瑞星卡卡安全论坛技术交流区反病毒/反流氓软件论坛 请帮我看看日志是否有病毒木马???

12   1  /  2  页   跳转

[求助] 请帮我看看日志是否有病毒木马???

请帮我看看日志是否有病毒木马???

开机时瑞星提示:“已阻止NOTEPAD。EXE。。。恶意操作。。。”
请帮我看看日志是否有病毒木马???谢谢!

[CODE]
2012-03-19,18:47:04
System Repair Engineer 2.8.4.1331 Emergency Scan Mode
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 3 (Build 2600)
以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描
    计划任务
    Windows 安全更新检查

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Component Publisher]
    <rulestarter><%systemroot%\system32\RTRsca.exe>  [C-Eagle[冷鹰安全防御团队]]
    <rulestarter2><%systemroot%\system32\rulestarter.exe>  [C-Eagle]
    <aliim><F:\旺旺\AliIM.exe /run:auto>  [(Verified)TaoBao(china) Software Co., Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <wdcertm_ccb><C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe>  [ Beijing WatchData System Co., Ltd.]
    <CCBCertificate><C:\Program Files\CCBComponents\DMWZ\CCBCertificate.exe>  []
    <StartCCC><"C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun>  [File is missing]
    <RavTRAY><"D:\Rising\RAV\RSTRAY.EXE" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <RFWTRAY><"E:\Rising\RFW\RSTRAY.EXE" -system>  [(Verified)Beijing Rising Information Technology Corporation Limited]
    <HDAudDeck><C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1>  [File is missing]
    <ACPW05EN><; "F:\工具软件\ACDSee Pro\ACDSeeProInTouch2.exe" /pid ACPW05EN>  [File is missing]
    <EOL Local Server><; "C:\OnlineExam\LocalServer.exe">  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
    <ineax><C:\seup.exe>  [(Verified)Sogou.com]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
    <WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <Internet Explorer 版本更新><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
    <Browser Customizations><"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
    <浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <BaofengPlatform><; "F:\工具软件\Baofeng\StormPlayer\BaofengPlatform.exe" /autorun>  [(Verified)北京暴风网际]
    <DriverGenius><; D:\DriverGenius2011\DriverGenius.exe -static>  [(Verified)Mydrivers Information Technology Co., Ltd (ZhengZhou)]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Grid Service><; "C:\Program Files\GridService\peer.exe" -n Grid>  [FS2YOU]
    <kugou><; "F:\工具软件\kugoo\KuGoo.exe" min>  [File is missing]
    <KuGou7><; "C:\Program Files\KuGou7\KuGou7.exe" -Mini>  [(Verified)Guangzhou Kugou Computer Technology Co., Ltd.]
    <PPS Accelerator><; F:\工具软件\PPStream\ppsap.exe>  [(Verified)SHANGHAI ZHONGYUAN NETWORKS LIMITED]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <QvodTerminal><; "H:\QvodPlayer\QvodTerminal.exe" -autorun>  [(Verified)Shenzhen QVOD Technology Co.,Ltd]
    <RSATRAY><; "C:\Program Files\Rising\RSA\tray.exe" -system>  [File is missing]
    <Stormtray><; F:\工具软件\STORM2~1.06\Stormtray.exe /Start>  [File is missing]
    <ultra_videoconverter><; C:\Program Files\Aabaf\Ouyd.exe /ultra_videoconverter>  [File is missing]
    <USBKeyTools.exe><; C:\Program Files\CCBComponents\HDZB\USBKeyTools.exe>  [北京华大智宝电子系统有限公司]
    <Xdict><; F:\工具软件\PowerWord2011.50000.5000\PowerWordPE\Xdict.exe auto_run>  [File is missing]

==================================
启动文件夹
[宽带连接]
  <C:\Documents and Settings\lenovo\「开始」菜单\程序\启动\宽带连接.lnk -->  [File is missing]><N>

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Help and Support / helpsvc][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
[HDZB Comm Service For V2.0 / HZ_CommSrv][Running/Auto Start]
  <C:\WINDOWS\system32\HZ_CommSrv.exe><华大智宝电子系统有限公司>
[VIA Karaoke digital mixer Service / KaraokeService][Running/Auto Start]
  <C:\WINDOWS\system32\KaraokeSer.exe><VIA Technologies, Inc.>
[PIPIStartSvr / PIPIStartSvr][Stopped/Disabled]
  <C:\Program Files\pipi\PIPIStartSvr.exe><(File is missing)>
[Rsd Service / RsMgrSvc][Running/Auto Start]
  <"C:\Program Files\Rising\RSD\RsMgrSvc.exe"><Beijing Rising Information Technology Co., Ltd.>
[Rav Service / RsRavMon][Running/Auto Start]
  <"D:\Rising\RAV\RavMonD.exe"><Beijing Rising Information Technology Co., Ltd.>
[RFW Service / RsRFWMon][Running/Auto Start]
  <"E:\Rising\RFW\RavMonD.exe"><Beijing Rising Information Technology Co., Ltd.>
[ServiceLayer / ServiceLayer][Stopped/Disabled]
  <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia>
[System Restore Service / srservice][Stopped/Disabled]
  <C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\srsvc.dll><N/A>
[WatchData ccb V3.2 / WDMonitorCCB][Running/Auto Start]
  <C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe><Beijing WatchData System Co., Ltd.>
[webboost / webboost][Running/Auto Start]
  <"C:\Program Files\Rising\RSE\webboost.exe"><Beijing Rising Information Technology Co., Ltd.>


