瑞星卡卡安全论坛

首页 » 技术交流区 » 系统软件 » vista系统很不稳定帮帮看看扫描日志。
特攻队2 - 2010-8-21 19:11:00
请帮我看看谢谢!
[CODE]
2010-08-21,18:52:55
System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)
Windows Vista Home Basic Edition  (Build 6000) - 管理权限用户 - 完整功能
以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    Windows 安全更新检查
    API HOOK
    隐藏进程

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <Windows Defender><%ProgramFiles%\Windows Defender\MSASCui.exe -hide>  [(Verified)Microsoft Windows]
    <kxesc><"C:\Program Files\Common Files\Kingsoft\kiscommon\kxetray.exe" -autorun>  [(Verified)Zhuhai  Kingsoft Software Co.,Ltd]
    <KSafeTray><"D:\Program Files\Kingsoft\KSafe\KSafeTray.exe" -autorun>  [(Verified)Kingsoft Security Co.,Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><explorer.exe>  [(Verified)Microsoft Windows]
    <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <WebCheck><C:\Windows\system32\webcheck.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\Windows\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Windows Mail 7><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\Windows\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\Windows\system32\logon.scr>  [(Verified)Microsoft Windows]

用户系统信息:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30618)
特攻队2 - 2010-8-21 19:11:00
启动文件夹
N/A

==================================
服务
[KSafe service / KSafeSvc][Running/Auto Start]
  <"D:\Program Files\Kingsoft\KSafe\KSafeSvc.exe" -svc><Kingsoft Corporation.>
[Kingsoft Core Defend Service / kxedefend][Running/Auto Start]
  <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxedefend.exe" /service kxedefend><Kingsoft Corporation>
[Kingsoft Security App Service / kxesapp][Running/Auto Start]
  <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxesapp.exe" /service kxesapp><Kingsoft Corporation>
[Kingsoft Core Service / kxescore][Running/Auto Start]
  <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxescore.exe" /service kxescore><Kingsoft Corporation>
[Kingsoft Antivirus XEngine Service / KxEServ][Running/Auto Start]
  <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxeserv.exe"><Kingsoft Corporation>
[Kingsoft Antivirus Update Service / KxEUpSrv][Running/Auto Start]
  <"C:\Program Files\Common Files\Kingsoft\kiscommon\upsvc.exe"><Kingsoft Corporation>
[Tencent Software Update Service / TSUSVC][Stopped/Auto Start]
  <"D:\Program Files\QQSoftMgr\1.0.375.203\TencentUpdateSvc.exe" -run><Tencent>

