Windows清理助手官方论坛 - 绿色家园 - » ╃系统救援区╃ » 恶意图标删除不掉或IE主页被篡改请看这里 (2010-06-30)

西门吹雪 发表于 2010-3-6 20:58

恶意图标删除不掉或IE主页被篡改请看这里 (2010-06-30)

[i=s] 本帖最后由 西门吹雪 于 2010-7-30 00:44 编辑 [/i]

[size=3][color=#ff0000][/color][/size]
[color=red][b]将清理助手升级到最新版本![/b][/color]


[size=3][color=#ff0000][b]1.如果是桌面有恶意图标删除不掉，先看清楚是快捷方式还是伪装的系统图标

[/b][/color]1) 如果是[b][color=green]快捷方式（图标左下角有个小箭头）[/color][/b]，使用清理助手>高级功能>文件操作中的粉碎功能将快捷方式[/size][size=3][b]粉碎(可直接托拽，但注意把iexplore.exe从粉碎列表中去掉，[color=red]切记[/color])
[/b]
2) 如果是[color=green][b]伪装的系统图标[/b][/color][/size]
[b][size=3][color=#008000][/color][/size][/b]
[size=3]故障修复(32位简体中文系统下才有这个选项)[/size]
[size=3]钩选 [/size][size=3][color=teal]清理桌面其它图标/修复系统默认图标[/color][/size]
[size=3]        [color=teal]修复被恶意劫持的系统快捷方式[/color][/size]
[size=3]        [color=teal]修复被恶意篡改的桌面IE图标[/color][/size]

[attach]28771[/attach]

[size=3]执行修复 然后[color=red][b]在桌面上刷新[/b][/color] 看看能否解决问题？[/size]
[size=3]
如果当时可以删除，但过段时间或者重新启动又回来了，说明计算机内有恶意软件。
先保证把清理助手扫描到的[b]所有对象都清理掉[/b]（[color=red]特别是可疑的和未知风险的也要删除[/color]）
如果还不行，[b][color=seagreen]扫描个系统诊断报告上来[/color][/b]！[/size]
[size=3][/size]
[size=3][b][size=5][color=red]如果伪装的系统图标修复无效,开始菜单->运行->regedit.exe 看注册表管理器程序是否可以正常使用,如果不能正常使用,先将c:\windows\regedit.exe修复好,再执行上边的操作.[/color][/size][/b][/size]
[size=3][b][size=5][color=#ff0000][/color][/size][/b][/size]
[size=3][b][size=5][color=#ff0000][/color][/size][/b][/size]
[size=3][b][size=5][color=#ff0000]有些图标是运行某些程序(如外挂等)时自动建立的,你删除后,一运行哪个程序就又出来了,注意观察下是哪个程序引起的,别用它就可以了![/color][/size][/b]



[b][color=red]2。如果是IE主页被改。
[/color][/b]
故障修复(32位简体中文系统下才有这个选项)[/size]
[size=3]先按照默认选择执行修复，[/size][size=3]如果不行，再尝试选择所有执行修复。

然后设置主页，如果能设置主页，但是打开IE主页还是被改，
到 c:\program files\internet explorer\ 里运行 iexplore.exe
如果主页正常,就是你运行的那个IE快捷方式是假的![color=red][b]把那个假的删除掉[/b][/color]，自己重新建立一个！

如果不能设置主页，可能是权限的问题，开始运行 regedit.exe
找到
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
在 main 上右键菜单 权限 高级 所有者 选择 你自己的账户 替换所有者 后确定
然后 添加 everyone 拥有完全控制权，然后再修改主页。

如果权限没有问题，考虑下你是否使用了某些[color=red][b]安全软件[/b][/color]对主页进行了保护，比如诺顿等。
[/size]
[size=3][b][color=blue]最近发现多例求助是因为 [color=red]金山网盾[/color] 锁定主页！（安装了金山网盾或遨游（内置金山网盾）的用户先检查下是否这个问题）[/color][/b]
[/size][size=3]
如果仍然不能修改主页，[b][color=seagreen]扫描个系统诊断报告上来[/color]！[/b]

[b][color=red]特别注意：在执行修复过程中，如果有安全软件（如360等）提示修改系统，一定要选择允许，否则修复无效！[/color][/b][/size]
[size=3][b][color=red][/color][/b][/size]
[size=3][b][color=red]如果修复无效，请将安全软件的监控暂时关闭，然后再修复！[/color][/b]

[/size][size=3][/size]
[size=3]最近又发现多例 恶意软件利用 金山网盾 的文件锁定主页的现象！[/size]
[size=3][/size]
[size=3]请参考下面的帖子解决！[/size]
[size=3][/size]
[size=3][url=http://bbs.arswp.com/thread-62710-1-1.html]http://bbs.arswp.com/thread-62710-1-1.html[/url][/size]
[size=3][/size]
[size=3][/size]
[size=3]最近有中鬼影病毒后 桌面多了一个 淘宝 图标 删除后重新启动又有了，参考下面的帖子[/size]
[size=3]
[url=http://bbs.arswp.com/thread-63413-1-1.html]http://bbs.arswp.com/thread-63413-1-1.html[/url]

[/size]

yjd333 发表于 2010-3-6 23:16

最近在好几天电脑上都看到这个，免杀都做得不错

fxmagic 发表于 2010-3-7 10:06

按照你说的都做了.还是不管用,只要重起电脑,又回到了从前, 只能每次启动系统后,修复IE主页一次.

西门吹雪 发表于 2010-3-7 10:14

[b] [url=http://bbs.arswp.com/redirect.php?goto=findpost&pid=242531&ptid=56752]3#[/url] [i]fxmagic[/i] [/b]

新开个帖子，扫描个系统诊断报告上来！

15930688038 发表于 2010-3-7 12:18

帮我看一下我的系统 诊断报告~到底是出了什么问题 好吗？:handshake

15930688038 发表于 2010-3-7 12:27

帮我看一下我的~~[code]

2005-08-08,11:30:16

SysLog Scanner 3.0 - build 20091220
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 3 (build 2600)


================================================================
注册项


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon> <RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105) | NVIDIA Corporation, 6.14.11.8611]
    <360Safetray> <"D:\360保险箱\360safe\safemon\360tray.exe" /start> [(Verified)360.CN, 6, 2, 0, 3003]
    <NvMediaCenter> <RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105) | NVIDIA Corporation, 6.14.11.8611]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt]
    <&使用超级旋风下载> <D:\QQ软件\QQ旋风\geturl.htm> [N/A]
    <&使用超级旋风下载全部链接> <D:\QQ软件\QQ旋风\getAllurl.htm> [N/A]
    <&使用超级旋风下载本页视频> <D:\QQ软件\QQ旋风\geturlflv.htm> [N/A]
    <添加到QQ表情> <D:\QQ软件\QQ\Bin\AddEmotion.htm> [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt]
    <添加到QQ表情> <D:\QQ软件\QQ\Bin\AddEmotion.htm> [N/A]

================================================================
启动组


================================================================
任务计划


================================================================
组件


--------------------------------
Shell Extension
    [Display Panning CPL Extension]
        <{42071714-76d4-11d1-8b24-00a0c9068ff3}> <deskpan.dll> []
    [HyperTerminal Icon Ext]
        <{88895560-9AA2-1069-930E-00AA0030EBC8}> <C:\WINDOWS\system32\htic**.dll> [(Verified)Hilgraeve, Inc., 5.1.2600.0]
    [任务栏和「开始」菜单]
        <{0DF44EAA-FF21-4412-828E-260A8728E7F1}> <> []
    [WinRAR shell extension]
        <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> <C:\Program Files\WinRAR\rarext.dll> [N/A]
    [Desktop Explorer]
        <{1CDB2949-8F65-4355-8456-263E7C208A5D}> <C:\WINDOWS\system32\nvshell.dll> [N/A]
    [NvCpl DesktopContext Class]
        <{A70C977A-BF00-412C-90B7-034C51DA2439}> <C:\WINDOWS\system32\nvcpl.dll> [NVIDIA Corporation, 6.14.11.8611]
    [HaoZip Shell Extension]
        <{5FED836A-C96C-4d88-A91E-F63F07726585}> <C:\Program Files\HaoZip\HaoZipExt.dll> [好压软件工作室, 1.7.0.3610]

--------------------------------
Context Menu
    [HaoZip]
        <{5FED836A-C96C-4d88-A91E-F63F07726585}> <C:\Program Files\HaoZip\HaoZipExt.dll> [好压软件工作室, 1.7.0.3610]
    [WinRAR]
        <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> <C:\Program Files\WinRAR\rarext.dll> [N/A]

--------------------------------
BrowserHelperObject
    [QQCycloneHelper Class]
        <{00000000-0592-4356-9CF7-1D8C2B3343C0}> <D:\QQ软件\QQ旋风\QQIEHelper01.dll> [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266]

--------------------------------
ActiveX Extension
    [QQCycloneHelper Class]
        <{00000000-0592-4356-9CF7-1D8C2B3343C0}> <D:\QQ软件\QQ旋风\QQIEHelper01.dll> [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266]
    [360SafeLive]
        <{87515F61-A66C-4319-A0E0-D416CB8059E3}> <C:\Program Files\360Safe\Safelive.dll> []
    [Shockwave Flash Object]
        <{D27CDB6E-AE6D-11CF-96B8-444553540000}> <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx> [(Verified)Adobe Systems, Inc., 9,0,124,0]

================================================================
服务

[NVIDIA Display Driver Service / nvsvc][Running/Auto Start]
    <C:\WINDOWS\system32\nvsvc32.exe>  [NVIDIA Corporation, 6.14.11.8611]

[Contrl Center of Storm Media / ccosm][Stopped/Disabled]
    <C:\Program Files\StormII\stormliv.exe /asservice>  [(Verified)**暴风网际科技有限公司, 3, 8, 3, 15]

================================================================
驱动

[AmdK8 Compatible Device / AmdK8][Stopped/Manual Start]
    <System32\drivers\amdk8.sys>  [Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226)]

[360SelfProtection / 360SelfProtection][Running/System Start]
    <system32\drivers\360SelfProtection.sys>  [(Verified)360安全中心, 1, 0, 0, 1028]
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
    <system32\drivers\ac97intc.sys>  [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK]
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
    <system32\DRIVERS\AcpiVpc.sys>  [(Verified)Lenovo Corporation, 5.1.2601.0]
[AtpKrnl / AtpKrnl][Running/Manual Start]
    <System32\Drivers\AtpKrnl.sys>  [(Verified)www.arswp.com, 3.00]
[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
    <system32\DRIVERS\b57xp32.sys>  [(Verified)Broadcom Corporation, 10.62.0.0 (cbuild.09172007-1258,b57nd5x-main-lhdepot1106.CL-2346)]
[Conexant UAA Function Driver for High Definition Audio Service / CnxtHdAudService][Running/Manual Start]
    <system32\drivers\CHDAU32.sys>  [(Verified)Conexant Systems Inc., 3.66.9.0 built by: WinDDK]
[Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start]
    <system32\DRIVERS\DKbFltr.sys>  [(Verified)Dritek System Inc., 1, 2, 1, 420]
[EfiSystemMon / EfiMon][Running/System Start]
    <System32\Drivers\Efimon.sys>  [(Verified)奇虎网, 1, 0, 0, 1004]
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
    <system32\DRIVERS\fetnd5.sys>  [(Verified)VIA Technologies, Inc.              , 2.66]
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
    <system32\DRIVERS\HDAudBus.sys>  [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK]
[HookPort / HookPort][Running/Boot Start]
    <System32\Drivers\Hookport.sys>  [(Verified)360安全中心, 1, 0, 0, 1009]
[Intel(R) Wireless WiFi Link 适配器驱动程序（适用于 Windows XP 32 位） / NETw5x32][Running/Manual Start]
    <system32\DRIVERS\NETw5x32.sys>  [(Verified)Intel Corporation, 12.0.0.73]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.11.8611]
[Service for NVIDIA High Definition Audio Driver / NVHDA][Running/Manual Start]
    <system32\drivers\nvhda32.sys>  [(Verified)NVIDIA Corporation, 1.00.00.51 built by: WinDDK]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)]
[Quantum DeepScanner Servers / qutmdserv][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\qutmdrv.sys>  [(Verified)360.cn, 6.3.0.1009]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086]
[TesDrvPt / TesDrvPt][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesDrvPt.sys>  [(Verified)TENCENT, 1.0.5 built by: WinDDK]
[TesSafe / TesSafe][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesSafe.sys>  [(Verified)TENCENT, 1, 11, 4, 3442]

================================================================
活动进程


[PID: 900 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 956 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1120 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [NVIDIA Corporation, 6.14.11.8611]
    C:\WINDOWS\system32\nvapi.dll   [(Verified)NVIDIA Corporation, 6.14.11.8611]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1156 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1240 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1404 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\System32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1528 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1668 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1908 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 632 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 744 / Administrator]   C:\WINDOWS\system32\conime.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll   []

[PID: 1808 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    C:\WINDOWS\System32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 432 / Administrator]   C:\WINDOWS\system32\Rundll32.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll   []