==================================
驱动程序
[amdide / amdide][Running/Boot Start]
  <\SystemRoot\system32\drivers\amdide.sys><Advanced Micro Devices>
[AMD HwPState Processor Driver / AmdPPM][Running/System Start]
  <system32\DRIVERS\AmdPPM.sys><Advanced Micro Devices>
[Apaidi / Apaidi][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\Apaidi.sys><N/A>
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[ATI Function Driver for HD Audio Service / AtiHDAudioService][Stopped/Manual Start]
  <system32\drivers\AtihdXP3.sys><ATI Technologies, Inc.>
[ComputerZ / ComputerZ][Stopped/Manual Start]
  <\??\F:\工具软件\Ludashi\ComputerZ.sys><360.cn>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[hooksys / hooksys][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\Hooksys.sys><Beijing Rising Information Technology Co., Ltd.>
[HookTdi / HookTdi][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\HookTdi.sys><Beijing Rising Information Technology Co., Ltd.>
[HpqKbFilter Driver / HpqKbFiltr][Running/Manual Start]
  <system32\DRIVERS\HpqKbFiltr.sys><Hewlett-Packard Development Company, L.P.>
[HyperVM / HyperVM][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\hvm.sys><Beijing Rising Information Technology Co., Ltd.>
[NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller / L1c][Running/Manual Start]
  <system32\DRIVERS\l1c51x86.sys><Atheros Communications, Inc.>
[Nokia USB Phone Parent Driver / nmwcd][Stopped/Manual Start]
  <system32\drivers\ccdcmb.sys><Nokia>
[Nokia USB Communication Driver / nmwcdc][Stopped/Manual Start]
  <system32\drivers\ccdcmbo.sys><Nokia>
[PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start]
  <system32\DRIVERS\pccsmcfd.sys><Nokia>
[AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start]
  <system32\DRIVERS\pcntpci5.sys><AMD Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[rfwaf / rfwaf][Running/Auto Start]
  <\??\E:\Rising\RFW\rfwaf.sys><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwARP Driver / RFWARP][Running/Auto Start]
  <system32\DRIVERS\rfwarp.sys><Beijing Rising Information Technology Co., Ltd.>
[Rising RfwNdis Driver / RFWNDIS][Running/Manual Start]
  <system32\DRIVERS\rfwndis.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Running/Auto Start]
  <\??\E:\Rising\RFW\rfwtdi.sys><Beijing Rising Information Technology Co., Ltd.>
[rsd protect / rsdsys][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\protreg.sys><Beijing Rising Information Technology Co., Ltd.>
[rsfwdrv / rsfwdrv][Running/Auto Start]
  <\??\E:\Rising\RFW\rsfwdrv.sys><Beijing Rising Information Technology Co., Ltd.>
[Service for HDMI / RTHDMIAzAudService][Running/Manual Start]
  <system32\drivers\RtKHDMI.sys><Realtek Semiconductor Corp.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SMBALI / SMBALI][Stopped/System Start]
  <system32\DRIVERS\SMBALI.sys><N/A>
[SMBHC / SMBHC][Stopped/System Start]
  <system32\DRIVERS\SMBHC.sys><N/A>
[System Restore Filter Driver / SR][Stopped/Disabled]
  <system32\DRIVERS\sr.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[upperdev / upperdev][Stopped/Manual Start]
  <system32\DRIVERS\usbser_lowerflt.sys><Nokia>
[UsbserFilt / UsbserFilt][Stopped/Manual Start]
  <system32\DRIVERS\usbser_lowerfltj.sys><Nokia>
[VIA High Definition Audio Driver Service / VIAHdAudAddService][Running/Manual Start]
  <system32\drivers\viahduaa.sys><VIA Technologies, Inc.>
[YLMF Virtual Diskette V1 / YLMFVDISK][Running/Auto Start]
  <system32\drivers\VirtDisk.sys><N/A>

用户系统信息:Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.1)
最后编辑liliok 最后编辑于 2012-03-20 12:53:50
分享到:
gototop
 

回复:请帮我看看日志是否有病毒木马???

==================================
浏览器加载项
[Tencent Browser Helper]

  {43A497FF-2B6A-5F99-6514-EA9C6B592B6A} <C:\Program Files\TENCENT\SSPlus\SAddr.dll, (Signed) 腾讯>

[Netease MailAssist Helper]

  {6bc7458e-b80e-4b79-8aa8-04d56fb51067} <C:\Program Files\Netease\Netease MailAssist\Internet Explorer\MailAssist.dll, (Signed) NetEase.com,Inc>

[QvodExtend]

  {A8502600-B272-4F68-A67B-A0305D46D297} <H:\QvodPlayer\QvodExtend.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>

[信息检索(&R)]

  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <D:\office\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>

[赛飞OA-OFFICE文档控件]

  {01DFB4B4-0E07-4E3F-8B7A-98FD6BFF153F} <C:\WINDOWS\Downloaded Program Files\OfficeControl.ocx, N/A>

[QQCertificateCtrl Class]

  {BAEA0695-03A4-43BB-8495-C7025E1A8F42} <C:\Program Files\Common Files\tencent\paycenter\qqcert.dll, (Signed) Tencent>

[]

  {E1849EE3-AC12-42E8-BC2C-D15D0F7CCD4A} <, >

[ADODB.Recordset]

  {00000535-0000-0010-8000-00AA006D2EA4} <C:\Program Files\Common Files\System\ado\msado15.dll, (Signed) Microsoft Corporation>

[赛飞OA-OFFICE文档控件]

  {01DFB4B4-0E07-4E3F-8B7A-98FD6BFF153F} <C:\WINDOWS\Downloaded Program Files\OfficeControl.ocx, N/A>

[PlayCtrl Class]

  {02E2D748-67F8-48B4-8AB4-0A085374BB99} <H:\BaiduPlayer\1.0.28.52\Xbdyy.dll, N/A>

[FoxitReaderOCX Control]

  {05563215-225C-45EB-BB34-AFA47217B1DE} <C:\PROGRA~1\FOXITS~1\FOXITR~1\plugins\FOXITR~1.OCX, (Signed) Foxit Corporation>

[]

  {08D512D2-7D97-4E22-B7DB-82791106C086} <, >

[Player Class]

  {11F2A418-94B2-4e16-9B0C-B00C0435F903} <F:\QQ直播\LiveMedia.dll, (Signed) Tencent>

[KuGoo3Down Control]

  {162AF25B-5A2A-448E-A842-194653EF3E05} <C:\PROGRA~1\KuGou7\KUGOO3~1.OCX, (Signed) 广州酷狗计算机科技有限公司>

[Fade]

  {16B280C5-EE70-11D1-9066-00C04FD9189D} <C:\WINDOWS\system32\Dxtmsft.dll, (Signed) Microsoft Corporation>

[Windows Genuine Advantage Validation Tool]

  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.dll, (Signed) Microsoft Corporation>

[]

  {1A3440C6-F123-4CAB-84EE-C814E1AE0D8F} <, >

[WWPicUploadCtrl Class]

  {1D63232D-4F15-4A42-890D-EE617AA1537D} <F:\旺旺\modules\1685\WWPictureUpload.dll, (Signed) Alibaba software (Shanghai) Corporation>

[InstallHelper Class]

  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <C:\WINDOWS\system32\MMInstaller.dll, (Signed) Tencent>

[iTrusPTA Class]

  {1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\aliedit\2.4.0.5\pta.dll, (Signed) iTruschina Co., Ltd.>

[InfoScan Control]

  {1F14548F-6975-40F1-AE24-6E2D1D449B2F} <C:\PROGRA~1\CCBCOM~1\Detector\InfoScan.dll, CCB>

[Windows Media Player]

  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, (Signed) Microsoft Corporation>

[HTML Document]

  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>

[SSOLoginCtrl Class]

  {26C3F8B0-0217-46A1-AB2D-A1B494E71402} <F:\旺旺\AliIMSSOLogin.dll, (Signed) 阿里巴巴(中国)有限公司>

[XML DOM Document]

  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>

[DHTML Edit Control Safe for Scripting for IE5]

  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>

[IETag Factory]

