrA][Stopped/Disabled] <C:\WINDOWS\system32\PnkBstrA.exe><N/A>[RFW Service / RsRFWMon][Running/Auto Start] <"C:\Program Files\Rising\Rfw\RavMonD.exe"><Beijing Rising Information Technology Co., Ltd.>[ServiceLayer / ServiceLayer][Stopped/Manual Start] <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia>[Audio Service / STacSV][Stopped/Auto Start] <><(File is missing)>[Ulead Burning Helper / UleadBurningHelper][Stopped/Disabled] <C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>[WatchData ccb V3.2 / WDMonitorCCB][Running/Auto Start] <C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe><Beijing WatchData System Co., Ltd.>
==================================驱动程序[AlcwDrv / AlcwDrv][Stopped/Manual Start] <\??\D:\Program Files\Super Rabbit\MagicSet\killvirus\AlcwDrv.sys><N/A>[BC / BC][Running/Boot Start] <\SystemRoot\system32\Drivers\BC.sys><Kingsoft Corporation>[bootsafe / bootsafe][Running/Boot Start] <\SystemRoot\system32\Drivers\bootsafe.sys><>[cpudrv / cpudrv][Stopped/Manual Start] <\??\C:\Program Files\SystemRequirementsLab\cpudrv.sys><N/A>[Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Stopped/Manual Start] <system32\DRIVERS\e1e5132.sys><Intel Corporation>[UVC Filter Service / FilterService][Stopped/Manual Start] <system32\DRIVERS\lvuvcflt.sys><Logitech Inc.>[usb Card Device / ft2kEnum][Running/Manual Start] <system32\DRIVERS\ic2kenum.sys><OEM Corporation>[USB Chip Holder Service / GDBaseSmc][Running/Manual Start] <system32\DRIVERS\Chip_smc.sys><OEM>[USB Chip Service / GD_USB][Stopped/Manual Start] <system32\DRIVERS\Chip_usb.sys><>[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>[Intel(R) Management Engine Interface / HECI][Running/Manual Start] <system32\DRIVERS\HECI.sys><Intel Corporation>[hookcont / hookcont][Running/Disabled] <system32\drivers\HookCont.sys><N/A>[HPFXBULK / HPFXBULK][Running/Manual Start] <system32\drivers\hpfxbulk.sys><Hewlett Packard>[HPFXFAX / HPFXFAX][Running/Manual Start] <system32\drivers\hpfxfax.sys><Hewlett Packard>[IOCBIOS / IOCBIOS][Stopped/Auto Start] <\??\C:\Documents and Settings\All Users\Application Data\Intel\Extreme Tuning Utility\IOCbios\32bit\IOCBIOS.SYS><N/A>[Logitech Beep Suppression Driver / LBeepKE][Running/Auto Start] <System32\Drivers\LBeepKE.sys><Logitech, Inc.>[Logitech SetPoint KMDF HID Filter Driver / LHidFilt][Running/Manual Start] <system32\DRIVERS\LHidFilt.Sys><Logitech, Inc.>[Logitech SetPoint KMDF Mouse Filter Driver / LMouFilt][Running/Manual Start] <system32\DRIVERS\LMouFilt.Sys><Logitech, Inc.>[LVPr2Mon Driver / LVPr2Mon][Running/Manual Start] <system32\Drivers\LVPr2Mon.sys><>[Logitech RightSound Filter Driver / LVRS][Running/Manual Start] <system32\DRIVERS\lvrs.sys><Logitech Inc.>[Logitech USB Monitor Filter / LVUSBSta][Running/Manual Start] <system32\drivers\LVUSBSta.sys><Logitech Inc.>[QuickCam Communicate Deluxe(UVC) / LVUVC][Running/Manual Start] <system32\DRIVERS\lvuvc.sys><Logitech Inc.>[mv614x / mv614x][Running/Boot Start] <\SystemRoot\system32\DRIVERS\mv614x.sys><N/A>[Nokia USB Phone Parent / nmwcd][Stopped/Manual Start] <system32\drivers\ccdcmb.sys><Nokia>[Nokia USB Generic / nmwcdc][Stopped/Manual Start] <system32\drivers\ccdcmbo.sys><Nokia>[Nokia USB Flashing Phone Parent / nmwcdnsu][Stopped/Manual Start] <system32\drivers\nmwcdnsu.sys><Nokia>[Nokia USB Flashing Generic / nmwcdnsuc][Stopped/Manual Start] <system32\drivers\nmwcdnsuc.sys><Nokia>[NetGroup Packet Filter Driver / npf][Stopped/Auto Start] <system32\drivers\npf.sys><N/A>[nv / nv][Running/Manual Start] <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>[osaio / osaio][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\osaio.sys><OSA Technologies, An Avocent Company>[PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start] <system32\DRIVERS\pccsmcfd.sys><Nokia>[PRODIGY / PRODIGY][Stopped/Manual Start] <System32\Drivers\PRODIGY.SYS><B-phreaks>[Direct Parallel Link Driver / Ptilink][Running/Manual Start] <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>[Quantum DeepScanner Servers / quxxxserv][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\quxxxrv.sys><360.cn>[SmartCard Reader Device / Reader_Device][Running/Manual Start] <system32\DRIVERS\usbic2k.sys><OEM>[Rising RfwARP Driver / RFWARP][Running/Auto Start] <system32\DRIVERS\rfwarp.sys><Beijing Rising Information Technology Co., Ltd.>[Rising RfwBase Driver / RfwBase9][Running/Manual Start] <system32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.>[rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\Rfw\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>[rsfwdrv / rsfwdrv][Running/System Start] <\??\C:\Program Files\Rising\Rfw\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>[D-Link Wireless Driver / RT61][Running/Manual Start] <system32\DRIVERS\RT61.sys><Ralink Technology, Corp.>[Secdrv / Secdrv][Stopped/Manual Start] <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>[Sonic Focus Plugin for Sigmatel HDA / sfng32][Stopped/Manual Start] <system32\drivers\sfng32.sys><Sonic Focus, Inc>[skbfsdrv / skbfsdrv][Running/System Start] <\??\C:\WINDOWS\system32\drivers\skbfsdrv.sys><360安全中心>[Intel(R) SMBus 2.0 Driver / smbusp][Running/Manual Start] <system32\DRIVERS\intelsmb.sys><Intel Corporation>[Sony USB Filter Driver (SONYPVU1) / SONYPVU1][Stopped/Manual Start] <system32\DRIVERS\SONYPVU1.SYS><Sony Corporation>[IDT High Definition Audio CODEC / STHDA][Running/Manual Start] <system32\drivers\sthda.sys><IDT, Inc.>[Anchorfree HSS Adapter / taphss][Stopped/Manual Start] <system32\DRIVERS\taphss.sys><AnchorFree Inc>[TCP/IP Protocol Driver / Tcpip][Running/System Start] <system32\DRIVERS\tcpip.sys><Microsoft Corporation>[upperdev / upperdev][Stopped/Manual Start] <system32\DRIVERS\usbser_lowerflt.sys><Nokia>[UsbserFilt / UsbserFilt][Stopped/Manual Start] <system32\DRIVERS\usbser_lowerfltj.sys><Nokia>
==================================浏览器加载项[迅雷流媒体探测IE支持] {01443AEC-0FD1-40fd-9C87-E93D1494C233} <, >[Adobe PDF Link Helper] {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>[] {2D90D33C-DE76-42D0-9040-E4466DDC24AC} <, >[迅雷下载支持] {889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.0.1962.dll, (Signed) 深圳市迅雷网络技术有限公司>[Download_Bho Class] {A986E409-30CC-4185-89BB-AB212C104524} <d:\Program Files\PPLive\PPVA\DownloaderManager.dll, (Signed) PPLive Corporation>[Adobe PDF Conversion Toolbar Helper] {AE7CD045-E861-484f-8273-0445EE161910} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>[Office Document Cache Handler] {B4F3A835-0E21-4959-BA22-42B3008E02FF} <D:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL, (Signed) Microsoft Corporation>[SmartSelect Class] {F4971EE7-DAA0-4053-9964-665D8EE6A077} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>[Adobe PDF] {47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>[System Requirements Lab Class] {1E54D648-B804-468d-BC78-4AFFED8E262F} <C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll, N/A>[] {2EDF75C0-5ABD-49f9-BAB6-220476A32034} <, >[InfoSecNetSign Class] {62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\DOWNLO~1\NetSign.dll, N/A>[GDGetVer Class] {7CCE07A5-A590-4554-B5C3-082840D7012E} <C:\WINDOWS\DOWNLO~1\ICBC_G~1.DLL, (Signed) >[InfoSecICBCNetSign Class] {B1FBC1AD-5644-4084-882A-0F8BA85E7506} <C:\WINDOWS\DOWNLO~1\ICBC_N~1.DLL, (Signed) Infosec Technologies Co., Ltd.