|
|
- 9 @& R+ {, d# i: R! ?# ~& @1 P) N
- 2008-05-22,20:37:43
+ Z5 R" v# I5 T, [. R - System Repair Engineer 2.5.16.900) d" |/ ~4 d- O2 [4 s
- Smallfrogs (http://www.KZTechs.com)
' k4 y& k! T' e( k4 H - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能. Q3 w/ g$ f; v$ x- A- R
- 以下内容被选中:
; g: `" V1 \0 ?( x. D - 所有的启动项目(包括注册表、启动文件夹、服务等)- q. Z" e4 x6 w, ?+ L+ @) L! S
- 浏览器加载项7 W9 N9 T1 r& t
- 正在运行的进程(包括进程模块信息)) O7 [- V- E u5 X8 p+ b
- 文件关联! n, W; \7 |/ h2 c6 j g7 n: Y
- Winsock 提供者& `; ^+ w5 |+ D0 C+ a) [
- Autorun.inf- |. f( m. b2 O) M/ \ O
- HOSTS 文件
9 q ], p0 _* z/ ^# | - 进程特权扫描
, c! w0 H! U! j - / E# }- N: V+ e( _8 i9 q
- 启动项目7 l! W9 I+ z& ?! T7 Q. R
- 注册表0 B8 a7 c& B# m1 ^0 {* \. H m# T: H
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
" n, H8 x* ]9 x$ P/ r) T* z - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]; S; J) p& O2 U6 h0 G9 F( f3 ^
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
z' P N4 N) o% B - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
3 j7 P6 I4 O, U- W. m! P - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
& @$ r: G& D, W1 _4 k" k9 E" j - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]# ]5 ~( u. Q8 J' }
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION] Q8 a6 V& {! F/ W8 e- j5 Z: [
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
+ |; v& {6 M& V, l3 V$ ^6 e - <PHIME2002A><; > [N/A]
. z7 k: ~4 } i6 j8 h - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
/ H9 K5 J: E; a - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
# G$ I$ q6 b0 Y" n6 D - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]0 o1 w) l# ^1 R" t/ J4 L. w
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
$ v( i9 y* ]0 ]7 `/ ~7 u* g - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
- a* V h; a6 E) ^7 b - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
% {6 f* \8 q4 c: M$ S - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]- U" @* K. w. Z* Y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
3 w% U/ G9 b( @& a - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
0 ]9 ]* W3 n5 r3 f$ a+ U1 _ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
/ }, c' N; q" s5 W& E( l - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]7 n' i* @3 F0 j' m' E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]5 x9 Q: t/ K4 v: U P0 \ y% `: p
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] i4 r0 B: \2 Y0 n! d4 [
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]) ]" a' d4 o: R' S( |2 t" i4 a' {8 p
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
' y& _. [' A( Q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
% o; w9 S' O! n G$ n2 K - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]& s; _9 [; S% T! R; A8 H
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]4 `4 @5 k" [' y4 m4 m$ s6 j. x
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
, ^) u' v( f% z/ D8 ] - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]3 W3 [3 w& b; I ^ g3 l
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]! \8 I. r2 h; o( F
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
; n$ n6 Z0 ~4 V6 ]& f) O! P" U - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
# r2 g# K# H% R# ]) ?# G& } - ==================================; T6 b2 V1 C2 v r1 t
- 启动文件夹8 G3 j7 a5 P0 K
- N/A' Q$ O# X; y+ ^# e" J
- ==================================
. z, h$ G/ Y8 O2 T& w - 服务
# A! m8 g/ }3 E* y - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
; h$ v9 y( i4 Q _7 d. k7 W - <C:\WINDOWS\System32\3wareSrv.exe><N/A>9 f$ v7 L* N% W
