TXT

SysLog

By Daniel Price,2014-02-18 12:23
9 views 0
SysLog

     [CODE]

2011-09-03,13:21:02

SysLog Scanner 3.1 - build 20100608

    Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 3 (build 2600)

    ================================================================ ×??áÏî

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

     [(Verified)Realtek Semiconductor Corp., 2.2.5.2]

     [Realtek Semiconductor Corp., 5, 1, 0, 59]

     < QQPCTray> <"C:\Program

    Files\Tencent\QQPCMgr\5.2.1515.201\QQPCTray.exe" /regrun> [(Verified)Tencent, 5.0.1416.204]

     <"c:\program files\kingsoft\kingsoft

    antivirus\kxetray.exe" -autorun> [(Verified)Kingsoft Corporation, 2011,08,24,1332]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows

    NT\CurrentVersion\Winlogon]

    

    [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

[HKEY_CURRENT_USER\Control Panel\Desktop]

    

    [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd]

     [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders]

     msnsspc.dll> [(Verified)Microsoft Corporation, 6.00.7755 |

(Verified)Microsoft Corporation, 5.1.2600.6108

    (xpsp_sp3_gdr.110429-1919) | (Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105) | (Verified)Microsoft Corporation, 6.1.1825.0]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components]

     <{44BBA842-CC51-11CF-AAFA-00AA00B6015B}> advpack.dll,LaunchINFSection

    C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT>

    [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105) | (Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105) | (Verified)N/A]

     <{5945c046-1e7d-11d1-bc44-00c04fd912be}> advpack.dll,LaunchINFSection

    C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>

    [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105) | (Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105) | (Verified)N/A]

     <{6BF52A52-394A-11d3-B153-00C04F79FAA6}> advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105) | (Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105) | (Verified)N/A]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt]

     <Ê?ÓÃÑ?À×ÏÂÔØ> [N/A]

     <Ê?ÓÃÑ?À×ÏÂÔØÈ???Á??Ó>

    Files\Thunder\Program\GetAllUrl.htm> [N/A]

    ================================================================ Æô??×é

    ================================================================ ÈÎÎñ?Æ??

    [SogouImeMgr.job]

    

    <"C:\PROGRA~1\SOGOUI~1\600~1.607\SGTool.exe" --appid=pinyinrepair /S> [(Verified)Sogou.com Inc., 6.0.0.6076]

    ================================================================

×é?þ

--------------------------------

    Shell Extension

     [Display Panning CPL Extension]

     <{42071714-76d4-11d1-8b24-00a0c9068ff3}> []

     [ÈÎÎñÀ?ºÍ???ªÊ????˵?]

     <{0DF44EAA-FF21-4412-828E-260A8728E7F1}> <> []

     [WinRAR shell extension]

     <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> Files\WinRAR\rarext.dll> [N/A]

     [QQ Master Extention]

     <{754DF2CE-51E8-4895-B53C-6381418B84AE}> Files\Tencent\QQPCMgr\5.2.1515.201\plugins\FileSmash\QMSoftExt.dll> [(Verified)Tencent, 5.0.1411.204]

--------------------------------

    Context Menu

     [duba_32bit]

     <{D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4}> files\kingsoft\kingsoft antivirus\kavmenu.dll> [(Verified)Kingsoft Corporation, 2011,06,21,826]

     [WinRAR]

     <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> Files\WinRAR\rarext.dll> [N/A]

     [QMSoftExt]

     <{754DF2CE-51E8-4895-B53C-6381418B84AE}> Files\Tencent\QQPCMgr\5.2.1515.201\plugins\FileSmash\QMSoftExt.dll> [(Verified)Tencent, 5.0.1411.204]

--------------------------------

    BrowserHelperObject

     [PPSÊÓƵ?ÓËÙÄ??é]

     <{0000E615-928F-4EE3-892A-8BAC4931DB4F}> settings\administrator\application

    data\ppstream\ppsva\1.0.0.6\ppsva.dll> [(Verified)PPStream Inc., 1.0.0.6]

     [ThunderAtOnce Class]

     <{01443AEC-0FD1-40fd-9C87-E93D1494C233}> Files\Thunder\ComDlls\TDAtOnce_Now.dll> [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34]

     [QQµçÄÔ?Ü?ÒÍøÒ??À?ðÇ?]

