[CODE] 2009-11-28,12:44:00 System Repair Engineer 2.8.1.1279 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描计划任务 Windows 安全更新检查 API HOOK 隐藏进程启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Component Publisher] <"C:\Program Files\Kingsoft\Kingsoft Internet Security\kpfw32.exe" -startup> [(Verified)"Zhuhai Kingsoft Software Co.,Ltd"] [鱼鱼软件] <"d:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"> [File is missing] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <"C:\WINDOWS\system32\smss.exe:1397930341.vbs"> [] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [] [NVIDIA Corporation] [(Verified)Microsoft Windows Hardware Compatibility Publisher] <"C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"> [Intel(R) Corporation] <"C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray> [Intel(R) Corporation] <%ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <"C:\Program Files\Kingsoft\Kingsoft Internet Security\KAVStart.exe" -startup> [(Verified)"Zhuhai Kingsoft Software Co.,Ltd"] [ZJU S-Zone] [(Verified)Microsoft Corporation] <"d:\Program Files\KMPlayer\KMPCtrl.exe"> [KMPChina] <"D:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.] [(Verified)Microsoft Windows Hardware Compatibility Publisher] <360Safetray><"d:\Program Files\360\360safe\safemon\360tray.exe" /start> [(Verified)Qizhi Software (beijing) Co. Ltd] <"C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatchTray11.exe"> [(Verified)Sonic Solutions] <"D:\Program Files\Roxio Creator 2009 Ultimate\5.0\CPMonitor.exe"> [(Verified)Sonic Solutions] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [Google] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}> [(Verified)Microsoft Windows Component Publisher] <{B5A7F190-DDA6-4420-B3BA-52453494E6CD}> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy] <%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] <"C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <浏览器自定义组件> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Control Panel\Desktop] [(Verified)Microsoft Windows Component Publisher] ================================== 启动文件夹 N/A ================================== 服务 [Roxio SAIB Service / 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269][Running/Auto Start] <> [Apple Mobile Device / Apple Mobile Device][Stopped/Auto Start] <"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"> [Bonjour 服务 / Bonjour Service][Running/Auto Start] <"C:\Program Files\Bonjour\mDNSResponder.exe"> [Cmb WebProtect Support / CMBWPS][Running/Auto Start] [Intel? PROSet/Wireless Event Log / EvtEng][Running/Auto Start] [Google 桌面管理器 5.9.909.8267 / GoogleDesktopManager-090809-085438][Stopped/Manual Start] <"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"> [iPod 服务 / iPod Service][Stopped/Manual Start] <"C:\Program Files\iPod\bin\iPodService.exe"> [Altera JTAG Server / JTAGServer][Running/Auto Start] [Kingsoft Basic Service / kaccore][Stopped/Manual Start] <"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"> [Kingsoft Antivirus WebShield Service / Kingsoft Antivirus WebShield Service][Running/Auto Start] [Kingsoft Internet Security Common Service / KISSvc][Running/Auto Start] [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start] <"C:\Program Files\Kingsoft\Kingsoft Internet Security\KPfwSvc.EXE"> [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start] <"C:\Program Files\Kingsoft\Kingsoft Internet Security\KWatch.EXE"> [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] [Intel? PROSet/Wireless Registry Service / RegSrvc][Running/Auto Start] [Roxio UPnP Renderer 11 / Roxio UPnP Renderer 11][Stopped/Manual Start] <"D:\Program Files\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUPnPRenderer11.exe"> [Roxio Upnp Server 11 / Roxio Upnp Server 11][Stopped/Auto Start] <"D:\Program Files\Roxio Creator 2009 Ultimate\Digital Home 11\RoxioUpnpService11.exe"> [LiveShare P2P Server 11 / RoxLiveShare11][Stopped/Auto Start] <"C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe"> [RoxMediaDB11 / RoxMediaDB11][Stopped/Manual Start] <"C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe"> [Roxio Hard Drive Watcher 11 / RoxWatch11][Stopped/Auto Start] <"C:\Program Files\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe"> [Intel?PROSet/Wireless WiFi Service / S24EventMonitor][Running/Auto Start] [SigmaTel Audio Service / STacSV][Running/Auto Start] [Tencent Software Update Service / TSUSVC][Stopped/Manual Start] <"C:\Program Files\Tencent\QQSoftMgr\TencentUpdateSvc.exe" -run> [Visual Studio Analyzer RPC bridge / Visual Studio Analyzer RPC bridge][Stopped/Manual Start] [Intel(R) PROSet/Wireless SSO Service / WLANKEEPER][Running/Auto Start] [主动防御 / ZhuDongFangYu][Running/Auto Start] <"D:\Program Files\360\360safe\deepscan\zhudongfangyu.exe"><360安全中心> ================================== 驱动程序 [360SelfProtection / 360SelfProtection][Running/System Start] <360安全中心> [Alps Touch Pad Filter Driver for Windows 2000/XP/Vista / ApfiltrService][Running/Manual Start] [Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start] [BFSDRV / BFSDRV][Running/System Start] <\??\C:\WINDOWS\system32\drivers\bfsdrv.sys><360安全中心> [BREGDRV / BREGDRV][Running/System Start] <\??\C:\WINDOWS\system32\drivers\bregdrv.sys><360安全中心> [EagleNT / EagleNT][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys> [EfiSystemMon / EfiMon][Running/System Start] <奇虎网> [GEAR ASPI Filter Driver / GEARAspiWDM][Running/Manual Start] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [HookPort / HookPort][Running/Boot Start] <\SystemRoot\System32\Drivers\Hookport.sys><360安全中心> [HSFHWAZL / HSFHWAZL][Running/Manual Start] [HSF_DPV / HSF_DPV][Running/Manual Start] [KAVBase / KAVBase][Running/Auto Start] <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys> [KAVBootC / KAVBootC][Running/Boot Start] <\SystemRoot\system32\Drivers\KAVBootC.sys> [KAVSafe / KAVSafe][Running/Auto Start] <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys> [KNetWch / KNetWch][Running/System Start] <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security\KNetWch.SYS> [KWatch3 / KWatch3][Running/Auto Start] <\??\C:\WINDOWS\system32\Drivers\KWatch3.sys> [mdmxsdk / mdmxsdk][Running/Auto Start] [Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows XP 32 Bit / NETw5x32][Running/Manual Start] [nv / nv][Running/Manual Start] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys> [Quantum DeepScanner Servers / qutmdserv][Running/Manual Start] <\??\C:\WINDOWS\system32\drivers\qutmdrv.sys><360安全中心> [rimmptsk / rimmptsk][Running/Auto Start] [rimsptsk / rimsptsk][Running/Auto Start] [Ricoh xD-Picture Card Driver / rismxdp][Running/Auto Start] [Feitian ROCKEY4 Device Service / ROCKEYNT][Running/Manual Start] [RxFilter / RxFilter][Stopped/Disabled] [WLAN 传输 / s24trans][Running/Auto Start] [HDD Filter Driver / SahdIa32][Running/Boot Start] <\SystemRoot\System32\Drivers\SahdIa32.sys> [Volume Filter Driver / SaibIa32][Running/Boot Start] <\SystemRoot\System32\Drivers\SaibIa32.sys> [Virtual Disk Driver / SaibVd32][Running/System Start] [Secdrv / Secdrv][Stopped/Manual Start] [sptd / sptd][Running/Boot Start] <\SystemRoot\System32\Drivers\sptd.sys> [SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Conexant Setup API / UIUSys][Stopped/Manual Start] [winachsf / winachsf][Running/Manual Start] ================================== 浏览器加载项 [Adobe PDF Link Helper] {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [WebProtect] {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} [Groove GFS Browser Helper] {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [Windows Live 登录帮助程序] {9030D464-4C02-4ABF-8ECC-5164760863C6} [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [kingsoft browser shield] {D963BE1A-6B35-47DB-B002-49FAE71D85CC} [Java Plug-in 1.5.0_05] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [启动迅雷5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} [BlogThisToolbarButton Class] {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} [Send to OneNote from