>[] {000002A3-84FE-43F1-B958-F2C3CA804F1A} <, >[ADODB.Recordset] {00000535-0000-0010-8000-00AA006D2EA4} <C:\Program Files\Common Files\System\ado\msado15.dll, (Signed) Microsoft Corporation>[] {00000AAA-A363-466E-BEF5-9BB68697AA7F} <, >[] {00011268-E188-40DF-A514-835FCD78B1BF} <, >[] {0026439F-A980-4F18-8C95-4F1CBBF9C1D8} <, >[迅雷流媒体探测IE支持] {01443AEC-0FD1-40FD-9C87-E93D1494C233} <, >[Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, (Signed) Adobe Systems Incorporated>[] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >[] {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} <, >[] {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} <, >[InfosecCertInstall Class] {0EB487C8-E9AC-43A6-8C4C-083999B0622F} <C:\WINDOWS\system32\certInStall.dll, >[] {116BA71C-8187-4F15-9A1F-C9D6289155D1} <, >[MeadCo ScriptX] {1663ED61-23EB-11D2-B92F-008048FDD814} <C:\WINDOWS\system32\MCScripX.dll, (Signed) Mead & Co Limited>[MeadCo Extended HTML Printing] {1663ED6A-23EB-11D2-B92F-008048FDD814} <C:\WINDOWS\system32\MCPrintX.dll, (Signed) Mead & Co Limited>[Fade] {16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\WINDOWS\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>[Windows Genuine Advantage Validation Tool] {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, (Signed) Microsoft Corporation>[Adobe PDF Link Helper] {18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>[InformationCardSigninHelper Class] {19916E01-B44E-4E31-94A4-4696DF46157B} <C:\WINDOWS\system32\icardie.dll, (Signed) Microsoft Corporation>[InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\MMInstaller.dll, (Signed) Tencent>[iTrusPTA Class] {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >[] {1E36C446-29F0-4773-A3FB-59C5501446EB} <, >[System Requirements Lab Class] {1E54D648-B804-468D-BC78-4AFFED8E262F} <C:\WINDOWS\Downloaded Program Files\sysreqlab_nvd.dll, N/A>[InfoScan Control] {1F14548F-6975-40F1-AE24-6E2D1D449B2F} <C:\PROGRA~1\CCBCOM~1\Detector\InfoScan.dll, CCB>[] {219C3416-8CB2-491A-A3C7-D9FCDDC9D600} <, >[Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>[HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>[] {2670000A-7350-4F3C-8081-5663EE0C6C49} <, >[XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>[XSL Template] {2933BF94-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>[] {2974c985-8151-4de5-b23c-b875f0a8522f} <, >[DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>[] {2D90D33C-DE76-42D0-9040-E4466DDC24AC} <, >[] {2EDF75C0-5ABD-49F9-BAB6-220476A32034} <, >[] {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} <, >[] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <, >[IETag Factory] {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>[] {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <, >[GDGetTokenInfo Class] {3AA9CF07-DF20-48FF-98BE-DED276E40146} <C:\WINDOWS\system32\GDREAD~1.DLL, >[] {43869BB3-22FD-4F15-9B46-238106BA2F4E} <, >[Adobe PDF] {47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>[XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>[Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <d:\Program Files\Thunder Network\Thunder\BHO\ThunderAgent7.1.0.1962.dll, (Signed) 深圳市迅雷网络技术有限公司>[EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >[Microsoft RDP Client Control (redistributable) - version 6] {4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <C:\WINDOWS\system32\mstscax.dll, (Signed) Microsoft Corporation>[Microsoft RDP Client Control (redistributable) - version 5] {4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <C:\WINDOWS\system32\mstscax.dll, (Signed) Microsoft Corporation>[VaCom.Application] {51E88884-1306-4444-B22D-C34119E44232} <, >[] {548BF84E-9665-47F9-B635-7380F8943E90} <, >[WangWangX Class] {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <D:\Program Files\AliWangWang\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>[KuAgent2 Class] {5E77E090-96FE-4DF6-9F08-3CD1CD2C2E7A} <C:\WINDOWS\system32\desktop.dll, (Signed) www.youku.com>[] {5EC7C511-CD0F-42E6-830C-1BD9882F3458} <, >[InfoSecNetSign Class] {62B938C4-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\DOWNLO~1\NetSign.dll, N/A>[WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>[XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, Xunlei Networking Technologies,LTD>[XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >[Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>[MUWebControl Class] {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>[] {6EE9CD3E-A386-4DAE-9737-A759DBF927AE} <, >[Active Desktop Mover] {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>[] {72853161-30C5-4D22-B7F9-0BBC1D38A37E} <, >[Windows Script Host Shell Object] {72C24DD5-D70A-438B-8A42-98424B88AFB8} <C:\WINDOWS\system32\wshom.ocx, (Signed) Microsoft Corporation>[] {7369D35A-5B70-4A5B-B789-B25FE09B4AF3} <, >[Microsoft RDP Client Control (redistributable) - version 7] {7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <C:\WINDOWS\system32\mstscax.dll, (Signed) Microsoft Corporation>[AxInputControl Class] {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\InputControl.dll, >[] {7478FB63-1E75-49FC-9C06-6F38C258365A} <, >[Microsoft RDP Client Control (redistributable) - version 4] {7584c670-2274-4efb-b00b-d6aaba6d3850} <C:\WINDOWS\system32\mstscax.dll, (Signed) Microsoft Corporation>[] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <, >[] {77FEF28E-EB96-44FF-B511-3185DEA48697} <, >[] {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} <, >[GDGetVer Class] {7CCE07A5-A590-4554-B5C3-082840D7012E} <C:\WINDOWS\DOWNLO~1\ICBC_G~1.DLL, (Signed) >[] {7E853D72-626A-48EC-A868-BA8D5E23E045} <, >[XunleiBHO Class] {802F530B-A8F6-4631-AE49-6BACAAC6373E} <d:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.0.1962.dll, (Signed) 深圳市迅雷网络技术有限公司>[] {814953B0-3DE7-4171-A0DD-A7A38322B6C7} <, >[] {87515F61-A66C-4319-A0E0-D416CB8059E3} <, >[Microsoft Web Browser] {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>[迅雷下载支持] {889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\BHO\XunleiBHO7.1.0.1962.dll, (Signed) 深圳市迅雷网络技术有限公司>[XML DOM Document 4.0] {88D969C0-F192-11D4-A65F-0040963251E5} <%SystemRoot%\system32\msxml4.dll, (Signed) N/A>[XML HTTP 4.0] {88D969C5-F192-11D4-A65F-0040963251E5} <%SystemRoot%\system32\msxml4.dll, (Signed) N/A>[XML DOM Document 6.0] {88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>[XML HTTP 6.0] {88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>[AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SubmitControl.dll, >[SSOForPTLogin Class] {8FC1EE75-72B3-4A23-B987-2B1C4C8A611B} <C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOAxCtrlForPTLogin.dll, (Signed) >[Microsoft RDP Client Control (redistributable) - version 3] {9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <C:\WINDOWS\system32\mstscax.dll, (Signed) Microsoft Corporation>[] {92AB6385-AB63-4EDD-9403-E80ACC09A237} <, >[] {95B3F550-91C4-4627-BCC4-521288C52977} <, >[] {962EFB8E-2683-42D4-AC74-AAA4C759B9C6} <, >[OFrameObject Class] {9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5927.310.