[PID: 476 / Administrator]   C:\WINDOWS\system32\RUNDLL32.EXE   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\NvMcTray.dll   [NVIDIA Corporation, 6.14.11.8611]
    C:\WINDOWS\system32\nvapi.dll   [(Verified)NVIDIA Corporation, 6.14.11.8611]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll   []
    C:\WINDOWS\system32\NVRSZHC.DLL   [NVIDIA Corporation, 6.14.11.8611]

[PID: 1580 / Administrator]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll   []

[PID: 412 / Administrator]   C:\WINDOWS\explorer.exe   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll   []
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\browselc.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\WinRAR\rarext.dll   [N/A]
    C:\Program Files\HaoZip\HaoZipExt.dll   [好压软件工作室, 1.7.0.3610]

[PID: 696 / Administrator]   D:\QQ软件\QQ旋风\QQDownload.exe   [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 271, 271]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll   []
    D:\QQ软件\QQ旋风\xmain.dll   [(Verified)Tencent Technology (Shenzhen) Company Limited, 1.9.272.272]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL   [Microsoft Corporation, 8.00.50727.762]
    D:\QQ软件\QQ\Bin\TXPFProxy.dll   [(Verified)N/A]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    D:\QQ软件\QQ旋风\xdownload.dll   [(Verified)Tencent Technology (Shenzhen) Company Limited, 1.9.273.273]
    D:\QQ软件\QQ旋风\xcore.dll   [(Verified)Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 90]
    D:\QQ软件\QQ旋风\Add**\Miner.dll   [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 4, 311]
    C:\Program Files\WinRAR\rarext.dll   [N/A]
    C:\Program Files\HaoZip\HaoZipExt.dll   [好压软件工作室, 1.7.0.3610]
    D:\QQ软件\QQ旋风\VideoParser.dll   [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 4, 203]

[PID: 180 / Administrator]   D:\QQ软件\QQ\Bin\QQ.exe   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\Common.dll   [(Verified)Tencent, 1, 25, 660, 0]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL   [Microsoft Corporation, 8.00.50727.762]
    D:\QQ软件\QQ\Bin\KernelUtil.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\GF.dll   [(Verified)Tencent, 1, 25, 750, 0]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    D:\QQ软件\QQ\Bin\AppUtil.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\MainFrame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\TXPFProxy.dll   [(Verified)N/A]
    D:\QQ软件\QQ\Bin\AppMisc.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\ChatFrame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\ConfigCenter.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\TaskTray.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\CustomFace.dll   [Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\IM.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\KernelMisc.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\LongCnn.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\ContactInfoFrame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\MsgMgr.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\SkinMgr.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\QInterLive.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\AppCtrl.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\SystemMsg.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll   [Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.Soso\Bin\Soso.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.SoBar\Bin\SoBar.dll   [Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.taotao\Bin\Taotao.dll   [(Verified)Tencent, 1, 25, 660, 0]
    C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll   [(Verified)Tencent, 1.2.0.32]
    C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL   [(Verified)Tencent, 1.2.0.9]
    D:\QQ软件\QQ\Bin\BasicCtrlDll.dll   [(Verified)TENCENT, 8,0,773,1801]
    D:\QQ软件\QQ\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll   [(Verified)Tencent, 1.25.1.25]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx   [(Verified)Adobe Systems, Inc., 9,0,124,0]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\msdmo.dll   [(Verified)N/A]
    D:\QQ软件\QQ\Plugin\com.tencent.advertisement\Bin\Advertisement.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.snsapp\Bin\SNSApp.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.NetBar\Bin\NetBar.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.wenwen\Bin\WenWen.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.mail\Bin\Mail.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.crm\Bin\CRM.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.paycenter\Bin\PayCenter.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqring\Bin\QQRing.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\GroupApp.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.wireless\Bin\Wireless.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqshow\Bin\QQShow.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\InformationBox.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqvip\Bin\QQVip.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqgame\Bin\QQGame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.memo\Bin\Memo.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qbar\Bin\QBar.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqpet\Bin\QQPet.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.today\Bin\Today.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.gamelife\Bin\GameLife.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\AddrSearch.dll   [(Verified)Tencent, 2, 3, 10, 12]

[PID: 3220 / Administrator]   D:\QQ软件\QQ\Bin\TXPlatform.exe   [(Verified)Tencent, 1, 25, 660, 0]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    D:\QQ软件\QQ\Bin\TXPFProxy.dll   [(Verified)N/A]

[PID: 2016 / Administrator]   D:\QQ软件\QQ\Bin\QQ.exe   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\Common.dll   [(Verified)Tencent, 1, 25, 660, 0]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL   [Microsoft Corporation, 8.00.50727.762]
    D:\QQ软件\QQ\Bin\KernelUtil.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\GF.dll   [(Verified)Tencent, 1, 25, 750, 0]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    D:\QQ软件\QQ\Bin\AppUtil.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\MainFrame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\TXPFProxy.dll   [(Verified)N/A]
    D:\QQ软件\QQ\Bin\AppMisc.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\TaskTray.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\ChatFrame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\ConfigCenter.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\CustomFace.dll   [Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\IM.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\KernelMisc.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\LongCnn.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\ContactInfoFrame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\MsgMgr.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\SkinMgr.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\QInterLive.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\AppCtrl.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\SystemMsg.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll   [Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.Soso\Bin\Soso.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.SoBar\Bin\SoBar.dll   [Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.taotao\Bin\Taotao.dll   [(Verified)Tencent, 1, 25, 660, 0]
    C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll   [(Verified)Tencent, 1.2.0.32]
    C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL   [(Verified)Tencent, 1.2.0.9]
    D:\QQ软件\QQ\Bin\BasicCtrlDll.dll   [(Verified)TENCENT, 8,0,773,1801]
    D:\QQ软件\QQ\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll   [(Verified)Tencent, 1.25.1.25]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx   [(Verified)Adobe Systems, Inc., 9,0,124,0]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\msdmo.dll   [(Verified)N/A]
    D:\QQ软件\QQ\Plugin\com.tencent.advertisement\Bin\Advertisement.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.snsapp\Bin\SNSApp.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.NetBar\Bin\NetBar.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.wenwen\Bin\WenWen.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.mail\Bin\Mail.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.crm\Bin\CRM.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.paycenter\Bin\PayCenter.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqring\Bin\QQRing.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.wireless\Bin\Wireless.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqshow\Bin\QQShow.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\GroupApp.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqvip\Bin\QQVip.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qbar\Bin\QBar.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\InformationBox.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqpet\Bin\QQPet.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.memo\Bin\Memo.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.today\Bin\Today.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqgame\Bin\QQGame.dll   [(Verified)Tencent, 1, 25, 660, 0]

[PID: 472 / Administrator]   F:\新建文件夹\arswp3\ArSwp3.exe   [(Verified)Windows 清理助手, 3.0.14.0130]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx   [(Verified)Adobe Systems, Inc., 9,0,124,0]

[PID: 2056 / Administrator]   C:\Program Files\Internet Explorer\iexplore.exe   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\browselc.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    D:\QQ软件\QQ旋风\QQIEHelper01.dll   [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx   [(Verified)Adobe Systems, Inc., 9,0,124,0]
    C:\WINDOWS\system32\QQPINYIN.IME   [(Verified)Tencent, 3.1.730.201]

================================================================
文件关联


================================================================
Autorun.Inf

================================================================
Winsock**者


================================================================
隐藏进程


================================================================
可疑文件


================================================================
HOSTS

    127.0.0.1 localhost


[/code]

15930688038 发表于 2010-3-7 12:28

帮忙看一下我的~·:handshake[code]

2005-08-08,11:30:16

SysLog Scanner 3.0 - build 20091220
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 3 (build 2600)


================================================================
注册项


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon> <RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105) | NVIDIA Corporation, 6.14.11.8611]
    <360Safetray> <"D:\360保险箱\360safe\safemon\360tray.exe" /start> [(Verified)360.CN, 6, 2, 0, 3003]
    <NvMediaCenter> <RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105) | NVIDIA Corporation, 6.14.11.8611]


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt]
    <&使用超级旋风下载> <D:\QQ软件\QQ旋风\geturl.htm> [N/A]
    <&使用超级旋风下载全部链接> <D:\QQ软件\QQ旋风\getAllurl.htm> [N/A]
    <&使用超级旋风下载本页视频> <D:\QQ软件\QQ旋风\geturlflv.htm> [N/A]
    <添加到QQ表情> <D:\QQ软件\QQ\Bin\AddEmotion.htm> [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt]
    <添加到QQ表情> <D:\QQ软件\QQ\Bin\AddEmotion.htm> [N/A]

================================================================
启动组


================================================================
任务计划


================================================================
组件


--------------------------------
Shell Extension
    [Display Panning CPL Extension]
        <{42071714-76d4-11d1-8b24-00a0c9068ff3}> <deskpan.dll> []
    [HyperTerminal Icon Ext]
        <{88895560-9AA2-1069-930E-00AA0030EBC8}> <C:\WINDOWS\system32\htic**.dll> [(Verified)Hilgraeve, Inc., 5.1.2600.0]
    [任务栏和「开始」菜单]
        <{0DF44EAA-FF21-4412-828E-260A8728E7F1}> <> []
    [WinRAR shell extension]
        <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> <C:\Program Files\WinRAR\rarext.dll> [N/A]
    [Desktop Explorer]
        <{1CDB2949-8F65-4355-8456-263E7C208A5D}> <C:\WINDOWS\system32\nvshell.dll> [N/A]
    [NvCpl DesktopContext Class]
        <{A70C977A-BF00-412C-90B7-034C51DA2439}> <C:\WINDOWS\system32\nvcpl.dll> [NVIDIA Corporation, 6.14.11.8611]
    [HaoZip Shell Extension]
        <{5FED836A-C96C-4d88-A91E-F63F07726585}> <C:\Program Files\HaoZip\HaoZipExt.dll> [好压软件工作室, 1.7.0.3610]

--------------------------------
Context Menu
    [HaoZip]
        <{5FED836A-C96C-4d88-A91E-F63F07726585}> <C:\Program Files\HaoZip\HaoZipExt.dll> [好压软件工作室, 1.7.0.3610]
    [WinRAR]
        <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> <C:\Program Files\WinRAR\rarext.dll> [N/A]

--------------------------------
BrowserHelperObject
    [QQCycloneHelper Class]
        <{00000000-0592-4356-9CF7-1D8C2B3343C0}> <D:\QQ软件\QQ旋风\QQIEHelper01.dll> [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266]

--------------------------------
ActiveX Extension
    [QQCycloneHelper Class]
        <{00000000-0592-4356-9CF7-1D8C2B3343C0}> <D:\QQ软件\QQ旋风\QQIEHelper01.dll> [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266]
    [360SafeLive]
        <{87515F61-A66C-4319-A0E0-D416CB8059E3}> <C:\Program Files\360Safe\Safelive.dll> []
    [Shockwave Flash Object]
        <{D27CDB6E-AE6D-11CF-96B8-444553540000}> <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx> [(Verified)Adobe Systems, Inc., 9,0,124,0]

================================================================
服务

[NVIDIA Display Driver Service / nvsvc][Running/Auto Start]
    <C:\WINDOWS\system32\nvsvc32.exe>  [NVIDIA Corporation, 6.14.11.8611]

[Contrl Center of Storm Media / ccosm][Stopped/Disabled]
    <C:\Program Files\StormII\stormliv.exe /asservice>  [(Verified)**暴风网际科技有限公司, 3, 8, 3, 15]

================================================================
驱动

[AmdK8 Compatible Device / AmdK8][Stopped/Manual Start]
    <System32\drivers\amdk8.sys>  [Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226)]

[360SelfProtection / 360SelfProtection][Running/System Start]
    <system32\drivers\360SelfProtection.sys>  [(Verified)360安全中心, 1, 0, 0, 1028]
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
    <system32\drivers\ac97intc.sys>  [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK]
[Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start]
    <system32\DRIVERS\AcpiVpc.sys>  [(Verified)Lenovo Corporation, 5.1.2601.0]
[AtpKrnl / AtpKrnl][Running/Manual Start]
    <System32\Drivers\AtpKrnl.sys>  [(Verified)www.arswp.com, 3.00]
[Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start]
    <system32\DRIVERS\b57xp32.sys>  [(Verified)Broadcom Corporation, 10.62.0.0 (cbuild.09172007-1258,b57nd5x-main-lhdepot1106.CL-2346)]
[Conexant UAA Function Driver for High Definition Audio Service / CnxtHdAudService][Running/Manual Start]
    <system32\drivers\CHDAU32.sys>  [(Verified)Conexant Systems Inc., 3.66.9.0 built by: WinDDK]
[Dritek Keyboard Filter Driver / DKbFltr][Running/Manual Start]
    <system32\DRIVERS\DKbFltr.sys>  [(Verified)Dritek System Inc., 1, 2, 1, 420]
[EfiSystemMon / EfiMon][Running/System Start]
    <System32\Drivers\Efimon.sys>  [(Verified)奇虎网, 1, 0, 0, 1004]
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
    <system32\DRIVERS\fetnd5.sys>  [(Verified)VIA Technologies, Inc.              , 2.66]
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
    <system32\DRIVERS\HDAudBus.sys>  [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK]
[HookPort / HookPort][Running/Boot Start]
    <System32\Drivers\Hookport.sys>  [(Verified)360安全中心, 1, 0, 0, 1009]
[Intel(R) Wireless WiFi Link 适配器驱动程序（适用于 Windows XP 32 位） / NETw5x32][Running/Manual Start]
    <system32\DRIVERS\NETw5x32.sys>  [(Verified)Intel Corporation, 12.0.0.73]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.11.8611]
[Service for NVIDIA High Definition Audio Driver / NVHDA][Running/Manual Start]
    <system32\drivers\nvhda32.sys>  [(Verified)NVIDIA Corporation, 1.00.00.51 built by: WinDDK]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)]
[Quantum DeepScanner Servers / qutmdserv][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\qutmdrv.sys>  [(Verified)360.cn, 6.3.0.1009]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086]
[TesDrvPt / TesDrvPt][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesDrvPt.sys>  [(Verified)TENCENT, 1.0.5 built by: WinDDK]
[TesSafe / TesSafe][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesSafe.sys>  [(Verified)TENCENT, 1, 11, 4, 3442]

