|
|
* C" {& y. W. b5 e; {7 N' e! w- 2008-05-22,20:37:43! l3 z: F8 D6 a# Z$ O6 M0 D) q8 m
- System Repair Engineer 2.5.16.900
# v. I7 `3 x6 I; l2 t - Smallfrogs (http://www.KZTechs.com)
+ L' i: ]; O, O1 c6 h& Q! q4 D7 H - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能' F/ d) j, m% ` U+ ^ L$ H Q
- 以下内容被选中:
5 J* z& Q" Q5 i' ~ D4 J3 } - 所有的启动项目(包括注册表、启动文件夹、服务等)5 t( l2 C% o8 l
- 浏览器加载项0 ^6 _/ [6 x9 c5 i1 R3 I9 ]
- 正在运行的进程(包括进程模块信息)- U! D4 O) H& G# B& G1 s1 |
- 文件关联 {# L+ {+ F8 s' X" ^" E
- Winsock 提供者
% M; s- y' \2 y9 h" e N - Autorun.inf6 A+ k/ E" L+ F, v l% `( h# f
- HOSTS 文件, k; U. s, X' ]$ G- H7 ]
- 进程特权扫描6 J* } @: T! c$ l
4 X2 l _# h9 d/ F& U5 S0 y- 启动项目: r; L F* i) F' k: r
- 注册表
$ ~* t0 d& A) A4 r2 A9 e - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
0 l1 D. r4 M% d/ ]3 r. `4 ? - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
9 G2 i9 w4 {/ W6 W1 | - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
1 ?) [: z k2 E0 \4 V: G: l* t! B" ] - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
5 y% t: c! B( a9 ? - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
s" U1 I' |( P9 {. X - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
7 a% h& t. z# ?% y. y" O - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]* M; |$ o J9 [8 U/ w3 n- i9 L
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]+ C8 s, h9 w1 Q( K! _8 D6 Z
- <PHIME2002A><; > [N/A]- C2 I/ ]* B. s9 M4 z2 S3 s, a
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
/ _$ L% ^/ T3 v3 m3 y% r3 l - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
+ }) t s' q" |8 y& g$ Z- d - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
- G" L6 m0 n9 U& A1 J7 t - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
& I3 c3 Z1 n7 P+ s - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]. G3 j* a( L, `( ~8 S4 ?/ Q, N
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]: q; x% i5 q4 Q4 x( Q
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]5 H6 t; B$ {6 r+ U
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]- c' y, J& `7 D3 f; d5 m9 c" N
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]- e% w- q. D# Y8 `- r' e
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
* V* L5 t7 L5 f2 }& g - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]0 r, _" F J9 C0 C+ c4 E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]; r) H9 k6 e6 _5 n4 R! W0 y
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]+ h" y. o6 L5 m( z4 I+ E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]) l9 G5 t$ G0 v B; P
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]" ?7 j7 ^0 L3 _, Y( S4 @
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
0 Z$ t- ~" U- [& P - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
4 n3 ]5 f1 v% Z7 q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]$ u% S; A; S3 w+ L
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]' Z* }- R; M8 \' b p5 Y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]) w6 y, n- d2 N. f1 Z
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]* J1 N" F1 G' _4 q& a3 m; D1 g' w
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
/ u5 E4 S+ y; X# t c5 l% S - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
/ |4 d4 [- b# L* @ - ==================================
9 J" J0 l% e( V/ T/ u - 启动文件夹
2 i' w( P8 s! L2 S3 l - N/A J! U! T8 v: L* |4 V) {
- ==================================
4 V! g+ ~. w- n ^. \+ f3 s' i - 服务 |: r2 z% c# o% g5 f
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
4 S' ^$ G: s4 D' B- v, Z4 p: J6 V - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
, j! _% _) K# ^+ }1 h- D' Y - [Google Updater Service / gusvc][Stopped/Manual Start]5 E, l8 L6 T1 z+ B2 i
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google> Y7 N7 r' \) G& E% k: Z
- [Help and Support / helpsvc][Stopped/Disabled]
3 a, F1 S# p M! p - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
4 `* b/ E4 P: t6 _: t1 v2 _ - [Human Interface Device Access / HidServ][Stopped/Boot Start]
, U1 O: c- p5 |+ Y - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>/ O4 d$ A! H* _3 u0 ^4 n
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
) k; }3 z, j1 @5 V/ B, a - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
