自动弹出网页然后迅速消失（附日志） bbs.ikaka.com

m761535 - 2009-6-8 20:06:00

附件: SREngLOG.log (2009-6-9 13:16:58, 67.10 K)
该附件被下载次数 353

电脑总是突然弹出一个网页，马上就消失，大概也就１秒的时间．弹出的网页也只在下面，连是什么东西都看不清楚就消失了．

百度了下发现人家都说是可能中病毒了。但又杀不出东西来。

附上日志。。希望大侠们帮忙分析一下...感激！

2009-06-08,19:46:21
System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)
Windows Vista Ultimate Edition Service Pack 1 (Build 6001) - 管理权限用户 - 完整功能
以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
API HOOK
隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<Sidebar><C:\Program Files\Windows Sidebar\sidebar.exe /autoRun> [(Verified)Microsoft Windows]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<Windows Defender><%ProgramFiles%\Windows Defender\MSASCui.exe -hide> [(Verified)Microsoft Windows]
<NvCplDaemon><RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<NvMediaCenter><RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<AVP><"D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"> [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows]
<Userinit><C:\Windows\system32\userinit.exe,> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WebCheck><C:\Windows\System32\webcheck.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><C:\Windows\system32\klogon.dll> [(Verified)Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows]
<{E31004D1-A431-41B8-826F-E902F9D95C81}><%SystemRoot%\System32\DreamScene.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<Browser Customizations><"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
<Windows Ultimate Extras><%SystemRoot%\system32\soundschemes.exe /AddRegistration> [Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer><C:\Windows\system32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
<Windows Ultimate Extras><%SystemRoot%\system32\soundschemes2.exe /AddRegistration> [Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSAVE.EXE><C:\Windows\system32\logon.scr> [(Verified)Microsoft Windows]
==================================
启动文件夹
[QQ游戏启动加速程序]
<C:\Users\miaolei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\QQ游戏启动加速程序.lnk --> D:\PROGRA~1\腾讯游戏\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
[QQ游戏启动加速程序]
<C:\Users\miaolei\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\QQ游戏启动加速程序.lnk --> D:\PROGRA~1\腾讯游戏\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
==================================
服务
[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
<"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"><Apple Inc.>
[Kaspersky Internet Security / AVP][Running/Auto Start]
<"D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" -r><Kaspersky Lab>
[Bonjour 服务 / Bonjour Service][Running/Auto Start]
<"C:\Program Files\Bonjour\mDNSResponder.exe"><Apple Inc.>
[Contrl Center of Storm Media / ccosm][Running/Auto Start]
<D:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>
[iPod 服务 / iPod Service][Stopped/Manual Start]
<"C:\Program Files\iPod\bin\iPodService.exe"><Apple Inc.>
[NVIDIA Display Driver Service / nvsvc][Running/Auto Start]
<C:\Windows\system32\nvvsvc.exe><NVIDIA Corporation>
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
<"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia.>
[Ulead Burning Helper / UleadBurningHelper][Running/Auto Start]
<C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe><Ulead Systems, Inc.>
[WDelMgr20 / WDelMgr20][Running/Auto Start]
<C:\Windows\system32\drivers\WDelMgr20.exe><N/A>
==================================
驱动程序
[ADI UAA Function Driver for High Definition Audio Service / ADIHdAudAddService][Running/Manual Start]
<system32\drivers\ADIHdAud.sys><Analog Devices, Inc.>
[adp94xx / adp94xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
<\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
<\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[arc / arc][Stopped/Disabled]
<\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
<\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
<\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Disabled]
<\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
<system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[elxstor / elxstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[GEAR ASPI Filter Driver / GEARAspiWDM][Running/Manual Start]
<system32\DRIVERS\GEARAspiWDM.sys><GEAR Software Inc.>
[HpCISSs / HpCISSs][Stopped/Disabled]
<\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
<\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Disabled]
<\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
<system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[kl1 / kl1][Running/System Start]
<system32\DRIVERS\kl1.sys><Kaspersky Lab>
[Kaspersky Lab Boot Guard Driver / klbg][Running/Boot Start]
<\SystemRoot\system32\drivers\klbg.sys><Kaspersky Lab>
[Kaspersky Lab KLFltDev / KLFLTDEV][Running/Manual Start]
<system32\DRIVERS\klfltdev.sys><Kaspersky Lab>
[Kaspersky Lab Driver / KLIF][Running/System Start]
<system32\DRIVERS\klif.sys><Kaspersky Lab>
[Kaspersky Anti-Virus NDIS 6 Filter / KLIM6][Running/System Start]
<system32\DRIVERS\klim6.sys><Kaspersky Lab>
[LSI_FC / LSI_FC][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
<\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[megasas / megasas][Stopped/Disabled]
<\SystemRoot\system32\drivers\megasas.sys><LSI Corporation>
[MegaSR / MegaSR][Stopped/Disabled]
<\SystemRoot\system32\drivers\megasr.sys><LSI Corporation, Inc.>
[Motorola Inc. USB Device / MotDev][Stopped/Manual Start]
<system32\DRIVERS\motodrv.sys><Motorola Inc>
[Motorola USB CDC ACM Driver / motmodem][Stopped/Manual Start]
<system32\DRIVERS\motmodem.sys><Motorola>
[Mraid35x / Mraid35x][Stopped/Disabled]
<\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[nfrd960 / nfrd960][Stopped/Disabled]
<\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[Nokia USB Phone Parent / nmwcd][Stopped/Manual Start]
<system32\drivers\ccdcmb.sys><Nokia>
[Nokia USB Generic / nmwcdc][Stopped/Manual Start]
<system32\drivers\ccdcmbo.sys><Nokia>
[Nokia USB Flashing Phone Parent / nmwcdnsu][Stopped/Manual Start]
<system32\drivers\nmwcdnsu.sys><Nokia>
[Nokia USB Flashing Generic / nmwcdnsuc][Stopped/Manual Start]
<system32\drivers\nmwcdnsuc.sys><Nokia>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
<\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvlddmkm / nvlddmkm][Running/Manual Start]
<system32\DRIVERS\nvlddmkm.sys><NVIDIA Corporation>
[NVIDIA nForce RAID Driver / nvraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
<\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
<system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
<system32\DRIVERS\nwlnkfwd.sys><N/A>
[PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start]
<system32\DRIVERS\pccsmcfd.sys><Nokia>
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
<\SystemRoot\system32\KeyCrypt.sys><Tencent Technology (Shenzhen) Company Limited>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[Feitian ROCKEY4 Device Service / ROCKEYNT][Running/Manual Start]
<system32\DRIVERS\Rockey4.sys><Feitian Technologies Co., Ltd.>
[Realtek 8169 NT Driver / RTL8169][Running/Manual Start]
<system32\DRIVERS\Rtlh86.sys><Realtek Corporation>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
<\??\C:\Windows\system32\Drivers\safeboxkrnl.sys><360安全中心>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
<\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[sptd / sptd][Running/Boot Start]
<\SystemRoot\System32\Drivers\sptd.sys><N/A>
[Symc8xx / Symc8xx][Stopped/Disabled]
<\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
<\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[TesDrvPt / TesDrvPt][Stopped/Manual Start]
<\??\C:\Windows\system32\TesDrvPt.sys><TENCENT>
[TesSafe / TesSafe][Stopped/Manual Start]
<\??\C:\Windows\system32\TesSafe.sys><TENCENT>
[uliahci / uliahci][Stopped/Disabled]
<\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
<\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Stopped/Disabled]
<\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
<\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>