================================================================
活动进程


[PID: 900 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 956 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1120 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [NVIDIA Corporation, 6.14.11.8611]
    C:\WINDOWS\system32\nvapi.dll   [(Verified)NVIDIA Corporation, 6.14.11.8611]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1156 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1240 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1404 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\System32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1528 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1668 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 1908 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 632 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 744 / Administrator]   C:\WINDOWS\system32\conime.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll   []

[PID: 1808 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    C:\WINDOWS\System32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 432 / Administrator]   C:\WINDOWS\system32\Rundll32.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll   []

[PID: 476 / Administrator]   C:\WINDOWS\system32\RUNDLL32.EXE   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\NvMcTray.dll   [NVIDIA Corporation, 6.14.11.8611]
    C:\WINDOWS\system32\nvapi.dll   [(Verified)NVIDIA Corporation, 6.14.11.8611]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll   []
    C:\WINDOWS\system32\NVRSZHC.DLL   [NVIDIA Corporation, 6.14.11.8611]

[PID: 1580 / Administrator]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll   []

[PID: 412 / Administrator]   C:\WINDOWS\explorer.exe   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll   []
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\browselc.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\WinRAR\rarext.dll   [N/A]
    C:\Program Files\HaoZip\HaoZipExt.dll   [好压软件工作室, 1.7.0.3610]

[PID: 696 / Administrator]   D:\QQ软件\QQ旋风\QQDownload.exe   [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 271, 271]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll   []
    D:\QQ软件\QQ旋风\xmain.dll   [(Verified)Tencent Technology (Shenzhen) Company Limited, 1.9.272.272]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL   [Microsoft Corporation, 8.00.50727.762]
    D:\QQ软件\QQ\Bin\TXPFProxy.dll   [(Verified)N/A]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    D:\QQ软件\QQ旋风\xdownload.dll   [(Verified)Tencent Technology (Shenzhen) Company Limited, 1.9.273.273]
    D:\QQ软件\QQ旋风\xcore.dll   [(Verified)Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 90]
    D:\QQ软件\QQ旋风\Add**\Miner.dll   [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 4, 311]
    C:\Program Files\WinRAR\rarext.dll   [N/A]
    C:\Program Files\HaoZip\HaoZipExt.dll   [好压软件工作室, 1.7.0.3610]
    D:\QQ软件\QQ旋风\VideoParser.dll   [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 4, 203]

[PID: 180 / Administrator]   D:\QQ软件\QQ\Bin\QQ.exe   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\Common.dll   [(Verified)Tencent, 1, 25, 660, 0]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL   [Microsoft Corporation, 8.00.50727.762]
    D:\QQ软件\QQ\Bin\KernelUtil.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\GF.dll   [(Verified)Tencent, 1, 25, 750, 0]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    D:\QQ软件\QQ\Bin\AppUtil.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\MainFrame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\TXPFProxy.dll   [(Verified)N/A]
    D:\QQ软件\QQ\Bin\AppMisc.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\ChatFrame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\ConfigCenter.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\TaskTray.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\CustomFace.dll   [Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\IM.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\KernelMisc.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\LongCnn.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\ContactInfoFrame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\MsgMgr.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\SkinMgr.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\QInterLive.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\AppCtrl.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\SystemMsg.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll   [Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.Soso\Bin\Soso.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.SoBar\Bin\SoBar.dll   [Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.taotao\Bin\Taotao.dll   [(Verified)Tencent, 1, 25, 660, 0]
    C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll   [(Verified)Tencent, 1.2.0.32]
    C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL   [(Verified)Tencent, 1.2.0.9]
    D:\QQ软件\QQ\Bin\BasicCtrlDll.dll   [(Verified)TENCENT, 8,0,773,1801]
    D:\QQ软件\QQ\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll   [(Verified)Tencent, 1.25.1.25]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx   [(Verified)Adobe Systems, Inc., 9,0,124,0]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\msdmo.dll   [(Verified)N/A]
    D:\QQ软件\QQ\Plugin\com.tencent.advertisement\Bin\Advertisement.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.snsapp\Bin\SNSApp.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.NetBar\Bin\NetBar.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.wenwen\Bin\WenWen.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.mail\Bin\Mail.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.crm\Bin\CRM.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.paycenter\Bin\PayCenter.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqring\Bin\QQRing.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\GroupApp.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.wireless\Bin\Wireless.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqshow\Bin\QQShow.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\InformationBox.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqvip\Bin\QQVip.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqgame\Bin\QQGame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.memo\Bin\Memo.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qbar\Bin\QBar.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqpet\Bin\QQPet.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.today\Bin\Today.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.gamelife\Bin\GameLife.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\AddrSearch.dll   [(Verified)Tencent, 2, 3, 10, 12]

[PID: 3220 / Administrator]   D:\QQ软件\QQ\Bin\TXPlatform.exe   [(Verified)Tencent, 1, 25, 660, 0]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    D:\QQ软件\QQ\Bin\TXPFProxy.dll   [(Verified)N/A]

[PID: 2016 / Administrator]   D:\QQ软件\QQ\Bin\QQ.exe   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\Common.dll   [(Verified)Tencent, 1, 25, 660, 0]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL   [Microsoft Corporation, 8.00.50727.762]
    D:\QQ软件\QQ\Bin\KernelUtil.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\GF.dll   [(Verified)Tencent, 1, 25, 750, 0]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    D:\QQ软件\QQ\Bin\AppUtil.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\MainFrame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\TXPFProxy.dll   [(Verified)N/A]
    D:\QQ软件\QQ\Bin\AppMisc.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\TaskTray.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\ChatFrame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\ConfigCenter.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\CustomFace.dll   [Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\IM.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\KernelMisc.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\LongCnn.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\ContactInfoFrame.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\MsgMgr.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\SkinMgr.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\QInterLive.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\AppCtrl.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\SystemMsg.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll   [Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.Soso\Bin\Soso.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.SoBar\Bin\SoBar.dll   [Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\Com.Tencent.taotao\Bin\Taotao.dll   [(Verified)Tencent, 1, 25, 660, 0]
    C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll   [(Verified)Tencent, 1.2.0.32]
    C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL   [(Verified)Tencent, 1.2.0.9]
    D:\QQ软件\QQ\Bin\BasicCtrlDll.dll   [(Verified)TENCENT, 8,0,773,1801]
    D:\QQ软件\QQ\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll   [(Verified)Tencent, 1.25.1.25]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx   [(Verified)Adobe Systems, Inc., 9,0,124,0]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\msdmo.dll   [(Verified)N/A]
    D:\QQ软件\QQ\Plugin\com.tencent.advertisement\Bin\Advertisement.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.snsapp\Bin\SNSApp.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.NetBar\Bin\NetBar.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.wenwen\Bin\WenWen.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.mail\Bin\Mail.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.crm\Bin\CRM.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.paycenter\Bin\PayCenter.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqring\Bin\QQRing.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.wireless\Bin\Wireless.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqshow\Bin\QQShow.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\GroupApp.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqvip\Bin\QQVip.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qbar\Bin\QBar.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Bin\InformationBox.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqpet\Bin\QQPet.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.memo\Bin\Memo.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.today\Bin\Today.dll   [(Verified)Tencent, 1, 25, 660, 0]
    D:\QQ软件\QQ\Plugin\com.tencent.qqgame\Bin\QQGame.dll   [(Verified)Tencent, 1, 25, 660, 0]

[PID: 472 / Administrator]   F:\新建文件夹\arswp3\ArSwp3.exe   [(Verified)Windows 清理助手, 3.0.14.0130]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx   [(Verified)Adobe Systems, Inc., 9,0,124,0]

[PID: 2056 / Administrator]   C:\Program Files\Internet Explorer\iexplore.exe   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\browselc.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    D:\QQ软件\QQ旋风\QQIEHelper01.dll   [(Verified)Tencent Technology (Shenzhen) Company Limited, 1, 9, 266, 266]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx   [(Verified)Adobe Systems, Inc., 9,0,124,0]
    C:\WINDOWS\system32\QQPINYIN.IME   [(Verified)Tencent, 3.1.730.201]

================================================================
文件关联


================================================================
Autorun.Inf

================================================================
Winsock**者


================================================================
隐藏进程


================================================================
可疑文件


================================================================
HOSTS

    127.0.0.1 localhost


[/code]

fxmagic 发表于 2010-3-7 15:25

[quote] 3# fxmagic  

新开个帖子，扫描个系统诊断报告上来！
[size=2][color=#999999]西门吹雪 发表于 2010-3-7 10:14[/color] [url=http://bbs.arswp.com/redirect.php?goto=findpost&pid=242532&ptid=56752][img]http://bbs.arswp.com/images/common/back.gif[/img][/url][/size][/quote]

前几天发过贴子的. [url=http://bbs.arswp.com/thread-56601-1-3.html]http://bbs.arswp.com/thread-56601-1-3.html[/url]

890212 发表于 2010-3-8 23:52

求助！！！！为什么我用清理助手修复一次多一个IE 汗死哦

西门吹雪 发表于 2010-3-8 23:59

[b] [url=http://bbs.arswp.com/redirect.php?goto=findpost&pid=242671&ptid=56752]9#[/url] [i]890212[/i] [/b]
你的报告看不出问题!
在哪里多出一个IE ?

TAMMY2010 发表于 2010-3-9 10:50

清理助手 有没有用啊  清理一次我也同样多出来一个IE 另一个正常的主页也被修改了 晕死

xs62639 发表于 2010-3-9 11:05

IE的问题解决了，太感谢了，
还有一个问题，我下电子书时弄下来一个皮皮（PIPI）播放器无法删除。
卸载的快捷方式不好使，而且图标是穿越火线。
也无法直接删除C盘文件夹。恼火！

xs62639 发表于 2010-3-9 11:06

IE的问题解决了，太感谢了，

还有一个问题，我下电子书时弄下来一个皮皮（PIPI）播放器无法删除。

卸载的快捷方式不好使，而且图标是穿越火线。

也无法直接删除C盘文件夹。恼火！

890212 发表于 2010-3-9 12:49

[b] [url=http://bbs.arswp.com/redirect.php?goto=findpost&pid=242672&ptid=56752]10#[/url] [i]西门吹雪[/i] [/b]
情况就是这样
[code]
2010-03-08,23:19:35
SysLog Scanner 3.0 - build 20091220
Arswp (http://www.arswp.com)
Windows XP Professional Service Pack 3 (build 2600)

================================================================
注册项

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon> <RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105) | NVIDIA Corporation, 6.14.11.8574]
    <NvMediaCenter> <RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105) | NVIDIA Corporation, 6.14.11.8574]
    <ETDWare> <C:\Program Files\Elantech\ETDCtrl.exe> [(Verified)ELAN Microelectronic Corp., 7, 0, 5, 3]
    <AmIcoSinglun> <C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe> [AlcorMicro Co., Ltd., 1, 0, 0, 3]
    <HControlUser> <C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe> [ASUS, 1, 0, 41, 1]
    <ATKHOTKEY> <C:\Program Files\ASUS\ATK Hotkey\HControl.exe> [(Verified)ASUS, 1, 0, 49, 2]
    <ATKOSD2> <C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe> [ASUS, 7, 0, 3, 6]
    <Wireless C**ole 3> <C:\Program Files\ASUS\Wireless C**ole 3\wcourier.exe> [Copyright (C) 2005, 3, 0, 8, 0]
    <Power4Gear> <C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1> [(Verified)ASUSTeK Computer Inc., 1043, 6, 15, 119]
    <ASUS Live Update> <C:\Program Files\ASUS\ASUS Live Update\ALU.exe> [(Verified)Copyright (C) 2002 ASUSTek. Corporation, 1, 0, 0, 1]
    <ATKMEDIA> <C:\Program Files\ASUS\ATK Media\DMedia.exe> [ASUS, 2, 0, 5, 1]
    <ACMON> <C:\Program Files\ASUS\Splendid\ACMON.exe> [ATK, 1, 0, 9, 0]
    <360Safetray> <"C:\Program Files\360\360safe\safemon\360tray.exe" /start> [(Verified)360.CN, 6, 2, 0, 3002]
    <360Safebox> <"C:\Program Files\360Safebox\SafeBoxTray.exe" /r> [(Verified)360.cn, 3, 0, 0, 1008]
    <RTHDCPL> <RTHDCPL.EXE> [(Verified)Realtek Semiconductor Corp., 2.2.7.4]
    <Adobe ARM> <"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"> [(Verified)Adobe Systems Incorporated, 1.0.5.0]
    <egui> <"C:\Program Files\ESET\ESET NOD32 Antivirus\EsetAct\essact.exe" -waitservice> [Version 2 Limited, 2.0 ]
    <SuperKiller> <"C:\Program Files\360\360safe\firstaid\SuperKiller.exe"  /REG> [(Verified)360.cn, 4, 3, 0, 1010 | (Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensi**]
    <{95B3F550-91C4-4627-BCC4-521288C52977}> <f:\PPTV\PPLive.exe> [(Verified)PPLive Corporation, 2, 3, 0, 2]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt]
    <使用迅雷下载> <C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm> [N/A]
    <使用迅雷下载全部链接> <C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Opti**]
    <Your Image File Name Here without a path> <ntsd -d> []
================================================================
启动组

