|
|
- 1 s( y6 f" [, ]# K3 V; Y
- 2008-05-22,20:37:43
- o8 E* s1 y8 K9 [6 h; v - System Repair Engineer 2.5.16.9004 b1 { r9 d2 S
- Smallfrogs (http://www.KZTechs.com)
( n/ a. f4 x- q8 E- |$ D - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
* x& v: ]5 I6 @. c$ p8 G - 以下内容被选中:1 Y7 E7 m5 C& U8 c2 P p
- 所有的启动项目(包括注册表、启动文件夹、服务等)6 j! [1 \( D8 Q" y& n3 b- ]9 x* q
- 浏览器加载项3 i; x4 x8 n0 q. J0 }
- 正在运行的进程(包括进程模块信息)
) a5 P3 u# ~. j- F5 I1 G- L - 文件关联4 e7 x& w- R5 M2 |5 W" W
- Winsock 提供者- l3 d) A8 F7 k# U! s
- Autorun.inf) U% O( S, y# a# W$ U6 S" S
- HOSTS 文件 b- X" X% _. I7 @2 G
- 进程特权扫描8 a% y* }/ O* x$ C1 q- [
1 k; O: z, I" `) Z) g0 A0 _- 启动项目
# h( ]: N9 w' F3 R6 T) ~& g - 注册表
* C& ?' m' z" s - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]5 C3 ?+ }; j$ E- { I
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
; v1 z, R$ Z, c9 S" }9 ] - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
- x" A1 H7 I9 n: }% |1 D: @; k k - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
9 A M1 C3 e5 [) N/ w3 ] - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
0 I, x- C1 S U7 i - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
$ S( G/ s6 n: g3 Z0 D4 ?. g. U - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
* G1 F" d ]6 I1 N6 ~ - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
& Q& _2 q: ~2 s* N - <PHIME2002A><; > [N/A]
& K8 [# x8 M& s/ h( j% y! q - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]# B, ], Q$ g \5 u8 B
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
& b" `; X5 b: L' r5 Q' b) Z - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]2 l$ r- V+ K" E; {) Y
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]) L Z2 `/ O7 w8 \6 g. H
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]: p' C, v# V0 J1 m0 |2 A3 @ P4 F
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
6 {. H" T- i5 e$ z% i4 U8 g- P- o( J - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
) b1 r, ^$ m( G. N* @5 H - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
+ k# y" L9 c0 L0 n: k, q$ b7 i& H - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]# O+ `3 {7 ]% c) q1 [5 [
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]# [4 e* H6 ]3 X' D! _
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]0 p2 e0 L) W4 z2 H" D
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]$ m$ |0 M# i0 V) W$ P9 B
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
1 O9 H9 h5 b6 I f- m+ O, r7 r* I! R - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]$ M' }! N- Z- V- h
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]& t$ r! J8 I/ O5 P& R6 f5 Y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] H+ h# W6 _/ A
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]7 Z4 m% f3 b3 h! `* d q+ Z8 |
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]) t9 u% c9 i) H$ K2 C& p# v
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]3 o) h6 U5 X- E: d5 B
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]# Q. B; u& Q0 J. P
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]! c) I$ y# p/ W! J* w
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
! H8 }2 r/ h" a' C4 U$ q$ R4 J - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]/ x- O/ ^7 i4 }1 s/ O. M
- ==================================/ {# e, G1 Q5 N& _: b
- 启动文件夹
/ I0 \) P* z& v0 F5 M3 d. V3 |5 }" Y - N/A3 w9 }/ s1 T& A# H1 c) z* D
- ==================================
7 N# |, ^: A1 A- U. `" M - 服务
. B- Z$ s5 \% h8 X8 M, b9 m - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
5 ]. H$ Q. @7 ]3 C: \ - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
" i( P) N/ n1 v0 Y2 g3 G k4 J" M - [Google Updater Service / gusvc][Stopped/Manual Start]
0 B1 M0 C! @$ X$ K3 l, n: I - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
( Y$ b. S- G3 w q* a4 [" S - [Help and Support / helpsvc][Stopped/Disabled]% F7 |5 L$ F& V, [2 d- Q, z% n
