Copyright &
. All Rights Reserved .页面执行时间：250.00000 毫秒微软这个月又出 KB2859537 当机补丁了
四月份的 KB2823324，这个月又来了KB2859537。
还有不久前 XP 的 nForce MCP61 系列的主机板显示卡更新，更新后显示只能四位元色彩，640x480分辨率。
遇到十几台了，现在装完 XP 到 Nvidia 官网抓最新的驱动装完，开启自动更新仍然会自动给你装上去。
是要搞死工程师吗？
说真的建议个人用户要更新嘛，就月底手动再更新，因为第二个礼拜的星期二更新出来时，有问题自然会被人提报，大概第三周微软就会修正了。
不然就是就不要更新了，在硬件式防火墙或IP分享器下，
用 Chrome 浏览器上网吧，起码第一时间就会更新，安全许多。
作业系统就算有漏洞外面也无法直接攻击到你的电脑。
中毒和恶意软件跟漏洞没多大关系，会中标的还是会中标。
唉，目前公司的话都还是开自动更新
我应该中招了 最近电脑无故会自动重开或蓝屏
害我以为是硬件问题 原本打算礼拜一要是再当就去买新硬件来换
明天先来移除这该死的补丁试试
不管是KB2823324还是KB2859537更新
都没出事....
会不会只是少数个案阿？
ms0372326 wrote:
不管是KB28233...(恕删)
(登入后即可检视图片)
(登入后即可检视图片)
更新了一样没事
我电脑24hr整月全年不关
上次更新重开机后到现在一直没关也不会出问题
小弟也是KB2823324与KB2859537更新都没问题，NB配的也是Nvidia的独显，头好壮状每天跑8小时
(登入后即可检视图片)
guies wrote:
这个月又来了KB2859537。
Windows 2003 Server 更新也没问题.
上午 10:21
13,064 KB2859537.log
☆ 私人讯息直接删除不再回复 ☆ 愿望 : bovuhPPjMnEfkyhggnsJdABaLFPuhXT4
kazue0827 wrote:
小弟也是KB2823...(恕删)
我上面写的是 XP，而且是 MCP61 的主机板芯片组内显。
稳稳使用中目前没当机过
会不会是个案??驱动软件冲突?
(登入后即可检视图片)
-------------------------------------------------------
原来是XP XP好久没用了
KB2859537 BSOD
/en-us/windows/forum/windows_7-windows_update/kb2859537-bsod/-cea2-41ae-b2fc-ce1?page=7
其实说实话我也还没接到电话，代表我也没事。
我讨厌的是我刚在这个月做好了Win7封装档，至少要用一年阿。
做这个的原因是因为每装一台，一台至少可省下一个小时以上的更新时间，大概一年做一次。
不过阿，只要微软或防毒软件出一次大包，如微软的当机补丁或是防毒误杀系统档。
对管理上百台的IT人员来讲，真的是一个头痛的问题。
guies wrote:
还有不久前 XP 的 nForce MCP61 系列的主机板显示卡更新，更新后显示只能四位元色彩，640x480分辨率。
遇到十几台了，现在装完 XP 到 Nvidia 官网抓最新的驱动装完，开启自动更新仍然会自动给你装上去。
微软的Windows Update更新驱动程式，在XP时代做的很差，在WIN7上改进很多
在XP系统上，反正Windows Update的驱动少的可怜，绝大多数还是要自己手动安装
我是干脆在群组原则里面直接禁止驱动程式去搜寻Windows Update，
这样自动更新清单里面就不会出现驱动程式的更新
在WIN7系统上虽然也可以设定禁止驱动程式搜寻Windows Update，但是实用上会有麻烦
有些设备原厂硬是不提供WIN7驱动，强迫你从Windows Update安装 (例如 CANON打印机)查看: 5796|回复: 39
最近下了个快速还原 不知道怎么删除
类似Shadow Defender的软件，我在安装的时候提示安装失败，可是我每次开机自动还原C盘！而且任何软件管理软件都找不到快速还原这个软件，系统自带的也没有！而且我都不知道他安装到哪里去了！怎么才能删了这个东西！就是这个网站
woxihuan2011
提供个办法不一定管用，试一试看看吧。
1.启动系统至安全模式。
2.如果你记得安装的日期，请用搜索功能搜索这个日期创建的文件，将它们删除到回收站，注意这些文件里面有没有.sys文件，如果有请记住他们的名称，在注册表中以名称为关键字搜索，备份注册表后将搜索的结果全部删除。
3.如果你备份过mbr，请用备份还原mbr，有些还原软件会修改mbr，在系统启动时获取控制权，从而还原系统的。
4.如果开启系统还原，将系统还原到一个比较早的时间。
正解，专业
无语了，可能得重装系统
firethreat
1.请备份资料，数据永远最重要。
2.尝试重新安装，如果安装还是不成功，尝试安装相近版本的。安装完成后再卸载。
3.去官方论坛发帖寻求帮助，比如人家给个卸载工具。
4.以上都失败，pe启动搜索注册表，删除相关项目，然后删除磁盘文件。但这种强行卸载容易导致不稳定。当然，也可以这样先去除还原，然后在安装这个软件，再卸载。
5备份后重装。
感谢解答： ）
什么系统，
这类工具的引导项一般在：系统引导区和较高的驱动加载项。
感谢解答： ）
我晕，这玩意驱动级的，自己还不能随便删除它的驱动
什么系统，
这类工具的引导项一般在：系统引导区和较高的驱动加载项。
我们先暂时认为引导区是正常的，
先排除驱动加载项（懒得自己去装这种软件），那么上传一份：SREng日志，看看他都有哪些加载项，
看过火眼的日志，好像没几个加载项，不清楚会不会有自保。先试试看吧。如果你愿意跟我一起折腾的话。
我们先暂时认为引导区是正常的，
先排除驱动加载项（懒得自己去装这种软件），那么上传一份：SREng ...