================================================================
任务计划
[GoogleUpdateTaskMachineUA.job]
    <C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job> <"C:\Program Files\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler> [(Verified)Google Inc., 1.2.183.9]
[GoogleUpdateTaskMachineCore.job]
    <C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job> <"C:\Program Files\Google\Update\GoogleUpdate.exe" /c> [(Verified)Google Inc., 1.2.183.9]
================================================================
组件

--------------------------------
Shell Extension
    [Display Panning CPL Extension]
        <{42071714-76d4-11d1-8b24-00a0c9068ff3}> <deskpan.dll> []
    [HyperTerminal Icon Ext]
        <{88895560-9AA2-1069-930E-00AA0030EBC8}> <C:\WINDOWS\system32\htic**.dll> [(Verified)Hilgraeve, Inc., 5.1.2600.0]
    [Set Program Access and Defaults]
        <{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}> <%SystemRoot%\system32\shdocvw.dll> [Microsoft Corporation, 6.00.2900.5694 (xpsp_sp3_gdr.081015-1312)]
    [任务栏和「开始」菜单]
        <{0DF44EAA-FF21-4412-828E-260A8728E7F1}> <> []
    [WinRAR shell extension]
        <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> <C:\Program Files\WinRAR\rarext.dll> [N/A]
    [Desktop Explorer]
        <{1CDB2949-8F65-4355-8456-263E7C208A5D}> <C:\WINDOWS\system32\nvshell.dll> [N/A]
    [NvCpl DesktopContext Class]
        <{A70C977A-BF00-412C-90B7-034C51DA2439}> <C:\WINDOWS\system32\nvcpl.dll> [NVIDIA Corporation, 6.14.11.8574]
    [Windows Desktop Search]
        <{13E7F612-F261-4391-BEA2-39DF4F3FA311}> <C:\Program Files\Windows Desktop Search\msnlExt.dll> [Microsoft Corporation, 7.00.6001.18260 (vistasp1_gdr_oobsvc.090524-1500)]
    [ESET Smart Security - Context Menu Shell Extension]
        <{B089FE88-FB52-11D3-BDF1-0050DA34150D}> <C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll> [(Verified)ESET, 4.0.441.0 ]
--------------------------------
ToolBar
    [Google Toolbar]
        <{2318C2B1-4965-11d4-9B18-009027A5CD4F}> <C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll> [(Verified)Google Inc., 6, 4, 1208, 1530 ]
--------------------------------
Protocols
    []
        <{6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}> <C:\WINDOWS\system32\KuGoo3DownXControl.ocx> [(Verified)酷狗, 5.2.4.51]
--------------------------------
Context Menu
    [ESET Smart Security - Context Menu Shell Extension]
        <{B089FE88-FB52-11D3-BDF1-0050DA34150D}> <C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll> [(Verified)ESET, 4.0.441.0 ]
    [OpenFolder]
        <{0DE1378D-F811-40E6-B60A-1CC56F57D3E9}> <C:\Program Files\AliWangWang\AliIMExt.dll> [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1]
    [QvodMenu]
        <{9F44453E-1E46-4D5C-B57C-112FF2EDAE82}> <f:\QvodPlayer\QvodBand.dll> [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0]
    [WinRAR]
        <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> <C:\Program Files\WinRAR\rarext.dll> [N/A]
    [00nView]
        <{1E9B04FB-F9E5-4718-997B-B8DA88302A48}> <C:\WINDOWS\system32\nvshell.dll> [N/A]
    [NvCplDesktopContext]
        <{A70C977A-BF00-412C-90B7-034C51DA2439}> <C:\WINDOWS\system32\nvcpl.dll> [NVIDIA Corporation, 6.14.11.8574]
--------------------------------
Copy Hook
    [CDF Extension Copy Hook]
        <{67EA19A0-CCEF-11d0-8024-00C04FD75D13}> <%SystemRoot%\system32\shdocvw.dll> [Microsoft Corporation, 6.00.2900.5694 (xpsp_sp3_gdr.081015-1312)]
--------------------------------
BrowserHelperObject
    [Thunder Browser Helper]
        <{889D2FEB-5411-4565-8998-1DD2C5261283}> <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll> [(Verified)深圳市迅雷网络技术有限公司, 5,9,16,1306]
--------------------------------
ActiveX Extension
    [QQCycloneHelper Class]
        <{00000000-12C9-4305-82F9-43058F20E8D2}> <E:\腾讯游戏\旋风\QQIEHelper01.dll> [(Verified)Tencent Technology (Shenzhen) Company Limited, 2, 0, 528, 204]
    [Google Script Object]
        <{00EF2092-6AC5-47C0-BD25-CF2D5D657FEB}> <C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll> [(Verified)Google Inc., 6, 4, 1208, 1530 ]
    [ThunderAtOnce Class]
        <{01443AEC-0FD1-40FD-9C87-E93D1494C233}> <C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll> [(Verified)深圳市迅雷网络技术有限公司, 5,9,16,1306]
    []
        <{05F5F404-7C24-4B39-B5CC-340CEDEB9C0D}> <> []
    [Web Browser Applet Control]
        <{08B0E5C0-4FCB-11CF-AAA5-00401C608501}> <C:\WINDOWS\system32\msjava.dll> [Microsoft Corporation, 5.00.3810]
    [Adobe PDF Link Helper]
        <{18DF081C-E8AD-4283-A596-FA578C2EBDC3}> <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll> [(Verified)Adobe Systems Incorporated, 9.1.0.2009022700]
    [iTrusPTA Class]
        <{1E0DFFCF-27FF-4574-849B-55007349FEDA}> <C:\WINDOWS\system32\aliedit\pta.dll> [(Verified)Copyright 2001, 2, 5, 1, 509]
    [QQCPHelper.CPAdder]
        <{23752AA7-CAD7-40C2-99EE-7A9CD3C20C6D}> <C:\PROGRA~1\Tencent\QQ\Bin\CPHelper.dll> [(Verified)Tencent, 1, 45, 1530, 0]
    [DetectAddin Class]
        <{2D90D33C-DE76-42D0-9040-E4466DDC24AC}> <C:\Program Files\Thunder Network\Thunder\Program\EmbedDetectNow.dll> [(Verified)Xunlei, 1, 0, 0, 9]
    [Thunder Agent Class]
        <{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}> <C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent5.9.16.1306.dll> [(Verified)深圳市迅雷网络技术有限公司, 5,9,16,1306]
    [EditCtrl Class]
        <{488A4255-3236-44B3-8F27-FA1AECAA8844}> <C:\WINDOWS\system32\aliedit\aliedit.dll> [(Verified)Copyright 2008, 2, 1, 2, 5]
    [QvodExtend]
        <{53AC8551-0DE0-4606-8A1E-A51AF20ADD60}> <f:\QvodPlayer\QvodExtend.dll> [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0]
    [CAcroFDFHandler Class]
        <{5BB2200E-5672-4A32-902A-5A98DB1C58DC}> <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroPDF.dll> [(Verified)Adobe Systems, Inc., 9.2.0.124]
    [WangWangX Class]
        <{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B}> <C:\Program Files\AliWangWang\AliIMX.dll> [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1]
    [XMP Class]
        <{6483F145-A768-4C41-AACC-52D4D7845851}> <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work> [Xunlei Networking Technologies,LTD, 2, 1, 9, 102]
    [QvodShare Class]
        <{7139E26A-49CA-4344-B063-C702858627D9}> <f:\QvodPlayer\ShareModule.dll> [(Verified)Shenzhen QVOD Technology Co.,Ltd, 1, 0, 0, 0]
    [MediaComm Class]
        <{7670648D-461B-42AF-BDFE-46D26AF5EFF2}> <C:\Program Files\Thunder Network\Thunder\userdata\Components\InMedia\MediaAddin.dll> [Thunder Networking Technologies,LTD, 3, 1, 7, 83]
    [CertEnroll Class]
        <{7978461C-CC22-48F2-BC69-02220D3E101D}> <C:\WINDOWS\system32\itrusenroll.dll> [(Verified)iTruschina Co., Ltd., 1, 0, 0, 6]
    [XDownloaddManager Class]
        <{802F530B-A8F6-4631-AE49-6BACAAC6373E}> <C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll> [(Verified)深圳市迅雷网络技术有限公司, 5,9,16,1306]
    [360SafeLive]
        <{87515F61-A66C-4319-A0E0-D416CB8059E3}> <C:\Program Files\360\360safe\Safelive.dll> [(Verified)Copyright 2008, 1, 0, 0, 1006]
    [OFrameObject Class]
        <{9701758C-4373-482E-B13C-776C048EC890}> <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5915.268.(741).dll> [(Verified)深圳市迅雷网络技术有限公司, 2, 3, 5915, 268]
    [VersionDetector Class]
        <{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B}> <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.29.(742).dll> [(Verified)深圳市迅雷网络技术有限公司, 1, 1, 0, 29]
    [APlayer Control]
        <{A9322148-C691-4B9D-91FC-B9C461DBE9DD}> <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll> [(Verified)ShenZhen Thunder Networking Technologies, LTD, 2.0.1.232]
    [Download_Bho Class]
        <{A986E409-30CC-4185-89BB-AB212C104524}> <C:\Program Files\PPLive\PPVA\DownloaderManager.dll> [(Verified)Synacast, 1.0.5.56]
    [Google Toolbar Notifier BHO]
        <{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}> <C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll> [(Verified)Google Inc., 5, 5, 4723, 1820]
    [SearchAssistantOC]
        <{B45FF030-4447-11D2-85DE-00C04FA35C89}> <%SystemRoot%\system32\shdocvw.dll> [Microsoft Corporation, 6.00.2900.5694 (xpsp_sp3_gdr.081015-1312)]
    [SafeMon Class]
        <{B69F34DD-F0F9-42DC-9EDD-957187DA688D}> <C:\Program Files\360\360safe\safemon\safemon.dll> [(Verified)360安全中心, 5, 2, 0, 1005]
    [QQCertCtrl Class]
        <{BAEA0695-03A4-43BB-8495-C7025E1A8F42}> <C:\Program Files\Common Files\Tencent\Paycenter\qqcert.dll> [(Verified)Tencent, 1, 0, 2, 2]
    [Shockwave Flash Object]
        <{D27CDB6E-AE6D-11CF-96B8-444553540000}> <C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx> [(Verified)Adobe Systems, Inc., 10,0,42,34]
    [PasswordEditCtrl Class]
        <{E787FD25-8D7C-4693-AE67-9406BC6E22DF}> <C:\Program Files\Common Files\Tencent\Paycenter\qqedit.dll> [(Verified)Tencent, 1, 1, 0, 7]
    [TimwpDll.TimwpCheck]
        <{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4}> <C:\PROGRA~1\Tencent\QQ\Bin\Timwp.dll> [(Verified)Tencent, 1, 45, 1530, 0]
    [PPLive Lite Class]
        <{EF0D1A14-1033-41A2-A589-240C01EDC078}> <C:\Program Files\Common Files\PPLiveNetwork\plugin\pplugin2.dll> [(Verified)Copyright 2008, 1, 1, 0, 5]
    [QvodCtrl Class]
        <{F3D0D36F-23F8-4682-A195-74C92B03D4AF}> <f:\QvodPlayer\QvodInsert.dll> [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 5, 0, 64]
    [XPPlayer Class]
        <{F3E70CEA-956E-49CC-B444-73AFE593AD7F}> <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.59150.261.(742).dll> [(Verified)深圳市迅雷网络技术有限公司, 2, 1, 59150, 261]
    [webmod Class]
        <{FEE3C8C5-9BEA-4079-AB36-63ECABFC7392}> <C:\Program Files\AliWangWang\alidcp.dll> [(Verified)Alipay.com Co.,Ltd, 1, 0, 0, 4]
    [Google Update Plugin]
        <{F3FFF5F4-A643-447E-A5A5-0B5F760C7F4A}> <C:\Program Files\Google\Update\1.2.183.17\npGoogleOneClick8.dll> [(Verified)Google Inc., 1.2.183.17]
================================================================
服务
[ATKGFNEX Service / ATKGFNEXSrv][Running/Auto Start]
    <C:\Program Files\ATKGFNEX\GFNEXSrv.exe>  [Copyright (C) 2007, 1, 0, 0, 8]
[NVIDIA Display Driver Service / nvsvc][Running/Auto Start]
    <C:\WINDOWS\system32\nvsvc32.exe>  [NVIDIA Corporation, 6.14.11.8574]
[ESET HTTP Server / EhttpSrv][Stopped/Manual Start]
    <"C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe">  [(Verified)ESET, 4.0.441.0 ]
[ESET Service / ekrn][Running/Auto Start]
    <"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe">  [(Verified)ESET, 4.0.441.0 ]
[Google 更新服务 (gupdate) / gupdate][Stopped/Auto Start]
    <"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc>  [(Verified)Google Inc., 1.2.183.9]
[Google Software Updater / gusvc][Stopped/Manual Start]
    <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe">  [(Verified)Google, 2.4.1441.4352.beta]
[spmgr / spmgr][Running/Auto Start]
    <C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe>  [(Verified)Copyright 2002, 1, 0, 0, 1]
[SRS Volume Sync Service / SRS_VolSync_Service][Running/Auto Start]
    <"C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe">  [(Verified)SRS Labs, Inc., 1, 0, 2, 0]
[Tencent Software Update Service / TSUSVC][Stopped/Auto Start]
    <"C:\Program Files\Tencent\QQSoftMgr\1.0.338.203\TencentUpdateSvc.exe" -run>  [(Verified)Tencent, 1.0 Beta3 Build 338]
[主动防御 / ZhuDongFangYu][Running/Auto Start]
    <"C:\Program Files\360\360safe\deepscan\zhudongfangyu.exe">  [(Verified)360.cn, 3, 2, 0, 1001]
================================================================
驱动
[Atheros AR5008 Wireless Network Adapter Service / AR5416][Running/Manual Start]
    <system32\DRIVERS\athw.sys>  [Atheros Communicati**, Inc., 7.7.0.348]
[nvsmu / nvsmu][Running/Manual Start]
    <system32\DRIVERS\nvsmu.sys>  [NVIDIA Corporation, 5.10.2600.0161 built by: WinDDK]
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]
    <system32\DRIVERS\Rtenicxp.sys>  [Realtek Semiconductor Corporation                           , 5.684.1205.2007 built by: WinDDK]
[sptd / sptd][Running/Boot Start]
    <System32\Drivers\sptd.sys>  [N/A]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)]
[Driver for XLPPoEPC Device / XLPPoEPC][Running/Manual Start]
    <system32\DRIVERS\XLPPoEPC.sys>  [西安信利软件系统公司, 1.0.0.0]
[360AntiARP / 360AntiARP][Running/System Start]
    <\??\C:\WINDOWS\system32\Drivers\360AntiARP.sys>  [(Verified)360安全中心, 1, 2, 0, 1003]
[360SelfProtection / 360SelfProtection][Running/System Start]
    <system32\drivers\360SelfProtection.sys>  [(Verified)360安全中心, 1, 0, 0, 1028]
[Ambfilt / Ambfilt][Stopped/Manual Start]
    <system32\drivers\Ambfilt.sys>  [(Verified)Creative, 5.10.00.4240]
[ASMMAP / ASMMAP][Running/Auto Start]
    <\??\C:\Program Files\ATKGFNEX\ASMMAP.sys>  [(Verified)Copyright (C), 1.1.7.123 built by: WinDDK]
[BAPIDRV / BAPIDRV][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\BAPIDRV.SYS>  [(Verified)360.cn, 1.0.0.1005]
[eamon / eamon][Running/Auto Start]
    <system32\DRIVERS\eamon.sys>  [(Verified)ESET, 4.0.441.0 ]
[EfiSystemMon / EfiMon][Running/System Start]
    <System32\Drivers\Efimon.sys>  [(Verified)奇虎网, 1, 0, 0, 1004]
[ehdrv / ehdrv][Running/System Start]
    <system32\DRIVERS\ehdrv.sys>  [(Verified)ESET, 4.0.441.0 ]
[epfwtdir / epfwtdir][Running/System Start]
    <system32\DRIVERS\epfwtdir.sys>  [(Verified)ESET, 4.0.441.0 ]
[ELAN PS/2 Port Input Device / ETD][Stopped/Manual Start]
    <system32\DRIVERS\ETD.sys>  [(Verified)ELAN Microelectronic Corp., 7, 0, 5, 3]
[ghaio / ghaio][Running/Auto Start]
    <\??\C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys>  [(Verified)N/A]
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
    <system32\DRIVERS\HDAudBus.sys>  [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK]
[HookPort / HookPort][Running/Boot Start]
    <System32\Drivers\Hookport.sys>  [(Verified)360安全中心, 1, 0, 0, 1009]
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
    <system32\drivers\RtkHDAud.sys>  [(Verified)Realtek Semiconductor Corp., 5.10.0.5817 built by: WinDDK]
[ipswuio / ipswuio][Stopped/Manual Start]
    <System32\DRIVERS\ipswuio.sys>  [(Verified)Windows (R) 2000 DDK provider, 5.1.2600.0 built by: WinDDK]
[Monfilt / Monfilt][Stopped/Manual Start]
    <system32\drivers\Monfilt.sys>  [(Verified)Creative Technology Ltd., 5.10.0.4112]
[ATK0100 ACPI UTILITY / MTsensor][Running/Manual Start]
    <system32\DRIVERS\ATKACPI.sys>  [(Verified)1043, 2, 15, 83]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.11.8574]
[nvgts / nvgts][Running/Boot Start]
    <system32\DRIVERS\nvgts.sys>  [(Verified)NVIDIA Corporation, 10.3.0.46 built by: WinDDK]
[DDK PACKET Protocol / Packet][Running/System Start]
    <system32\DRIVERS\ProtoDrv.sys>  [(Verified)360安全中心, 1, 2, 0, 1002]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)]
[Quantum DeepScanner Servers / qutmdserv][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\qutmdrv.sys>  [(Verified)360.cn, 6.3.0.1009]
[qutmipc / qutmipc][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\qutmipc.sys>  [(Verified)360安全中心, 1.0.0.1006]
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys>  [(Verified)360安全中心, 2, 4, 0, 1007]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086]
[USB2.0 PC Camera (SNP2UVC) / SNP2UVC][Running/Manual Start]
    <system32\DRIVERS\snp2uvc.sys>  [(Verified)Copyright 2004-2007, 2, 1, 4, 1]
[SRS Labs Premium Sound / SRS_PremiumSound_Service][Stopped/Manual Start]
    <system32\drivers\srs_PremiumSound_i386.sys>  [(Verified)Copyright (C) 2008 SRS Labs, Inc., 1, 18, 0, 0]
[TesDrvPt / TesDrvPt][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesDrvPt.sys>  [(Verified)TENCENT, 1.0.5 built by: WinDDK]
[TesSafe / TesSafe][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesSafe.sys>  [(Verified)TENCENT, 1, 11, 4, 3442]
================================================================
活动进程

