1234   3  /  4  页   跳转

6EFCF3FF.exe是什么进程?

收藏
梦幻流星雨
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2007-02-18
  • 来自:
发表于: 2007-02-20 18:12 | 显示全部 短消息 资料
字号: 21楼

[D:\Program Files\Tencent\QQ\ViYaQQ\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\LoginCtrlRes.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQMainFrame.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\CQQApplication.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\CoralHotkey.cqx]  [Coral Team, 1.0]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\AutoReconnect.cqx]  [Coral Team, 1.0.0]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQAllInOne.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\GroupLive.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQPlugin.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQFileTransfer.dll]  [Tencent, 0, 3, 3, 5]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQAvatar.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQCustomFace.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 280]
    [C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQSysMsgMng.dll]  [N/A, N/A]
[PID: 620][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 384][G:\下载\新建文件夹\SREng\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]

==================================
文件关联
.TXT  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE]



我是黑龙江铁通用户,上这个论坛真慢啊,特别是这个时段,好卡啊.发的慢了
gototop
 
梦幻流星雨
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2007-02-18
  • 来自:
发表于: 2007-02-20 18:24 | 显示全部 短消息 资料
字号: 22楼

怎么解决?还要去安全模式弄?
我删 接着
gototop
 
梦幻流星雨
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2007-02-18
  • 来自:
发表于: 2007-02-20 18:52 | 显示全部 短消息 资料
字号: 23楼

我晕 又3啊,普通模式删行么?
我去去安全模式好费劲
机器重开机不好使  只能开两次,我晕了
gototop
 
梦幻流星雨
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2007-02-18
  • 来自:
发表于: 2007-02-20 18:54 | 显示全部 短消息 资料
字号: 24楼

晕了
刚回来发现 收藏夹又自己加载一个连接,以前是自己加载3个 现在只加一个 是不是剩下这个啊?
gototop
 
梦幻流星雨
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2007-02-18
  • 来自:
发表于: 2007-02-20 18:55 | 显示全部 短消息 资料
字号: 25楼

现在怎么上这个论坛这么快了?
以前上需要等30多秒刷新时间
现在一下就哦了??汗
病毒惹的?
gototop
 
梦幻流星雨
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2007-02-18
  • 来自:
发表于: 2007-02-20 19:02 | 显示全部 短消息 资料
字号: 26楼

【回复“梦幻流星雨”的帖子】
没有那个 只有一个小写的...
没那个进程  盘里没那个文件
gototop
 
梦幻流星雨
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2007-02-18
  • 来自:
发表于: 2007-02-20 19:03 | 显示全部 短消息 资料
字号: 27楼

新问题出来了,删的东西里有不该删的....

附件附件:

下载次数:223
文件类型:image/pjpeg
文件大小:
上传时间:2007-2-20 19:03:32
描述:
gototop
 
梦幻流星雨
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2007-02-18
  • 来自:
发表于: 2007-02-20 19:06 | 显示全部 短消息 资料
字号: 28楼

引用:
【咕噜猪zzZ睡觉觉的贴子】C:\WINDOWS\system32\ffudf.exe
C:\WINDOWS\system32\6EFCF3FF.exe
C:\WINDOWS\system32\msiexec.exe
通DEL


………………

msiexec.exe

进程文件 msiexec.exe
进程名称 Windows Installer Component
进程描述 msiexec.exe是Windows Installer的一部分。用于安装Windows Installer安装包(MSI)。这个程序对你系统的正常运行是非常重要的。
gototop
 
梦幻流星雨
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2007-02-18
  • 来自:
发表于: 2007-02-20 19:11 | 显示全部 短消息 资料
字号: 29楼

引用:
【水树雨下的贴子】
引用:
【misaboa的贴子】服务
[Windows Install Helper / 8NASCAR][Stopped/Auto Start]
<C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE C:\WINDOWS\SYSTEM32\WBEM\BVTDE.DLL,Export 1087><N/A>

这个服务停了,什么服务啊这个是

………………

杀!还有这个
[System Administrator / Live][Stopped/Auto Start]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\ykzmo.dll><N/A>

………………


找不到那个文件.

