一开浏览器就卡的不能动.
杀毒也杀过没问题,但是慢卡的绝对不正常,就是不知道哪的问题,麻烦帮我看下~[code]2010-01-28,07:27:03
System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)
Windows 7 Ultimate Edition (Build 7600) - 管理权限用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、启动文件夹、服务等)
浏览器加载项
正在运行的进程(包括进程模块信息)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
Windows 安全更新检查
API HOOK
隐藏进程
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<KavPFW><"D:\杀毒\Kingsoft Internet Security\kpfw32.exe" -startup> [(Verified)Zhuhai Kingsoft Software Co.,Ltd]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<KavStart><"D:\杀毒\Kingsoft Internet Security\KAVStart.exe" -startup> [(Verified)Zhuhai Kingsoft Software Co.,Ltd]
<360Safetray><"D:\360\360safe\safemon\360tray.exe" /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows]
<Userinit><C:\Windows\system32\userinit.exe,> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><C:\Windows\System32\ie4uinit.exe -UserIconConfig> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
<"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Windows><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Web Platform Customizations><C:\Windows\System32\ie4uinit.exe -BaseSettings> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install> [(Verified)Microsoft Corporation]
==================================
启动文件夹
N/A
==================================
服务
[Ati External Event Utility / Ati External Event Utility][Stopped/Manual Start]
<C:\Windows\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Kingsoft Basic Service / kaccore][Stopped/Manual Start]
<"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"><Kingsoft Corporation>
[Kingsoft Antivirus WebShield Service / Kingsoft Antivirus WebShield Service][Running/Auto Start]
<C:\Program Files\Kingsoft\KSWebShieldSVC\KSWebShield.exe><Kingsoft Corporation>
[Kingsoft Internet Security Common Service / KISSvc][Running/Auto Start]
<D:\杀毒\Kingsoft Internet Security\KISSvc.EXE><Kingsoft Corporation>
[Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
<"D:\杀毒\Kingsoft Internet Security\KPfwSvc.EXE"><Kingsoft Corporation>
[Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
<"D:\杀毒\Kingsoft Internet Security\KWatch.EXE"><Kingsoft Corporation>
[主动防御 / ZhuDongFangYu][Stopped/Manual Start]
<"D:\360\360safe\deepscan\ZhuDongFangYu.exe"><360.cn>
==================================
驱动程序
[360SelfProtection / 360SelfProtection][Running/System Start]
<system32\drivers\360SelfProtection.sys><360安全中心>
[adp94xx / adp94xx][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\adp94xx.sys><Adaptec, Inc.>
[adpahci / adpahci][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\adpahci.sys><Adaptec, Inc.>
[adpu320 / adpu320][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[aic78xx / aic78xx][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\djsvs.sys><Adaptec, Inc.>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
<system32\drivers\RTKVAC.SYS><Realtek Semiconductor Corp.>
[aliide / aliide][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[amdsata / amdsata][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\amdsata.sys><Advanced Micro Devices>
[amdsbs / amdsbs][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\amdsbs.sys><AMD Technologies Inc.>
[amdxata / amdxata][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\amdxata.sys><Advanced Micro Devices>
[arc / arc][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\arc.sys><Adaptec, Inc.>
[arcsas / arcsas][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\arcsas.sys><Adaptec, Inc.>
[atikmdag / atikmdag][Running/Auto Start]
<system32\DRIVERS\atikmdag.sys><ATI Technologies Inc.>
[Broadcom NetXtreme II VBD / b06bdrv][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\bxvbdx.sys>
[Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60x][Stopped/Manual Start]
<system32\DRIVERS\b57nd60x.sys>
