vsnpstd3.exe_运行错误explorer.exe_电脑svchost.exe删掉了
电脑杂谈 发布时间:2017-01-05 04:06:48 来源:网络整理以前可以修改,现在的是乱码,还有7.82K;我在安全模式下把他改过来,等我重新启动到正常模式下,就又被改了,而且也不能访问,不能修改,老说有个程序占用。vsnpstd3.exe附件是我的扫描日志,请大大有空帮忙分析分析啊。SREngLOG.log(49.48 KB, 下载次数: 2)
看看我能不能贴出来。。
2011-07-08,11:43:14
System Repair Engineer 2.8.4.1331
Smallfrogs ()
Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
Windows 安全更新检查
API HOOK
隐藏进程
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>[(Verified)Microsoft Windows Component Publisher]
<OfficeSyncProcess><"D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE">[(Verified)Microsoft Corporation]
<SRS Audio Sandbox><"C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme>[File is missing]
<DBank_Update><; D:\Program Files\dbank\DBank\ClickUp\DBank_update.exe>[(Verified)Huawei Software Technologies Co., LTD.]
<YY><; d:\Program Files\duowan\yy-3.0\Start.exe>[(Verified)Duowan Entertainment Information Technology (Beijing) Co., Ltd.]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><>[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>[(Verified)Microsoft Windows Publisher]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>[(Verified)Microsoft Windows Publisher]
<ATIPTA><"C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe">[ATI Technologies, Inc.]
<SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>[(Verified)Microsoft Windows Hardware Compatibility Publisher]
<HControl><C:\WINDOWS\ATK0100\HControl.exe>[(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SMSERIAL><C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe>[Motorola Inc.]
<egui><"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice>[(Verified)ESET, spol. s r.o.]
<IME14 CHS Setup><C:\PROGRA~1\COMMON~1\MICROS~1\IME14\SHARED\IMEKLMG.EXE /SetPreload /CHS /Log>[(Verified)Microsoft Corporation]
<Adobe Reader Speed Launcher><"D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe">[(Verified)Adobe Systems, Incorporated]
<Adobe ARM><"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe">[(Verified)Adobe Systems, Incorporated]
<Comyct20><"C:\Program Files\95599 Certificate Tools\Watertek\ComyTool20.exe">[(Verified)Beijing WATERTEK Information Technology Co.,Ltd.]
<RTHDCPL><RTHDCPL.EXE>[(Verified)Realtek Semiconductor Corp]
<BluetoothAuthenticationAgent><rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent>[(Verified)Microsoft Windows Component Publisher]
<snpstd3><C:\WINDOWS\vsnpstd3.exe>[]
<PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>[(Verified)Microsoft Windows Publisher]
<QuickTime Task><; "C:\Program Files\QuickTime\QTTask.exe" -atboottime>[Apple Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>[(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll>[(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll>[(Verified)Microsoft Windows Component Publisher]
<WebCheck><C:\WINDOWS\system32\webcheck.dll>[(Verified)Microsoft Windows]
<SysTray><C:\WINDOWS\system32\stobject.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>[(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<Internet Explorer 版本更新><C:\WINDOWS\system32\ieudinit.exe>[(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<Browser Customizations><"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-b4-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>[(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{599623AB-8888-22d2-9-0000F87A469H}]
<N/A><C:\Program Files\Common Files\Microsoft Shared\MSInfo\svchost.exe>[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-E-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-E-11cf-8B85-00AA005B4383}]
<Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><c:\WINDOWS\system32\Rundll32.exe c:\WINDOWS\system32\mscories.dll,Install>[(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{f82B23AB-A707-22d2-9-0000F87A469H}]
<N/A><C:\Program Files\Common Files\Microsoft Shared\MSInfo\svchost.exe>[]
[HKEY_CURRENT_USER\Control Panel\Desktop]
<SCRNSE.EXE><C:\WINDOWS\system32\logon.scr>[(Verified)Microsoft Windows Component Publisher]
==================================
启动文件夹
N/A
==================================
服务
[Ati External Event Utility / Ati External Event Utility][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[c20ukdrwsvc / c20ukdrwsvc][Running/Auto Start]
<"C:\Program Files\95599 Certificate Tools\Watertek\c20ukdrwsvr.exe"><N/A>
[ESET HTTP Server / EhttpSrv][Stopped/Manual Start]
<"C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe"><ESET>
[ESET Service / ekrn][Running/Auto Start]