  {38481807-CA0E-42D2-BF39-B33AF135CC4D} <C:\PROGRA~1\COMMON~1\MICROS~1\SMARTT~1\IETAG.DLL, (Signed) Microsoft Corporation>

[]

  {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} <, >

[XML Document]

  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>

[EditCtrl Class]

  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\2.4.0.5\aliedit.dll, (Signed) >

[]

  {528D9365-F531-4A73-82B1-DC54B7DD692D} <, >

[Shell Name Space]

  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>

[UDiskAgentObj Control]

  {58C094A4-645C-4CB3-B4AB-FEAEF6C84D7A} <C:\PROGRA~1\115\UDown\UDOWNA~2.DLL, (Signed) >

[SetupCtrl Class]

  {5C4500A9-0BE9-434E-B807-118E6E5EA3B6} <C:\WINDOWS\Downloaded Program Files\655368\SetupAx.dll, N/A>

[WangWangX Class]

  {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} <F:\旺旺\AliIMX.dll, (Signed) >

[QQLiveOcx Class]

  {5EF7B131-C278-4034-BC88-2CE28B128681} <F:\QQ直播\LiveOcx\LiveOcx.dll, (Signed) Tencent>

[WUWebControl Class]

  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>

[QQLiveFile Class]

  {6B232760-90F1-41c3-9902-C8552C1D8A72} <F:\QQ直播\LiveOcx\FileVersion.dll, (Signed) Tencent>

[Windows Media Player]

  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>

[MUWebControl Class]

  {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>

[CertEnroll Class]

  {7978461C-CC22-48F2-BC69-02220D3E101D} <C:\WINDOWS\system32\aliedit\2.4.0.5\itrusenroll.dll, (Signed) iTruschina Co., Ltd.>

[QvodShare Class]

  {7C6D5EE5-C859-4B49-8F7B-DE0927D1C3E9} <H:\QvodPlayer\ShareModule.dll, (Signed) TODO: <公司名>>

[Peer Adapter]

  {80E18282-3716-48CA-B50C-F7B7F6A32791} <, >

[]

  {87515F61-A66C-4319-A0E0-D416CB8059E3} <, >

[Microsoft Web Browser]

  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>

[XML DOM Document 5.0]

  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, (Signed) Microsoft Corporation>

[XML DOM Document 6.0]

  {88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>

[XML HTTP 6.0]

  {88D96A0A-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>

[CEBViewer Control]

  {898BAE86-7986-4177-B17F-B9D23C53649C} <C:\Program Files\协同办公客户端组件\apabi client\CEBViewer.ocx, founder>

[]

  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >

[]

  {95B3F550-91C4-4627-BCC4-521288C52977} <, >

[]

  {A8DC7D60-AD8F-491E-9A84-8FF901E7556E} <, >

[Netease MailAssist Factory]

  {A8E975F8-E5E3-4D78-AA9A-381CF4F038F7} <C:\Program Files\Netease\Netease MailAssist\Internet Explorer\MailAssist.dll, (Signed) NetEase.com,Inc>

[]

  {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} <, >

[]

  {AE460AD7-D678-43BB-B4DF-394B2D0C4E52} <, >

[QQCertificateCtrl Class]

  {BAEA0695-03A4-43BB-8495-C7025E1A8F42} <C:\Program Files\Common Files\tencent\paycenter\qqcert.dll, (Signed) Tencent>

[InfosecCCBNetSign Class]

  {BC96F5A4-C930-4226-ADAB-59349AE585E9} <C:\Program Files\CCBComponents\Detector\CCBNetSignCom.dll, (Signed) Infosec Technologies Co., Ltd.>

[FTNUpload Class]

  {BDEACC50-F56D-4D60-860F-CF6ED1766D65} <C:\Program Files\Common Files\Tencent\TXFTN\TXFTNActiveX1.13.dll, (Signed) Tencent>

[CheckReader Class]

  {C9E75CAD-ACA5-4074-81CC-5448FCCFE987} <C:\Program Files\Founder\Apabi Reader 3.0\Check.dll, >

[AUDIO__MP3 Moniker Class]

  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>

[AUDIO__WAV Moniker Class]

  {CD3AFA7B-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>

[AUDIO__X_MS_WMA Moniker Class]

  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>

[VIDEO__X_MS_ASF Moniker Class]

  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>

[VIDEO__X_MS_WMV Moniker Class]

  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>

[WDCCBCtrl Class]

  {CE0460F5-48BD-4DC1-A046-0BDCB5A06CEB} <C:\WINDOWS\system32\wdccb.dll, (Signed) >

[iTudouAgent.CompCls]

  {CF223950-14DC-4A1D-AEDB-47C356A8B993} <F:\工具软件\iTudou\ITUDOU~1.DLL, (Signed) 土豆网>

[Microsoft Url Search Hook]

  {CFBFAE00-17A6-11D0-99CB-00C04FD64497} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>

[]

  {D18A0B52-D63C-4ED0-AFC6-C1E3DC1AF43A} <, >

[Shockwave Flash Object]

  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10i.ocx, (Signed) Adobe Systems, Inc.>

[QQLive Class]

  {D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62} <F:\QQ直播\LiveAPI.dll, (Signed) Tencent>

[Tencent SearchHook]

  {DB8B2393-7A6C-4C76-88CE-6B1F6FF6FFE9} <C:\Program Files\TENCENT\SSPlus\SAddr.dll, (Signed) 腾讯>

[]

  {DD5BF6D1-6663-47E0-9DFA-5C343CAF178E} <, >

[Microsoft Silverlight]

  {DFEAF541-F3E1-4C24-ACAC-99C30715084A} <C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll, (Signed)  Microsoft Corporation>

[PlayerCtrl Class]

  {E05BC2A3-9A46-4A32-80C9-023A473F5B23} <C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>

[]

  {E1849EE3-AC12-42E8-BC2C-D15D0F7CCD4A} <, >

[]

  {E2E2DD38-D088-4134-82B7-F2BA38496583} <, >

[QQPasswordCtrl Class]

  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\Program Files\Common Files\tencent\paycenter\qqedit.dll, (Signed) Tencent>

[GetPcSn Class]

  {E9535769-DE27-4E6B-8648-3E65AAAB31DA} <E:\游戏\iGame\CgActiveXOcx.ocx, SZWY>

[SSOForPTLogin2 Class]

  {EAAED308-7322-4B9B-965E-171933ADD473} <C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.20\Bin\SSOAxCtrlForPTLogin.dll, (Signed) >

[TimwpDll.TimwpCheck]

  {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <C:\PROGRA~1\Tencent\QQ\Bin\Timwp.dll, (Signed) Tencent>

[XML HTTP Request]

  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>

[]

  {EEA17418-02F2-4278-B6B4-E9ED642CE26A} <, >

[PPLive Lite Class]