[BAPIDRV / BAPIDRV][Running/Manual Start]
<\??\C:\Windows\system32\drivers\BAPIDRV.SYS><360.cn>
[BFSDRV / BFSDRV][Running/System Start]
<\??\C:\Windows\system32\drivers\bfsdrv.sys><360安全中心>
[BREGDRV / BREGDRV][Running/System Start]
<\??\C:\Windows\system32\drivers\bregdrv.sys><360安全中心>
[Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\BrFiltLo.sys>
[Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\BrFiltUp.sys>
[Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\Brserid.sys>
[Brother WDM Serial driver / BrSerWdm][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\BrSerWdm.sys>
[Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\BrUsbMdm.sys>
[Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
<\SystemRoot\System32\Drivers\BrUsbSer.sys>
[cFosSpeed Miniport / cFosSpeed][Running/Manual Start]
<system32\DRIVERS\cfosspeed.sys><cFos Software GmbH>
[cmdide / cmdide][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[Broadcom NetXtreme II 10 GigE VBD / ebdrv][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\evbdx.sys>
[EfiSystemMon / EfiMon][Running/System Start]
<System32\Drivers\Efimon.sys><奇虎网>
[elxstor / elxstor][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\elxstor.sys><Emulex>
[FTCkillfile / FTCkillfile][Stopped/Manual Start]
<System32\Drivers\FTCkillfile.sys><风云谷科技>
[Hauppauge Consumer Infrared Receiver / hcw85cir][Stopped/Manual Start]
<\SystemRoot\system32\drivers\hcw85cir.sys><Hauppauge Computer Works, Inc.>
[HookPort / HookPort][Running/Boot Start]
<\SystemRoot\System32\Drivers\Hookport.sys><360安全中心>
[HpSAMD / HpSAMD][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\HpSAMD.sys><Hewlett-Packard Company>
[iaStorV / iaStorV][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\iaStorV.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\iirsp.sys><Intel Corp./ICP vortex GmbH>
[KAVBase / KAVBase][Stopped/Auto Start]
<\??\C:\Windows\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
[KAVBootC / KAVBootC][Running/Boot Start]
<\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
[KAVSafe / KAVSafe][Running/Auto Start]
<\??\C:\Windows\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
[KNetWch / KNetWch][Running/System Start]
<\??\D:\杀毒\Kingsoft Internet Security\KNetWch.SYS><Kingsoft Corporation>
[Kingsoft Firewall NDIS Filter / KNetWchV][Running/System Start]
<system32\DRIVERS\KNetWchV.SYS><Kingsoft Corporation>
[KWatch3 / KWatch3][Running/Auto Start]
<\??\C:\Windows\system32\Drivers\KWatch3.sys><Kingsoft Corporation>
[LSI_FC / LSI_FC][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\lsi_fc.sys><LSI Corporation>
[LSI_SAS / LSI_SAS][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\lsi_sas.sys><LSI Corporation>
[LSI_SAS2 / LSI_SAS2][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\lsi_sas2.sys><LSI Corporation>
[LSI_SCSI / LSI_SCSI][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\lsi_scsi.sys><LSI Corporation>
[megasas / megasas][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\megasas.sys><LSI Corporation>
[MegaSR / MegaSR][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\MegaSR.sys><LSI Corporation, Inc.>
[nfrd960 / nfrd960][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\nfrd960.sys><IBM Corporation>
[nvraid / nvraid][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation>
[nvstor / nvstor][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\nvstor.sys><NVIDIA Corporation>
[ql2300 / ql2300][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\ql2300.sys><QLogic Corporation>
[ql40xx / ql40xx][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\ql40xx.sys><QLogic Corporation>
[Quantum DeepScanner Servers / qutmdserv][Running/System Start]
<\??\C:\Windows\system32\drivers\qutmdrv.sys><360.cn>
[qutmipc / qutmipc][Running/System Start]
<\??\C:\Windows\system32\drivers\qutmipc.sys><360安全中心>