新LOG[CODE]

2007-02-20,18:58:19

System Repair Engineer 2.3.13.690
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600)
- 管理权限用户 - 完整功能

以下内容被选中:
    所有的启动项目(包括注册表、启动文件夹、服务等)
    浏览器加载项
    正在运行的进程(包括进程模块信息)
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Corporation]
    <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Corporation]
    <PHIME2002ASync><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Corporation]
    <PHIME2002A><C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Corporation]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp.]
    <IgfxTray><C:\WINDOWS\System32\igfxtray.exe>  [(Verified)Intel Corporation]
    <TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Corporation]
    <Userinit><C:\WINDOWS\SYSTEM32\Userinit.exe,>  [(Verified)Microsoft Corporation]
    <UIHost><logonui.exe>  [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{4ED6E0B5-F47A-4609-A940-11CF60FDC3C3}><>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCardLogn]
    <WinlogonNotify: ScCardLogn><C:\WINDOWS\ScNotify.dll>  [N/A]

==================================
启动文件夹
N/A

==================================
服务
[Windows Install Helper / 8NASCAR][Stopped/Auto Start]
  <C:\WINDOWS\SYSTEM32\RUNDLLFROMWIN2000.EXE C:\WINDOWS\SYSTEM32\WBEM\JCLLZ.DLL,Export 1087><N/A>
[Vsn amnm Service / amnm][Stopped/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\gsas\nwaw.dll,Service><Microsoft Corporation>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Kingsoft AntiVirus Service / KAVSvc][Stopped/Disabled]
  <><N/A>
[Distributed Console Manager / Live][Running/Auto Start]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->C:\WINDOWS\system32\xhgxr.dll><Microsoft Corporation>
[Windows Installer / MSIServer][Stopped/Manual Start]
  <C:\WINDOWS\system32\msiexec.exe /V><N/A>
[Std uded Service / uded][Stopped/Auto Start]
  <C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\mvsv\wiji.dll,Service -s><Microsoft Corporation>

==================================
驱动程序
[000027ba / 000027ba][Running/]
  <2 - 系统找不到指定的文件。
><N/A>
[akgtyn6 / akgtyn61][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\akgtyn61.sys><N/A>
[Albus / Albus][Running/]
  <2 - 系统找不到指定的文件。
><N/A>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[apuetj7 / apuetj78][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\apuetj78.sys><N/A>
[ast / ast][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\ast.sys><N/A>
[Broadcom 440x 10/100 Integrated Controller XP Driver / bcm4sbxp][Running/Manual Start]
  <System32\DRIVERS\bcm4sbxp.sys><Broadcom Corporation>
[cdawdm / cdawdm][Stopped/Disabled]
  <System32\DRIVERS\CDAWDM.sys><N/A>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\drivers\EagleNT.sys><N/A>
[Symantec Eraser Control driver / eeCtrl][Running/System Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation>
[ffpbek / ffpbek][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\ffpbek.sys><Microsoft Corporation>
[hidproc / hidproc][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\hidproc.sys><Microsoft Corporation>
[ialm / ialm][Running/Manual Start]
  <System32\DRIVERS\ialmnt5.sys><Intel Corporation>
[jvvz_j / jvvz_j][Running/Boot Start]
  <\SystemRoot\system32\drivers\jvvz_j.sys><N/A>
[kmsinput / kmsinput][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\kmsinput.sys><N/A>
[KWatch2 / KWatch2][Stopped/Manual Start]
  <\??\C:\WINDOWS\System32\drivers\KWatch2.sys><Kingsoft Antivirus>
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
  <System32\DRIVERS\npf.sys><CACE Technologies>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\D:\Program Files\Tencent\QQ\ViYaQQ\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\D:\Program Files\Tencent\QQ\ViYaQQ\QQ\npkycryp.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <System32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
  <\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[QuakeDRV / QuakeDRV][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\quakedrv.sys><N/A>
[Secdrv / Secdrv][Stopped/Manual Start]
  <System32\DRIVERS\secdrv.sys><N/A>
[wlox / wloxn][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\wloxn.sys><N/A>
[xinstall / xinstall][Running/Auto Start]
  <\??\C:\WINDOWS\system32\drivers\xinstall.sys><N/A>
[Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Running/Manual Start]
  <system32\drivers\ialmsbw.sys><Intel Corporation>
[Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Running/Manual Start]
  <system32\drivers\ialmkchw.sys><Intel Corporation>
[75875 / 75875][Running/]
  <2 - 系统找不到指定的文件。
><N/A>

==================================
浏览器加载项
[浩方对战平台]
  {0A155D3C-68E2-4215-A47A-E800A446447A} <G:\Program Files\浩方对站平台\浩方对战平台\GameClient.exe, 上海浩方在线信息技术有限公司>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\legitcheckcontrol.dll, Microsoft Corporation>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\Mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[搜索栏]
  {33E640D8-EB95-4B22-B475-1852B7D35993} <C:\Program Files\搜索栏\eqiso.dll, N/A>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[Shell Name Space]
  {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\System32\shdocvw.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\System32\shdocvw.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\Mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A>
[sofa]
  {B7D3E479-CC68-42B5-A338-C6B1F168274C} <C:\Program Files\SoftToolbar\soft.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[]
gototop
 
