本报告由QQ医生提供 http://doctor.qq.com
诊断时间: 2009-7-24 16:27:20
操作系统: Windows XP Service Pack 3
QQ医生版本:
QQDoctor.exe 3.0.15.201
DrUpdate.exe 3, 0, 15, 201
TSELoder.DAT 2008, 1, 28, 13
TSEngine.DAT 2008, 4, 7, 25
TSEPB.DAT 2009, 3, 5, 35
TSFSEngine.DAT 2009, 3, 11, 7
TSFileFilter.DAT 2007, 12, 5, 01
TSKsp.sys 2009, 6, 25, 17
TSKSPLIB.dat 2009, 7, 1, 16
TSVulMon.DAT 2009, 6, 25, 22
TSVulChk.dat 2009, 7, 15, 30
QQ文件版本:
QQ2008 正式版 (8.0.986.400)
====================进程项====================
C:\WINDOWS\Explorer.EXE [Microsoft Corporation]
C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation]
C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation]
C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation]
C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation]
C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation]
C:\WINDOWS\system32\BROWSEUI.dll [Microsoft Corporation]
C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation]
C:\WINDOWS\system32\USER32.dll [Microsoft Corporation]
C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation]
C:\WINDOWS\system32\ole32.dll [Microsoft Corporation]
C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation]
C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation]
C:\WINDOWS\system32\SHDOCVW.dll [Microsoft Corporation]
C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation]
C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation]
C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation]
C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation]
C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation]
C:\WINDOWS\system32\WININET.dll [Microsoft Corporation]
C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation]
C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation]
C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation]
C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation]
C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation]
C:\WINDOWS\system32\ShimEng.dll [Microsoft Corporation]
C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation]
C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation]
C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation]
C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation]
C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation]
C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation]
C:\WINDOWS\system32\USP10.dll [Microsoft Corporation]
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [Microsoft Corporation]
C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation]
C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation]
C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation]
C:\WINDOWS\system32\MSIMG32.dll [Microsoft Corporation]
C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation]
C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation]
C:\WINDOWS\system32\appHelp.dll [Microsoft Corporation]
C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation]
C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation]
C:\WINDOWS\System32\cscui.dll [Microsoft Corporation]
C:\WINDOWS\System32\CSCDLL.dll [Microsoft Corporation]
C:\WINDOWS\system32\themeui.dll [Microsoft Corporation]
C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation]
C:\WINDOWS\system32\msutb.dll [Microsoft Corporation]
C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation]
C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation]
C:\WINDOWS\system32\ntshrui.dll [Microsoft Corporation]
C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation]