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>: Y1 J3 r) n$ b. W0 H7 I
- [Human Interface Device Access / HidServ][Stopped/Boot Start]$ C3 Q0 ]$ \" K1 d
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>! h i( Z" F! {/ }+ S
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]2 F- S1 T- G1 e2 N2 g2 S. e
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
8 [+ A9 P0 Y" C. ` E9 V- z - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]* \3 S' z6 [3 ]; H
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
/ P1 b- |0 ~' v7 u8 }& h; ^8 L* [ - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]1 f% x5 Y$ `% Y9 e. y
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
% E& e; w& p0 W6 l6 s - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]5 W! N' J6 M; k! [
- <><N/A>
; j$ I3 v7 ^5 E/ B, ?5 N - [Qvod Terminal / Qvod Terminal][Running/Auto Start]9 V' |8 x. Q. A8 e' a5 a; h
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>5 \8 S( v( v3 H' P: |" z, H
- ==================================) w6 F2 O; u- W8 L3 D, }
- 驱动程序: X5 E5 ^% S$ H% p
- [22j / 22jn][Stopped/Boot Start]
0 a5 B! ]0 R$ w, C - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
' u2 M4 x2 T. s - [360AntiArp / 360AntiArp][Running/System Start]1 b g0 }2 J) }2 I
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>! V* F# G) l0 w0 E e4 W3 e
- [43ec / 43ecu][Stopped/Boot Start]& s* T- t" u! d0 ^+ m3 x
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
$ j7 `4 i0 Z" ~) F; G) i - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]# r7 f. f' ?+ `
- <system32\drivers\ac97intc.sys><Intel Corporation>
; I7 A! ~; V; v - [Promise driver accelerator / bb-run][Running/Boot Start]
4 I8 `& q1 X* X - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>7 t7 {9 e! u6 _9 q3 x
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]5 r. g5 c- i* h" g& A h! ~3 o
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>8 K3 e' ^7 P B! b, n
- [KAVBase / KAVBase][Running/Auto Start]; r7 L3 G6 L! I7 N, Q
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
* u9 s/ A2 X% h) T* \0 X - [KAVBootC / KAVBootC][Running/Boot Start]
: C w$ v" y) f* E - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>0 A8 d& z" S* a- D
- [KAVSafe / KAVSafe][Running/Auto Start]" G+ |7 b5 h1 a3 l5 I9 d
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>, H8 `0 M( H+ O, @8 @4 G. ^! w+ g
- [KNetWch / KNetWch][Running/System Start]
) C. x# _/ g# X7 Z V6 p |# X - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>+ G+ w$ L, z4 h8 y
- [KWatch3 / KWatch3][Running/Auto Start]
4 k2 c6 D/ A$ i% n( g& f& @8 a - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
" e- s3 ^9 [7 ~ - [ntptdb / ntptdb][Stopped/Auto Start]7 Q5 P, `2 w% Y( b# R. `
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>5 D: o3 ~4 \# ~5 t1 R! C* t
- [nv / nv][Running/Manual Start]
7 E3 C# K& D; x2 d - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
! w5 U% a ^/ u! y; l4 @! n - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]- {) ~1 x( z. a2 X
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
6 N5 g$ t0 n8 ]$ [ - [DDK PACKET Protocol / Packet][Running/Manual Start]- y/ c% m# ?. {1 N* L1 q* b
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>8 m5 k4 A( c5 y0 j
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]' w6 {% Y9 o. H7 j8 K
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
/ `4 n# \- q8 g9 j4 ~ - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
7 x( { v, Q' B( \: A7 H H {. T; Q - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
# }/ ?! r o$ x2 C: I5 Z1 Z2 s - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]1 p0 z2 n% Q L
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
3 \9 c2 V! Q# l! ]; o8 c0 L - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]8 F) a! t9 M: ]
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
; e% u1 d" k' _3 V& ~1 f' D* k - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