(504).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>[] {97F14F61-B206-4F9E-B6A4-318E80B13440} <, >[] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} <, >[] {9E30754B-29A9-41CE-8892-70E9E07D15DC} <, >[VersionDetector Class] {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.32.(504).dll, (Signed) ShenZhen Thunder Networking Technologies,Ltd.>[] {A0867FD1-79E7-456C-8B41-165A2504FD86} <, >[HallToolkit Class] {A24E6133-404F-4431-A296-2DE576FC5AEE} <C:\Program Files\Common Files\Thunder Network\XLGame\HallTool.1.0.0.5.(723).dll, (Signed) 深圳市迅雷网络技术有限公司>[APlayer Control] {A9322148-C691-4B9D-91FC-B9C461DBE9DD} <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>[Download_Bho Class] {A986E409-30CC-4185-89BB-AB212C104524} <d:\Program Files\PPLive\PPVA\DownloaderManager.dll, (Signed) PPLive Corporation>[RMGetLicense Class] {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, (Signed) Microsoft Corporation>[DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5927.310.(504).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>[] {ACBCF095-E8C0-420F-8769-2845D9B92E8A} <, >[Adobe PDF Conversion Toolbar Helper] {AE7CD045-E861-484F-8273-0445EE161910} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>[] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <, >[] {B070D3E3-FEC0-47D9-8E8A-99D4EEB3D3B0} <, >[InfoSecICBCNetSign Class] {B1FBC1AD-5644-4084-882A-0F8BA85E7506} <C:\WINDOWS\DOWNLO~1\ICBC_N~1.DLL, (Signed) Infosec Technologies Co., Ltd.>[] {B20BBFC3-88B6-44E7-8C65-A686A352F706} <, >[Office Document Cache Handler] {B4F3A835-0E21-4959-BA22-42B3008E02FF} <D:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL, (Signed) Microsoft Corporation>[] {B55AD4C1-9BB6-42A4-B5A0-E53FCFCCB2DE} <, >[] {B580CF65-E151-49C3-B73F-70B13FCA8E86} <, >[] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <, >[QQCertCtrl Class] {BAEA0695-03A4-43BB-8495-C7025E1A8F42} <C:\Program Files\Common Files\Tencent\Paycenter\qqcert.dll, (Signed) Tencent>[InfosecCCBNetSign Class] {BC96F5A4-C930-4226-ADAB-59349AE585E9} <C:\Program Files\CCBComponents\Detector\CCBNetSignCom.dll, (Signed) Infosec Technologies Co., Ltd.>[] {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <, >[] {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} <, >[FTNUpload Class] {BDEACC50-F56D-4D60-860F-CF6ED1766D65} <C:\Program Files\Common Files\Tencent\TXFTN\TXFTNActiveX.dll, (Signed) Tencent>[Windows Live 上载工具] {C2828995-4A83-4100-A212-3024BA117356} <C:\Program Files\Windows Live SkyDrive\Microsoft.Live.Folders.RichUpload.3.dll, (Signed) Microsoft Corporation>[QQPlayerCtrl Class] {CD108273-D434-43E6-AA90-1469F97EB398} <D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>[AUDIO__MID Moniker Class] {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>[AUDIO__MP3 Moniker Class] {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>[AUDIO__X_MS_WMA Moniker Class] {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>[VIDEO__X_MS_ASF Moniker Class] {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>[VIDEO__X_MS_WMV Moniker Class] {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>[WDCCBCtrl Class] {CE0460F5-48BD-4DC1-A046-0BDCB5A06CEB} <C:\WINDOWS\system32\wdccb.dll, (Signed) >[] {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} <, >[SysInfo Class] {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} <C:\Program Files\SystemRequirementsLab\srldetect_intel_4.1.66.0.dll, (Signed) Husdawg, LLC>[Microsoft Url Search Hook] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>[RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <, >[] {D18A0B52-D63C-4ED0-AFC6-C1E3DC1AF43A} <, >[Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx, (Signed) Adobe Systems, Inc.>[] {D928E486-C465-4A64-976D-F3B24BBECC69} <, >[] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <, >[PPVADetector Class] {DD0EAE53-62C1-41E3-AB56-B2620CDB3D14} <D:\Program Files\PPLive\PPVA\VActiveX.dll, (Signed) >[Microsoft Silverlight] {DFEAF541-F3E1-4C24-ACAC-99C30715084A} <C:\Program Files\Microsoft Silverlight\4.0.50917.0\npctrl.dll, (Signed) Microsoft Corporation>[PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>[] {E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC1~1.DLL, (Signed) Microsoft Corporation>[] {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >[SSOForPTLogin2 Class] {EAAED308-7322-4B9B-965E-171933ADD473} <C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOAxCtrlForPTLogin.dll, (Signed) >[TimwpDll.TimwpCheck] {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <D:\PROGRA~1\Tencent\QQ\Bin\Timwp.dll, (Signed) Tencent>[XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>[PPLive Lite Class] {EF0D1A14-1033-41A2-A589-240C01EDC078} <C:\Program Files\Internet Explorer\PPLite\plugin\pplugin2.dll, (Signed) >[] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >[SmartSelect Class] {F4971EE7-DAA0-4053-9964-665D8EE6A077} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>[XML DOM Document 3.0] {F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>[Free Threaded XML DOM Document 3.0] {F5078F33-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>[XML HTTP 3.0] {F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>[XSL Template 3.0] {F5078F36-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>[XML DOM Document] {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>[Free Threaded XML DOM Document] {F6D90F12-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>[XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>[GEPluginCoClass Object] {F9152AEC-3462-4632-8087-EEE3C3CDDA24} <C:\Program Files\Google\Google Earth\plugin\ie\5.2.1.1588\plugin_ax.dll, Google>[] {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} <, >[] {FB5DA724-162B-11D3-8B9B-AA70B4B0B524} <, >[] {FB5DA724-162B-11D3-8B9B-AA70B4B0B525} <, >[] {FB5F1910-F110-11D2-BB9E-00C04F795683} <, >[SEInterface Class] {FDAEAB93-6DC0-4A63-81C6-95C88ED36F6A} <D:\Program Files\SogouExplorer\seapi.dll, (Signed) Sohu.com Inc.>[webmod Class] {FEE3C8C5-9BEA-4079-AB36-63ECABFC7392} <D:\Program Files\AliWangWang\alidcp.dll, (Signed) Alipay.com Co.,Ltd>[Set As Messenger Live Display Picture] <C:\Program Files\MSNShell\Bin\SetMSNDP.htm, N/A>[上传到淘江湖相册] <D:\Program Files\AliWangWang\AddToAlbum.htm, N/A>[使用迅雷下载] <d:\Program Files\Thunder Network\Thunder\BHO\geturl.htm, N/A>[使用迅雷下载全部链接] <d:\Program Files\Thunder Network\Thunder\BHO\GetAllUrl.htm, N/A>[使用迅雷查看图片] <d:\Program Files\Thunder Network\Thunder\Program\repairimage.htm, N/A>[分享到淘江湖] <D:\Program Files\AliWangWang\ShareToTJH.htm, N/A>[发送至 OneNote(&N)] <res:///105, N/A>[导出到 Microsoft Excel(&X)] <res://D:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000, N/A>[将转换链接目标为 Adobe PDF] <res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>[将链接目标转换到现有的 PDF] <res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>[添加为阿里旺旺表情] <D:\Program Files\AliWangWang\AddNewEmotion.htm, N/A>[转换为 Adobe PDF] <res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html, N/A>[追加到现有的 PDF] <res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