C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation]
C:\WINDOWS\system32\msi.dll [Microsoft Corporation]
C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation]
C:\WINDOWS\system32\webcheck.dll [Microsoft Corporation]
C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation]
C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation]
C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation]
C:\WINDOWS\system32\stobject.dll [Microsoft Corporation]
C:\WINDOWS\system32\BatMeter.dll [Microsoft Corporation]
C:\WINDOWS\system32\POWRPROF.dll [Microsoft Corporation]
C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation]
C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation]
C:\WINDOWS\system32\wdmaud.drv [Microsoft Corporation]
C:\WINDOWS\system32\msacm32.drv [Microsoft Corporation]
C:\WINDOWS\system32\midimap.dll [Microsoft Corporation]
C:\WINDOWS\system32\NETSHELL.dll [Microsoft Corporation]
C:\WINDOWS\system32\credui.dll [Microsoft Corporation]
C:\WINDOWS\system32\dot3api.dll [Microsoft Corporation]
C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation]
C:\WINDOWS\system32\dot3dlg.dll [Microsoft Corporation]
C:\WINDOWS\system32\OneX.DLL [Microsoft Corporation]
C:\WINDOWS\system32\eappcfg.dll [Microsoft Corporation]
C:\WINDOWS\system32\MSVCP60.dll [Microsoft Corporation]
C:\WINDOWS\system32\eappprxy.dll [Microsoft Corporation]
C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation]
C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation]
C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation]
C:\WINDOWS\system32\MPR.dll [Microsoft Corporation]
C:\WINDOWS\System32\drprov.dll [Microsoft Corporation]
C:\WINDOWS\System32\ntlanman.dll [Microsoft Corporation]
C:\WINDOWS\System32\NETUI0.dll [Microsoft Corporation]
C:\WINDOWS\System32\NETUI1.dll [Microsoft Corporation]
C:\WINDOWS\System32\NETRAP.dll [Microsoft Corporation]
C:\WINDOWS\System32\davclnt.dll [Microsoft Corporation]
C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation]
C:\WINDOWS\system32\browselc.dll [Microsoft Corporation]
D:\Program Files\Tencent\QQDoctor\ATL80.DLL [Microsoft Corporation]
D:\Program Files\Tencent\QQDoctor\MSVCP80.dll [Microsoft Corporation]
D:\Program Files\Tencent\QQDoctor\MSVCR80.dll [Microsoft Corporation]
C:\WINDOWS\system32\OLEACC.dll [Microsoft Corporation]
C:\Program Files\Thunder\Components\ResWorker\DsBho_00.dll [Thunder Networking Technologies,LTD]
C:\Program Files\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD]
C:\WINDOWS\system32\DUSER.dll [Microsoft Corporation]
C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation, 152.1 KB, 6.14.11.7474) dfd4eeee83edaf7ffe6c26d8b8f566c2
C:\WINDOWS\system32\services.exe (Microsoft Corporation, 108.0 KB, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)) 803423c13395019f2dd004ff5a3c0290
C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation, 481.5 KB, 5.1.2600.5512 (xpsp.080413-2113)) 440eda2420cfa1b3b2ab4725fc33825d
====================启动项====================
amd_dc_opt [AMD] (C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe)
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 3fc634e7bdfd98d8b7bde0c919a16890
NvCplDaemon [NVIDIA Corporation] (RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup)
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" dec495fbce14cb92bbcc6280c1c7b34c
====================BHO====================
卡卡上网安全助手 [] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}
"" 启用
====================IE右键菜单====================