  {EF0D1A14-1033-41A2-A589-240C01EDC078} <C:\Program Files\Internet Explorer\PPLite\plugin\pplugin2.dll, (Signed) >

[QvodCtrl Class]

  {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <H:\QvodPlayer\npQvodInsert.dll, (Signed) Shenzhen QVOD Technology Co.,Ltd>

[XML DOM Document 3.0]

  {F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>

[XML HTTP 3.0]

  {F5078F35-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>

[AxPlayer Class]

  {F587310D-5306-494D-87E2-88334B46E781} <F:\工具软件\Baofeng\StormPlayer\webplayer\PlayerShell.dll, (Signed) 北京暴风科技股份有限公司>

[XML DOM Document]

  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>

[XML HTTP]

  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation>

[QQLiveOcxShell Class]

  {F7E55BDF-9528-46ba-B550-777859627591} <F:\QQ直播\LiveOcx\LiveOcx.dll, (Signed) Tencent>

[webmod Class]

  {FEE3C8C5-9BEA-4079-AB36-63ECABFC7392} <C:\WINDOWS\system32\aliedit\2.4.0.5\alidcp.dll, (Signed) Alipay.com Co.,Ltd>

[&D&ownload &with BitComet]

  <res://F:\工具软件\BitComet_1.27\BitComet.exe/AddLink.htm, N/A>

[&D&ownload all with BitComet]

  <res://F:\工具软件\BitComet_1.27\BitComet.exe/AddAllLink.htm, N/A>

[&使用115优蛋下载]

  <C:\Program Files\115\UDown\getUrl.htm, N/A>

[&使用115优蛋下载全部链接]

  <C:\Program Files\115\UDown\getAllUrl.htm, N/A>

[导出到 Microsoft Office Excel(&X)]

  <res://D:\office\OFFICE11\EXCEL.EXE/3000, N/A>



==================================
正在运行的进程


[PID: 920 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]



[PID: 984 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]



[PID: 1024 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4179]

    [C:\WINDOWS\system32\atiadlxx.dll]  [Advanced Micro Devices, Inc., 6.14.10.1061]



[PID: 1068 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5922 (xpsp_sp3_qfe.091223-1723)]



[PID: 1080 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 1260 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4254]

    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2514]

    [C:\WINDOWS\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2563]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 1280 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 1356 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 1532 / SYSTEM][C:\Program Files\Rising\RSD\RsMgrSvc.exe]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.38]

    [C:\Program Files\Rising\RSD\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]

    [C:\Program Files\Rising\RSD\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 1552 / SYSTEM][D:\Rising\RAV\RavMonD.exe]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 14]

    [D:\Rising\RAV\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 23]

    [D:\Rising\RAV\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.8]

    [D:\Rising\RAV\scansrvp.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]

    [D:\Rising\RAV\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]

    [D:\Rising\RAV\moncomm.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.3]

    [D:\Rising\RAV\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]

    [D:\Rising\RAV\Rslog.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.26]

    [D:\Rising\RAV\RsStore.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]

    [D:\Rising\RAV\mondrvd.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11]

    [D:\Rising\RAV\defmon.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 62]

    [D:\Rising\RAV\moncom08.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]

    [D:\Rising\RAV\taskplug.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]

    [D:\Rising\RAV\mondrvm.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]

    [D:\Rising\RAV\MonRule.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 33]

    [D:\Rising\RAV\FileMon.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 34]

    [D:\Rising\RAV\MailMon.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 56]

    [D:\Rising\RAV\rsindent.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.1.0]

    [D:\Rising\RAV\cnt08.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [D:\Rising\RAV\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]

    [D:\Rising\RAV\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]

    [D:\Rising\RAV\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]

    [D:\Rising\RAV\Hooksys.dll]  [Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 8]

    [D:\Rising\RAV\ProcCom.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]

    [D:\Rising\RAV\RsCommX2.dll]  [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]

    [D:\Rising\RAV\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]

    [D:\Rising\RAV\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]

    [D:\Rising\RAV\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]

    [D:\Rising\RAV\hookTdi.dll]  [Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 9]

    [D:\Rising\RAV\BACore.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 99]

    [D:\Rising\RAV\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]

    [D:\Rising\RAV\bawhite.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]

    [D:\Rising\RAV\ScanAdd.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.31]

    [D:\Rising\RAV\Scanner.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 70]

    [D:\Rising\RAV\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12]

    [D:\Rising\RAV\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]

    [D:\Rising\RAV\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]

    [D:\Rising\RAV\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]

    [D:\Rising\RAV\ScanSrv.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 17]

    [D:\Rising\RAV\scanpe.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 30]

    [D:\Rising\RAV\pearc.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]

    [D:\Rising\RAV\engext.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 33]

    [D:\Rising\RAV\vmicore.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 19]

    [D:\Rising\RAV\ffr.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]

    [D:\Rising\RAV\nvfile.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7]

    [D:\Rising\RAV\scantj.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 9]

    [D:\Rising\RAV\extsfx.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 9]

    [D:\Rising\RAV\scanexec.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]

    [D:\Rising\RAV\unexe.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 0]

    [D:\Rising\RAV\scanex.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 13]

    [D:\Rising\RAV\scansct.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]

    [D:\Rising\RAV\ur029.dat]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2]

    [D:\Rising\RAV\extarch.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 15]

    [D:\Rising\RAV\extcomp.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6]

    [D:\Rising\RAV\extole.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2]
gototop
 

回复:请帮我看看日志是否有病毒木马???

[PID: 1588 / SYSTEM][E:\Rising\RFW\RavMonD.exe]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 14]

    [E:\Rising\RFW\combase.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 23]

    [E:\Rising\RFW\cnt09.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]

    [E:\Rising\RFW\MonBase.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]

    [E:\Rising\RFW\MonComm.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.3]

    [E:\Rising\RFW\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.8]

    [E:\Rising\RFW\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]

    [E:\Rising\RFW\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]

    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]

    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]

    [E:\Rising\RFW\rfwsrv.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.99]

    [E:\Rising\RFW\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]

    [E:\Rising\RFW\mPorts.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]

    [E:\Rising\RFW\rfwdrvc.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.37]

    [E:\Rising\RFW\fishweb.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 26]

    [E:\Rising\RFW\rsindent.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.1.0]

    [E:\Rising\RFW\taskplug.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]

    [E:\Rising\RFW\rfwPgDef.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]

    [E:\Rising\RFW\proccomm.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]

    [E:\Rising\RFW\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]

    [E:\Rising\RFW\Rfwdrv.dll]  [Beijing Rising Information Technology Co., Ltd., 25.0.0.8]

    [E:\Rising\RFW\RfwArp.dll]  [Beijing Rising Information Technology Co., Ltd., 25.0.0.1]

    [E:\Rising\RFW\urlrule.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]

    [E:\Rising\RFW\recomp.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12]

