|
|
( P; f6 O) ~+ t( t0 q- 2008-05-22,20:37:437 n9 y8 N% Y0 l/ ?0 x
- System Repair Engineer 2.5.16.900) O) `" Q5 ]; [( o: I
- Smallfrogs (http://www.KZTechs.com)
- X% \8 z9 s1 B- w% e0 Q. F; x - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能3 i4 C) Y! r$ J0 H8 M
- 以下内容被选中:
1 w2 x1 }. r& \% l - 所有的启动项目(包括注册表、启动文件夹、服务等): W' [6 ?0 {; Y- `- K+ _, ?' H
- 浏览器加载项
j7 q7 d# }7 u# O+ X* A: ?6 o - 正在运行的进程(包括进程模块信息)
' n" F" \$ Y& D1 I8 z: ]$ j7 @ - 文件关联8 F4 _2 ~' s$ E$ [/ m- q$ I
- Winsock 提供者
8 Q, F, Y$ u0 T J% Q( r/ p0 g - Autorun.inf: e S) `% i% u* @5 @8 N! l) `
- HOSTS 文件
6 u# t! y" G; J; X* s - 进程特权扫描% ]5 C' `1 O2 r9 a9 M; e
- ) u N; m7 \" n& e
- 启动项目' G% f. }) F+ z& ~" `' X
- 注册表" L- @/ x2 y* s e0 F( _" H
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
2 ]( j9 S! t, p4 K; ?7 \0 L8 X - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
* D( A3 q0 K2 X* g - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]# A6 ^! K) f* B$ P) k8 Q" k
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]! W( o, A* N! @4 I! M1 O7 [
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]# d: {1 e. Y2 e6 N
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
8 D4 \ O$ d9 v: E# e - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]* F6 H5 a$ C, L$ Y) A) d
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
' h% ?' K& e5 _ - <PHIME2002A><; > [N/A]1 |0 G7 u8 D5 c; n/ x
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]4 O+ y; c/ W! o% o! o+ [0 Y
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
. Q6 ?0 I7 r6 F0 H) p" S - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]6 f1 ]$ |4 Q# d$ q. q2 x k
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]6 R* j% e0 b" L/ k3 i$ W9 {
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
: W" W4 [5 b6 E; Q' r4 V - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]$ R/ Y' j+ k+ |
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]' ?7 s2 C2 p9 W* [
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]' K0 a0 O+ m9 G9 q' |
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]- Q$ \, g; e- @; B7 u" R- \1 Y% D
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
" k& X7 N+ t$ B( M+ Z. \ - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]8 I0 @; ]- K9 Z+ R
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]) m- G1 d1 j& R* Y% k& W
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]5 V( t0 w1 z9 L1 g1 ~
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]6 X4 Z2 T( _, K$ J; h1 Z: _1 l
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
5 v& f: M) ~$ d0 P9 Y% e - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]$ L7 q5 v3 s+ n- q+ |2 ?0 k
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]7 q3 Q# T+ R2 w3 P$ V% K' S
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
7 ?( K% X6 E7 U# b" [2 B) ` - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
/ N' x2 L: H" U% u( V+ ] - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]5 h# \' H$ s% |2 H3 R
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]' L! z# K3 v/ ^, g, [# \3 e5 Q
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
9 `/ c8 ^1 X" `2 e( n - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
7 r) w' E' F4 X" _) h! ?' G - ==================================
, S/ `: _. K, W; ~# y - 启动文件夹
# f# Y+ r* w) |4 }4 x( b - N/A1 s7 N. C! {! C& _9 _) f% \
- ==================================
% v- E4 K" i. i% I$ S( A8 X - 服务, h6 n( y) j% g7 @& X1 B: V2 k
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
2 \3 L% k7 f0 h, Z3 I- Q - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
& B; {9 g$ Y& i1 w/ q% ~ - [Google Updater Service / gusvc][Stopped/Manual Start]
: ~8 q+ v. S. Z. f6 O - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>& B, m) P" y" ?+ E$ t2 k! x
- [Help and Support / helpsvc][Stopped/Disabled]
* B" m5 P; Z; Q8 T" u - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
* C( t* t9 L0 v5 O9 ` - [Human Interface Device Access / HidServ][Stopped/Boot Start]
1 v0 k) H6 A7 ]7 U1 A! N( b - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
$ x$ l& }5 W$ I+ \; M. { - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
6 \3 i: o0 o7 N4 k/ I - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>1 T8 p3 ]: n: I