使用迅雷下载 [C:\Program Files\Thunder\Program\geturl.htm]
使用迅雷下载全部链接 [C:\Program Files\Thunder\Program\getallurl.htm]
====================系统服务====================
DcomLaunch [Microsoft Corporation] "C:\WINDOWS\system32\rpcss.dll" 启用 e9d71100b51af947485c1a1d5bb96420
Eventlog [Microsoft Corporation] "C:\WINDOWS\system32\services.exe" 启用 803423c13395019f2dd004ff5a3c0290
HidServ [] "C:\WINDOWS\System32\hidserv.dll" 禁用
NVSvc [NVIDIA Corporation] "C:\WINDOWS\system32\nvsvc32.exe" 启用 dfd4eeee83edaf7ffe6c26d8b8f566c2
PlugPlay [Microsoft Corporation] "C:\WINDOWS\system32\services.exe" 启用 803423c13395019f2dd004ff5a3c0290
RpcSs [Microsoft Corporation] "C:\WINDOWS\system32\rpcss.dll" 启用 e9d71100b51af947485c1a1d5bb96420
Wmi [Microsoft Corporation] "C:\WINDOWS\System32\advapi32.dll" 禁用 5fd93fc1ad0ea77ddf1eb6dcfee773ce
====================协议相关====================
about [Microsoft Corporation] {3050F406-98B5-11CF-BB82-00AA00BDCE0B}
"c:\windows\system32\mshtml.dll" 启用 a9d718623abe0d02177dad3e064e06f1
cdl [Microsoft Corporation] {3dd53d40-7b8b-11D0-b013-00aa0059ce02}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
Class Install Handler [Microsoft Corporation] {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
deflate [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
file [Microsoft Corporation] {79eac9e7-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
ftp [Microsoft Corporation] {79eac9e3-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
gopher [Microsoft Corporation] {79eac9e4-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
gzip [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
http [Microsoft Corporation] {79eac9e2-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
https [Microsoft Corporation] {79eac9e5-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
javascript [Microsoft Corporation] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}
"c:\windows\system32\mshtml.dll" 启用 a9d718623abe0d02177dad3e064e06f1
local [Microsoft Corporation] {79eac9e7-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
lzdhtml [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
mailto [Microsoft Corporation] {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B}
"c:\windows\system32\mshtml.dll" 启用 a9d718623abe0d02177dad3e064e06f1
mk [Microsoft Corporation] {79eac9e6-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
res [Microsoft Corporation] {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}
"c:\windows\system32\mshtml.dll" 启用 a9d718623abe0d02177dad3e064e06f1
sysimage [Microsoft Corporation] {76E67A63-06E9-11D2-A840-006008059382}
"c:\windows\system32\mshtml.dll" 启用 a9d718623abe0d02177dad3e064e06f1
vbscript [Microsoft Corporation] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}
"c:\windows\system32\mshtml.dll" 启用 a9d718623abe0d02177dad3e064e06f1
====================已知DLL====================
advapi32 [Microsoft Corporation]
"c:\windows\system32\advapi32.dll" 启用 5fd93fc1ad0ea77ddf1eb6dcfee773ce
rpcrt4 [Microsoft Corporation]
"c:\windows\system32\rpcrt4.dll" 启用 fdab97df4473b4a1979dfafa0c01c767
urlmon [Microsoft Corporation]
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
wininet [Microsoft Corporation]
"c:\windows\system32\wininet.dll" 启用 e4a8782f0bec66fc8aa7c7d408eec527
====================打印监控====================
Local Port [Microsoft Corporation]
"c:\windows\system32\localspl.dll" 启用 85494fb6e976f82bc87dd6a7c9a0ca62
====================驱动程序====================
ac97intc [Intel Corporation] 启用 "system32\drivers\ac97intc.sys" 0f2d66d5f08ebe2f77bb904288dcf6f0
Changer [] 启用 ""