==================================正在运行的进程[PID: 788 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)][PID: 848 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)][PID: 876 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll] [Logitech, Inc., 5.00.40] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\WINDOWS\system32\aetcsss1.dll] [A.E.T. Europe B.V., 3.0.0."1778] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\aetpkss1.dll] [A.E.T. Europe B.V., 2.3.0.15080][PID: 920 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)][PID: 932 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)][PID: 1100 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 4.00.1382.6099] [C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.12.6099] [C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.12.6099][PID: 1124 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)][PID: 1208 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159][PID: 1264 / SYSTEM][C:\Program Files\Rising\Rfw\RavMonD.exe] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Rfw\combase.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] [C:\Program Files\Rising\Rfw\cnt09.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Rfw\MonBase.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rfw\MonComm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] [C:\Program Files\Rising\Rfw\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.15] [C:\Program Files\Rising\Rfw\rfwrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\Rfw\rfwsrv.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.2] [C:\Program Files\Rising\Rfw\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\Rfw\mPorts.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Rfw\rfwdrvc.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.1] [C:\Program Files\Rising\Rfw\Rfwdrv.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.5] [C:\Program Files\Rising\Rfw\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rfw\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Rfw\RfwArp.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.5] [C:\Program Files\Rising\Rfw\urlrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\Program Files\Rising\Rfw\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Rfw\refs.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rfw\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rfw\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rfw\rfwproxy.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 73] [C:\Program Files\Rising\Rfw\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Rfw\rsindent.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11] [C:\Program Files\Rising\Rfw\taskplug.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] [C:\Program Files\Rising\Rfw\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Rfw\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Rfw\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Rfw\rstask.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Rfw\rsstub.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Rfw\urllib.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1][PID: 1288 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\windows\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159][PID: 1372 / SYSTEM][C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe] [Logitech, Inc., 5.00.40][PID: 1384 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)][PID: 1564 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)][PID: 1588 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)][PID: 1744 / SYSTEM][C:\Program Files\kingsoft\KSM\ksmsvc.exe] [, 2010,10,27,1479] [C:\Program Files\kingsoft\KSM\kdump.dll] [Kingsoft Corporation, 2010,10,11,1453] [C:\Program Files\kingsoft\KSM\kxestat.dll] [Kingsoft Corporation, 2009,11,20,309] [C:\Program Files\kingsoft\KSM\kxebase.dll] [Kingsoft Corporation, 2009,11,20,309] [C:\Program Files\kingsoft\KSM\scom.dll] [Kingsoft Corporation, 2009,11,20,309] [C:\Program Files\kingsoft\KSM\kxecore\kxelog.dll] [Kingsoft Corporation, 2009,11,20,309] [C:\Program Files\kingsoft\KSM\kxecore\kxecore.dll] [Kingsoft Corporation, 2010,5,12,402] [C:\Program Files\kingsoft\KSM\kxecore\kxestat.dll] [Kingsoft Corporation, 2009,11,20,309] [C:\Program Files\kingsoft\KSM\ksmcorex.dll] [Kingsoft Corporation, 2010,10,26,19] [C:\Program Files\kingsoft\KSM\kplugeng.dll] [Kingsoft Corporation., 1.5.2.1190] [C:\Program Files\kingsoft\KSM\ksbwsspx.dll] [Kingsoft Corporation, 2010,05,27,1072] [C:\Program Files\kingsoft\KSM\sqlite.dll] [N/A, ] [C:\Program Files\kingsoft\KSM\ksecorex.dll] [Kingsoft Corporation, 2010,09,16,1206] [C:\Program Files\kingsoft\KSM\kae\kaecore.dat] [Kingsoft Corporation, 2010,06,30,436] [C:\Program Files\kingsoft\KSM\ksmbrfix.dll] [Kingsoft Corporation, 2010,09,13,1403] [C:\Program Files\kingsoft\KSM\ksbwdet2.dll] [Kingsoft Corporation, 2010,08,26,1359] [C:\Program Files\kingsoft\KSM\kae\karchive.dat] [Kingsoft Corporation, 2010,06,30,436] [C:\Program Files\kingsoft\KSM\kae\kaearcha.dat] [Kingsoft Corporation, 2010,06,30,436] [C:\Program Files\kingsoft\KSM\kae\kaeolea.dat] [Kingsoft Corporation, 2010,03,18,77] [C:\Program Files\kingsoft\KSM\kae\kaearchb.dat] [Kingsoft Corporation, 2010,06,30,436] [C:\Program Files\kingsoft\KSM\kcldrep.dll] [Kingsoft Corporation, 2010,10,19,1467] [C:\Program Files\kingsoft\KSM\kavifr.dll] [Kingsoft Corporation, 2010,05,25,74][PID: 1784 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.6024 (xpsp_sp3_gdr.100817-1626)] [C:\WINDOWS\system32\AdobePDF.dll] [Adobe Systems Inc, 9.2.0.112] [C:\WINDOWS\system32\hppfaxprintermon5.dll] [Hewlett-Packard Company, 5, 0, 1, 6] [C:\WINDOWS\system32\HpTcpMon.dll] [Hewlett Packard, 7.01.03.031] [C:\WINDOWS\system32\HPTcpMUI.dll] [Microsoft Corporation, 7.01.03.031] [C:\WINDOWS\system32\hpzjrd01.dll] [Hewlett Packard, 2.01.00.004] [C:\WINDOWS\system32\hptcpmib.dll] [Hewlett Packard, 7.01.03.031] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp5mc.DLL] [Hewlett-Packard Corporation, 61.072.467.21] [C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\hpzpi5mc.dll] [N/A, ][PID: 1832 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)][PID: 1892 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)][PID: 2016 / SYSTEM][C:\Program Files\Firebird\Firebird_2_0\bin\fbguard.exe] [FirebirdSQL Project, WI-V2.0.3.12981] [C:\Program Files\Firebird\Firebird_2_0\bin\fbclient.dll] [FirebirdSQL Project, WI-V2.0.3.12981] [C:\Program Files\Firebird\Firebird_2_0\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4][PID: 176 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\program files\hp\digital imaging\bin\hpqddsvc.dll] [Hewlett-Packard Co., 110.0.180.000] [c:\program files\hp\digital imaging\bin\hpqddcmn.dll] [Hewlett-Packard Co., 110.0.180.000] [c:\program files\hp\digital imaging\bin\hpqcxs08.dll] [Hewlett-Packard Co., 110.0.180.000] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159][PID: 300 / SYSTEM][C:\Program Files\Google\Update\GoogleUpdate.exe] [Google Inc., 1.2.131.7] [C:\Program Files\Google\Update\1.2.183.29\goopdate.dll] [Google Inc., 1.2.183.29][PID: 328 / SYSTEM][C:\WINDOWS\system32\HZ_CommSrv.exe] [华大智宝电子系统有限公司, 1, 2, 0, 1][PID: 432 / SYSTEM][C:\WINDOWS\system32\imapi.