<"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"><ESET>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Acresso Software Inc.>
[ICBC Daemon Service / ICBC Daemon Service][Running/Auto Start]
<C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe><N/A>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"><Macrovision Corporation>
[KMService / KMService][Running/Auto Start]
<C:\WINDOWS\system32\srvany.exe><N/A>
[MPSVC Service / MPSVCService][Running/Auto Start]
<C:\Program Files\Micropoint\MPSvc.exe><Micropoint Corporation>
[MSSQLSERVER / MSSQLSERVER][Stopped/Manual Start]
<D:\PROGRA~1\HTSoft\Binn\MSSQL\Binn\sqlservr.exe -sMSSQLSERVER><Microsoft Corporation>
[MSSQLServerADHelper / MSSQLServerADHelper][Stopped/Manual Start]
<C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe><Microsoft Corporation>
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
<D:\PROGRA~1\HTSoft\Binn\MSSQL\Binn\sqlagent.EXE -i MSSQLSERVER><Microsoft Corporation>
==================================
驱动程序
[Ambfilt / Ambfilt][Stopped/Manual Start]
<system32\drivers\Ambfilt.sys><Creative>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[atikmdag / atikmdag][Stopped/Manual Start]
<system32\DRIVERS\atikmdag.sys><ATI Technologies Inc.>
[蓝牙音频设备 / btaudio][Stopped/Manual Start]
<system32\drivers\btaudio.sys><N/A>
[蓝牙虚拟通信驱动程序 / BTDriver][Stopped/Manual Start]
<system32\DRIVERS\btport.sys><N/A>
[蓝牙总线枚举器 / BTKRNL][Stopped/Manual Start]
<system32\DRIVERS\btkrnl.sys><N/A>
[WIDCOMM USB Bluetooth Driver / BTWUSB][Stopped/Manual Start]
<System32\Drivers\btwusb.sys><N/A>
[ComputerZ / ComputerZ][Stopped/Manual Start]
<\??\C:\Program Files\LuDaShi\ComputerZ.sys><360.cn>
[eamon / eamon][Running/Auto Start]
<system32\DRIVERS\eamon.sys><ESET>
[ehdrv / ehdrv][Running/System Start]
<system32\DRIVERS\ehdrv.sys><ESET>
[epfw / epfw][Running/Auto Start]
<system32\DRIVERS\epfw.sys><ESET>
[Eset Personal Firewall / Epfwndis][Running/Manual Start]
<system32\DRIVERS\Epfwndis.sys><ESET>
[epfwtdi / epfwtdi][Running/System Start]
<system32\DRIVERS\epfwtdi.sys><ESET>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
<system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
<system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[ISO DVD/CD-ROM Device Driver / ISODrive][Running/System Start]
<\??\d:\Program Files\UltraISO\drivers\ISODrive.sys><EZB Systems, Inc.>
[Monfilt / Monfilt][Stopped/Manual Start]
<system32\drivers\Monfilt.sys><Creative Technology Ltd.>
[mp110001 / mp110001][Running/Auto Start]
<system32\drivers\mp110001.sys><Micropoint Corporation>
[mp110002 / mp110002][Running/Auto Start]
<system32\drivers\mp110002.sys><Micropoint Corporation>
[mp110003 / mp110003][Running/Boot Start]
<\SystemRoot\system32\drivers\mp110003.sys><Micropoint Corporation>
[mp110004 / mp110004][Running/Auto Start]
<system32\drivers\mp110004.sys><Micropoint Corporation>
[mp110005 / mp110005][Running/Manual Start]
<system32\drivers\mp110005.sys><Micropoint Corporation>
[mp110006 / mp110006][Running/System Start]
<system32\drivers\mp110006.sys><Micropoint Corporation>
[mp110007 / mp110007][Running/System Start]
<system32\drivers\mp110007.sys><Micropoint Corporation>
[mp110008 / mp110008][Running/Auto Start]
<system32\drivers\mp110008.sys><Micropoint Corporation>
[mp110009 / mp110009][Running/System Start]
<system32\drivers\mp110009.sys><Micropoint Corporation>
[mp110010 / mp110010][Running/Boot Start]
<\SystemRoot\system32\drivers\mp110010.sys><Micropoint Corporation>
[mp110011 / mp110011][Running/System Start]
<system32\drivers\mp110011.sys><Micropoint Corporation>
[mp110012 / mp110012][Running/Boot Start]
<\SystemRoot\system32\drivers\mp110012.sys><Micropoint Corporation>
[mp110013 / mp110013][Running/Boot Start]
<\SystemRoot\system32\drivers\mp110013.sys><Micropoint Corporation>
[ATK0100 ACPI UTILITY / MTsensor][Running/Manual Start]
<system32\DRIVERS\ATKACPI.sys><>
[WinPcap Packet Driver (NPF) / NPF][Stopped/Manual Start]
<system32\drivers\NPF.sys><CACE Technologies, Inc.>
[p2pfilter / p2pfilter][Stopped/Manual Start]
<\??\D:\Program Files\P2Pzjz\p2pfilter.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[rimsptsk / rimsptsk][Running/Auto Start]
<system32\DRIVERS\rimsptsk.sys><REDC>
[Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver / rtl8139][Running/Manual Start]
<system32\DRIVERS\R8139n51.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[smserial / smserial][Running/Manual Start]
<system32\DRIVERS\smserial.sys><Motorola Inc.>
[USB PC Camera (SNPSTD3) / SNPSTD3][Stopped/Manual Start]
<system32\DRIVERS\snpstd3.sys><Sonix Co. Ltd.>