EagleNT [] 启用 "\??\C:\WINDOWS\system32\drivers\EagleNT.sys"
FETNDIS [VIA Technologies, Inc. ] 启用 "system32\DRIVERS\fetnd5.sys" e9648254056bce81a85380c0c3647dc4
i2omgmt [] 启用 ""
IntcAzAudAddService [Realtek Semiconductor Corp.] 启用 "system32\drivers\RtkHDAud.sys" 8998a1e6f899f790e5eff9cd2c431a23
lbrtfdc [] 启用 ""
NetMgr00 [] 启用 "\??\C:\WINDOWS\system32\NetMgr00.Bin"
nv [NVIDIA Corporation] 启用 "system32\DRIVERS\nv4_mini.sys" 5975814e3749b49d1dd4ca87a4b2d6a2
PCIDump [] 启用 ""
PDCOMP [] 启用 ""
PDFRAME [] 启用 ""
PDRELI [] 启用 ""
PDRFRAME [] 启用 ""
Tcpip [Microsoft Corporation] 启用 "system32\DRIVERS\tcpip.sys" a0792870931eb78283157ebbab8eaee9
WDICA [] 启用 ""
yukonwxp [Marvell] 启用 "system32\DRIVERS\yk51x86.sys" 630e4f5ae3a93f7de3efd174f28f6479
====================桌面快捷方式====================
腾讯QQ.lnk "D:\Program Files\Tencent\QQ\QQ.exe " (TENCENT, 1.9 MB, 8,0,978,1833) cdbf64038edd93c1dc92d53d5b8c2e5d
暴风影音.lnk "C:\Program Files\StormII\Storm.exe " (北京暴风网际科技有限公司, 1.8 MB, 3, 8, 5, 15) 050c4181f3a67bf28ce9a2d80e2bb15a
千千静听.lnk "C:\Program Files\TTPlayer\TTPlayer.exe " (Alen Soft, 969.5 KB, 5, 2, 1, 0) b4d9f5ad9cd45420c8e57d675a46f920
迅雷.lnk "C:\Program Files\Thunder\Thunder.exe " (Thunder Networking Technologies,LTD, 49.5 KB, 5, 6, 8, 19) bb21eb425259797bf3ea4b98c3632095
魔兽争霸.lnk "E:\魔兽争霸3\War3.exe " (egamestar kenshin, 1.5 MB, 1, 0, 20, 6048) 942c31de25fec688df0985798f75660f
浩方.lnk "E:\浩方对战平台\GameClient.exe " (上海浩方在线信息技术有限公司, 1.8 MB, 5.2.5.618) 6af6a5f5eeb76eb6271babef732e4b94
红警ra2.exe.lnk "E:\共和国之辉\ra2.exe " (, 126.0 KB, ) a8dc6cc4115c0d53c06d85ad9b8b5599
天龙八部.lnk "E:\天龙八部\Launch.exe " (Changyou.com Limited, 1.9 MB, 1.0.1.12) 3f85b7a627fa4eed7ff3e8b1f35ece71
瑞星卡卡上网安全助手.lnk "C:\Program Files\Rising\AntiSpyware\ras.exe " (Beijing Rising Information Technology Co., Ltd., 38.1 KB, 6.0.0.7) 324645bf53d6c2a677cc135eacd91c91
CCTV Box.lnk "C:\cctvbox\CCTVBOX.exe " (, 176.2 KB, 1, 0, 0, 17) b3d7ab83fb175bd28017cee755a13ba3
穿越火线.lnk "E:\穿越火线\CrossFire\QQLogin.exe " (TENCENT, 217.3 KB, 4, 1, 1, 2) 50f61158b3ed3be9ce069cfb4ca5d8f4
Realtek高清晰音频配置.lnk " " (, , )
连连看4.3精装版.lnk "E:\连连看\zzllk.exe " (, 1.8 MB, 1, 0, 0, 1) 00255bd5a6201ff7f23468dbdc245e52
Internet Explorer.lnk "C:\WINDOWS\TheWorld\TheWorld.exe www.8751.com" (Phoenix Studio, 1.1 MB, 2, 2, 1, 2) 63c223535f8763f4437af90358fa0ece
QQ医生.lnk "D:\Program Files\Tencent\QQDoctor\QQDoctor.exe " (Tencent, 1.1 MB, 3.0.15.201) b285d4dc10379442da779813b231824d
CS.lnk "E:\CS1.5\cstrike.exe " (Valve, L.L.C., 924.0 KB, 1, 0, 0, 5) 79bcc923208bfdc83201565d88329169
QQ旋风.lnk "C:\Program Files\Tencent\QQDownload2\QQDownload.exe " (Tencent Technology (Shenzhen) Company Limited, 1.7 MB, 2, 1, 551, 551) 950d279e7c296c60f613f5ac7e366c65
ACDSee 5.0.lnk "C:\WINDOWS\Installer\{5058B085-AA79-41E5-A726-681B4C4B846E}\ACDSeeDesktopShortcut.exe " (InstallShield Software Corp., 60.0 KB, 8.0.158) 29bc48ca4b8355385e12d90d6d7340d5
Excel 2003.lnk "C:\WINDOWS\Installer\{90110804-6000-11D3-8CFE-0150048383C9}\xlicons.exe " (, 400.0 KB, ) f97beaac32c05e29332541bad2d3edde
Word 2003.lnk "C:\WINDOWS\Installer\{90110804-6000-11D3-8CFE-0150048383C9}\wordicon.exe " (, 280.0 KB, ) 5f02de2e68d47ca326df279d635aab83
Windows Media Player.lnk "C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1" (Microsoft Corporation, 72.0 KB, 10.00.00.3802) a5eed55e5db8e1c6b38acd01ed520eb2
QQ游戏.lnk "E:\QQGAME\QQGame.exe " (深圳市腾讯计算机系统有限公司, 160.9 KB, 2, 3, 102, 14) 200358574d3eccf788fc8d6f5175814b
搜狗音乐盒.lnk "C:\Program Files\SogouMusicBox\SogouMusicBox.exe " (Sogou.com, 2.3 MB, 1, 3, 0, 48) afcbf97841dfcd99fb1107277093bd58
诊断时间: 2009-7-24 16:27:20