3 m' J2 S$ p" Z1 k) j5 E; V- [ - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
8 d6 M0 T* p. [, b$ i0 g% [ } - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>' G# E% \1 R/ l4 Z( k& s! q
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
$ p6 Q; n# J. E" N5 { - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
8 B7 o% l8 M- x2 { z - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start], _. H0 E1 ~& D1 C9 u4 E( X7 \% W- o
- <><N/A>
, C; |+ |5 I. w8 E( l - [Qvod Terminal / Qvod Terminal][Running/Auto Start]) h- i) x6 x+ a& m5 A" }
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>, f4 s! w' E: f! l* `
- ==================================- W+ K# [" I- F3 C
- 驱动程序5 S k5 J; |8 F0 P2 o, z$ j
- [22j / 22jn][Stopped/Boot Start]1 c" R! ]1 O0 ^) X
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>. A/ \ s3 h+ B3 M/ G/ k; J: C
- [360AntiArp / 360AntiArp][Running/System Start]
5 y9 w" m, ^- ]7 g" c/ I2 C - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
: g; l# l' P' _ - [43ec / 43ecu][Stopped/Boot Start]
, b4 F' u7 R; c/ ^( W - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
m3 {, y n h+ M$ ^, k - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
, G b1 J! s( s) ~: s8 l2 v- x* z# ^8 Y - <system32\drivers\ac97intc.sys><Intel Corporation>0 }4 m, w# ^; R' e6 N/ A
- [Promise driver accelerator / bb-run][Running/Boot Start]
: a0 o" L4 h) w; T& Y X - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
4 w0 ~- Q+ t8 j. i7 S' ^) y - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
: s! d- \0 A) f& P3 k - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>1 ]" k1 y, e8 x% s% o% M3 r" A
- [KAVBase / KAVBase][Running/Auto Start]
, C6 w; D7 J, ~$ @1 _ - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
+ x4 w2 n# h, T - [KAVBootC / KAVBootC][Running/Boot Start]7 p+ a% q' ?. x
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
l9 t: L: U7 a+ f* v6 N - [KAVSafe / KAVSafe][Running/Auto Start]
4 y& F: q, H4 B3 F/ U( n0 M# v2 Y" f - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>" h# a& x( ], ~
- [KNetWch / KNetWch][Running/System Start]: t1 w' U: [9 ^& F) Y
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
A8 y3 l3 O0 k I" R. X* M - [KWatch3 / KWatch3][Running/Auto Start]5 W/ C2 \7 u) `
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
5 P- x+ R Z9 ?$ r+ \ - [ntptdb / ntptdb][Stopped/Auto Start]! N' J5 p+ {0 T, F4 y8 N3 c# h
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>1 ~1 H4 Q" o6 \
- [nv / nv][Running/Manual Start]9 r0 O9 }" u( T) I$ B
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
9 y) \% [/ J! e& s. U9 s6 } - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
/ F6 W. [+ H. p% W - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
, l+ D$ V% e) ~* Y/ t. @ - [DDK PACKET Protocol / Packet][Running/Manual Start]$ i9 z' e7 [' C! h/ i
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
! j3 |8 F. N7 W% s+ O! ^+ v3 { - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]* i; J& m2 _" Z) ?& ~
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>) }+ w6 R7 k# s% p! B
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
, J. A( {2 p% h) d* j& d - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
$ N* D$ x5 G2 o2 t7 V - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
2 h' x, }" L: M - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
9 Q" i* W T- b/ i - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]. j0 ~. h M3 @& \( X, Z
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
2 J8 F& F! n# A$ k' V$ w+ y; o0 E - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
6 c8 K) w! ^2 Z% b! D+ F: W/ y - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>& H, t/ m. n2 x
- [Secdrv / Secdrv][Stopped/Manual Start]+ A& M1 x3 c' k6 u/ p
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
7 M- u4 J/ f5 ^4 k( Z - [SATALink External Device Filter / SiRemFil][Running/Boot Start]% E' M- B4 L2 H$ c
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
2 |5 `) O1 A9 ~; w/ }: S2 v f j# M - [System Restore Filter Driver / sr][Stopped/Disabled], D* i9 F- N; I! r& y
- <system32\DRIVERS\sr.sys><N/A>2 W2 C t0 _! s4 o
