Copyright © 1998 - 2009 Tencent. All Rights Reserved.
2009-05-27,19:53:08
System Repair Engineer 2.7.1.1261
Smallfrogs (http://www.KZTechs.com)
Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
API HOOK
隐藏进程
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<RisTray><"D:\Rising\Ris\RsTray.exe" -system> [File is missing]
<SoundMan><SOUNDMAN.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<VTTimer><VTTimer.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<VTTrayp><VTtrayp.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [(Verified)"RealNetworks, Inc."]
<360Safebox><"D:\360safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
<360Safetray><D:\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Component Publisher]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll> [(Verified)Microsoft Windows Component Publisher]
<{C67C8E02-6444-4DA6-AA62-321AE0194DAE}><C:\WINDOWS\fonts\dztgzqst.dll> [File is missing]
<{7B4D8F7E-8FC3-43E6-B561-3177360395CA}><C:\WINDOWS\fonts\aedhjnky.dll> [File is missing]
<{7E94C114-C874-4112-9922-054D8E5546E2}><C:\WINDOWS\fonts\rleknnrf.dll> [File is missing]
<{12757779-277E-4C3D-898D-2602BC5A3993}><C:\WINDOWS\fonts\uckwaltg.dll> [File is missing]
<{8FF71D28-9FC0-4D5D-9FF1-6E24F96DE4B7}><C:\WINDOWS\fonts\bbgidypp.dll> [File is missing]
<{42B244BB-E8F8-4878-B4BC-BFC602FC1D3A}><C:\WINDOWS\system32\3VzPhrhFET.dll> [File is missing]
<{5DA78CAE-51BC-4A36-85BC-18CC640AAAC9}><> [N/A]
<{5A0B8C1F-115F-48AE-B52F-DDA144375324}><C:\WINDOWS\fonts\cfvqkpev.dll> [File is missing]
<{7B473157-ABA4-4222-8505-42F5D34EF824}><C:\WINDOWS\fonts\wzkmjlch.dll> [File is missing]
<{02E92FA2-FA16-4D55-A70F-BD4EF7B0A968}><C:\WINDOWS\fonts\mribdfaz.dll> [File is missing]
<{4AF17D54-3E3F-474F-AD65-46B82EB5B8C5}><C:\WINDOWS\fonts\ttqbjevk.nls> [File is missing]
<{A272F097-E24C-4A6E-8BCD-8C42839CE8DE}><C:\WINDOWS\Fonts\jzswndcr.dll> [File is missing]
<{CC80F0B4-04D7-44D0-8DB9-9109B5B72141}><C:\WINDOWS\system32\CC80F0B4.dll> [File is missing]
<{CC0EC2C9-432D-4DCC-91E7-A7C5CEA748D8}><C:\WINDOWS\system32\CC0EC2C9.dll> [File is missing]
<{08223B03-1B38-4A33-A83A-A4D3CC1D6E4E}><C:\WINDOWS\system32\08223B03.dll> [File is missing]
<{91C7DF6D-AEF5-4136-9252-AF030D7A5931}><C:\WINDOWS\system32\91C7DF6D.dll> [File is missing]
<{77AC4257-6781-430B-80C1-BCA6D20C950F}><C:\WINDOWS\fonts\acqngqdw.dll> [File is missing]
<{94602C15-9A4E-4C25-842A-FDF422B4556A}><C:\WINDOWS\fonts\hiqfejiv.dll> [File is missing]
<{D0A4406E-AAAA-44DC-97AD-6050E9FA0B69}><C:\WINDOWS\fonts\okyfjidg.nls> [File is missing]
<{93F48290-F2A6-4A5D-A020-746BA6D4FF2B}><C:\WINDOWS\fonts\euknqerq.nls> [File is missing]
<{BE0CF47B-1578-4242-8F2A-5702D757367F}><C:\WINDOWS\fonts\vefepixr.dll> [File is missing]
<{E4814792-EFA3-4C20-93D0-8B130A59F9A8}><C:\WINDOWS\system32\E4814792.dll> [File is missing]
<{0946B8D7-855D-4C09-91C9-C23E8A0F143A}><C:\WINDOWS\Fonts\ooyyjcot.dll> [File is missing]
<{B7182E6A-05A9-493F-8B52-DB118A51E88E}><C:\WINDOWS\fonts\iinubymo.dll> [File is missing]
<{DF12F8AB-9A00-469C-B9D4-425C1BE3E1E6}><C:\WINDOWS\Fonts\ysadzcbp.dll> [File is missing]
<{3CA7A137-35F8-46CD-B83B-534CD13D5A67}><C:\WINDOWS\Fonts\ixchycol.dll> [File is missing]
<{BD22F774-F7D2-46E1-8E12-187C51DCC1BD}><C:\WINDOWS\fonts\xrV43Hzm8G.fon> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll> [(Verified)Microsoft Windows Component Publisher]
<C:\WINDOWS\fonts\dztgzqst.dll><C:\WINDOWS\fonts\dztgzqst.dll> [File is missing]
<C:\WINDOWS\fonts\aedhjnky.dll><C:\WINDOWS\fonts\aedhjnky.dll> [File is missing]
<C:\WINDOWS\fonts\rleknnrf.dll><C:\WINDOWS\fonts\rleknnrf.dll> [File is missing]
<C:\WINDOWS\fonts\uckwaltg.dll><C:\WINDOWS\fonts\uckwaltg.dll> [File is missing]