操作系统: Windows XP Service Pack 3
QQ医生版本:
QQDoctor.exe 3.0.15.201
DrUpdate.exe 3, 0, 15, 201
TSELoder.DAT 2008, 1, 28, 13
TSEngine.DAT 2008, 4, 7, 25
TSEPB.DAT 2009, 3, 5, 35
TSFSEngine.DAT 2009, 3, 11, 7
TSFileFilter.DAT 2007, 12, 5, 01
TSKsp.sys 2009, 6, 25, 17
TSKSPLIB.dat 2009, 7, 1, 16
TSVulMon.DAT 2009, 6, 25, 22
TSVulChk.dat 2009, 7, 15, 30
QQ文件版本:
QQ2008 正式版 (8.0.986.400)
====================进程项====================
C:\WINDOWS\Explorer.EXE [Microsoft Corporation]
C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation]
C:\WINDOWS\system32\kernel32.dll [Microsoft Corporation]
C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation]
C:\WINDOWS\system32\RPCRT4.dll [Microsoft Corporation]
C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation]
C:\WINDOWS\system32\BROWSEUI.dll [Microsoft Corporation]
C:\WINDOWS\system32\GDI32.dll [Microsoft Corporation]
C:\WINDOWS\system32\USER32.dll [Microsoft Corporation]
C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation]
C:\WINDOWS\system32\ole32.dll [Microsoft Corporation]
C:\WINDOWS\system32\SHLWAPI.dll [Microsoft Corporation]
C:\WINDOWS\system32\OLEAUT32.dll [Microsoft Corporation]
C:\WINDOWS\system32\SHDOCVW.dll [Microsoft Corporation]
C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation]
C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation]
C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation]
C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation]
C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation]
C:\WINDOWS\system32\WININET.dll [Microsoft Corporation]
C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation]
C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation]
C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation]
C:\WINDOWS\system32\SHELL32.dll [Microsoft Corporation]
C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation]
C:\WINDOWS\system32\ShimEng.dll [Microsoft Corporation]
C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation]
C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation]
C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation]
C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation]
C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation]
C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation]
C:\WINDOWS\system32\USP10.dll [Microsoft Corporation]
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll [Microsoft Corporation]
C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation]
C:\WINDOWS\system32\urlmon.dll [Microsoft Corporation]
C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation]
C:\WINDOWS\system32\MSIMG32.dll [Microsoft Corporation]
C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation]
C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation]
C:\WINDOWS\system32\appHelp.dll [Microsoft Corporation]
C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation]
C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation]
C:\WINDOWS\System32\cscui.dll [Microsoft Corporation]
C:\WINDOWS\System32\CSCDLL.dll [Microsoft Corporation]
C:\WINDOWS\system32\themeui.dll [Microsoft Corporation]
C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation]
C:\WINDOWS\system32\msutb.dll [Microsoft Corporation]
C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation]
C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation]
C:\WINDOWS\system32\ntshrui.dll [Microsoft Corporation]
C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation]
C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation]