     <{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}>

    Files\Tencent\QQPCMgr\5.2.1515.201\TSWebMon.dat> [(Verified)Tencent, 5.0.1411.204]

     [Thunder Browser Helper]

     <{889D2FEB-5411-4565-8998-1DD2C5261283}> Files\Thunder\ComDlls\xunleiBHO_Now.dll> [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120]

--------------------------------

    ActiveX Extension

     [PPSÊÓƵ?ÓËÙÄ??é]

     <{0000E615-928F-4EE3-892A-8BAC4931DB4F}> settings\administrator\application

    data\ppstream\ppsva\1.0.0.6\ppsva.dll> [(Verified)PPStream Inc., 1.0.0.6]

     [ThunderAtOnce Class]

     <{01443AEC-0FD1-40FD-9C87-E93D1494C233}> Files\Thunder\ComDlls\TDAtOnce_Now.dll> [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34]

     [InstallHelper Class]

     <{1DABF8D5-8430-4985-9B7F-A30E53D709B3}>

     [(Verified)Tencent, 8.13.4822.0]

     [QQµçÄÔ?Ü?ÒÍøÒ??À?ðÇ?]

     <{7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B}> Files\Tencent\QQPCMgr\5.2.1515.201\TSWebMon.dat> [(Verified)Tencent, 5.0.1411.204]

     [Thunder Browser Helper]

     <{889D [Shockwave Flash Object]

     <{D27CDB6E-AE6D-11CF-96B8-444553540000}>

     [(Verified)Adobe Systems, Inc., 10,0,22,87]

     [PlayerCtrl Class]

     <{E05BC2A3-9A46-4a32-80C9-023A473F5B23}>

     [(Verified)Tencent, 7.84.1995.401]

     [iTrusPTA Class]

     <{1E0DFFCF-27FF-4574-849B-55007349FEDA}>

     [(Verified)Copyright 2001, 2, 5, 1, 509]

     [EditCtrl Class]

     <{488A4255-3236-44B3-8F27-FA1AECAA8844}>

     [(Verified)Copyright 2008, 2, 4, 0, 1]

     [webmod Class]

     <{FEE3C8C5-9BEA-4079-AB36-63ECABFC7392}>

    [(Verified)Alipay.com Co.,Ltd, 2, 0, 0, 1]

    ================================================================ ?þÎñ

[Help and Support / helpsvc][Stopped/Disabled]

     <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll">

    [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [Human Interface Device Access / HidServ][Stopped/Disabled]

     <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]

     []

    [System Restore Service / srservice][Stopped/Auto Start]

     <%SystemRoot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\srsvc.dll"> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

    [Contrl Center of Storm Media / ccosm][Running/Auto Start]

     [(Verified)???????çÍø?Ê?Æ??ÓÐÏÞ??Ë?, 3, 9, 4, 17]

    [Kingsoft Core Service / kxescore][Running/Auto Start]

     <"c:\program files\kingsoft\kingsoft antivirus\kxescore.exe" /service kxescore> [(Verified)Kingsoft Corporation, 2011,06,30,861] [QQPCMgr RTP Service / QQPCRTP][Running/Auto Start]

     [(Verified)Tencent, 5.0.1416.204]

    ================================================================ Çý??