==================================
驱动程序
[adp94xx / adp94xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
[adpu160m / adpu160m][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpu160m.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Disabled]
  <\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
[aliide / aliide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
[arc / arc][Stopped/Disabled]
  <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Disabled]
  <\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
  <system32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[blbdrive / blbdrive][Stopped/Disabled]
  <\SystemRoot\system32\drivers\blbdrive.sys><N/A>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brfiltlo.sys><Brother Industries, Ltd.>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brfiltup.sys><Brother Industries, Ltd.>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brserid.sys><Brother Industries Ltd.>
[Brother WDM Serial driver / BrSerWdm][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brserwdm.sys><Brother Industries Ltd.>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled]
  <\SystemRoot\system32\drivers\brusbmdm.sys><Brother Industries Ltd.>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
  <\SystemRoot\system32\drivers\brusbser.sys><Brother Industries Ltd.>
[cmdide / cmdide][Stopped/Disabled]
  <\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
[cpuz134 / cpuz134][Stopped/Manual Start]
  <\??\C:\Users\DDgao\AppData\Local\Temp\cpuz134_x32.sys><N/A>
[Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
  <system32\DRIVERS\E1G60I32.sys><Intel Corporation>
[elxstor / elxstor][Stopped/Disabled]
  <\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[HpCISSs / HpCISSs][Stopped/Disabled]
  <\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[Intel RAID Controller Vista / iaStorV][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iastorv.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <system32\DRIVERS\ipinip.sys><N/A>
[ITEATAPI_Service_Install / iteatapi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iteatapi.sys><Integrated Technology Express, Inc.>
[ITERAID_Service_Install / iteraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\iteraid.sys><Integrated Technology Express, Inc.>
[KAVBootC / KAVBootC][Running/Boot Start]
  <\SystemRoot\system32\drivers\KAVBootC.sys><Kingsoft Corporation>
[KAVSafe / KAVSafe][Running/Auto Start]
  <\??\C:\Windows\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
[ksdef / ksdef][Running/Auto Start]
  <\??\C:\Windows\system32\drivers\ksdef.sys><Kingsoft Corporation>
[kwatch32 / kwatch32][Running/Auto Start]
  <\??\C:\Windows\system32\drivers\kwatch32.sys><Kingsoft Corporation>
[LSI_FC / LSI_FC][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_fc.sys><LSI Logic>
[LSI_SAS / LSI_SAS][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Disabled]
  <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[megasas / megasas][Stopped/Disabled]
  <\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[Mraid35x / Mraid35x][Stopped/Disabled]
  <\SystemRoot\system32\drivers\mraid35x.sys><LSI Logic Corporation>
[Driver for netfilter Device / netfilter][Running/Manual Start]
  <system32\DRIVERS\netfilter.sys><Windows (R) Win 7 DDK provider>
[nfrd960 / nfrd960][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ntrigdigi.sys><N-trig Innovative Technologies>
[nvlddmkm / nvlddmkm][Running/Manual Start]
  <system32\DRIVERS\nvlddmkm.sys><NVIDIA Corporation>
[nvraid / nvraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Disabled]
  <\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
[IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start]
  <system32\DRIVERS\nwlnkfwd.sys><N/A>
[QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
[ChinaNet WLAN Adapter / rasuw][Running/Manual Start]
  <system32\DRIVERS\rasuw.sys><UTStarcom Inc.>
[SiSRaid2 / SiSRaid2][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sisraid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
[Symc8xx / Symc8xx][Stopped/Disabled]
  <\SystemRoot\system32\drivers\symc8xx.sys><LSI Logic>
[Sym_hi / Sym_hi][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sym_hi.sys><LSI Logic>
[Sym_u3 / Sym_u3][Stopped/Disabled]
  <\SystemRoot\system32\drivers\sym_u3.sys><LSI Logic>
[uliahci / uliahci][Stopped/Disabled]
  <\SystemRoot\system32\drivers\uliahci.sys><ULi Electronics Inc.>
[UlSata / UlSata][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ulsata.sys><Promise Technology, Inc.>
[ulsata2 / ulsata2][Stopped/Disabled]
  <\SystemRoot\system32\drivers\ulsata2.sys><Promise Technology, Inc.>
[viaide / viaide][Running/Boot Start]
  <\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Disabled]
  <\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>
[tcphoc / tcphoc][Running/Manual Start]
  <\??\D:\Program Files\xunlei\Program\tcphoc.sys><N/A>
特攻队2 - 2010-8-21 19:12:00
浏览器加载项
[迅雷流媒体探测IE支持]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <D:\Program Files\xunlei\ComDlls\TDMediaDetector5.9.25.1528.dll, (Signed) 深圳市迅雷网络技术有限公司>
[迅雷网页图片浏览器IE支持]
  {2D90D33C-DE76-42D0-9040-E4466DDC24AC} <D:\Program Files\xunlei\Program\EmbedDetectNow.dll, (Signed) Xunlei>
[迅雷下载IE支持]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\xunlei\ComDlls\xunleiBHO_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[查看网页全部图片]
  {548BF84E-9665-47f9-B635-7380F8943E90} <, >
[迅雷流媒体探测IE支持]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\Program Files\xunlei\ComDlls\TDMediaDetector5.9.25.1528.dll, (Signed) 深圳市迅雷网络技术有限公司>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <D:\Program Files\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\MMInstaller.dll, (Signed) Tencent>
[迅雷网页图片浏览器IE支持]
  {2D90D33C-DE76-42D0-9040-E4466DDC24AC} <D:\Program Files\xunlei\Program\EmbedDetectNow.dll, (Signed) Xunlei>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\xunlei\ComDlls\ThunderAgent5.9.25.1528.dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <, >
[]
  {548BF84E-9665-47F9-B635-7380F8943E90} <, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\Windows\system32\wmp.dll, (Signed) Microsoft Corporation>
[Access UserInfo by Script]
  {6EE9CD3E-A386-4DAE-9737-A759DBF927AE} <D:\Program Files\xunlei\ComDlls\UserAgent.dll, (Signed) 深圳市迅雷网络技术有限公司>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\Program Files\xunlei\userdata\Components\InMedia\MediaAddin.dll, (Signed) 深圳市迅雷网络技术有限公司>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\Windows\system32\ieframe.dll, (Signed) Microsoft Corporation>
[迅雷下载IE支持]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\xunlei\ComDlls\xunleiBHO_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[XML DOM Document 6.0]
  {88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[OFrameObject Class]
  {9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5925.305.(799).dll, (Signed) 深圳市迅雷网络技术有限公司>
[VersionDetector Class]
  {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.32.(799).dll, (Signed) 深圳市迅雷网络技术有限公司>
[HallToolkit Class]
  {A24E6133-404F-4431-A296-2DE576FC5AEE} <C:\Program Files\Common Files\Thunder Network\XLGame\HallTool.1.0.0.5.(799).dll, (Signed) 深圳市迅雷网络技术有限公司>
[APlayer Control]
  {A9322148-C691-4B9D-91FC-B9C461DBE9DD} <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5925.305.(799).dll, (Signed) 深圳市迅雷网络技术有限公司>
[QQPlayerCtrl Class]
  {CD108273-D434-43E6-AA90-1469F97EB398} <D:\Program Files\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash10i.ocx, (Signed) Adobe Systems, Inc.>
[PlayerCtrl Class]
  {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <D:\Program Files\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[TimwpDll.TimwpCheck]
  {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <D:\PROGRA~1\QQ\Bin\Timwp.dll, (Signed) Tencent>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[Free Threaded XML DOM Document 3.0]
  {F5078F33-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XSL Template 3.0]
  {F5078F36-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[使用迅雷下载]
  <D:\Program Files\xunlei\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\Program Files\xunlei\Program\GetAllUrl.htm, N/A>
[使用迅雷查看图片]
  <D:\Program Files\xunlei\Program\repairimage.htm, N/A>