[Realtek 10/100 NIC Family NDIS x86 Driver / RTL8023xp][Running/Manual Start]
<system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[SiSRaid2 / SiSRaid2][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\SiSRaid2.sys><Silicon Integrated Systems Corp.>
[SiSRaid4 / SiSRaid4][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\sisraid4.sys><Silicon Integrated Systems>
[skbfsdrv / skbfsdrv][Running/System Start]
<\??\C:\Windows\system32\drivers\skbfsdrv.sys><360安全中心>
[stexstor / stexstor][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\stexstor.sys><Promise Technology>
[viaide / viaide][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\viaide.sys><VIA Technologies, Inc.>
[vsmraid / vsmraid][Stopped/Manual Start]
<\SystemRoot\system32\DRIVERS\vsmraid.sys><VIA Technologies Inc.,Ltd>
==================================
浏览器加载项
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\软件\ComDlls\xunleiBHO_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
{BDF31B57-EA39-4417-801A-D39B064E06EA} <, >
[ThunderAtOnce Class]
{01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\软件\ComDlls\TDAtOnce_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
{09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, >
[HTML Document]
{25336920-03F9-11CF-8FD0-00AA00686F13} <C:\Windows\System32\mshtml.dll, (Signed) Microsoft Corporation>
[]
{3AECD3C1-7085-4731-96DC-47B6CF7EF749} <, >
[WebDetectorBHO Class]
{43BEAFD9-E005-483D-A367-146BA6C8A32E} <E:\土豆\飞速Tudou\tudouDetector.dll, (Signed) 土豆网>
[Thunder Agent Class]
{485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\软件\ComDlls\ThunderAgent5.9.15.1274.dll, (Signed) 深圳市迅雷网络技术有限公司>
[VaCom.Application]
{51E88884-1306-4444-B22D-C34119E44232} <E:\土豆\飞速TU~1\TDVaCom.Dll, (Signed) 土豆网>
[Shell Name Space]
{55136805-B2DE-11D1-B9F2-00A0C98BC547} <C:\Windows\System32\ieframe.dll, (Signed) Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[XDownloaddManager Class]
{802F530B-A8F6-4631-AE49-6BACAAC6373E} <D:\软件\ComDlls\xunleiBHO_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[360SafeLive]
{87515F61-A66C-4319-A0E0-D416CB8059E3} <D:\360\360safe\Safelive.dll, (Signed) >
[Thunder Browser Helper]
{889D2FEB-5411-4565-8998-1DD2C5261283} <D:\软件\ComDlls\xunleiBHO_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[XML DOM Document 6.0]
{88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[XML HTTP 6.0]
{88D96A0A-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A>
[]
{9701758C-4373-482E-B13C-776C048EC890} <, >
[VersionDetector Class]
{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.29.(959).dll, (Signed) 深圳市迅雷网络技术有限公司>
[APlayer Control]
{A9322148-C691-4B9D-91FC-B9C461DBE9DD} <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>
[]
{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <, >
[SafeMon Class]
{B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\360\360safe\safemon\safemon.dll, (Signed) 360安全中心>
[]
{BDF31B57-EA39-4417-801A-D39B064E06EA} <, >
[QQPlayerCtrl Class]
{CD108273-D434-43E6-AA90-1469F97EB398} <F:\软件\qq\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[AUDIO__MP3 Moniker Class]
{CD3AFA76-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[AUDIO__X_MS_WMA Moniker Class]
{CD3AFA84-B84F-48F0-9393-7EDC34128127} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <E:\Program Files\iGame\flash.ocx, (Signed) Macromedia, Inc.>
[kingsoft browser shield]
{D963BE1A-6B35-47DB-B002-49FAE71D85CC} <D:\杀毒\Kingsoft Internet Security\KASBrowserShield.DLL, (Signed) Kingsoft Corporation>
[PlayerCtrl Class]
{E05BC2A3-9A46-4A32-80C9-023A473F5B23} <F:\软件\qq\Plugin\Com.Tencent.QQMusic\bin\QQMusic\QzoneMusic.dll, (Signed) Tencent>
[RevealTrans]
{E31E87C4-86EA-4940-9B8A-5BD5D179A737} <C:\Windows\System32\Dxtmsft.dll, (Signed) Microsoft Corporation>
[TimwpDll.TimwpCheck]
{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} <F:\软件\qq\Bin\Timwp.dll, (Signed) Tencent>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[]
