|
|
& ~1 w% e) l0 e6 ]- 2008-05-22,20:37:43
) E, n+ X/ g0 C8 ]0 G& x/ @1 l& n - System Repair Engineer 2.5.16.900
' k! U. j4 ^+ |+ p$ r - Smallfrogs (http://www.KZTechs.com)! J9 i* l# I& s
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能! }9 d4 v9 \" J
- 以下内容被选中:
4 q4 M1 \; K& _7 C' g) m: }9 B - 所有的启动项目(包括注册表、启动文件夹、服务等)
1 ^% x2 E/ x2 d( f1 Z, R! W - 浏览器加载项
5 J! o, `( I v' c: V - 正在运行的进程(包括进程模块信息)$ c+ A6 j& T% V) L
- 文件关联
( F9 z( g- I: C' @/ c8 e - Winsock 提供者
9 k8 c* r" Q" J5 B; J# |# _$ F - Autorun.inf; ?( X8 B9 j! E" {- W; S
- HOSTS 文件
. B) K) q: d P+ R/ S+ ] - 进程特权扫描
5 S! A( W, }; {* w - * Y* W) k4 \/ C$ x8 y0 C* ~
- 启动项目
! g! i; O0 x' l( ]' F0 w) l - 注册表
/ [: f# e4 V5 T1 [9 ~5 d) U- A - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]- [- L$ z/ X9 _" O4 x. e8 y2 C% ^
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
! {$ i4 Q. Z7 Z0 }; ? - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
- N( P& f5 D: B4 f5 x& l7 F( R - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]" d( k+ ]: S2 i
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
6 M4 G3 |: w( i+ o. k& @& P. w - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]! |8 e! p: ~, F& i& a! ]
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]7 [* }) z! `* O/ @4 E* L
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
" e7 V# }5 n+ m5 l# y: d - <PHIME2002A><; > [N/A]
2 u0 s* {- K# h3 ~ - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]" Q, g/ l# u+ q6 q5 O
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
. H# O6 I8 V$ b- i0 S - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]2 e0 l4 J a. E
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]! X7 K0 h( j8 r$ @& q9 C; E
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]$ l' c* r# R2 u9 o1 ?$ N
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]1 N- D- N* x( T9 o) l1 w- [4 X+ S
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
* {6 t! t% r+ Z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
9 ~, s% ?) ]% d( r! ]$ E - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
* h# m/ B5 M: w( R$ d1 l; R' m3 e, c0 ? - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
: k4 ~3 n: F$ E, s% ~$ o* E2 S4 x - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]& v) c4 D( r1 } l6 g# i
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
+ q; {" w4 ~7 l: v - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
3 ~4 k D) q1 g - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
9 g; z9 H, e7 m- L& B7 M) _ - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
: w" M. R/ U/ @ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]+ e1 e' v1 a* w; q# U
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
: K7 Q' o7 }6 W) j* U - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]) Q& |6 |8 r$ d# l6 ^1 j) D0 \
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
7 W* W3 q; n" n! f% l( w - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
% o* x" V2 J7 e( m; w' `/ \ - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
6 h6 s! S6 V1 X. P6 s7 K" Y7 G3 Z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] w+ t% c8 l' x
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
, {7 J' h/ n- \* X - ==================================
# V5 \8 f0 _8 n8 N. y, @ - 启动文件夹% r: N0 h% `/ f* ~7 [& i0 {7 L
- N/A. w3 m( v" e+ |5 l# }# ~" l9 N# U
- ==================================; i& K' w6 _6 K& ~- X1 I' E
- 服务
" F8 X9 r/ K' [; G( |; V8 q - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]4 j4 k, |' f$ m2 P& h z
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>- s+ [' W& R2 |( P, D. G+ x4 h2 `
- [Google Updater Service / gusvc][Stopped/Manual Start]
8 ~* z5 Z- m+ f - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>7 D. ~7 L x' k5 A
- [Help and Support / helpsvc][Stopped/Disabled]9 C2 b! p2 C0 C" }/ k
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>+ D5 r Q! ?4 J