==================================
正在运行的进程
[PID: 380 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 448 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 500 / SYSTEM][C:\Windows\system32\wininit.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 512 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 548 / SYSTEM][C:\Windows\system32\services.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 560 / SYSTEM][C:\Windows\system32\lsass.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 568 / SYSTEM][C:\Windows\system32\lsm.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 676 / SYSTEM][C:\Windows\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 756 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 820 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 956 / LOCAL SERVICE][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 984 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1012 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1168 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1200 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1328 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1800 / DDgao][C:\Windows\system32\Dwm.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\system32\nvd3dum.dll]  [NVidia Corporation, 7.15.10.9686]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
[PID: 1808 / SYSTEM][D:\Program Files\Kingsoft\KSafe\KSafeSvc.exe]  [Kingsoft Corporation., 1.1.0.1027]
    [D:\Program Files\Kingsoft\KSafe\ksafeeng.dll]  [Kingsoft Corporation., 1.2.2.1076]
    [D:\Program Files\Kingsoft\KSafe\ksafebak.dll]  [Kingsoft Corporation., 1.1.0.1027]
    [D:\Program Files\Kingsoft\KSafe\kcache.dll]  [Kingsoft Corporation., 1.1.0.1027]
    [D:\Program Files\Kingsoft\KSafe\katrun.dll]  [Kingsoft Corporation., 1.1.0.1027]
    [D:\Program Files\Kingsoft\KSafe\ksafedb.dll]  [Kingsoft Corporation., 1.1.0.1027]
[PID: 1816 / DDgao][C:\Windows\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [D:\Program Files\Kingsoft\Kingsoft Antivirus\ktaskbar.dll]  [Kingsoft Corporation, 2010,05,26,732]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
    [D:\Program Files\xunlei\ComDlls\xunleiBHO_Now.dll]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\ComDlls\zlib1.dll]  [, 1.2.3]
    [D:\Program Files\xunlei\ComDlls\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [D:\Program Files\xunlei\ComDlls\libexpat.dll]  [N/A, ]
    [D:\Program Files\xunlei\ComDlls\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [D:\Program Files\xunlei\ComDlls\ATL71.DLL]  [Microsoft Corporation, 7.10.6101.0]
    [D:\Program Files\xunlei\userdata\Components\ResWorker\DsBho_00.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 0, 33]
    [D:\Program Files\xunlei\userdata\Components\ResWorker\DataProcessor_00.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 1, 6]
    [C:\Program Files\天翼网盘\189DriveNSE.dll]  [世纪龙信息网络有限责任公司(WWW.21CN.COM), 1, 0, 1, 1]
    [D:\Program Files\Kingsoft\Kingsoft Antivirus\kis.dll]  [Kingsoft Corporation, 2010,04,14,610]
[PID: 372 / SYSTEM][C:\Windows\System32\spoolsv.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [C:\Windows\System32\hpzlllhn.dll]  [Hewlett-Packard Company, 61.053.25.9]
    [C:\Windows\system32\spool\PRTPROCS\W32X86\hpzpplhn.dll]  [Hewlett-Packard Corporation, 61.053.25.9]
[PID: 804 / DDgao][C:\Windows\system32\taskeng.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
[PID: 1008 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 2272 / DDgao][D:\Program Files\Kingsoft\KSafe\KSafeTray.exe]  [Kingsoft Corporation., 1.1.0.1031]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
    [D:\Program Files\Kingsoft\KSafe\krunopt.dll]  [Kingsoft Corporation., 1.1.0.1031]
    [D:\Program Files\Kingsoft\KSafe\ksafeup.dll]  [Kingsoft Corporation., 1.1.0.1027]
    [D:\Program Files\Kingsoft\KSafe\zlib1.dll]  [, 1.2.3]
    [D:\Program Files\Kingsoft\KSafe\kplugeng.dll]  [Kingsoft Corporation., 1.2.2.1187]
    [D:\Program Files\Kingsoft\KSafe\ksafevul.dll]  [Kingsoft Corporation., 1.1.0.1027]
[PID: 2608 / DDgao][C:\Program Files\Chinatelecom C+W\C+WClient.exe]  [中国电信集团公司, 1.0.0.2]
    [C:\Program Files\Chinatelecom C+W\Language.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\Singleton.dll]  [N/A, ]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
    [C:\Program Files\Chinatelecom C+W\MsgHistory.dll]  [TODO: <公司名>, 1.0.0.1]
    [C:\Program Files\Chinatelecom C+W\ModFrwk.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\Deploy.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\HttpModule.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\Interface.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\ChinaTelecom DialManager\DialManage.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\Utils.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\DriverSetupPkg.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\UpdateManage.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\UpdateModule.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\UpdateUIModule.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\PinModule.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\TimesTotal.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\CdmaOperModule.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\CWCommander.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\TransMsg.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\CmptMan\CmptManModule.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\CmptMan\CmptManUI.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\viewmgr.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\AppDeploy.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\Roam\WlanRoamModule.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\Roam\WlanRoamModuleEx.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\Roam\roaming.dll]  [N/A, ]
    [C:\Program Files\Chinatelecom C+W\Roam\roaming2.dll]  [N/A, ]
    [C:\Program Files\Chinatelecom C+W\Roam\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL]  [Microsoft Corporation, 8.00.50727.4053]
    [C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL]  [Microsoft Corporation, 8.00.50727.4053]
特攻队2 - 2010-8-21 19:13:00
[C:\Program Files\Chinatelecom C+W\IMClient.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\ChinaTelecom DialManager\CTATMgrModule.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\ChinaTelecom DialManager\DriverSetup.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\ChinaTelecom DialManager\ClientCoexist.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\MyMessageBox.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\ErrorModule.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\ErrorSubmitModule.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\zlib.dll]  [, 1.1.3]