Internet Explorer button] {2670000A-7350-4f3c-8081-5663EE0C6C49} [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} [Office Genuine Advantage Validation Tool] {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} [] {31435657-9980-0010-8000-00AA00389B71} <, > [Java Plug-in 1.5.0_05] {8AD9C840-044E-11D1-B3E9-00805F499D93} [CCTVUpdateInstall] {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} [Java Plug-in 1.5.0_05] {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} [] {01443AEC-0FD1-40FD-9C87-E93D1494C233} <, > [Web Browser Applet Control] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, > [Adobe PDF Link Helper] {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [InformationCardSigninHelper Class] {19916E01-B44E-4E31-94A4-4696DF46157B} [] {219C3416-8CB2-491A-A3C7-D9FCDDC9D600} <, > [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} [] {2670000A-7350-4F3C-8081-5663EE0C6C49} <, > [XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} [Microsoft Office Control] {4453D895-F2A1-4A38-A285-1EF9BD3F6D5D} [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [WebProtect] {53763D1D-9CA8-4C7C-9756-A8E6B8FC063B} [isInstalled Class] {5852F5ED-8BF4-11D4-A245-0080C6F74284} [WangWangX Class] {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [Active Desktop Mover] {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A> [Groove GFS Browser Helper] {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [XDownloaddManager Class] {802F530B-A8F6-4631-AE49-6BACAAC6373E} [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [Microsoft Web Browser] {8856F961-340A-11D0-A96B-00C04FD705A2} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [XML DOM Document 6.0] {88D96A05-F192-11D4-A65F-0040963251E5} [Windows Live 登录帮助程序] {9030D464-4C02-4ABF-8ECC-5164760863C6} [] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, > [CCTVUpdateInstall] {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A> [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [Windows Live 上载工具] {C2828995-4A83-4100-A212-3024BA117356} [Microsoft Office 12 Authorization Control] {C9712B19-838B-45A5-ABF2-9A315DDDED50} [Windows Live 登录控制] {D2517915-48CE-4286-970F-921E881B8C5C} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [iTunesDetector Class] {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [kingsoft browser shield] {D963BE1A-6B35-47DB-B002-49FAE71D85CC} [] {E2E2DD38-D088-4134-82B7-F2BA38496583} <, > [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} [] {FB5F1910-F110-11D2-BB9E-00C04F795683} <, > [信息检索(&R)] {FF059E31-CC5A-4E2E-BF3B-96E929D65503} [使用迅雷下载] [使用迅雷下载全部链接] [导出到 Microsoft Excel(&X)] [添加到QQ表情] ================================== 正在运行的进程 [PID: 984 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1048 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1080 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [PID: 1128 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] [PID: 1140 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [PID: 1324 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1396 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 1544 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 1660 / SYSTEM][C:\Program Files\Intel\WiFi\bin\S24EvMon.exe] [Intel(R) Corporation, 12, 1, 1, 9] [C:\Program Files\Intel\WiFi\bin\IntStngs.dll] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Intel\WiFi\bin\IWMSPROV.DLL] [N/A, ] [C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll] [Intel(R) Corporation, 12, 1, 1, 2] [C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8] [C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\SupplicantPlugin.dll] [Intel(R) Corporation, 12, 1, 1, 12] [C:\Program Files\Intel\WiFi\bin\KmmdlPlugins\WSCPlugin.dll] [Intel(R) Corporation, 12, 1, 1, 5] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\Program Files\Intel\WiFi\bin\supplicant.dll] [Devicescape Software, Inc., 1, 0, 72, 0] [PID: 1712 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 1824 