- [Google Updater Service / gusvc][Stopped/Manual Start]
' s5 Y1 m$ T& n - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
5 h4 o; X9 g. L! ^, @" K - [Help and Support / helpsvc][Stopped/Disabled]
' {2 f% L6 |2 |2 |% e. ?' N) m - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
" B, d( G7 _' A3 K- h. D( R* B - [Human Interface Device Access / HidServ][Stopped/Boot Start]8 T; j5 a0 x$ y7 g2 I) `- A
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>0 `( A q& H+ h' S
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
+ w% |( U! x" w- l# K/ L6 C m - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>; Q: g; R+ P+ |2 E; Y; p& H$ c' r3 K/ g
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]/ G& g$ W6 {$ W: F6 T
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>; U( w d* ?+ T* l
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]0 ~" O q" d; Z$ w2 x
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
' B: @! j. u8 g6 q' y0 m - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
. C3 f+ ?: s0 ]7 S1 Z - <><N/A>+ c. {5 f: ^/ l- B5 z$ j6 o
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]2 v$ i: R2 J, q. e$ B" _. {; I. u
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
% i# N+ o0 m0 x8 J" e - ==================================
- ~) ~# k q7 ~, W3 ^ - 驱动程序2 I Q9 p1 @* s' R8 h+ b
- [22j / 22jn][Stopped/Boot Start]
& T/ x/ M& g) |0 R- l% c( ^ - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
# ~; x3 ~3 F' B' T( r7 \" A# ^) U, ?, B - [360AntiArp / 360AntiArp][Running/System Start]6 z% a8 c1 B8 u4 A6 \
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
, ], C3 W# n0 r w+ s- s - [43ec / 43ecu][Stopped/Boot Start]: ]+ z. U% Z) ~0 b( \5 l5 W+ Z6 N
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>- O6 _( j8 {: q: R
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
, E8 S1 t1 ^1 }: a: R; K. G - <system32\drivers\ac97intc.sys><Intel Corporation>+ }8 ]0 I5 Y1 f! T- Q
- [Promise driver accelerator / bb-run][Running/Boot Start]
! _$ U+ k2 a* f - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
. Y+ k, V' b1 F6 t. ` - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]; H$ C i% R4 n0 O2 P3 l( o
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
6 T" g4 \; w9 `! P& g# R) j- n. l - [KAVBase / KAVBase][Running/Auto Start]
* s4 r% H, W% F" p' L - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
. e+ C/ W! j- X - [KAVBootC / KAVBootC][Running/Boot Start]; W7 [5 y2 M, q4 q$ e6 i# Q, D
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
6 E$ l8 i3 o% p; @' r! V - [KAVSafe / KAVSafe][Running/Auto Start]
, O( d$ Y' K) `* R2 K. g- P - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
8 E3 z6 M* G/ d, T& w, T: ? - [KNetWch / KNetWch][Running/System Start]: w2 ^4 y: c. V* S
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>: u+ c# l# P" i1 c$ r; m. O+ N6 y
- [KWatch3 / KWatch3][Running/Auto Start]
W& R' C8 X! N; F* I+ r' m5 k1 s - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
K$ y% r4 p5 r3 @0 n - [ntptdb / ntptdb][Stopped/Auto Start]
" x& C0 T, d1 H. Z" ~6 M - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>! R- e) g( f6 v. _( J
- [nv / nv][Running/Manual Start]- ^# T5 N9 [0 |# W
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
2 i5 r0 n2 f9 O - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
! M% b: X' _: L4 r/ Z7 p - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>; n9 V+ b/ \2 `. J
- [DDK PACKET Protocol / Packet][Running/Manual Start]
' `4 N3 I% U" X9 ? - <system32\DRIVERS\ProtoDrv.sys><360安全中心>$ s$ B, O; @; `! ?