    [C:\Program Files\Chinatelecom C+W\InfoCenterModule.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\ListenNetErrorModule.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\MsgWnd.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\MktIntf.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\ChinaTelecom DialManager\VerifyBasic.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\ModBase_.dll]  [, 1, 2, 0, 1]
    [C:\Program Files\Chinatelecom C+W\CrashRpt.dll]  [, 3, 0, 2007, 117]
    [C:\Program Files\Chinatelecom C+W\EMailLib.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Chinatelecom C+W\MUdpNative.dll]  [, 1, 2, 9, 1120]
    [C:\Program Files\ChinaTelecom DialManager\CdmaDll.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\ChinaTelecom DialManager\AWIFI\WiFiMan.dll]  [Nicomsoft Ltd., 5.1.0.0]
    [C:\Program Files\ChinaTelecom DialManager\AWIFI\WifiClient.dll]  [TODO: <公司名>, 2.0.0.1]
    [C:\Program Files\ChinaTelecom DialManager\AWIFI\BroadCom.dll]  [TODO: <公司名>, 1.0.0.1]
    [C:\Program Files\ChinaTelecom DialManager\AWIFI\preflib.dll]  [N/A, ]
    [C:\Program Files\ChinaTelecom DialManager\UniWlan\ucwlib.dll]  [UTStarcom Inc., 2, 1, 0, 201]
    [C:\Program Files\ChinaTelecom DialManager\UniWlan\cl32.dll]  [Peter Gutmann, ]
    [C:\Program Files\ChinaTelecom DialManager\UniWlan\CDMAAPI.DLL]  [, 1, 0, 0, 1]
    [C:\Program Files\ChinaTelecom DialManager\AdslModule.dll]  [GDCN, 9, 8, 6, 9]
    [C:\Program Files\ChinaTelecom DialManager\ProxyDef.dll]  [, 10, 6, 18, 0]
    [C:\Program Files\Chinatelecom C+W\EKernel.dll]  [中国电信, 1.0.0.1]
    [C:\Program Files\Chinatelecom C+W\Service\AddressBook\AddressBook.dll]  [, 1.0.0.1]
    [C:\Program Files\Chinatelecom C+W\Service\ESms\ESms.dll]  [, 1.0.0.1]
    [C:\Program Files\Chinatelecom C+W\Service\ESms\xml_lib.dll]  [N/A, ]
    [C:\Program Files\Chinatelecom C+W\Service\ESms\util_lib.dll]  [N/A, ]
    [C:\Program Files\Chinatelecom C+W\Service\ESms\dataservice_lib.dll]  [N/A, ]
    [C:\Program Files\Chinatelecom C+W\Service\ESms\sqlite3.dll]  [N/A, ]
    [C:\Program Files\Chinatelecom C+W\Service\PassportLogin\PassportLogin.dll]  [中国电信, 1.0.0.1]
    [C:\Program Files\Chinatelecom C+W\WebSsoServer.dll]  [中国电信, 1.0.0.1]
    [C:\Program Files\天翼网盘\189DriveNSE.dll]  [世纪龙信息网络有限责任公司(WWW.21CN.COM), 1, 0, 1, 1]
    [C:\Program Files\Chinatelecom C+W\Cryptography.dll]  [中国电信, 1.0.0.1]
    [C:\Program Files\Chinatelecom C+W\EClientComm.dll]  [中国电信, 1.0.0.1]
    [C:\Program Files\Chinatelecom C+W\sip_client_dll.dll]  [N/A, ]
[PID: 3000 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3140 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3184 / SYSTEM][C:\Windows\system32\SearchIndexer.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3444 / SYSTEM][C:\Windows\system32\taskeng.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3800 / DDgao][C:\Program Files\Chinatelecom C+W\CWCleanTools.exe]  [N/A, ]
[PID: 3820 / DDgao][C:\Windows\system32\conime.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
[PID: 3844 / DDgao][C:\Program Files\Chinatelecom C+W\LoginAccount.exe]  [中数通信息有限公司, 1.0.0.1]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
[PID: 388 / DDgao][D:\热血传奇\mir.exe]  [SNDA, 1.3.0.105]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
    [C:\Windows\system32\Macromed\Flash\Flash10i.ocx]  [Adobe Systems, Inc., 10,1,82,76]
[PID: 3156 / DDgao][D:\热血传奇\mir1.dat]  [SNDA, 1.8.5.5612]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
    [D:\热血传奇\SpeakCore.dll]  [SNDA, 1.0.0.13]
    [D:\热血传奇\UDPDLL.dll]  [snda 盛大网络, 1.0.0.4]
    [D:\热血传奇\TalkEngine.dll]  [snda, 1.0.0.5]
    [D:\热血传奇\SDIdent.dll]  [盛大网络发展有限公司, 1, 0, 1, 5]
    [D:\热血传奇\SDError.dll]  [Shanda Interactive Entertainment Limited.(Nasdaq:SNDA)  http://www.snda.com, 0, 3, 0, 3]
    [D:\热血传奇\SDDynD04.dll]  [上海盛大网络发展有限公司, 1, 0, 4, 1]
    [C:\Windows\system32\nvd3dum.dll]  [NVidia Corporation, 7.15.10.9686]
    [D:\热血传奇\GameWidget.dll]  [SNDA, 0.9.0.203]
    [D:\热血传奇\gwCore.dll]  [SNDA, 0.9.1.246]
    [D:\热血传奇\WidgetData\SSOLib.dll]  [SNDA, 2, 9, 0, 0]
    [D:\热血传奇\WidgetData\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\Windows\system32\SOGOUPY.IME]  [Sogou.com Inc., 5.0.1.4192]
    [C:\Windows\system32\JPWB.IME]  [日月工作室, 4.00.950]
    [C:\Windows\system32\Macromed\Flash\Flash10i.ocx]  [Adobe Systems, Inc., 10,1,82,76]
[PID: 3632 / DDgao][D:\热血传奇\Dyntmp1.dat]  [N/A, ]
    [D:\热血传奇\SDDynD04.dll]  [上海盛大网络发展有限公司, 1, 0, 4, 1]
[PID: 3240 / DDgao][D:\Program Files\QQ\Bin\QQ.exe]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\Common.dll]  [Tencent, 1, 50, 1720, 0]
    [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.4053]
    [D:\Program Files\QQ\Bin\KernelUtil.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\GF.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\xGraphic32.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\AFUtil.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
    [D:\Program Files\QQ\Bin\LoginPanel.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\IM.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\TaskTray.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\AppUtil.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\TXPFProxy.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\BasicCtrlDll.dll]  [TENCENT, 8,0,773,1801]
    [D:\Program Files\QQ\Bin\MainFrame.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\AppFramework.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\SkinMgr.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.PayCenter\Bin\PayCenter.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.QQVipMisc\Bin\QQVipMisc.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.NetBar\Bin\NetBar.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.VAS\Bin\VAS.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.Wireless\Bin\Wireless.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.QQShow\Bin\QQShow.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.CRM\Bin\CRM.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.Soso\Bin\Soso.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.Advertisement\Bin\Advertisement.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.Memo\Bin\Memo.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.QQVip\Bin\QQVip.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.QQGame\Bin\QQGame.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.Mail\Bin\Mail.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll]  [Tencent, 1.50.1720.0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.SNSApp\Bin\SNSApp.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.WenWen\Bin\WenWen.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.QQPet\Bin\QQPet.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.QBar\Bin\QBar.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.qqwebsite\Bin\qqwebsite.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\Com.Tencent.bookmark\Bin\bookmark.dll]  [Tencent, 1, 50, 1720, 0]
    [C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll]  [Tencent, 1.2.1.10]
    [C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL]  [Tencent, 1.2.1.6]