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 232 / SYSTEM][D:\Program Files\360\360safe\deepscan\zhudongfangyu.exe] [360安全中心, 1, 0, 0, 1010] [D:\Program Files\360\360safe\deepscan\CloudCom2.dll] [360安全中心, 3, 0, 0, 1009] [D:\Program Files\360\360safe\SoftMgr\360SoftMgrS.dll] [奇虎网, 2, 1, 5, 1010] [D:\Program Files\360\360safe\deepscan\heavygate.dll] [360安全中心, 3, 6, 11, 0] [D:\Program Files\360\360safe\deepscan\qutmload.dll] [360.CN, 1, 0, 0, 1002] [PID: 532 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 1668 / SYSTEM][C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe] [, 1.00.15a] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [PID: 1792 / SYSTEM][C:\Program Files\Bonjour\mDNSResponder.exe] [Apple Inc., 1,0,6,2] [PID: 1916 / SYSTEM][C:\Program Files\CMBCHINA\WebProtect\WPService.exe] [China Merchants Bank, 1, 0, 0, 1] [C:\Program Files\CMBCHINA\WebProtect\WebProtectPlus.dll] [China Merchants Bank, 1, 0, 0, 1] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 2036 / SYSTEM][C:\Program Files\Intel\WiFi\bin\EvtEng.exe] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll] [Intel(R) Corporation, 12, 1, 1, 2] [C:\Program Files\Intel\WiFi\bin\MurocApi.dll] [Intel(R) Corporation, 12, 1, 1, 5] [C:\Program Files\Intel\WiFi\bin\IntStngs.dll] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8] [C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll] [Intel(R) Corporation, 12, 1, 1, 2] [C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll] [Intel(R) Corporation, 12, 1, 1, 1] [PID: 800 / SYSTEM][D:\Program Files\Quartus4.1\altera\quartus41\bin\JTAGServer.exe] [N/A, ] [D:\Program Files\Quartus4.1\altera\quartus41\bin\ccl_ver.dll] [N/A, ] [D:\Program Files\Quartus4.1\altera\quartus41\bin\std-vc-mt.dll] [N/A, ] [PID: 1060 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.11.5683] [C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.5683] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [PID: 1104 / SYSTEM][C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe] [Intel(R) Corporation, 12, 1, 1, 0] [PID: 1472 / Song Yaozhong][C:\WINDOWS\System32\WScript.exe] [(Verified) Microsoft Corporation, 5.7.0.18066] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [PID: 1528 / Song Yaozhong][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\nvHotkey.dll] [NVIDIA Corporation, 6.14.11.5683] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [PID: 1568 / Song Yaozhong][C:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\NvMcTray.dll] [NVIDIA Corporation, 6.14.11.5683] [C:\WINDOWS\system32\nvapi.dll] [NVIDIA Corporation, 6.14.11.5683] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.11.5683] [PID: 1612 / Song Yaozhong][C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe] [Intel(R) Corporation, 12.1.1.8] [C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8] [C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll] [Intel(R) Corporation, 12, 1, 1, 2] [C:\Program Files\Intel\WiFi\bin\LangResources\CHS\ZcSvcCHS.dll] [Intel(R) Corporation, 12.1.1.8] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\Program Files\Intel\WiFi\bin\MurocApi.dll] [Intel(R) Corporation, 12, 1, 1, 5] [C:\Program Files\Intel\WiFi\bin\IntStngs.dll] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll] [Intel(R) Corporation, 12, 1, 1, 1] [C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll] [Intel(R) Corporation, 12, 1, 1, 2] [C:\Program Files\Intel\WiFi\bin\DbEngine.dll] [Intel(R) Corporation, 12, 1, 1, 0] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [PID: 1628 / Song Yaozhong][C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8] [C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CHS\FrWrkCHS.dll] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\WiWiTray.dll] [Intel(R) Corporation, 12, 1, 1, 1] [C:\Program Files\Common Files\Intel\WirelessCommon\LangResources\CHS\WiTrCHS.dll] [Intel(R) Corporation, 12, 1, 1, 1] [C:\Program Files\Common Files\Intel\WirelessCommon\FrameworkPlugins\ConnMgr.dll] [Intel(R) Corporation, 