[SRS Labs Audio Sandbox (WDM) / SRS_SSCFilter][Stopped/Manual Start]
<system32\drivers\srs_sscfilter_i386.sys><>
[Synaptics TouchPad Driver / SynTP][Running/Manual Start]
<system32\DRIVERS\SynTP.sys><Synaptics, Inc.>
[WoptiHWDetect / WoptiHWDetect][Stopped/Manual Start]
<\??\D:\Program Files\Wopti\WoptiHWDetect.sys><Wopti>
==================================
浏览器加载项
[Adobe PDF Link Helper]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[Groove GFS Browser Helper]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} <D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL, N/A>
[Office Document Cache Handler]
{B4F3A835-0E21-4959-BA22-42B3008E02FF} <D:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL, (Signed) Microsoft Corporation>
[ICBC Anti-Phishing class]
{BB4491A2-D11A-4c6b-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[渐峰]
{6096E38F-5AC1-4391-8E-75DFA92FB32F} <, N/A>
[]
{e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, (Signed) Microsoft Corporation>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, (Signed) Microsoft Corporation>
[GDGetTokenInfo Class]
{3AA9CF07-DF20-48FF-98BE-DED276E40146} <C:\WINDOWS\system32\GDREAD~1.DLL, (Signed) >
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[CertEnroll Class]
{7978461C-CC22-48F2-BC69-02220D3E101D} <C:\WINDOWS\system32\itruscert\itrusenroll.dll, (Signed) iTruschina Co., Ltd.>
[GDGetVer Class]
{7CCE07A5-A590-4554-B5C3-082840D7012E} <C:\WINDOWS\DOWNLO~1\ICBC_G~1.DLL, (Signed) >
[InfoSecICBCNetSign Class]
{B1FBC1AD-5644-4084-882A-0F8BA85E7506} <C:\WINDOWS\DOWNLO~1\ICBC_N~1.DLL, (Signed) Infosec Technologies Co., Ltd.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10t.ocx, (Signed) Adobe Systems, Inc.>
[QQPasswordCtrl Class]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\Program Files\Common Files\tencent\paycenter\qqedit.dll, (Signed) Tencent>
[Microsoft Office Template and Media Control]
{02BCC737-B171-4746-94C9-0D8A0B2C0089} <D:\PROGRA~1\MICROS~1\Office14\IEAWSDC.DLL, N/A>
[Store Class]
{1086BE51-00F5-4371-A449-9A2DECE1B138} <C:\WINDOWS\system32\ABCCECom.ocx, (Signed) Feitian Technologies Co., Ltd.>
[Windows Genuine Advantage Validation Tool]
{17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, (Signed) Microsoft Corporation>
[Adobe PDF Link Helper]
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll, (Signed) Adobe Systems Incorporated>
[WWPicUploadCtrl Class]
{1D63232D-4F15-4A42-890D-EE617AA1537D} <D:\Program Files\AliWangWang\modules\1685\WWPictureUpload.dll, (Signed) Alibaba software (Shanghai) Corporation>
[InstallHelper Class]
{1DABF8D5-8430-4985-9B7F-A30E53D709B3} <d:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\MMInstaller.dll, (Signed) Tencent>
[iTrusPTA Class]
{1E0DFFCF-27FF-4574-849B-55007349FEDA} <C:\WINDOWS\system32\itruscert\pta.dll, (Signed) iTruschina Co., Ltd.>
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, (Signed) Microsoft Corporation>
[XML DOM Document]
{2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[DHTML Edit Control Safe for Scripting for IE5]
{2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[GDGetTokenInfo Class]
{3AA9CF07-DF20-48FF-98BE-DED276E40146} <C:\WINDOWS\system32\GDREAD~1.DLL, (Signed) >
[XML Document]
{48123B-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[EditCtrl Class]
{488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\2.4.0.4\aliedit.dll, (Signed) >
[Microsoft Terminal Services Client Control (redist)]
{4eb89ff4-7f78-4a0f-8b8d-2bf02e94e4b2} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[Microsoft Terminal Services Client Control (redist)]
{4EDCB26C-D24C-4e72-AF07-B576699AC0DE} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[WangWangX Class]
{5D09DD40-CD-4C56-B615-0D1E3B357C2B} <D:\Program Files\AliWangWang\AliIMX.dll, (Signed) Alibaba software (Shanghai) Corporation.>
[CAntiVersion Object]
{5EFE0AA6-B28B-41BD-9B3C-02AA3F79EA9A} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\AntiPhishingVer.dll, (Signed) 中国工商银行>
[]
{6096E38F-5AC1-4391-8E-75DFA92FB32F} <, >
[InfoSecNetSign Class]
{62B938-4190-4F37-8CF0-A92B0A91CC77} <C:\WINDOWS\system32\NetSign.dll, (Signed) Infosec Technologies Co., Ltd.>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, (Signed) Microsoft Corporation>
[MUWebControl Class]
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} <C:\WINDOWS\system32\muweb.dll, (Signed) Microsoft Corporation>
[Active Desktop Mover]
{72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A>
[Groove GFS Browser Helper]