    [E:\Rising\RFW\refs.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]

    [E:\Rising\RFW\viruslib.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8]

    [E:\Rising\RFW\relibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]

    [E:\Rising\RFW\rfwproxy.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 80]

    [E:\Rising\RFW\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]

    [E:\Rising\RFW\fwfish.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]

    [E:\Rising\RFW\fwcomp.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11]

    [E:\Rising\RFW\fwfs.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]

    [E:\Rising\RFW\fwvirlib.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5]

    [E:\Rising\RFW\fwlibldr.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]

    [E:\Rising\RFW\rstask.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7]

    [E:\Rising\RFW\rsstub.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [E:\Rising\RFW\urllib.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1]



[PID: 1620 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 1668 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 1912 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 1976 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4254]

    [C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2514]

    [C:\WINDOWS\system32\atipdlxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2563]

    [C:\WINDOWS\system32\ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4179]

    [C:\WINDOWS\system32\atiadlxx.dll]  [Advanced Micro Devices, Inc., 6.14.10.1061]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 248 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.6024 (xpsp_sp3_gdr.100817-1626)]

    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 1304 / lenovo][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5634 (xpsp_sp3_qfe.080703-1303)]

    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C:\Documents and Settings\lenovo\Application Data\115\Box\Sync115Ext.dll]  [广东雨林木风计算机科技有限公司, 1.0.0.2]

    [F:\工具软件\Baofeng\StormPlayer\ShellMenu.dll]  [北京暴风科技股份有限公司, 5.9.118.0]



[PID: 1684 / SYSTEM][C:\WINDOWS\system32\HZ_CommSrv.exe]  [华大智宝电子系统有限公司, 1, 2, 0, 1]



[PID: 1744 / SYSTEM][C:\WINDOWS\system32\KaraokeSer.exe]  [VIA Technologies, Inc., 0, 1, 0, 0]



[PID: 1808 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 1840 / SYSTEM][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDKeyMonitorCCB.exe]  [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0]

    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll]  [Watchdata, 2, 1, 1, 40]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 1856 / SYSTEM][C:\Program Files\Rising\RSE\webboost.exe]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.14]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 1240 / lenovo][C:\Program Files\Rising\RSD\popwndexe.exe]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.5]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C:\Program Files\Rising\RSD\rsdk.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.2]

    [C:\Program Files\Rising\RSD\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 1.0.0.30]



[PID: 1288 / lenovo][C:\seup.exe]  [Sogou.com, 1, 0, 0, 1]

    [C:\HWSig.dll]  [360.cn, 4, 0, 0, 1150]



[PID: 696 / lenovo][C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDCertM_CCB.exe]  [ Beijing WatchData System Co., Ltd., 3, 2, 0, 0]

    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\TokenMgr.dll]  [ Beijing WatchData System Co., Ltd., 3, 6, 3, 2]

    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDAlg.DLL]  [ Beijing WatchData System C0., Ltd., 3, 5, 12, 20]

    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\wdkmgr.dll]  [Watchdata, 2, 1, 1, 40]

    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDPKCS.dll]  [ Beijing WatchData System Co., Ltd., 3, 6, 2, 15]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C:\WINDOWS\system32\WatchData\Watchdata CCB CSP v3.2\WDEvent.dll]  [ Beijing WatchData System Co., Ltd., 3, 2, 5, 0]



[PID: 812 / lenovo][C:\Program Files\CCBComponents\DMWZ\CCBCertificate.exe]  [, 1, 0, 0, 27]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C:\WINDOWS\system32\CCBKCSP.dll]  [, 1, 0, 0, 1]



[PID: 2056 / lenovo][D:\Rising\RAV\RSTRAY.EXE]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [D:\Rising\RAV\comserv.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.15]

    [D:\Rising\RAV\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]

    [D:\Rising\RAV\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]

    [D:\Rising\RAV\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]

    [D:\Rising\RAV\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]

    [D:\Rising\RAV\rsxml.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]

    [D:\Rising\RAV\MonState.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]

    [D:\Rising\RAV\ScanEvnt.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.10]

    [D:\Rising\RAV\rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]

    [D:\Rising\RAV\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.8]

    [D:\Rising\RAV\rspalvd.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]

    [D:\Rising\RAV\mruleui.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 10]

    [D:\Rising\RAV\MonTray.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.1.15]

    [D:\Rising\RAV\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.14]

    [D:\Rising\RAV\UsbServ.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]

    [D:\Rising\RAV\ScanTray.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.55]

    [D:\Rising\RAV\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]

    [D:\Rising\RAV\dfw.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.67]

    [D:\Rising\RAV\ScanPrxy.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.32]

    [D:\Rising\RAV\GCompt.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.55]

    [D:\Rising\RAV\Isol.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.14]

    [D:\Rising\RAV\rsstore.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]

    [C:\Program Files\TENCENT\SSPlus\SAddr.dll]  [腾讯, 6.1.0.3]

    [C:\Program Files\TENCENT\SSPlus\sqlite3.dll]  [N/A, ]



[PID: 2088 / lenovo][E:\Rising\RFW\RSTRAY.EXE]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [E:\Rising\RFW\comserv.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.15]

    [E:\Rising\RFW\rslang.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]

    [E:\Rising\RFW\comx3.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.4]

    [E:\Rising\RFW\Syslay.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.1]

    [E:\Rising\RFW\ProcComm.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]

    [E:\Rising\RFW\rsxml.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.2]

    [E:\Rising\RFW\MonState.dll]  [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]

    [E:\Rising\RFW\rfwrule.dll]  [Beijing Rising Information Technology Co., Ltd., 22.0.0.1]

    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]

    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]

    [E:\Rising\RFW\rsconf.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.8]

    [E:\Rising\RFW\rspalvd.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]

    [E:\Rising\RFW\rsguilib.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]

    [E:\Rising\RFW\rsnetsvr.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.12]

    [E:\Rising\RFW\rsmginfo.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.14]

    [E:\Rising\RFW\rfwtray.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 78]

    [E:\Rising\RFW\rfwlog.dll]  [Beijing Rising Information Technology Co., Ltd., 23.0.0.7]

    [E:\Rising\RFW\PngDll.dll]  [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3]

    [C:\Program Files\TENCENT\SSPlus\SAddr.dll]  [腾讯, 6.1.0.3]

    [C:\Program Files\TENCENT\SSPlus\sqlite3.dll]  [N/A, ]



[PID: 2112 / lenovo][C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe]  [VIA Technologies, Inc., 10.1.00.21]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
gototop
 

回复:请帮我看看日志是否有病毒木马???