    [D:\Program Files\QQ\Bin\AFCtrl.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\SystemMsg.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\ConfigCenter.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\ChatFrameApp.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\QInterLive.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\GroupApp.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\AppMisc.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\Contacts.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\InformationBox.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\ContactInfoFrame.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\WBlog.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\com.tencent.taotao\Bin\taotao.dll]  [Tencent, 1, 50, 1720, 0]
    [C:\Windows\system32\Macromed\Flash\Flash10i.ocx]  [Adobe Systems, Inc., 10,1,82,76]
    [D:\Program Files\QQ\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\MsgMgr.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\vqqsdl.dll]  [Tencent, 5, 0, 3, 24]
    [D:\Program Files\QQ\Plugin\com.tencent.today\Bin\Today.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Plugin\com.tencent.qqring\Bin\QQRing.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\LongCnn.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\CustomFace.dll]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\QQ\Bin\AddrSearch.dll]  [Tencent, 2, 3, 12, 11]
    [D:\Program Files\QQ\Bin\SoftUpgrade.dll]  [Tencent, 1.0 Beta1 Build 109]
[PID: 3676 / DDgao][D:\Program Files\QQ\Bin\TXPlatform.exe]  [Tencent, 1, 50, 1720, 0]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
    [D:\Program Files\QQ\Bin\TXPFProxy.dll]  [Tencent, 1, 50, 1720, 0]
[PID: 5152 / LOCAL SERVICE][C:\Windows\system32\WUDFHost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 5200 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3044 / SYSTEM][C:\Windows\system32\SearchProtocolHost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 3028 / NETWORK SERVICE][C:\Windows\system32\wbem\wmiprvse.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16830 (vista_gdr.090302-1506)]
[PID: 5816 / DDgao][D:\Program Files\xunlei\Program\Thunder.exe]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\Program\XLI18NEX.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 1]
    [D:\Program Files\xunlei\Program\libexpat.dll]  [N/A, ]
    [D:\Program Files\xunlei\Program\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [D:\Program Files\xunlei\Program\minizip.dll]  [N/A, ]
    [D:\Program Files\xunlei\Program\zlib1.dll]  [, 1.2.3]
    [D:\Program Files\xunlei\Program\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [D:\Program Files\xunlei\Program\XLBugHandler.dll]  [深圳市迅雷网络技术有限公司, 2, 1, 0, 8]
    [D:\Program Files\xunlei\Program\liblua.dll]  [N/A, ]
    [D:\Program Files\xunlei\Program\XLGraphic.dll]  [N/A, ]
    [D:\Program Files\xunlei\Program\libpng13.dll]  [, 1.2.38]
    [D:\Program Files\xunlei\Program\UACTool.dll]  [N/A, ]
    [D:\Program Files\xunlei\Program\XLLuaRuntime.dll]  [N/A, ]
    [D:\Program Files\xunlei\Program\MFC71U.DLL]  [Microsoft Corporation, 7.10.6101.0]
    [D:\Program Files\xunlei\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.6101.0]
    [D:\Program Files\xunlei\Program\sqlite3.dll]  [N/A, ]
    [D:\Program Files\xunlei\Program\mini_unzip_dll.dll]  [N/A, ]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
    [D:\Program Files\xunlei\Program\SkinEngine2.dll]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\Program\XLGUIPlatform.dll]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\Program\ThunderStorage.dll]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\Program\Thunders.dll]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\Program\download_interface.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 59]
    [D:\Program Files\xunlei\Program\UpdateCtrl.dll]  [深圳市迅雷网络技术有限公司, 2, 8, 2, 221]
    [D:\Program Files\xunlei\Program\DllNewTask.DLL]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\userdata\Components\Streamer\Streamer.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 0, 31]
    [D:\Program Files\xunlei\Program\XLNetU.dll]  [深圳市迅雷网络技术有限公司, 1, 5, 2, 25]
    [D:\Program Files\xunlei\Program\XLWebDownload.dll]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\Program\asyn_frame.dll]  [深圳市迅雷网络技术有限公司, 1, 4, 2, 41]
特攻队2 - 2010-8-21 19:13:00
[D:\Program Files\xunlei\Program\mp.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 7]
    [D:\Program Files\xunlei\Program\xl_client.dll]  [深圳市迅雷网络技术有限公司, 1, 11, 2, 29]
    [D:\Program Files\xunlei\Program\xl_data.dll]  [深圳市迅雷网络技术有限公司, 1, 11, 2, 29]
    [D:\Program Files\xunlei\Program\dl_peer_id.dll]  [深圳市迅雷网络技术有限公司, 3, 1, 2, 14]
    [D:\Program Files\xunlei\Program\xl_stat_client.dll]  [ShenZhen Thunder Networking Technologies Ltd., 1.1.0.32]
    [D:\Program Files\xunlei\Program\XLGUIDevEnv.dll]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\Program\GougouSearch.dll]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\Program\GBLCategory.dll]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\ComDlls\ThunderAgent5.9.25.1528.dll]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\userdata\Components\BaseCommunity\BaseCommunity.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 151]
    [D:\Program Files\xunlei\Program\libjpeg6b.dll]  [N/A, ]
    [D:\Program Files\xunlei\Program\giflib4.dll]  [N/A, ]
    [D:\Program Files\xunlei\Program\http.dll]  [深圳市迅雷网络技术有限公司, 1.0.2.15]
    [D:\Program Files\xunlei\Program\XLCP.dll]  [深圳市迅雷网络技术有限公司, 1.0.2.26]
    [D:\Program Files\xunlei\Program\XLUser.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 98]
    [D:\Program Files\xunlei\Program\BaseIM.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 14]
    [D:\Program Files\xunlei\Program\MsgBox.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 59]
    [D:\Program Files\xunlei\userdata\Components\ResWorker\DsXlCom.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 12]
    [D:\Program Files\xunlei\userdata\Components\ResWorker\DataProcessor_00.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 1, 6]
    [D:\Program Files\xunlei\userdata\Components\ResWorker\MediaWorker.dll]  [深圳市迅雷网络技术有限公司, 1, 2, 0, 23]
    [D:\Program Files\xunlei\userdata\Components\ResWorker\GSI.dll]  [深圳市迅雷网络技术有限公司, 1.0.0.1]
    [D:\Program Files\xunlei\userdata\Components\InMedia\MediaAddin.dll]  [深圳市迅雷网络技术有限公司, 3, 1, 7, 83]
    [D:\Program Files\xunlei\Program\FloatPanel.dll]  [深圳市迅雷网络技术有限公司, 5,9,25,1528]
    [D:\Program Files\xunlei\userdata\Components\Tips\TipsClient.dll]  [深圳市迅雷网络技术有限公司, 3, 0, 3, 159]
    [D:\Program Files\xunlei\userdata\Components\Tips\XLSkin.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 1, 4]
    [D:\Program Files\xunlei\Program\hoc.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 2]
    [D:\Program Files\xunlei\userdata\Components\InMedia\iEmbed.dll]  [深圳市迅雷网络技术有限公司, 3, 4, 12, 141]