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)][PID: 588 / SYSTEM][C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe] [Logitech Inc., 12.10.1110.0][PID: 668 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\windows\system32\hpzinw12.dll] [Hewlett-Packard, 12,1,2,54][PID: 420 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [c:\windows\system32\hpzipm12.dll] [Hewlett-Packard, 12,1,2,54][PID: 820 / DEREK][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159] [C:\WINDOWS\TEMP\logishrd\LVPrcInj02.dll] [Logitech Inc., 12.10.1110.0] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [, ] [D:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.chs] [Adobe Systems Inc., 9.1.0.2009022700\0] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 9.4.0.195] [C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.12.6099] [C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.12.6099] [C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.12.6099] [C:\Program Files\NVIDIA Corporation\nView\nvshell.dll] [, ] [D:\Program Files\WinRAR\rarext.dll] [, ] [C:\WINDOWS\system32\contmenu.dll] [N/A, ] [D:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll] [Adobe Systems Inc., 9.4.0.195] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\system32\stacapi.dll] [IDT, Inc., 1.0.20001.0][PID: 1172 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\hpxp1522.dll] [Hewlett-Packard, 6.0.0.0] [C:\WINDOWS\system32\hpptsp03.dll] [Hewlett-Packard, 2.0.0.0][PID: 1484 / SYSTEM][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe] [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll] [Watchdata, 2, 1, 1, 40] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185][PID: 3252 / DEREK][D:\Program Files\SogouInput\5.0.1.4185\sogoupinyintray.exe] [Sogou.com Inc., 5.0.1.4185] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14][PID: 3364 / DEREK][C:\Program Files\Rising\Rfw\RsTray.exe] [Beijing Rising Information Technology Co., Ltd., 22.0.0.11] [C:\Program Files\Rising\Rfw\comserv.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.15] [C:\Program Files\Rising\Rfw\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Rfw\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Rfw\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\Rfw\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Rfw\rsxml.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Rfw\MonState.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Rfw\rfwrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\Rfw\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\Program Files\Rising\Rfw\rspalvd.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.7] [C:\Program Files\Rising\Rfw\rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57] [C:\Program Files\Rising\Rfw\ravbintl.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] [C:\Program Files\Rising\Rfw\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rfw\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Rfw\rfwtray.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 39] [C:\Program Files\Rising\Rfw\ravppops.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] [C:\Program Files\Rising\Rfw\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Rfw\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Rfw\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Rfw\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.15] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14][PID: 3392 / DEREK][C:\Program Files\Logitech\SetPointP\SetPoint.exe] [Logitech, Inc., 6.10.55] [C:\Program Files\Logitech\SetPointP\khalwrapper.dll] [Logitech, Inc., 6.10.55] [C:\Program Files\Logitech\SetPointP\KemUtil.dll] [Logitech, Inc., 6.10.55] [C:\Program Files\Logitech\SetPointP\KemXML.dll] [Logitech, Inc., 6.10.55] [C:\Program Files\Logitech\SetPointP\kemutb.dll] [Logitech, Inc., 6.10.55] [C:\Program Files\Logitech\SetPointP\KemWnd.dll] [Logitech, Inc., 6.10.55] [C:\Program Files\Logitech\SetPointP\SetPointCOM.dll] [Logitech, Inc., 6.10.55] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\Program Files\Logitech\SetPointP\Macros\MacroCore.dll] [Logitech, Inc., 6.10.55] [C:\Program Files\Logitech\SetPointP\WebBrowserSupport.dll] [Logitech, Inc., 6.10.55] [C:\Program Files\Logitech\SetPointP\Macros\MacroAppSwitch.dll] [Logitech, Inc., 6.10.55] [C:\Program Files\Common Files\LogiShrd\KHAL3\KhalApi.dll] [Logitech, Inc., 5.00.40] [C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.dll] [Logitech, Inc., 5.00.40] [C:\Program Files\Logitech\SetPointP\kgame.dll] [Logitech, Inc., 6.10.55] [C:\Program Files\Logitech\SetPointP\KemMon.dll] [Logitech, Inc., 6.10.55] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14] [C:\Program Files\Logitech\SetPointP\LCabHandler.dll] [Logitech, Inc., 6.10.55] [C:\Program Files\Logitech\SetPointP\Macros\MacroEmail.dll] [Logitech, Inc., 6.10.55] [C:\Program Files\Logitech\SetPointP\Macros\MacroMedia.dll] [Logitech, Inc., 6.10.55][PID: 3432 / DEREK][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe] [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\TokenMgr.dll] [ Beijing WatchData System Co., Ltd., 3, 6, 3, 2] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDAlg.DLL] [ Beijing WatchData System C0., Ltd., 3, 5, 12, 20] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll] [Watchdata, 2, 1, 1, 40] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDPKCS.dll] [ Beijing WatchData System Co., Ltd., 3, 6, 2, 15] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDEvent.dll] [ Beijing WatchData System Co., Ltd., 3, 2, 5, 0] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14][PID: 3460 / DEREK][D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe] [Adobe Systems Inc., 9.4.0.195"] [D:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.chs] [, ] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14][PID: 3572 / DEREK][C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE] [Logitech, Inc., 5.00.40] [C:\Program Files\Common Files\LogiShrd\KHAL3\KHALAPI.DLL] [Logitech, Inc., 5.00.40] [C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.dll] [Logitech, Inc., 5.00.40] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\Program Files\Common Files\LogiShrd\KHAL3\KHALITCH.DLL] [Logitech, Inc., 5.00.40] [C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMW.DLL] [Logitech, Inc., 5.00.40] [C:\Program Files\Common Files\LogiShrd\KHAL3\KHALHPP.DLL] [Logitech, Inc., 5.00.40] [C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMOU.DLL] [Logitech, Inc., 5.00.40] [C:\Program Files\Common Files\LogiShrd\KHAL3\KHALHID.DLL] [Logitech, Inc., 5.00.40] [C:\Program Files\Common Files\LogiShrd\KHAL3\KHALUSB.DLL] [Logitech, Inc., 5.00.40] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14][PID: 3580 / DEREK][C:\Program Files\CCBComponents\HDZB\USBKeyTools.exe] [北京华大智宝电子系统有限公司, 1, 6, 0, 30] [C:\WINDOWS\system32\ccb_hdcsp.dll] [CIDC, 1, 4, 3, 42] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14][PID: 3852 / DEREK][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14][PID: 3892 / SYSTEM][C:\Program Files\Firebird\Firebird_2_0\bin\fbserver.exe] [FirebirdSQL Project, WI-V2.0.3.12981] [C:\Program Files\Firebird\Firebird_2_0\bin\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Firebird\Firebird_2_0\bin\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Firebird\Firebird_2_0\bin\icuuc30.dll] [IBM Corporation and others, 3, 0, 0, 0] [C:\Program Files\Firebird\Firebird_2_0\bin\icudt30.dll] [IBM Corporation and others, 3, 0, 0, 0] [C:\Program Files\Firebird\Firebird_2_0\bin\icuin30.dll] [IBM Corporation and others, 3, 0, 0, 0][PID: 4008 / DEREK][D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE] [Microsoft Corporation, 14.0.4757.1000] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14][PID: 284 / DEREK][D:\Program Files\PPLive\PPVA\PPLiveVA.exe] [Synacast, 0, 1, 1, 5] [D:\Program Files\PPLive\PPVA\PPVA.DLL] [PPLive Corporation, 0, 1, 5, 19078] [D:\Program Files\PPLive\PPVA\CommonModule.dll] [, 0, 1, 5, 18] [D:\Program Files\PPLive\PPVA\NetTools.dll] [, 1.0.0.2] [D:\Program Files\PPLive\PPVA\plugMng.dll] [PPLive Corporation, 1, 5, 0, 16790] [D:\Program Files\PPLive\PPVA\PPVADlg.dll] [PPLive Corporation, 0, 1, 5, 17962] [D:\Program Files\PPLive\PPVA\TipsClient.dll] [, 1, 0, 2, 3] [D:\Program Files\PPLive\PPVA\FloatWin.dll] [PPLive Corporation, 1, 0, 0, 17709] [D:\Program Files\PPLive\PPVA\FlashWinCenter.dll] [Synacast, 1.0.0.14] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159][PID: 1704 / DEREK][C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe] [PPLive Corporation, 2, 3, 0, 4] [C:\Program Files\Common Files\PPLiveNetwork\MngModule.dll] [, 1, 7, 0, 28] [C:\Program Files\Common Files\PPLiveNetwork\uilib.dll] [PPLive Corporation, 2, 5, 0, 3000] [C:\Program Files\Common Files\PPLiveNetwork\kernel\sop.dll] [PPLive Corporation, 1, 1, 0, 17961] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159] [C:\Program Files\Common Files\PPLiveNetwork\kernel\live\live.dll] [Synacast, 1, 3, 1, 4] [C:\Program Files\Common Files\PPLiveNetwork\TipsClient.dll] [, 1, 0, 2, 3] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14] [C:\Program Files\Common Files\PPLiveNetwork\kernel\peer.dll] [Synacast, 1, 5, 4, 9][PID: 3140 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)][PID: 3688 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)][PID: 6108 / DEREK][D:\Program Files\Tencent\QQ\Bin\QQ.exe] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\Common.dll] [Tencent, 1, 50, 1720, 0] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [D:\Program Files\Tencent\QQ\Bin\KernelUtil.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\GF.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\xGraphic32.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\AFUtil.dll] [Tencent, 1, 50, 1720, 0] [C:\WINDOWS\TEMP\logishrd\LVPrcInj02.dll] [Logitech Inc., 12.10.1110.0] [D:\Program Files\Tencent\QQ\Bin\LoginPanel.dll] [Tencent, 1, 50, 1720, 0] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [D:\Program Files\Tencent\QQ\Bin\IM.dll] [Tencent, 1, 50, 1720, 0] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14] [D:\Program Files\Tencent\QQ\Bin\TaskTray.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\AppUtil.dll] [Tencent, 1, 50, 1720, 0] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159] [D:\Program Files\Tencent\QQ\Bin\BasicCtrlDll.dll] [TENCENT, 8,0,773,1801] [D:\Program Files\Tencent\QQ\Bin\MainFrame.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\AppFramework.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\SkinMgr.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PayCenter\Bin\PayCenter.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQVipMisc\Bin\QQVipMisc.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.NetBar\Bin\NetBar.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.VAS\Bin\VAS.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Wireless\Bin\Wireless.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQShow\Bin\QQShow.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.CRM\Bin\CRM.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Soso\Bin\Soso.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Advertisement\Bin\Advertisement.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Memo\Bin\Memo.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQVip\Bin\QQVip.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQGame\Bin\QQGame.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Mail\Bin\Mail.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll] [Tencent, 1.50.1720.0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.SNSApp\Bin\SNSApp.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.WenWen\Bin\WenWen.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQPet\Bin\QQPet.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QBar\Bin\QBar.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.qqwebsite\Bin\qqwebsite.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.bookmark\Bin\bookmark.dll] [Tencent, 1, 50, 1720, 0] [C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll] [Tencent, 1.2.1.10] [C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL] [Tencent, 1.2.1.6] [D:\Program Files\Tencent\QQ\Bin\AFCtrl.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\SystemMsg.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\ConfigCenter.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\ChatFrameApp.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\QInterLive.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\GroupApp.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\AppMisc.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\Contacts.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\InformationBox.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\ContactInfoFrame.dll] [Tencent, 1, 50, 1720, 0] [C:\WINDOWS\system32\msdmo.dll] [, ] [D:\Program Files\Tencent\QQ\Bin\WBlog.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\MsgMgr.dll] [Tencent, 1, 50, 1720, 0] [C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx] [Adobe Systems, Inc., 10,1,53,64] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.gamelife\Bin\GameLife.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.today\Bin\Today.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqring\Bin\QQRing.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\vqqsdl.dll] [Tencent, 5, 0, 3, 24] [D:\Program Files\Tencent\QQ\Bin\LongCnn.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\CustomFace.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\AddrSearch.dll] [Tencent, 2, 3, 12, 11] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.taotao\Bin\taotao.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Bin\KernelMisc.