|
|
, j7 W/ ]" L9 r- 2008-05-22,20:37:43/ G# b! h# ~7 r& k0 f
- System Repair Engineer 2.5.16.900
- @. i) Z: d0 `0 ]& s' x - Smallfrogs (http://www.KZTechs.com), E0 q9 N- i2 H4 R) e( t, h& l
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
. `8 w) z! l' j+ H2 E' E7 U - 以下内容被选中:" \# y6 f( w$ s: M& m7 _
- 所有的启动项目(包括注册表、启动文件夹、服务等)+ d- m' ]! i. k0 y' s% Q
- 浏览器加载项
* S$ L( ?. Y; t/ R$ C5 F - 正在运行的进程(包括进程模块信息)6 e# A3 h4 v% {; a- L A
- 文件关联+ @) A, b7 e+ f. {
- Winsock 提供者/ q$ w9 }" F3 b1 @/ H9 v" C
- Autorun.inf
+ Z# ]: _! D$ C5 n! r# p - HOSTS 文件
6 o2 \% s; O" p - 进程特权扫描* o' Z! G; C8 Q1 D- q# O) m, |
- 3 J6 }: W# D7 }, u8 o8 e2 A
- 启动项目
; h4 ^6 |0 B7 m$ ?: |0 _* A3 @ C, | - 注册表
! Y* P+ ~ v/ S1 t2 ~ - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]8 q6 g# a& o% A0 ]9 Z T4 W
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]% u$ g/ j* K$ Q
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
1 }6 O4 C5 q B4 l- B0 `2 h. M - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]% s" O9 \1 u. \! @! S
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd], c" G& m6 r. `# b: p5 x+ D( @# J
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
+ n+ ~* q" Q- h - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]) I1 ]4 P' j* I& l& K3 b, E/ Y3 N2 ]
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]. z& e& h& u; N5 x7 O7 ?. ?
- <PHIME2002A><; > [N/A]8 N" M: ^( f9 g
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
3 K7 {" B4 ?* C* c4 L0 A4 C- j$ ^ - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
9 l/ L0 [1 b5 }% y+ Z - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]5 Z |$ L7 B) |2 B9 ~. J
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
4 u; f& i7 W9 i4 ^ - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]3 t. P( }( A9 D
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]! M8 N7 K" E$ t, a% W7 a" d9 X
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]: N4 v- n; r) ^# n7 y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
" ` q' T- `& P7 D* o - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]* W: X2 w! |7 i8 v X7 V" K% U7 v
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]; y' e) S6 M3 ~2 h+ L$ g1 [ h
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]0 z' l9 y/ G0 y0 h# n
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
5 o0 o3 w/ E$ c8 d- @' v( G, o - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]: R6 q, K+ }, ?
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
. {: ^* b2 |* j# ^2 \ - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
; w1 P9 P" w0 {$ ~0 O8 r - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
" }1 g* |! P3 m0 s' \ - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
. s, q- D9 ^! B$ }# P6 _0 F" D, k4 q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]" ~4 w4 ]3 Y9 K3 a: \4 \8 x
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]* a% [. W& p' X+ V
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]0 p" Q) ]* i' u' ^
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
1 r1 L6 o* v# d - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
& K w7 R: a @( l6 d+ H - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]% q, C7 S* H( h+ [# K
- ==================================
, m) @' l' l4 N, }+ C - 启动文件夹
; I0 P& v/ p0 ? - N/A( z3 a0 J7 w% z* A7 F0 C
- ==================================% C, r5 F3 ~/ h _- i! w: \
- 服务" O2 X. ?$ z. v! V7 d
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
6 g2 S5 f. M# l' R3 [ - <C:\WINDOWS\System32\3wareSrv.exe><N/A>; c7 }- t% Z8 X% k
- [Google Updater Service / gusvc][Stopped/Manual Start]
$ S& u/ R* M) K h& a' ` - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
7 r4 l u0 u7 K! e% R" } - [Help and Support / helpsvc][Stopped/Disabled]0 B0 Y9 X$ y4 X+ O' i% W% n) `! b6 Y
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>2 o4 j$ v. f: L/ V; H4 n4 P
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
, z5 y! G R u) o4 l+ N - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>8 |& ]; ?; n8 T8 _7 n, _1 S8 E1 R
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start] C4 ^$ C0 S+ a" R8 i5 G9 o! K
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>+ { l2 ]1 q: x) \