[PID: 2116 / lenovo][C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe]  [Advanced Micro Devices Inc., 2.0.0.0]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3625 (GDR.050727-3600)]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll]  [Microsoft Corporation, 2.0.50727.3631 (GDR.050727-3600)]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll]  [Microsoft Corporation, 2.0.50727.3623 (GDR.050727-3600)]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39967]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39815]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll]  [Advanced Micro Devices Inc., 2.0.4205.39819]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39963]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39820]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll]  [Advanced Micro Devices Inc., 2.0.4205.39820]

    [C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll]  [Microsoft Corporation, 2.0.50727.3634 (GDR.050727-3600)]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39966]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39816]



[PID: 2140 / lenovo][C:\WINDOWS\system32\ctfmon.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 2296 / lenovo][F:\旺旺\AliIM.exe]  [Alibaba software (Shanghai) Corporation., 1, 0, 0, 1]

    [F:\旺旺\GUIBase.dll]  [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,261]

    [F:\旺旺\RvCore.DLL]  [Alisoft (Shanghai) Co., Ltd., 1.0.0.261]

    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.6195]

    [F:\旺旺\UpdateAssist.dll]  [Alibaba software (Shanghai) Corporation., 1, 0, 0, 6]

    [F:\旺旺\alilog.dll]  [Copyright 2009 阿里软件(上海)有限公司., 1, 0, 0,232]

    [F:\旺旺\log4cpp.dll]  [Bastiaan Bakker, LifeLine Networks bv. 阿里软件(上海)有限公司., 0, 3, 2,229]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [F:\旺旺\UiBrowser.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\wwutils.DLL]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\pcre.dll]  [N/A, ]

    [F:\旺旺\LIBEAY32.dll]  [N/A, ]

    [F:\旺旺\protocol.dll]  [N/A, ]

    [F:\旺旺\wwparams.dll]  [N/A, ]

    [F:\旺旺\WWUIUnits.dll]  [N/A, ]

    [F:\旺旺\rvnw.dll]  [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,261]

    [F:\旺旺\rvwindow.dll]  [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,259]

    [F:\旺旺\xparam.dll]  [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,261]

    [F:\旺旺\imbiz.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\P2PEnv.dll]  [N/A, ]

    [F:\旺旺\imnet.dll]  [, 1.0.0.1]

    [F:\旺旺\Recovery.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\GUICore.dll]  [Alisoft (Shanghai) Co., Ltd., 1.0.0.260]

    [F:\旺旺\uacclient.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\WWApplication.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\zlib1.dll]  [, 1.2.3]

    [F:\旺旺\wwsdk.dll]  [Alibaba software (Shanghai) Corporation., 3.1.0.0]

    [F:\旺旺\imdb.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\rvcomlib.dll]  [Alisoft (Shanghai) Co., Ltd., 1.0.0.261]

    [F:\旺旺\uac.dll]  [, 1, 0, 0,1]

    [F:\旺旺\wwsdkcom.dll]  [Alibaba software (Shanghai) Corporation., 3.1.0.0]

    [F:\旺旺\SDKDB.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\zlibwapi.dll]  [, 1.2.1.0]

    [F:\旺旺\alinet.dll]  [Alisoft (Shanghai) Co., Ltd., 1, 0, 0,261]

    [F:\旺旺\Peripheral.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\filetransbiz.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.4]

    [F:\旺旺\ww_network2.dll]  [Alibaba software (Shanghai) Corporation., 2, 1, 0, 8]

    [F:\旺旺\P2PBiz.dll]  [, 1, 0, 0, 1]

    [F:\旺旺\AVTransBiz.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\ContactInfoAdapter.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\GraffitiGUI.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.0]

    [F:\旺旺\SysNotify.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\PopupEmotionMgr.dll]  [Alibaba software (Shanghai) Corporation., 1.0.0.1]

    [F:\旺旺\AliIMX.dll]  [, 1.0.0.1]



[PID: 2312 / lenovo][C:\windows\system32\notepad.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5877 (xpsp_sp3_qfe.090916-1338)]

    [C:\windows\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 2432 / lenovo][C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe]  [ATI Technologies Inc., 2.0.0.0]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll]  [Microsoft Corporation, 2.0.50727.3625 (GDR.050727-3600)]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll]  [Microsoft Corporation, 2.0.50727.3631 (GDR.050727-3600)]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll]  [Microsoft Corporation, 2.0.50727.3623 (GDR.050727-3600)]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39966]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39815]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39820]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39816]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll]  [Advanced Micro Devices Inc., 2.0.4205.39820]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39963]

    [C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll]  [Advanced Micro Devices Inc., 2.0.4205.39819]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39967]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.SkinFactory.dll]  [Advanced Micro Devices Inc., 2.0.4205.39829]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll]  [Advanced Micro Devices Inc., 2.0.4205.39966]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\77e1279cbf4eecfb0284b63316fe43fe\System.Xml.ni.dll]  [Microsoft Corporation, 2.0.50727.3082 (QFE.050727-3000)]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll]  [Advanced Micro Devices, Inc., 2.0.4205.39827]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll]  [, 1.0.0.0]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll]  [Advanced Micro Devices Inc., 2.0.4205.39822]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll]  [Advanced Micro Devices Inc., 2.0.4205.39822]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39821]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll]  [Advanced Micro Devices Inc., 2.0.0.0]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll]  [Advanced Micro Devices, Inc., 2.0.3299.28586]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll]  [Advanced Micro Devices Inc., 2.0.4205.39824]

    [C:\PROGRA~1\ATITEC~1\ATI.ACE\CORE-S~1\32\wbocx.ocx]  [Stardock Corporation, 5.0.5.1]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39816]

    [C:\WINDOWS\system32\atiadlxx.dll]  [Advanced Micro Devices, Inc., 6.14.10.1061]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Interop.WBOCXLib.dll]  [ , 1.0.0.0]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39824]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\d86a3346c3d90ff12d0df9d7726f3ece\Accessibility.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll]  [Advanced Micro Devices Inc., 2.0.4205.39990]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39974]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39817]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39823]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\32\wbhelp2.dll]  [Stardock.Net, Inc, 1.5]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll]  [ATI Technologies Inc., 2.0.2573.17685]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll]  [ATI Technologies Inc., 2.0.2573.17684]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll]  [Advanced Micro Devices Inc., 2.0.4205.39830]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATIDEMGX.dll]  [Advanced Micro Devices, Inc., 2.0.3974.34820]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\94a40f415bfa947e251888bbe88bb973\System.Configuration.ni.dll]  [Microsoft Corporation, 2.0.50727.3053 (netfxsp.050727-3000)]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll]  [Advanced Mirco Devices, Inc., 2.0.4205.39831]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll]  [Advanced Mirco Devices, Inc., 2.0.4205.39820]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll]  [Advanced Micro Devices, Inc., 2.0.2743.23304]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39830]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39822]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll]  [Advanced Micro Devices, Inc., 2.0.4205.39827]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll]  [Advanced Micro Devices, Inc., 2.0.3015.27871]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll]  [Advanced Micro Devices, Inc., 2.0.3932.21814]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll]  [Advanced Micro Devices Inc., 2.0.4205.39870]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll]  [Advanced Micro Devices Inc., 2.0.4205.39904]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll]  [Advanced Micro Devices Inc., 2.0.4205.39901]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll]  [Advanced Micro Devices Inc., 2.0.4205.39861]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39845]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll]  [Advanced Micro Devices, Inc., 2.0.4205.39906]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll]  [Advanced Micro Devices, Inc., 2.0.4205.39898]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.VPURecover.Graphics.Runtime.dll]  [Advanced Micro Devices Inc., 2.0.4205.39862]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.D
gototop
 

回复:请帮我看看日志是否有病毒木马???