[PID: 1288 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    C:\WINDOWS\system32\sfc_os.dll   [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1344 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\psbase.dll   [Microsoft Corporation, 5.1.2600.5642 (xpsp_sp3_gdr.080716-1319)]
[PID: 1508 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [NVIDIA Corporation, 6.14.11.8574]
    C:\WINDOWS\system32\nvapi.dll   [(Verified)NVIDIA Corporation, 6.14.11.8574]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1544 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1628 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\ESPI11.dll   [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
[PID: 1848 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\System32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\ESPI11.dll   [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
    c:\windows\system32\msi.dll   [Microsoft Corporation, 4.5.6001.22159]
    C:\WINDOWS\System32\sfc_os.dll   [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 2000 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\ESPI11.dll   [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
[PID: 2040 / SYSTEM]   C:\Program Files\360\360safe\deepscan\zhudongfangyu.exe   [(Verified)360.cn, 3, 2, 0, 1001]
    C:\Program Files\360\360safe\deepscan\CloudCom2.dll   [(Verified)360.cn, 3, 2, 1, 1004]
    C:\Program Files\360\360safe\deepscan\heavygate.dll   [360.cn, 3, 6, 21, 0]
    C:\Program Files\360\360safe\SoftMgr\360SoftMgrS.dll   [(Verified)奇虎网, 2, 1, 5, 1010]
    C:\Program Files\360\360safe\deepscan\qutmload.dll   [(Verified)360.cn, 6, 2, 0, 1007]
[PID: 692 / SYSTEM]   C:\Program Files\ATKGFNEX\GFNEXSrv.exe   [Copyright (C) 2007, 1, 0, 0, 8]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 744 / Administrator]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\SHDOCVW.dll   [Microsoft Corporation, 6.00.2900.5694 (xpsp_sp3_gdr.081015-1312)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\msi.dll   [Microsoft Corporation, 4.5.6001.22159]
    C:\Program Files\Elantech\ETDApix.dll   [(Verified)ELAN Microelectronic Corp., 7, 0, 5, 3]
    C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll   [(Verified)Adobe Systems, Inc., 9.1.0.2009022700]
    C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS   [N/A]
    C:\WINDOWS\system32\nvcpl.dll   [NVIDIA Corporation, 6.14.11.8574]
    C:\WINDOWS\system32\NVRSZHC.DLL   [NVIDIA Corporation, 6.14.11.8574]
    C:\WINDOWS\system32\nvapi.dll   [(Verified)NVIDIA Corporation, 6.14.11.8574]
    C:\WINDOWS\system32\nvshell.dll   [N/A]
    C:\Program Files\360\360safe\safemon\safemon.dll   [(Verified)360安全中心, 5, 2, 0, 1005]
    C:\WINDOWS\system32\browselc.dll   [Microsoft Corporation, 6.00.2600.0000]
    C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll   [(Verified)深圳市迅雷网络技术有限公司, 5,9,16,1306]
    C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCP71.dll   [Microsoft Corporation, 7.10.6030.0]
    C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCR71.dll   [Microsoft Corporation, 7.10.6030.0]
    C:\Program Files\Thunder Network\Thunder\ComDlls\ATL71.DLL   [Microsoft Corporation, 7.10.6101.0]
    C:\Program Files\Thunder Network\Thunder\userdata\Components\ResWorker\DsBho_00.dll   [Thunder Networking Technologies,LTD, 1, 0, 0, 26]
    C:\Program Files\Thunder Network\Thunder\userdata\Components\ResWorker\DataProcessor_00.dll   [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    C:\Program Files\WinRAR\rarext.dll   [N/A]
    f:\QvodPlayer\QvodBand.dll   [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0]
    C:\Program Files\AliWangWang\AliIMExt.dll   [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1]
    C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll   [(Verified)ESET, 4.0.441.0 ]
[PID: 800 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\sfc_os.dll   [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\msi.dll   [Microsoft Corporation, 4.5.6001.22159]
[PID: 1904 / Administrator]   C:\WINDOWS\system32\RUNDLL32.EXE   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\NvMcTray.dll   [NVIDIA Corporation, 6.14.11.8574]
    C:\WINDOWS\system32\nvapi.dll   [(Verified)NVIDIA Corporation, 6.14.11.8574]
    C:\WINDOWS\system32\NVRSZHC.DLL   [NVIDIA Corporation, 6.14.11.8574]
[PID: 1920 / Administrator]   C:\Program Files\Elantech\ETDCtrl.exe   [(Verified)ELAN Microelectronic Corp., 7, 0, 5, 3]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\Elantech\ETDIsos.dll   [(Verified)ELANTECH Devices Corp., 7, 0, 4, 0]
    C:\Program Files\Elantech\ETDApix.dll   [(Verified)ELAN Microelectronic Corp., 7, 0, 5, 3]
    C:\Program Files\Elantech\ETDCmds.dll   [(Verified)ELAN Microelectronic Corp., 7, 0, 5, 3]
[PID: 1944 / Administrator]   C:\Program Files\AmIcoSingLun\AmIcoSinglun.exe   [AlcorMicro Co., Ltd., 1, 0, 0, 3]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1964 / Administrator]   C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe   [ASUS, 1, 0, 41, 1]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\ASUS\ATK Hotkey\MsgTran.dll   [All rights reserved., 1.0.0.0]
[PID: 440 / Administrator]   C:\Program Files\ASUS\ATK Hotkey\HControl.exe   [(Verified)ASUS, 1, 0, 49, 2]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1228 / Administrator]   C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe   [ASUS, 7, 0, 3, 6]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 612 / Administrator]   C:\Program Files\ASUS\Wireless C**ole 3\wcourier.exe   [Copyright (C) 2005, 3, 0, 8, 0]
    C:\Program Files\ASUS\Wireless C**ole 3\inter_f2.dll   [ATK, 1043, 2, 15, 52]
    C:\Program Files\ASUS\Wireless C**ole 3\ATKWLIOC.DLL   [ACTIONTEC Electronics,Inc, 2.01.02]
    C:\Program Files\ASUS\Wireless C**ole 3\SiSPkt.dll   [Silicon Integrated Systems Corp., 1, 0, 0, 45]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1912 / Administrator]   C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe   [(Verified)ASUSTeK Computer Inc., 1043, 6, 15, 119]
    C:\Program Files\ASUS\Power4 Gear\ATKMETHOD.dll   [ASUSTeK Computer Inc., 1043, 6, 15, 118]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 372 / Administrator]   C:\Program Files\ASUS\ATK Media\DMedia.exe   [ASUS, 2, 0, 5, 1]
    C:\Program Files\ASUS\ATK Media\ATKMETHOD.dll   [ASUS, 2, 0, 0, 1]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 604 / Administrator]   C:\Program Files\ASUS\ATK Hotkey\ATKOSD.exe   [ASUS, 1, 0, 41, 1]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 912 / Administrator]   C:\Program Files\ASUS\Splendid\ACMON.exe   [ATK, 1, 0, 9, 0]
    C:\Program Files\ASUS\Splendid\OVS.dll   [ASUSTek, 1, 0, 0, 1]
    C:\Program Files\ASUS\Splendid\GLCDdll.dll   [Copyright (C) 2005, 1, 0, 1, 0]
    C:\Program Files\ASUS\Splendid\Chameleon.dll   [ASUSTeK, 1, 0, 0, 3]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\Elantech\ETDApix.dll   [(Verified)ELAN Microelectronic Corp., 7, 0, 5, 3]
[PID: 1388 / Administrator]   C:\WINDOWS\RTHDCPL.EXE   [(Verified)Realtek Semiconductor Corp., 2.2.7.4]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1084 / Administrator]   C:\Program Files\ASUS\ATK Hotkey\WDC.exe   [(Verified)ASUS, 1, 0, 46, 1]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1596 / Administrator]   C:\WINDOWS\system32\ACEngSvr.exe   [ASUSTeK, 1, 0, 0, 4]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 728 / Administrator]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1800 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
    C:\WINDOWS\System32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\ESPI11.dll   [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
[PID: 1956 / SYSTEM]   C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnScan.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnAmon.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEmon.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnDmon.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnEpfw.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnUpdate.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\updater.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\ekrnMailPlugins.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\ESPI11.dll   [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
[PID: 468 / SYSTEM]   C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe   [(Verified)Copyright 2002, 1, 0, 0, 1]
    C:\Program Files\ASUS\NB Probe\SPM\spdiskex.dll   [N/A]
    C:\Program Files\ASUS\NB Probe\SPM\spos.dll   [N/A]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\ASUS\NB Probe\SPM\spnbacpi.dll   [N/A]
    C:\Program Files\ASUS\NB Probe\SPM\spdmi.dll   [N/A]
    C:\Program Files\ASUS\NB Probe\SPM\ghadmi.dll   [N/A]
    C:\Program Files\ASUS\NB Probe\SPM\spmemory.dll   [N/A]
    C:\WINDOWS\system32\odbcbcp.dll   [Microsoft Corporation, 2000.085.3006.00 (xpsp_sp3_gdr.080821-1454)]
[PID: 1140 / SYSTEM]   C:\Program Files\SRS Labs\SRS Premium Sound\SRS_VolSync.exe   [(Verified)SRS Labs, Inc., 1, 0, 2, 0]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1168 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\WINDOWS\system32\ESPI11.dll   [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
[PID: 1192 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2252 / SYSTEM]   C:\WINDOWS\system32\SearchIndexer.exe   [(Verified)Microsoft Corporation, 7.0.6001.16503 (longhorn(wmbla).080526-2159)]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2344 / Administrator]   C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe   [(Verified)ESET, 4.0.441.0 ]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\360\360safe\safemon\safemon.dll   [(Verified)360安全中心, 5, 2, 0, 1005]
    C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll   [(Verified)ESET, 4.0.441.0 ]
    C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll   [(Verified)ESET, 4.0.441.0 ]
[PID: 3252 / Administrator]   C:\Program Files\ChinaNetSn\bin\NetKeeper.exe   [XI AN XINLI SOFTWARE TECHNOLOGY CO.,LTD, 0, 0, 3, 9]
    C:\Program Files\ChinaNetSn\bin\StringList.dll   [N/A]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\360\360safe\safemon\safemon.dll   [(Verified)360安全中心, 5, 2, 0, 1005]
    C:\Program Files\Elantech\ETDApix.dll   [(Verified)ELAN Microelectronic Corp., 7, 0, 5, 3]
    C:\Program Files\ChinaNetSn\bin\xinliPPPoE.dll   [版权所有 (C) 2007, 1, 0, 0, 7]
    C:\WINDOWS\system32\PProxyCTL.dll   [西安, 4, 0, 0, 3]
    C:\WINDOWS\system32\ESPI11.dll   [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
    C:\Program Files\ChinaNetSn\plugin\EPHONE\NetKeeperToEcp.dll   [浙江省公众信息产业有限公司, 0, 1, 1, 0]
    C:\WINDOWS\system32\shdocvw.dll   [Microsoft Corporation, 6.00.2900.5694 (xpsp_sp3_gdr.081015-1312)]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2828 / Administrator]   D:\TDDOWNLOAD\arswp3\ArSwp3.exe   [(Verified)Windows 清理助手, 3.0.14.0301]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\360\360safe\safemon\safemon.dll   [(Verified)360安全中心, 5, 2, 0, 1005]
    C:\WINDOWS\system32\ESPI11.dll   [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
    C:\Program Files\Elantech\ETDApix.dll   [(Verified)ELAN Microelectronic Corp., 7, 0, 5, 3]
    C:\WINDOWS\system32\shdocvw.dll   [Microsoft Corporation, 6.00.2900.5694 (xpsp_sp3_gdr.081015-1312)]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx   [(Verified)Adobe Systems, Inc., 10,0,42,34]
[PID: 3276 / Administrator]   C:\Program Files\Internet Explorer\iexplore.exe   [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\360\360safe\safemon\safemon.dll   [(Verified)360安全中心, 5, 2, 0, 1005]
    C:\Program Files\Elantech\ETDApix.dll   [(Verified)ELAN Microelectronic Corp., 7, 0, 5, 3]
[PID: 3388 / Administrator]   C:\Program Files\Internet Explorer\iexplore.exe   [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\360\360safe\safemon\safemon.dll   [(Verified)360安全中心, 5, 2, 0, 1005]
    C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll   [(Verified)Google Inc., 6, 4, 1208, 1530 ]
    C:\WINDOWS\system32\msi.dll   [Microsoft Corporation, 4.5.6001.22159]
    C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_78F32466E61F1EEC.dll   [(Verified)Google Inc., 6, 4, 1321, 1732 ]
    C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll   [Google Inc., 6, 4, 1321, 1732 ]
    C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_ext_zh-CN_32_52173432FFDB9692.dll   [(Verified)Google Inc., 6, 4, 1321, 1732 ]
    C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll   [(Verified)深圳市迅雷网络技术有限公司, 5,9,16,1306]
    C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCP71.dll   [Microsoft Corporation, 7.10.6030.0]
    C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCR71.dll   [Microsoft Corporation, 7.10.6030.0]
    C:\Program Files\Thunder Network\Thunder\ComDlls\ATL71.DLL   [Microsoft Corporation, 7.10.6101.0]
    C:\Program Files\Thunder Network\Thunder\userdata\Components\ResWorker\DsBho_00.dll   [Thunder Networking Technologies,LTD, 1, 0, 0, 26]
    C:\Program Files\Thunder Network\Thunder\userdata\Components\ResWorker\DataProcessor_00.dll   [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    C:\Program Files\Elantech\ETDApix.dll   [(Verified)ELAN Microelectronic Corp., 7, 0, 5, 3]
    C:\WINDOWS\system32\shdocvw.dll   [Microsoft Corporation, 6.00.2900.5694 (xpsp_sp3_gdr.081015-1312)]
    C:\Program Files\360\360safe\safemon\urlproc.dll   [(Verified)360.CN, 1, 0, 0, 1006]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\ESPI11.dll   [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
    C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx   [(Verified)Adobe Systems, Inc., 10,0,42,34]
    C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll   [(Verified)Google Inc., 5, 5, 4723, 1820]
[PID: 2980 / Administrator]   C:\Program Files\Internet Explorer\iexplore.exe   [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\360\360safe\safemon\safemon.dll   [(Verified)360安全中心, 5, 2, 0, 1005]
    C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll   [(Verified)Google Inc., 6, 4, 1208, 1530 ]
    C:\WINDOWS\system32\msi.dll   [Microsoft Corporation, 4.5.6001.22159]
    C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_78F32466E61F1EEC.dll   [(Verified)Google Inc., 6, 4, 1321, 1732 ]
    C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll   [Google Inc., 6, 4, 1321, 1732 ]
    C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_ext_zh-CN_32_52173432FFDB9692.dll   [(Verified)Google Inc., 6, 4, 1321, 1732 ]
    C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll   [(Verified)深圳市迅雷网络技术有限公司, 5,9,16,1306]
    C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCP71.dll   [Microsoft Corporation, 7.10.6030.0]
    C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCR71.dll   [Microsoft Corporation, 7.10.6030.0]
    C:\Program Files\Thunder Network\Thunder\ComDlls\ATL71.DLL   [Microsoft Corporation, 7.10.6101.0]
    C:\Program Files\Thunder Network\Thunder\userdata\Components\ResWorker\DsBho_00.dll   [Thunder Networking Technologies,LTD, 1, 0, 0, 26]
    C:\Program Files\Thunder Network\Thunder\userdata\Components\ResWorker\DataProcessor_00.dll   [Thunder Networking Technologies,LTD, 1, 0, 0, 20]
    C:\WINDOWS\system32\shdocvw.dll   [Microsoft Corporation, 6.00.2900.5694 (xpsp_sp3_gdr.081015-1312)]
    C:\Program Files\360\360safe\safemon\urlproc.dll   [(Verified)360.CN, 1, 0, 0, 1006]
    C:\WINDOWS\system32\shdoclc.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\ESPI11.dll   [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
    C:\WINDOWS\system32\Macromed\Flash\Flash10d.ocx   [(Verified)Adobe Systems, Inc., 10,0,42,34]
    C:\Program Files\Google\GoogleToolbarNotifier\5.5.4723.1820\swg.dll   [(Verified)Google Inc., 5, 5, 4723, 1820]
    C:\Program Files\Elantech\ETDApix.dll   [(Verified)ELAN Microelectronic Corp., 7, 0, 5, 3]
    C:\WINDOWS\system32\SOGOUPY.IME   [(Verified)Sogou.com Inc., 4.3.0.3315]
[PID: 1092 / Administrator]   C:\Program Files\SogouInput\4.3.0.3315\ImeUtil.exe   [(Verified)Sogou.com Inc., 4.3.0.3315]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
    C:\Program Files\SogouInput\4.3.0.3315\ZipLib.dll   [(Verified)Sogou.com Inc., 4.3.0.0000]
================================================================
文件关联