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} <D:\PROGRA~1\MICROS~1\Office14\GROOVEEX.DLL, N/A>
[Microsoft Terminal Services Client Control (redist)]
{7390f3d8-0439-4c05-91e3-cf5cb290c3d0} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[AxInputControl Class]
{73E4740C-08EB-4133-896B-8D0A7C9EE3CD} <C:\WINDOWS\system32\InputControl.dll, (Signed) >
[Microsoft Terminal Services Client Control (redist)]
{7584c670-2274-4efb-b00b-d6aaba6d3850} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[]
{77FEF28E-EB96-44FF-B511-3185DEA48697} <, >
[CertEnroll Class]
{7978461C-CC22-48F2-BC69-02220D3E101D} <C:\WINDOWS\system32\itruscert\itrusenroll.dll, (Signed) iTruschina Co., Ltd.>
[GDGetVer Class]
{7CCE07A5-A590-4554-B5C3-082840D7012E} <C:\WINDOWS\DOWNLO~1\ICBC_G~1.DLL, (Signed) >
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, (Signed) Microsoft Corporation>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml6.dll, (Signed) Microsoft Corporation>
[AxSubmitControl Class]
{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} <C:\WINDOWS\system32\SubmitControl.dll, (Signed) >
[Microsoft Terminal Services Client Control (redist)]
{9059f30f-4eb1-4bd2-9fdc-36f43a218f4a} <%systemroot%\system32\mstscax.dll, (Signed) N/A>
[InfoSecICBCNetSign Class]
{B1FBC1AD-5644-4084-882A-0F8BA85E7506} <C:\WINDOWS\DOWNLO~1\ICBC_N~1.DLL, (Signed) Infosec Technologies Co., Ltd.>
[Office Document Cache Handler]
{B4F3A835-0E21-4959-BA22-42B3008E02FF} <D:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL, (Signed) Microsoft Corporation>
[]
{B580CF65-E151-49C3-B73F-70B13FCA8E86} <, >
[QQCertificateCtrl Class]
{BAEA0695-03A4-43BB-8495-C7025E1A8F42} <C:\Program Files\Common Files\tencent\paycenter\qqcert.dll, (Signed) Tencent>
[ICBC Anti-Phishing class]
{BB4491A2-D11A-4C6B-91C0-B53246A3122B} <C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll, (Signed) 中国工商银行>
[FTNUpload Class]
{BDEACC50-F56D-4D60-860F-CF6ED1766D65} <C:\Program Files\Common Files\Tencent\TXFTN\TXFTNActiveX1.13.dll, (Signed) Tencent>
[KooPlayer Control]
{C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\DOCUME~1\hx\APPLIC~1\CCTV\tv\CCTVPL~1.OCX, (Signed) CCTV.COM>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10t.ocx, (Signed) Adobe Systems, Inc.>
[Microsoft Silverlight]
{DFEAF541-F3E1-4C24-ACAC-99C30715084A} <c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll, (Signed)Microsoft Corporation>
[PlayerCtrl Class]
{E05BC2A3-9A46-4a32-80C9-023A473F5B23} <d:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[]
{E2E2DD38-D088-4134-82B7-F2BA38496583} <, >
[QQPasswordCtrl Class]
{E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\Program Files\Common Files\tencent\paycenter\qqedit.dll, (Signed) Tencent>
[SSOForPTLogin2 Class]
{EAAED308-7322-4B9B-965E-171933ADD473} <C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOAxCtrlForPTLogin.dll, (Signed) >
[TimwpDll.TimwpCheck]
{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <D:\PROGRA~1\QQ2011~2\Bin\Timwp.dll, (Signed) Tencent>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML DOM Document 3.0]
{F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML HTTP 3.0]
{F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML DOM Document]
{F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, (Signed) N/A>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[webmod Class]
{FEE3C8C5-9BEA-4079-AB36-63ECABFC7392} <C:\WINDOWS\system32\aliedit\2.4.0.4\alidcp.dll, (Signed) Alipay.com Co.,Ltd>
[导出到 Microsoft Excel(&X)]
<res://D:\PROGRA~1\MICROS~1\Office14\EXCEL.EXE/3000, N/A>
==================================
正在运行的进程
[PID: 708 / SYSTEM][\SystemRoot\System32\smss.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 788 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 824 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\Ati2evxx.dll][ATI Technologies Inc., 6.14.10.4176]
[PID: 876 / SYSTEM][C:\WINDOWS\system32\services.exe][(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 888 / SYSTEM][C:\WINDOWS\system32\lsass.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[PID: 1060 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe][ATI Technologies Inc., 6.14.10.4190]
[C:\WINDOWS\system32\Ati2edxx.dll][ATI Technologies, Inc., 6, 14, 10, 2513]
[C:\WINDOWS\system32\atipdlxx.dll][ATI Technologies, Inc., 6, 14, 10, 2530]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 1076 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe][ATI Technologies Inc., 6.14.10.4190]
[C:\WINDOWS\system32\Ati2edxx.dll][ATI Technologies, Inc., 6, 14, 10, 2513]