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
7 |0 E p* S7 @) Y. f( R - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
4 r) z1 n; w0 b& L" U# z - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start], s' E) t8 \: L" ]3 j% t) n9 B
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>3 H2 U5 r3 l+ o0 r% j1 P
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start] l' L. Q) z& j$ @% B
- <><N/A>
7 y, ^0 s# N) k* s6 u6 B# M - [Qvod Terminal / Qvod Terminal][Running/Auto Start]5 P* j; I; Y F3 A: `
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>4 d' S: J. ?" S( F
- ==================================
' h$ t3 D, d# A* b5 J - 驱动程序
. |2 r" \* z6 l2 u# d' ? - [22j / 22jn][Stopped/Boot Start]
( d- ]0 x. J3 [8 | - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>/ y5 b4 @% n4 \. Z c. t
- [360AntiArp / 360AntiArp][Running/System Start]5 X/ D% v/ b6 O' ]" P& G
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>: `; ^9 w' M& R, x) w7 w2 }
- [43ec / 43ecu][Stopped/Boot Start]/ U" s9 H0 X v4 W2 M+ Q
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>* j3 K1 W" i' y/ p+ Z0 D$ c; T
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]8 ~' d" @* t' `6 l8 }
- <system32\drivers\ac97intc.sys><Intel Corporation>
2 H( o( F( _( h$ K% o$ T+ x& }6 s - [Promise driver accelerator / bb-run][Running/Boot Start]: S5 m7 D! s9 z8 l8 n' @% ?6 K5 B
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
R! ?0 S; m5 o( k: u: j. [ - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
) I% V* A) [8 Y" Y4 J - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>1 a% S4 M- \, ~7 B" c/ C
- [KAVBase / KAVBase][Running/Auto Start]1 T7 c4 | z' z* I7 e9 }
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
) ?9 b5 h, m z& G1 `9 K: ^! { - [KAVBootC / KAVBootC][Running/Boot Start]
7 y- ^* x; V0 N \ - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>, _/ |! K2 t$ [7 V3 r1 g
- [KAVSafe / KAVSafe][Running/Auto Start]7 I9 o" s& _ C2 }7 K( S0 C. M% f
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>! s/ _% b/ S2 {" Q m2 \) ^
- [KNetWch / KNetWch][Running/System Start]
) T7 f3 R7 g1 A8 U9 i, O% Y - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>% \5 K2 q' H/ l' N# M! k" Y F
- [KWatch3 / KWatch3][Running/Auto Start]
# o9 [! H! m: ^! }4 f0 q - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>& G0 s1 i/ z& Z/ t9 m5 x
- [ntptdb / ntptdb][Stopped/Auto Start]3 n6 b9 Y9 M/ T9 F& J( b: t) g
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>6 L! b; w# b7 {( M* G. s9 ?& C
- [nv / nv][Running/Manual Start]
0 m7 c( R d( @, ~: q( S x9 v - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
% t! h$ e% q% `. d3 V - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
; b+ t: a1 ]1 o+ c: `. k" R - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>3 s* G3 s1 H8 ?8 y
- [DDK PACKET Protocol / Packet][Running/Manual Start]
5 p+ t. t0 k1 d2 ? - <system32\DRIVERS\ProtoDrv.sys><360安全中心>3 p. g' o* S; z& ]: Z; T+ S' v+ I' p
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
* \. u9 b& P( K% A - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
7 A: r: s$ r! @( M. y- @0 w - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
9 Q7 {- F5 R0 y& O6 |+ q6 B - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
6 W9 {+ A' Y m" W- a6 B6 `: G - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]0 R4 r* A S' ?7 ~+ B( n
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
9 M, E4 L* w0 d* Y+ ^/ ] - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]6 c& j6 [, B9 j% q7 X! ~( Y1 s8 L0 a
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>7 z/ x8 P1 g- H4 B$ i5 Y8 g
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
0 V, }, b3 P( _4 o; \) s$ ~2 K# {+ l+ X - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>, U5 J+ [( `" \1 s" V/ |
- [Secdrv / Secdrv][Stopped/Manual Start]: z, k/ }9 r7 y" J. i% ?$ N
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>, _$ C7 d2 I! S
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]3 q$ x2 L! W$ t) m2 Q7 r
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
0 s* e8 l5 Q: M+ w4 b: X - [System Restore Filter Driver / sr][Stopped/Disabled]