C:\WINDOWS\system32\msi.dll [Microsoft Corporation]
C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation]
C:\WINDOWS\system32\webcheck.dll [Microsoft Corporation]
C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation]
C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation]
C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation]
C:\WINDOWS\system32\stobject.dll [Microsoft Corporation]
C:\WINDOWS\system32\BatMeter.dll [Microsoft Corporation]
C:\WINDOWS\system32\POWRPROF.dll [Microsoft Corporation]
C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation]
C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation]
C:\WINDOWS\system32\wdmaud.drv [Microsoft Corporation]
C:\WINDOWS\system32\msacm32.drv [Microsoft Corporation]
C:\WINDOWS\system32\midimap.dll [Microsoft Corporation]
C:\WINDOWS\system32\NETSHELL.dll [Microsoft Corporation]
C:\WINDOWS\system32\credui.dll [Microsoft Corporation]
C:\WINDOWS\system32\dot3api.dll [Microsoft Corporation]
C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation]
C:\WINDOWS\system32\dot3dlg.dll [Microsoft Corporation]
C:\WINDOWS\system32\OneX.DLL [Microsoft Corporation]
C:\WINDOWS\system32\eappcfg.dll [Microsoft Corporation]
C:\WINDOWS\system32\MSVCP60.dll [Microsoft Corporation]
C:\WINDOWS\system32\eappprxy.dll [Microsoft Corporation]
C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation]
C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation]
C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation]
C:\WINDOWS\system32\MPR.dll [Microsoft Corporation]
C:\WINDOWS\System32\drprov.dll [Microsoft Corporation]
C:\WINDOWS\System32\ntlanman.dll [Microsoft Corporation]
C:\WINDOWS\System32\NETUI0.dll [Microsoft Corporation]
C:\WINDOWS\System32\NETUI1.dll [Microsoft Corporation]
C:\WINDOWS\System32\NETRAP.dll [Microsoft Corporation]
C:\WINDOWS\System32\davclnt.dll [Microsoft Corporation]
C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation]
C:\WINDOWS\system32\browselc.dll [Microsoft Corporation]
D:\Program Files\Tencent\QQDoctor\ATL80.DLL [Microsoft Corporation]
D:\Program Files\Tencent\QQDoctor\MSVCP80.dll [Microsoft Corporation]
D:\Program Files\Tencent\QQDoctor\MSVCR80.dll [Microsoft Corporation]
C:\WINDOWS\system32\OLEACC.dll [Microsoft Corporation]
C:\Program Files\Thunder\Components\ResWorker\DsBho_00.dll [Thunder Networking Technologies,LTD]
C:\Program Files\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD]
C:\WINDOWS\system32\DUSER.dll [Microsoft Corporation]
C:\WINDOWS\system32\nvsvc32.exe (NVIDIA Corporation, 152.1 KB, 6.14.11.7474) dfd4eeee83edaf7ffe6c26d8b8f566c2
C:\WINDOWS\system32\services.exe (Microsoft Corporation, 108.0 KB, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)) 803423c13395019f2dd004ff5a3c0290
C:\WINDOWS\system32\winlogon.exe (Microsoft Corporation, 481.5 KB, 5.1.2600.5512 (xpsp.080413-2113)) 440eda2420cfa1b3b2ab4725fc33825d
====================启动项====================
amd_dc_opt [AMD] (C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe)
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" 3fc634e7bdfd98d8b7bde0c919a16890
NvCplDaemon [NVIDIA Corporation] (RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup)
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" dec495fbce14cb92bbcc6280c1c7b34c
====================BHO====================
卡卡上网安全助手 [] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}
"" 启用
====================IE右键菜单====================
使用迅雷下载 [C:\Program Files\Thunder\Program\geturl.htm]
使用迅雷下载全部链接 [C:\Program Files\Thunder\Program\getallurl.htm]