<C:\WINDOWS\Fonts\oxzssias.dll><C:\WINDOWS\Fonts\oxzssias.dll> [File is missing]
<C:\WINDOWS\fonts\bbgidypp.dll><C:\WINDOWS\fonts\bbgidypp.dll> [File is missing]
<C:\WINDOWS\fonts\vghepuie.nls><> [N/A]
<C:\WINDOWS\fonts\cfvqkpev.dll><C:\WINDOWS\fonts\cfvqkpev.dll> [File is missing]
<C:\WINDOWS\fonts\wzkmjlch.dll><C:\WINDOWS\fonts\wzkmjlch.dll> [File is missing]
<C:\WINDOWS\fonts\mribdfaz.dll><C:\WINDOWS\fonts\mribdfaz.dll> [File is missing]
<C:\WINDOWS\fonts\ttqbjevk.nls><C:\WINDOWS\fonts\ttqbjevk.nls> [File is missing]
<C:\WINDOWS\Fonts\jzswndcr.dll><C:\WINDOWS\Fonts\jzswndcr.dll> [File is missing]
<C:\WINDOWS\fonts\acqngqdw.dll><C:\WINDOWS\fonts\acqngqdw.dll> [File is missing]
<C:\WINDOWS\fonts\hiqfejiv.dll><C:\WINDOWS\fonts\hiqfejiv.dll> [File is missing]
<C:\WINDOWS\fonts\okyfjidg.nls><C:\WINDOWS\fonts\okyfjidg.nls> [File is missing]
<C:\WINDOWS\fonts\euknqerq.nls><C:\WINDOWS\fonts\euknqerq.nls> [File is missing]
<C:\WINDOWS\fonts\vefepixr.dll><C:\WINDOWS\fonts\vefepixr.dll> [File is missing]
<C:\WINDOWS\Fonts\ooyyjcot.dll><C:\WINDOWS\Fonts\ooyyjcot.dll> [File is missing]
<C:\WINDOWS\fonts\iinubymo.dll><C:\WINDOWS\fonts\iinubymo.dll> [File is missing]
<C:\WINDOWS\Fonts\ysadzcbp.dll><C:\WINDOWS\Fonts\ysadzcbp.dll> [File is missing]
<C:\WINDOWS\Fonts\ixchycol.dll><C:\WINDOWS\Fonts\ixchycol.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
<{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
<{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<OlympicExpress><; "C:\Program Files\SogouInput\OlympicNews.exe"> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<SoundMan><; SOUNDMAN.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<VModes><; VModes AttachToDesktop> [N/A]
<VTTimer><; VTTimer.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<VTTrayp><; VTtrayp.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
==================================
启动文件夹
[QQ游戏启动加速程序]
<C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> C:\PROGRA~1\腾讯游戏\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]><N>
==================================
服务
[Adobe LM Service / Adobe LM Service][Stopped/Manual Start]
<"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[Contrl Center of Storm Media / ccosm][Stopped/Manual Start]
<C:\Program Files\StormII\stormliv.exe /asservice><北京暴风网际科技有限公司>
[Google Software Updater / gusvc][Stopped/Auto Start]
<"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
<C:\WINDOWS\system32\mnmsrvc.exe><(File is missing)>
[Qvod Terminal / Qvod Terminal][Stopped/Manual Start]
<D:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
[Ris Process Communication Center / RisCCenter][Stopped/Auto Start]
<D:\Rising\Ris\CCENTER.EXE><(File is missing)>
[Rising RisTask Manager / RisTask][Stopped/Auto Start]
<"D:\Rising\Ris\RavTask.exe" RisTask><(File is missing)>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
<D:\Rising\Ris\RavMonD.exe><(File is missing)>
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
<D:\Rising\Ris\ScanFrm.exe><(File is missing)>
[ServiceLayer / ServiceLayer][Stopped/Manual Start]
<"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"><Nokia.>
[System Restore Service / srservice][Stopped/Disabled]
<C:\WINDOWS\system32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\srsvc.dll><N/A>
[Tencent Software Update Service / TSUSVC][Running/Auto Start]
<"C:\Program Files\Tencent\QQSoftMgr\TencentUpdateSvc.exe" -run><Tencent>
==================================
驱动程序
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[EagleNT / EagleNT][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[hookcont / hookcont][Running/System Start]