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]4 T; K$ k7 p5 |2 w7 v% N: ~5 r! T
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>1 s2 B/ Z) i: B: Q8 z: X( Z
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
5 `! {* f8 p/ h( c8 @/ i0 ] - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
% {; N, ]( N% Z2 E { - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]" R( K5 ?& i; U4 E2 T& k1 t3 I2 j: j- a
- <><N/A>
* u+ s' V" C, Q - [Qvod Terminal / Qvod Terminal][Running/Auto Start]5 Z, _% G. {% t% x- M$ X# x" l4 u
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
$ O$ C% Q' ?; f* ^( y$ ~+ g - ==================================9 U4 o- U& |6 n
- 驱动程序
4 A' z8 @0 k7 O* J+ }2 T. r - [22j / 22jn][Stopped/Boot Start]
2 a, F7 n# ]% K( s' j; p0 Z - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>! n9 [1 q4 a" Z) [
- [360AntiArp / 360AntiArp][Running/System Start]
0 V+ [9 V9 s. z( C# K% P% z - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
# f1 p/ k' a" R) F! K4 Y - [43ec / 43ecu][Stopped/Boot Start]0 r* n" M1 N) S
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
+ X2 r5 n7 ?+ N! p& L6 t - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
' ?& b2 L8 i. |. o0 ]# V - <system32\drivers\ac97intc.sys><Intel Corporation>1 X0 p+ W+ A# H9 c3 v8 V. e
- [Promise driver accelerator / bb-run][Running/Boot Start]
6 i ~9 ~$ y% h9 F" H6 i- i - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
* V' ~! D4 b6 x* h6 z- ` - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]0 C8 M5 \% {) @* l5 i: U0 Z% [& A; b
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
: V8 t! a+ D, O) N3 T) ^) r - [KAVBase / KAVBase][Running/Auto Start]& ]0 f: N O: V3 K0 H
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
* b+ s( f1 `* t5 O7 p+ z) h& m* T - [KAVBootC / KAVBootC][Running/Boot Start]
8 ]+ ?+ c. Z0 |5 e4 L1 T: Z7 j - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
: k' j* t9 ^" z0 J" H; ~1 [/ n - [KAVSafe / KAVSafe][Running/Auto Start]
* c# h' w! Q9 Q6 k5 n# v. U2 P - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
1 J a8 [) _. m6 @ - [KNetWch / KNetWch][Running/System Start]
; S& m9 K1 J" [3 o% Q- o, B4 P. Y$ E - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
( M! D" m$ k8 b' y4 `8 E; X, Q - [KWatch3 / KWatch3][Running/Auto Start]3 {4 J% B1 ~6 V- {# c Z3 q
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
$ x. `, y- O5 K9 H( x0 a; i3 A. ?3 Z - [ntptdb / ntptdb][Stopped/Auto Start]
5 m1 N+ {/ g' l' L( w - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
! U% n+ u; Z' I - [nv / nv][Running/Manual Start]
# @) |: W8 X* X' Y% i - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
3 k5 [$ Y1 R+ j$ w- D2 d3 u1 f - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
% G6 h4 R! E6 S; w" b. |+ h6 D* b - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>/ e2 R& F4 o: x4 `- }- E
- [DDK PACKET Protocol / Packet][Running/Manual Start]
% p6 `5 g& M: p8 [3 H0 { - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
' v k5 D' A7 n- B; ?( V% O - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
3 K+ \# [# d1 |3 [# I7 p - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
9 e0 t0 B$ e# r+ }/ W$ t2 @" n. U - [Direct Parallel Link Driver / Ptilink][Running/Manual Start] v* c J7 o, `- M; ^# A) L D
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>: ]' b4 T; T! m( a6 _" G
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
$ C& v. }4 x( B k r# B - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
4 |# ?' C0 O! S2 _$ w G8 L8 v H' F - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]% `: {9 @4 ?# X5 F
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
* D6 K( |/ z1 [5 R( Q- |$ B( n - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
! `# A$ m! {- A1 K$ u$ r1 S. U - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>7 Z$ r3 `& q$ `# i. h! c
- [Secdrv / Secdrv][Stopped/Manual Start]/ A- I! R/ g% k
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
. b9 N7 ]0 j8 k - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
% [$ t# z; j* ~8 N8 V- d - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
0 x' s& Z; ~/ Z - [System Restore Filter Driver / sr][Stopped/Disabled]) @0 H- S4 P) D# R" [- k, F8 v& E