System Repair Engineer 2.8.4.1331
Smallfrogs ()
Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能
以下内容被选中：
& & 所有的启动项目（包括注册表、启动文件夹、服务等）
& & 浏览器加载项
& & 正在运行的进程（包括进程模块信息）
& & 文件关联
& & Winsock 提供者
& & Autorun.inf
& & HOSTS 文件
& & 进程特权扫描
& & 计划任务
& & Windows 安全更新检查
& & API HOOK
& & 隐藏进程
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
& & &ctfmon.exe&&C:\WINDOWS\system32\ctfmon.exe&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
& & &load&&&&&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
& & &KSafeTray&&&d:\program files\ksafe\KSafeTray.exe& -autorun&&&[(Verified)Kingsoft Security Co.,Ltd]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
& & &shell&&Explorer.exe&&&[(Verified)Microsoft Windows Component Publisher]
& & &Userinit&&C:\WINDOWS\system32\userinit.exe,&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
& & &AppInit_DLLs&&&&&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
& & &UIHost&&logonui.exe&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
& & &{AEB-11d0-97EE-00C04FD91972}&&shell32.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
& & &PostBootReminder&&%SystemRoot%\system32\SHELL32.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &CDBurn&&%SystemRoot%\system32\SHELL32.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &WebCheck&&%SystemRoot%\system32\webcheck.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &SysTray&&C:\WINDOWS\system32\stobject.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
& & &WinlogonNotify: crypt32chain&&crypt32.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
& & &WinlogonNotify: cryptnet&&cryptnet.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
& & &WinlogonNotify: cscdll&&cscdll.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
& & &WinlogonNotify: dimsntfy&&%SystemRoot%\System32\dimsntfy.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
& & &WinlogonNotify: ScCertProp&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
& & &WinlogonNotify: Schedule&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
& & &WinlogonNotify: sclgntfy&&sclgntfy.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
& & &WinlogonNotify: SensLogn&&WlNotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
& & &WinlogonNotify: termsrv&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
& & &WinlogonNotify: wlballoon&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
& & &{-A8BA-11D1-B96B-00A0C90312E1}&&%SystemRoot%\system32\browseui.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &{8C7461EF-2B13-11d2-BE35-0}&&%SystemRoot%\system32\browseui.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{22d6f312-b0f6-11d0-94ab-e95}]
& & &Microsoft Windows Media Player&&C:\WINDOWS\inf\unregmp2.exe /ShowWMP&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{d38-484f-9b9e-dec}]
& & &Internet Explorer&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE&&&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{60B49E34-C7CC-11D0-C90347FF}MICROS]
& & &浏览器自定义组件&&RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
& & &Outlook Express&&%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE&&&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09--FED}]
& & &Themes Setup&&%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll&&&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
& & &Microsoft Outlook Express 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:OE /CALLER:WINNT /user /install&&&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
& & &NetMeeting 3.01&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT&&&[]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
& & &Microsoft Windows Media Player&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{71-11d2-AF11-00C04FA35D02}]
& & &通讯簿 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:WAB /CALLER:WINNT /user /install&&&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4340}]
& & &Windows 桌面更新&&regsvr32.exe /s /n /i:U shell32.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4383}]
& & &Internet Explorer 6&&%SystemRoot%\system32\ie4uinit.exe&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018--5476DBF70820}]
& & &N/A&&C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install&&&[Microsoft Corporation]
==================================
启动文件夹
N/A
==================================
服务
[Adobe Flash Player Update Service / AdobeFlashPlayerUpdateSvc][Stopped/Manual Start]
&&&C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe&&Adobe Systems Incorporated&
[HID Input Service / HidServ][Stopped/Auto Start]
&&&C:\WINDOWS\System32\svchost.exe -k netsvcs--&%SystemRoot%\System32\hidserv.dll&&N/A&
[KSafe service / KSafeSvc][Running/Auto Start]
&&&&d:\program files\ksafe\KSafeSvc.exe& -svc&&Kingsoft Corporation&
[MPSVC Service / MPSVCService][Running/Auto Start]
&&&C:\Program Files\Micropoint\MPSvc.exe&&Micropoint Corporation&
[Sandboxie Service / SbieSvc][Running/Auto Start]
&&&&C:\Program Files\Sandboxie\App\Sandboxie\SbieSvc.exe&&&Sandboxie Holdings, LLC&
==================================
驱动程序
[AmdK8 Compatible Device / AmdK8][Stopped/Manual Start]
&&&System32\drivers\amdk8.sys&&Advanced Micro Devices&
[FASTMNT / FASTMNT][Stopped/Manual Start]
&&&\??\c:\windows\system32\drivers\fastmnt.sys&&XIASOFT TECH CO.,LTD.&
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
&&&system32\DRIVERS\HDAudBus.sys&&Windows (R) Server 2003 DDK provider&
[hptpro / hptpro][Stopped/Boot Start]
&&&\SystemRoot\system32\DRIVERS\hptpro.sys&&HighPoint Technologies, Inc.&
[ialm / ialm][Running/Manual Start]
&&&system32\DRIVERS\igxpmp32.sys&&Intel Corporation&
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
&&&system32\drivers\RtkHDAud.sys&&Realtek Semiconductor Corp.&
[kmodurl / kmodurl][Running/System Start]
&&&\??\d:\program files\ksafe\kmodurlxp.sys&&Kingsoft Corporation&
[KSafeBootCheck / KSafeBootCheck][Stopped/Boot Start]
&&&\SystemRoot\system32\Drivers\ksafebc.sys&&N/A&