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
9 V' a+ @# L: O8 |% z - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
, ~2 Z4 H' |' ~! v: [# g4 F) c - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]1 F: f4 ^" Z, K! u' x
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>4 |) U( C# z8 x- v' m1 A
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
# G5 l: u5 G- y1 F& N! ~ - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
0 e# h6 H" m( b, _; h- Y - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
2 M. p. Y: r) a7 M T$ r1 z - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
6 M* s8 D1 u0 x6 G# o4 B- \ - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]5 m! `5 E/ v; L( J+ [. ?7 x
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
4 D3 D' t$ ]& B! Y' j* G - [Secdrv / Secdrv][Stopped/Manual Start]; e' A n3 M2 a4 ]( n# Q Q. A
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>* K! x. _6 [6 E9 o- s( E" v) q8 c) G% e
- [SATALink External Device Filter / SiRemFil][Running/Boot Start] ^" H: }- k2 @( X- z5 u8 N" M
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>/ `/ }3 g3 X4 d" c) Z9 |+ ^
- [System Restore Filter Driver / sr][Stopped/Disabled]1 F- T3 O% w/ w0 o& ~
- <system32\DRIVERS\sr.sys><N/A>2 V# `2 F0 m: S" d+ A
- [TesSafe / TesSafe][Stopped/Manual Start] S) J1 G8 I) @6 d1 F" V$ p, \& x
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>: I6 M, t9 e) O
- [System Services / unzxzsrs][Stopped/Boot Start]" k) b; Q8 n9 t! K- z6 Q1 N, D) J
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>/ m# Y: R8 l& A1 w
- [ViBus / ViBus][Stopped/Boot Start]
x; P7 v% Z/ r9 v. K - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
& b1 j B }0 X- p$ ^ - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]4 i0 \$ I8 M/ I* I
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>8 R9 l5 k% A( t
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]9 K, S5 }: v* O; W! r+ F
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
/ A, Z. ]- Z* w+ e - [ATI Extend / zhibmaso][Stopped/Boot Start]- P8 N* T" _# X) e" J
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
4 R8 U* e! _8 l3 r - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
9 W3 c4 a z# Y2 l! U - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>7 C8 i) z8 ?" x- d- k3 a+ M
- ==================================3 n/ k- n+ C+ S) A$ O
- 浏览器加载项0 D6 U2 t" f. c
- [Google Toolbar Helper]9 {4 v4 L, c) Q
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 _0 T; e* L' @3 ^
- [Google Toolbar Notifier BHO]: _6 \! j. J S1 U% A
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
, `: [( h5 G6 k! _' C$ w+ j - [SafeMon Class] `7 Y9 _9 U& P- S, r8 W5 }
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
5 P* n" e, B7 O; U+ K3 z% H' [* H - [kingsoft browser shield]8 h8 M8 `, p( Y$ {# |4 e- n: {: R7 t
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>9 ?" W, P+ f) n A' y( E- g
- [IEBuddyExtControl Class]
# X/ D8 ?" ~7 m& _" `: f6 ~ - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>! K$ o7 d F6 _3 Q$ B3 s
- [Zcom 杂志]9 y6 P' s2 l: v- O* N. K8 F' ~
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
2 Z& d- y7 N, \9 \- h - [&Google]
+ w' H- ^% i/ O j1 K - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>3 o/ k4 ^1 l. t. M; u$ G: p
- [KooPlayer Control]
3 q3 M p( h- @ - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>2 l7 f0 D! `% o- r
- [Shockwave Flash Object]
! [3 j3 C+ K# J- u% p - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.># N/ j L7 y$ ~, o
- [KUpdateObj2 Class], b1 l# M+ N# O; P! }
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>/ A) o) t$ `/ L5 q# T4 b% d
- [Google Script Object]+ i7 e# |; g9 N
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
' T% Y6 [9 l. `+ E, q! _, ] - [EWA Control]7 Z7 S8 k9 k. o# k' ~. O
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>2 b' Q# {. H8 i Z$ X4 P" A! m3 @ b
- [Windows Media Player]
T3 M1 g0 i7 b- d1 a" i; N - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
6 N w8 ]/ x3 E- W - [&Google]
0 ?' Z. {; v9 f: {& o0 `( L# ^, R) i - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
% i9 N. l0 }+ n7 s& K2 @" [ - [HTML Document]
8 x% x, n$ Z8 G - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
, x, S( J9 b( G! L+ w7 } - [DHTML Edit Control Safe for Scripting for IE5]2 m% c4 p9 z m0 g- L) G
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation># a5 o! F% \" L0 s7 _3 \- A9 o# V
- [RealPlayer RAM Download Handler]
6 a+ C# J9 G, N4 a+ s6 a - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>" ^! o: I" {8 S7 L6 M d. `8 _
- [IEBuddyExtControl Class]
4 `& l) U3 d/ B8 c" O - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
7 A8 Y2 `$ {- q8 o8 P' |0 ? - [XML Document]
" j4 Z6 A# I# y8 V; \3 c: E z - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>7 D6 M( D5 d4 A& k" K8 R( C
- [HHCtrl Object]