====================系统服务====================
DcomLaunch [Microsoft Corporation] "C:\WINDOWS\system32\rpcss.dll" 启用 e9d71100b51af947485c1a1d5bb96420
Eventlog [Microsoft Corporation] "C:\WINDOWS\system32\services.exe" 启用 803423c13395019f2dd004ff5a3c0290
HidServ [] "C:\WINDOWS\System32\hidserv.dll" 禁用
NVSvc [NVIDIA Corporation] "C:\WINDOWS\system32\nvsvc32.exe" 启用 dfd4eeee83edaf7ffe6c26d8b8f566c2
PlugPlay [Microsoft Corporation] "C:\WINDOWS\system32\services.exe" 启用 803423c13395019f2dd004ff5a3c0290
RpcSs [Microsoft Corporation] "C:\WINDOWS\system32\rpcss.dll" 启用 e9d71100b51af947485c1a1d5bb96420
Wmi [Microsoft Corporation] "C:\WINDOWS\System32\advapi32.dll" 禁用 5fd93fc1ad0ea77ddf1eb6dcfee773ce
====================协议相关====================
about [Microsoft Corporation] {3050F406-98B5-11CF-BB82-00AA00BDCE0B}
"c:\windows\system32\mshtml.dll" 启用 a9d718623abe0d02177dad3e064e06f1
cdl [Microsoft Corporation] {3dd53d40-7b8b-11D0-b013-00aa0059ce02}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
Class Install Handler [Microsoft Corporation] {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
deflate [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
file [Microsoft Corporation] {79eac9e7-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
ftp [Microsoft Corporation] {79eac9e3-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
gopher [Microsoft Corporation] {79eac9e4-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
gzip [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
http [Microsoft Corporation] {79eac9e2-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
https [Microsoft Corporation] {79eac9e5-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
javascript [Microsoft Corporation] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}
"c:\windows\system32\mshtml.dll" 启用 a9d718623abe0d02177dad3e064e06f1
local [Microsoft Corporation] {79eac9e7-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
lzdhtml [Microsoft Corporation] {8f6b0360-b80d-11d0-a9b3-006097942311}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
mailto [Microsoft Corporation] {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B}
"c:\windows\system32\mshtml.dll" 启用 a9d718623abe0d02177dad3e064e06f1
mk [Microsoft Corporation] {79eac9e6-baf9-11ce-8c82-00aa004ba90b}
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
res [Microsoft Corporation] {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B}
"c:\windows\system32\mshtml.dll" 启用 a9d718623abe0d02177dad3e064e06f1
sysimage [Microsoft Corporation] {76E67A63-06E9-11D2-A840-006008059382}
"c:\windows\system32\mshtml.dll" 启用 a9d718623abe0d02177dad3e064e06f1
vbscript [Microsoft Corporation] {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B}
"c:\windows\system32\mshtml.dll" 启用 a9d718623abe0d02177dad3e064e06f1
====================已知DLL====================
advapi32 [Microsoft Corporation]
"c:\windows\system32\advapi32.dll" 启用 5fd93fc1ad0ea77ddf1eb6dcfee773ce
rpcrt4 [Microsoft Corporation]
"c:\windows\system32\rpcrt4.dll" 启用 fdab97df4473b4a1979dfafa0c01c767
urlmon [Microsoft Corporation]
"c:\windows\system32\urlmon.dll" 启用 69740d77fd2f1ca634984df7ed59c94a
wininet [Microsoft Corporation]
"c:\windows\system32\wininet.dll" 启用 e4a8782f0bec66fc8aa7c7d408eec527
====================打印监控====================
Local Port [Microsoft Corporation]
"c:\windows\system32\localspl.dll" 启用 85494fb6e976f82bc87dd6a7c9a0ca62
====================驱动程序====================
ac97intc [Intel Corporation] 启用 "system32\drivers\ac97intc.sys" 0f2d66d5f08ebe2f77bb904288dcf6f0
Changer [] 启用 ""