5 k, `- c! Z: c, E9 D - <system32\DRIVERS\sr.sys><N/A>% R; ^1 P4 u; t
- [TesSafe / TesSafe][Stopped/Manual Start]2 U4 q$ A$ B7 |( |
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>! Z C2 ^9 s2 I0 y
- [System Services / unzxzsrs][Stopped/Boot Start]2 \, O& I$ |; \# K: T p4 u
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>9 }4 O5 R& {) B. _6 B9 T
- [ViBus / ViBus][Stopped/Boot Start]4 Z3 a, ?7 y, Y& K, |
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>! Z; S, ~) f( V
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
4 I) w% d6 N4 l3 Y8 b7 i9 ^ - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>) k5 x r( H: [, H
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
5 u4 L2 n% G+ u6 C9 I3 P. |0 h - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>: D+ I" `- P+ c' o) Q
- [ATI Extend / zhibmaso][Stopped/Boot Start]
( [+ W4 Z* u; X1 v - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>- i. s" @* b. g
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
$ W' s1 p7 q5 ~. w" j1 G1 l - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>/ x# G4 P( N+ Z
- ==================================
, m# _0 v; Z% Z* ?7 q" ]# G - 浏览器加载项+ `0 o) ?5 ]& s+ J
- [Google Toolbar Helper] F. V1 X( t/ @6 s' r
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
& H& E2 ?- ], r) B1 | - [Google Toolbar Notifier BHO]% X" w# N# s% z7 u% `; ?8 U6 k$ j
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>' F& a4 g" ?+ d% v( P& \! J
- [SafeMon Class]
4 Y" t$ D3 ]( Q' |, A1 u) u T - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
; ?: m! S/ P0 F0 G+ z0 w# N. M - [kingsoft browser shield]
( Z' o5 v5 f2 j3 a4 Q; `& k5 a - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
. z2 O4 M4 p& C/ ?! h/ e - [IEBuddyExtControl Class], ^/ U% m; P! O6 U5 C/ q
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
# t; p; Y) P3 s a: ^9 k. V - [Zcom 杂志]* c8 H- m, R% e3 o; o4 W* e7 l; ]
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
# J1 C$ x4 _/ ^ - [&Google]
# M. `" P4 y# Y - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>9 }2 E8 p5 G u
- [KooPlayer Control]7 R7 p9 w+ U( w# |7 z
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>& z6 Z9 G$ w8 V7 M1 j' R
- [Shockwave Flash Object]
/ l* S( [9 B: v" h$ B) S7 M9 Y - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>8 }1 o* O) E0 F: v8 c2 C5 I% M# k
- [KUpdateObj2 Class]
8 {' y% K, C) Y. Y1 n - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
& l# i/ g0 _' l5 O1 G8 | - [Google Script Object]0 b" B1 L- K' C" s \3 S* t
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 @3 j# ^" r2 O$ M" g4 | - [EWA Control]* [8 t+ Y, J3 x1 P4 F" i
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
+ M+ @6 ]) d" C- r5 I2 N/ T - [Windows Media Player]
# U2 f/ g) z" H; k - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>& o# d$ i" ^& j
- [&Google]
5 A1 b2 N8 F7 u1 g S1 z" x' N - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>/ t4 m# k) V7 R* p
- [HTML Document]" i! A1 y5 P2 x5 `) h
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>7 d( ~, ?( V. {6 b
- [DHTML Edit Control Safe for Scripting for IE5]
; { E/ c T5 B* S; _ - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
$ K, ]1 Z8 V/ p% { - [RealPlayer RAM Download Handler]
6 x0 d4 k& N+ V2 d! q# `# w - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>8 _& B7 R6 p' F& f/ |0 T
- [IEBuddyExtControl Class]- B8 D+ l9 R2 Q' s. K7 k& k1 z
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
8 C/ X2 w; r) w - [XML Document]
( P) |, M+ d0 O, U; e - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
( `/ F$ b. S5 P* k - [HHCtrl Object]
0 c) V3 I" |& g" `2 J0 R* y - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
/ b& c" R) t! B! d& |9 W) [ - [Windows Media Player]
( v" ]( W2 U% A+ I" Z( W6 [9 x - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
1 w0 a1 L, |; G3 s: |; b - [Active Desktop Mover]6 B7 \' r) b3 ^. I, t& K
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>8 }. h9 Q1 i% T; Q& H
- [360SafeLive]5 {/ N! [3 E! t% q$ o6 v
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>7 c4 l4 Z N% h
- [Microsoft Web 浏览器]" J5 g8 X- c# @: P
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