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
0 N/ a' G5 ?$ }. z- b - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
" e, `, v9 x% |8 c# p6 s - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]8 U: F3 c- G% l% w. G8 V8 s9 R5 j2 ?% y
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>" \+ Z3 o" A( Y$ {9 F/ R
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
- ], U. R4 L! O9 v0 g- B - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
- k. _2 M8 e: w. t* S/ {4 h* ?$ K; h - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]+ d( t6 A; Y( k8 S
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>( f" n4 `4 E; G. k3 O- [' B
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
. ^- _( l4 Z2 K; ~ G - <><N/A>" o+ Z$ t$ K" p" W M" {, o
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
. A( n1 t+ L; C - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
3 ?2 `, c3 v& T" `) V - ==================================
4 b6 {3 e% a6 f8 r$ G - 驱动程序. Z K; x8 J, N9 O) b7 ?0 {( O
- [22j / 22jn][Stopped/Boot Start]9 O3 U" V2 \# A1 a* b2 f
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
& q: } P' q1 c5 |# i( Z - [360AntiArp / 360AntiArp][Running/System Start]
; u4 G. ?( D, H5 t# I! X - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>, L5 m; d/ N( O# F) U
- [43ec / 43ecu][Stopped/Boot Start]
* q, q# F. F! _: J" j/ l - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
7 ~4 ?; ^/ u4 b! E' H - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]6 m4 t3 F" s/ H' r4 t. b
- <system32\drivers\ac97intc.sys><Intel Corporation>
! E, d$ c! \1 t: H- k - [Promise driver accelerator / bb-run][Running/Boot Start]
& @# @ f! {) K E - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
- Z0 h8 l* w( j# L - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
+ s, A. m- q6 d" `, H - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
' b2 p5 R6 Z. Y, r. ^: r - [KAVBase / KAVBase][Running/Auto Start]
7 _2 Y8 U& l( j7 U - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
6 L: ~5 j! V# Z0 L) W- L2 z, o3 G - [KAVBootC / KAVBootC][Running/Boot Start]4 S! f0 o% ^: c4 T @* u
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>* V' ` _8 U# A) Z) h6 U! j) ~8 f
- [KAVSafe / KAVSafe][Running/Auto Start]
1 D+ O* o. k2 L) u! f - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
/ {3 p; j* d" N/ S3 S! w* } - [KNetWch / KNetWch][Running/System Start]* L5 G% F; g3 n/ w
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>$ L3 y+ y" ^: p$ i( A
- [KWatch3 / KWatch3][Running/Auto Start]% c5 s' x" g7 q* G& g4 H+ o
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
4 C/ n7 ~9 b7 ~* F) u: e3 L - [ntptdb / ntptdb][Stopped/Auto Start]! F% O$ Y% W" |
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
# z4 E/ t% W# _8 R ~' Y, c$ n - [nv / nv][Running/Manual Start]# Z. T& O, E8 _
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
2 o" Q$ |9 B2 x - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
, U& K$ I2 T# K. c& U& R/ L - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
) F4 X1 t2 y, O/ ?$ m) T - [DDK PACKET Protocol / Packet][Running/Manual Start]( l, \5 O, p$ D
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>$ q" g: T0 m1 p" @7 g' y
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
( t/ x1 r; a# R8 T2 r7 N; s( N - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>, Q% P& p$ a& p" x9 V3 y$ [
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]. ^1 q8 }: T0 N$ p
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>/ S8 ^2 s5 C1 D; \7 E' ?& @& u
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
! Q& c" _; V, l( J4 O" i - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
! m# X+ C/ Z- Y3 Z+ c - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
. v- v( _/ ?% u/ Z+ K - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation> N: L& y0 T* o) ?