9 x7 ^8 ~. {& S; v/ |9 Q7 z - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>, H7 }0 e) R- W Y- S' P9 F( \
- [Secdrv / Secdrv][Stopped/Manual Start]8 S; U% ^# f) t% Q
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
) [8 C& ~5 J5 s. y, g - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
' P5 M2 U/ B: b- k6 a - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
' b' k4 m! [: Q9 i6 \4 y - [System Restore Filter Driver / sr][Stopped/Disabled]
" p7 h) R% x, _0 ?0 m' [- b" x - <system32\DRIVERS\sr.sys><N/A>
- s- s6 `# g) g$ f - [TesSafe / TesSafe][Stopped/Manual Start]2 N; b& k( D8 ]3 t
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
# {1 K2 t: W/ M. [0 U# \8 B4 C - [System Services / unzxzsrs][Stopped/Boot Start]
) B0 ~$ B% P! W" B) l; ` - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>! L) B% T0 W9 X( Z6 U
- [ViBus / ViBus][Stopped/Boot Start]
4 ?' Z, R1 S, t$ L - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
' u7 H! e3 ~! y" W8 L1 D0 r - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]" y8 N1 l$ e% R; p
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>3 x3 {9 Y& x! e3 Y) U
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
7 Y6 g2 l7 w- C2 R - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
; Z0 M7 c8 v( i3 H - [ATI Extend / zhibmaso][Stopped/Boot Start]( a& n' b! R$ @
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
+ C1 e' t9 \% x! x - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
5 Y5 j0 k* m( M - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
0 d. K% g) ]" o9 ~2 _7 B. \ - ==================================
J" f5 c" f2 D) Q- z - 浏览器加载项& M" Y" Z0 o. T. L
- [Google Toolbar Helper]
) H$ q, g3 S; y1 q4 n1 k2 f. W - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>: @+ C3 U6 W- X# N( r
- [Google Toolbar Notifier BHO]
# S7 m3 ]+ a0 `9 `9 D% @2 S - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>: {' w' e! Q( ?" V3 r7 C" Q
- [SafeMon Class]
0 T" |/ e: G- R - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
. Z% V5 A" q2 \. z - [kingsoft browser shield]6 [" @% Y( }) W* x8 V5 H
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
: v$ c) w2 B5 ?9 J6 h( ^9 r - [IEBuddyExtControl Class]7 `% s; A( Y& F, |4 { v8 C4 a
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>1 X1 N9 y. \9 c& B7 t0 X
- [Zcom 杂志]
9 \0 L' L2 N6 ]4 K) x - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>7 O8 s1 i; o8 V9 D
- [&Google]
: ~. w6 y8 h. H1 \* L' K% c - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>' [9 @" `2 s# A7 M U9 \
- [KooPlayer Control]' i5 G9 C8 J0 v1 V/ W$ ?6 Y
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>" d* b$ ]7 k p! N) l
- [Shockwave Flash Object]' q/ ~4 T3 w* v' y8 d
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
" k/ O+ K0 A1 i! B! y5 N* A! p - [KUpdateObj2 Class]
( o& g& F) s1 |0 a' i/ W - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
! W2 W1 N: H1 L. w( P - [Google Script Object]
) B5 x8 }" N2 e8 ~1 e0 m6 O/ \ - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
; H q [0 T8 g+ |. F8 d* P - [EWA Control] |4 V6 A, C. L6 @# E1 o
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
- T5 T) y$ j- R* F K Y6 T - [Windows Media Player]
9 M. B& f) y! e; o8 @ - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
* y8 i( c% @& ^% |4 B) E2 `6 R - [&Google]
9 O( C1 b3 f1 K4 [+ m# l( D( ^4 m' _2 g - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>2 j9 D1 n9 F' ~; b
- [HTML Document]
$ C5 ~$ w9 w* p, z - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>9 G+ v! R2 F1 z. g
- [DHTML Edit Control Safe for Scripting for IE5]
* w" ]" P. L6 t* Y1 C - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
& v+ m; N! e% X% I& D4 L - [RealPlayer RAM Download Handler]. g1 J% C8 u# c2 Z% x
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>" ? H; b2 j$ d+ d- T4 Y9 L