- [TesSafe / TesSafe][Stopped/Manual Start]
+ N- [ V Z! ?' L5 L0 g - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>8 ^, A D/ A; b. k/ ^7 d
- [System Services / unzxzsrs][Stopped/Boot Start]; I5 Y6 f2 s+ I
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
# b# V' k: Q1 l( i: K7 }# _- M - [ViBus / ViBus][Stopped/Boot Start]2 G+ ?$ h7 u4 X) H$ N
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>1 T8 ~5 [$ A- K) u. a# m
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
% O+ V. l# G' Y' \ - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>& L8 L& o1 R5 U) l
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
9 f- @% W& y/ U' x) D* L - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
9 N# L, T [9 E" M) A% }# W - [ATI Extend / zhibmaso][Stopped/Boot Start]
- o4 a& ?+ M; \& K* A - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
" R: N3 o7 r( @ - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]6 P8 j( d) |; X+ e: {& y5 U
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
; M/ z6 `; b* _' g$ @% x - ==================================8 D. H' ^$ V# x, a
- 浏览器加载项$ m$ K. o7 \ L, S6 }
- [Google Toolbar Helper]
& b: h- z1 u4 F: ^ - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
$ B6 N9 a9 K$ G, [# _) y - [Google Toolbar Notifier BHO]9 a2 j3 k7 L1 L3 ~2 E
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
7 ^- B/ F, X3 d3 ^1 [6 Z& t, O - [SafeMon Class]& E0 I! d- E4 w L8 ^
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>, W8 T" y( I z- G' W3 o
- [kingsoft browser shield]- t5 ~ W8 {$ f' A- b
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
# m1 t8 F/ F* C' W- D" |) R1 { - [IEBuddyExtControl Class]! `4 J0 ~( l+ |
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>+ G+ F$ q8 M$ A* B/ ^) S
- [Zcom 杂志]
3 k. c4 P; b( ^& } - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>$ R" f& [. y; J4 {: [2 t8 N
- [&Google]
( n7 V) S% f7 K0 V' [& e$ {+ F - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>+ p0 S& e# f4 r/ X1 Y1 q
- [KooPlayer Control]
: A) f+ J, \, s3 {- v - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
2 t( d4 ?) d4 ~$ X9 E# s' o% ` - [Shockwave Flash Object]
; ]- ^; F+ U& ~: k5 B+ \ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>3 }' o( J! ]3 W- q" q
- [KUpdateObj2 Class]
! q1 q1 O+ ^+ X4 p3 K8 f \ - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
3 u' u! j Z5 q0 t% u+ L' T - [Google Script Object]
) l W8 V3 z9 t' R - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
9 l @% H8 D7 e1 k: e - [EWA Control]. ^ z' J9 y( s/ B8 }
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>) ^* A: N& X; b( t3 Q9 d7 w
- [Windows Media Player]
, `3 m+ G Z7 a6 W) F/ { - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>9 d$ R6 o: I6 i5 @, Z
- [&Google]( E( E9 L$ b: A. I! [9 Q( h' U
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>$ R4 U7 ?/ ^' C m! o- x
- [HTML Document]- x; ?" V5 q' P
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>3 ?3 A) a" H) W$ V8 E7 s& j
- [DHTML Edit Control Safe for Scripting for IE5]
9 y$ B' m2 f" ^7 ?! n5 B+ ?+ Q - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
& G1 [5 M/ e3 w- A - [RealPlayer RAM Download Handler]7 ]( @5 W) ~& s3 r% p3 N
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>% d9 }% U6 O5 ^: O7 ]* u
- [IEBuddyExtControl Class]
) e+ x% l' u0 O" J9 d/ X9 L - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>8 _" B; B; T9 t9 ~$ b
- [XML Document]2 R+ h1 d, v4 M8 M: {
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
3 H6 X8 E' d6 c2 |+ [ - [HHCtrl Object]! Q2 W, ^3 I% B1 Q& o
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
( } ~$ ]1 u* F' ^9 V - [Windows Media Player]1 Z6 C* @# J: k1 \/ f: z0 e4 l4 f
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>3 V* r% P# @3 R: }; v
- [Active Desktop Mover]
! J2 C/ O, ~. d; J3 ]- R - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>4 ^/ s- c/ a" x: ?+ Y$ k
- [360SafeLive]
0 t2 O' z* @9 G$ } - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
5 r' ]( c4 ?7 R5 d0 U( \ g - [Microsoft Web 浏览器]1 T% X# v ?; p; n$ ]/ z
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
3 T7 \4 B7 z6 y- x F0 s% B7 b - [Browser Enhanced Objects]! j4 z. F0 A& w: o