- <system32\DRIVERS\sr.sys><N/A> d) Y6 x& x# u! I+ H5 X
- [TesSafe / TesSafe][Stopped/Manual Start]
0 h, D3 _3 b1 n" r2 V; [ - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
: a9 e! t' a6 u8 j( |5 ` - [System Services / unzxzsrs][Stopped/Boot Start]+ O' s9 q2 b+ S, \! ]0 A
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>. A2 L& n" q2 p9 Y
- [ViBus / ViBus][Stopped/Boot Start]
5 M j: V/ t+ U$ a+ \! u- l - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>* }: _! K: o2 H, P( S( j
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
8 t9 r s! l( N- x+ s: a - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>6 U# g% z8 e. g! ]7 i6 ]/ a1 n; `
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
( m/ t% e0 U- I u L! Z3 k1 | - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
/ t2 k( S5 T$ ~* t) b6 R$ P - [ATI Extend / zhibmaso][Stopped/Boot Start]
! j9 {6 J; \$ E: f - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>! Z: j' n6 r5 f8 [$ _+ E
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]1 \; T( x) `4 Y
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>. u. }- K, \) X5 J' P# W* G1 g8 t
- ==================================0 D! \% E" E5 y8 D# V( V
- 浏览器加载项
( h' C1 |7 @4 j* E$ ], ~ - [Google Toolbar Helper]5 `( r( o- f; N# I- c1 @9 b+ {
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
# n0 {+ E1 q# C6 k5 t& _% @- l - [Google Toolbar Notifier BHO]) }/ O5 M# C4 m s( i
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>- R- z0 P, u% Y: m
- [SafeMon Class]
8 ~1 }/ a3 x# T) P, R - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>, @* L$ F' `2 _0 E
- [kingsoft browser shield]
/ ~* P! x2 D c5 E; y - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>" q- D1 a2 w8 A+ i& b
- [IEBuddyExtControl Class]
! O/ i9 q7 B ? - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>' p/ V8 @5 p/ T! u0 o1 }; ^
- [Zcom 杂志]
( F# L3 v. `* M- g+ k6 z - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
) ^4 i1 [. x! R8 v" L - [&Google]( P/ m9 V/ T& ^9 U& u) V0 ]% m
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>$ X3 @% g9 \, ^, n, F* l3 n
- [KooPlayer Control]5 W/ S# ~! i2 x9 I" [) [
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>' k8 v3 }1 E1 S5 d
- [Shockwave Flash Object]
0 }9 L; m) T; [8 a3 {; b' l- s - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>. T1 f% U3 F: w; L! H8 D
- [KUpdateObj2 Class]
- d0 M/ [& d0 d) h7 x - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
. D( q( E7 ^2 a) w; V! Z* d - [Google Script Object]
/ a9 a! Z/ K w; C: }9 Q - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
! {0 h p# h, O5 x: ?6 L0 @( A - [EWA Control]7 g4 g$ H4 g) k6 | }
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
* l; @" i' F; b W) d- S - [Windows Media Player]
% \4 T& y6 E8 j" J% S p; t2 b5 e - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
! g0 M! T/ \ A8 b8 A; R - [&Google]
4 e7 |* B5 |2 [9 A - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
4 E3 `; {) G/ o6 n( ~7 p - [HTML Document]% u+ ]' X# I: r& k4 b; p5 v
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
' }8 m% D& n/ Y4 Y6 V" W* C' Y3 K - [DHTML Edit Control Safe for Scripting for IE5]
. a& A$ I0 K+ _0 I - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>( C4 Q! b1 \: o, J
- [RealPlayer RAM Download Handler]
; E2 {- U( [0 v; A - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
7 H9 U o' t# Z6 \7 ` - [IEBuddyExtControl Class]
0 ], l/ f! }/ K1 z- Y U6 x, O( w - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
- ]8 `( {3 e* P& ]7 h - [XML Document], m: n) Q6 y6 [6 S+ e9 {- j
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation># x( r+ V* A' C" g' o! F/ }5 U$ H
- [HHCtrl Object]; \; w; s/ D) c3 `# ~
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>5 J; _6 k3 i, |# o3 R
- [Windows Media Player] u" ^" H/ m6 A$ J' S1 T
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
$ |- |# z$ ~) p( r# | - [Active Desktop Mover]
% d/ H; H, G4 O6 [ - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
" s% @( `# P; V$ Z/ _/ {, E" _ - [360SafeLive]% c' g6 n& c4 s( d3 v! @
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