    [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]

     [Realtek Semiconductor Corp., 5.10.00.6260 built by: WinDDK]

    [hptpro / hptpro][Stopped/Boot Start]

     [HighPoint Technologies, Inc., 1.23.12.10]

    [nv / nv][Running/Manual Start]

     [NVIDIA Corporation, 6.14.11.8206]

    [System Restore Filter Driver / sr][Stopped/Boot Start]

     []

    [TCP/IP Protocol Driver / Tcpip][Running/System Start]

     [Microsoft Corporation, 5. [AMD AGP Bus Filter Driver / amdagp][Running/Boot Start]

     [(Verified)Advanced Micro Devices, Inc., 5.00 (xpsp.080413-2111)]

    [AMD Processor Driver / AmdK8][Running/System Start]

     [(Verified)Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226)]

    [AtpKrnl / AtpKrnl][Running/Manual Start]

     [(Verified)www.arswp.com, 3.00] [Microsoft ÓÃÓÚ High Definition Audio µÄ UAA ×ÜÏßÇý???ÌÐò / HDAudBus][Stopped/Manual Start]

     [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK]

    [Service for Realtek HD Audio (WDM) /

    IntcAzAudAddService][Stopped/Manual Start]

     [(Verified)Realtek Semiconductor Corp., 5.10.0.5745 built by: WinDDK]

    [kavbootc / kavbootc][Running/Boot Start]

     [(Verified)Kingsoft Corporation, 2010,11,11,77]

    [KDHacker / KDHacker][Running/System Start]

     <\??\c:\program files\kingsoft\kingsoft

    antivirus\security\kxescan\kdhacker.sys> [(Verified)Kingsoft Corporation, 2011,08,22,1316]

    [kisknl / kisknl][Running/Auto Start]

     <\??\C:\WINDOWS\system32\drivers\kisknl.sys>

    [(Verified)Kingsoft Corporation, 2011,08,19,3]

    [ksapi / ksapi][Running/Manual Start]

     <\??\C:\WINDOWS\system32\drivers\ksapi.sys>

    [(Verified)Kingsoft Corporation, 2011, 8, 8, 1014]

    [Direct Parallel Link Driver / Ptilink][Running/Manual Start]

     [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)]

    [Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start]

     [(Verified)Realtek Semiconductor Corporation , 5.708.1030.2008 built by: WinDDK]

    [Secdrv / Secdrv][Stopped/Manual Start]

     [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086]

    [SATALink driver accelerator / SiFilter][Running/Boot Start]

     [(Verified)Silicon Image, Inc., 1.0.0.11]

    [SATALink External Device Filter / SiRemFil][Running/Boot Start]

     [(Verified)Silicon Image, Inc., 1, 1, 7, 0]

    [SIS AGP Bus Filter / sisagp][Running/Boot Start]

     [(Verified)Silicon Integrated Systems Corporation, 5.12.01.2010 (xpsp.080413-2111)] [TcHardWare / TcHardWare][Running/Manual Start]

     <\??\C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\QQPCHW.sys> [(Verified)Tencent, 2010, 8, 1, 1]

    [TCSafeBox / TCSafeBox][Running/System Start]

     <\??\C:\Program

    Files\Tencent\QQPCMgr\5.2.1515.201\TCSafeBox.sys>

    [(Verified)Tencent, 4, 6, 1, 10]

    [TSKsp / TSKSP][Running/System Start]

     <\??\C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\TSKsp.sys> [(Verified)Tencent, 2011, 7, 21, 71]

    [TSSysKit / TSSysKit][Runni <\??\C:\Program

    Files\Tencent\QQPCMgr\5.2.1515.201\TSSysKit.sys>

    [(Verified)Tencent, 2011, 7, 22, 1]

    [TSysCare / TSysCare][Running/Boot Start]

     [(Verified)Tencent, 1, 0, 10, 28]

    ================================================================ ?î???ø?Ì

    [PID: 676 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

     C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [PID: 732 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]

     C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [PID: 904 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

     C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 964 / SYSTEM] C:\Program

    Files\Tencent\QQPCMgr\5.2.1515.201\QQPCRTP.exe [(Verified)Tencent, 5.0.1416.204]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\TSSysKitProxy.dll [(Verified)Tencent, 5.0.30271.201]

     C:\Program

    Files\Tencent\QQPCMgr\5.2.1515.201\plugins\QMHipsEngine.dll [(Verified)Tencent, 5.0.1411.204]

    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL [Microsoft Corporation, 8.00.50727.4053]