{F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A>
[使用迅雷下载]
<D:\软件\Program\GetUrl.htm, N/A>
[使用迅雷下载全部链接]
<D:\软件\Program\GetAllUrl.htm, N/A>
==================================
正在运行的进程
[PID: 232 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 336 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 400 / SYSTEM][C:\Windows\system32\wininit.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 412 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 460 / SYSTEM][C:\Windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 484 / SYSTEM][C:\Windows\system32\services.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 500 / SYSTEM][C:\Windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 508 / SYSTEM][C:\Windows\system32\lsm.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 624 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 688 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 740 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 868 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 900 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1056 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1148 / SYSTEM][C:\Program Files\Kingsoft\KSWebShieldSVC\KSWebShield.exe] [Kingsoft Corporation, 2009,12,14,660]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kwssp.dll] [Kingsoft Corporation, 2010,01,21,868]
[PID: 1188 / SYSTEM][D:\杀毒\Kingsoft Internet Security\KPfwSvc.EXE] [Kingsoft Corporation, 2009,02,13,759]
[D:\杀毒\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[PID: 1236 / SYSTEM][D:\杀毒\Kingsoft Internet Security\KWatch.EXE] [Kingsoft Corporation, 2010,01,13,1152]
[D:\杀毒\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[D:\杀毒\Kingsoft Internet Security\KARetr.DLL] [Kingsoft Corporation, 1, 0, 0, 1]
[D:\杀毒\Kingsoft Internet Security\KAVEvent.DLL] [Kingsoft Corporation, 2008,04,22,364]
[D:\杀毒\Kingsoft Internet Security\KAVIPC2.DLL] [Kingsoft Corporation, 2008,07,15,469]
[D:\杀毒\Kingsoft Internet Security\KAVDevC.dll] [Kingsoft Corporation, 2009,03,18,117]
[D:\杀毒\Kingsoft Internet Security\knameinfo.dll] [Kingsoft Corporation, 2009,01,05,715]
[D:\杀毒\Kingsoft Internet Security\KAEPlat.DLL] [Kingsoft Corporation, 2009,05,26,311]
[D:\杀毒\Kingsoft Internet Security\KAEPlatA.DLL] [Kingsoft Corporation, 2009,04,29,304]
[D:\杀毒\Kingsoft Internet Security\KAESgnLd.DLL] [Kingsoft Corporation, 2009,05,26,311]
[D:\杀毒\Kingsoft Internet Security\KAEArchA.DAT] [Kingsoft Corporation, 2009,12,15,367]
[D:\杀毒\Kingsoft Internet Security\KAEOLEA.DAT] [Kingsoft Corporation, 2009,04,13,292]
[D:\杀毒\Kingsoft Internet Security\KAECoreA.DAT] [Kingsoft Corporation, 2009,04,29,304]
[D:\杀毒\Kingsoft Internet Security\KAEntryA.DAT] [Kingsoft Corporation, 2009,04,13,292]
[D:\杀毒\Kingsoft Internet Security\KAEngine.DAT] [Kingsoft Corporation, 2009,04,29,304]
[D:\杀毒\Kingsoft Internet Security\KAECore.DAT] [Kingsoft Corporation, 2009,05,26,311]
[D:\杀毒\Kingsoft Internet Security\KAEUnpack.DAT] [Kingsoft Corporation, 2008,12,26,293]
[D:\杀毒\Kingsoft Internet Security\KARchive.DAT] [Kingsoft Corporation, 2008,09,08,210]
[D:\杀毒\Kingsoft Internet Security\KUnpaMgr.DAT] [Kingsoft Corporation, 2009,12,15,367]
[D:\杀毒\Kingsoft Internet Security\KAEBoot.DAT] [Kingsoft Corporation, 2008,09,08,210]
[D:\杀毒\Kingsoft Internet Security\KAExt2.DAT] [Kingsoft Corporation, 2009,10,10,355]
[D:\杀毒\Kingsoft Internet Security\KAExtend.DAT] [Kingsoft Corporation, 2009,05,17,310]
[D:\杀毒\Kingsoft Internet Security\KAVQuara.DLL] [Kingsoft Corporation, 2009,08,03,990]
[D:\杀毒\Kingsoft Internet Security\KWatchEx.dll] [Kingsoft Corporation, 2008,06,17,5]
[D:\杀毒\Kingsoft Internet Security\KAVRep.dll] [Kingsoft Corporation, 2008,04,30,183]
[D:\杀毒\Kingsoft Internet Security\KAVRepRecycle.dll] [Kingsoft Corporation, 2008,05,16,193]