[ksafebootsafe / ksafebootsafe][Stopped/Boot Start]
&&&\SystemRoot\system32\Drivers\ksafebootsafe.sys&&Kingsoft Corporation&
[ksapi / ksapi][Stopped/Manual Start]
&&&\??\C:\WINDOWS\system32\drivers\ksapi.sys&&Kingsoft Corporation&
[mp110001 / mp110001][Running/Auto Start]
&&&system32\drivers\mp110001.sys&&Micropoint Corporation&
[mp110002 / mp110002][Running/Auto Start]
&&&system32\drivers\mp110002.sys&&Micropoint Corporation&
[mp110003 / mp110003][Running/Boot Start]
&&&\SystemRoot\system32\drivers\mp110003.sys&&Micropoint Corporation&
[mp110004 / mp110004][Running/Auto Start]
&&&system32\drivers\mp110004.sys&&Micropoint Corporation&
[mp110005 / mp110005][Running/Manual Start]
&&&system32\drivers\mp110005.sys&&Micropoint Corporation&
[mp110006 / mp110006][Running/System Start]
&&&system32\DRIVERS\mp110006.sys&&Micropoint Corporation&
[mp110007 / mp110007][Running/System Start]
&&&system32\drivers\mp110007.sys&&Micropoint Corporation&
[mp110008 / mp110008][Running/Auto Start]
&&&system32\drivers\mp110008.sys&&Micropoint Corporation&
[mp110009 / mp110009][Running/System Start]
&&&system32\drivers\mp110009.sys&&Micropoint Corporation&
[mp110010 / mp110010][Running/Boot Start]
&&&\SystemRoot\system32\drivers\mp110010.sys&&Micropoint Corporation&
[mp110011 / mp110011][Running/System Start]
&&&system32\drivers\mp110011.sys&&Micropoint Corporation&
[mp110012 / mp110012][Running/Boot Start]
&&&\SystemRoot\system32\drivers\mp110012.sys&&Micropoint Corporation&
[mp110013 / mp110013][Running/Boot Start]
&&&\SystemRoot\system32\drivers\mp110013.sys&&Micropoint Corporation&
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
&&&system32\DRIVERS\ptilink.sys&&Parallel Technologies, Inc.&
[QqGameMasterControl / QqGameMasterControl][Running/System Start]
&&&\??\C:\WINDOWS\system32\drivers\QMTgpNetflowxp.sys&&tencent&
[QQProtect / QQProtect][Running/System Start]
&&&\??\C:\WINDOWS\system32\drivers\QQProtect.sys&&Tencent&
[Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start]
&&&system32\DRIVERS\Rtnicxp.sys&&Realtek Semiconductor Corporation&
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
&&&system32\DRIVERS\RTL8139.SYS&&Realtek Semiconductor Corporation&
[Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Stopped/Manual Start]
&&&system32\DRIVERS\Rtenicxp.sys&&Realtek Semiconductor Corporation&
[SbieDrv / SbieDrv][Running/Manual Start]
&&&\??\C:\Program Files\Sandboxie\App\Sandboxie\SbieDrv.sys&&Sandboxie Holdings, LLC&
[Secdrv / Secdrv][Stopped/Manual Start]
&&&system32\DRIVERS\secdrv.sys&&Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.&
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
&&&system32\DRIVERS\tcpip.sys&&Microsoft Corporation&
==================================
浏览器加载项
[AccountProtectBHO Class]
&&{DDD362CF-523B-4BC9-8FDC-58F93B6BC945} &C:\Documents and Settings\Administrator\Application Data\Tencent\QQ\QQAntiPhishing\AccountProtect.dll, N/A&
[WUWebControl Class]
&&{6414512B-B978-451D-A0D8-FCFDF33E833C} &C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation&
[]
&&{01443AEC-0FD1-40FD-9C87-E93D} &, &
[]
&&{889D2FEB-98-1DD2C5261283} &, &
[]
&&{98F22D0A-B97F-4AF4-8E4C-A6596C8CDD4C} &, &
[AccountProtectBHO Class]
&&{DDD362CF-523B-4BC9-8FDC-58F93B6BC945} &C:\Documents and Settings\Administrator\Application Data\Tencent\QQ\QQAntiPhishing\AccountProtect.dll, N/A&
[]
&&{E05BC2A3-9A46-4a32-80C9-023A473F5B23} &, &
[TimwpCheck Class]
&&{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} &D:\Program Files\Tencent\QQ\bin\Timwp.dll, (Signed) Tencent&
[使用迅雷离线下载]
&&&C:\Program Files\Thunder Network\Thunder\Program\OfflineDownload.htm, N/A&
==================================
正在运行的进程
[PID: 632 / SYSTEM][\SystemRoot\System32\smss.exe]&&[Microsoft Corporation, 5.1. (xpsp.1)]
[PID: 684 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]&&[Microsoft Corporation, 5.1. (xpsp.1)]
[PID: 708 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]&&[Microsoft Corporation, 5.1. (xpsp.3)]
& & [C:\WINDOWS\system32\sfc_os.dll]&&[Microsoft Corporation, 5.1. (xpsp.1)]
& & [C:\WINDOWS\system32\uxtheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
[PID: 752 / SYSTEM][C:\WINDOWS\system32\services.exe]&&[Microsoft Corporation, 5.1. (xpsp_sp3_qfe.6)]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
[PID: 764 / SYSTEM][C:\WINDOWS\system32\lsass.exe]&&[Microsoft Corporation, 5.1. (xpsp.3)]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
[PID: 936 / SYSTEM][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp.1)]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
[PID: 1000 / SYSTEM][C:\Program Files\Micropoint\MPSvc.exe]&&[Micropoint Corporation, 2,0,10582,32]
& & [C:\Program Files\Micropoint\dbghelp.dll]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
& & [C:\Program Files\Micropoint\MSVCP60.dll]&&[Microsoft Corporation, 6.00.8168.0]
& & [C:\Program Files\Micropoint\mp110049.dll]&&[Micropoint Corporation, 2,0,10582,1]
& & [C:\Program Files\Micropoint\mp110078.dll]&&[Micropoint Corporation, 2.0.10582.3]
& & [C:\Program Files\Micropoint\mp110081.dll]&&[Micropoint Corporation, 2,0,10582,4]
& & [C:\Program Files\Micropoint\mp110036.dll]&&[Micropoint Corporation, 2.0.10582.33]
[PID: 1144 / SYSTEM][C:\Program Files\Micropoint\MPSVC2.exe]&&[Micropoint Corporation, 2.0.]
& & [C:\Program Files\Micropoint\dbghelp.dll]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
& & [C:\Program Files\Micropoint\mp110030.dll]&&[Micropoint Corporation, 1.2.10038]
& & [C:\Program Files\Micropoint\mp110037.dll]&&[Micropoint Corporation, 2.0.10582.9]
& & [C:\Program Files\Micropoint\mp110078.dll]&&[Micropoint Corporation, 2.0.10582.3]
& & [C:\Program Files\Micropoint\mp110028.dll]&&[Micropoint Corporation, 1, 2, 10581, 4]
& & [C:\Program Files\Micropoint\mp110036.dll]&&[Micropoint Corporation, 2.0.10582.33]
& & [C:\Program Files\Micropoint\mp110033.dll]&&[Micropoint Corporation, 2,0,10582,21]