    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL [Microsoft Corporation, 8.00.50727.4053]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\dr.dll [(Verified)Tencent, 5.0.1411.204]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\QMNetworkMgr.dll [(Verified)Tencent, 1, 1, 0, 1]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\TSCUpload.dat [(Verified)TENCENT, 2010, 10, 18, 1]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\TSCNet.dat [(Verified)TENCENT, 2010, 10, 11, 1]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\TAVInterface.dll [(Verified)N/A]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\TAVConfig.dll [(Verified)Tencent, 5.0.1411.204]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\TSFSEngine.dat [(Verified)Tencent, 2011, 3, 15, 1]

     C:\Program

    Files\Tencent\QQPCMgr\5.2.1515.201\plugins\QMHips.dll [(Verified)Tencent, 5.0.1411.204]

     C:\Program

    Files\Tencent\QQPCMgr\5.2.1515.201\plugins\QMSafeboxPlugin.dll [(Verified)Tencent, 5.0.1411.204]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\QMSafebox.dat [(Verified)Tencent, 5.0.1416.204]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\Common.dll [(Verified)Tencent, 1, 56, 1924, 0]

    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL [Microsoft Corporation,

8.00.50727.4053]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\Wanggou.dat [(Verified)N/A]

     C:\Program Files\Ten C:\Program

    Files\Tencent\QQPCMgr\5.2.1515.201\QQPCHwVedioDetect.dll [(Verified)Tencent, 5.0.1411.204]

    [PID: 996 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

     C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [PID: 1112 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

     C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [PID: 1196 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

     C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [PID: 1236 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

     C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [PID: 1700 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

     C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

     C:\program files\kingsoft\kingsoft antivirus\kwsui.dll [(Verified)Kingsoft Corporation, 2011,08,17,1222]

     C:\Documents and Settings\All Users\Application

    Data\Tencent\TSVulFw\TSVulFW.DAT [(Verified)Tencent, 2011.6.7.1]

     C:\program files\kingsoft\kingsoft antivirus\kswebshield.dll [(Verified)Kingsoft Corporation, 2011,08,26,1349]

    [PID: 1808 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.6024

    (xpsp_sp3_gdr.100817-1626)]

     C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

    [PID: 1816 / SYSTEM] C:\PROGRA~1\SOGOUI~1\600~1.607\SGTool.exe [(Verified)Sogou.com Inc., 6.0.0.6076]

    [PID: 168 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]

     C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]

[PID: 180 / Administrator] C:\Program

    Files\Tencent\QQPCMgr\5.2.1515.201\QQPCLeakScan.exe [(Verified)Tencent, 5.0.1411.204]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\Common.dll [(Verified)Tencent, 1, 56, 1924, 0]

    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL [Microsoft Corporation, 8.00.50727.4053]

    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL [Microsoft Corporation, 8.00.50727.4053]

    C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL [Microsoft Corporation, 8.00.50727.4053]

     C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporatio C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\dr.dll [(Verified)Tencent, 5.0.1411.204]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\TSVulEngine.dll [(Verified)Tencent, 5.0.1415.202]

     C:\Program Files\Tencent\QQPCMgr\5.2.1515.201\QMNetworkMgr.dll [(Verified)Tencent, 1, 1, 0, 1]

    [PID: 220 / SYSTEM] C:\Program Files\StormII\stormliv.exe [(Verified)???????çÍø?Ê?Æ??ÓÐÏÞ??Ë?, 3, 9, 4, 17]

     C:\Program Files\StormII\bfoptdll.dll

    [???????çÍø?Ê?Æ??ÓÐÏÞ??Ë?, 3, 8, 7, 16]

     C:\Program Files\StormII\box\BoxLog.dll

    [(Verified)???????çÍø?Ê?Æ??ÓÐÏÞ??Ë?, 3, 9, 4, 17]

    [PID: 252 / Administrator] C:\WINDOWS\SOUNDMAN.EXE [Realtek Semiconductor Corp., 5, 1, 0, 59]

     C:\program files\kingsoft\kingsoft antivirus\kwsui.dll [(Verified)Kingsoft Corporation, 2011,08,17,1222]

Report this document

For any questions or suggestions please email
cust-service@docsford.com