6 C: @3 K. b' N3 g0 P* P4 C - [Microsoft Web 浏览器]! z$ F. B# d8 H2 f. X4 T# V2 m
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
. v6 P! D- H+ ]5 y9 h - [Browser Enhanced Objects]
. u$ R# Z5 [ ?1 x$ w - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
) K z7 n' r( H% U - [Google Toolbar Helper]
9 z: p/ ?0 _$ c9 Z4 g - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
% o1 R' Y( `# \, ~5 K$ m - [Microsoft Scriptlet Component]
' }2 {" R+ X3 ]* b0 A. X; v: C - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
* Z5 t: W0 c+ c4 t. H7 q - [Google Toolbar Notifier BHO]
7 C% c3 T; c# d* } - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
0 B4 _0 N. E% v; _! c" g - [SearchAssistantOC]
+ n* t- l$ |( i1 t6 C - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
/ A' d+ I7 O" }9 c' R - [SafeMon Class]; L* D# z+ }% y- M+ y- u
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>( \, w+ e. x+ F7 D" {% J) H
- [RDS.DataSpace]6 l- q P5 H5 O
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
- e q5 f% ?5 ?* Z( e7 C8 \ - [KooPlayer Control]' Q# _6 X7 \6 c' [
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
9 _ } l: \( ?5 \6 m' ?; M/ q3 P) w - [AUDIO__MID Moniker Class]
/ I! z) G% l4 a3 f - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
' n1 G9 l/ o5 j) F0 O - [AUDIO__MP3 Moniker Class]
; m7 ~. ]) G$ K* M& t8 @ - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>* @( q) P) S* u, ]& H+ ] ^
- [AUDIO__X_MS_WMA Moniker Class]7 U; O! D8 j3 c" x: U) r
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>9 ^, i3 ~" F& n5 Y* d
- [VIDEO__X_MS_WMV Moniker Class]
/ ]& `$ S/ h; {/ m - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>6 E L# n+ V/ r/ r
- [RealPlayer G2 Control]
: ?$ W9 V# t' R5 ^ d - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
( v S& t/ |& x% N3 _ - [Shockwave Flash Object]# X4 b0 q x6 H0 i2 L- Y& c" e
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>; T7 k8 o- \! m- Y
- [KUpdateObj2 Class]
! B/ b* {7 ?# B2 L6 X% L9 v - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
* g( b# S) T8 r+ E, s% P7 ? - [kingsoft browser shield]
' f/ B' a6 j: @ M# U$ V) N - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>1 _( s$ M( y. C8 m( U8 |2 p
- [PasswordEditCtrl Class]
4 F: F% Q: E* v) D- U( X0 P( E) V - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>" q! j# ] U6 Y4 m% r$ f
- [QvodCtrl Class]
+ E# w/ q' ?9 X2 i; J; t8 R& M% L5 g - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>2 X2 @# H n! R* k" k3 X
- [&使用超级旋风下载]
7 y7 J. ~3 U2 @9 B7 q - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>' [5 A/ B5 a. d% `0 X0 c
- [&使用超级旋风下载全部链接]
' T3 w0 p- ]6 }4 B% k - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>' k4 T# w3 K8 r) t0 |
- [使用迅雷下载]
, @4 t. o4 O3 S7 w7 Z/ C6 w - <, N/A>' f4 r8 F/ K3 A+ N. O* g4 X
- [使用迅雷下载全部链接]: \ a6 v7 U; N* M4 e
- <, N/A>* S; H( U" P/ F; y* Z( ^; i( G5 V6 L
- [导出到 Microsoft Office Excel(&X)]- [% a( |/ x3 N$ z6 P; M/ n4 f
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
6 r; m: G% n% d; k3 C1 b5 p; r2 D" h - [添加到QQ表情]
, A) [0 S! {! x' ? - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
0 Q0 N) f9 u' h# O - ================================== x G' |/ B5 y0 d
- 正在运行的进程
/ S/ ?: ?7 J2 b2 n! W- J1 j7 s! c - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) l& m/ a! A% Z: V8 \; j* z5 H
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' L* i. Z" f$ ]- e
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- g- D0 v, ~* T& T+ y5 [ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]% `; L# W! y4 U% U
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ ` @8 D! [- w7 m+ k$ H3 C - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% f+ p5 F. e$ y. k* a, ] - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 l6 u# U( u5 C/ o6 ?$ X1 w - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" S! I# [8 M( p2 d - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: Q9 s. S; C$ p* E2 c& J/ @1 V
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 N. v0 ^9 g7 [6 a2 P7 v7 V; ^. D - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- g5 m* c) |; Q; X, x3 b/ P+ Z
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)] k+ [: o( Q1 ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; f. U5 P0 z5 [* z3 ]& K0 ]6 L0 q) W