[PID: 1332 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1376 / NETWORK SERVICE][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1508 / SYSTEM][D:\杀毒\Kingsoft Internet Security\KISSvc.EXE] [Kingsoft Corporation, 2008,04,22,364]
[D:\杀毒\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[D:\杀毒\Kingsoft Internet Security\kissvc.dll] [Kingsoft Corporation, 2008,04,22,364]
[PID: 1592 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1604 / Administrator][C:\Windows\system32\taskhost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kwsui.dll] [Kingsoft Corporation, 2010,01,22,873]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll] [Kingsoft Corporation, 2010,01,22,873]
[PID: 1660 / SYSTEM][D:\杀毒\Kingsoft Internet Security\KMailMon.EXE] [Kingsoft Corporation, 2009,08,03,993]
[D:\杀毒\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[D:\杀毒\Kingsoft Internet Security\KAntiSpm.DLL] [Kingsoft Corporation, 2008,04,22,364]
[D:\杀毒\Kingsoft Internet Security\KAECall2.DLL] [Kingsoft Corporation, 2004, 12, 28, 7]
[D:\杀毒\Kingsoft Internet Security\KAEPlat.DLL] [Kingsoft Corporation, 2009,05,26,311]
[D:\杀毒\Kingsoft Internet Security\KAEPlatA.DLL] [Kingsoft Corporation, 2009,04,29,304]
[D:\杀毒\Kingsoft Internet Security\KAESgnLd.DLL] [Kingsoft Corporation, 2009,05,26,311]
[D:\杀毒\Kingsoft Internet Security\KAEArchA.DAT] [Kingsoft Corporation, 2009,12,15,367]
[D:\杀毒\Kingsoft Internet Security\KAEOLEA.DAT] [Kingsoft Corporation, 2009,04,13,292]
[D:\杀毒\Kingsoft Internet Security\KAECoreA.DAT] [Kingsoft Corporation, 2009,04,29,304]
[D:\杀毒\Kingsoft Internet Security\KAEntryA.DAT] [Kingsoft Corporation, 2009,04,13,292]
[D:\杀毒\Kingsoft Internet Security\KAEngine.DAT] [Kingsoft Corporation, 2009,04,29,304]
[D:\杀毒\Kingsoft Internet Security\KAECore.DAT] [Kingsoft Corporation, 2009,05,26,311]
[D:\杀毒\Kingsoft Internet Security\KAEUnpack.DAT] [Kingsoft Corporation, 2008,12,26,293]
[D:\杀毒\Kingsoft Internet Security\KARchive.DAT] [Kingsoft Corporation, 2008,09,08,210]
[D:\杀毒\Kingsoft Internet Security\KUnpaMgr.DAT] [Kingsoft Corporation, 2009,12,15,367]
[D:\杀毒\Kingsoft Internet Security\KAEBoot.DAT] [Kingsoft Corporation, 2008,09,08,210]
[D:\杀毒\Kingsoft Internet Security\KAExt2.DAT] [Kingsoft Corporation, 2009,10,10,355]
[D:\杀毒\Kingsoft Internet Security\KAExtend.DAT] [Kingsoft Corporation, 2009,05,17,310]
[D:\杀毒\Kingsoft Internet Security\KAVIPC2.DLL] [Kingsoft Corporation, 2008,07,15,469]
[D:\杀毒\Kingsoft Internet Security\KAVEvent.DLL] [Kingsoft Corporation, 2008,04,22,364]
[PID: 1696 / SYSTEM][C:\Program Files\Kingsoft\KSWebShieldSVC\KSWebShield.exe] [Kingsoft Corporation, 2009,12,14,660]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kwsui.dll] [Kingsoft Corporation, 2010,01,22,873]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll] [Kingsoft Corporation, 2010,01,22,873]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kwsow.dll] [Kingsoft Corporation, 2010,01,26,889]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kwsmot.dll] [Kingsoft Corporation, 2010,01,21,868]
[PID: 1748 / Administrator][C:\Windows\Explorer.EXE] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kwsui.dll] [Kingsoft Corporation, 2010,01,22,873]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll] [Kingsoft Corporation, 2010,01,22,873]
[D:\杀毒\Kingsoft Internet Security\ktaskbar.dll] [Kingsoft Corporation, 2009,08,03,993]
[D:\软件\ComDlls\xunleiBHO_Now.dll] [深圳市迅雷网络技术有限公司, 5,9,15,1274]
[D:\软件\ComDlls\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0]
[D:\软件\ComDlls\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0]
[D:\软件\ComDlls\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0]
[D:\软件\userdata\Components\ResWorker\DsBho_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 26]
[D:\软件\userdata\Components\ResWorker\DataProcessor_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 20]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamchs.dll] [Advanced Micro Devices, Inc., 6.14.10.2001]