[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39904]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39859]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.VPURecover.Graphics.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39861]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll]  [Advanced Micro Devices Inc., 2.0.4205.40046]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39858]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Runtime.dll]  [Advanced Micro Devices Inc., 2.0.4205.39909]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll]  [Advanced Micro Devices Inc., 2.0.4205.39846]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39899]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39909]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39830]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39976]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll]  [Advanced Micro Devices, Inc., 2.0.2743.23304]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.Runtime.dll]  [Advanced Micro Devices Inc., 2.0.4205.39941]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll]  [Advanced Micro Devices Inc., 2.0.4205.39917]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Welcome.Graphics.Runtime.dll]  [Advanced Micro Devices Inc., 2.0.4205.40042]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll]  [Advanced Micro Devices Inc., 2.0.4205.39901]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll]  [Advanced Micro Devices, Inc., 2.0.2743.23304]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39941]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Welcome.Graphics.shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39977]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39917]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39887]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll]  [Advanced Micro Devices, Inc., 2.0.3455.26939]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll]  [Advanced Micro Devices, Inc., 2.0.2743.23304]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39845]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll]  [Advanced Micro Devices, Inc., 2.0.4205.39898]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll]  [Advanced Micro Devices, Inc., 2.0.3286.19924]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll]  [Advanced Micro Devices, Inc., 2.0.3057.24943]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll]  [ , 1.0.0.0]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll]  [Advanced Micro Devices Inc., 2.0.4205.40004]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.40004]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll]  [Advanced Micro Devices, Inc., 2.0.4205.39826]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll]  [Advanced Micro Devices Inc., 2.0.4205.39817]

    [C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\29bdc8352d3c26e3c572ea60639dec3b\System.Web.ni.dll]  [Microsoft Corporation, 2.0.50727.3634 (GDR.050727-3600)]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll]  [Advanced Micro Devices Inc., 2.0.4205.39823]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39990]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39823]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll]  [Advanced Micro Devices Inc., 2.0.4205.39956]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll]  [Advanced Micro Devices, Inc., 2.0.4205.39837]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Wizard.dll]  [Advanced Micro Devices, Inc., 2.0.4205.39853]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39817]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Wizard.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39818]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Wizard.Shared.Private.dll]  [Advanced Micro Devices Inc., 2.0.4205.39852]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Wizard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39853]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll]  [Advanced Micro Devices, Inc., 2.0.4205.40031]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Wizard.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39853]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Wizard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39919]

    [C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll]  [Advanced Micro Devices, Inc., 2.0.3961.17586]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Wizard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39931]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39860]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Wizard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39863]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Wizard.dll]  [Advanced Micro Devices Inc., 2.0.4205.40010]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll]  [Advanced Micro Devices, Inc., 2.0.4205.39839]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39818]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll]  [Advanced Micro Devices Inc., 2.0.4205.39837]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39844]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll]  [Advanced Micro Devices Inc., 2.0.4205.39844]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Welcome.Graphics.Dashboard.dll]  [Advanced Mirco Devices, Inc., 2.0.4205.39979]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39864]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39847]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll]  [, 1.0.0.0]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39905]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39900]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll]  [Advanced Micro Devices, Inc., 2.0.4205.39893]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39918]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39864]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39902]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll]  [Advanced Micro Devices Inc., 2.0.4205.40046]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.VPURecover.Graphics.Dashboard.dll]  [Advanced Micro Devices Inc., 2.0.4205.39862]

    [C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll]  [Advanced Micro Devices Inc., 2.0.4205.40005]



[PID: 2612 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]

    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



[PID: 3984 / lenovo][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C:\Documents and Settings\lenovo\Application Data\115\Box\Sync115Ext.dll]  [广东雨林木风计算机科技有限公司, 1.0.0.2]

    [C:\WINDOWS\system32\SOGOUWB.IME]  [Sogou.com Inc., 2.0.1.1189]



[PID: 1232 / lenovo][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C:\WINDOWS\system32\Macromed\Flash\Flash10i.ocx]  [Adobe Systems, Inc., 10,1,82,76]



[PID: 2832 / lenovo][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C:\WINDOWS\system32\Macromed\Flash\Flash10i.ocx]  [Adobe Systems, Inc., 10,1,82,76]



[PID: 3140 / lenovo][C:\Program Files\Tencent\QQ\Bin\QQ.exe]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\Common.dll]  [Tencent, 1,61,2040,0]

    [C:\Program Files\Tencent\QQ\Bin\zlib.dll]  [, 1, 2, 5, 0]

    [C:\Program Files\Tencent\QQ\Bin\libexpat.dll]  [, 2, 0, 1, 0]

    [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.6195]

    [C:\Program Files\Tencent\QQ\Bin\KernelUtil.dll]  [Tencent, 1,61,2040,0]

    [C:\Program Files\Tencent\QQ\Bin\xImage.dll]  [Tencent, 1,61,2040,0]

    [C:\Program Files\Tencent\QQ\Bin\libpng.dll]  [, 1, 2, 2, 3]

    [C:\Program Files\Tencent\QQ\Bin\libjpeg6.dll]  [, 6, 2, 0, 0]

    [C:\Program Files\Tencent\QQ\Bin\GF.dll]  [Tencent, 1,61,2040,0]

    [C:\Program Files\Tencent\QQ\Bin\xGraphic32.dll]  [Tencent, 1,61,2040,0]

    [C:\Program Files\Tencent\QQ\Bin\jgImage.dll]  [Tencent, 1, 60, 2010, 0]

    [C:\Program Files\Tencent\QQ\Bin\jgIOStub.dll]  [Tencent, 1, 60, 2010, 0]

    [C:\Program Files\Tencent\QQ\Bin\AFUtil.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\IPC.dll]  [Tencent, 1,61,2040,0]

    [C:\Program Files\Tencent\QQ\Bin\FlashService.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C:\Program Files\Tencent\QQ\Bin\LoginPanel.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\TXPFProxy.dll]  [Tencent, 1,61,2040,0]