12.1.1.11] [C:\Program Files\Intel\WiFi\bin\LangResources\CHS\IntWACHS.dll] [Intel(R) Corporation, 12.1.1.11] [C:\Program Files\Common Files\Intel\WirelessCommon\TraceAPI.DLL] [Intel(R) Corporation, 12, 1, 1, 2] [C:\Program Files\Intel\WiFi\bin\MurocApi.dll] [Intel(R) Corporation, 12, 1, 1, 5] [C:\Program Files\Intel\WiFi\bin\IntStngs.dll] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Intel\WiFi\bin\S24MUDLL.dll] [Intel(R) Corporation, 12, 1, 1, 1] [C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll] [Intel(R) Corporation, 12, 1, 1, 2] [C:\Program Files\Intel\WiFi\bin\DbEngine.dll] [Intel(R) Corporation, 12, 1, 1, 0] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [PID: 2068 / Song Yaozhong][C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe] [SigmaTel, Inc., 1.0.5515.0 nd596 cp1] [C:\Program Files\SigmaTel\C-Major Audio\WDM\STLang.dll] [SigmaTel, Inc., 1.0.5469.0 nd575 cp1] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\WINDOWS\system32\stacapi.dll] [SigmaTel, Inc., 1.0.5515.0 nd596 cp1] [PID: 2132 / Song Yaozhong][C:\Program Files\USBCleaner6.0\Usbmon.exe] [ZJU S-Zone, 4.00.0033] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [PID: 2396 / Song Yaozhong][C:\Program Files\DellTPad\Apoint.exe] [Alps Electric Co., Ltd., 7.0.101.204] [C:\Program Files\DellTPad\Apoint.dll] [Alps Electric Co., Ltd., 5.5.104.336] [C:\WINDOWS\system32\Vxdif.dll] [Alps Electric Co., Ltd., 6.0.3.17] [C:\Program Files\DellTPad\EzAuto.dll] [Alps Electric Co., Ltd., 5.5.1.92] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [PID: 2588 / SYSTEM][C:\Program Files\SigmaTel\C-Major Audio\DellXPM_5515v131\WDM\STacSV.exe] [SigmaTel, Inc., 1.0.5515.0 nd596 cp1] [C:\WINDOWS\system32\stacapi.dll] [SigmaTel, Inc., 1.0.5515.0 nd596 cp1] [PID: 2612 / Song Yaozhong][D:\Program Files\Roxio Creator 2009 Ultimate\5.0\CPMonitor.exe] [, 1,0,0,1] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [PID: 2640 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 2720 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [PID: 2716 / Song Yaozhong][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [PID: 2784 / SYSTEM][C:\Program Files\Intel\WiFi\bin\WLKeeper.exe] [Intel(R) Corporation, 12.1.1.0 ] [C:\Program Files\Intel\WiFi\bin\PfMgrApi.dll] [Intel(R) Corporation, 12, 1, 1, 2] [C:\Program Files\Intel\WiFi\bin\MurocApi.dll] [Intel(R) Corporation, 12, 1, 1, 5] [C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8] [C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll] [Intel(R) Corporation, 12, 1, 1, 2] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\Program Files\Intel\WiFi\bin\IntStngs.dll] [Intel(R) Corporation, 12, 1, 1, 0] [PID: 3136 / Song Yaozhong][D:\Program Files\鱼鱼桌面\FishDesk.exe] [鱼鱼软件, 2009.5.0.710] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [C:\WINDOWS\system32\PDM.DLL] [Microsoft Corporation, 6.00.8169] [C:\WINDOWS\system32\MSDBG.DLL] [Microsoft Corporation, 6.00.8146] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.2.3.2810] [C:\Program Files\SogouInput\4.2.3.2810\Resource.dll] [Sogou.com Inc., 4.2.3.2810] [PID: 3212 / Song Yaozhong][C:\Program Files\DellTPad\ApMsgFwd.exe] [Alps Electric Co., Ltd., 7, 0, 0, 18] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [PID: 3460 / Song Yaozhong][C:\Program Files\DellTPad\HidFind.exe] [Alps Electric Co., Ltd., 7.0.0.26] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [PID: 3464 / NETWORK SERVICE][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] [PID: 3632 / Song Yaozhong][C:\Program Files\DellTPad\Apntex.exe] [Alps Electric Co., Ltd., 7.0.1.27] [C:\WINDOWS\system32\VXDIF.DLL] [Alps Electric Co., Ltd., 6.0.3.17] [C:\Program Files\DellTPad\Apoint.DLL] [Alps Electric Co., Ltd., 5.5.104.336] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [PID: 3748 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] [PID: 4028 / Song Yaozhong][C:\WINDOWS\system32\wscntfy.