[C:\WINDOWS\system32\atipdlxx.dll][ATI Technologies, Inc., 6, 14, 10, 2530]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 1100 / SYSTEM][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 1164 / SYSTEM][C:\Program Files\Micropoint\MPSvc.exe][Micropoint Corporation, 1,2,10581,57]
[C:\Program Files\Micropoint\dbghelp.dll][Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Micropoint\MSVCP60.dll][Microsoft Corporation, 6.00.8168.0]
[C:\Program Files\Micropoint\mp110049.dll][Micropoint Corporation, 1,2,10581,1]
[C:\Program Files\Micropoint\mp110081.dll][Micropoint Corporation, 1,2,10582,3]
[C:\Program Files\Micropoint\mp110036.dll][Micropoint Corporation, 1.2.10581.2]
[C:\Program Files\Micropoint\mp110078.dll][Micropoint Corporation, 1.2.10582.10]
[PID: 1212 / SYSTEM][C:\Program Files\Micropoint\MPSVC2.exe][Micropoint Corporation, 1.2.10581.160]
[C:\Program Files\Micropoint\dbghelp.dll][Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\msi.dll][Microsoft Corporation, 4.5.6001.22159]
[C:\Program Files\Micropoint\mp110030.dll][Micropoint Corporation, 1.2.10034]
[C:\Program Files\Micropoint\mp110037.dll][Micropoint Corporation, 1.2.10581.9]
[C:\Program Files\Micropoint\mp110078.dll][Micropoint Corporation, 1.2.10582.10]
[C:\Program Files\Micropoint\mp110028.dll][Micropoint Corporation, 1, 2, 10581, 1]
[C:\Program Files\Micropoint\mp110036.dll][Micropoint Corporation, 1.2.10581.2]
[C:\Program Files\Micropoint\mp110033.dll][Micropoint Corporation, 1,2,10582,6]
[C:\Program Files\Micropoint\mp110034.dll][Micropoint Corporation, 1.2.10127]
[C:\Program Files\Micropoint\mp110039.dll][Micropoint Corporation, 1.2.10573.1]
[C:\Program Files\Micropoint\mp110042.dll][Micropoint Corporation, 1, 2, 10042, 0]
[C:\Program Files\Micropoint\mp110049.dll][Micropoint Corporation, 1,2,10581,1]
[C:\Program Files\Micropoint\mp110071.dll][Micropoint Corporation, 1.2.10020]
[C:\Program Files\Micropoint\mp110118.dll][Micropoint Corporation, 1, 2, 10580, 5]
[C:\Program Files\Micropoint\MSVCP60.dll][Microsoft Corporation, 6.00.8168.0]
[C:\Program Files\Micropoint\mp110073.dll][Micropoint Corporation, 1,2,10582,2]
[C:\Program Files\Micropoint\mp110075.dll][Micropoint Corporation, 1.2.10012]
[C:\Program Files\Micropoint\mp110081.dll][Micropoint Corporation, 1,2,10582,3]
[C:\Program Files\Micropoint\mp110124.dll][Micropoint Corporation, 1,2,10582,2]
[C:\Program Files\Micropoint\mp110125.dll][Micropoint Corporation, 1.2.10572.3]
[C:\Program Files\Micropoint\mp110029.dll][Micropoint Corporation, 1, 2, 10581, 1]
[C:\Program Files\Micropoint\mp110077.dll][Micropoint Corporation, 1,2,10582,5]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 1400 / SYSTEM][C:\Program Files\Micropoint\MPSVC1.exe][Micropoint Corporation, 1.2.10581.1]
[C:\Program Files\Micropoint\mp110049.dll][Micropoint Corporation, 1,2,10581,1]
[C:\Program Files\Micropoint\mp110078.dll][Micropoint Corporation, 1.2.10582.10]
[C:\Program Files\Micropoint\mp110081.dll][Micropoint Corporation, 1,2,10582,3]
[C:\Program Files\Micropoint\mp110072.dll][Micropoint Corporation, 1.2.10581.2]
[PID: 1476 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 328 / SYSTEM][C:\WINDOWS\System32\svchost.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[c:\windows\system32\msi.dll][Microsoft Corporation, 4.5.6001.22159]
[PID: 404 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe][ATI Technologies Inc., 6.14.10.4190]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[C:\WINDOWS\system32\Ati2edxx.dll][ATI Technologies, Inc., 6, 14, 10, 2513]
[C:\WINDOWS\system32\atipdlxx.dll][ATI Technologies, Inc., 6, 14, 10, 2530]
[C:\WINDOWS\system32\ati2evxx.dll][ATI Technologies Inc., 6.14.10.4176]
[PID: 532 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 1984 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 288 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe][(Verified) Microsoft Corporation, 5.1.2600.6024 (xpsp_sp3_gdr.100817-1626)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 600 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 796 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 792 / SYSTEM][C:\Program Files\95599 Certificate Tools\Watertek\c20ukdrwsvr.exe][N/A, ]