- [IEBuddyExtControl Class]
3 a: s$ D% _& G2 |% R! z5 q - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
7 p8 n1 c$ W/ O, [" `4 U - [XML Document]
, x! u: ~6 k8 T# b$ U - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>! \& {/ t! ?& b
- [HHCtrl Object]
" v# y) x4 @, i0 M9 W7 } - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
- ?- C! U& Y- c9 U8 |! | - [Windows Media Player]
9 c$ ~: ~2 D) @ - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
) F" U" O5 D3 m3 Q& B! C3 X6 @. D, F - [Active Desktop Mover]% r$ K# o" n2 a ~% S% G7 A
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
* j( ]0 ]! P! f - [360SafeLive]0 N9 ?3 d" q4 n* ]9 p4 Q E o
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
1 F1 J+ _7 r+ E0 X - [Microsoft Web 浏览器]
& z+ L2 \5 Q2 o4 h - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>7 T8 b. |0 W) o+ C& e8 l" b' V% g. f
- [Browser Enhanced Objects]
2 [) {9 f% L4 z% v - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
; K. J6 d, p. C* g# f7 R - [Google Toolbar Helper]
) P8 n" E, `4 [# F6 p0 _# ~$ Y - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 k6 G; J9 d6 e, m) q1 B F0 o
- [Microsoft Scriptlet Component]
& m9 S Q+ s6 X3 F# [ n - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
( @0 B& v1 @% c$ o* |0 h9 _$ Y - [Google Toolbar Notifier BHO]
6 k: k: K9 R6 b+ ?; e - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
8 t' y& S) [* U0 X8 X& ~6 v - [SearchAssistantOC]& K# z+ l+ ^& u8 ~) J3 }* S% q
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
) b' ?) W' b4 ~( N$ S. ] - [SafeMon Class]
! ^6 A$ ^, M! K4 d4 M( G - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
& A9 S) @* z. s3 | - [RDS.DataSpace]# B7 n. Q! o9 q. d% D2 A3 n+ t* W
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>! V3 {3 j( ~% ^, G1 [) q. m1 T
- [KooPlayer Control]
1 ]% v7 V- v- V: S& T7 ~ - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>$ v9 B9 q$ X6 b5 u
- [AUDIO__MID Moniker Class]
' i# g$ ~; H: Q8 O4 x; i" j - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>8 v o5 B- {; P- q! f+ O
- [AUDIO__MP3 Moniker Class]
" ^8 ~2 m% r, Q1 C: {" _ - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>: u$ `' c9 U9 T O8 Q/ y& [, x2 i
- [AUDIO__X_MS_WMA Moniker Class]6 t0 n9 M& J4 m' R/ _+ k1 X7 W
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>; y2 P& ~) D; {) D7 X4 N" ~
- [VIDEO__X_MS_WMV Moniker Class]3 J3 A" m- `" \% l
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, Q- \& Y/ w0 s) D - [RealPlayer G2 Control]
, v% o; s5 D. R8 n7 B% e - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
( {* B2 Q* k; \2 \3 Y - [Shockwave Flash Object]
% I4 M2 `8 l. L) k8 e+ l8 b" ] - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
9 ~) @; Q+ E3 N* F- K/ A: c - [KUpdateObj2 Class]
6 l/ ?: |: q8 d2 | - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
* G# [1 v; ]& p2 @8 i3 q+ I - [kingsoft browser shield]
4 U& n0 v- L/ V' U h0 R% M - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>3 j+ M5 n8 n4 x8 c! a: [
- [PasswordEditCtrl Class]
. _& e$ j2 j% X4 B/ c# J' l+ P - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>8 |8 O& X% f- u+ k2 @$ j) k
- [QvodCtrl Class]
: P( }1 K$ v; d9 h% Q! w7 q& G; q - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
" K; _8 Y! t& H; J2 A& q- O6 ? - [&使用超级旋风下载]) b) g7 z9 B+ M* d0 `/ I
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>4 R/ H6 [7 g1 _$ n% V
- [&使用超级旋风下载全部链接]
+ h2 c7 T' y. E* x7 N - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
/ X E( y4 t/ W. H! K' W - [使用迅雷下载]
f% \% N. u# \7 h) P) r/ n# |; ] - <, N/A>
/ V3 q* Y3 w* ^- r - [使用迅雷下载全部链接], ?+ z2 d" |# ]
- <, N/A>
% w/ _: n5 ?6 G: u7 E9 _/ T( u - [导出到 Microsoft Office Excel(&X)]* p- v9 L7 Z+ w
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
! {5 y) B7 e% A9 m+ D - [添加到QQ表情]
$ v/ F* x3 x" N8 W9 | - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>: D8 b5 p% n. C8 ?