    [D:\Program Files\xunlei\userdata\Components\InMedia\XLIPC.DLL]  [深圳市迅雷网络技术有限公司, 1, 0, 0, 4]
    [D:\Program Files\xunlei\userdata\Components\XLMiniGameAdapter\XLMiniGameAdapter.dll]  [深圳市迅雷网络技术有限公司, 1.0.0.236]
    [D:\Program Files\xunlei\userdata\Components\XLMiniGameAdapter\WinIPC.dll]  [深圳市迅雷网络技术有限公司, 1.0.0.6]
    [D:\Program Files\xunlei\userdata\Components\Despise\Despise.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 39]
    [D:\Program Files\xunlei\userdata\Components\Kankan\XMPPlugin.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 0, 54]
    [D:\Program Files\xunlei\userdata\Components\BandWidth\BandWidth.dll]  [深圳市迅雷网络技术有限公司, 1.0.0.14]
    [D:\Program Files\xunlei\userdata\Components\XLMediaCutter\XLMediaCutter.dll]  [深圳市迅雷网络技术有限公司, 4, 0, 0, 42]
    [C:\Windows\system32\Macromed\Flash\Flash10i.ocx]  [Adobe Systems, Inc., 10,1,82,76]
    [C:\Windows\system32\nvd3dum.dll]  [NVidia Corporation, 7.15.10.9686]
    [D:\Program Files\xunlei\userdata\Components\ThunderSoft\SoftUpdateNum.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 1, 3]
    [D:\Program Files\xunlei\userdata\Components\ThunderSoft\SoftManager.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 25]
    [D:\Program Files\xunlei\userdata\Components\ThunderSoft\Configure.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 8]
    [D:\Program Files\xunlei\userdata\Components\ThunderSoft\Update.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 8]
    [D:\Program Files\xunlei\userdata\Components\ThunderSoft\SoftIdentify.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 10]
    [D:\Program Files\xunlei\userdata\Components\ResWorker\USA.dll]  [深圳市迅雷网络技术有限公司, 1.0.0.8]
    [D:\Program Files\xunlei\Program\xl_cximage.dll]  [, 6, 0, 2, 3]
[PID: 5216 / DDgao][C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\ThunderService.exe]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 82]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\ATL71.DLL]  [Microsoft Corporation, 7.10.6101.0]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\XLBugHandler.dll]  [深圳市迅雷网络技术有限公司, 2, 1, 0, 8]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\download_engine.dll]  [深圳市迅雷网络技术有限公司, 3, 4, 2, 378]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\mp.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 7]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\XLCrypto.dll]  [N/A, ]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\UACTool.dll]  [N/A, ]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\UpdateCtrl.dll]  [深圳市迅雷网络技术有限公司, 2, 8, 2, 221]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\asyn_frame.dll]  [深圳市迅雷网络技术有限公司, 1, 4, 2, 41]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\backend_agent.dll]  [深圳市迅雷网络技术有限公司, 1, 1, 2, 40]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\zlib1.dll]  [, 1.2.3]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\ptl.dll]  [深圳市迅雷网络技术有限公司, 3, 2, 2, 90]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\dl_peer_id.dll]  [深圳市迅雷网络技术有限公司, 3, 1, 2, 14]
    [C:\Users\Public\Thunder Network\Thunder_A30B0AF7-D81B-464e-B4E4-4B6DF996FB46_\Components\DownloadLibDll\md_p_1.0.32\xl_stat.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 9]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\bt_kernel.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 51]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\p2p_upload.dll]  [深圳市迅雷网络技术有限公司, 1, 1, 2, 19]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\fs.dll]  [深圳市迅雷网络技术有限公司, 1, 1, 2, 23]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\stream.dll]  [深圳市迅雷网络技术有限公司, 2, 1, 2, 1124]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\p2p.dll]  [深圳市迅雷网络技术有限公司, 1, 1, 2, 113]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\p2sp.dll]  [深圳市迅雷网络技术有限公司, 1, 1, 2, 125]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\down_dispatcher.dll]  [深圳市迅雷网络技术有限公司, 1, 1, 2, 71]
    [C:\Users\Public\Thunder Network\Thunder_A30B0AF7-D81B-464e-B4E4-4B6DF996FB46_\Components\DownloadLibDll\md_p_1.0.32\member_stat.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 8]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\al.dll]  [深圳市迅雷网络技术有限公司, 1, 1, 2, 77]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\xlnet_manager.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 34]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\emule_shell.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 19]
    [C:\Users\Public\Thunder Network\Thunder_A30B0AF7-D81B-464e-B4E4-4B6DF996FB46_\Components\DownloadLibDll\md_p_1.0.32\dphubt.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 36]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\p2p_local_res.dll]  [深圳市迅雷网络技术有限公司, 1, 1, 2, 26]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\media_data.dll]  [深圳市迅雷网络技术有限公司, 1,0,2,11]
    [C:\Users\Public\Thunder Network\Thunder_A30B0AF7-D81B-464e-B4E4-4B6DF996FB46_\Components\DownloadLibDll\md_p_1.0.32\sl.dll]  [深圳市迅雷网络技术有限公司, 1,0,2,5]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\task_report.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 6]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\p2p_session_com.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 82]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\xl_data.dll]  [深圳市迅雷网络技术有限公司, 1, 11, 2, 29]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\liblua.dll]  [N/A, ]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\libexpat.dll]  [N/A, ]
    [C:\Users\Public\Thunder Network\Thunder_A30B0AF7-D81B-464e-B4E4-4B6DF996FB46_\Components\DownloadLibDll\md_p_1.0.32\emule_id.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 17]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\p2ptl2.dll]  [深圳市迅雷网络技术有限公司, 1, 2, 2, 14]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\p2p_cloud.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 24]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\module_downloader.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 16]
    [C:\Program Files\Common Files\Thunder Network\DS\Ver1\1.0.2.82\mini_unzip_dll.dll]  [N/A, ]
    [C:\Users\Public\Thunder Network\Thunder_A30B0AF7-D81B-464e-B4E4-4B6DF996FB46_\Components\DownloadLibDll\md_p_1.0.32\bd.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 22]
[PID: 3716 / SYSTEM][C:\Windows\system32\SearchFilterHost.exe]  [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)]
[PID: 1792 / DDgao][C:\Users\DDgao\AppData\Local\Temp\Temp1_sreng2.zip\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.2.1321]
[PID: 260 / DDgao][C:\Users\DDgao\AppData\Local\Temp\Temp1_sreng2.zip\SRE4376f86.EXE]  [Smallfrogs Studio, 2.8.2.1321]
    [D:\Program Files\Kingsoft\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.1.0.1037]
特攻队2 - 2010-8-21 19:13:00
文件关联
.TXT  Error. [C:\Windows\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["%SystemRoot%\hh.exe" %1]
.HLP  OK. [%SystemRoot%\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
::1            localhost