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>( A. @7 y9 r9 T, S/ M3 ]- o1 e4 v
- [Google Toolbar Helper]( p8 S3 |, ^! [6 A6 O* w+ M( U. i
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
7 N. A# o; ?# Z" b! t - [Microsoft Scriptlet Component]+ o6 V& U, f2 }. t: p) ~! e1 r
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>! D9 e2 {0 U; P
- [Google Toolbar Notifier BHO]
: z: Q" o9 v0 F+ T% g4 D0 c7 D - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.># x6 z3 f/ f' e& X: i
- [SearchAssistantOC]
+ ~: \% c4 D! G - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
0 ]1 n" ^* F6 q0 h2 z - [SafeMon Class]" N; Y% v) C8 }5 k9 l, }. p
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>! o ?6 F6 W) I) T, }7 S! x- _
- [RDS.DataSpace]$ A/ m# Q+ K) i6 w5 ^6 t1 o
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
3 }8 F9 {" z3 V6 r' \ - [KooPlayer Control]
" V: ^* b% G X$ y- B6 I - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>7 B$ {5 @1 _" G/ b. c; ]% e& F
- [AUDIO__MID Moniker Class]
; C$ s( \3 N: C' f - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
6 u& h. e( X! ?. s% Q2 k ?, e - [AUDIO__MP3 Moniker Class]
. N: s; `0 L$ z( M5 M% M - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>$ Q! K: L; S/ j# c4 r. E
- [AUDIO__X_MS_WMA Moniker Class]
0 H2 W' S' a0 J( ]7 N1 f9 W - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
6 k4 v c) _5 n p - [VIDEO__X_MS_WMV Moniker Class]
3 s" X+ R) C* v) V - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>9 \0 F, d, z* a
- [RealPlayer G2 Control]3 `+ t: S+ c$ Y/ m8 F4 [! F s' }
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>1 ^. x% S+ T) {( ~. P0 x8 ^& s
- [Shockwave Flash Object]
- `* L# a5 @( \) ? - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
' ?4 H5 L* x: \5 g4 L - [KUpdateObj2 Class]
: b% F6 C1 Q6 J# G% B - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
3 d \ ?: i: b4 |& f& } - [kingsoft browser shield]) p9 s: z+ R G; a \
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
7 W$ S8 J5 O" O) O0 A( J1 j - [PasswordEditCtrl Class]) E# @" y* f) |- o2 c( E! P O- k7 `2 c
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>0 @& _* D k0 P1 g, g. I. S' [- N
- [QvodCtrl Class]( X O: w% o' h0 N' y
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>5 \+ H/ A, C( g
- [&使用超级旋风下载]
; S9 e: i9 W+ d/ c# W - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A> G6 z( t8 b: N' E0 C$ c
- [&使用超级旋风下载全部链接], _5 c8 A1 I2 x% B: @/ L
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>4 m7 F2 M& `, V; ~1 h* n% r
- [使用迅雷下载]
% k2 i) B' M8 ~/ n: k5 n j9 S - <, N/A>+ c5 L% b1 h" @( Q
- [使用迅雷下载全部链接]2 `: f$ P# w, x3 N$ n0 j2 z
- <, N/A>
( }& c8 N) ~ {/ a* v$ O5 u - [导出到 Microsoft Office Excel(&X)]
6 K4 {( t; ?3 N% {/ Z) ]5 f2 | - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
; z0 @0 v2 R; P4 w3 `% t - [添加到QQ表情]% ~/ f, m7 F3 m" r$ [, p( `8 z
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>, r$ t+ u: e$ v( ~; f7 d
- ==================================
2 K8 ^6 m$ f+ G" N# ^9 R& t - 正在运行的进程
1 D3 U0 p+ v6 B$ ? - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% Z5 y% o% c* f! i
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. v9 q$ f, ?5 T/ x4 Y* ^ m% |6 x# Y1 U - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 o) U3 h" G. d' k, A6 Y
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]* M( L; S ^2 a) M+ J6 k; d9 L
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 r8 z3 @' ~" w, k6 v: f& G" q; @6 I - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; m7 H/ |+ m v9 \; X$ m - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: G4 W2 b5 h: S9 \$ n; o$ R
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" | X u: |4 {5 L4 _9 D& K
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( `3 c% V) C) Z7 v8 P7 E - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 H" }4 [) B' w: [3 t! w
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ Y8 l$ U) l# i0 l) i
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]: @, w; C r9 Y' ]2 _8 N$ a+ S* x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], C! z: c. o( b; ?* ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ {$ V. }2 @- R# L% E