+ b8 j% M7 L: d+ m' F - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
2 E1 w) L' T; s& l - [Windows Media Player]
( `8 w, ]/ c8 i# x! m3 F - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
7 a: F0 E; m# E. [! K - [Active Desktop Mover]) K9 r8 |4 }8 a7 M
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>% t& c' F! f2 K
- [360SafeLive]5 W! v+ `4 o Z
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>' Z3 f, [) H9 H9 y- h5 V0 ?8 ^
- [Microsoft Web 浏览器]
+ f+ v% }2 b+ j; _6 d/ C - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>3 h3 n. K; Y; h0 p m8 _
- [Browser Enhanced Objects]
: {( g' W* J" z9 R9 f' Z& c& U - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>" v) M+ d8 v( q2 ?- B+ x- [
- [Google Toolbar Helper]# c1 |- T+ o4 X
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
* r: { g0 p$ t9 }3 p3 r - [Microsoft Scriptlet Component]
; g1 X% m! R8 L4 b8 G; V( u& q( l - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>4 h) [/ E/ b. p' g0 \
- [Google Toolbar Notifier BHO]
T8 [' q) C' ]" K, u" v - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
! M; f; Q, J+ ^( T - [SearchAssistantOC]/ W; v5 K! N4 m. ~
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>1 E+ \9 q1 ~* E4 @) ^0 _
- [SafeMon Class]1 y# F4 Q u" A* s% [
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>( {7 Y- u8 I g3 M/ R* Z( v
- [RDS.DataSpace]8 ?" Y! ]( R8 J: t. Z
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
& p- }) b# _( u& Y- R - [KooPlayer Control]
/ X& |0 X: Q0 H- A - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
2 W& v5 |$ z. T. e - [AUDIO__MID Moniker Class]
" U) V) C% C0 ^$ D: [# H5 l - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>+ R; C1 @: P" p& S+ i* Z
- [AUDIO__MP3 Moniker Class]" [5 f% u& `, I# o$ E
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>" b0 _% T1 m L& b
- [AUDIO__X_MS_WMA Moniker Class]
' Y. x; J. _4 z8 v6 J" I/ D! w - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
$ u) _0 i7 X$ a* ]1 D - [VIDEO__X_MS_WMV Moniker Class]
) z, Q* Z# G/ r, L - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>( v: H# l; Y8 s* C; T4 v4 p# Z2 i
- [RealPlayer G2 Control]- H+ Y3 x3 y Q( [2 m9 G
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>& t+ ~: ^3 P6 E, `6 X8 T2 K
- [Shockwave Flash Object]
9 `9 x, Q7 c& f' u2 g/ ~ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>8 i* n1 U# v6 a) E
- [KUpdateObj2 Class]5 A' H: C4 f7 a+ J" }
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
! M; S" r! W6 L - [kingsoft browser shield]
) ]4 o9 [% _# m( t - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>5 \8 q& W5 N2 ^( \$ i) V) P
- [PasswordEditCtrl Class]* }) K8 q3 a: J. ]4 e
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
6 v' v6 [4 I1 @) f! j - [QvodCtrl Class]
/ o7 P7 ^! m* r2 g( Z5 | - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
1 d \- {. d- O# A; e* J5 c - [&使用超级旋风下载]
% H" q, A: l" j* ]# h5 {: N" d - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>: `1 p7 N) I6 `* K
- [&使用超级旋风下载全部链接]
_6 v* m/ ^2 n' C d, ^. { - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
, @4 z, k) A) e+ V" M* O - [使用迅雷下载]7 Q" N9 B. q/ A9 P! i0 g
- <, N/A>7 @$ P+ _# j% ^2 i' C; N# Z! b
- [使用迅雷下载全部链接]
* c* J3 W3 n- [' U O - <, N/A>0 i% g: a! v$ }! |" G, O
- [导出到 Microsoft Office Excel(&X)]9 i9 F/ U. d" h! A) j6 S+ q
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>& D* u; D( U! y
- [添加到QQ表情]
+ Q) k# {7 |$ b- H& o - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>& c C. ?2 N- J4 k
- ==================================
k6 _1 D$ m1 k1 D - 正在运行的进程
* a% E7 C4 l+ ^; @7 W - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 k2 D6 D2 ^, v! S: U w- \; a - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 p+ q3 g2 z. r" Y2 ?4 W( G
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 R" h2 p) r; F* u5 d
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]! D; h9 t; {1 ]. i% A& F4 b1 n
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) ]/ j* i0 k% F4 X" f O) F/ A4 N
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 q2 w" ~& d1 o4 N) S
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" s) Y4 z! y1 X3 B P - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 l7 }# o+ v* Q6 g+ e5 c, C- v9 A: e2 t
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ P) f$ z) M" M' H - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. r) j& ~; c) O Q3 L4 j
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 Z3 @0 J- \/ v( s1 i
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]; E+ }% w9 ]! n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( |8 ]7 H. {- O9 l7 S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* x- w! G5 x- E, z
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]0 x+ L" R+ `# m( ]
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
; T0 ` @! l8 v+ y( A! p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