<system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[hooksys / hooksys][Running/System Start]
<system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[Nokia USB Phone Parent / nmwcd][Stopped/Manual Start]
<system32\drivers\ccdcmb.sys><Nokia>
[Nokia USB Generic / nmwcdc][Stopped/Manual Start]
<system32\drivers\ccdcmbo.sys><Nokia>
[PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start]
<system32\DRIVERS\pccsmcfd.sys><Nokia>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
<system32\DRIVERS\rfwbase.sys><Beijing Rising Information Technology Co., Ltd.>
[rfwtdi / rfwtdi][Stopped/Auto Start]
<\??\D:\Rising\Ris\rfwtdi.sys><N/A>
[rsfwdrv / rsfwdrv][Stopped/System Start]
<\??\D:\Rising\Ris\rsfwdrv.sys><N/A>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
<system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys><360安全中心>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SATALink driver accelerator / SiFilter][Running/Boot Start]
<\SystemRoot\system32\drivers\SiWinAcc.sys><Silicon Image, Inc.>
[System Restore Filter Driver / sr][Stopped/Disabled]
<\SystemRoot\system32\DRIVERS\sr.sys><N/A>
[sx / sx][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\sx.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[upperdev / upperdev][Stopped/Manual Start]
<system32\DRIVERS\usbser_lowerflt.sys><Windows (R) Codename Longhorn DDK provider>
[UsbserFilt / UsbserFilt][Stopped/Manual Start]
<system32\DRIVERS\usbser_lowerfltj.sys><Windows (R) Codename Longhorn DDK provider>
[VIA AGP Filter / viaagp1][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[viagfx / viagfx][Running/Manual Start]
<system32\DRIVERS\vtmini.sys><Copyright (C) VIA/S3 Graphics Co, Ltd.>
[ViBus / ViBus][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ViBus.sys><VIA Technologies, Inc.>
[videX32 / videX32][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\videX32.sys><VIA Technologies, Inc.>
[VIA SATA IDE Device Driver / ViPrt][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\ViPrt.sys><VIA Technologies, Inc.>
[WoptiHWDetect / WoptiHWDetect][Stopped/Manual Start]
<\??\C:\Program Files\Wopti\WoptiHWDetect.sys><Wopti>
==================================
浏览器加载项
[QQCycloneHelper Class]
{00000000-12C9-4305-82F9-43058F20E8D2} <D:\QQ2009\QQIEHelper01.dll, (Signed) Tencent Technology (Shenzhen) Company Limited>
[RealPlayer Download and Record Plugin for Internet Explorer]
{3049C3E9-B461-4BC5-8870-4C09146192CA} <C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, (Signed) RealPlayer>
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll, (Signed) Google Inc.>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\360safe\safemon\safemon.dll, (Signed) 360.CN>
[Tencent.FaceQQ.1]
{C92AE615-4D46-4489-96FA-C5D6A38B3AB1} <C:\WINDOWS\system32\faceQQ.dll, >
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
[拍拍乐 2009]
{E01D63E5-8758-4D4C-95DB-3C0529A5B450} <F:\拍拍乐PixPlayer\PixPlayer.exe, N/A>
[QQCycloneHelper Class]
{00000000-12C9-4305-82F9-43058F20E8D2} <D:\QQ2009\QQIEHelper01.dll, (Signed) Tencent Technology (Shenzhen) Company Limited>
[RealPlayer Download and Record Plugin for Internet Explorer]
{3049C3E9-B461-4BC5-8870-4C09146192CA} <C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll, (Signed) RealPlayer>
[]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <, >
[Google Toolbar Notifier BHO]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll, (Signed) Google Inc.>
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\360safe\safemon\safemon.dll, (Signed) 360.CN>
[Tencent.FaceQQ.1]
{C92AE615-4D46-4489-96FA-C5D6A38B3AB1} <C:\WINDOWS\system32\faceQQ.dll, >