& & [C:\Program Files\Micropoint\mp110034.dll]&&[Micropoint Corporation, 2.0.10145]
& & [C:\Program Files\Micropoint\mp110039.dll]&&[Micropoint Corporation, 2,0,10582,1]
& & [C:\Program Files\Micropoint\mp110042.dll]&&[Micropoint Corporation, 1, 2, 1]
& & [C:\Program Files\Micropoint\mp110049.dll]&&[Micropoint Corporation, 2,0,10582,1]
& & [C:\Program Files\Micropoint\mp110069.dll]&&[Micropoint Corporation, 1, 2, 1]
& & [C:\Program Files\Micropoint\mp110071.dll]&&[Micropoint Corporation, 2, 0, 10582, 1]
& & [C:\Program Files\Micropoint\MSVCP60.dll]&&[Microsoft Corporation, 6.00.8168.0]
& & [C:\Program Files\Micropoint\mp110073.dll]&&[Micropoint Corporation, 2,0,10582,8]
& & [C:\Program Files\Micropoint\mp110075.dll]&&[Micropoint Corporation, 2.0.10582.5]
& & [C:\Program Files\Micropoint\mp110081.dll]&&[Micropoint Corporation, 2,0,10582,4]
& & [C:\Program Files\Micropoint\mp110086.dll]&&[, 2, 0, 10582, 2]
& & [C:\Program Files\Micropoint\mp110185.dll]&&[Micropoint Corporation, 2, 0, 10582, 3]
& & [C:\Program Files\Micropoint\mp110186.dll]&&[Micropoint Corporation, 2, 0, 10582, 9]
& & [C:\Program Files\Micropoint\mp110124.dll]&&[Micropoint Corporation, 2,0,10582,14]
& & [C:\Program Files\Micropoint\mp110125.dll]&&[Micropoint Corporation, 1.2.10572.3]
& & [C:\Program Files\Micropoint\mp110029.dll]&&[Micropoint Corporation, 2, 0, 10582, 1]
& & [C:\Program Files\Micropoint\mp110077.dll]&&[Micropoint Corporation, 2,0,10582,10]
& & [C:\Program Files\Micropoint\mp110100.dll]&&[Micropoint Corporation, 1, 2, 1]
& & [C:\Program Files\Micropoint\mp110118.dll]&&[Micropoint Corporation, 1, 2, 10582, 86]
& & [C:\Program Files\Micropoint\mp110115.dll]&&[Micropoint Corporation, 1, 2, 1]
& & [C:\Program Files\Micropoint\mp110103.dll]&&[Micropoint Corporation, 1, 2, 10582, 83]
& & [C:\Program Files\Micropoint\mp110116.dll]&&[Micropoint Corporation, 1, 2, 10581, 4]
& & [C:\Program Files\Micropoint\mp110120.dll]&&[Micropoint Corporation, 1, 2, 10581, 10]
& & [C:\Program Files\Micropoint\mp110122.dll]&&[Micropoint Corporation, 1.2.69.705]
& & [C:\Program Files\Micropoint\mp110128.dll]&&[Micropoint Corporation, 1, 2, 10581, 11]
& & [C:\Program Files\Micropoint\mp110130.dll]&&[Micropoint Corporation, 1, 2, 1]
& & [C:\Program Files\Micropoint\mp110190.dll]&&[Micropoint Corporation, 1, 2, 10581, 30]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
[PID: 1344 / SYSTEM][C:\Program Files\Micropoint\MPSVC1.exe]&&[Micropoint Corporation, 2.0.10582.26]
& & [C:\Program Files\Micropoint\mp110049.dll]&&[Micropoint Corporation, 2,0,10582,1]
& & [C:\Program Files\Micropoint\mp110078.dll]&&[Micropoint Corporation, 2.0.10582.3]
& & [C:\Program Files\Micropoint\mp110081.dll]&&[Micropoint Corporation, 2,0,10582,4]
& & [C:\Program Files\Micropoint\mp110072.dll]&&[Micropoint Corporation, 2.0.10582.2]
[PID: 1380 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp.1)]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
[PID: 1832 / SYSTEM][C:\Program Files\Sandboxie\App\Sandboxie\SbieSvc.exe]&&[Sandboxie Holdings, LLC, 4.08]
& & [C:\Program Files\Sandboxie\App\Sandboxie\SbieDll.dll]&&[Sandboxie Holdings, LLC, 4.06]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
[PID: 1872 / SYSTEM][C:\WINDOWS\System32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp.1)]
& & [C:\WINDOWS\System32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [C:\WINDOWS\System32\sfc_os.dll]&&[Microsoft Corporation, 5.1. (xpsp.1)]
[PID: 1984 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp.1)]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
[PID: 200 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]&&[Microsoft Corporation, 5.1. (xpsp.1)]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
[PID: 488 / SYSTEM][d:\program files\ksafe\KSafeSvc.exe]&&[Kingsoft Corporation, 4.7.0.4064]
& & [d:\program files\ksafe\json.dll]&&[N/A, ]
& & [d:\program files\ksafe\kdump.dll]&&[Kingsoft Corporation, ,3229]
& & [d:\program files\ksafe\kxebase.dll]&&[Kingsoft Corporation, ,1978]
& & [d:\program files\ksafe\scom.dll]&&[Kingsoft Corporation, ,976]
& & [d:\program files\ksafe\kxecore\kxecore.dll]&&[Kingsoft Corporation, ,2020]
& & [d:\program files\ksafe\kexectrl.dll]&&[Kingsoft Corporation, ,1422]
& & [d:\program files\ksafe\kwssp.dll]&&[Kingsoft Corporation, .4098]
& & [d:\program files\ksafe\netstat.dll]&&[Kingsoft Corporation, 4.7.0.4064]
& & [d:\program files\ksafe\fwproxy.dll]&&[Kingsoft Corporation, 4.7.0.4064]
& & [d:\program files\ksafe\ksinst.dll]&&[Kingsoft Corporation, ,3056]
& & [d:\program files\ksafe\kse\ksecansp.dll]&&[Kingsoft Corporation, 4.0.7.2420]
& & [d:\program files\ksafe\kse\ksbwdet2.dll]&&[Kingsoft Corporation, ,2915]
& & [d:\program files\ksafe\ksapi.dll]&&[Kingsoft Corporation, ,107]
& & [d:\program files\ksafe\khistory.dll]&&[Kingsoft Corporation, ,2880]
& & [d:\program files\ksafe\kse\kseutil.dll]&&[Kingsoft Corporation, ,14]
& & [d:\program files\ksafe\kse\ksesscan.dll]&&[Kingsoft Corporation, ,2]
& & [d:\program files\ksafe\kse\wfs.dll]&&[Kingsoft Corporation, ,1839]
& & [d:\program files\ksafe\kse\sqlite.dll]&&[Kingsoft Corporation, ,1194]
& & [d:\program files\ksafe\keng\kae\kaecore.dat]&&[Kingsoft Corporation, ,1887]
& & [d:\program files\ksafe\KSE\kseescan.dll]&&[Kingsoft Corporation, ,33]
& & [d:\program files\ksafe\keng\kae\karchive.dat]&&[Kingsoft Corporation, ,1746]
& & [d:\program files\ksafe\keng\kae\kaearcha.dat]&&[Kingsoft Corporation, ,1407]
& & [d:\program files\ksafe\keng\kae\kaeolea.dat]&&[Kingsoft Corporation, ,1847]
& & [d:\program files\ksafe\keng\kae\kaearchb.dat]&&[Kingsoft Corporation, ,12]
& & [d:\program files\ksafe\keng\kae\kaecoref.dat]&&[Kingsoft Corporation, ,1454]
& & [d:\program files\ksafe\keng\kae\kaecorem.dat]&&[Kingsoft Corporation, ,1328]
& & [d:\program files\ksafe\keng\kae\kaecorea.dat]&&[Kingsoft Corporation, ,1847]
& & [d:\program files\ksafe\keng\kae\kaextend.dat]&&[Kingsoft Corporation, ,1966]
& & [d:\program files\ksafe\keng\kae\kaext2.dat]&&[Kingsoft Corporation, ,1847]