==================================
进程特权扫描
N/A

==================================
计划任务
[已启用] \\SogouImeMgr
        D:\SOGOUI~1\501~1.419\SGTool.exe --appid=pinyinrepair /S
[已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask
        BthUdTask.exe $(Arg0)
[已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask
        N/A
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask
        N/A
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
        N/A
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
        %SystemRoot%\System32\wsqmcons.exe
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\OptinNotification
        %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0
[已启用] \Microsoft\Windows\Defrag\ScheduledDefrag
        %windir%\system32\defrag.exe -c -i
[已启用] \Microsoft\Windows\MobilePC\HotStart
        N/A
[已启用] \Microsoft\Windows\MobilePC\TMM
        N/A
[已启用] \Microsoft\Windows\MUI\LPRemove
        %windir%\system32\lpremove.exe
[已启用] \Microsoft\Windows\Multimedia\SystemSoundsService
        N/A
[已启用] \Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
        N/A
[已启用] \Microsoft\Windows\Shell\CrawlStartPages
        N/A
[已禁用] \Microsoft\Windows\SystemRestore\SR
        %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1
        rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2
        rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
[已启用] \Microsoft\Windows\UPnP\UPnPHostConfig
        sc.exe config upnphost start= auto
[已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting
        %windir%\system32\wermgr.exe -queuereporting
[已启用] \Microsoft\Windows\Wired\GatherWiredInfo
        %windir%\system32\gatherWiredInfo.vbs
[已启用] \Microsoft\Windows\Wireless\GatherWirelessInfo
        %windir%\system32\gatherWirelessInfo.vbs