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]" H4 T% ~# K$ j( V0 C4 u2 g
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>& a5 M! k5 v5 Q4 A( B* K) H) M
- [Secdrv / Secdrv][Stopped/Manual Start]* ~+ m/ S- e! \" I8 q
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>" B+ E7 q& H: ]* ?3 k0 K+ s
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
8 a) l8 e7 b' c - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
, O- n* R/ A" D$ g - [System Restore Filter Driver / sr][Stopped/Disabled]
2 a: N! U: ?) m' k, p - <system32\DRIVERS\sr.sys><N/A>
1 |8 n3 S3 E, P2 X o( ` - [TesSafe / TesSafe][Stopped/Manual Start]
7 G U# C& K5 x% A, L6 j! y - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>* W# \5 u, m; Q& ?5 T' ?; l
- [System Services / unzxzsrs][Stopped/Boot Start]4 g5 P8 s1 ^- N9 r0 z3 h7 B% l
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>: t8 L/ w J7 a5 m
- [ViBus / ViBus][Stopped/Boot Start]5 H0 Y ^; P9 J& r5 K$ k$ w: n
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
' s! Y: S7 p& b5 W% `5 s - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
+ E; a+ B' `. [# a2 e% A - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
4 z. }6 q' C: N0 O8 Z& y - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
n/ [6 a" |6 L9 g: r - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
3 D5 i" q" e' F3 O* D - [ATI Extend / zhibmaso][Stopped/Boot Start]. F1 Q$ ?, w/ q0 f) h, }2 X
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>' W- T4 W$ @/ a& ]+ @7 \
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]4 K; y7 [/ G+ |4 y z
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
4 U& w. |# v; g4 Y" h8 @9 | - ==================================
# Z9 d+ p9 ~1 n, K# K - 浏览器加载项$ v# K3 @4 w: S0 @# l6 j, L! i
- [Google Toolbar Helper]
4 O" b, J7 W" v: ` - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>9 r+ `# Q0 {9 e1 G8 V0 t) L% `+ t
- [Google Toolbar Notifier BHO]
* j$ Y y0 n+ r7 F - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>4 A( g: Q2 ^/ F0 X! ]3 c. g
- [SafeMon Class]
6 V/ x7 b3 u- \ - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>3 n. O7 D8 R7 `
- [kingsoft browser shield]* e% }! I1 `/ w! E+ F' C
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
' T! r/ } w+ h! V" r+ ~# [ H - [IEBuddyExtControl Class]/ {7 j" U/ U* Y3 ~3 i( m; {
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>2 V: `# b. G& v6 o
- [Zcom 杂志]
" f& G. S: ?8 v: J - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>: H1 r$ R9 n. G7 G
- [&Google]
) F# m/ w% ]0 Y - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>) n6 w8 H( O3 w: y
- [KooPlayer Control], A) @* l E9 ^! F
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
. z. C. X, r9 n* B. P! ~ - [Shockwave Flash Object]
9 ?; g/ z" g( v - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
/ J6 i+ B1 g; z* | - [KUpdateObj2 Class]$ j* N0 n* ^2 W, S7 M9 ^
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>& Z6 e" x( \5 T& d& C% R
- [Google Script Object]
" A0 Q9 {# w4 |7 b. ^" a5 ~* I - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
. M+ x: l# Y: k& k - [EWA Control]
% R0 o; v) X O2 s3 [4 w: T - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>* l Q, [$ f7 p0 H- ?. Z, v
- [Windows Media Player]
' d' }1 f" D$ j0 Y9 H0 s - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
/ j% D: e ~4 r" `; r - [&Google]6 ~- q8 F* g0 Y3 t; Y
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
" r* m- |: c# k" E# w - [HTML Document]
5 d' Q4 j$ R/ {) g3 O - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
- u: R) D; J( Z; e- A( l' U - [DHTML Edit Control Safe for Scripting for IE5]! r8 e/ [ p0 s5 H7 ^
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>1 E1 x8 y& `' m4 n2 r$ g& g. y8 w R6 _/ a A
- [RealPlayer RAM Download Handler]
2 X8 F0 L5 B) P f* Y - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>, H" k- N4 E/ W
- [IEBuddyExtControl Class], H8 d m+ h0 r, s% n' a# d
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
2 c/ S8 f( L; }# A4 `4 O$ |9 r2 h* w - [XML Document]
% F+ g" P, w2 o% U: ? - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
& l; d O1 v5 M o9 e" T: ^# ? - [HHCtrl Object]
! q9 A H" g, y6 _7 f - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>3 `, u# b/ ^) c/ u6 l
- [Windows Media Player]+ R2 P; Z) T6 U1 U) ]