/ `" _% ?4 t+ ? - [Browser Enhanced Objects]
6 D2 K4 U* P6 K. u - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>" q3 n7 Q- h9 i6 X+ X U6 J! s4 Y
- [Google Toolbar Helper]# F# Z$ m& X9 |* m; ~+ i, N( d
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>0 s# H3 K+ Z9 g0 o& N
- [Microsoft Scriptlet Component]
1 d# D: }; W5 q8 c" O - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>5 Y5 J7 h" f0 a4 E: C# ~$ I
- [Google Toolbar Notifier BHO], h, X3 [- W* ~
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>6 L$ \3 _) C9 q' H/ n( @
- [SearchAssistantOC]5 w4 Z' R& \# m6 t0 F/ \' k
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>$ `. y. Z3 [) M" {: A4 A; T) |$ E
- [SafeMon Class]
2 H( B9 X. Z, N - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>) g' s& ]( d7 t& h7 j% z
- [RDS.DataSpace]% i, v- t: U, J& p" p, o1 T
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation># f: M; d( t4 \( @) p
- [KooPlayer Control]
$ S% h4 P& V! O \ {0 Z - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
1 v+ t/ @( j$ A- S; L - [AUDIO__MID Moniker Class]+ r: e( i9 b5 F. N& e! @& i5 S
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>. a7 t! M9 } N9 @3 z
- [AUDIO__MP3 Moniker Class]
& O% A1 K8 V3 x2 O0 @ - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
- B: p$ {6 l8 {# R9 X8 h" ?6 U - [AUDIO__X_MS_WMA Moniker Class]
0 P' b t( j! s5 f- Q - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
3 C1 h( h3 d$ o6 `! x" Z2 f9 P) g) A3 X - [VIDEO__X_MS_WMV Moniker Class]
8 V* L) g5 U$ @1 q# D. L+ | - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
; }' F9 |$ D+ g+ \ - [RealPlayer G2 Control]' `/ l8 c1 Y. q
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>6 s( [' g; `* e* B+ \
- [Shockwave Flash Object]7 O1 `) Y9 O: U1 I) {, M" E
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
3 N8 v& B; G# w - [KUpdateObj2 Class] m1 L# V2 N5 m( s- i# i- c, W, p
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
: v U2 A" P& V0 ~' ? - [kingsoft browser shield]3 h2 W# E7 i! x) V' c* d; k7 X5 B
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>3 B! {: {3 N" U. i8 s8 |+ C) h
- [PasswordEditCtrl Class]
X3 q9 N i4 M. K - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
9 g+ I1 w- q5 h2 I9 n - [QvodCtrl Class]1 t9 N! R2 [$ M
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>; _9 c* `; U6 P# x
- [&使用超级旋风下载]
' }$ x) J2 z( C/ n9 g% I& { - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
: m9 _) a% n. j5 U - [&使用超级旋风下载全部链接]" \) r% G. R7 y4 q U
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>0 N5 z5 s6 y& Q k4 l- R1 p2 A2 e
- [使用迅雷下载]" b$ C$ g$ o& U) f+ U7 x9 c
- <, N/A>
9 Y* N4 c8 Y! a0 m - [使用迅雷下载全部链接]/ [. s6 \1 R% O7 p8 g$ t3 P
- <, N/A>2 t3 _. W# B8 X1 l
- [导出到 Microsoft Office Excel(&X)]
8 I' t. g/ Z1 s4 T - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>- ?* h9 r& m/ m6 o, X, w7 C
- [添加到QQ表情]+ i4 P6 f" s3 D
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>1 P7 ?8 g1 ^' t! d+ C% a
- ==================================
/ D7 ]% B5 ?7 m+ H% S- j - 正在运行的进程7 Q$ R# f) p7 z2 C8 V2 O! g
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 }" L! k# u; _1 K5 y( I - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ H- ?) K; _4 I8 s2 K# y - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' J/ P! i A9 o: H3 ^
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
4 P }. g7 X) o( s: B9 L - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: K6 W$ C$ V' N/ d2 @ - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 \' a; f2 A# L4 ]) \6 H9 E2 e$ o0 v - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- j7 T/ P3 P. F8 t( a- u6 y
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 G; m" k* Y# |4 B: O
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
b s" V9 i% S) N1 s - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! W" f! X( T+ C; [ w8 m8 _/ X - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 |5 A, r/ w2 R: H; @( t
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]4 o. F8 a' C4 c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: c; {0 h' U* q2 k0 M& w; C - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]' C8 g: p2 H7 l2 v1 `