用户系统信息：Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; Embedded Web Browser from: http://bsalsa.com/; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618; CIBA)

m761535 - 2009-6-8 20:11:00

浏览器加载项
[ThunderAtOnce Class]
{01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Adobe PDF Link Helper]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[IEVkbdBHO Class]
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} <D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll, (Signed) Kaspersky Lab>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Windows Live 登录帮助程序]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[CBBrowerBuddy Class]
{A412E581-59B2-485E-834F-C5F0C0268C79} <D:\Program Files\Kingsoft\PowerWord Lite\CBEBand.DLL, (Signed) Copyright (c) Kingsoft Corporation Limited. All rights reserved.>
[Adobe PDF Conversion Toolbar Helper]
{AE7CD045-E861-484f-8273-0445EE161910} <D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\Program Files\360\360Safe\safemon\safemon.dll, (Signed) 360.CN>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435b-BC74-9C25C1C588A9} <D:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[网页流量保护状态]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll, (Signed) Kaspersky Lab>
[CBBrowerBuddy Class]
{A412E581-59B2-485E-834F-C5F0C0268C79} <D:\Program Files\Kingsoft\PowerWord Lite\CBEBand.DLL, (Signed) Copyright (c) Kingsoft Corporation Limited. All rights reserved.>
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[Java Plug-in 1.6.0_14]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_14]
{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} <D:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Java Plug-in 1.6.0_14]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <D:\Program Files\Java\jre6\bin\npjpi160_14.dll, (Signed) Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[VistaWUWebControl Class]
{12A66224-5E8A-4679-8941-0B9B960BF5EA} <%SystemRoot%\system32\wuwebv.dll, (Signed) N/A>
[Adobe PDF]
{182EC0BE-5110-49C8-A062-BEB1D02A220B} <D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[Adobe PDF Link Helper]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[]
{19EFFC12-25FB-479A-A0F2-1569AE1B3365} <, >
[]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <, >
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\Windows\System32\wmpdxm.dll, (Signed) Microsoft Corporation>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\Windows\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XSL Template]
{2933BF94-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Zyzzyva]
{30FA9641-9CFE-4D71-A3AA-DF8B6FA02FCC} <, >
[QuickTime Object]
{4063BE15-3B08-470D-A0D5-B37161CFFD69} <D:\Program Files\QuickTime\QTPlugin.ocx, (Signed) Apple Inc.>
[Adobe PDF]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} <D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[XML Document]
{48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\Windows\system32\ieframe.dll, (Signed) Microsoft Corporation>
[IEVkbdBHO Class]
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} <D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll, (Signed) Kaspersky Lab>
[XMP Class]
{6483F145-A768-4C41-AACC-52D4D7845851} <C:\ProgramData\Thunder Network\KanKan\xplayer.dll_1_work, ShenZhen Thunder Networking Technologies,LTD>
[StormPlayer Object]
{6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} <D:\Program Files\StormII\mps.dll, (Signed) 北京暴风网际科技有限公司>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[MediaComm Class]
{7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin.dll, (Signed) Thunder Networking Technologies,LTD>
[]
{78ABDC59-D8E7-44D3-9A76-9A0918C52B4A} <, >
[XDownloaddManager Class]
{802F530B-A8F6-4631-AE49-6BACAAC6373E} <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <D:\Program Files\360\360Safe\live.dll, (Signed) 360.cn>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD>
[XML HTTP 4.0]
{88D969C5-F192-11D4-A65F-0040963251E5} <C:\Windows\system32\msxml4.dll, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[XML HTTP 6.0]
{88D96A0A-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[Java Plug-in 1.6.0_14]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <D:\Program Files\Java\jre6\bin\jp2iexp.dll, (Signed) >
[Uploader Class]
{8B054DFE-79A3-4A6A-9F46-CD2A2F601129} <C:\Windows\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[Windows Live 登录帮助程序]
