求电脑高手帮忙看看 系统报告
[CODE]2008-09-06,14:27:52
System Repair Engineer 2.6.12.1018
Smallfrogs ([url]http://www.KZTechs.com[/url])
Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SoundMan><SOUNDMAN.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
<avgnt><"C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe" /min /nosplash> [Avira GmbH]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher]
==================================
启动文件夹
[宽带连接]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\宽带连接.lnk --> [File is missing]><N>
==================================
服务
[Avira AntiVir Premium MailGuard / AntiVirMailService][Stopped/Disabled]
<"C:\Program Files\Avira\AntiVir PersonalEdition Premium\avmailc.exe"><Avira GmbH>
[Avira AntiVir Premium Scheduler / AntiVirScheduler][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe"><Avira GmbH>
[Avira AntiVir Premium Guard / AntiVirService][Running/Auto Start]
<"C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe"><Avira GmbH>
[Avira AntiVir Premium WebGuard / antivirwebservice][Stopped/Disabled]
<"C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVWEBGRD.EXE"><Avira GmbH>
[Avira AntiVir Premium MailGuard helper service / AVEService][Stopped/Disabled]
<"C:\Program Files\Avira\AntiVir PersonalEdition Premium\avesvc.exe"><Avira GmbH>
[Google Updater Service / gusvc][Stopped/Manual Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter / AN983][Running/Manual Start]
<system32\DRIVERS\AN983.sys><ADMtek Incorporated.>
[avgio / avgio][Running/System Start]
<\??\C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Manual Start]
<\??\C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
<system32\DRIVERS\avipbb.sys><Avira GmbH>
[GMSIPCI / GMSIPCI][Stopped/Manual Start]
<\??\G:\INSTALL\GMSIPCI.SYS><N/A>
[MSICPL / MSICPL][Stopped/Manual Start]
<\??\G:\install4\MSICPL.sys><N/A>
[NTACCESS / NTACCESS][Stopped/Manual Start]
<\??\G:\NTACCESS.sys><N/A>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[PnpWmkDrv / PnpWmkDrv][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys><Windows (R) 2000 DDK provider>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SetupNTGLM7X / SetupNTGLM7X][Stopped/Manual Start]
<\??\G:\NTGLM7X.sys><N/A>
[ssmdrv / ssmdrv][Running/System Start]
<system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
==================================
浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Google Toolbar Helper]
{AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, (Signed) Google Inc.>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[启动迅雷5]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <C:\Program Files\Thunder Network\Thunder\Thunder.exe, Thunder Networking Technologies,LTD>
[工行工具栏]
{A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} <C:\Program Files\中国工商银行\工行IE浏览器安全插件\IcbcToolBar.dll, 中国工商银行>
[]
{381FFDE8-2394-4f90-B10D-FC6124A40F8C} <, >
[&Google]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[工行工具栏]
{DBAC56F9-1623-425F-BC03-EB2602F423A0} <C:\Program Files\中国工商银行\工行IE浏览器安全插件\IcbcToolBar.dll, 中国工商银行>
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[PhotoDraw Class]
{2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} <D:\腾讯QQ2008 传美正式版 5.0.2\qq\Qzone\QQPhotoDraw.dll, (Signed) TENCENT>
[EditCtrl Class]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[]
{9C3C2C08-C494-4F52-AE94-85156A447D43} <, >
[Google Script Object]
{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[]
{18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <, >
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\pta.dll, (Signed) >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>
[&Google]
{2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[PhotoDraw Class]
{2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} <D:\腾讯QQ2008 传美正式版 5.0.2\qq\Qzone\QQPhotoDraw.dll, (Signed) TENCENT>
[UUUpgrade Control]
{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B} <C:\PROGRA~1\COMMON~1\uusee\UUUPGR~1.OCX, (Signed) UUSSE>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[]
{381FFDE8-2394-4F90-B10D-FC6124A40F8C} <, >
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[EditCtrl Class]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, (Signed) >
[PowerPlayer Control]
{5EC7C511-CD0F-42E6-830C-1BD9882F3458} <D:\pps\PPStream\110~1.261\POWERP~1.DLL, (Signed) PPStream Inc.>
[]