& & [d:\program files\ksafe\keng\kae\kaecoreh.dat]&&[Kingsoft Corporation, ,1847]
& & [d:\program files\ksafe\keng\kae\kaecoreo.dat]&&[Kingsoft Corporation, ,1927]
[PID: 676 / Administrator][C:\WINDOWS\Explorer.EXE]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [d:\program files\ksafe\ksfmon.dll]&&[Kingsoft Corporation, 4.7.0.4109]
& & [d:\program files\ksafe\kwsui.dll]&&[Kingsoft Corporation, .4098]
& & [d:\program files\ksafe\kswebshield.dll]&&[Kingsoft Corporation, .4098]
& & [C:\WINDOWS\system32\shdoclc.dll]&&[Microsoft Corporation, 6.00. (xpsp_sp2_rtm.8)]
& & [C:\Program Files\7-Zip\7-zip.dll]&&[Igor Pavlov, 9.20]
[PID: 1100 / Administrator][C:\Program Files\Micropoint\MPMon.exe]&&[Micropoint Corporation, 2,0,10582,37]
& & [C:\Program Files\Micropoint\mp110036.dll]&&[Micropoint Corporation, 2.0.10582.33]
& & [C:\Program Files\Micropoint\mp110078.dll]&&[Micropoint Corporation, 2.0.10582.3]
& & [C:\Program Files\Micropoint\mp110049.dll]&&[Micropoint Corporation, 2,0,10582,1]
& & [C:\Program Files\Micropoint\mp110079.dll]&&[Micropoint Corporation, 2,0,10582,1]
& & [C:\Program Files\Micropoint\mp110081.dll]&&[Micropoint Corporation, 2,0,10582,4]
& & [C:\Program Files\Micropoint\mp110161.dll]&&[Micropoint Corporation, 2,0,10582,5]
& & [C:\Program Files\Micropoint\MSVCP60.dll]&&[Microsoft Corporation, 6.00.8168.0]
& & [C:\Program Files\Micropoint\dbghelp.dll]&&[Microsoft Corporation, 5.1. (xpsp_sp2_rtm.8)]
& & [C:\Program Files\Micropoint\mp110051.dll]&&[Micropoint Corporation, 2,0,10582,24]
& & [C:\Program Files\Micropoint\mp34\mpA]&&[Micropoint Corporation, 2,0,10582,24]
[PID: 1948 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]&&[Microsoft Corporation, 5.1. (xpsp.2)]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [C:\WINDOWS\system32\sfc_os.dll]&&[Microsoft Corporation, 5.1. (xpsp.1)]
[PID: 2028 / Administrator][C:\WINDOWS\system32\conime.exe]&&[Microsoft Corporation, 5.1. (xpsp.5)]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
[PID: 548 / Administrator][D:\program files\ksafe\KSafeTray.exe]&&[Kingsoft Corporation, 4.7.0.4109]
& & [d:\program files\ksafe\kdump.dll]&&[Kingsoft Corporation, ,3229]
& & [D:\program files\ksafe\ksftray.dll]&&[Kingsoft Corporation, 4.7.0.4153]
& & [D:\program files\ksafe\json.dll]&&[N/A, ]
& & [d:\program files\ksafe\ksfmon.dll]&&[Kingsoft Corporation, 4.7.0.4109]
& & [D:\program files\ksafe\ksapi.dll]&&[Kingsoft Corporation, ,107]
& & [d:\program files\ksafe\ksfskin.dll]&&[Kingsoft Corporation, 4.7.0.4102]
& & [d:\program files\ksafe\ksafedb.dll]&&[Kingsoft Corporation, 4.7.0.4064]
& & [D:\program files\ksafe\krcmdmon.dll]&&[Kingsoft Corporation, 4.7.0.4104]
& & [D:\program files\ksafe\actpush.dll]&&[Kingsoft Corporation, 4.7.0.4064]
& & [D:\program files\ksafe\pushapp\usbmon.dll]&&[Kingsoft Corporation, 4.7.0.4064]
& & [D:\program files\ksafe\kinfoc.dll]&&[Kingsoft Corporation, ,5159]
& & [D:\program files\ksafe\krunopt.dll]&&[Kingsoft Corporation, 4.7.0.4064]
& & [d:\program files\ksafe\khistory.dll]&&[Kingsoft Corporation, ,2880]
& & [D:\program files\ksafe\ksafeup.dll]&&[Kingsoft Corporation, 4.7.0.4064]
& & [d:\program files\ksafe\zlib1.dll]&&[, 1.2.3]
& & [d:\program files\ksafe\kwsctrl.dll]&&[Kingsoft Corporation, 4.7.0.4098]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [d:\program files\ksafe\KEng\ksignup.dll]&&[Kingsoft Corporation, 4.7.0.4064]
& & [C:\WINDOWS\system32\shdoclc.dll]&&[Microsoft Corporation, 6.00. (xpsp_sp2_rtm.8)]
& & [d:\program files\ksafe\KEng\KSGMerge.DLL]&&[Kingsoft Corporation, ,1656]
& & [d:\program files\ksafe\ksgamemon.dll]&&[Kingsoft Corporation, 4.7.0.4064]
& & [D:\program files\ksafe\cloudlib.dll]&&[Kingsoft Corporation, 4.7.0.4064]
& & [D:\program files\ksafe\kse\sqlite.dll]&&[Kingsoft Corporation, ,1194]
[PID: 556 / Administrator][C:\WINDOWS\system32\ctfmon.exe]&&[Microsoft Corporation, 5.1. (xpsp.5)]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
[PID: 404 / SYSTEM][C:\Program Files\Microsoft Bing Pinyin\1.5.24.02\Shared\BingIMEUpdateService.exe]&&[Microsoft Corporation, 1.5.24.02]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
[PID: 2460 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]&&[Microsoft Corporation, 5.1. (xpsp.2)]
& & [C:\WINDOWS\System32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
[PID: 2716 / Administrator][D:\Program Files\Tencent\QQ\QQProtect\Bin\QQProtect.exe]&&[Tencent, 3.8.1.6000]
& & [D:\Program Files\Tencent\QQ\QQProtect\Bin\libtcmalloc.dll]&&[, 2.0.1.0]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [D:\Program Files\Tencent\QQ\QQProtect\Bin\QQProtectEngine.dll]&&[Tencent, 3.8.1.6000]
& & [D:\Program Files\Tencent\QQ\QQProtect\Bin\QQProtect.dll]&&[Tencent, 3.8.1.6000]
& & [D:\Program Files\Tencent\QQ\QQProtect\Bin\Common.dll]&&[Tencent, 3.8.1.5]
& & [D:\Program Files\Tencent\QQ\QQProtect\Bin\zlib.dll]&&[Tencent, 3.8.1.5]
& & [D:\Program Files\Tencent\QQ\QQProtect\Bin\libexpatw.dll]&&[Tencent, 3.8.1.5]
& & [D:\Program Files\Tencent\QQ\QQProtect\Bin\tinyxml.dll]&&[Tencent, 3.8.1.5]
& & [D:\Program Files\Tencent\QQ\QQProtect\Bin\AsyncTask.dll]&&[Tencent, 5.3.59.0]
[PID: 3348 / Administrator][D:\Program Files\Tencent\QQ\bin\QQ.exe]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\bin\libtcmalloc.dll]&&[, 2.0.1.0]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [D:\Program Files\Tencent\QQ\bin\HummerEngine.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\bin\Common.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\zlib.dll]&&[, 1.2.8.0]
& & [D:\Program Files\Tencent\QQ\bin\libexpatw.dll]&&[, 2.0.1.0]
& & [D:\Program Files\Tencent\QQ\bin\tinyxml.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\AsyncTask.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\arkFS.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\arkIOStub.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\sqlite.dll]&&[, 3.7.16.1]