{9030D464-4C02-4ABF-8ECC-5164760863C6} <C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll, (Signed) Microsoft Corporation>
[OFrameObject Class]
{9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5901.169.(651).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[VersionDetector Class]
{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.15.(542).dll, (Signed) ShenZhen Thunder Networking Technologies,Ltd.>
[CBBrowerBuddy Class]
{A412E581-59B2-485E-834F-C5F0C0268C79} <D:\Program Files\Kingsoft\PowerWord Lite\CBEBand.DLL, (Signed) Copyright (c) Kingsoft Corporation Limited. All rights reserved.>
[UploadFilePartition Class]
{A877BA28-1F7E-4876-B299-50B3199A1A5D} <C:\Windows\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[DapCtrl Class]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5901.169.(651).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[Adobe PDF Conversion Toolbar Helper]
{AE7CD045-E861-484F-8273-0445EE161910} <D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, (Signed) Adobe Systems Incorporated>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\Program Files\360\360Safe\safemon\safemon.dll, (Signed) 360.CN>
[RDS.DataSpace]
{BD96C556-65A3-11D0-983A-00C04FC29E36} <%CommonProgramFiles%\System\msadc\msadco.dll, (Signed) N/A>
[FTNUpload Class]
{BDEACC50-F56D-4D60-860F-CF6ED1766D65} <C:\Windows\system32\TXFTNActiveX.dll, (Signed) Tencent>
[ScreenCapture Class]
{BFB79EE1-04AE-4D4A-B85E-27EE5F30C095} <C:\Windows\system32\TXGYMailActiveX.dll, (Signed) Tencent Inc.>
[QQPlayerCtrl Class]
{CD108273-D434-43E6-AA90-1469F97EB398} <D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) 深圳腾讯科技>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[VIDEO__X_MS_ASF Moniker Class]
{CD3AFA8F-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[Microsoft Url Search Hook]
{CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\Windows\system32\ieframe.dll, (Signed) Microsoft Corporation>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash10b.ocx, (Signed) Adobe Systems, Inc.>
[Java(tm) Plug-In 2 SSV Helper]
{DBC80044-A445-435B-BC74-9C25C1C588A9} <D:\Program Files\Java\jre6\bin\jp2ssv.dll, (Signed) Sun Microsystems, Inc.>
[Microsoft Silverlight]
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} <C:\Program Files\Microsoft Silverlight\2.0.40115.0\npctrl.dll, (Signed) Microsoft Corporation>
[PlayerCtrl Class]
{E05BC2A3-9A46-4A32-80C9-023A473F5B23} <D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) 深圳腾讯科技>
[]
{E1771B7F-98BE-407F-BA67-AA16ADA5D0C5} <C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGSC1~1.DLL, (Signed) Microsoft Corporation>
[RevealTrans]
{E31E87C4-86EA-4940-9B8A-5BD5D179A737} <C:\Windows\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[TimwpDll.TimwpCheck]
{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <D:\PROGRA~1\Tencent\QQ\Bin\Timwp.dll, (Signed) Tencent>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XPPlayer Class]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.59010.253.(651).dll, (Signed) ShenZhen Thunder Networking Technologies Ltd.>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Free Threaded XML DOM Document 3.0]
{F5078F33-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XSL Template 3.0]
{F5078F36-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[&U使用纳米机器人下载并收藏]
<d:\Program Files\NamiRobot\Data\du.html, N/A>
[使用迅雷下载]
<D:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
<D:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm, N/A>
[添加到QQ表情]
<D:\Program Files\Tencent\QQ\Bin\AddEmotion.htm, N/A>
[添加到卡巴斯基反广告]
<D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm, N/A>
[转换为 Adobe PDF]
<res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[转换选取内容为 Adobe PDF]
<res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[转换选取内容到现有的 PDF]
<res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[转换选定的链接到 Adobe PDF]
<res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html, N/A>
[转换选定的链接到现有的 PDF]
<res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html, N/A>
[转换链接目标为 Adobe PDF]
<res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html, N/A>
[转换链接目标到现有的 PDF]
<res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>
[追加到现有的 PDF]
<res://D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html, N/A>