{5F8B816C-8794-4A1E-A506-28C2CF63B432} <, >
[XMP Class]
{6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[XDRM]
{693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[WangWangObj Class]
{6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <E:\阿里旺旺\WangWang\WangWangX6.dll, (Signed) 阿里巴巴软件(上海)有限公司>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL, >
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin17.dll, Thunder Networking Technologies,LTD>
[]
{8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} <, >
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, (Signed) 360.cn>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL, >
[]
{9C3C2C08-C494-4F52-AE94-85156A447D43} <, >
[]
{A26ABCF0-1C8F-46E7-A67C-0489DC21B9CC} <, >
[Google Toolbar Helper]
{AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, (Signed) Google Inc.>
[DapCtrl Class]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5803.60.(509).dll, ShenZhen Thunder Networking Technologies Ltd.>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, (Signed) Google Inc.>
[SearchAssistantOC]
{B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, (Signed) 360.CN>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, (Signed) Microsoft Corporation>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
{CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash.ocx, (Signed) Adobe Systems, Inc.>
[工行工具栏]
{DBAC56F9-1623-425F-BC03-EB2602F423A0} <C:\Program Files\中国工商银行\工行IE浏览器安全插件\IcbcToolBar.dll, 中国工商银行>
[UpdateC2 Control]
{DC7094C6-8F61-42ED-AECE-63F5EEF647C5} <C:\PROGRA~1\COMMON~1\uusee\updateC2.ocx, (Signed) uusee.com>
[PasswordEditCtrl Class]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, (Signed) 腾讯科技(深圳)有限公司>
[Thunder DapPlayer]
{EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.5712.71.508.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.0.0.181.(509).dll, Xunlei Networking Technologies,LTD>
[使用UUSee下载]
<C:\Program Files\uusee\geturltodown.htm, N/A>
[使用UUSee加速播放]
<C:\Program Files\uusee\geturltoplay.htm, N/A>
[使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[添加到QQ表情]
<D:\腾讯QQ2008 传美正式版 5.0.2\qq\AddEmotion.htm, N/A> ==================================
正在运行的进程
[PID: 452 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 508 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 532 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 576 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 588 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 748 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 792 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 868 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 924 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 944 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1124 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1276 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005]
[C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29]
[C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
[C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
[PID: 1284 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Premium\sched.exe] [Avira GmbH, 8.00.00.16]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\schedr.dll] [Avira GmbH, 8.00.03.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\avevtlog.dll] [Avira GmbH, 8.00.00.16]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\sqlite3.dll] [, 3.3.17.1]
[PID: 1484 / Administrator][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5.1.0.30]
[PID: 1492 / Administrator][C:\Program Files\360safe\safemon\360tray.exe] [奇虎网, 5, 0, 0, 1002]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005]
[C:\Program Files\360safe\safemon\SafeKrnl.dll] [奇虎网, 4, 3, 0, 1003]
[C:\Program Files\360safe\AntiAdwa.dll] [360Safe.com, 4, 2, 0, 1001]
[C:\Program Files\360safe\live.dll] [360.cn, 1, 0, 1, 1028]
[PID: 1500 / Administrator][C:\Program Files\Avira\AntiVir PersonalEdition Premium\avgnt.exe] [Avira GmbH, 8.00.70.02]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\cclib.dll] [Avira GmbH, 8.00.70.05]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005]
[c:\program files\avira\antivir personaledition premium\ccgen.dll] [Avira GmbH, 8.00.70.03]
[c:\program files\avira\antivir personaledition premium\ccgenrc.dll] [Avira GmbH, 8.00.70.00]