[C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll] [Advanced Micro Devices, Inc., 6.14.10.2001]
[C:\Program Files\WinRAR\rarext.dll] [, ]
[C:\ftc2009\FTCCommenu.dll] [Fygsoft and Microsoft, 3.0.0.71]
[PID: 1904 / Administrator][D:\杀毒\Kingsoft Internet Security\kavstart.exe] [Kingsoft Corporation, 2010,01,06,1140]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[D:\杀毒\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kwsui.dll] [Kingsoft Corporation, 2010,01,22,873]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll] [Kingsoft Corporation, 2010,01,22,873]
[D:\杀毒\Kingsoft Internet Security\KAVIPC2.DLL] [Kingsoft Corporation, 2008,07,15,469]
[D:\杀毒\Kingsoft Internet Security\SvcTimer.DLL] [Kingsoft Corporation, 2009,05,26,900]
[D:\杀毒\Kingsoft Internet Security\infocc.dll] [Kingsoft Corporation, 2009,10,14,1055]
[D:\杀毒\Kingsoft Internet Security\sqlite3.dll] [N/A, ]
[D:\杀毒\Kingsoft Internet Security\PopSprt3.DLL] [Kingsoft Corporation, 2010,01,07,1144]
[D:\杀毒\Kingsoft Internet Security\KAVPassp.DLL] [Kingsoft Corporation, 2010,01,07,1146]
[D:\杀毒\Kingsoft Internet Security\KAVEvent.DLL] [Kingsoft Corporation, 2008,04,22,364]
[D:\杀毒\Kingsoft Internet Security\kisfree.dll] [Kingsoft Corporation, 2009,08,03,993]
[D:\杀毒\Kingsoft Internet Security\infocs.dll] [Kingsoft Corporation, 2009,12,29,1131]
[PID: 1932 / Administrator][D:\杀毒\Kingsoft Internet Security\kpfw32.exe] [Kingsoft Corporation, 2009,10,27,1070]
[D:\杀毒\Kingsoft Internet Security\libprotobuf.dll] [N/A, ]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053]
[D:\杀毒\Kingsoft Internet Security\kis.dll] [Kingsoft Corporation, 2009,06,15,929]
[C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kwsui.dll] [Kingsoft Corporation, 2010,01,22,873]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll] [Kingsoft Corporation, 2010,01,22,873]
[D:\杀毒\Kingsoft Internet Security\KAVIPC2.DLL] [Kingsoft Corporation, 2008,07,15,469]
[D:\杀毒\Kingsoft Internet Security\KAVRep.dll] [Kingsoft Corporation, 2008,04,30,183]
[D:\杀毒\Kingsoft Internet Security\safemsn\KISSafeMSN.dll] [Kingsoft Corporation, 2009,07,22,139]
[D:\杀毒\Kingsoft Internet Security\kisfree.dll] [Kingsoft Corporation, 2009,08,03,993]
[D:\杀毒\Kingsoft Internet Security\infocc.dll] [Kingsoft Corporation, 2009,10,14,1055]
[D:\杀毒\Kingsoft Internet Security\sqlite3.dll] [N/A, ]
[PID: 564 / Administrator][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.9.2]
[C:\Program Files\Mozilla Firefox\xul.dll] [Mozilla Foundation, 1.9.2]
[C:\Program Files\Mozilla Firefox\sqlite3.dll] [sqlite.org, 3.6.16.1]
[C:\Program Files\Mozilla Firefox\MOZCRT19.dll] [Mozilla Foundation, 8.00.0000]
[C:\Program Files\Mozilla Firefox\js3250.dll] [N/A, ]
[C:\Program Files\Mozilla Firefox\nspr4.dll] [Mozilla Foundation, 4.8.3]
[C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.12.4.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.12.4.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssutil3.dll] [Mozilla Foundation, 3.12.4.5]
[C:\Program Files\Mozilla Firefox\plc4.dll] [Mozilla Foundation, 4.8.3]
[C:\Program Files\Mozilla Firefox\plds4.dll] [Mozilla Foundation, 4.8.3]
[C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.12.4.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.9.2]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kwsui.dll] [Kingsoft Corporation, 2010,01,22,873]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll] [Kingsoft Corporation, 2010,01,22,873]
[C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll] [Mozilla Foundation, 1.9.2]
[C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll] [Mozilla Foundation, 1.9.2]
[C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.12.4.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssdbm3.dll] [Mozilla Foundation, 3.12.4.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.12.4.5 Basic ECC]