[C:\WINDOWS\system32\comyCPs20.dll][Comyi, 1, 1, 1, 9]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 892 / SYSTEM][C:\Program Files\ESET\ESET Smart Security\ekrn.exe][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\ekrnScan.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\ekrnAmon.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\ekrnEmon.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\ekrnDmon.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\ekrnEpfw.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\ekrnSmon.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\ekrnUpdate.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\updater.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\ekrnMailPlugins.dll][ESET, 4.2.71.2 ]
[PID: 1700 / SYSTEM][C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\IcbcDaemon.exe][N/A, ]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 1708 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE][Microsoft Corporation, 14.0.4734.1000]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 1764 / SYSTEM][C:\WINDOWS\system32\srvany.exe][N/A, ]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 1776 / SYSTEM][C:\WINDOWS\KMService.exe][N/A, ]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 1900 / SYSTEM][C:\WINDOWS\system32\svchost.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 1600 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe][Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1840 / hx][C:\WINDOWS\Explorer.EXE][(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[C:\WINDOWS\system32\msi.dll][Microsoft Corporation, 4.5.6001.22159]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS][, ]
[C:\Program Files\ESET\ESET Smart Security\shellExt.dll][ESET, 4.2.71.2 ]
[D:\Program Files\dbank\DBank\ClickUp\ClickUpExt.dll][DBank工作室, 1.0.1.0]
[C:\Program Files\WinRAR\rarext.dll][, ]
[D:\PROGRA~1\VISTAN~1\vdfExt.dll][N/A, ]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll][Adobe Systems, Inc., 9.4.0.195]
[D:\Program Files\AliWangWang\AliIMExt.dll][Alibaba software (Shanghai) Corporation., 1.0.0.1]
[d:\PROGRA~1\Wopti\WOPTIE~1.DLL][Wopti, 1.6.10.816]
[PID: 2284 / hx][C:\Program Files\Micropoint\MPMon.exe][Micropoint Corporation, 1,2,10581,25]
[C:\Program Files\Micropoint\mp110036.dll][Micropoint Corporation, 1.2.10581.2]
[C:\Program Files\Micropoint\mp110078.dll][Micropoint Corporation, 1.2.10582.10]
[C:\Program Files\Micropoint\mp110049.dll][Micropoint Corporation, 1,2,10581,1]
[C:\Program Files\Micropoint\mp110079.dll][Micropoint Corporation, 1.2.10004]
[C:\Program Files\Micropoint\mp110081.dll][Micropoint Corporation, 1,2,10582,3]
[C:\Program Files\Micropoint\dbghelp.dll][Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Micropoint\mp110051.dll][Micropoint Corporation, 1,2,10581,6]
[PID: 2504 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 2808 / hx][C:\WINDOWS\system32\wscntfy.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)]
[PID: 2912 / hx][C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe][ATI Technologies, Inc., 6.14.10.5193]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdsxx.dll][ATI Technologies, Inc., 6.14.10.5193]
[C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATRPUIXX.CHS][ATI Technologies, Inc., 6.14.10.5193]
[C:\Program Files\ATI Technologies\ATI Control Panel\atipdxxx.dll][ATI Technologies, Inc., 6.14.10.5193]
[PID: 2924 / hx][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe][Synaptics, Inc., 8.2.14 27Jan06]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[C:\WINDOWS\system32\SynCOM.dll][Synaptics, Inc., 8.2.14 27Jan06]
[C:\WINDOWS\system32\SynTPAPI.dll][Synaptics, Inc., 8.2.14 27Jan06]
[PID: 2936 / hx][C:\WINDOWS\ATK0100\HControl.exe][, 1043, 2, 15, 58]
[C:\WINDOWS\ATK0100\CMSSC.dll][N/A, ]
[C:\WINDOWS\ATK0100\inter_f2.dll][ATK, 1043, 2, 15, 52]
[C:\WINDOWS\ATK0100\ATKWLIOC.DLL][ACTIONTEC Electronics,Inc, 2.01.02]
[C:\WINDOWS\ATK0100\SiSPkt.dll][Silicon Integrated Systems Corp., 1, 0, 0, 45]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[C:\WINDOWS\system32\SynCOM.dll][Synaptics, Inc., 8.2.14 27Jan06]
[PID: 2944 / hx][C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe][Motorola Inc., 6.12.16]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[C:\Program Files\Motorola\SMSERIAL\sm56eng.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56fra.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56brz.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56chs.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56cht.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56ger.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56ita.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56jpn.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56esp.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56kor.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56dnk.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56ara.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56cro.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56pol.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56rus.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56nor.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56cze.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56dan.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56fin.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56gre.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56swe.dll][Motorola Inc., 6.12.16]