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' Z! Q( K' k9 J- E) u! V - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
% |& u6 v$ L; O1 g' W, |6 I! u - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]+ ?0 o- n6 ?* s" r6 O& M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
1 L0 K; C+ W: y* O6 U& V8 ]+ b4 K3 a8 w - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]" T5 s. l9 L+ p3 L& z, m6 @
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]1 ^# m4 @; U8 D4 d
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
7 g7 ]. i' w8 R% ^4 t - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]( r, \+ l+ V' C* u% v" c* Y4 C5 ]
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( b' X) ]4 _ h$ `
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]" ~( M$ b1 M8 q
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]2 r8 u" V. S2 T f8 K. v
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]. m) z7 M+ r, B& b( c
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
$ W8 l4 c) W6 [( |$ r8 ]' G& L2 W - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]5 \$ [/ h! \9 A) x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 S7 z& p% j! w9 Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) w# K; @* C$ N k& b9 X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. n* ~" \; w$ C1 ^ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ z- v8 k/ b- t' n, Z% ?
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( H) T4 A* d% O( ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 p) A2 R O3 T5 N8 \. T) \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
9 W0 s, W8 U! [, K1 P2 U' t: y - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 Q/ @$ C1 G/ F* N$ m9 G( ~ - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
. C, ?/ ?3 s) ? Y$ S- }! ` - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
- {1 n" M1 S: N3 y4 n2 z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) @9 p8 ^# z1 ?4 B0 R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# N! w r$ O7 w
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]( R' D0 y% ^! U: W6 U. }
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
+ \% t& @: n$ ?$ |) b& f - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]+ {- J3 [5 K4 I7 u
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]% `2 f3 v% y' i$ Y/ ]1 ]
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 I& h) m7 p6 ~6 n
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
' ?* P0 |# U, J) V - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( {% r1 F. n, s% X& V ~) Z$ W; X$ h
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 d1 M; ^' G! s# x; m - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
, P$ g! v* [7 J$ G0 j - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
i. x1 L- i# o* T0 a( p+ A - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. v, B, i9 n# x: f$ M1 T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 B! \% U/ n8 k; H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 R8 C. b4 k4 u" y
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
h% ] n$ L) K K* k( r& G - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
. `; Y4 T- s! L; Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
+ ~- x& z$ R( Y7 Q8 Z! T" H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
( t" ]. y7 j6 ?2 _8 ^1 K/ u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]" z L4 Q. F. _! E' q8 q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]' B+ {0 x& S4 ~! Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
$ w1 f( b# j5 g1 p+ b% q4 ~ - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]0 Q4 g+ B- Q3 V* s Q
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
. C& P, E4 f o$ F/ E - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]* d- }5 @' j# ~) I( U
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
$ K1 r8 a# q& |: G: l( z! u! A: h - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
, m, }4 f3 l% u4 b - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]+ ~4 U3 ^4 T7 {
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]+ i- U% o8 E0 o
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