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.sobar\Bin\SoBar.dll] [Tencent, 1, 50, 1720, 0] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.winks\Bin\Winks.dll] [Tencent, 1, 50, 1720, 0][PID: 2900 / DEREK][D:\Program Files\Tencent\QQ\Bin\TXPlatform.exe] [Tencent, 1, 50, 1720, 0] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159][PID: 4848 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE] [Microsoft Corporation, 14.0.4734.1000][PID: 4212 / NETWORK SERVICE][C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE] [Microsoft Corporation, 14.0.0370.400 (longhorn(wmbla).090811-1833)][PID: 4244 / DEREK][C:\WINDOWS\system32\conime.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14][PID: 5428 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)][PID: 4220 / DEREK][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14][PID: 2732 / DEREK][D:\Program Files\Thunder Network\Thunder\Program\Thunder.exe] [深圳市迅雷网络技术有限公司, 7,1,0,1962] [D:\Program Files\Thunder Network\Thunder\Program\XLUE.dll] [深圳市迅雷网络技术有限公司, 0.8.1.106] [D:\Program Files\Thunder Network\Thunder\Program\XLGraphic.dll] [深圳市迅雷网络技术有限公司, 0.8.1.106] [D:\Program Files\Thunder Network\Thunder\Program\libpng13.dll] [, 1.2.38] [D:\Program Files\Thunder Network\Thunder\Program\zlib1.dll] [, 1.2.3] [D:\Program Files\Thunder Network\Thunder\Program\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\Program Files\Thunder Network\Thunder\Program\minizip.dll] [N/A, ] [D:\Program Files\Thunder Network\Thunder\Program\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\Program Files\Thunder Network\Thunder\Program\XLLuaRuntime.dll] [深圳市迅雷网络技术有限公司, 0.8.1.106] [D:\Program Files\Thunder Network\Thunder\Program\libexpat.dll] [N/A, ] [D:\Program Files\Thunder Network\Thunder\Program\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [D:\Program Files\Thunder Network\Thunder\Program\DownloadKernel.dll] [深圳市迅雷网络技术有限公司, 7,1,0,1962] [D:\Program Files\Thunder Network\Thunder\Program\sqlite3.dll] [, 3, 6, 22, 0] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [D:\Program Files\Thunder Network\Thunder\Program\xl_data.dll] [深圳市迅雷网络技术有限公司, 1, 11, 5, 32] [D:\Program Files\Thunder Network\Thunder\Program\asyn_download_interface.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 36] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14] [D:\Program Files\Thunder Network\Thunder\Program\tp_proxy.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 17] [D:\Program Files\Thunder Network\Thunder\Program\XLUserAX.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 33] [D:\Program Files\Thunder Network\Thunder\Addins\Community\XLCPAddinManager.dll] [TODO: <Company name>, 1, 0, 2, 18] [D:\Program Files\Thunder Network\Thunder\Program\xl_client.dll] [深圳市迅雷网络技术有限公司, 1, 11, 2, 29] [D:\Program Files\Thunder Network\Thunder\Program\asyn_frame.dll] [深圳市迅雷网络技术有限公司, 1, 5, 2, 40] [D:\Program Files\Thunder Network\Thunder\Program\dl_uac_tool.dll] [N/A, ] [D:\Program Files\Thunder Network\Thunder\Program\mp.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 9] [D:\Program Files\Thunder Network\Thunder\Addins\RJCK\RJCK.dll] [TODO: <公司名>, 1.0.0.9] [D:\Program Files\Thunder Network\Thunder\Program\SuperDownloadInfo.dll] [深圳市迅雷网络技术有限公司, 7,1,0,1962] [D:\Program Files\Thunder Network\Thunder\Program\dl_peer_id.dll] [深圳市迅雷网络技术有限公司, 3, 2, 2, 16] [D:\Program Files\Thunder Network\Thunder\Program\xl_stat_client.dll] [深圳市迅雷网络技术有限公司, 1.1.0.50] [D:\Program Files\Thunder Network\Thunder\Addins\UUAddin\UUAddin.dll] [Thunder Networking Technologies,LTD, 1.0.2.9] [D:\Program Files\Thunder Network\Thunder\Program\UpdateCtrl.dll] [深圳市迅雷网络技术有限公司, 2, 9, 2, 225] [D:\Program Files\Thunder Network\Thunder\Addins\DoctorAddin\DoctorAddin.dll] [深圳市迅雷网络技术有限公司, 1.0.1.59] [D:\Program Files\Thunder Network\Thunder\XLDoctor\7.1.0.1962_1\Program\XLDoctor.dll] [深圳市迅雷网络技术有限公司, 1.0.1.61] [C:\WINDOWS\system32\aetsprov.dll] [A.E.T. Europe B.V., 2.3.0.9] [D:\Program Files\Thunder Network\Thunder\Addins\InMediaAddin\iEmbed.dll] [Thunder Networking Technologies,LTD, 4, 0, 1, 14] [D:\Program Files\Thunder Network\Thunder\XLDoctor\7.1.0.1962_1\Program\tp_proxy.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 17] [C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx] [Adobe Systems, Inc., 10,1,53,64] [D:\Program Files\Thunder Network\Thunder\XLDoctor\7.1.0.1962_1\Program\Update.dll] [深圳市迅雷网络技术有限公司, 1.0.1.61][PID: 1824 / DEREK][c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\thunderplatform.exe] [深圳市迅雷网络技术有限公司, 1, 1, 2, 33] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\minizip.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\zlib1.dll] [, 1.2.3] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\XLBugHandler.dll] [深圳市迅雷网络技术有限公司, 2, 2, 0, 7] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\dl_uac_tool.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\download_engine.dll] [深圳市迅雷网络技术有限公司, 3, 5, 2, 385] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\mp.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 9] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\XLCrypto.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\asyn_frame.dll] [深圳市迅雷网络技术有限公司, 1, 5, 2, 40] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\ts.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 10] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\backend_agent.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 44] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\ptl.dll] [深圳市迅雷网络技术有限公司, 3, 3, 2, 95] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\dl_peer_id.dll] [深圳市迅雷网络技术有限公司, 3, 2, 2, 16] [C:\Documents and Settings\All Users\Application Data\Thunder Network\ThunderPlatform\ThunderPlatform_1.1.2.33_1110_a\Components\DownloadLibDll\md_p_1.0.234\xl_stat.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 9] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\fs.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 26] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\ta.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 34] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\xl_data.dll] [深圳市迅雷网络技术有限公司, 1, 11, 5, 32] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\XLLuaRuntime.dll] [深圳市迅雷网络技术有限公司, 0.8.1.106] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\libexpat.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\xl_client.dll] [深圳市迅雷网络技术有限公司, 1, 11, 2, 29] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\p2p_upload.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 20] [C:\Documents and Settings\All Users\Application Data\Thunder Network\ThunderPlatform\ThunderPlatform_1.1.2.33_1110_a\Components\DownloadLibDll\md_p_1.0.234\dphubt.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 40] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\p2p.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 116] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\stream.dll] [深圳市迅雷网络技术有限公司, 2, 1, 2, 1135] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\p2sp.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 132] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\down_dispatcher.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 69] [C:\Documents and Settings\All Users\Application Data\Thunder Network\ThunderPlatform\ThunderPlatform_1.1.2.33_1110_a\Components\DownloadLibDll\md_p_1.0.234\member_stat.