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>* S8 g: B3 Y0 t2 p
- [Active Desktop Mover]
. |$ _8 e- s; o9 ^5 Y, w - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
! g" o$ |- Y& S: F+ O5 `' B - [360SafeLive]
3 O, a& o1 ]% U" z$ | - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>9 Q' R8 {( M' K8 R- d; h- ~
- [Microsoft Web 浏览器]
N5 ?/ ^1 C- N6 o3 c - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>/ \# M% ?2 v& ?8 u+ ], b. {6 l/ F7 \: m
- [Browser Enhanced Objects]4 D# b( E/ K! g- a) J( f ^5 v; N
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
; t* {: M* g5 U1 `- V0 b- N - [Google Toolbar Helper]; c# a w& P; a# {, z
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
* O# O E2 c+ h1 j - [Microsoft Scriptlet Component]
3 s1 u) c; w+ j* H5 E9 q* ~' [ - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>: x% e3 c% V5 k O; h& \
- [Google Toolbar Notifier BHO]! x* S5 R1 g$ F6 @2 S
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
- o0 X1 h w7 Q! I6 T r i0 \! F - [SearchAssistantOC]3 Q: Z3 J: h# ^3 W1 L8 [
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>/ q. W6 k8 n, x) @+ Q# Z: l
- [SafeMon Class]8 O: {, @" c' s+ b4 s1 {
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
, W( F/ Z; T" C R+ t) E - [RDS.DataSpace]% ?! F& k& T# M* z& X
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>* y1 ]" w: J& G6 w+ C$ M
- [KooPlayer Control]
1 g& G0 d: i8 t2 o+ F" d - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
' T/ ~" r4 W% I! n8 { - [AUDIO__MID Moniker Class]
+ k. X5 I4 a( |, n% e1 G" z1 E - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
3 G$ o" i0 G+ B/ u# r) r4 B - [AUDIO__MP3 Moniker Class]! X) d# S W" J* L( ^% {9 e6 V
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
0 Z+ O( I6 F8 V& q! g - [AUDIO__X_MS_WMA Moniker Class]
j/ B" I# \! Q' g: C - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
4 } p) i5 z( z# ~! H - [VIDEO__X_MS_WMV Moniker Class]6 U- o& a3 m7 E0 Q; k1 u, t2 E% q
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>- \) G: s" N5 m9 ?
- [RealPlayer G2 Control]: c8 F% v& L2 F n7 W( ~
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>4 f, S+ `1 k) ~/ Z" L! l
- [Shockwave Flash Object]
" F2 k# ~3 X1 I( m1 x - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>0 T" ?, B4 i- I) u! s% `
- [KUpdateObj2 Class]
3 u6 @5 f) X( P8 V- [4 m9 Z - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>2 D/ B W; r$ }/ M( s
- [kingsoft browser shield]
8 e; b' j, _9 Z) e. k8 ^ - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
% a1 B5 o5 F+ K* u$ e4 i - [PasswordEditCtrl Class]
3 O' ~; }3 L5 } u - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
' z- i+ o* v1 t$ r# C) v' A8 r# j# H - [QvodCtrl Class]
X& ]$ u+ \* Y* T3 { - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>4 p3 R9 s& h) i- d! z% L; S
- [&使用超级旋风下载]
& o' @7 G, [+ B+ [) b& S1 H! [, i4 ? - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>& L7 H1 s( j& O; p4 ]3 Z
- [&使用超级旋风下载全部链接]! K6 s; U( s! ?+ ~
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>5 R2 I* {4 v8 J; Y
- [使用迅雷下载]
! w) p( }" r4 W/ G, \6 o - <, N/A>/ G& r/ c' s$ }5 _) k: t6 H
- [使用迅雷下载全部链接]
/ H& N) a( a( e: N6 S - <, N/A>
- v5 w6 Z0 ?; \( n. K - [导出到 Microsoft Office Excel(&X)]. |) c- T) A# S
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
" N; g; m9 @8 \2 ^# R - [添加到QQ表情]
1 R; i1 Q/ }! }) I: T0 z: z - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
( ^- S5 |8 v# @/ u9 f n7 O* F - ==================================
$ Q6 l% K3 R9 K" d7 Y; ^: F - 正在运行的进程
7 ~! `$ ?6 v4 q1 Z7 J) _$ x9 L - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 F4 |! a( j8 _/ u. U8 [ - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], m! j8 h8 t- A- ?7 n. O2 @1 [
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. V1 D" H/ Q8 k% H2 a+ E) Y
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]9 C2 l" j L9 I/ C. p
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ x2 A# I+ _- b
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 L3 @7 i$ s! u3 d6 W) a
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 X b+ Z/ E2 p1 [
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 x( g- _' f# @4 i" Y+ H- x( G( P4 s& G