m761535 - 2009-6-8 20:13:00

正在运行的进程
[PID: 476 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 568 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 608 / SYSTEM][C:\Windows\system32\wininit.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 616 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 652 / SYSTEM][C:\Windows\system32\services.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 664 / SYSTEM][C:\Windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 676 / SYSTEM][C:\Windows\system32\lsm.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 784 / SYSTEM][C:\Windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 860 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 904 / SYSTEM][C:\Windows\system32\nvvsvc.exe] [NVIDIA Corporation, 7.15.11.7490]
[PID: 932 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 972 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1068 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 1100 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1120 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 1280 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1332 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 1408 / SYSTEM][C:\Windows\system32\rundll32.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\NVSVC.DLL] [NVIDIA Corporation, 7.15.11.7490]
[C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.11.7490]
[PID: 1544 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 1752 / SYSTEM][C:\Windows\System32\spoolsv.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\System32\AdobePDF.dll] [Adobe Systems Incorporated., 8.1.0.00]
[D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdistRes.CHS] [, ]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 1800 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1956 / miaolei][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2000 / miaolei][C:\Windows\system32\Dwm.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.7490]
[PID: 2012 / miaolei][C:\Windows\Explorer.EXE] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.7490]
[C:\Windows\system32\nvcpl.dll] [NVIDIA Corporation, 7.15.11.7490]
[C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 7.15.11.7490]
[D:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll] [Nokia, 7, 1, 106, 0]
[D:\Program Files\Nokia\Nokia PC Suite 7\NGSCM.DLL] [Nokia, 7, 1, 152, 0]
[D:\Program Files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_chi-sc.nlr] [Nokia, 7, 1, 69, 0]
[D:\Program Files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr] [Nokia, 7, 1, 21, 0]
[D:\Program Files\WinRAR\rarext.dll] [N/A, ]
[D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5.0.8.179]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 22]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 17]
[C:\Windows\system32\icm32.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.34]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[PID: 1508 / miaolei][C:\Program Files\Windows Defender\MSASCui.exe] [Microsoft Corporation, 1.1.1600.0]
[PID: 1664 / miaolei][C:\Windows\System32\rundll32.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Windows\system32\NvMcTray.dll] [NVIDIA Corporation, 7.15.11.7490]
[C:\Windows\System32\nvapi.dll] [NVIDIA Corporation, 7.15.11.7490]
[PID: 2064 / SYSTEM][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2172 / miaolei][D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe] [Kaspersky Lab, 8.0.0.508]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prremote.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\fssync.dll] [Kaspersky Lab, 8.0.5.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\Ushata.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\CLLDR.DLL] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prloader.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prkernel.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\pxstub.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\params.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\winreg.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\mkavio.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\tempfile.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\avpgui.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\nfio.ppl] [Kaspersky Lab, 8.0.0.512]
[d:\program files\kaspersky lab\kaspersky internet security 2009\fsdrvplg.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\basegui.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\thpimpl.ppl] [Kaspersky Lab, 8.0.0.506]
[PID: 2236 / miaolei][C:\Program Files\Windows Sidebar\sidebar.exe] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\scrchpg.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\klscav.dll] [Kaspersky Lab, 8.0.0.506]
[C:\Windows\system32\icm32.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 2384 / miaolei][C:\Program Files\Windows Sidebar\sidebar.exe] [Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\scrchpg.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\klscav.dll] [Kaspersky Lab, 8.0.0.506]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[C:\Windows\system32\icm32.dll] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2420 / SYSTEM][C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe] [Apple Inc., 2.50.39.0]
[PID: 2468 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe] [Apple Inc., 1,0,6,2]
[PID: 2488 / SYSTEM][D:\Program Files\StormII\stormliv.exe] [北京暴风网际科技有限公司, 3, 9, 4, 17]
[D:\Program Files\StormII\MSVCP60.dll] [Microsoft Corporation, 6.02.3104.0]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[D:\Program Files\StormII\bfoptdll.dll] [北京暴风网际科技有限公司, 3, 8, 7, 16]
[D:\Program Files\StormII\box\BoxLog.dll] [北京暴风网际科技有限公司, 3, 9, 4, 17]
[PID: 2508 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 2572 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2600 / SYSTEM][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe] [Ulead Systems, Inc., 1, 0, 0, 4]
[PID: 2684 / SYSTEM][C:\Windows\system32\drivers\WDelMgr20.exe] [N/A, ]
[PID: 2760 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [(Verified) Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)]
[PID: 3088 / LOCAL SERVICE][C:\Windows\system32\WUDFHost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3708 / miaolei][C:\Windows\System32\mobsync.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 1200 / miaolei][C:\Program Files\Windows Media Player\wmpnscfg.exe] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]
[PID: 3828 / NETWORK SERVICE][C:\Program Files\Windows Media Player\wmpnetwk.exe] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)]
[PID: 3856 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 6.0.6001.18226 (vistasp1_gdr.090302-1506)]
[PID: 832 / miaolei][C:\Windows\system32\wbem\unsecapp.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 5936 / miaolei][D:\Program Files\Thunder Network\Thunder\Program\Thunder.exe] [Xunlei Networking Technologies,LTD, 5.9.1.922]