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 9] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\al.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 79] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\xlnet_manager.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 34] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\UACTool.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\p2p_local_res.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 28] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\media_data.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 12] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\dtnet.dll] [深圳市迅雷网络技术有限公司, 1.0.1.13] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\sl.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 8] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\task_report.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 7] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\module_downloader.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 18] [c:\program files\common files\thunder network\tp\ver1\1.1.2.33_1110\mini_unzip_dll.dll] [N/A, ] [C:\Documents and Settings\All Users\Application Data\Thunder Network\ThunderPlatform\ThunderPlatform_1.1.2.33_1110_a\Components\DownloadLibDll\md_p_1.0.234\bd.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 26][PID: 4272 / DEREK][D:\Program Files\SogouExplorer\SogouExplorer.exe] [, ] [C:\WINDOWS\TEMP\logishrd\LVPrcInj02.dll] [Logitech Inc., 12.10.1110.0] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14] [D:\Program Files\SogouExplorer\sogounet.dll] [Sogou.com Inc., 1.0.3.37] [D:\Program Files\SogouExplorer\video_acc.dll] [Sogou.com Inc, 1, 0, 2, 44] [D:\Program Files\SogouExplorer\pxpnet.dll] [Sohu.com Inc., 1, 0, 0, 31] [D:\Program Files\SogouExplorer\ShareClient.dll] [Sogou.com Inc., 1.0.0.34] [D:\Program Files\SogouExplorer\SoDaLib.dll] [Sohu.com Inc., 1, 3, 0, 13] [D:\Program Files\SogouExplorer\p4pshare.dll] [Sohu.com Inc., 1, 0, 0, 27] [D:\Program Files\PPLive\PPVA\FloatWin.dll] [PPLive Corporation, 1, 0, 0, 17709] [D:\Program Files\SogouExplorer\Dialog.dll] [, ] [C:\WINDOWS\system32\aetsprov.dll] [A.E.T. Europe B.V., 2.3.0.9] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4][PID: 5704 / DEREK][D:\Program Files\SogouExplorer\SogouExplorer.exe] [, ] [C:\WINDOWS\TEMP\logishrd\LVPrcInj02.dll] [Logitech Inc., 12.10.1110.0] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [D:\Program Files\SogouExplorer\WebkitCore.dll] [Sogou.com, 2, 0, 0, 91] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14][PID: 232 / DEREK][D:\Program Files\SogouExplorer\SogouExplorer.exe] [, ] [C:\WINDOWS\TEMP\logishrd\LVPrcInj02.dll] [Logitech Inc., 12.10.1110.0] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [D:\Program Files\SogouExplorer\WebkitCore.dll] [Sogou.com, 2, 0, 0, 91] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14] [D:\Program Files\SogouExplorer\DialogCore.dll] [, ][PID: 148 / SYSTEM][C:\WINDOWS\system32\msiexec.exe] [(Verified) Microsoft Corporation, 4.5.6001.22159 (vistasp1_ldr.080415-1732)] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159][PID: 5644 / DEREK][D:\TDDOWNLOAD\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.8.2.1321][PID: 568 / DEREK][D:\TDDOWNLOAD\sreng2\SREb98bca30.EXE] [Smallfrogs Studio, 2.8.2.1321] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 5.0.1.4185] [C:\Program Files\Common Files\PPLiveNetwork\kernel\VAProxyD.dll] [PPLive Corporation, 2, 0, 0, 14] [D:\TDDOWNLOAD\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\WINDOWS\system32\aetsprov.dll] [A.E.T. Europe B.V., 2.3.0.9] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
==================================文件关联.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1].EXE OK. ["%1" %*].COM OK. ["%1" %*].PIF OK. ["%1" %*].REG OK. [regedit.exe "%1"].BAT OK. ["%1" %*].SCR OK. ["%1" /S].CHM OK. ["C:\WINDOWS\hh.exe" %1].HLP OK. [%SystemRoot%\system32\winhlp32.exe %1].INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1].INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1].VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*].JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*].LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================Winsock 提供者N/A
==================================Autorun.infN/A
==================================HOSTS 文件127.0.0.1 3929.cn127.0.0.1 aaa.369678.cn127.0.0.1 about-blank.cc127.0.0.1 anjdyazj.cn127.0.0.1 caiyi8.com127.0.0.1 hao.allxun.com127.0.0.1 kzxf.com127.0.0.1 scvip.com127.0.0.1 vod.mmdy.org127.0.0.1 www.123wa.com127.0.0.1 www.369678.cn127.0.0.1 www.3929.cn127.0.0.1 www.4199.com127.0.0.1 www.71791.com127.0.0.1 www.7939.com127.0.0.1 www.9505.com127.0.0.1 www.anjdyazj.cn127.0.0.1 www.caiyi8.com127.0.0.1 www.feixue.net127.0.0.1 www.kzxf.com127.0.0.1 www.my123.com127.0.0.1 www.piaoxue.com127.0.0.1 www.qq5.com127.0.0.1 www.scvip.com127.0.0.1 www.xfkz.com127.0.0.1 xfkz.com
==================================进程特权扫描特殊特权被允许: SeLoadDriverPrivilege [PID = 1484, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDKEYMONITORCCB.EXE]特殊特权被允许: SeLoadDriverPrivilege [PID = 3432, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDCERTM_CCB.EXE]特殊特权被允许: SeLoadDriverPrivilege [PID = 3580, C:\PROGRAM FILES\CCBCOMPONENTS\HDZB\USBKEYTOOLS.EXE]
==================================计划任务[已启用] SogouImeMgr.job D:\PROGRA~1\SOGOUI~1\501~1.418\SGTool.exe [已禁用] GoogleUpdateTaskMachineUA.job C:\Program Files\Google\Update\GoogleUpdate.exe [已禁用] GoogleUpdateTaskMachineCore.job C:\Program Files\Google\Update\GoogleUpdate.exe
==================================Windows 安全更新检查KB940157, 用于 Windows XP 的 Windows 搜索 4.0 (KB940157) KB951847, Microsoft .NET Framework 3.5 Service Pack 1 (KB951847) x86 语言包 KB976569, 用于 Windows Server 2003 和 Windows XP x86 的 Microsoft .NET Framework 2.0 Service Pack 2 更新程序 (KB976569) KB982168, 用于 Windows Server 2003 和 Windows XP x86 的 Microsoft .NET Framework 3.5 SP1 更新程序 (KB982168) KB979909, 用于 Windows 2000、Windows Server 2003 和 Windows XP x86 的 Microsoft .NET Framework 3.5 SP1 和 .NET Framework 2.0 SP2 安全更新程序 (KB979909) MS10-041KB983583, 用于 Windows Server 2003 和 Windows XP x86 的 .NET Framework 2.0 SP2 和 3.5 SP1 安全更新程序 (KB983583) MS10-060KB2202188, Microsoft Office 2010 更新 (KB2202188) 32 位版本 KB982670, 用于 Windows XP x86 的 Microsoft .NET Framework 4 Client Profile (KB982670) KB982671, 用于 Windows XP x86 的 Microsoft .NET Framework 4 (KB982671) KB2288640, Microsoft OneNote 2010 更新 (KB2288640),32 位版本 KB2289116, Outlook Social Connector 更新 (KB2289116) 32 位版本 KB2362765, 用于 Windows XP 的 Internet Explorer 8 兼容性视图列表的更新程序 (KB2362765) KB982726, Microsoft Office 2010 定义更新 (KB982726) 32 位版本 KB2345000, Microsoft Word 2010 安全更新 (KB2345000) 32 位版本 MS10-079KB2418241, 用于 Windows Server 2003 和 Windows XP x86 的 Microsoft .NET Framework 2.0 SP2 和 3.5 SP1 安全更新程序 (KB2418241) MS10-070KB931125, 根证书更新 [2010 年 10 月] (KB931125)
==================================API HOOKN/A
==================================隐藏进程 [5828] C:\WINDOWS\system32\wuauclt.exe
==================================