[]
{E01D63E5-8758-4D4C-95DB-3C0529A5B450} <, >
[&使用QQ旋风下载]
<D:\QQ2009\geturl.htm, N/A>
[&使用QQ旋风下载全部链接]
<D:\QQ2009\getAllurl.htm, N/A>
[&使用超级旋风下载]
<D:\旋风\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
<D:\旋风\getAllurl.htm, N/A>
[&使用超级旋风下载本页视频]
<D:\旋风\geturlflv.htm, N/A>
[使用光影编辑和美化]
<C:\Program Files\nEO iMAGING\NeoOpenNeo.htm, N/A>
[使用迅雷下载]
<C:\Program Files\Thunder Network\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
<C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
<D:\Tencent\QQ2009\Bin\AddEmotion.htm, N/A>
[添加图片到拍拍乐相册]
<F:\拍拍乐PixPlayer\HTML\PPPastePix.html, N/A>
[添加所有图片到拍拍乐相册]
<F:\拍拍乐PixPlayer\HTML\PPSaveAllPic.html, N/A>
[粘贴拍拍乐贴图地址]
<F:\拍拍乐PixPlayer\HTML\PPStickPix.html, N/A>
==================================
正在运行的进程
[PID: 832 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 904 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 940 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.1.3.2396]
[PID: 984 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)]
[PID: 996 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1176 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1240 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1368 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1468 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1616 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1724 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1836 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1944 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466]
[PID: 2004 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2036 / SYSTEM][C:\Program Files\Tencent\QQSoftMgr\TencentUpdateSvc.exe] [Tencent, 1.0 Beta2 Build 2009.04.20]
[PID: 668 / Administrator][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.1.3.2396]
[D:\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1460 / Administrator][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5, 1, 0, 59]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.1.3.2396]
[PID: 1504 / Administrator][C:\WINDOWS\system32\VTTimer.exe] [S3 Graphics, Inc., 2.00.08-0921]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.1.3.2396]
[PID: 1516 / Administrator][C:\WINDOWS\system32\VTtrayp.exe] [S3 Graphics Co., Ltd., 2.00.61-0205]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.1.3.2396]
[C:\WINDOWS\system32\VTDisply.dll] [S3 Graphics Co., Ltd., 2.01.18-0226]
[C:\WINDOWS\system32\VTGamma2.dll] [S3 Graphics Co., Ltd., 2.00.40-0205]
[C:\WINDOWS\system32\VTInfo2.dll] [S3 Graphics Co., Ltd., 2.00.50-0205]
[C:\WINDOWS\system32\VTOvrlay.dll] [S3 Graphics Co., Ltd., 2.00.45-0305]
[PID: 1544 / Administrator][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.1.137]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.1.3.2396]
[PID: 1636 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.1.3.2396]
[PID: 416 / Administrator][C:\Program Files\Tencent\TT\bin\TTraveler.exe] [Tencent, 4, 27, 0, 9]
[C:\Program Files\Tencent\TT\bin\TTUtilWidget.dll] [Tencent, 4, 27, 0, 9]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010]
[C:\Program Files\Tencent\TT\bin\PlatformWidget.dll] [Tencent, 4, 27, 0, 9]
[C:\Program Files\Tencent\TT\bin\TTMainFrame.dll] [Tencent, 4, 27, 0, 9]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.1.3.2396]
[C:\Program Files\Tencent\TT\bin\TTStore.dll] [Tencent, 4, 27, 0, 9]
[C:\Program Files\Tencent\TT\bin\sqlite3.dll] [N/A, ]
[C:\Program Files\Tencent\TT\bin\TTMBrowser.dll] [Tencent, 4, 27, 0, 9]
[C:\Program Files\Tencent\TT\bin\TTabMgr.dll] [Tencent, 4, 27, 0, 9]
[C:\Program Files\Tencent\TT\bin\TTSkin.dll] [Tencent, 4, 27, 0, 9]