m761535 - 2009-6-8 20:13:00

[D:\Program Files\Thunder Network\Thunder\Program\BugReportU.dll] [深圳市迅雷网络技术有限公司, 1, 4, 1, 20]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\Program Files\Thunder Network\Thunder\Program\libexpat.dll] [N/A, ]
[D:\Program Files\Thunder Network\Thunder\Program\liblua.dll] [N/A, ]
[D:\Program Files\Thunder Network\Thunder\Program\XLGraphic.dll] [N/A, ]
[D:\Program Files\Thunder Network\Thunder\Program\libpng13.dll] [, 1.2.34]
[D:\Program Files\Thunder Network\Thunder\Program\zlib1.dll] [, 1.2.3]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[D:\Program Files\Thunder Network\Thunder\Program\XLLuaRuntime.dll] [N/A, ]
[C:\Windows\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\ATL71.DLL] [Microsoft Corporation, 7.10.6041.0]
[D:\Program Files\Thunder Network\Thunder\Program\sqlite3.dll] [N/A, ]
[D:\Program Files\Thunder Network\Thunder\Program\mini_unzip_dll.dll] [N/A, ]
[C:\Windows\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0]
[D:\Program Files\Thunder Network\Thunder\Program\XLGUIPlatform.dll] [TODO: <公司名>, 5.9.1.922]
[D:\Program Files\Thunder Network\Thunder\Program\ThunderStorage.dll] [, 1, 0, 0, 2]
[D:\Program Files\Thunder Network\Thunder\Program\XLWebDownload.dll] [深圳市迅雷网络技术有限公司, 5.9.1.722]
[D:\Program Files\Thunder Network\Thunder\Program\asyn_frame.dll] [深圳市迅雷网络技术有限公司, 1, 4, 2, 34]
[D:\Program Files\Thunder Network\Thunder\Program\mp.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 5]
[D:\Program Files\Thunder Network\Thunder\Program\Thunders.dll] [Xunlei Networking Technologies,LTD, 5.9.1.922]
[D:\Program Files\Thunder Network\Thunder\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 3, 4, 2, 343]
[D:\Program Files\Thunder Network\Thunder\Program\backend_agent.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 31]
[D:\Program Files\Thunder Network\Thunder\Program\ptl.dll] [Thunder Networking Technologies,LTD, 3, 2, 2, 60]
[D:\Program Files\Thunder Network\Thunder\Program\dl_peer_id.dll] [深圳市迅雷网络技术有限公司, 3, 1, 2, 4]
[D:\Program Files\Thunder Network\Thunder\Program\xl_stat.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 7]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[D:\Program Files\Thunder Network\Thunder\Program\fs.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 19]
[D:\Program Files\Thunder Network\Thunder\Components\SkinEngine\skinEngine.dll] [Xunlei Networking Technologies,LTD, 5.9.1.922]
[D:\Program Files\Thunder Network\Thunder\Program\SkinEngine2.dll] [TODO: <Company name>, 1.0.0.1]
[D:\Program Files\Thunder Network\Thunder\Components\GougouSearch\GougouSearch.dll] [Xunlei Networking Technologies,LTD, 5.9.1.922]
[D:\Program Files\Thunder Network\Thunder\Program\DllNewTask.DLL] [Xunlei Networking Technologies,LTD, 5.9.1.922]
[D:\Program Files\Thunder Network\Thunder\Components\Config\ConfigPane.dll] [Xunlei Networking Technologies,LTD, 5.9.1.922]
[D:\Program Files\Thunder Network\Thunder\Components\FloatPanel\FloatPanel.dll] [Xunlei Networking Technologies,LTD, 5.9.1.922]
[D:\Program Files\Thunder Network\Thunder\Program\XLGUIDevEnv.dll] [TODO: <公司名>, 5.9.1.922]
[D:\Program Files\Thunder Network\Thunder\Program\GBLCategory.dll] [Xunlei Networking Technologies,LTD, 5.9.1.922]
[D:\Program Files\Thunder Network\Thunder\Components\BaseCommunity\BaseCommunity.dll] [Thunder Networking Technologies,LTD, 5.9.2.721]
[D:\Program Files\Thunder Network\Thunder\Program\libjpeg6b.dll] [N/A, ]
[D:\Program Files\Thunder Network\Thunder\Program\giflib4.dll] [N/A, ]
[D:\Program Files\Thunder Network\Thunder\Program\XLI18N.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 1]
[D:\Program Files\Thunder Network\Thunder\Program\http.dll] [Thunder Networking Technologies,LTD, 1.0.2.5]
[D:\Program Files\Thunder Network\Thunder\Program\XLCP.dll] [Thunder Networking Technologies,LTD, 1.0.2.6]
[D:\Program Files\Thunder Network\Thunder\Program\XLUser.dll] [Thunder Networking Technologies,LTD, 1.0.2.15]
[D:\Program Files\Thunder Network\Thunder\Components\Streamer\Streamer.dll] [, 1, 0, 0, 12]
[D:\Program Files\Thunder Network\Thunder\Program\XLNetU.dll] [深圳市迅雷网络技术有限公司, 1, 5, 2, 25]
[D:\Program Files\Thunder Network\Thunder\Program\LiveUpdate\UpdateCtrl.dll] [, 2, 0, 2, 201]
[D:\Program Files\Thunder Network\Thunder\Program\p2p_upload.dll] [Thunder Networking Technologies,LTD, 1,1,2,16]
[D:\Program Files\Thunder Network\Thunder\Program\p2p.dll] [Thunder Networking Technologies,LTD, 1,1,2,55]
[D:\Program Files\Thunder Network\Thunder\Program\stream.dll] [ShenZhen Thunder Networking Technologies,Ltd., 2, 1, 2, 1047]
[D:\Program Files\Thunder Network\Thunder\Program\p2sp.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 71]
[D:\Program Files\Thunder Network\Thunder\Program\down_dispatcher.dll] [Thunder Networking Technologies,LTD, 1,0,2,53]
[D:\Program Files\Thunder Network\Thunder\Program\p2p_local_res.dll] [深圳市迅雷网络技术有限公司, 1,1,2,18]