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ D4 v' G4 C5 g4 N+ H0 u, m- O - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 ]; h( Q1 t# @: j* h# | - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 z2 ?% e' V0 B" q) ?" r. Q$ j8 P
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
, t1 |2 ^# A$ N: v v$ e: h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]' K( Z3 i+ E1 J' e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
" y! @: q$ q1 X1 i - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]0 v: w8 k- I4 G% y: `
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]# l" w' Y+ B v' R' i R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]1 R! A% }+ c9 y3 ]* K
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
- _9 G& _, f& Y- C# {& p/ ]7 y - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
9 W+ w( ]" l0 ^# n* K - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]* [: D3 j' [" t0 ]) H
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
Z5 f1 ?. b, l: J9 P - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]4 \# ]6 s* L+ i5 D7 a% F6 l
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
- d" j! X4 ?' n. R) ^2 C# S - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]' e5 w2 ^2 L6 O: D; }% _. G) T
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
' h2 o3 |! o! ^% q! B- p7 n& g - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
9 x. ^, w# I: }; ~0 X - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008] x" n& Y8 j z5 e% o, z! C6 T
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% T* b' f5 E' _: }8 W; n- v9 f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ Q k A: N. Y, e, L7 k5 U. ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
3 j" y5 B3 Y; i5 h5 Z; c8 P$ J6 ~ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
# z5 a9 F$ b3 C+ t5 I& X- n - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 d3 @+ j% U. y/ x O( l - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]1 L( ?- a( C% ~1 X, C# [% u8 `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 {, v: h4 `2 L0 ?: Q- e$ q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]% t6 P% n' ?* y2 S9 ]& d; F
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
# `$ j. \9 G5 ]! N# ]5 I - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]; l) {; E1 ^$ F# y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ P5 @* V; c3 c3 k0 O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 g* K, _) ]/ e1 _4 \9 @0 z
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
$ k* q; M2 r" T) l1 q - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
- [3 {; w1 F9 V+ e8 k. m! k& V9 F - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
, L& o# k2 N, c - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 F( i3 \5 Q& @( [1 L$ n - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. `% o1 v4 r" v - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]9 ~6 e! y, I. m! \
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% ]6 r0 D) |8 L& S0 N' e - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 n* |5 l- L0 ^( m; l6 y5 z - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
- V! l$ Q: `3 D. O! ~7 S - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]& W* I3 y W# U$ M8 J- d; X
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
% Y2 w0 n: ~, Q( W s7 w - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ d) P, L: P* P8 p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( O" r- r, E% X9 X, ? - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
0 H0 `! r+ Z$ y; J1 ]6 @0 D - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
7 L- [) g! u+ b' G* d) Q. H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
8 i5 p) [, g6 g( M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
3 D' S* |& E- W9 S/ S# ^# ~# P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]# N( w% r8 b5 K; E8 s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
. q& d8 K4 i% N) u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]* J/ M2 c; \ ?7 {7 G
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]) `! d z3 u! ~* Y8 |3 g
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
* G7 f4 _5 h/ o1 u# G. T: R- } - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
- _7 v& f2 R0 t1 q/ X& N( u - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]7 c" q1 r! \. V5 V
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]8 e6 b; h* |8 y" U" ?