- ==================================; `6 L$ q3 E4 g b
- 正在运行的进程
; Y) Z0 S$ {2 X- w - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 Q# c7 ]$ Y' |, A2 c - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) g9 N) E9 ^5 `; L
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. U; ` \& `5 r6 Z) q p% x
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]' E: l. t4 S, l) C0 O+ j" L
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# k5 Q" x$ k: d, D, @4 K8 U7 @$ J - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 p7 c. S9 q) }9 t( N - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* v$ J$ r' n* U; {: v
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 {/ f$ K+ X& F) Y, s/ s4 V - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; j; f9 t$ J: \ y# b - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- o" X& Y1 b. }, ]' }/ Z9 b
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- x4 A& U( O; @: Y& Z0 Q) @3 \ - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
4 N( t; L' s/ N0 i0 u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
! r+ Y" Q M. k G# w# v% D8 E4 Q7 h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# J( N; l7 k* v; {: Z3 Y8 u
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
. L9 k2 G6 u3 v% t, }" z J - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 U8 l8 X& s G' x9 F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]" \" l. j/ r* F1 |8 B' o
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
2 p* E( T. s0 X3 k9 f* a - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]! R- J) U6 _' i. h
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
, E4 I, _5 W" I3 I2 e) W, v - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]; d5 d/ K( V& A/ i' }' f
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 T9 v6 T# t% W. m- \
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
) C3 J; H, [0 ?: G4 ^ P - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]# p4 S# S+ P) r8 j9 {
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]+ l8 F; q2 J! Q# T8 \. h3 G. c( q
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
& g% T# \+ ]9 m5 e0 k( D' \$ \ - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]& O8 ]. A: }. ^* Z6 H; ]5 t
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 \. ?" w" [, g: d4 \
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 ]. L; q5 q0 T" R1 i! o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) T+ M0 O* E# O+ p& S - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 J9 c6 U: d8 `' p1 j) n. Y - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 G. a9 C/ R" s, f$ o7 g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]! @' _/ ?- m9 y8 [; }' B2 g6 }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 `! l) J3 y1 H. |: \& O! t7 M - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 K, a/ K# i9 ?- Z5 g* [1 O - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654] y: l$ X3 W+ X) S* i3 x
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]. C! Q2 }( \# N3 x4 N' o) |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 b* k& m3 U% D% ?: C6 S4 f# q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; e4 o( @% z$ q" w
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]2 }) X( V1 T- x) R
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
; U. { P4 ]# [" w! N/ i - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]: r% L' ^% S9 f6 ]+ P: `1 k$ ^
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) l: D8 @% X! s# j6 q Q/ L5 P d
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* v) M$ [6 O. n* L3 D
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
3 [& ^1 p$ a2 d - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ N) m2 h2 H- A9 R
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ l& S) q5 O' r$ e( j+ N
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
! {* Q/ C( c! ?6 ]' B - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
% J$ ]3 H6 q- ?7 [ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]( s, R! X, `, \; `' C+ R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]9 P& V+ M( P: I% X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' Z+ C* _. |5 `& u, }% H - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
1 @# g& j7 U8 { d8 P1 w: K9 T - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]( T8 _+ s \) N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]1 d- f& ]1 a; }9 u: N. c; S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
6 j& j, L. p$ ]3 M) Q4 j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]2 u- |! J y1 g2 d$ G
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]/ T7 O# p& g0 _. A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]# ?, h, [' D5 p* W+ a- }6 o4 ]& ^
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