[C:\Program Files\Tencent\TT\bin\TTPluginMng.dll] [Tencent, 4, 27, 0, 9]
[C:\Program Files\Tencent\TT\Plugins\3TTWeather\TTWeather.dll] [Tencent, 1.0.0.1]
[C:\Program Files\Tencent\TT\Plugins\WebInfo\WebToolbar.dll] [Tencent, 1.0.0.1]
[C:\Program Files\Tencent\TT\bin\TTHtmlApp.dll] [Tencent, 4, 27, 0, 9]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Tencent\TT\bin\TTFilter.dll] [Tencent, 4, 27, 0, 9]
[C:\Program Files\Tencent\TT\bin\TTNetwork.dll] [Tencent, 4, 27, 0, 9]
[C:\Program Files\Tencent\TT\bin\TSupport.dll] [TENCENT Inc., 1, 2, 11, 201]
[C:\Program Files\Tencent\TT\bin\FavoriteLogical.dll] [Tencent, 4, 27, 0, 9]
[D:\Tencent\QQ2009\Bin\TXPFProxy.dll] [N/A, ]
[PID: 1364 / Administrator][D:\Tencent\QQ2009\Bin\QQ.exe] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\Common.dll] [Tencent, 1, 26, 760, 0]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762]
[D:\Tencent\QQ2009\Bin\KernelUtil.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\GF.dll] [Tencent, 1, 26, 760, 0]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010]
[D:\Tencent\QQ2009\Bin\AppUtil.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\MainFrame.dll] [Tencent, 1, 26, 760, 0]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.1.3.2396]
[D:\Tencent\QQ2009\Bin\TaskTray.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\TXPFProxy.dll] [N/A, ]
[D:\Tencent\QQ2009\Bin\AppMisc.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\ChatFrame.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\ConfigCenter.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\CustomFace.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\IM.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\KernelMisc.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\LongCnn.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\ContactInfoFrame.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\MsgMgr.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\SkinMgr.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\QInterLive.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\AppCtrl.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\SystemMsg.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\Com.Tencent.Soso\Bin\Soso.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\Com.Tencent.Weather\Bin\Weather.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\Com.Tencent.SoBar\Bin\SoBar.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\Com.Tencent.taotao\Bin\Taotao.dll] [Tencent, 1, 26, 760, 0]
[C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll] [Tencent, 1.1.1.6]
[C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL] [Tencent, 1.1.1.3]
[D:\Tencent\QQ2009\Bin\BasicCtrlDll.dll] [TENCENT, 8,0,773,1801]
[D:\Tencent\QQ2009\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll] [Tencent, 1.26.1.26]
[C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[D:\Tencent\QQ2009\Plugin\com.tencent.advertisement\Bin\Advertisement.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.snsapp\Bin\SNSApp.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.NetBar\Bin\NetBar.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.wireless\Bin\Wireless.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.wenwen\Bin\WenWen.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.mail\Bin\Mail.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.crm\Bin\CRM.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.paycenter\Bin\PayCenter.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.qqring\Bin\QQRing.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\InformationBox.