[C:\Program Files\Motorola\SMSERIAL\sm56tur.dll][Motorola Inc., 6.12.16]
[PID: 2952 / hx][C:\Program Files\ESET\ESET Smart Security\egui.exe][ESET, 4.2.71.2 ]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_150c9e8b\MFC80U.DLL][Microsoft Corporation, 8.00.50727.6195]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_6a5bb789\MFC80CHS.DLL][Microsoft Corporation, 8.00.50727.6195]
[C:\Program Files\ESET\ESET Smart Security\eguiScan.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\eguiAmon.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\eguiEmon.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\eguiDmon.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\eguiEpfw.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\eguiSmon.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\eguiUpdate.dll][ESET, 4.2.71.2 ]
[C:\Program Files\ESET\ESET Smart Security\eguiMailPlugins.dll][ESET, 4.2.71.2 ]
[PID: 3212 / hx][C:\Program Files\95599 Certificate Tools\Watertek\ComyTool20.exe][N/A, ]
[C:\WINDOWS\system32\comyCPs20.dll][Comyi, 1, 1, 1, 9]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 3232 / hx][C:\WINDOWS\RTHDCPL.EXE][Realtek Semiconductor Corp., 2.3.9.2]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 3276 / hx][C:\WINDOWS\system32\rundll32.exe][Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 3284 / hx][C:\WINDOWS\vsnpstd3.exe][, 1, 1, 5, 11]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 3308 / hx][C:\WINDOWS\system32\ctfmon.exe][(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 3316 / hx][D:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE][Microsoft Corporation, 14.0.4757.1000]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[C:\WINDOWS\system32\msi.dll][Microsoft Corporation, 4.5.6001.22159]
[PID: 3344 / hx][C:\WINDOWS\ATK0100\ATKOSD.exe][, 1043, 2, 15, 57]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 1684 / hx][D:\Program Files\Firefox4.01\Firefox\firefox.exe][Mozilla Corporation, 2.0.1]
[D:\Program Files\Firefox4.01\Firefox\xul.dll][Mozilla Foundation, 2.0.1]
[D:\Program Files\Firefox4.01\Firefox\mozsqlite3.dll][sqlite.org, 3.7.4]
[D:\Program Files\Firefox4.01\Firefox\MOZCRT19.dll][Mozilla Foundation, 8.00.0000]
[D:\Program Files\Firefox4.01\Firefox\mozjs.dll][N/A, ]
[D:\Program Files\Firefox4.01\Firefox\nspr4.dll][Mozilla Foundation, 4.8.7]
[D:\Program Files\Firefox4.01\Firefox\smime3.dll][Mozilla Foundation, 3.12.9.0 Basic ECC]
[D:\Program Files\Firefox4.01\Firefox\nss3.dll][Mozilla Foundation, 3.12.9.0 Basic ECC]
[D:\Program Files\Firefox4.01\Firefox\nssutil3.dll][Mozilla Foundation, 3.12.9.0]
[D:\Program Files\Firefox4.01\Firefox\pl.dll][Mozilla Foundation, 4.8.7]
[D:\Program Files\Firefox4.01\Firefox\plds4.dll][Mozilla Foundation, 4.8.7]
[D:\Program Files\Firefox4.01\Firefox\ssl3.dll][Mozilla Foundation, 3.12.9.0 Basic ECC]
[D:\Program Files\Firefox4.01\Firefox\mozalloc.dll][Mozilla Foundation, 2.0.1]
[D:\Program Files\Firefox4.01\Firefox\MOZCPP19.dll][Mozilla Foundation, 8.00.0000]
[D:\Program Files\Firefox4.01\Firefox\xpcom.dll][Mozilla Foundation, 2.0.1]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[D:\Program Files\Firefox4.01\Firefox\components\browsercomps.dll][Mozilla Foundation, 2.0.1]
[D:\Program Files\Firefox4.01\Firefox\softokn3.dll][Mozilla Foundation, 3.12.9.0 Basic ECC]
[D:\Program Files\Firefox4.01\Firefox\nssdbm3.dll][Mozilla Foundation, 3.12.9.0 Basic ECC]
[D:\Program Files\Firefox4.01\Firefox\freebl3.dll][Mozilla Foundation, 3.12.9.0 Basic ECC]
[D:\Program Files\Firefox4.01\Firefox\nssckbi.dll][Mozilla Foundation, 1.81]
[C:\WINDOWS\system32\SOGOUWB.IME][Sogou.com Inc., 2.0.0.1146]
[C:\Program Files\SogouWBInput\2.0.0.1146\Plugins\StatisticsModule.dll][Sogou.com Inc., 2.0.0.1146]
[C:\Program Files\SogouWBInput\2.0.0.1146\Plugins\ManualNewWord.dll][Sogou.com Inc., 2.0.0.1146]