[C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.77]
[C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\vi13u4fn.default\extensions\fontsetter@mozillaonline.com\components\ClearTypeTuner.dll] [N/A, ]
[C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\vi13u4fn.default\extensions\livemargins@mozillaonline.com\components\windowTrayIcon.dll] [N/A, ]
[C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\vi13u4fn.default\extensions\livemargins@mozillaonline.com\components\mediacenter-com.dll] [N/A, ]
[C:\Windows\system32\Macromed\Flash\NPSWF32.dll] [, ]
[C:\Windows\system32\icm32.dll] [Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
[PID: 1924 / Administrator][D:\软件\SREngLdr.EXE] [Smallfrogs Studio, 2.8.2.1321]
[PID: 1788 / Administrator][D:\软件\SREd4952736.EXE] [Smallfrogs Studio, 2.8.2.1321]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kwsui.dll] [Kingsoft Corporation, 2010,01,22,873]
[C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll] [Kingsoft Corporation, 2010,01,22,873]
[D:\软件\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT Error. [C:\Windows\notepad.exe %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["%SystemRoot%\hh.exe" %1]
.HLP OK. [%SystemRoot%\winhlp32.exe %1]
.INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
N/A
==================================
计划任务
[已禁用] \\AutoSmartDefrag
D:\软件\IObit SmartDefrag\IObit SmartDefrag.exe /StartUp
[已禁用] \\{3A0A3793-3BE1-4D69-9891-4BD4E1EBA033}
C:\Windows\Resources\Themes\Rainmeter.exe /StartUp
[已禁用] \\{419B008C-AC79-496E-8D11-05D0E84A8EA1}
C:\Windows\system32\pcalua.exe -a "D:\杀毒\Kingsoft Internet Security\kiscrw.exe"
[已禁用] \\{648BAFED-744A-4321-A50D-A4E78B838B6E}
C:\Windows\system32\pcalua.exe -a D:\360\360se3\UnInst360SE.exe -d D:\360\360se3
[已禁用] \\{BE6E6B23-738E-4195-8910-A2000D2721A9}
C:\Windows\system32\pcalua.exe -a "E:\Program Files\setup-plaza-cnc(1).exe" -d "E:\Program Files"
[已禁用] \\{D23F32DF-0062-48CA-BFBA-E46AB3F403A3}
C:\Windows\system32\pcalua.exe -a "C:\Program Files\Kingsoft\KAC\Service\kuninstall.exe"
[已禁用] \\内存整理大师
D:\软件\Windows7Master\MemoryMaster.exe auto
[已禁用] \\魔方,新一代优化大师
D:\软件\TweakCube_1.05\TweakCube.exe /tray
[已禁用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
N/A
[已启用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
N/A
[已禁用] \Microsoft\Windows\AppID\PolicyConverter
%windir%\system32\appidpolicyconverter.exe
[已禁用] \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
%windir%\system32\appidcertstorecheck.exe
[已启用] \Microsoft\Windows\Application Experience\AitAgent
aitagent
[已启用] \Microsoft\Windows\Application Experience\ProgramDataUpdater
%windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
[已启用] \Microsoft\Windows\Autochk\Proxy
%windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
[已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask
BthUdTask.exe $(Arg0)
[已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask
N/A
[已启用] \Microsoft\Windows\CertificateServicesClient\UserTask
N/A
[已禁用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
N/A
[已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
%SystemRoot%\System32\wsqmcons.exe
[已启用] \Microsoft\Windows\Defrag\ScheduledDefrag
%windir%\system32\defrag.exe -c
[已启用] \Microsoft\Windows\Location\Notifications
%windir%\System32\LocationNotifications.exe
[已禁用] \Microsoft\Windows\Maintenance\WinSAT
N/A
[已禁用] \Microsoft\Windows\Media Center\ActivateWindowsSearch
%SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
[已禁用] \Microsoft\Windows\Media Center\ConfigureInternetTimeService
%SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
[已禁用] \Microsoft\Windows\Media Center\DispatchRecoveryTasks
%SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\ehDRMInit
%SystemRoot%\ehome\ehPrivJob.exe /DRMInit
[已禁用] \Microsoft\Windows\Media Center\InstallPlayReady
%SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\mcupdate
%SystemRoot%\ehome\mcupdate $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\OCURActivate
%SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
[已禁用] \Microsoft\Windows\Media Center\OCURDiscovery
%SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\PBDADiscovery
%SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PBDADiscoveryW1
%SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PBDADiscoveryW2
%SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
[已禁用] \Microsoft\Windows\Media Center\PeriodicScanRetry
%windir%\ehome\MCUpdate.exe -pscn 0
[已禁用] \Microsoft\Windows\Media Center\PvrRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\PvrRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\PvrScheduleTask
%SystemRoot%\ehome\mcupdate.exe -PvrSchedule
[已禁用] \Microsoft\Windows\Media Center\PvrScheduleTask
%SystemRoot%\ehome\mcupdate.exe -PvrSchedule
[已禁用] \Microsoft\Windows\Media Center\RecordingRestart
%SystemRoot%\ehome\ehrec /RestartRecording
[已禁用] \Microsoft\Windows\Media Center\RegisterSearch
%SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
[已禁用] \Microsoft\Windows\Media Center\ReindexSearchRoot
%SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
[已禁用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
[已禁用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
%SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
[已启用] \Microsoft\Windows\Media Center\StartRecording
%SystemRoot%\ehome\ehrec /StartRecording
[已禁用] \Microsoft\Windows\Media Center\UpdateRecordPath
%SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
[已启用] \Microsoft\Windows\MobilePC\HotStart
N/A
[已启用] \Microsoft\Windows\MUI\LPRemove
%windir%\system32\lpremove.exe
[已启用] \Microsoft\Windows\Multimedia\SystemSoundsService
N/A
[已启用] \Microsoft\Windows\NetTrace\GatherNetworkInfo
%windir%\system32\gatherNetworkInfo.vbs
[已禁用] \Microsoft\Windows\Offline Files\Background Synchronization
N/A
[已禁用] \Microsoft\Windows\Offline Files\Logon Synchronization
N/A
[已启用] \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
%SystemRoot%\System32\powercfg.exe -energy -auto
[已启用] \Microsoft\Windows\Ras\MobilityManager
N/A
[已禁用] \Microsoft\Windows\SideShow\AutoWake
N/A
[已启用] \Microsoft\Windows\SideShow\GadgetManager
N/A
[已禁用] \Microsoft\Windows\SideShow\SessionAgent
N/A
[已禁用] \Microsoft\Windows\SideShow\SystemDataProviders
N/A
[已禁用] \Microsoft\Windows\SystemRestore\SR
%windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1
%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
[已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2
%windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
[已启用] \Microsoft\Windows\Time Synchronization\SynchronizeTime
%windir%\system32\sc.exe start w32time task_started
[已启用] \Microsoft\Windows\UPnP\UPnPHostConfig
sc.exe config upnphost start= auto
[已禁用] \Microsoft\Windows\User Profile Service\HiveUploadTask
N/A
[已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting
%windir%\system32\wermgr.exe -queuereporting
[已启用] \Microsoft\Windows\Windows Media Sharing\UpdateLibrary
"%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
[已启用] \Microsoft\Windows\WindowsBackup\AutomaticBackup
%systemroot%\system32\rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
[已禁用] \Microsoft\Windows\WindowsBackup\ConfigNotification
%systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
[已启用] \Microsoft\Windows\WindowsBackup\Windows Backup Monitor
%systemroot%\system32\sdclt.exe /CHECKSKIPPED
[已禁用] \Microsoft\Windows\WindowsColorSystem\Calibration Loader
N/A
==================================
Windows 安全更新检查
N/A
==================================
API HOOK
入口点错误:ShellExecuteExW (危险等级: 一般, 被下面模块所HOOK: C:\Program Files\Kingsoft\KSWebShieldSVC\kswebshield.dll)
==================================
隐藏进程
N/A
==================================[/code]