梦幻流星雨
头像
初生襁褓狮
  • 帖子:82
  • 注册: 2007-02-18
  • 来自:
发表于: 2007-02-20 19:12 | 显示全部 短消息 资料
字号: 30楼

{C0B2F11D-F077-4CE8-8B0D-4E03F37A8DBF} <C:\WINDOWS\system32\4ce8cfsb.dll, N/A>
[AUDIO__MP3 Moniker Class]
  {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_ASF Moniker Class]
  {CD3AFA8F-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[VIDEO__X_MS_WMV Moniker Class]
  {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[RealPlayer G2 Control]
  {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[TencentVmpCtl Class]
  {D9819BD5-422B-4281-8523-726466ED692B} <C:\Program Files\Tencent\Viewpoint Media Player\AxMetaStream.dll, N/A>
[CPasswordEditCtrl Object]
  {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
[TBSB03263 Class]
  {EEC7E620-B32A-4E3B-B200-291660803474} <C:\PROGRA~1\搜索栏\eqiso.dll, N/A>

==================================
正在运行的进程
[PID: 412][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 660][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 684][\??\C:\WINDOWS\System32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\ScNotify.dll]  [N/A, N/A]
[PID: 728][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 740][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 904][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 972][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1092][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1152][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1284][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1456][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1720][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\igfxpph.dll]  [Intel Corporation, 3,0,0,2104]
    [C:\WINDOWS\System32\hccutils.DLL]  [Intel Corporation, 3,0,0,2104]
    [C:\WINDOWS\system32\igfxres.dll]  [Intel Corporation, 3,0,0,2104]
    [C:\WINDOWS\System32\igfxsrvc.dll]  [Intel Corporation, 3,0,0,2104]
    [C:\WINDOWS\System32\igfxdev.dll]  [Intel Corporation, 3,0,0,2104]
    [D:\Program Files\WinRAR\rarext.dll]  [N/A, N/A]
[PID: 620][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 480][C:\Program Files\Common Files\Real\Update_OB\realsched.exe]  [RealNetworks, Inc., 0.1.0.3510]
[PID: 512][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 552][D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQ.exe]  [TENCENT, 0, 0, 0, 0]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\CoralAssist.DLL]  [Coral Team, 5.0.0 build 20060829]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\CoralQQ.DLL]  [Coral Team, 5.0 Build 20070111]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\kql.dll]  [Coral Team, 5.0.0 build 20070111]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\ipsearcher.dll]  [N/A, 1.0.0.4]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQBaseClassInDll.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQHelperDll.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\BasicCtrlDll.dll]  [Tencent, 7, 0, 101, 80]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\NoDisturbFilter.cqx]  [Coral Team, 1.0]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\ConfigHotkey.cqx]  [Coral Team, 1.0]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQAPI.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\LoginCtrl.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\npkcntc.dll]  [INCA Internet Co., Ltd., 2006, 6, 27, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\npkpdb.dll]  [INCA Internet Co., Ltd., 2003, 10, 1, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\LoginCtrlRes.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQRes.dll]  [tencent, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQMainFrame.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\CQQApplication.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\NewSkin.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\HostingMgr.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\CameraDll.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\MailSummary.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\CoralHotkey.cqx]  [Coral Team, 1.0]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\AutoReconnect.cqx]  [Coral Team, 1.0.0]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQAllInOne.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\GroupLive.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\SCCore.dll]  [TENCENT, 2, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQSpace.dll]  [, 1, 0, 0, 1]
    [C:\WINDOWS\system32\msdmo.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQGroupMng.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\UserDefinedHead.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQPlugin.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQConfigPlugin.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\LongConnection.dll]  [tencent, 5, 0, 200, 160]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQCustomFace.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQAvatar.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\FlashAvatarDll.dll]  [, 1, 4, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQSysMsgMng.dll]  [N/A, N/A]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\PersonalDesktop.dll]  [深圳市腾讯计算机系统公司QQ工作小组, 1, 0, 0, 2]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\CommercesMng.dll]  [, 1, 0, 0, 1]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQAddr.dll]  [深圳市腾讯计算机系统有限公司, 5, 0, 101, 280]
    [D:\Program Files\Tencent\QQ\ViYaQQ\QQ\QQPhoneHelper.dll]  [腾讯科技(深圳)有限公司, 2, 1, 5, 50]
[PID: 2836][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx]  [Macromedia, Inc., 8,0,24,0]
[PID: 1976][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2484][G:\下载\新建文件夹\SREng\SREng.EXE]  [Smallfrogs Studio, 2.3.13.690]

==================================
文件关联
.TXT  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost

==================================
API HOOK
N/A

==================================


[/CODE]
gototop
 
<<上一主题|下一主题>>
1234   3  /  4  页   跳转
页面顶部
Powered by Discuz!NT