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
" v n2 C& I1 z! b - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; e+ |2 b; C$ k5 b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]! a+ g& y! L( J1 Z7 d% }
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
; s$ Y$ e- k0 Z' u; y. R - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
% h- l) [; y! g" x F# t1 R6 f% w - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
$ Z; Z7 _( `! w" V - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]* x4 B% ]* x: h6 d# Q8 v
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 p. V: e7 @# N; |6 q7 E
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
. X7 l0 X: V- }1 B$ w" U4 h6 I6 D - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
- j* d; m( T$ V, g9 {4 E - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]( d6 g0 c; o6 g
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
) K0 Y8 J2 c8 F" g* y# F - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
' o, m8 u1 ?! _" C' m9 c0 t - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. y& }: {+ D4 J2 [# ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) Y( n# i: X, _8 K- [" Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ ~2 y" x1 J+ q# }! i7 U1 v
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]4 G. I) t+ n; e4 u
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 g. G/ }* h. I; g- C - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ ]. U" k9 G0 U* i! Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 v8 |0 D+ a/ ?6 W2 D - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
/ |3 i5 D% z+ f: ? X, j1 J - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]+ B5 q& P2 ]! v. K) E3 S E
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
: b. J' p: z" P2 ^- X$ u! Q8 Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 Z4 `, O) W W+ s) D9 K) [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: \" Q& j/ U" g
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]* F! J! z6 T3 p9 e
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
3 s3 j. x/ t: O, |* s! o - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 E1 N* ?4 X4 f0 b$ Z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 x9 z, v" B) i, @ - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. j( h+ n' {; b l9 \' V: o$ z; \ - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
* {5 S$ ~5 @& M- w& C2 U1 G - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ _! Z! E8 m/ c' f \8 f7 \5 B6 r3 d - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# c! u' B3 r4 s. U* I: z - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
1 g b& `5 {# N5 U6 p$ g+ a0 ~" A. w, W - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]0 d( ~( T2 W Y8 d) p
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; g/ @9 g' P3 \+ t- h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] i& A) z( X. [1 ~* T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ P5 r \5 d: I& V& X
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
8 D( X. H z+ w( r! ` - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
/ a8 H* w4 p3 n2 n' M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]! l) G: l1 ^" H6 G6 R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]1 P" P0 W2 Z% D! w B- c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
+ W, b0 J7 I: \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
# j# S" M) d$ W0 o$ E2 Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
, x7 h7 T4 m- i x4 z6 L+ g: l - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
: B) Z# u0 V+ H$ }% h3 F6 ? - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
$ Z# Z3 p1 u: m6 W0 `# V7 r - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
/ }4 s5 w; o7 {5 A8 T. I# r - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
' K' O3 e% j- r# d - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
. D1 N& `8 N! f9 } Y& Y - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]8 p0 ]# p2 K$ ]+ n( \* F
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
) b# y- |' H7 c8 J7 U9 C0 {9 P - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]. W3 q. p4 ]! Y: w! K: B1 P# ~5 H5 L* F
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