[D:\Program Files\Thunder Network\Thunder\Program\al.dll] [Thunder Networking Technologies,LTD, 1,1,2,38]
[D:\Program Files\Thunder Network\Thunder\Program\sl.dll] [深圳市迅雷网络技术有限公司, 1.0.2.2]
[D:\Program Files\Thunder Network\Thunder\Program\emule_kernel.dll] [, 1, 2, 2, 61]
[C:\Windows\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87]
[D:\Program Files\Thunder Network\Thunder\Program\bt_shell.dll] [, 1, 0, 2, 9]
[D:\Program Files\Thunder Network\Thunder\Program\module_downloader.dll] [, 1, 0, 2, 9]
[D:\Program Files\Thunder Network\Thunder\Program\bt_kernel.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 12]
[D:\Program Files\Thunder Network\Thunder\Program\hoc.dll] [N/A, ]
[D:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed.dll] [Thunder Networking Technologies,LTD, 3, 4, 12, 124]
[D:\Program Files\Thunder Network\Thunder\Components\InMedia\XLIPC.DLL] [Thunder Networking Technologies,LTD, 1, 0, 0, 4]
[D:\Program Files\Thunder Network\Thunder\Components\Tips\TipsClient.dll] [Thunder Networking Technologies,LTD, 3, 0, 3, 141]
[D:\Program Files\Thunder Network\Thunder\Components\Tips\XLSkin.dll] [Thunder Networking Technologies,LTD, 1, 0, 1, 3]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsXlCom.dll] [, 1, 0, 0, 36]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 17]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\MediaWorker.dll] [Thunder Networking Technologies,LTD, 1, 2, 0, 23]
[D:\Program Files\Thunder Network\Thunder\Components\XLMediaCutter\XLMediaCutter.dll] [ShenZhen Thunder Networking Technologies Ltd., 4, 0, 0, 41]
[D:\Program Files\Thunder Network\Thunder\Program\emule_shell.dll] [, 1, 0, 2, 13]
[D:\Program Files\Thunder Network\Thunder\Program\bd.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 20]
[D:\Program Files\Thunder Network\Thunder\Program\emule_id.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 12]
[PID: 5252 / miaolei][D:\Program Files\Tencent\QQ\Bin\QQ.exe] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\Common.dll] [Tencent, 1, 25, 660, 0]
[C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762]
[D:\Program Files\Tencent\QQ\Bin\KernelUtil.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\GF.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\AppUtil.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\MainFrame.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\TaskTray.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\TXPFProxy.dll] [N/A, ]
[D:\Program Files\Tencent\QQ\Bin\AppMisc.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\ChatFrame.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\ConfigCenter.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\CustomFace.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\IM.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\KernelMisc.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\LongCnn.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\ContactInfoFrame.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\MsgMgr.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\SkinMgr.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\QInterLive.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\AppCtrl.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\SystemMsg.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Soso\Bin\Soso.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.SoBar\Bin\SoBar.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.taotao\Bin\Taotao.dll] [Tencent, 1, 25, 660, 0]
[C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll] [Tencent, 1.0.1.22]
[D:\Program Files\Tencent\QQ\Bin\BasicCtrlDll.dll] [TENCENT, 8,0,773,1801]
[D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll] [Tencent, 1.25.1.25]
[C:\Windows\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\scrchpg.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\klscav.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prremote.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prloader.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prkernel.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\params.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\pxstub.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\tempfile.ppl] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.advertisement\Bin\Advertisement.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.snsapp\Bin\SNSApp.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.NetBar\Bin\NetBar.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.wireless\Bin\Wireless.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqshow\Bin\QQShow.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.crm\Bin\CRM.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.wenwen\Bin\WenWen.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.mail\Bin\Mail.dll] [Tencent, 1, 25, 660, 0]