[C:\WINDOWS\system32\icm32.dll][Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 2844 / hx][D:\Program Files\Firefox4.01\Firefox\plugin-container.exe][Mozilla Corporation, 2.0.1]
[D:\Program Files\Firefox4.01\Firefox\xul.dll][Mozilla Foundation, 2.0.1]
[D:\Program Files\Firefox4.01\Firefox\mozsqlite3.dll][sqlite.org, 3.7.4]
[D:\Program Files\Firefox4.01\Firefox\MOZCRT19.dll][Mozilla Foundation, 8.00.0000]
[D:\Program Files\Firefox4.01\Firefox\mozjs.dll][N/A, ]
[D:\Program Files\Firefox4.01\Firefox\nspr4.dll][Mozilla Foundation, 4.8.7]
[D:\Program Files\Firefox4.01\Firefox\smime3.dll][Mozilla Foundation, 3.12.9.0 Basic ECC]
[D:\Program Files\Firefox4.01\Firefox\nss3.dll][Mozilla Foundation, 3.12.9.0 Basic ECC]
[D:\Program Files\Firefox4.01\Firefox\nssutil3.dll][Mozilla Foundation, 3.12.9.0]
[D:\Program Files\Firefox4.01\Firefox\pl.dll][Mozilla Foundation, 4.8.7]
[D:\Program Files\Firefox4.01\Firefox\plds4.dll][Mozilla Foundation, 4.8.7]
[D:\Program Files\Firefox4.01\Firefox\ssl3.dll][Mozilla Foundation, 3.12.9.0 Basic ECC]
[D:\Program Files\Firefox4.01\Firefox\mozalloc.dll][Mozilla Foundation, 2.0.1]
[D:\Program Files\Firefox4.01\Firefox\MOZCPP19.dll][Mozilla Foundation, 8.00.0000]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll][, ]
[C:\WINDOWS\system32\icm32.dll][Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[PID: 3648 / hx][C:\Program Files\Internet Explorer\iexplore.exe][Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[C:\Program Files\Micropoint\mp110200.dll][Micropoint Corporation, 1, 2, 10581, 18]
[PID: 2132 / hx][C:\Program Files\Internet Explorer\iexplore.exe][Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[C:\Program Files\Micropoint\mp110200.dll][Micropoint Corporation, 1, 2, 10581, 18]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll][Adobe Systems Incorporated, 9.4.0.195]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll][Adobe Systems Incorporated, 9.4.0.195]
[C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\Icbc_AntiPhishing.dll][中国工商银行, 1.0.11.25]
[C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\ICBC_WIN32\KeyMonitor.dll][N/A, ]
[C:\WINDOWS\system32\Macromed\Flash\Flash10t.ocx][Adobe Systems, Inc., 10,3,181,26]
[PID: 3360 / hx][D:\sreng2\SREngLdr.EXE][Smallfrogs Studio, 2.8.4.1331]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
[PID: 3476 / hx][D:\sreng2\SREdcffaa6d.EXE][Smallfrogs Studio, 2.8.4.1331]
[C:\Program Files\Micropoint\mp110031.dll][Micropoint Corporation, 2.0.47.1498]
==================================
文件关联
.TXTError. [C:\WINDOWS\notepad.exe %1]
.EXEOK. ["%1" %*]
.COMOK. ["%1" %*]
.PIFOK. ["%1" %*]
.REGOK. [regedit.exe "%1"]
.BATOK. ["%1" %*]
.SCROK. ["%1" /S]
.CHMError. ["hh.exe" %1]
.HLPOK. [%SystemRoot%\System32\winhlp32.exe %1]
.INIError. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INFOK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBSOK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS Error. ["D:\Program Files\Adobe Photoshop CS4\Adobe Dreamweaver CS4\Dreamweaver.exe","%1"]
.LNKOK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
N/A
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 2912, C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2944, C:\PROGRAM FILES\MOTOROLA\SMSERIAL\SM56HLPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3284, C:\WINDOWS\VSNPSTD3.EXE]
==================================
计划任务
[已启用] User_Feed_Synchronization-{36A27C83-AC21-43FF-9C84-107DB400716F}.job
C:\WINDOWS\system32\msfeedssync.exe
==================================
Windows 安全更新检查
Microsoft .NET Framework 版本 1.1,简体中文版
KB925850,Windows Media Player 11
KB940157,用于 Windows XP 的 Windows 搜索 4.0 (KB940157)
KB928416,Microsoft .NET Framework 3.0: x86 语言包 (KB928416)
KB909520,Microsoft 基本智能卡加密服务提供程序包: x86 (KB909520)
KB951847,Microsoft .NET Framework 3.5 Service Pack 1 (KB951847) x86 语言包
KB971513,Windows XP 更新程序 (KB971513)
KB968930,用于 Windows XP 和 Windows Embedded 的 Windows PowerShell 2.0 和 WinRM 2.0 (KB968930)
KB968930,Windows Live 软件包
KB982670,用于 Windows XP x86 的 Microsoft .NET Framework 4 Client Profile (KB982670)
KB2492386,Windows XP 更新程序 (KB2492386)
KB2541763,Windows XP 更新程序 (KB2541763)
KB931125,根证书更新 [2011 年 6 月] (KB931125)
KB2510690,Microsoft Office 2010 Service Pack 1 (KB2510690) 32 位版本
KB2510690,Microsoft Office 2010 Service Pack 1 (KB2510690) 64 位版本
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
本文来自电脑杂谈,转载请注明本文网址:
http://www.pc-fly.com/a/jisuanjixue/article-24671-1.html
-
-
娄娇娇
-
徐基
如果真的有蛆
手机号码不仅需要身份验证名称,而且还需要头像对比
完全教程 Aircrack-ng破解WEP、WPA-PSK加密利器(1)
java多线程死锁 Java线程堆栈分析
高胆固醇食物排行榜 过年一定要吃这10种食物,刮油、解腻、助消化,怎么吃都不怕胖
表情在哪里