r) \% }% |' S3 K0 \" _! D; j, l - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
6 R$ r7 b: z* ^5 \, O, `! ? - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 j |2 K3 I5 O3 H$ K - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]9 q) G9 T0 R6 S q: L) s
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 |: B) D# b4 t% i$ j8 n$ H( a' l - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ G# C) l) X8 }5 Z4 S" ^ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 I8 |, u! }: u% L - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ f' | ^' _ t - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
7 y2 c) x: t$ ?) Y: `/ K0 h - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- p9 h/ q K- P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
' l. I/ t. l0 U0 a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ h7 R( a+ j+ A - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0], z8 Z9 @+ ~# j {! ^+ r" w* w
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]+ `7 Q0 P. b8 i7 I) ^* o* m
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
* p- f+ d7 F: J- o/ e- s+ _3 n7 P7 z - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001] Z- ], P% c5 a8 R5 K
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; {+ h4 {/ e$ U" C3 f' M: d) j+ O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ b* y) h4 o4 i* N4 a! P% H
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
0 C: P( J* k) ~& L' d; [ - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
5 [3 G% h. b: J5 X4 ~ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; i; {7 {/ ]6 Q( g( z( [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: a0 G* P. a" n7 w$ a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 H, Y4 U5 _. F" ]" [4 W4 O - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
/ H' m j7 s, W* q* w5 c' b0 Y' | - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
8 W/ c) J) [4 w2 L& a, W2 m. b - ==================================
7 Q5 r: w5 Z: S8 l" e8 \; j - 文件关联1 n+ Y" |( j( q: a
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]: P2 u& I% r9 u# ?0 }
- .EXE OK. ["%1" %*]5 C9 R8 @) [9 ~; y' P" f. k$ y9 C
- .COM OK. ["%1" %*]8 q. n0 K0 l) m
- .PIF OK. ["%1" %*]
$ D& D: E, @6 o: Y3 P - .REG OK. [regedit.exe "%1"]' D1 y3 E' z0 v+ e0 I4 d
- .BAT OK. ["%1" %*]
2 O7 h$ ]0 k7 A" u' K7 z3 f4 |6 T - .SCR OK. ["%1" /S]
- j9 j5 u7 Y) [$ y1 L! k - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
+ V! x2 u9 F, y - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1], q/ G6 ^) @8 O. L: Q! c% n
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]' x, N3 J7 I/ s% _- [ X
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
/ H8 V& a* v: u& O5 d3 v - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]: @2 W4 V4 j3 b3 A/ n5 y5 u
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
9 o" M+ o' K+ ] - .LNK OK. [{00021401-0000-0000-C000-000000000046}]" h% k! U% e/ o6 f H
- ==================================# s8 Q0 l/ G: f7 U
- Winsock 提供者& J( ~0 ?2 m* G* X) K" [" ]$ N. X
- N/A
6 G+ Z2 p5 X, S3 K - ==================================
6 [" W. [9 B' m# M& k6 X9 \- C - Autorun.inf
& L/ N+ G0 u6 g1 E - N/A
$ t( E, @+ N6 b6 R8 F5 P - ==================================
% \7 h: S- j* T% e - HOSTS 文件& Y7 g+ V6 D- u- f" s
- N/A9 H- R& [# w& j# J
- ==================================( w9 L& J( x& @( d4 D# F# I
- 进程特权扫描
" D3 t( x0 ]! h1 t1 N& G - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]- |* x. V( Z* r8 M4 ?0 }8 {7 c
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]6 x$ h: h& W5 s* |8 v
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]$ P8 E+ T4 q0 {, f' g; G) z
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
) M3 \- I+ a0 t! }/ l. W$ d - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
E! K/ u: @3 U S3 Q) I) A - ==================================
w# ^# ~ [" v3 @! D - API HOOK4 [8 Z) ]1 u& [. n
- N/A
; ~" _( k/ S. o, V% u, x6 d - ==================================6 C; t% ^8 `1 h4 B
- 隐藏进程
% `( U: ?* D+ _# G: h& w5 J* w8 }! Y( E - N/A
& _* b8 C% b( F! y3 g - ==================================' N- O( O" s7 j5 y0 B: M
- / ^7 \, S! t( G9 ]' S8 w4 B
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