================================================================
Autorun.Inf
================================================================
Winsock**者
[MSAFD Tcpip [TCP/IP]]
    <C:\WINDOWS\system32\ESPI11.dll> [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
[MSAFD Tcpip [UDP/IP]]
    <C:\WINDOWS\system32\ESPI11.dll> [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
[MSAFD Tcpip [RAW/IP]]
    <C:\WINDOWS\system32\ESPI11.dll> [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
[RSVP UDP Service Provider]
    <C:\WINDOWS\system32\ESPI11.dll> [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
[RSVP TCP Service Provider]
    <C:\WINDOWS\system32\ESPI11.dll> [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
[RSVP UDP Service Provider]
    <C:\WINDOWS\system32\ESPI11.dll> [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
[RSVP TCP Service Provider]
    <C:\WINDOWS\system32\ESPI11.dll> [大连大有吴涛易语言软件开发有限公司, 0.0.0.0]
[Easy2Game-TCPFilter]
    <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8]
[Easy2Game-UDPFilter]
    <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8]
[Easy2Game-UDPFilter]
    <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8]
[Easy2Game-TCPFilter]
    <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8]
[Easy2Game-UDPFilter]
    <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8]
[Easy2Game-TCPFilter]
    <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8]
[Easy2Game-TCPChain]
    <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8]
[Easy2Game-UDPChain]
    <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8]
[Easy2Game-UDPChain]
    <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8]
[Easy2Game-TCPChain]
    <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8]
[Easy2Game-UDPChain]
    <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8]
[Easy2Game-TCPChain]
    <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8]
================================================================
隐藏进程

[PID: 264]  C:\Program Files\360\360safe\safemon\360tray.exe    [(Verified)360.CN, 6, 2, 0, 3002]
[PID: 1876]  C:\Program Files\360Safebox\safeboxTray.exe    [(Verified)360.cn, 3, 0, 0, 1008]
================================================================
可疑文件

================================================================
HOSTS
    127.0.0.1 localhost

[/code]

wxxfcda 发表于 2010-3-9 16:02

xiexiefenxiang

z285 发表于 2010-3-9 23:27

请西门大虾帮帮忙，我就是被恶意软件搞的每次开机先杀毒，但是每次杀完重启后又出来了，每次看机后都会多出两个IE图标，和四个恶意图标，快郁闷死了，求助大虾呀，下面是我的诊断报告[code]

2010-03-09,22:39:25

SysLog Scanner 3.0 - build 20091220
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600)