==================================
Windows 安全更新检查
KB929735,  Windows Vista 更新程序 (KB929735)
KB929763,  Windows Vista 更新程序 (KB929763)
KB931573,  Windows Vista 更新程序 (KB931573)
KB931099,  Windows Vista 更新程序 (KB931099)
KB936824,  Windows Vista 更新程序 (KB936824)
KB936825,  Windows Vista 更新程序 (KB936825)
KB933928,  Windows Vista 更新程序 (KB933928)
KB938194,  Windows Vista 更新程序 (KB938194)
KB938979,  Windows Vista 更新程序 (KB938979)
KB941651,  用于 Windows Vista 的更新程序 (KB941651)
KB937077,  Windows Vista 更新程序 (KB937077)
KB941649,  Windows Vista 更新程序 (KB941649)
KB941600,  用于 Windows Vista 的更新程序 (KB941600)
KB943899,  用于 Windows Vista 的更新程序 (KB943899)
KB946041,  Windows Vista 更新程序 (KB946041)
KB937287,  Windows Vista 更新程序 (KB937287)
KB950974,  Windows Vista 更新程序 (KB950974) MS08-049
KB959130,  Windows Vista 更新程序 (KB959130)
KB959108,  Windows Vista 更新程序 (KB959108)
KB957321,  Windows Vista 更新程序 (KB957321)
KB951847,  Microsoft .NET Framework 3.5 Service Pack 1 (KB951847) x86 语言包
KB963707,  用于 .NET Framework Assistant 1.0 x86 的 .NET Framework 3.5 Service Pack 1 更新程序 (KB963707)
KB972036,  Windows Vista 更新程序 (KB972036)
KB974467,  用于 Windows Vista 的 Microsoft .NET Framework 2.0 Service Pack 2 安全更新程序 (KB974467) MS09-061
KB972145,  Windows Vista 更新程序 (KB972145)
KB976470,  Windows Vista 更新程序 (KB976470)
KB970430,  Windows Vista 更新程序 (KB970430)
KB971737,  Windows Vista 更新程序 (KB971737)
KB975929,  Windows Vista 更新程序 (KB975929)
KB979099,  Update for Rights Management Services Client for Windows Vista (KB979099)

==================================
API HOOK
入口点错误:CreateProcessA (危险等级: 高,  被下面模块所HOOK: 0x018302F1)
入口点错误:CreateProcessW (危险等级: 高,  被下面模块所HOOK: 0x018402F1)
入口点错误:ShellExecuteExW (危险等级: 高,  被下面模块所HOOK: 0x018902F1)
入口点错误:ShellExecuteW (危险等级: 高,  被下面模块所HOOK: 0x018802F1)

==================================
隐藏进程
N/A

==================================


[/CODE]
kingyan - 2010-8-21 21:25:00
.......这样子发日志断开后没法看呀,把日志作为附件发上来吧,或者直接短消息联系我。
天鹰之翼 - 2010-8-21 21:55:00
请把日志作为附件发上来,这样你发的也累,我们看得也累:kaka6: 。
1.建议楼主把以下文件传到http://www.virscan.org看看有没问题
有问题的话建议使用费 尔.rar工具(内附说明)删除,删除前勾选“删除前备份”。

C:\windows\system32\drivers\blbdrive.sys
c:\users\ddgao\appdata\local\temp\cpuz134_x32.sys

下面系统文件有可能被感染或替换,建议用可牛系统急救箱进行系统文件修复!
下载地址:http://dl.sd.keniu.com/killer/SysFixBox.exe
C:\windows\system32\drivers\ipinip.sys
C:\windows\system32\drivers\nwlnkflt.sys
C:\windows\system32\drivers\nwlnkfwd.sys

2.删除重启后使用SREng修复下面各项:

    启动项目 -- 服务-- 驱动程序之如下项禁用:
[blbdrive / blbdrive]    <\SystemRoot\system32\drivers\blbdrive.sys>
[cpuz134 / cpuz134]    <\??\C:\Users\DDgao\AppData\Local\Temp\cpuz134_x32.sys>

我应该如何上传附件
http://bbs.ikaka.com/showtopic-8417665.aspx#3516741
承德小涛 - 2010-8-22 19:15:00
VISTA是微软很失败的一个作品,我曾经就因为是机器附带的正版VISTA,没舍得换,结果弄的我8000的本比他们4000的本还要卡,换了XP之后简直就是2个电脑,楼主的日志没看出什么大毛病,如果楼主用的是HOME BASIC的版本的话,建议楼主还是换系统吧,VISTA很不稳定,经常死机,或者就是各种未响应
超级游戏迷 - 2010-8-25 13:44:00
未发现异常进程和注册表项。

8楼的回复建议再查证下……
特攻队2 - 2010-10-16 19:09:00
恩,我已经换了,确实很不问题,经常死机。
1
查看完整版本: vista系统很不稳定帮帮看看扫描日志。