    [C:\Program Files\Tencent\QQ\Bin\IM.dll]  [Tencent, 1,61,2040,0]

    [C:\Program Files\Tencent\QQ\Bin\MainFrame.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\AppUtil.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\AppFramework.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.20\Bin\SSOPlatform.dll]  [Tencent, 1.2.1.20]

    [C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.20\Bin\SSOCommon.DLL]  [Tencent, 1.2.1.10]

    [C:\Program Files\Tencent\QQ\Bin\TaskTray.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\SkinMgr.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\AppMisc.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\AFCtrl.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\ProcessSession.DLL]  [Tencent, 1,61,2040,0]

    [C:\Program Files\Tencent\QQ\Bin\SystemMsg.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\ConfigCenter.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\ChatFrameApp.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\WINDOWS\system32\msdmo.dll]  [, ]

    [C:\Program Files\Tencent\QQ\Bin\GroupApp.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\Contacts.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\InformationBox.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.SNSApp\Bin\SNSApp.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PayCenter\Bin\PayCenter.dll]  [Tencent, 1, 65, 2173, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQVipMisc\Bin\QQVipMisc.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.VAS\Bin\VAS.dll]  [Tencent, 1, 65, 2173, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.WenWen\Bin\WenWen.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.NetBar\Bin\NetBar.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Wireless\Bin\Wireless.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.CRM\Bin\CRM.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQShow\Bin\QQShow.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll]  [Tencent, 1, 65, 2168, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Soso\Bin\Soso.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Memo\Bin\Memo.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQPet\Bin\QQPet.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQVip\Bin\QQVip.dll]  [Tencent, 1, 61, 2103, 1]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Mail\Bin\Mail.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.FileTransfer\Bin\FileTransfer.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQRing\Bin\QQRing.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.WBlog\Bin\WBlog.dll]  [Tencent, 1, 61, 2104, 0]

    [C:\Program Files\Tencent\QQ\Bin\PluginCommon.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\QInterLive.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.GameLife\Bin\GameLife.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\com.tencent.netdisk\Bin\NetDisk.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\com.tencent.netdisk\Bin\DiskIPC.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\com.tencent.netdisk\Bin\DiskCommon.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\com.tencent.netdisk\Bin\FileBase.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\ContactInfoFrame.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\MsgMgr.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\com.tencent.qqmusic\Bin\QQMusic.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\com.tencent.qqgame\Bin\QQGame.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\com.tencent.today\Bin\Today.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Bin\OPIEModule.dll]  [Tencent, 1, 61, 2103, 0]

    [C:\Program Files\Tencent\QQ\Plugin\com.tencent.advertisement\Bin\Advertisement.dll]  [Tencent, 1, 61, 2107, 0]
gototop
 

回复:请帮我看看日志是否有病毒木马???

[PID: 2576 / lenovo][C:\Program Files\Tencent\QQ\Bin\TXPlatform.exe]  [Tencent, 1,61,2040,0]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [C:\Program Files\Tencent\QQ\Bin\TXPFProxy.dll]  [Tencent, 1,61,2040,0]



[PID: 3640 / lenovo][F:\工具软件\sreng2\SRE9e7c6ae7.EXE]  [Smallfrogs Studio, 2.8.4.1331]

    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]



==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]


==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1  www.youku.com
------ 屏蔽迅雷看看广告 ------
0.0.0.0  pubstat.sandai.net
0.0.0.0  mcfg.sandai.net
0.0.0.0  biz5.sandai.net
0.0.0.0  float.sandai.net
0.0.0.0  cl.kankan.xunlei.com
0.0.0.0    211.94.190.80
0.0.0.0  mtips.xunlei.com
0.0.0.0  211.94.190.80
0.0.0.0  mtips.xunlei.com
0.0.0.0  adsresult.joywell.com.cn
0.0.0.0  advstat.xunlei.com
0.0.0.0  wy.xunlei.com
0.0.0.0  kkpgv.xunlei.com
0.0.0.0  statis.kankan.xunlei.com
0.0.0.0  server1.adpolestar.net
0.0.0.0  mpv.sandai.net


==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 1840, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDKEYMONITORCCB.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 696, C:\WINDOWS\SYSTEM32\WATCHDATA\WATCHDATA CCB CSP V3.2\WDCERTM_CCB.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 812, C:\PROGRAM FILES\CCBCOMPONENTS\DMWZ\CCBCERTIFICATE.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2116, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2116, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\MOM.EXE]
特殊特权被允许: SeDebugPrivilege [PID = 2432, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2432, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC\CCC.EXE]


==================================
计划任务


==================================
Windows 安全更新检查
Microsoft .NET Framework 版本 1.1,简体中文版

KB829019,  Microsoft .NET Framework 2.0 语言包:x86 (KB829019)

KB940157,  用于 Windows XP 的 Windows 搜索 4.0 (KB940157)

KB928416,  Microsoft .NET Framework 3.0: x86 语言包 (KB928416)

KB951847,  Microsoft .NET Framework 3.5 Service Pack 1 (KB951847) x86 语言包

KB968930,  用于 Windows XP 和 Windows Embedded 的 Windows PowerShell 2.0 和 WinRM 2.0 (KB968930)

KB968930,  Windows Live 软件包

KB2509553,  Windows XP 安全更新程序 (KB2509553) MS11-030

KB982670,  用于 Windows XP x86 的 Microsoft .NET Framework 4 Client Profile (KB982670)

KB2526297,  Microsoft Office 兼容包 Service Pack 3 (SP3)

KB2632503,  Windows XP 更新程序 (KB2632503)

KB931125,  Windows XP 的根证书更新 [2012 年 2 月] (KB931125)



==================================
API HOOK
N/A

==================================
隐藏进程
N/A

[/CODE]
gototop
 

回复 6F liliok 的帖子

日志已附件形式发来啊。
参考此帖:
关于如何截图和以附件形式发图到论坛:http://bbs.ikaka.com/showtopic-8616820.aspx
发图和发附件是一样的。
gototop
 

回复: 请帮我看看日志是否有病毒木马???

日志

附件附件:

文件名:SREngLogEm.LOG
下载次数:350
文件类型:application/octet-stream
文件大小:
上传时间:2012-3-20 13:07:50
描述:log

gototop
 

回复:请帮我看看日志是否有病毒木马???

C:\seup.exe找到压缩发来。
gototop
 

回复: 请帮我看看日志是否有病毒木马???



引用:
原帖由 networkedition 于 2012-3-20 13:16:00 发表
C:\seup.exe找到压缩发来。

附件附件:

文件名:seup.zip
下载次数:348
文件类型:application/x-zip-compressed
文件大小:
上传时间:2012-3-20 13:23:00
描述:zip

gototop
 
12   1  /  2  页   跳转
页面顶部
Powered by Discuz!NT