& & [D:\Program Files\Tencent\QQ\bin\KernelUtil.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\bin\xImage.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\libpng.dll]&&[, 1.4.12.0]
& & [D:\Program Files\Tencent\QQ\bin\libjpegturbo.dll]&&[, 1.3.1.0]
& & [D:\Program Files\Tencent\QQ\bin\GF.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\xGraphic32.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\arkGraphic.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\arkImage.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\libimagequant.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\lua.dll]&&[, 5.2.3.0]
& & [D:\Program Files\Tencent\QQ\bin\AFBase.DLL]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\bin\AFUtil.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\bin\AppUtil.dll]&&[Tencent, 6.2.12179.0]
& & [d:\program files\ksafe\ksfmon.dll]&&[Kingsoft Corporation, 4.7.0.4109]
& & [d:\program files\ksafe\kwsui.dll]&&[Kingsoft Corporation, .4098]
& & [d:\program files\ksafe\kswebshield.dll]&&[Kingsoft Corporation, .4098]
& & [D:\Program Files\Tencent\QQ\Bin\AppMisc.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\UtilGif.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\Bin\AFCtrl.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\ProcessSession.DLL]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\Bin\LongCnn.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\MainFrame.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\QSLogic.dll]&&[Tencent, 2.6.0.0]
& & [D:\Program Files\Tencent\QQ\Bin\arkIPC.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\Bin\RequestHost.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\QScanEngine.dll]&&[Tencent, 2.4.0.0]
& & [D:\Program Files\Tencent\QQ\Bin\LoginLogic.dll]&&[Tencent, 6.2.12179.0]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [D:\Program Files\Tencent\QQ\Bin\TaskTray.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\AppFramework.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\xPlatform.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\PreloginLogic.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\bin\TXSSO\Bin\SSOPlatform.dll]&&[Tencent, 1.2.2.81]
& & [D:\Program Files\Tencent\QQ\bin\TXSSO\Bin\SSOCommon.DLL]&&[Tencent, 1.2.2.81]
& & [D:\Program Files\Tencent\QQ\Bin\IM.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\TXPFProxy.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\KernelMisc.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\GroupApp.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\ConfigCenter.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\SystemMsg.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\ChatFrameApp.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.wireless\Bin\Wireless.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.wireless\Bin\xplatform_dl.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.wireless\Bin\litetransfer.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\bin\libhttp.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\libuv.dll]&&[, 0.11.25.0]
& & [D:\Program Files\Tencent\QQ\Bin\PluginCommon.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.audiovideo\Bin\AudioVideo.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.audiovideo\Bin\DocShare.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.netdisk\Bin\NetDisk.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqvip\Bin\QQVip.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.snsapp\Bin\SNSApp.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.vas\Bin\VAS.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\SkinMgr.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\bin\ContactInfoFrame.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qzone\Bin\Qzone.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.wblog\Bin\WBlog.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.wblog\Bin\WBKernel.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.wblog\Bin\WBMisc.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\InformationBox.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\LoginUI.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\QInterLive.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\ContactMgr.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.crm\Bin\CRM.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqmusic\Bin\QQMusic.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\MsgMgr.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.soso\Bin\Soso.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqpet\Bin\QQPet.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.paipai\Bin\PaiPai.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.vas\Bin\TRCloudInputLib.dll]&&[Tencent, 2.0.]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqring\Bin\QQRing.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.advertisement\Bin\Advertisement.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.hrtx\Bin\HRTX.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.weather\Bin\Weather.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqshow\Bin\QQShow.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.wenwen\Bin\WenWen.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.netbar\Bin\NetBar.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.memo\Bin\Memo.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.gamelife\Bin\GameLife.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqgame\Bin\QQGame.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.mmog\Bin\MMOG.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.mail\Bin\Mail.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.today\Bin\Today.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\FlashControl.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\Bin\RenderService.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\Bin\CustomFace.dll]&&[Tencent, 6.2.12179.0]
& & [C:\WINDOWS\system32\msdmo.dll]&&[, ]