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]4 l- a# y$ _9 ]! [3 p% r
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
0 _7 ~: _( ^2 O& D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
( V \, `! ^" a% T! K - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
, |8 F" V1 h, t - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
, C$ M- O, E/ d1 X) u% p - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]+ W" }! E( L" [7 P- {) F
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]5 v& F$ J R6 C) U' i# Q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]1 \" e" U; h* l- N1 O
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]- f: a; X! e: B! T* h+ n4 @8 E* s
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
! @3 h3 f0 I0 c" g! g. c - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2], ^5 R" {; K, R* r
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]. [. r/ J+ t+ @: n K! G! I
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
, c" o4 k9 |7 Q5 h( m - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
" ?, j* S, O+ C. o7 O1 Q- S9 Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 m. I+ D* I& l, x: M( R; n; z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) Q# g+ Z2 j- {! T) T+ R$ ] - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ c7 s$ n* `2 O. V. F: ^% M - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ X3 I9 T* D! L# l# z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
* g7 g* ^* d+ N. T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 O+ F9 \' ~1 m4 c( {4 Q1 E$ |
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( Q) q! r- s4 E& \& [! [8 w& f - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
6 t% A3 }# c" W* U) j4 u, Z - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]- T( X+ L8 D/ T0 p9 g! R; M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 o' Y7 Q' n Q* D s5 Y9 n3 F( R7 |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* d9 X' ~! W9 I, I6 X1 i( m7 P - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]. i% d1 }2 I/ G# P# N
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]1 a# X. z$ P; u" i. f( M
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! @7 |& I+ B. W z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
# |7 p! N- w" j2 n0 L8 T - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ y/ M, J* E' q) s! |
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]9 T" s3 @6 E6 Y) M
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; V. I; X% w& \- p3 | - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' a2 p4 U6 f1 o4 t, I - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]% j9 U7 E3 s9 W6 f- Z& u. V; M% n
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
+ m d. u* E `# g8 ]; J - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
- J) J& @- f7 h* g/ n; B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]' f1 Y2 c. m8 o' X7 s1 R4 |) N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
l& k* n }+ S! A - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
' W# G& X; `* g6 Y3 |2 g( y - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164], t# P5 s* h+ J& H" c+ ~: W! f% ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
8 ?: l: ~6 g0 C0 M) z' b8 ~4 ?; z9 } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
& Y5 t* _! s/ Q h" o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]' V, U Y: G! J4 N& P |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
' D/ o9 s2 T: a/ e/ |" h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
5 }, A1 V. f( n - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
# S, A1 }$ ~2 V0 ]2 n" c - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]" r9 ]1 j# d4 U, ]8 W. Y- o
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
6 g" V4 O. X0 n5 |3 ] - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]: K$ U. A- P$ l3 j. o) \6 d
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]4 m" g1 u8 h: L! v+ c. B9 B; b
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]9 q+ | I4 X! {; h- O0 c( ?" E
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
/ `! C. {# S: q' e4 k4 n - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