================================================================
注册项


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <KavPFW> <"E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KPFW32.EXE" -startup> [(Verified)Kingsoft Corporation, 2009,10,27,1070]
    <KingSoft PowerWord PE> <E:\应用程序\金山词霸\PowerWord PE\CBTray.exe -AUTORUN> [(Verified)Kingsoft Corporation, 2009, 11, 27, 99]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <SoundMan> <SOUNDMAN.EXE> [(Verified)Realtek Semiconductor Corp., 5.1.0.27]
    <NvCplDaemon> <RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | (Verified)NVIDIA Corporation, 6.14.10.7184]
    <nwiz> <nwiz.exe /install> [NVIDIA Corporation, 6.14.10.10035]
    <NvMediaCenter> <RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | (Verified)NVIDIA Corporation, 6.14.10.7184]
    <NeroFilterCheck> <C:\WINDOWS\system32\NeroCheck.exe> [Ahead Software Gmbh, 1, 0, 0, 2]
    <SNCT511> <C:\WINDOWS\vsnct511.exe> []
    <KavStart> <"E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KAVStart.exe" -startup> [(Verified)Kingsoft Corporation, 2010,03,03,1189]
    <QQDoctorRTP> <"C:\Program Files\Tencent\QQDoctor\QQDoctorRTP.exe" /regrun> [(Verified)Tencent, 3, 2, 104, 400]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost> <"\Program Files\Logonui\Royale.exe"> []


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensi**]
    <{6096E38F-5AC1-4391-8EC4-75DFA92FB32F}> <http://tomatolei.com> []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt]
    <使用迅雷下载> <E:\应用程序\迅雷5\新建文件夹\Program\geturl.htm> [N/A]
    <使用迅雷下载全部链接> <E:\应用程序\迅雷5\新建文件夹\Program\getallurl.htm> [N/A]
    <添加到QQ表情> <E:\应用程序\QQ\2009\Bin\AddEmotion.htm> [N/A]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt]
    <添加到QQ表情> <E:\应用程序\QQ\2009\Bin\AddEmotion.htm> [N/A]

================================================================
启动组

[启动飞速土豆]
    <C:\Documents and Settings\user\「开始」菜单\程序\启动\启动飞速土豆.lnk> <"E:\应用程序\飞速土豆\飞速Tudou\TudouVa.exe" /AutoStart> [土豆网, 1.30]
[腾讯QQ]
    <C:\Documents and Settings\user\「开始」菜单\程序\启动\腾讯QQ.lnk> <"C:\Program Files\systemfiless\2222.vbs"> [N/A]
[腾讯QQ]
    <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\腾讯QQ.lnk> <"C:\Program Files\systemfiless\2222.vbs"> [N/A]

================================================================
任务计划

[SogouImeMgr.job]
    <C:\WINDOWS\tasks\SogouImeMgr.job> <"E:\应用程序\搜狗输~1\SOGOUI~1\400~1.198\PinyinRepair.exe" /S> [(Verified)Sogou.com Inc., 4.0.0.1981]
[贝壳木马专杀登录扫描任务.job]
    <C:\WINDOWS\tasks\贝壳木马专杀登录扫描任务.job> <"E:\应用程序\金山毒霸\beikescan.exe"  -ts:logon> [(Verified)贝壳网际（**）安全技术有限公司, 2010.3.3.289]
[贝壳木马专杀每日定时扫描任务.job]
    <C:\WINDOWS\tasks\贝壳木马专杀每日定时扫描任务.job> <"E:\应用程序\金山毒霸\beikescan.exe"  -ts:daily> [(Verified)贝壳网际（**）安全技术有限公司, 2010.3.3.289]

================================================================
组件


--------------------------------
Shell Extension
    [Display Panning CPL Extension]
        <{42071714-76d4-11d1-8b24-00a0c9068ff3}> <deskpan.dll> []
    [HyperTerminal Icon Ext]
        <{88895560-9AA2-1069-930E-00AA0030EBC8}> <C:\WINDOWS\system32\htic**.dll> [(Verified)Hilgraeve, Inc., 5.1.2600.0]
    [任务栏和「开始」菜单]
        <{0DF44EAA-FF21-4412-828E-260A8728E7F1}> <> []
    [WinRAR shell extension]
        <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> <C:\Program Files\WinRAR\rarext.dll> [N/A]
    [PicaView]
        <{68f32140-2ca3-11d0-acc1-444553540000}> <C:\Program Files\ACDSee\picaview.dll> [ACD Systems, Ltd., 2, 0, 0, 78]
    [NvCpl DesktopContext Class]
        <{A70C977A-BF00-412C-90B7-034C51DA2439}> <C:\WINDOWS\system32\nvcpl.dll> [(Verified)NVIDIA Corporation, 6.14.10.7184]
    [Desktop Explorer]
        <{1CDB2949-8F65-4355-8456-263E7C208A5D}> <C:\WINDOWS\system32\nvshell.dll> [NVIDIA Corporation, 6.14.10.10035]

--------------------------------
Context Menu
    [PicaView]
        <{68f32140-2ca3-11d0-acc1-444553540000}> <C:\Program Files\ACDSee\picaview.dll> [ACD Systems, Ltd., 2, 0, 0, 78]
    [WinRAR]
        <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> <C:\Program Files\WinRAR\rarext.dll> [N/A]
    [金山毒霸2009]
        <{E49446FE-9679-4b85-A994-D96137867905}> <E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KAVEXT.DLL> [(Verified)Kingsoft Corporation, 2008,07,09,459]
    [00nView]
        <{1E9B04FB-F9E5-4718-997B-B8DA88302A48}> <C:\WINDOWS\system32\nvshell.dll> [NVIDIA Corporation, 6.14.10.10035]
    [NvCplDesktopContext]
        <{A70C977A-BF00-412C-90B7-034C51DA2439}> <C:\WINDOWS\system32\nvcpl.dll> [(Verified)NVIDIA Corporation, 6.14.10.7184]

--------------------------------
BrowserHelperObject
    [CTSWebSiteMon Class]
        <{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}> <C:\Program Files\Tencent\QQDoctor\TSWebMon.dat> [(Verified)Tencent, 2009, 12, 11, 10]
    [Thunder Browser Helper]
        <{889D2FEB-5411-4565-8998-1DD2C5261283}> <E:\应用程序\迅雷5\新建文件夹\ComDlls\xunleiBHO_Now.dll> [(Verified)深圳市迅雷网络技术有限公司, 5,9,14,1246]

--------------------------------
ActiveX Extension
    [ThunderAtOnce Class]
        <{01443AEC-0FD1-40FD-9C87-E93D1494C233}> <E:\应用程序\迅雷5\新建文件夹\ComDlls\TDAtOnce_Now.dll> [(Verified)深圳市迅雷网络技术有限公司, 5,9,14,1246]
    [IEBuddyExtControl Class]
        <{3AECD3C1-7085-4731-96DC-47B6CF7EF749}> <E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\IEBuddyExt.DLL> [(Verified)Kingsoft Corporation, 2008,12,12,694]
    [Thunder Agent Class]
        <{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}> <E:\应用程序\迅雷5\新建文件夹\ComDlls\ThunderAgent5.9.14.1246.dll> [(Verified)深圳市迅雷网络技术有限公司, 5,9,14,1246]
    [AxInputControl Class]
        <{73E4740C-08EB-4133-896B-8D0A7C9EE3CD}> <C:\WINDOWS\DOWNLO~1\INPUTC~1.DLL> [Copyright 2003, 1, 0, 0, 12]
    [BOC ProcessProtect Class]
        <{776B71E2-B4CC-4C94-BC7C-09103AA690B6}> <C:\WINDOWS\system32\ProcessProtection.dll> [(Verified)www.ISRA.org.cn, 1, 3, 10, 26]
    [CTSWebSiteMon Class]
        <{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}> <C:\Program Files\Tencent\QQDoctor\TSWebMon.dat> [(Verified)Tencent, 2009, 12, 11, 10]
    [Thunder Browser Helper]
        <{889D2FEB-5411-4565-8998-1DD2C5261283}> <E:\应用程序\迅雷5\新建文件夹\ComDlls\xunleiBHO_Now.dll> [(Verified)深圳市迅雷网络技术有限公司, 5,9,14,1246]
    [AxSubmitControl Class]
        <{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2}> <C:\WINDOWS\DOWNLO~1\SUBMIT~1.DLL> [Copyright 2003, 1, 0, 0, 5]
    [Shockwave Flash Object]
        <{D27CDB6E-AE6D-11CF-96B8-444553540000}> <C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx> [(Verified)Adobe Systems, Inc., 10,0,45,2]
    [PlayerCtrl Class]
        <{E05BC2A3-9A46-4A32-80C9-023A473F5B23}> <E:\应用程序\QQ\QQMusic\QzoneMusic.dll> [(Verified)Tencent, 3, 2, 165, 710]
    [BOC Edit Class]
        <{E61E8363-041F-455C-8AD0-8A61F1D8E540}> <C:\WINDOWS\system32\KeyboardProtection.dll> [(Verified)www.ISRA.org.cn, 1, 1, 30, 3]

================================================================
服务

[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[Kingsoft Basic Service / kaccore][Stopped/Manual Start]
    <"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe">  [(Verified)Kingsoft Corporation, 2009,06,05,614]
[Kingsoft Antivirus WebShield Service / Kingsoft Antivirus WebShield Service][Running/Auto Start]
    <E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\KSWebShield.exe>  [(Verified)Kingsoft Corporation, 2009,12,23,6]
[Kingsoft Internet Security Common Service / KISSvc][Running/Auto Start]
    <E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KISSvc.EXE>  [(Verified)Kingsoft Corporation, 2008,04,22,364]
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
    <"E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KPfwSvc.EXE">  [(Verified)Kingsoft Corporation, 2009,02,13,759]
[Kingsoft Common Content Service / KSDSVC][Running/Auto Start]
    <E:\应用程序\金山词霸\PowerWord PE\ksdsvc.exe>  [(Verified)Kingsoft Corporation, 2009, 10, 29, 51]
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
    <"E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KWatch.EXE">  [(Verified)Kingsoft Corporation, 2010,01,29,1163]
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [(Verified)NVIDIA Corporation, 6.14.10.7184]

================================================================
驱动

[AliIde / AliIde][Stopped/Boot Start]
    <System32\DRIVERS\aliide.sys>  []
[MegaIDE / MegaIDE][Running/Boot Start]
    <System32\DRIVERS\MegaIDE.sys>  [LSI Logic Corporation., 4.1.0709.2003]
[VideoCAM Eye / SNCT511][Stopped/Manual Start]
    <system32\DRIVERS\snct511.sys>  [Copyright 2001-2002, 0, 9, 3, 2]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)]

[Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start]
    <system32\drivers\ALCXSENS.SYS>  [(Verified)Sensaura, 5.10.00.3513]
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
    <system32\drivers\ALCXWDM.SYS>  [(Verified)Realtek Semiconductor Corp., 5.10.5580]
[AtpKrnl / AtpKrnl][Running/Manual Start]
    <System32\Drivers\AtpKrnl.sys>  [(Verified)www.arswp.com, 3.00]
[CmdIde / CmdIde][Running/Boot Start]
    <System32\DRIVERS\cmdide.sys>  [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148)]
[KAVBase / KAVBase][Running/Auto Start]
    <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys>  [(Verified)Kingsoft Corporation, 2009,06,17,160]
[KAVBootC / KAVBootC][Running/Boot Start]
    <system32\Drivers\KAVBootC.sys>  [(Verified)Kingsoft Corporation, 2010,02,04,479]
[KAVSafe / KAVSafe][Running/Auto Start]
    <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys>  [(Verified)Kingsoft Corporation, 2010,02,04,479]
[KNetWch / KNetWch][Running/System Start]
    <\??\E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KNetWch.SYS>  [(Verified)Kingsoft Corporation, 2009,04,21,847]
[KWatch3 / KWatch3][Running/Auto Start]
    <\??\C:\WINDOWS\system32\Drivers\KWatch3.sys>  [(Verified)Kingsoft Corporation, 2009,12,16,80]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.10.7184]
[Protector / Protector][Running/System Start]
    <system32\drivers\Protector.sys>  [(Verified)www.ISRA.org.cn, 1, 0, 1, 1]
[ProtectorA / ProtectorA][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\ProtectorA.sys>  [(Verified)www.ISRA.org.cn, 1, 0, 1, 2]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)]
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
    <system32\DRIVERS\RTL8139.SYS>  [(Verified)Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086]
[TSKSP / TSKSP][Running/System Start]
    <\??\C:\Program Files\Tencent\QQDoctor\TSKSP.sys>  [(Verified)Tencent, 2010, 3, 3, 24]