& & [D:\Program Files\Tencent\QQ\Plugin\com.tencent.paycenter\Bin\PayCenter.dll]&&[Tencent, 6.2.12179.0]
& & [D:\Program Files\Tencent\QQ\Bin\maJmp.dll]&&[Tencent, 4.0.999.3705]
& & [D:\Program Files\Tencent\QQ\Bin\maUtility.dll]&&[Tencent, 4.0.999.3705]
& & [C:\Documents and Settings\Administrator\Application Data\Tencent\QQ\Misc\com.tencent.wireless\SDK\22\AndroidAssist.dll]&&[腾讯公司, 6.2.105.1209]
& & [C:\Documents and Settings\Administrator\Application Data\Tencent\QQ\Misc\com.tencent.wireless\SDK\22\AdbTools.dll]&&[腾讯公司, 6.2.105.1209]
& & [C:\Documents and Settings\Administrator\Application Data\Tencent\AndroidAssist\1021\Bin\AndroidDevice.dll]&&[腾讯公司, 2.0.101.2592]
& & [D:\Program Files\Tencent\QQ\Bin\WebCtrl.dll]&&[Tencent, 6.2.19.0]
& & [D:\Program Files\Tencent\QQ\bin\icudt.dll]&&[The ICU Project, 4, 6, 0, 0]
& & [D:\Program Files\Tencent\QQ\bin\AddrSearch.dll]&&[Tencent, 6, 0, 1, 0]
[PID: 3740 / Administrator][D:\Program Files\Tencent\QQ\Bin\TXPlatform.exe]&&[Tencent, 6.2.12179.0]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [d:\program files\ksafe\ksfmon.dll]&&[Kingsoft Corporation, 4.7.0.4109]
& & [D:\Program Files\Tencent\QQ\Bin\TXPFProxy.dll]&&[Tencent, 6.2.12179.0]
[PID: 3956 / Administrator][C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\TheWorld.exe]&&[, 6.2.0.128]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [C:\Program Files\Micropoint\mp110200.dll]&&[Micropoint Corporation, 1, 2, 10581, 19]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\chrome.dll]&&[, 6.2.0.128]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\icudt.dll]&&[The ICU Project, 4, 6, 0, 0]
& & [d:\program files\ksafe\ksfmon.dll]&&[Kingsoft Corporation, 4.7.0.4109]
& & [d:\program files\ksafe\kwsui.dll]&&[Kingsoft Corporation, .4098]
& & [d:\program files\ksafe\kswebshield.dll]&&[Kingsoft Corporation, .4098]
& & [d:\program files\ksafe\kswbc.dll]&&[Kingsoft Corporation, .4117]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
[PID: 1180 / Administrator][C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\TheWorld.exe]&&[, 6.2.0.128]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\chrome_child.dll]&&[, 6.2.0.128]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\icudt.dll]&&[The ICU Project, 4, 6, 0, 0]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\ffmpegsumo.dll]&&[N/A, ]
[PID: 2096 / Administrator][C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\TheWorld.exe]&&[, 6.2.0.128]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\chrome_child.dll]&&[, 6.2.0.128]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\icudt.dll]&&[The ICU Project, 4, 6, 0, 0]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\ffmpegsumo.dll]&&[N/A, ]
[PID: 3616 / Administrator][C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\TheWorld.exe]&&[, 6.2.0.128]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\chrome_child.dll]&&[, 6.2.0.128]
& & [C:\Program Files\Micropoint\mp110200.dll]&&[Micropoint Corporation, 1, 2, 10581, 19]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\icudt.dll]&&[The ICU Project, 4, 6, 0, 0]
& & [d:\program files\ksafe\ksfmon.dll]&&[Kingsoft Corporation, 4.7.0.4109]
& & [d:\program files\ksafe\kwsui.dll]&&[Kingsoft Corporation, .4098]
& & [d:\program files\ksafe\kswebshield.dll]&&[Kingsoft Corporation, .4098]
& & [d:\program files\ksafe\kswbc.dll]&&[Kingsoft Corporation, .4117]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\gcswf32.dll]&&[, ]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
[PID: 196 / Administrator][C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\TheWorld.exe]&&[, 6.2.0.128]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\chrome_child.dll]&&[, 6.2.0.128]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\icudt.dll]&&[The ICU Project, 4, 6, 0, 0]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\ffmpegsumo.dll]&&[N/A, ]
[PID: 3040 / Administrator][C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\TheWorld.exe]&&[, 6.2.0.128]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\chrome_child.dll]&&[, 6.2.0.128]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\icudt.dll]&&[The ICU Project, 4, 6, 0, 0]
& & [C:\Documents and Settings\Administrator\Local Settings\Application Data\TheWorld6\Application\6.2.0.128\ffmpegsumo.dll]&&[N/A, ]
[PID: 2444 / Administrator][E:\Administrator\Desktop\SREngLdr.EXE]&&[Smallfrogs Studio, 2.8.4.1331]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
[PID: 3864 / Administrator][E:\Administrator\Desktop\SRE3cb1113b.EXE]&&[Smallfrogs Studio, 2.8.4.1331]
& & [C:\Program Files\Micropoint\mp110031.dll]&&[Micropoint Corporation, 2.0.47.1498]
& & [d:\program files\ksafe\ksfmon.dll]&&[Kingsoft Corporation, 4.7.0.4109]
& & [C:\WINDOWS\system32\UxTheme.dll]&&[Microsoft Corporation, 6.00. (xpsp.5)]
& & [C:\WINDOWS\system32\sfc_os.dll]&&[Microsoft Corporation, 5.1. (xpsp.1)]
==================================
文件关联
.TXT&&Error. [C:\WINDOWS\notepad.exe %1]
.EXE&&OK. [&%1& %*]
.COM&&OK. [&%1& %*]
.PIF&&OK. [&%1& %*]
.REG&&OK. [regedit.exe &%1&]
.BAT&&OK. [&%1& %*]
.SCR&&OK. [&%1& /S]
.CHM&&Error. [&hh.exe& %1]
.HLP&&OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI&&Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF&&OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS&&OK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.JS& &OK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.LNK&&OK. [{0-}]
==================================
Winsock 提供者
IERD_TGP_LSP
& & C:\WINDOWS\system32\ierd_tgp_lsp.dll(Tencent, Tencent TGC LSP)
IERD_TGP_LSP over [MSAFD Tcpip [TCP/IP]]
& & C:\WINDOWS\system32\ierd_tgp_lsp.dll(Tencent, Tencent TGC LSP)
IERD_TGP_LSP over [MSAFD Tcpip [UDP/IP]]
& & C:\WINDOWS\system32\ierd_tgp_lsp.dll(Tencent, Tencent TGC LSP)
IERD_TGP_LSP over [MSAFD Tcpip [RAW/IP]]
& & C:\WINDOWS\system32\ierd_tgp_lsp.dll(Tencent, Tencent TGC LSP)
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1& && & localhost