) _: ~4 r7 @' I/ P - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
( o3 ?' Y& ~3 f y8 p - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]. k9 }8 {" @, T8 x& `$ M9 D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. Y4 P" f9 K) Q" M) c; H" t
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]0 r( V5 d: i% S; o
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
1 p, ?! ^# t' c% Z( ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; H' P% u2 A5 L3 F+ O$ W! B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 K. n4 I% Q. z3 h% t
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 h/ d* g- s* t) Q - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]8 A5 [2 d) Y1 A( }5 v/ w
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
; K2 X* e. W5 }0 S6 ?8 z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]9 L# D9 U+ G; m: [- F' h5 p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
: c* A* U5 |: n, a - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
8 |8 ]. }5 r3 T0 n! t+ I - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
5 c8 W4 _6 ]; \- M1 e7 ~ - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
# Y* Q4 V. n0 ~: y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* F V2 ^* ^0 c! g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]7 C! b6 C# |1 X% x2 N- @5 c& \
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. |, E5 c% P% A - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 D+ f9 }2 j, O: z/ U% u# k- f4 a, T, J - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]/ M8 C" Q4 E; [( a
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
* X: ?! m% o+ t. t5 T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]! U, c0 c8 u1 Z }3 B5 a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 t5 M, ?, W T. p/ ^ ~ E$ j; O
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
- A/ k* H' Q+ g - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
: f; R1 ?' u9 A - ==================================
$ t1 x% `8 K8 R9 o; P9 n9 ?" ^" ] - 文件关联
. `7 W% G: H; D6 |% N0 V - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
* P2 X- L* C U- d; B ?, e - .EXE OK. ["%1" %*]+ x& z: L m: f1 c7 a) j B: l
- .COM OK. ["%1" %*]
; N/ D6 Z( g& X9 q( @+ ? - .PIF OK. ["%1" %*]
+ x( `) q! t7 _. J1 r8 z - .REG OK. [regedit.exe "%1"]# b) A5 s. ?0 G+ L- |4 S8 O- S
- .BAT OK. ["%1" %*]; H4 E3 w; N1 M3 b
- .SCR OK. ["%1" /S]% c- `3 |) X7 N0 p
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]& s$ ?* w7 k- P q
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
) X0 q* [* V2 D0 t. [( J1 x* C - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]! c& F) T! C$ S9 N1 ?4 i
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
% P% M8 W' w: e& o N9 M% o - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]- s! g& M1 `& g4 g* E9 D
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
4 O j" X4 z3 [ ` - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
+ ] v6 Y" n' x2 r6 u d4 Y! B+ ]7 Q - ==================================
) a i; w0 K1 {+ m# _1 O - Winsock 提供者
$ v6 Z0 {) X( b! h - N/A
: T( P" c3 J" U- a$ t7 I' g* z P5 l, ? - ==================================
5 s0 e/ ~/ x0 [4 O2 w' `" a - Autorun.inf
! r4 C0 N- m" h5 I1 B, |, y - N/A
8 y) Z O8 l& y7 t8 u3 w - ==================================
6 T2 L7 z3 D4 G* N. C - HOSTS 文件9 N1 Z w% |* S9 ]. `
- N/A
: b4 N5 C6 v) { - ==================================
8 ~; c0 @ s, ^5 n: p- W) H; L - 进程特权扫描9 B* O/ ]0 E$ V( v- w
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE] ~ k/ W3 m2 P
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
' F# o( R" ~, |# G) m# K2 y$ U, O - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
$ ]/ P/ x4 M P. t0 y - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]& r0 V9 V$ W9 B: p: C
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
, Q* k4 Q* U$ b9 r3 q7 Y - ==================================! \' A9 _* x+ \4 E, Z( ?
- API HOOK! ~8 a' l H" U; ^; P5 T
- N/A
3 ?* r6 B$ l8 E4 f2 f' r0 R - ==================================
[6 B4 N8 G- s* h4 R* \2 Z6 W' p/ R - 隐藏进程
" ?5 N+ X4 p4 G# y - N/A/ f. s6 K6 w9 S& P! K9 W
- ==================================
9 e7 _: C0 a F0 {5 T! { - N$ \$ W1 D }+ K& a( @
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