[c:\program files\avira\antivir personaledition premium\ccguard.dll] [Avira GmbH, 8.00.70.04]
[c:\program files\avira\antivir personaledition premium\ccgrdrc.dll] [Avira GmbH, 8.00.72.00]
[c:\program files\avira\antivir personaledition premium\avipc.dll] [Avira GmbH, 1.0.6.0]
[c:\program files\avira\antivir personaledition premium\ccupdate.dll] [Avira GmbH, 8.00.70.02]
[c:\program files\avira\antivir personaledition premium\ccupdrc.dll] [Avira GmbH, 8.00.70.00]
[c:\program files\avira\antivir personaledition premium\cclic.dll] [Avira GmbH, 8.00.70.04]
[c:\program files\avira\antivir personaledition premium\cclicrc.dll] [Avira GmbH, 8.00.70.00]
[c:\program files\avira\antivir personaledition premium\ccmsg.dll] [Avira GmbH, 8.00.00.06]
[PID: 1512 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005]
[PID: 1536 / SYSTEM][C:\Program Files\Avira\AntiVir PersonalEdition Premium\avguard.exe] [Avira GmbH, 8.00.01.27]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\avevtlog.dll] [Avira GmbH, 8.00.00.16]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\guardmsg.dll] [Avira GmbH, 8.00.08.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\sqlite3.dll] [, 3.3.17.1]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVPREF.DLL] [Avira GmbH, 8.00.02.00]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\SMTPLIB.DLL] [Avira GmbH, 1.02.00.23]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\AVGIO.DLL] [Avira GmbH, 8.00.01.03]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\aecore.dll] [Avira GmbH, 8.1.1.11]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\aevdf.dll] [Avira GmbH, 8.1.0.5]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\aescript.dll] [Avira GmbH, 8.1.0.70]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\aescn.dll] [Avira GmbH, 8.1.0.23]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\aerdl.dll] [Avira GmbH, 8.1.1.1]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\aepack.dll] [Avira GmbH, 8.1.2.1]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\unacev2.dll] [N/A, ]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\aeoffice.dll] [Avira GmbH, 8.1.0.23]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\aeheur.dll] [Avira GmbH, 8.1.0.51]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\aehelp.dll] [Avira GmbH, 8.1.0.15]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\aegen.dll] [Avira GmbH, 8.1.0.36]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\aeemu.dll] [Avira GmbH, 8.1.0.7]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\aebb.dll] [Avira GmbH, 8.1.0.1]
[C:\Program Files\Avira\AntiVir PersonalEdition Premium\avipc.dll] [Avira GmbH, 1.0.6.0]
[PID: 324 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 444 / Administrator][D:\Opera白菜版@080901\operaEz\Opera.exe] [Opera Software, 10414]
[D:\Opera白菜版@080901\operaEz\Opera.dll] [Opera Software, 10414]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1844 / Administrator][D:\2.6.12.1018 版本\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.6.12.1018]
[PID: 1680 / Administrator][D:\2.6.12.1018 版本\sreng2\SRE27c81728.EXE] [Smallfrogs Studio, 2.6.12.1018]
[C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 2, 0, 1005]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\sfc_os.dll] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\2.6.12.1018 版本\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
127.0.0.1 858656.com
127.0.0.1 my123.com
127.0.0.1 8749.com
127.0.0.1 4199.com
127.0.0.1 7379.com
127.0.0.1 7255.com
127.0.0.1 3448.com
127.0.0.1 7939.com
127.0.0.1 8009.com
127.0.0.1 piaoxue.com
127.0.0.1 kzdh.com
127.0.0.1 about.blank.la
127.0.0.1 6781.com
127.0.0.1 7322.com
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 532, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1284, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION PREMIUM\SCHED.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1500, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION PREMIUM\AVGNT.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1536, C:\PROGRAM FILES\AVIRA\ANTIVIR PERSONALEDITION PREMIUM\AVGUARD.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 444, D:\OPERA白菜版@080901\OPERAEZ\OPERA.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1844, D:\2.6.12.1018 版本\SRENG2\SRENGLDR.EXE]
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
[/CODE] 日志没问题。[:xi13:] 日志确实没问题,请描述下症状。
页:
[1]