& R. `& g* J0 S4 H6 w$ e - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
$ ]+ K7 S5 `8 Q5 v - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]" Y2 Y) D, ]: Y+ K6 `5 D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]6 g3 o! `3 o& o. |0 }' P$ L5 ]
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
% I1 c9 j6 n& I' B" p8 _6 o - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! }; Q) W: D4 O) @' C3 R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ v$ D: i p1 _$ l, R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 {; T' N, h+ W' c( {
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
7 O' N b0 X( Q8 N7 l# @9 B# H - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
0 P4 ?5 k& d( \2 H0 O3 H* A8 v( k - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001], a6 Q6 r, R7 A8 \& J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 d) t% N$ H& a0 X: }# t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
9 ^% V$ @/ t+ T8 D; V$ C! m4 I - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' }, a: e- L. I6 S1 k( z
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
: i; @& m) X+ D& o" w! n; n% `) o9 b - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
. J# K3 `0 b5 _( s5 F - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! g9 `+ d: D$ Y% a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
# q3 h+ [. O9 h! {. B+ L" F9 X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* r& P* q' D9 J5 }! v. Z4 k% H
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# {0 ?/ g, _% U# h
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
0 s8 t! q. Q! w, ]4 Q* Q6 l - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 k# e& i7 e0 P/ a2 ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ [: A) ~4 k# M, b! v. f8 `0 ]' b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 c5 N$ L5 T8 h1 i
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ g1 M: r# H# j8 A5 h/ Z
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]; T% d- B& e- ^6 G5 s) m
- ================================== I/ D; T. @) D- X
- 文件关联
/ n: g1 U5 ^+ E3 x. X5 D; w - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]6 r* {, c7 L0 o
- .EXE OK. ["%1" %*]
: k. O8 F3 ^0 C7 b* ]* M3 C( N' c - .COM OK. ["%1" %*]
% t' i4 }4 P* C# F: Y+ S - .PIF OK. ["%1" %*]
/ p4 A2 m9 o1 R/ g - .REG OK. [regedit.exe "%1"]6 P' B3 c" \% j
- .BAT OK. ["%1" %*]; Z0 y: [8 _& N6 x3 C9 X
- .SCR OK. ["%1" /S]& D$ M9 k/ X) C4 ?9 u" v9 I$ f2 ]
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
& G: f. j0 h8 _# e! B" n - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
H/ V5 M6 l1 q3 o - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
4 Y& N0 t: z- Z9 x: A - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
, Q' L# q% Z& ] - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
) F" c( s7 Z& z$ R4 c1 e" O6 G" j - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
! N) A6 u" C8 B; P# c - .LNK OK. [{00021401-0000-0000-C000-000000000046}]: R, h' S- U7 O9 [
- ==================================2 i7 @3 n! }, Q, h* s' R% `
- Winsock 提供者+ S- o( G. H9 v/ H, H
- N/A/ a/ r& X5 H/ G0 s2 Q" U
- ==================================( W; i$ }: {4 T9 l
- Autorun.inf
( c; ]# w9 K% A - N/A
, F e4 n/ P x! t5 |/ j4 r3 q - ==================================- C, b: a" g9 n8 Q3 E6 Q
- HOSTS 文件
" l) K) t9 K2 {8 H - N/A" L" }8 ^) S2 f3 M2 _0 ~+ |* |' D
- ==================================
7 F- B+ J3 R+ B# }0 S' a J - 进程特权扫描, p9 L' j# m, z
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
' T2 I' B( Y, L! L - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
+ U1 |" o6 _' Y3 C* h4 D) ~# u - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
! U% ?) w, c+ L; p, b - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]1 t- G2 W* _$ K7 \$ u# K @) g4 B
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
! r5 s! a6 c$ ]+ k - ================================== j5 B5 J$ g3 G
- API HOOK. m1 n8 E8 |% s
- N/A2 A$ `0 ?; j l) _1 ~& ?; ?
- ==================================) p- f1 o8 _ K! ? V
- 隐藏进程' J( h* a% s9 J
- N/A6 @# l7 {& m' E/ G
- ==================================
4 i: G3 r' m$ F/ N! Q. e4 t" l - 1 _9 m. h1 H% q0 M6 I# n1 ~
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