; }; U) _3 n0 b5 s ^& X - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]. T9 [) G; C$ w1 S0 w7 J
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
2 I( n9 p; g1 Z. h% j - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]1 h, k* F; g. N6 J* d4 x: K2 z0 X
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]5 q1 t% g, ^( x `1 B
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' u4 i- L3 k: u+ B - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]; w: i' x( ]& x0 b2 v3 ~1 T
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
6 W, S. S& J8 B, L' l8 K4 \ - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2], m, _0 [4 e) b/ n- {- q
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
, `8 l0 c, f4 Y& v j - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]! H$ R- {& {$ T& t7 x/ ~
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 @8 x3 _1 o0 e; F" E% |4 b' F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, ~& H: ^$ q" L: C+ Z) k7 c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]8 F9 J* m' _- ^$ S
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]! R3 J* w7 E+ v% F" M+ v$ U
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 N2 F3 I# _6 ]7 o# V9 ]" L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" b' ^, y) U9 r5 |( }" y8 S% M$ i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]' A, T/ S- h6 U" }$ q" y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) N' ]5 H5 O( P
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
6 x, v* c' m( z6 Z1 @# t: I - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]' M9 r! N* h) k) \; F' t7 d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* |/ O; j4 P" Y% ^% [" B. ?' L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* \/ q$ s M0 L0 n5 p) l' C7 B
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
4 o2 F2 r# u1 `( I' Q: R" f" N - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]) P E# Y( W" v6 y/ j; ]2 g$ s3 q: l
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]1 a$ w( n7 v0 A m5 {: o
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ G7 U, C4 g- V: A9 X9 X' p - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) d! p7 j& a5 x I5 b! ^ - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
h5 s( C+ L, R l+ B1 I - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 Q# X7 {4 }; Q6 p/ x - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ U$ Y6 q" H/ m+ P, L+ X - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
. t+ q4 N% F: m - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
+ y! i; [# o' A7 L! h - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( ?/ q, D4 b0 R3 _! l( l) q8 \; i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 x: i( {1 ]. N' {! _; Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' e+ {9 `/ d8 H$ E4 n" s+ s - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
, \% }5 C* X. ~6 R4 [ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
1 N. @# j, p( V, \ b+ X: P) {% c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2] f# Q' C, y: j7 o+ P% v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]8 l. f l& [0 f0 M4 e2 |* L: d' P p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
6 t: x) A+ l& P( H5 J- ?, u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]; j4 Q6 V% _+ h! S" Z+ Z8 R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
% t; b9 e3 Y' r7 w; e - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
8 c' C! ~ W; E8 _- V - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
( X8 c4 @2 J2 [" n' x6 ]0 i - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]3 G7 o& _* B4 H1 I8 c/ @8 M
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
: W7 |: ~% r% X- r0 J - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
! k1 ] p- C) X - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
0 A. I; h, E4 ` - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
9 C& n! n% V/ ^) C) |, ` - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0], f* R5 L8 ?4 @3 N
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
) p5 Z6 o# T6 V* @1 I - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
$ \- K2 U/ ^+ A: x6 K! k2 y' ] - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
7 z0 H- h9 u$ j) _& M3 o6 C, N, t - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
& t5 j3 k6 H- b( t) k& _ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
8 j8 H) n) x8 `1 H8 i) O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
6 o4 P r0 ]! |' k* V5 p2 K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 B' p0 Q$ M8 [ H7 m) d
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 J* t4 h/ Y7 G- ^( t# q" ~6 J - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
- m0 C: l0 i; e& b - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. F8 b4 J f. _/ V% T1 }: `9 J4 y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
1 t! l) V5 P# T9 L- h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 d2 ~4 ?' \, ]0 ?