m761535 - 2009-6-8 20:13:00

[D:\Program Files\Tencent\QQ\Plugin\com.tencent.paycenter\Bin\PayCenter.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqring\Bin\QQRing.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqgame\Bin\QQGame.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\GroupApp.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\InformationBox.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqvip\Bin\QQVip.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.gamelife\Bin\GameLife.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\vqqsdl.dll] [Tencent, 5, 0, 3, 24]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.memo\Bin\Memo.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.qbar\Bin\QBar.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqpet\Bin\QQPet.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Plugin\com.tencent.today\Bin\Today.dll] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\AddrSearch.dll] [Tencent, 2, 3, 10, 12]
[C:\Windows\system32\SOGOUPY.IME] [Sogou.com Inc., 4.2.0.2654]
[D:\Program Files\SogouInput\4.2.0.2654\Resource.dll] [Sogou.com Inc., 4.2.0.2654]
[PID: 6112 / miaolei][D:\Program Files\Tencent\QQ\Bin\TXPlatform.exe] [Tencent, 1, 25, 660, 0]
[D:\Program Files\Tencent\QQ\Bin\TXPFProxy.dll] [N/A, ]
[PID: 5436 / miaolei][C:\Windows\system32\conime.exe] [(Verified) Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)]
[PID: 5676 / miaolei][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[PID: 3928 / miaolei][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll] [Adobe Systems Incorporated, 8.1.0.0]
[D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.CHS] [Adobe Systems Incorporated, 8.0.0.0]
[D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.34]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll] [Adobe Systems Incorporated, 9.1.0.2009022700]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 9.1.0.2009022700]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5.0.8.179]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 17]
[D:\Program Files\Kingsoft\PowerWord Lite\CBEBand.DLL] [Copyright (c) Kingsoft Corporation Limited. All rights reserved., 0.0.1.2]
[D:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1011]
[D:\Program Files\Java\jre6\bin\jp2ssv.dll] [Sun Microsystems, Inc., 6.0.140.8]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\scrchpg.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\klscav.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prremote.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prloader.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prkernel.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\params.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\pxstub.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\tempfile.ppl] [Kaspersky Lab, 8.0.0.506]
[C:\Windows\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87]
[C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.7490]
[C:\Windows\system32\SOGOUPY.IME] [Sogou.com Inc., 4.2.0.2654]
[D:\Program Files\SogouInput\4.2.0.2654\Resource.dll] [Sogou.com Inc., 4.2.0.2654]
[PID: 752 / miaolei][C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe] [Adobe Systems, Inc., 10,0,22,87]
[PID: 4872 / miaolei][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll] [Adobe Systems Incorporated, 8.1.0.0]
[D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.CHS] [Adobe Systems Incorporated, 8.0.0.0]
[D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.34]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll] [Adobe Systems Incorporated, 9.1.0.2009022700]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 9.1.0.2009022700]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5.0.8.179]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 17]
[D:\Program Files\Kingsoft\PowerWord Lite\CBEBand.DLL] [Copyright (c) Kingsoft Corporation Limited. All rights reserved., 0.0.1.2]
[D:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1011]
[D:\Program Files\Java\jre6\bin\jp2ssv.dll] [Sun Microsystems, Inc., 6.0.140.8]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\scrchpg.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\klscav.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prremote.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prloader.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prkernel.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\params.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\pxstub.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\tempfile.ppl] [Kaspersky Lab, 8.0.0.506]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[C:\Windows\system32\SOGOUPY.IME] [Sogou.com Inc., 4.2.0.2654]
[D:\Program Files\SogouInput\4.2.0.2654\Resource.dll] [Sogou.com Inc., 4.2.0.2654]
[C:\Windows\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87]
[C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.7490]
[PID: 1588 / miaolei][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll] [Adobe Systems Incorporated, 8.1.0.0]
[D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.CHS] [Adobe Systems Incorporated, 8.0.0.0]
[D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.34]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5.0.8.179]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 17]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\scrchpg.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\klscav.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prremote.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prloader.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prkernel.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\params.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\pxstub.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\tempfile.ppl] [Kaspersky Lab, 8.0.0.506]
[C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 7.15.11.7490]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll] [Adobe Systems Incorporated, 9.1.0.2009022700]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 9.1.0.2009022700]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kingsoft\PowerWord Lite\CBEBand.DLL] [Copyright (c) Kingsoft Corporation Limited. All rights reserved., 0.0.1.2]
[D:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1011]
[D:\Program Files\Java\jre6\bin\jp2ssv.dll] [Sun Microsystems, Inc., 6.0.140.8]
[C:\Windows\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87]
[PID: 5660 / miaolei][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll] [Adobe Systems Incorporated, 8.1.0.0]
[D:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.CHS] [Adobe Systems Incorporated, 8.0.0.0]
[D:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.34]
[C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5.0.8.179]
[D:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 17]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\scrchpg.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\klscav.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prremote.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prloader.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\prkernel.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\params.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\pxstub.ppl] [Kaspersky Lab, 8.0.0.506]
[d:\program files\kaspersky lab\kaspersky internet security 2009\tempfile.ppl] [Kaspersky Lab, 8.0.0.506]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll] [Adobe Systems Incorporated, 9.1.0.2009022700]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 9.1.0.2009022700]
[D:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll] [Kaspersky Lab, 8.0.0.506]
[D:\Program Files\Kingsoft\PowerWord Lite\CBEBand.DLL] [Copyright (c) Kingsoft Corporation Limited. All rights reserved., 0.0.1.2]
[D:\Program Files\360\360Safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1011]
[D:\Program Files\Java\jre6\bin\jp2ssv.dll] [Sun Microsystems, Inc., 6.0.140.8]
[C:\Windows\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87]
[PID: 5956 / miaolei][E:\sreng\SREngLdr.EXE] [Smallfrogs Studio, 2.7.1.1261]
[PID: 4420 / miaolei][E:\sreng\SRE73e7d5da.EXE] [Smallfrogs Studio, 2.7.1.1261]
[E:\sreng\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2]