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.qqshow\Bin\QQShow.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\GroupApp.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.qqvip\Bin\QQVip.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.qbar\Bin\QBar.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.qqpet\Bin\QQPet.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.memo\Bin\Memo.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.today\Bin\Today.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.qqgame\Bin\QQGame.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Plugin\com.tencent.qqwebsite\Bin\QQWebsite.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\Camera.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\SCCore.dll] [Tencent, 1, 7, 1, 6]
[D:\Tencent\QQ2009\Plugin\com.tencent.gamelife\Bin\GameLife.dll] [Tencent, 1, 26, 760, 0]
[D:\Tencent\QQ2009\Bin\AddrSearch.dll] [Tencent, 2, 3, 10, 12]
[D:\Tencent\QQ2009\Bin\appcom.dll] [Tencent, 1, 26, 760, 0]
[PID: 596 / Administrator][D:\Tencent\QQ2009\Bin\TXPlatform.exe] [Tencent, 1, 26, 760, 0]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010]
[D:\Tencent\QQ2009\Bin\TXPFProxy.dll] [N/A, ]
[PID: 1584 / Administrator][D:\QQ2009\QQDownload.exe] [Tencent Technology (Shenzhen) Company Limited, 2, 0, 538, 538]
[D:\QQ2009\MFC80.DLL] [Microsoft Corporation, 8.00.50727.42]
[D:\QQ2009\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.42]
[D:\QQ2009\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.42]
[C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.762]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.1.3.2396]
[D:\QQ2009\xmain.dll] [Tencent Technology (Shenzhen) Company Limited, 1.9.274.274]
[D:\QQ2009\QQDownloadSkin.dll] [TODO: <Company name>, 1.0.0.1]
[D:\QQ2009\ATL80.DLL] [Microsoft Corporation, 8.00.50727.42]
[D:\QQ2009\VBScript.dll] [Microsoft Corporation, 5.6.0.7426]
[C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\QQ2009\xdownload.dll] [Tencent Technology (Shenzhen) Company Limited, 1.9.277.277]
[D:\QQ2009\xcore.dll] [Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 90]
[D:\QQ2009\QQIEHelper01.dll] [Tencent Technology (Shenzhen) Company Limited, 2, 0, 528, 204]
[PID: 3684 / Administrator][C:\Program Files\nEO iMAGING\nEOKanKan.exe] [nEO Software, 3.0.3.34]
[C:\Program Files\nEO iMAGING\niUtils3.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.1.3.2396]
[C:\Program Files\nEO iMAGING\niUtils_x4.dll] [nEo, 1.0.0.1]
[C:\Program Files\nEO iMAGING\niUtils_x3.dll] [nEo, 1, 0, 0, 1]
[PID: 3600 / Administrator][C:\Documents and Settings\Administrator\桌面\sreng2[1].71.1261版\sr-engldr.EXE] [Smallfrogs Studio, 2.7.1.1261]
[PID: 3628 / Administrator][C:\Documents and Settings\Administrator\桌面\sreng2[1].71.1261版\SREf0465bfe.EXE] [Smallfrogs Studio, 2.7.1.1261]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1010]
[C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.1.3.2396]
[C:\Documents and Settings\Administrator\桌面\sreng2[1].71.1261版\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT Error. [C:\WINDOWS\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
N/A
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 940, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3684, C:\PROGRAM FILES\NEO IMAGING\NEOKANKAN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 3600, C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\桌面\SRENG2[1].71.1261版\SR-ENGLDR.EXE]
==================================
计划任务
[已启用] SogouImeMgr.job
C:\PROGRA~1\SOGOUI~1\413~1.239\PinyinRepair.exe
[已启用] Google Software Updater.job
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