EagleNT [] 启用 "\??\C:\WINDOWS\system32\drivers\EagleNT.sys"
FETNDIS [VIA Technologies, Inc. ] 启用 "system32\DRIVERS\fetnd5.sys" e9648254056bce81a85380c0c3647dc4
i2omgmt [] 启用 ""
IntcAzAudAddService [Realtek Semiconductor Corp.] 启用 "system32\drivers\RtkHDAud.sys" 8998a1e6f899f790e5eff9cd2c431a23
lbrtfdc [] 启用 ""
NetMgr00 [] 启用 "\??\C:\WINDOWS\system32\NetMgr00.Bin"
nv [NVIDIA Corporation] 启用 "system32\DRIVERS\nv4_mini.sys" 5975814e3749b49d1dd4ca87a4b2d6a2
PCIDump [] 启用 ""
PDCOMP [] 启用 ""
PDFRAME [] 启用 ""
PDRELI [] 启用 ""
PDRFRAME [] 启用 ""
Tcpip [Microsoft Corporation] 启用 "system32\DRIVERS\tcpip.sys" a0792870931eb78283157ebbab8eaee9
WDICA [] 启用 ""
yukonwxp [Marvell] 启用 "system32\DRIVERS\yk51x86.sys" 630e4f5ae3a93f7de3efd174f28f6479
====================桌面快捷方式====================
腾讯QQ.lnk "D:\Program Files\Tencent\QQ\QQ.exe " (TENCENT, 1.9 MB, 8,0,978,1833) cdbf64038edd93c1dc92d53d5b8c2e5d
暴风影音.lnk "C:\Program Files\StormII\Storm.exe " (北京暴风网际科技有限公司, 1.8 MB, 3, 8, 5, 15) 050c4181f3a67bf28ce9a2d80e2bb15a
千千静听.lnk "C:\Program Files\TTPlayer\TTPlayer.exe " (Alen Soft, 969.5 KB, 5, 2, 1, 0) b4d9f5ad9cd45420c8e57d675a46f920
迅雷.lnk "C:\Program Files\Thunder\Thunder.exe " (Thunder Networking Technologies,LTD, 49.5 KB, 5, 6, 8, 19) bb21eb425259797bf3ea4b98c3632095
魔兽争霸.lnk "E:\魔兽争霸3\War3.exe " (egamestar kenshin, 1.5 MB, 1, 0, 20, 6048) 942c31de25fec688df0985798f75660f
浩方.lnk "E:\浩方对战平台\GameClient.exe " (上海浩方在线信息技术有限公司, 1.8 MB, 5.2.5.618) 6af6a5f5eeb76eb6271babef732e4b94
红警ra2.exe.lnk "E:\共和国之辉\ra2.exe " (, 126.0 KB, ) a8dc6cc4115c0d53c06d85ad9b8b5599
天龙八部.lnk "E:\天龙八部\Launch.exe " (Changyou.com Limited, 1.9 MB, 1.0.1.12) 3f85b7a627fa4eed7ff3e8b1f35ece71
瑞星卡卡上网安全助手.lnk "C:\Program Files\Rising\AntiSpyware\ras.exe " (Beijing Rising Information Technology Co., Ltd., 38.1 KB, 6.0.0.7) 324645bf53d6c2a677cc135eacd91c91
CCTV Box.lnk "C:\cctvbox\CCTVBOX.exe " (, 176.2 KB, 1, 0, 0, 17) b3d7ab83fb175bd28017cee755a13ba3
穿越火线.lnk "E:\穿越火线\CrossFire\QQLogin.exe " (TENCENT, 217.3 KB, 4, 1, 1, 2) 50f61158b3ed3be9ce069cfb4ca5d8f4
Realtek高清晰音频配置.lnk " " (, , )
连连看4.3精装版.lnk "E:\连连看\zzllk.exe " (, 1.8 MB, 1, 0, 0, 1) 00255bd5a6201ff7f23468dbdc245e52
Internet Explorer.lnk "C:\WINDOWS\TheWorld\TheWorld.exe www.8751.com" (Phoenix Studio, 1.1 MB, 2, 2, 1, 2) 63c223535f8763f4437af90358fa0ece
QQ医生.lnk "D:\Program Files\Tencent\QQDoctor\QQDoctor.exe " (Tencent, 1.1 MB, 3.0.15.201) b285d4dc10379442da779813b231824d
CS.lnk "E:\CS1.5\cstrike.exe " (Valve, L.L.C., 924.0 KB, 1, 0, 0, 5) 79bcc923208bfdc83201565d88329169
QQ旋风.lnk "C:\Program Files\Tencent\QQDownload2\QQDownload.exe " (Tencent Technology (Shenzhen) Company Limited, 1.7 MB, 2, 1, 551, 551) 950d279e7c296c60f613f5ac7e366c65
ACDSee 5.0.lnk "C:\WINDOWS\Installer\{5058B085-AA79-41E5-A726-681B4C4B846E}\ACDSeeDesktopShortcut.exe " (InstallShield Software Corp., 60.0 KB, 8.0.158) 29bc48ca4b8355385e12d90d6d7340d5
Excel 2003.lnk "C:\WINDOWS\Installer\{90110804-6000-11D3-8CFE-0150048383C9}\xlicons.exe " (, 400.0 KB, ) f97beaac32c05e29332541bad2d3edde
Word 2003.lnk "C:\WINDOWS\Installer\{90110804-6000-11D3-8CFE-0150048383C9}\wordicon.exe " (, 280.0 KB, ) 5f02de2e68d47ca326df279d635aab83
Windows Media Player.lnk "C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1" (Microsoft Corporation, 72.0 KB, 10.00.00.3802) a5eed55e5db8e1c6b38acd01ed520eb2
QQ游戏.lnk "E:\QQGAME\QQGame.exe " (深圳市腾讯计算机系统有限公司, 160.9 KB, 2, 3, 102, 14) 200358574d3eccf788fc8d6f5175814b
搜狗音乐盒.lnk "C:\Program Files\SogouMusicBox\SogouMusicBox.exe " (Sogou.com, 2.3 MB, 1, 3, 0, 48) afcbf97841dfcd99fb1107277093bd58
插入图片
选择表情