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
3 h+ S' T a/ D! b - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]7 a7 H% F( G" e$ ^+ m; W
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0], y0 O: F5 n5 _7 p! E( S0 D' l
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
0 J# h, k! ~5 S' P A- S - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950], u2 V4 r2 `% k
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
/ [- d# ^( k1 @+ c - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]) ~+ V d" w! O8 B% n
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]0 R) L6 w6 @: B9 c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] T9 O4 {; u6 X$ ]$ v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! B" C- J+ N6 e# ^3 w. V$ J
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* z, H9 U$ w7 K# n7 U2 ~5 e
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]6 G4 Q, L6 ?! u* j9 l! ]7 N7 J
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001] m+ n& ?* W4 I% M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]9 c( H* j# G8 H. d5 e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]) W2 `! G( f) J
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( ~0 |% c( c$ O1 I* ]( ^. d
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
* u3 g3 ]+ ~% b$ l - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]7 i' ^" O( ^/ X+ x5 _# |; b% L- t
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) S, J3 ^% R4 X% H- W6 o7 e2 x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ Q, G/ }1 E" H; | p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! K% @# \) [) J5 @ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' I. }' V4 c' R
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]- D5 M; l' |) H5 c
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
" i! A2 D, {( A4 Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 ^0 w' o0 Y I6 U - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! |/ l9 Y4 `! \, s! Y! Z. O8 e
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* w& A& `( L, J y# c* ?
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]* h/ A+ @/ N2 t: Y
- ==================================( f4 A n2 e3 ^ `8 _9 |5 {- }6 V7 ]
- 文件关联
4 A8 C# s- [8 M$ w, g$ B - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]" S1 |2 P8 e6 g' p0 b- W. R( P& s
- .EXE OK. ["%1" %*]' t8 {/ S" d9 O
- .COM OK. ["%1" %*]
2 a2 F( s1 ~# X - .PIF OK. ["%1" %*]
" {0 }5 j, I. z - .REG OK. [regedit.exe "%1"]
! Z& l$ B( }, L5 [7 Z - .BAT OK. ["%1" %*]/ l# \2 z5 I, `" A* k! o( H6 x
- .SCR OK. ["%1" /S]
/ h5 V: ^0 a; B - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
I& p3 C7 \- ?1 w) X6 | - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]8 Q" }3 H' @: F9 ~' B) ~) U8 M
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
. _/ X/ \8 ]+ A5 ` - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
* T; x" S: a/ |+ g( V5 H: X - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]0 V2 F2 X+ Y0 u0 Z
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]7 T( \% V8 _# N
- .LNK OK. [{00021401-0000-0000-C000-000000000046}], T ^# l' i. j
- ==================================
8 R1 z6 K4 w5 \( q3 p - Winsock 提供者* v" i& K. p$ P" Q
- N/A+ H( l) t6 @. d& a* c( L( l7 I7 q
- ==================================
& \; ^. I; u& E7 k* m. ~ - Autorun.inf
) O: S7 O. U1 ?3 O - N/A1 X& ]! D1 R/ D* B3 c6 L- U# O
- ==================================7 }- B8 W- [* o5 a$ J$ ^+ p
- HOSTS 文件
9 v4 N5 v& F/ L - N/A
# m# V( Z$ S% `) D0 X - ==================================% w* m- B' J, t/ {! x: @- q% K7 |! Z
- 进程特权扫描9 w- x4 _+ V9 h$ w5 V, z
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
; x6 H# v/ U% T; w( o# ] - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]% A$ `0 q! `9 m$ Q) _1 V- U
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
# {3 Z9 X' Z/ b# x" S& P# T - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]! l# f% e$ ?5 K/ Z; c; W
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]+ P% f& e9 q: O4 |
- ==================================2 _/ R1 n) C% w# T
- API HOOK
. X R3 V J: K( G1 | c- Q - N/A; O; Z( R; J$ Q! m& \
- ================================== |# I I" k. q3 Q# Z! T( c3 h6 Y
- 隐藏进程' Q0 ?0 [5 A& y5 W2 [. K3 l8 {4 h" d# k
- N/A$ M1 h3 t) ~" s7 B4 ~; K
- ==================================
' z. v# L& S" h+ N J - - f8 R h) ]: M) S2 @! D
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