================================================================
活动进程


[PID: 560 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 608 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_gdr.090206-1233)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 620 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 776 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 820 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 896 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\System32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 944 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 992 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 1260 / user]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\kwsui.dll   [(Verified)Kingsoft Corporation, 2010,02,01,8]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\kswebshield.dll   [(Verified)Kingsoft Corporation, 2010,02,01,8]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KMailOEBand.DLL   [(Verified)Kingsoft Corporation, 2009,02,13,759]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\kis.dll   [(Verified)Kingsoft Corporation, 2009,06,15,929]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\Program Files\Tencent\QQDoctor\TSVulMon.DAT   [(Verified)Tencent, 2010, 2, 25, 28]
    C:\WINDOWS\system32\nvcpl.dll   [(Verified)NVIDIA Corporation, 6.14.10.7184]
    C:\WINDOWS\system32\NVRSZHC.DLL   [NVIDIA Corporation, 6.14.10.7184]
    C:\WINDOWS\system32\nvshell.dll   [NVIDIA Corporation, 6.14.10.10035]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\ktaskbar.dll   [(Verified)Kingsoft Corporation, 2009,08,03,993]
    E:\应用程序\迅雷5\新建文件夹\ComDlls\xunleiBHO_Now.dll   [(Verified)深圳市迅雷网络技术有限公司, 5,9,14,1246]
    E:\应用程序\迅雷5\新建文件夹\ComDlls\MSVCP71.dll   [Microsoft Corporation, 7.10.6030.0]
    E:\应用程序\迅雷5\新建文件夹\ComDlls\MSVCR71.dll   [Microsoft Corporation, 7.10.6030.0]
    E:\应用程序\迅雷5\新建文件夹\ComDlls\ATL71.DLL   [Microsoft Corporation, 7.10.6101.0]
    E:\应用程序\迅雷5\新建文件夹\userdata\Components\ResWorker\DsBho_00.dll   [(Verified)深圳市迅雷网络技术有限公司, 1, 0, 0, 26]
    E:\应用程序\迅雷5\新建文件夹\userdata\Components\ResWorker\DataProcessor_00.dll   [(Verified)深圳市迅雷网络技术有限公司, 1, 0, 0, 20]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KAVEXT.DLL   [(Verified)Kingsoft Corporation, 2008,07,09,459]
    C:\Program Files\WinRAR\rarext.dll   [N/A]

[PID: 1444 / user]   C:\WINDOWS\SOUNDMAN.EXE   [(Verified)Realtek Semiconductor Corp., 5.1.0.27]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\kwsui.dll   [(Verified)Kingsoft Corporation, 2010,02,01,8]
    C:\Program Files\Tencent\QQDoctor\TSVulMon.DAT   [(Verified)Tencent, 2010, 2, 25, 28]

[PID: 1472 / user]   C:\WINDOWS\system32\RUNDLL32.EXE   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\NvMcTray.dll   [(Verified)NVIDIA Corporation, 6.14.10.7184]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\kwsui.dll   [(Verified)Kingsoft Corporation, 2010,02,01,8]
    C:\WINDOWS\system32\NVRSZHC.DLL   [NVIDIA Corporation, 6.14.10.7184]
    C:\Program Files\Tencent\QQDoctor\TSVulMon.DAT   [(Verified)Tencent, 2010, 2, 25, 28]

[PID: 1508 / user]   C:\Program Files\Tencent\QQDoctor\QQDoctorRTP.exe   [(Verified)Tencent, 3, 2, 104, 400]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\Program Files\Tencent\QQDoctor\SafeCommon.dll   [(Verified)Tencent, 1, 40, 1370, 0]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KMailOEBand.DLL   [(Verified)Kingsoft Corporation, 2009,02,13,759]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\kis.dll   [(Verified)Kingsoft Corporation, 2009,06,15,929]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\kwsui.dll   [(Verified)Kingsoft Corporation, 2010,02,01,8]
    C:\Program Files\Tencent\QQDoctor\TSFSEngine.dat   [(Verified)Tencent, 2009, 3, 11, 7]
    C:\Program Files\Tencent\QQDoctor\TSFileFilter.dat   [(Verified)tencent, 2007, 12, 5, 01]
    C:\Program Files\Tencent\QQDoctor\TSVulMon.DAT   [(Verified)Tencent, 2010, 2, 25, 28]
    C:\Program Files\Tencent\QQDoctor\TSKSPLIB.dat   [(Verified)Tencent, 2009, 9, 25, 20]
    C:\Program Files\Tencent\QQDoctor\TSWebMon.dat   [(Verified)Tencent, 2009, 12, 11, 10]

[PID: 1536 / user]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KMailOEBand.DLL   [(Verified)Kingsoft Corporation, 2009,02,13,759]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\kis.dll   [(Verified)Kingsoft Corporation, 2009,06,15,929]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL   [Microsoft Corporation, 8.00.50727.4053]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\kwsui.dll   [(Verified)Kingsoft Corporation, 2010,02,01,8]
    C:\Program Files\Tencent\QQDoctor\TSVulMon.DAT   [(Verified)Tencent, 2010, 2, 25, 28]

[PID: 1624 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 1644 / user]   E:\应用程序\金山词霸\PowerWord PE\CBTray.exe   [(Verified)Kingsoft Corporation, 2009, 11, 27, 99]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KMailOEBand.DLL   [(Verified)Kingsoft Corporation, 2009,02,13,759]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\kis.dll   [(Verified)Kingsoft Corporation, 2009,06,15,929]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\kwsui.dll   [(Verified)Kingsoft Corporation, 2010,02,01,8]
    E:\应用程序\金山词霸\PowerWord PE\XGrab.dll   [(Verified)Kingsoft Corporation, 2009, 11, 24, 124]
    E:\应用程序\金山词霸\PowerWord PE\HotKeyControl.dll   [(Verified)Kingsoft Corporation, 2009, 11, 12, 173]
    E:\应用程序\金山词霸\PowerWord PE\XGrabDataService.dll   [(Verified)Kingsoft Corporation, 2009, 11, 19, 172]
    E:\应用程序\金山词霸\PowerWord PE\KSDIPC.DLL   [(Verified)Kingsoft Corporation, 2009, 10, 19, 48]
    E:\应用程序\金山词霸\PowerWord PE\index.dll   [(Verified)Kingsoft Corporation, 2009, 11, 17, 29]
    C:\Program Files\Tencent\QQDoctor\TSVulMon.DAT   [(Verified)Tencent, 2010, 2, 25, 28]
    E:\应用程序\金山词霸\PowerWord PE\CBSelectText.dll   [(Verified)Kingsoft Corporation, 2009, 11, 20, 177]
    E:\应用程序\金山词霸\PowerWord PE\CibaPopo.dll   [(Verified)Kingsoft Corporation, 2009, 11, 23, 16]
    E:\应用程序\金山词霸\PowerWord PE\NetUtil.dll   [(Verified)Kingsoft Corporation, 2009, 11, 23, 16]

[PID: 1776 / SYSTEM]   E:\应用程序\金山毒霸\beikescan.exe   [(Verified)贝壳网际（**）安全技术有限公司, 2010.3.3.289]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 136 / user]   E:\应用程序\飞速土豆\飞速Tudou\TudouVa.exe   [土豆网, 1.30]
    E:\应用程序\飞速土豆\飞速Tudou\upnpdll.dll   [土豆网, 1.5.0.0]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80.DLL   [Microsoft Corporation, 8.00.50727.4053]
    E:\应用程序\飞速土豆\飞速Tudou\sqlite3.dll   [N/A]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KMailOEBand.DLL   [(Verified)Kingsoft Corporation, 2009,02,13,759]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\kis.dll   [(Verified)Kingsoft Corporation, 2009,06,15,929]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL   [Microsoft Corporation, 8.00.50727.4053]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\kwsui.dll   [(Verified)Kingsoft Corporation, 2010,02,01,8]
    C:\Program Files\Tencent\QQDoctor\TSVulMon.DAT   [(Verified)Tencent, 2010, 2, 25, 28]

[PID: 396 / user]   C:\WINDOWS\system32\conime.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KMailOEBand.DLL   [(Verified)Kingsoft Corporation, 2009,02,13,759]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\kis.dll   [(Verified)Kingsoft Corporation, 2009,06,15,929]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL   [Microsoft Corporation, 8.00.50727.4053]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\kwsui.dll   [(Verified)Kingsoft Corporation, 2010,02,01,8]
    C:\Program Files\Tencent\QQDoctor\TSVulMon.DAT   [(Verified)Tencent, 2010, 2, 25, 28]

[PID: 1416 / user]   E:\应用程序\window清理助手\arswp3\ArSwp3.exe   [(Verified)Windows 清理助手, 3.0.14.0130]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KMailOEBand.DLL   [(Verified)Kingsoft Corporation, 2009,02,13,759]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\kis.dll   [(Verified)Kingsoft Corporation, 2009,06,15,929]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL   [Microsoft Corporation, 8.00.50727.4053]
    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL   [Microsoft Corporation, 8.00.50727.4053]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\kwsui.dll   [(Verified)Kingsoft Corporation, 2010,02,01,8]
    C:\Program Files\Tencent\QQDoctor\TSVulMon.DAT   [(Verified)Tencent, 2010, 2, 25, 28]
    E:\应用程序\金山词霸\PowerWord PE\CBSelectText.dll   [(Verified)Kingsoft Corporation, 2009, 11, 20, 177]

[PID: 980 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 1080 / SYSTEM]   E:\应用程序\金山词霸\PowerWord PE\ksdsvc.exe   [(Verified)Kingsoft Corporation, 2009, 10, 29, 51]
    E:\应用程序\金山词霸\PowerWord PE\ksdcallcenter.dll   [(Verified)Kingsoft Corporation, 2009, 11, 27, 49]
    E:\应用程序\金山词霸\PowerWord PE\queryprocesscenter.dll   [(Verified)Kingsoft Corporation, 2009, 11, 23, 58]
    E:\应用程序\金山词霸\PowerWord PE\KSDIPC.DLL   [(Verified)Kingsoft Corporation, 2009, 10, 19, 48]
    E:\应用程序\金山词霸\PowerWord PE\plugin\WikiQuery.dll   [(Verified)Kingsoft Corporation, 2009, 11, 20, 52]
    E:\应用程序\金山词霸\PowerWord PE\plugin\baikequery.dll   [(Verified)Kingsoft Corporation, 2009, 11, 20, 22]
    E:\应用程序\金山词霸\PowerWord PE\plugin\googlequery.dll   [(Verified)Kingsoft Corporation, 2009, 11, 10, 48]
    E:\应用程序\金山词霸\PowerWord PE\plugin\huihuaquery.dll   [(Verified)Kingsoft Corporation, 2009, 11, 20, 22]
    E:\应用程序\金山词霸\PowerWord PE\plugin\localquery.dll   [(Verified)Kingsoft Corporation, 2009, 10, 19, 47]
    E:\应用程序\金山词霸\PowerWord PE\localdictmgr.dll   [(Verified)Kingsoft Corporation, 2009, 12, 1, 53]
    E:\应用程序\金山词霸\PowerWord PE\CBDBCoreplus.dll   [(Verified)Kingsoft Corporation, 2009, 10, 19, 39]
    E:\应用程序\金山词霸\PowerWord PE\plugin\netindex.dll   [(Verified)Kingsoft Corporation, 2009, 11, 20, 27]
    E:\应用程序\金山词霸\PowerWord PE\plugin\netquery.dll   [(Verified)Kingsoft Corporation, 2009, 11, 20, 52]
    E:\应用程序\金山词霸\PowerWord PE\plugin\situati**entence.dll   [(Verified)Kingsoft Corporation, 2009, 11, 20, 17]
    E:\应用程序\金山词霸\PowerWord PE\plugin\spellsuggest.dll   [(Verified)Kingsoft Corporation, 2009, 11, 20, 57]

[PID: 1232 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [(Verified)NVIDIA Corporation, 6.14.10.7184]
    C:\WINDOWS\system32\uxtheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\kwsui.dll   [(Verified)Kingsoft Corporation, 2010,02,01,8]
    C:\WINDOWS\system32\NVRSZHC.DLL   [NVIDIA Corporation, 6.14.10.7184]

[PID: 1424 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 3076 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\System32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[PID: 3144 / SYSTEM]   C:\WINDOWS\system32\wuauclt.exe   [(Verified)Microsoft Corporation, 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158)]
    C:\WINDOWS\system32\UxTheme.dll   [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

================================================================
文件关联


================================================================
Autorun.Inf

================================================================
Winsock**者


================================================================
隐藏进程


[PID: 720]  E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KISSvc.EXE    [(Verified)Kingsoft Corporation, 2008,04,22,364]

[PID: 1616]  E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KPFW32.EXE    [(Verified)Kingsoft Corporation, 2009,10,27,1070]

[PID: 1492]  E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KAVStart.exe    [(Verified)Kingsoft Corporation, 2010,03,03,1189]

[PID: 1428]  E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KWatch.EXE    [(Verified)Kingsoft Corporation, 2010,01,29,1163]

[PID: 1296]  E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\webshield\KSWebShield.exe    [(Verified)Kingsoft Corporation, 2009,12,23,6]

[PID: 1320]  E:\应用程序\金山毒霸\金山2009\Kingsoft Internet Security\KPfwSvc.EXE    [(Verified)Kingsoft Corporation, 2009,02,13,759]

================================================================
可疑文件


================================================================
HOSTS

    127.0.0.1 localhost


[/code]快疯了.....

西门吹雪 发表于 2010-3-10 00:32

你把清理助手扫描到的未知风险的程序都删除掉！

西门吹雪 发表于 2010-3-10 00:33

[b] [url=http://bbs.arswp.com/redirect.php?goto=findpost&pid=242686&ptid=56752]13#[/url] [i]xs62639[/i] [/b]

去下载个Pipi安装一遍后，卸载！

mf5201 发表于 2010-3-10 17:14

我的也是 用了你的方法还是不能删除那个图标 什么 99499导航网

tobecy 发表于 2010-3-11 22:32

好啊！我最近主页也老被篡改的么!

查看完整版本: 恶意图标删除不掉或IE主页被篡改请看这里 (2010-06-30)