==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 708, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
==================================
计划任务
[已禁用] Adobe Flash Player Updater.job
& && &&&C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================================
Windows 安全更新检查
Microsoft .NET Framework 版本 1.1，简体中文版
KB829019,&&Microsoft .NET Framework 2.0 语言包：x86 (KB829019)
KB925850,&&Windows Media Player 11
KB940157,&&用于 Windows XP 的 Windows 搜索 4.0 (KB940157)
KB902344,&&启用了 WMDRM 的 Media Player 更新程序 (KB902344)
KB909520,&&Microsoft 基本智能卡加密服务提供程序包： x86 (KB909520)
KB971513,&&Windows XP 更新程序 (KB971513)
KB2115168,&&Windows XP 安全更新程序 (KB2115168) MS10-052
KB982665,&&Windows XP 安全更新程序 (KB982665) MS10-055
KB2347290,&&Windows XP 安全更新程序 (KB2347290) MS10-061
KB975558,&&Windows XP 安全更新程序 (KB975558) MS10-062
KB979687,&&Windows XP 安全更新程序 (KB979687) MS10-083
KB2296011,&&Windows XP 安全更新程序 (KB2296011) MS10-081
KB2345886,&&Windows XP 更新程序 (KB2345886)
KB2378111,&&Windows XP 安全更新程序 (KB2378111) MS10-082
KB2387149,&&Windows XP 安全更新程序 (KB2387149) MS10-074
KB982132,&&Windows XP 安全更新程序 (KB982132) MS10-076
KB2423089,&&Windows XP 安全更新程序 (KB2423089) MS10-096
KB2419632,&&Windows XP 安全更新程序 (KB2419632) MS11-002
KB2478971,&&Windows XP 安全更新程序 (KB2478971) MS11-013
KB2483185,&&Windows XP 安全更新程序 (KB2483185) MS11-006
KB2478960,&&Windows XP 安全更新程序 (KB2478960) MS11-014
KB2393802,&&Windows XP 安全更新程序 (KB2393802) MS11-011
KB971029,&&Windows XP 更新程序 (KB971029)
KB2479943,&&Windows XP 安全更新程序 (KB2479943) MS11-015
KB2481109,&&Windows XP 安全更新程序 (KB2481109) MS11-017
KB2485663,&&Windows XP 安全更新程序 (KB2485663) MS11-033
KB2508429,&&Windows XP 安全更新程序 (KB2508429) MS11-020
KB2506212,&&Windows XP 安全更新程序 (KB2506212) MS11-024
KB2510581,&&Windows XP 安全更新程序 (KB2510581) MS11-031
KB2509553,&&Windows XP 安全更新程序 (KB2509553) MS11-030
KB2492386,&&Windows XP 更新程序 (KB2492386)
KB2535512,&&Windows XP 安全更新程序 (KB2535512) MS11-042
KB2507938,&&Windows XP 安全更新程序 (KB2507938) MS11-056
KB2566454,&&Windows XP 安全更新程序 (KB2566454) MS11-062
KB2536276,&&Windows XP 安全更新程序 (KB2536276) MS11-043
KB2570947,&&Windows XP 安全更新程序 (KB2570947) MS11-071
KB2592799,&&Windows XP 安全更新程序 (KB2592799) MS11-080
KB2564958,&&Windows XP 安全更新程序 (KB2564958) MS11-075
KB2544893,&&Windows XP 安全更新程序 (KB2544893) MS11-037
KB2619339,&&Windows XP 安全更新程序 (KB2619339) MS11-092
KB2620712,&&Windows XP 安全更新程序 (KB2620712) MS11-097
KB2631813,&&Windows XP 安全更新程序 (KB2631813) MS12-004
KB2585542,&&Windows XP 安全更新程序 (KB2585542) MS12-006
KB2603381,&&Windows XP 安全更新程序 (KB2603381) MS12-002
KB2598479,&&Windows XP 安全更新程序 (KB2598479) MS12-004
KB944036,&&用于 Windows XP 的 Internet Explorer 8
KB2661637,&&Windows XP 安全更新程序 (KB2661637) MS12-014
KB2653956,&&Windows XP 安全更新程序 (KB2653956) MS12-024
KB2676562,&&Windows XP 安全更新程序 (KB2676562) MS12-034
KB2659262,&&Windows XP 安全更新程序 (KB2659262) MS12-034
KB982670,&&用于 Windows XP x86 的 Microsoft .NET Framework 4 Client Profile (KB982670)
KB2686509,&&Windows XP 安全更新程序 (KB2686509) MS12-034
KB2691442,&&Windows XP 安全更新程序 (KB2691442) MS12-048
KB2655992,&&Windows XP 安全更新程序 (KB2655992) MS12-049
KB2719985,&&Windows XP 安全更新程序 (KB2719985) MS12-043
KB2698365,&&Windows XP 安全更新程序 (KB2698365) MS12-045
KB2712808,&&Windows XP 安全更新程序 (KB2712808) MS12-054
KB2749655,&&Windows XP 更新程序 (KB2749655)
KB2723135,&&Windows XP 安全更新程序 (KB2723135) MS12-053
KB2705219,&&Windows XP 安全更新程序 (KB2705219) MS12-054
KB2727528,&&Windows XP 安全更新程序 (KB2727528) MS12-072
KB2770660,&&Windows XP 安全更新程序 (KB2770660) MS12-082
KB2757638,&&Windows XP 安全更新程序 (KB2757638) MS13-002
KB2802968,&&Windows XP 安全更新程序 (KB2802968) MS13-020
KB2780091,&&Windows XP 安全更新程序 (KB2780091) MS13-011
KB2807986,&&Windows XP 安全更新程序 (KB2807986) MS13-027
KB2820917,&&Windows XP 安全更新程序 (KB2820917) MS13-033
KB2813345,&&Windows XP 安全更新程序 (KB2813345) MS13-029
KB2834886,&&Windows XP 安全更新程序 (KB2834886) MS13-054
KB2850869,&&Windows XP 安全更新程序 (KB2850869) MS13-060
KB2859537,&&Windows XP 安全更新程序 (KB2859537) MS13-063
KB2834903,&&用于 Windows XP 的 Windows Media Format Runtime 9.5 的安全更新程序 (KB2834903) MS13-057
KB2876217,&&Windows XP 安全更新程序 (KB2876217) MS13-070
KB2864063,&&Windows XP 安全更新程序 (KB2864063) MS13-071
KB2847311,&&Windows XP 安全更新程序 (KB2847311) MS13-081
KB2862330,&&Windows XP 安全更新程序 (KB2862330) MS13-081
KB2862335,&&Windows XP 安全更新程序 (KB2862335) MS13-081
KB2808679,&&Windows XP 更新程序 (KB2808679)
KB951847,&&Microsoft .NET Framework 3.5 Service Pack 1 和用于 .NET 版本 2.0 至 3.5 的 .NET Framework 3.5 Family Update (KB951847) x86
KB2900986,&&用于 Windows XP 的 ActiveX Killbit 累积安全更新程序 (KB2900986) MS13-090
KB2876331,&&Windows XP 安全更新程序 (KB2876331) MS13-089
KB2868626,&&Windows XP 安全更新程序 (KB2868626) MS13-095
KB931125,&&Windows XP 的根证书更新 [2013 年 11 月] (KB931125)
KB2862152,&&Windows XP 安全更新程序 (KB2862152)
KB2898715,&&Windows XP 安全更新程序 (KB2898715) MS13-102
KB2892075,&&Windows XP 安全更新程序 (KB2892075) MS13-099
KB2893294,&&Windows XP 安全更新程序 (KB2893294) MS13-098
KB2904266,&&Windows XP 更新程序 (KB2904266)
KB2914368,&&Windows XP 安全更新程序 (KB2914368) MS14-002
KB2917500,&&Windows XP 和 Windows Server 2003 安全更新程序 (KB2917500)
KB2916036,&&Windows XP 安全更新程序 (KB2916036) MS14-005
KB2909212,&&Windows XP 安全更新程序 (KB2909212) MS14-011
KB2929961,&&Windows XP 安全更新程序 (KB2929961) MS14-013
KB2930275,&&Windows XP 安全更新程序 (KB2930275) MS14-015
KB2936068,&&用于 Windows XP 的 Internet Explorer 6 累积安全更新程序 (KB2936068) MS14-018
KB2922229,&&Windows XP 安全更新程序 (KB2922229) MS14-019
KB2964358,&&用于 Windows XP 的 Internet Explorer 6 安全更新程序 (KB2964358) MS14-021
KB890830,&&Windows 恶意软件删除工具 - 2014 年 8 月 (KB890830)
==================================
API HOOK
入口点错误：LoadLibraryExW (危险等级: 高,&&被下面模块所HOOK: 0x00FD02F1)
入口点错误：CreateProcessA (危险等级: 高,&&被下面模块所HOOK: 0x00F702F1)
入口点错误：CreateProcessW (危险等级: 高,&&被下面模块所HOOK: 0x00FA02F1)
==================================
隐藏进程
N/A
==================================
我们先暂时认为引导区是正常的，
先排除驱动加载项（懒得自己去装这种软件），那么上传一份：SREng ...
我什么也看不懂啊！
Copyright & KaFan & All Rights Reserved.
Powered by Discuz! X3.1( 苏ICP备号 ) GMT+8,