) t6 s! n( s2 u0 U8 v! n' h - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
+ q" p5 f# E! r; T - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
, ^6 L2 h8 w4 \' e - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
4 o( U. i0 G9 _- Q' ~6 y v - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
1 d4 h9 C8 S& {7 {4 }! ? - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]. _* O/ M6 T2 }. m/ g. k
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
- P3 w5 y# @ q( b - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]' D! @4 H$ ?9 K& Q7 y
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
3 C" Q- h4 a( l; \$ T( H - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]& w2 E6 d# f% S: _. R- G1 y8 X
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) b8 X( k, t, j& V - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]" }+ `0 x; S/ b2 I" E* z: j
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 Y8 S4 e; }2 H4 s7 i9 s& [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
# X0 B! {- T1 I9 w - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ {3 f3 j- N9 [8 O J - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 q; G9 l8 w1 f# a# @& h5 I - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
6 m* B: G* ~2 \0 o* C' w - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! S; ?+ j, h; P& j+ y: E - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" c$ \( O+ N5 j* U M/ T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! u! L2 Z5 [9 W2 r i. D* T2 m
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 a. u7 f9 I! \8 I+ N! w
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]0 M4 O5 n7 x" Y
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
) P0 ~. c. k* w7 o4 L! h; y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) U7 H' @& o7 ~5 e3 J3 C4 U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- \$ e, z5 b# Y5 N" ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ S+ ^) O4 ^$ G3 ? - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; U0 N- u9 d$ p9 j7 }
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]: Z3 v, p D& J. h& h& z& {
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
# u3 o% n/ r. l$ f2 V4 M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] Z! E/ q+ ~* a4 ^9 e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 m4 {8 H1 K2 M: @) C' ^& B - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 C3 @+ `. ^5 [ E2 o% [9 Y% A
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]+ h1 ~! I D. C' y' a
- ==================================
: T$ B! N: j+ r* K5 i9 i2 N8 z - 文件关联( C" u' z [; p: q, R g, K# a N
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
2 Y$ S' i0 z& K+ l2 q - .EXE OK. ["%1" %*]. }( y; L3 r2 S* b3 ]
- .COM OK. ["%1" %*]
8 O5 l. z! r" \ - .PIF OK. ["%1" %*]
! h7 _* D8 g/ j: ` B8 N, S - .REG OK. [regedit.exe "%1"]
, j4 e5 m: ]- T' ]: c& b - .BAT OK. ["%1" %*]
- W& F+ v* }: A8 d6 g( N# k& U4 f - .SCR OK. ["%1" /S]
/ C2 @" L: \) ]3 d5 T - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
" T% u6 ]! m% Q3 R" ]: F9 c - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
9 k4 d/ @" q( [/ [ - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
M& g2 W! i! d, @ F - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
" h, ?- C k q" r8 ~# Q$ x - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
/ N# k0 d d* Y2 ? - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]5 L9 x, T+ \" N7 Q
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]& |# ]$ u0 S2 H4 V5 X( `7 I: ?6 c
- ==================================
+ C( }; a- {6 C9 y6 Q - Winsock 提供者
0 e) X; j: w1 F0 }+ a% ^( ` - N/A; `9 \+ ?1 K7 _, [
- ==================================4 Q; f2 b' o9 ]3 H
- Autorun.inf/ ^8 a1 y+ g# B% n. t: l3 Y
- N/A( V8 k- I' ?4 W+ O2 }- X7 M
- ==================================1 E1 K. D' \+ S: Q/ X0 e, o# j
- HOSTS 文件
) l1 w7 u7 w$ {% M - N/A& O0 U4 f, f$ g: ~. j
- ==================================; z- C0 `: O& l
- 进程特权扫描; F* }: h! {# Q" @$ U5 {
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
0 Q) F, @) B/ n2 } - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]4 @: y3 P2 _" x) [6 d
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
: A' l0 G3 D7 P. @0 w - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]( j& Y8 ?. `. ]# J% }( @
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
" S" U4 n# g- q3 K! C1 ~4 x, l - ==================================
* u2 J ^) H& k8 q - API HOOK
& Z R3 Z& P, v( f9 S1 n - N/A
; Z) y+ K: O% \+ r - ==================================; K7 h3 v! i2 f+ V) O
- 隐藏进程* h, g- D1 Z* c$ F4 i
- N/A
1 N Q1 c+ H8 v# K - ==================================( A" A6 M. g1 d# x/ c: N1 s% ?
- 6 Q& A. G2 ^# d2 i; ^
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