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [PID: 832 / Song Yaozhong][C:\WINDOWS\system32\wbem\unsecapp.exe] [(Verified) Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [PID: 2168 / Song Yaozhong][C:\WINDOWS\system\svchost.exe] [Microsoft Corporation, 5.7.0.18066] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [PID: 2700 / NETWORK SERVICE][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] [C:\Program Files\Intel\WiFi\bin\iWMSProv.dll] [N/A, ] [C:\Program Files\Common Files\Intel\WirelessCommon\PsRegApi.dll] [Intel(R) Corporation, 12, 1, 1, 0] [C:\Program Files\Common Files\Intel\WirelessCommon\TraceApi.dll] [Intel(R) Corporation, 12, 1, 1, 2] [PID: 3204 / Song Yaozhong][C:\WINDOWS\system32\conime.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [PID: 3920 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [PID: 972 / Song Yaozhong][C:\WINDOWS\system32\mdm.exe] [Microsoft Corporation, 6.00.8149] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\WINDOWS\system32\MSDBG.DLL] [Microsoft Corporation, 6.00.8146] [PID: 3908 / Song Yaozhong][C:\WINDOWS\explorer.exe] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\ktaskbar.dll] [Kingsoft Corporation, 2009,08,03,993] [d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 120] [d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20] [d:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [, ] [C:\WINDOWS\system32\netprovcredman.dll] [Intel(R) Corporation, 12, 1, 1, 0] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\zh-CHS\ShFusRes.dll] [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 9.1.0.2009022700] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KAVEXT.DLL] [Kingsoft Corporation, 2008,07,09,459] [D:\Program Files\AliWangWang\AliIMExt.dll] [Alibaba software (Shanghai) Corporation., 1.0.0.1] [C:\Program Files\7-Zip\7-zip.dll] [Igor Pavlov, 4.66 alpha] [D:\Program Files\Roxio Creator 2009 Ultimate\Virtual Drive 11\DC_ShellExt.dll] [Sonic Solutions, 10.0.6.99] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [PID: 3020 / Song Yaozhong][C:\Program Files\SogouExplorer\SogouExplorer.exe] [, ] [C:\Program Files\SogouExplorer\SECommon.dll] [, ] [C:\Program Files\SogouExplorer\UserCenter.dll] [, ] [C:\Program Files\SogouExplorer\Trash.dll] [, ] [C:\Program Files\SogouExplorer\sqlite3.dll] [N/A, ] [C:\Program Files\SogouExplorer\HWSignature.dll] [Sogou.com Inc., 4.0.0.2092] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\KSWBC.dll] [Kingsoft Corporation, 2009,07,01,132] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kwsui.dll] [Kingsoft Corporation, 2009,09,11,141] [C:\Program Files\SogouExplorer\MainUIFrame.dll] [, ] [C:\Program Files\SogouExplorer\Dialog.dll] [, ] [C:\Program Files\SogouExplorer\CheckRange.dll] [Sogou.com Inc., 1.0.0.5] [C:\Program Files\SogouExplorer\sogounet.dll] [Sogou.com Inc., 1.0.2.173] [C:\Program Files\SogouExplorer\video_acc.dll] [Sogou.com Inc, 1, 0, 2, 31] [C:\Program Files\SogouExplorer\pxpnet.dll] [Sohu.com Inc., 1, 0, 0, 27] [C:\Program Files\SogouExplorer\ShareClient.dll] [Sogou.com Inc., 1.0.0.31] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 2276 / Song Yaozhong][C:\Program Files\SogouExplorer\SogouExplorer.exe] [, ] [C:\Program Files\SogouExplorer\SECommon.dll] [, ] [C:\Program Files\SogouExplorer\HWSignature.dll] [Sogou.com Inc., 4.0.0.2092] [C:\Program Files\SogouExplorer\Trash.dll] [, ] [C:\Program Files\SogouExplorer\sqlite3.dll] [N/A, ] [C:\Program Files\SogouExplorer\sogounet.dll] [Sogou.com Inc., 1.0.2.173] [C:\Program Files\SogouExplorer\video_acc.dll] [Sogou.com Inc, 1, 0, 2, 31] [C:\Program Files\SogouExplorer\pxpnet.dll] [Sohu.com Inc., 1, 0, 0, 27] [C:\Program Files\SogouExplorer\ShareClient.dll] [Sogou.com Inc., 1.0.0.31] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\KSWBC.dll] [Kingsoft Corporation, 2009,07,01,132] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kwsui.dll] [Kingsoft Corporation, 2009,09,11,141] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [PID: 3872 / Song Yaozhong][C:\Program Files\SogouExplorer\setask.exe] [, ] [C:\Program