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 K& D5 K4 g( S$ h! f) ~7 \3 r - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
' F e7 G9 Z0 x5 A% S" S: U - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201], O* r; @: b- v" W6 B
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001], z, i# |$ N" `' u8 H2 T6 d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]! y# q2 o# O" l- H. ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
3 C4 Z8 M# p+ E H9 \8 Z8 i( l8 ~ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 K1 _' O+ r( g6 F( J - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900], C4 }9 G4 d% O& ^2 V. D/ Y2 a
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 o- O$ n" A2 x5 q0 ]2 o, @: H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
1 _% [, L6 c) C& f. a7 h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]2 Q5 n' D9 P( x6 _
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' }! r5 i* o6 U' H - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
0 z/ j# n% J+ A0 |* \ - ==================================3 q0 }6 u/ X# s$ m5 M
- 文件关联
% n, m5 @8 O8 i, x& D8 S - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
# L) e& G5 n2 p - .EXE OK. ["%1" %*]
2 W: m# N' ^7 g- N' U - .COM OK. ["%1" %*]
2 O) B- }% ^3 G A( K8 E. { - .PIF OK. ["%1" %*]; t- S6 h$ @+ K; \4 {- A
- .REG OK. [regedit.exe "%1"]
+ Q8 G% I' o) C s1 z9 h/ l - .BAT OK. ["%1" %*]6 D% j E( F6 d
- .SCR OK. ["%1" /S]
# K2 U6 T' `: H% h - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
! [1 j5 I, o& G" G. \1 D - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
z& k6 O _/ {4 N - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]- n$ c G& h0 S0 H2 V2 A( e
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]" n% K1 j U& t4 f6 o& ]
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]! ]; w6 u# F0 Z0 ^5 V+ g
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]1 F* M; r4 _1 n4 j+ }- U' |9 i2 d
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]3 E) Z, O5 e7 V
- ==================================# O* D1 `2 x# V) W
- Winsock 提供者0 i2 a6 N( @' p; X+ W" ~
- N/A
, I ~/ T7 W' v0 A - ==================================; H0 U! }/ u2 S* E j
- Autorun.inf: @( y! ]3 { f7 j: k; r' R
- N/A* ^' `/ V7 s- x! f, d5 Y8 T2 [
- ==================================
6 O# C8 [9 Q- n. k& b9 c" A- M7 x - HOSTS 文件! l9 M2 M5 ~* s o# h
- N/A. q( ]* b( z! {' z$ o8 Q
- ==================================- q5 a: A) z7 A+ t0 S e6 W
- 进程特权扫描
8 }- D+ \( _8 A' v2 N# r - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]/ J* @5 v( s, C4 Y
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
& | e4 `% Z7 B( D% o - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]+ \6 v6 c0 t1 R( F
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
+ F% m0 G1 q2 E9 N8 S0 B( m - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
4 M+ D9 ?0 ]2 W' F - ==================================
6 z+ ^8 k8 n3 L! Y, C4 l - API HOOK2 y1 k* G$ n0 E2 D4 b) `1 t
- N/A
/ U" N0 G4 g4 O- h - ==================================
0 t5 w, E: i8 v; G1 V - 隐藏进程# F' C, A- o9 K G- f
- N/A5 i- X+ G3 T1 T! n/ E
- ==================================. C! [3 g1 C1 {/ Y* x4 J0 _5 v
2 b: k1 d% {! b9 U2 ^3 ?% S
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