m761535 - 2009-6-8 20:14:00

文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["%SystemRoot%\hh.exe" %1]
.HLP OK. [%SystemRoot%\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
::1 localhost

==================================
进程特权扫描
N/A

==================================
计划任务
[已启用] \\SogouImeMgr
D:\PROGRA~1\SOGOUI~1\420~1.265\PINYIN~1.EXE /S
[已启用] \\Vista内存整理大师
D:\Program Files\VistaMaster\MemoryMaster.exe auto
[已启用] \\{71BCA212-3D78-4DB9-B253-8034DC6E8AE3}
C:\Windows\system32\pcalua.exe -a E:\下载\Movie\daemon4303-lite.exe -d E:\下载\Movie
[已启用] \\{EE17F7EF-2063-4C17-AD86-CC8A4A1C10E0}
C:\Windows\system32\pcalua.exe -a G:\setup.exe -d G:\ -c /s
[已启用] \Apple\AppleSoftwareUpdate
C:\Program Files\Apple Software Update\SoftwareUpdate.exe -task
[已禁用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
N/A
[已启用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
N/A
[已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask
BthUdTask.exe $(Arg0)
[已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask
N/A
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask
N/A
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
N/A
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
%SystemRoot%\System32\wsqmcons.exe
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\OptinNotification
%SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0
[已启用] \Microsoft\Windows\Defrag\ManualDefrag
%windir%\system32\defrag.exe \\?\Volume{e906b4cf-3a9d-11de-a9a9-806e6f6e6963}\ \\?\Volume{e906b4d0-3a9d-11de-a9a9-806e6f6e6963}\ \\?\Volume{e906b4d1-3a9d-11de-a9a9-806e6f6e6963}\ \\?\Volume{e906b4d2-3a9d-11de-a9a9-806e6f6e6963}\
[已启用] \Microsoft\Windows\Defrag\ScheduledDefrag
%windir%\system32\defrag.exe -c -i
[已启用] \Microsoft\Windows\Media Center\ehDRMInit
%SystemRoot%\ehome\ehPrivJob.exe /DRMInit
[已启用] \Microsoft\Windows\Media Center\mcupdate
%SystemRoot%\ehome\mcupdate $(Arg0) -gc
[已启用] \Microsoft\Windows\Media Center\OCURActivate
%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
[已启用] \Microsoft\Windows\Media Center\OCURDiscovery
%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery
[已启用] \Microsoft\Windows\Media Center\UpdateRecordPath
%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
[已启用] \Microsoft\Windows\MobilePC\HotStart
N/A
[已启用] \Microsoft\Windows\MobilePC\TMM
N/A
[已启用] \Microsoft\Windows\MUI\LPRemove
%windir%\system32\lpremove.exe
[已启用] \Microsoft\Windows\Multimedia\SystemSoundsService
N/A
[已启用] \Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
N/A
[已启用] \Microsoft\Windows\Shell\CrawlStartPages
N/A
[已禁用] \Microsoft\Windows\SideShow\AutoWake
N/A
[已启用] \Microsoft\Windows\SideShow\GadgetManager
N/A
[已禁用] \Microsoft\Windows\SideShow\SessionAgent
N/A
[已禁用] \Microsoft\Windows\SideShow\SystemDataProviders
N/A
[已启用] \Microsoft\Windows\SystemRestore\SR
%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1
rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2
rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
[已启用] \Microsoft\Windows\UPnP\UPnPHostConfig
sc.exe config upnphost start= auto
[已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting
%windir%\system32\wermgr.exe -queuereporting
[已启用] \Microsoft\Windows\Wired\GatherWiredInfo
%windir%\system32\gatherWiredInfo.vbs
[已启用] \Microsoft\Windows\Wireless\GatherWirelessInfo
%windir%\system32\gatherWirelessInfo.vbs

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================

瑞星卡卡安全论坛