Files\SogouExplorer\SECommon.dll] [, ] [C:\Program Files\SogouExplorer\HWSignature.dll] [Sogou.com Inc., 4.0.0.2092] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\KSWBC.dll] [Kingsoft Corporation, 2009,07,01,132] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kwsui.dll] [Kingsoft Corporation, 2009,09,11,141] [C:\Program Files\SogouExplorer\seacc.dll] [, 1, 0, 0, 15] [C:\Program Files\Bonjour\mdnsNSP.dll] [Apple Inc., 1,0,6,2] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.2.3.2810] [C:\Program Files\SogouInput\4.2.3.2810\Resource.dll] [Sogou.com Inc., 4.2.3.2810] [C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx] [Adobe Systems, Inc., 10,0,32,18] [d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 120] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [PID: 3556 / Song Yaozhong][C:\Program Files\SogouExplorer\setask.exe] [, ] [C:\Program Files\SogouExplorer\SECommon.dll] [, ] [C:\Program Files\SogouExplorer\HWSignature.dll] [Sogou.com Inc., 4.0.0.2092] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\KSWBC.dll] [Kingsoft Corporation, 2009,07,01,132] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kwsui.dll] [Kingsoft Corporation, 2009,09,11,141] [C:\Program Files\SogouExplorer\seacc.dll] [, 1, 0, 0, 15] [PID: 2556 / SYSTEM][C:\WINDOWS\system32\wuauclt.exe] [(Verified) Microsoft Corporation, 7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330)] [PID: 856 / Song Yaozhong][C:\Documents and Settings\Song Yaozhong\桌面\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.8.1.1279] [PID: 3692 / Song Yaozhong][C:\Documents and Settings\Song Yaozhong\桌面\sreng2\SRE22962704.EXE] [Smallfrogs Studio, 2.8.1.1279] [D:\Program Files\360\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1022] [C:\Program Files\Kingsoft\Kingsoft Internet Security\KMailOEBand.DLL] [Kingsoft Corporation, 2009,02,13,759] [C:\Program Files\Kingsoft\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_b77cec8e\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_0ccc058c\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Kingsoft\Kingsoft Internet Security\webshield\kswebshield.dll] [Kingsoft Corporation, 2009,10,29,144] [C:\Documents and Settings\Song Yaozhong\桌面\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== 文件关联 .TXT Error. [%SystemRoot%\System32\WScript.exe "C:\WINDOWS\explorer.exe:1397930341.vbs" %1 %* ] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG Error. [%SystemRoot%\System32\WScript.exe "C:\WINDOWS\explorer.exe:1397930341.vbs" %1 %* ] .BAT Error. [%SystemRoot%\System32\WScript.exe "C:\WINDOWS\explorer.exe:1397930341.vbs" %1 %* ] .SCR OK. ["%1" /S] .CHM Error. [%SystemRoot%\System32\WScript.exe "C:\WINDOWS\explorer.exe:1397930341.vbs" %1 %* ] .HLP Error. [%SystemRoot%\System32\WScript.exe "C:\WINDOWS\explorer.exe:1397930341.vbs" %1 %* ] .INI Error. [%SystemRoot%\System32\WScript.exe "C:\WINDOWS\explorer.exe:1397930341.vbs" %1 %* ] .INF Error. [%SystemRoot%\System32\WScript.exe "C:\WINDOWS\explorer.exe:1397930341.vbs" %1 %* ] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 1660, C:\PROGRAM FILES\INTEL\WIFI\BIN\S24EVMON.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2036, C:\PROGRAM FILES\INTEL\WIFI\BIN\EVTENG.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1612, C:\PROGRAM FILES\INTEL\WIFI\BIN\ZCFGSVC.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1628, C:\PROGRAM FILES\COMMON FILES\INTEL\WIRELESSCOMMON\IFRMEWRK.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2132, C:\PROGRAM FILES\USBCLEANER6.0\USBMON.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3136, D:\PROGRAM FILES\鱼鱼桌面\FISHDESK.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 856, C:\DOCUMENTS AND SETTINGS\SONG YAOZHONG\桌面\SRENG2\SRENGLDR.EXE] ================================== 计划任务 [已启用] User_Feed_Synchronization-{2776699F-E183-4FC3-A639-B38B1C469967}.job C:\WINDOWS\system32\msfeedssync.exe ================================== Windows 安全更新检查 N/A ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]