|
|
* F1 }* E. D: O9 P2 i, s4 g- 2008-05-22,20:37:43/ S0 K, p4 z, z5 c
- System Repair Engineer 2.5.16.9002 X' m( q; A8 \9 Z( l: ~7 B6 c
- Smallfrogs (http://www.KZTechs.com)
- o- l0 ?% I! E - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
2 S, r: G. H8 R+ r$ {! F2 Y - 以下内容被选中:( y4 e# r- {6 L; @9 h0 k: m @
- 所有的启动项目(包括注册表、启动文件夹、服务等)
, X/ Z1 @3 l" _5 u - 浏览器加载项2 O, G; {+ z, S$ m$ n" `
- 正在运行的进程(包括进程模块信息)/ {8 @% m& ]& ?6 z& I. L( F
- 文件关联
( o" F, E2 w$ N/ P - Winsock 提供者: Y5 w- B+ s7 P0 V0 e
- Autorun.inf7 @) e( H8 O7 a
- HOSTS 文件; q% s s2 S) Y/ b$ z' G. z
- 进程特权扫描& }% I! \% o; g7 C5 T% g
5 N! ?/ `' S) {+ _- 启动项目
7 N _- d( y8 n; s( A, z; C2 T8 C - 注册表4 i' M* @9 ^" E" w1 Q
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]) A y K! T6 x0 \& e* `2 b% o7 {
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]3 H% P5 `1 R4 {+ R F( H
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
8 z$ x9 G) F1 w9 l% } - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
" U5 Q9 N/ I% E# I% M - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]) s. l2 g+ z: T# f9 [% _
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
" v; g1 Q& h* y" ]- y; Y3 i - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
7 r% Q& K/ Q( w8 N" c - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A] }4 ?& r# b- M0 ]2 b. [; E6 H
- <PHIME2002A><; > [N/A]4 I4 A# t/ Q0 z9 k! ]$ `* |; A
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]+ k4 a, {) o: b/ Q0 h
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
. d1 [) P5 R: P' M - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
5 `5 k$ N, r1 e. s; C1 q& H - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]0 i: x2 W9 I! T3 j2 h& B
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]9 r& |2 B) Z( }* L/ }* g9 N
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
: i, |0 d) R4 V$ k5 r - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
: e. p1 i4 L# X* ~, F/ S+ A+ g) A - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
: ^* |3 U5 c% Y# g$ g" G+ a: ]6 n - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
5 i I" S$ ?" F- O! D - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]& b2 x" b" z8 [3 f0 {+ t
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
6 A8 S9 s% ~* N) ? - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
8 S6 o {( Y. _/ v9 w# f - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
2 b4 A, |' W: q. d - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]4 M; o% z, R: }! A/ O4 o
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]5 E* F* j" `2 b* o, x5 c
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]2 r8 n& A; C6 _: M
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
3 k+ |9 S- |0 ^1 ^. ] ] - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]" K0 M" \' Q; B' c9 R' K/ t
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
% a5 x5 r3 l; S$ `! z1 K - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]* U f9 u6 w1 @
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
; T) h$ u8 c) W, |; b2 k: q; K3 _ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]' q( ?1 G; h( X: {% Z* p6 ]% d
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]3 s! \! V, N% ?: Q" n2 H
- ==================================
, I( \. L! \. X' \$ z - 启动文件夹9 U+ [/ a' t. Z- ?) c3 v0 E8 p! q* G: p
- N/A
. j* h8 [5 q* p6 B' ^ - ==================================
& }1 \$ w7 n4 f6 k1 i# m - 服务9 Z2 X4 \/ L8 \, ?: O
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
5 K0 D" Z1 W2 p. V8 P6 l+ W" Q - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
9 K! M) w/ V& |2 b - [Google Updater Service / gusvc][Stopped/Manual Start]; m8 l; n6 v' L8 A, u
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
6 ~% `* d" o: x1 x - [Help and Support / helpsvc][Stopped/Disabled]
! i5 ~+ r' C, J( h - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>3 b7 Q, [! K/ |% T* C1 M
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
$ g) F7 f' {/ E: f1 K) H7 l - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
7 l$ d5 K+ G5 [- J/ B8 k8 y - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]8 u4 m% }, F. `# U% @$ K, w
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>% U7 L) D6 B7 V
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
1 K% C, ?% T; x! E: d - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>6 c8 ~3 ?* k. N2 Z/ l- n8 x
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
y+ w/ c6 G* r" k: o3 A - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
: N! M ~; p6 G( u, T' P* f - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]2 k* N' [) Z! H
- <><N/A>
4 U* U4 @% A2 e& e9 X5 V - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
+ T7 E! p M a& ]3 W* O - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
2 ]) ~* L$ s8 ^8 b4 \ - ==================================
% m4 T- p. E4 m7 @8 ^$ H - 驱动程序$ Z+ g8 [+ O( u; B8 s8 e5 K
- [22j / 22jn][Stopped/Boot Start]
' ^) o$ x% f3 C/ h - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>5 t9 f* E$ e% e
- [360AntiArp / 360AntiArp][Running/System Start]# C2 x+ V1 r; ?1 A4 m
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
1 a2 {! Q$ }. A! l - [43ec / 43ecu][Stopped/Boot Start]
. x1 p6 R9 n7 u3 w, P+ L - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A># {) `1 Z2 E; X: |1 j5 L& M5 c; B' f
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]( f5 O# U' w- K5 \. g2 Y/ x
- <system32\drivers\ac97intc.sys><Intel Corporation>
$ J8 h3 L" J7 g. @3 w4 u) t+ o - [Promise driver accelerator / bb-run][Running/Boot Start]
1 I g$ _8 [0 T/ r# \/ i/ y - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
! Z8 e: Z( U9 K8 V/ q5 ? - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
8 K+ u& @+ {2 M2 q - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>0 K2 `4 z6 j+ s6 ?: u8 }- g' B
- [KAVBase / KAVBase][Running/Auto Start]6 G: C% l1 d8 l$ e( W
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
" K2 S3 W' e+ g9 O$ H" C - [KAVBootC / KAVBootC][Running/Boot Start]
; Y5 Y* V4 L# B; B; l. I - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
- ?7 S/ B3 e" ]6 H - [KAVSafe / KAVSafe][Running/Auto Start]
7 y ~9 a# F: d5 U - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>5 K, A+ G& K* y- Y; e) l( Y
- [KNetWch / KNetWch][Running/System Start]6 l/ v- y- k* @4 W6 D' n9 d+ y
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>1 n( c1 P3 V ]1 Z
- [KWatch3 / KWatch3][Running/Auto Start]2 ?5 m U' _5 Y$ I0 w# f4 P% d
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
9 r3 Q8 W9 X2 ?0 Q- e% q8 m - [ntptdb / ntptdb][Stopped/Auto Start], Z1 p" L1 ?/ @! T/ Q& i5 y$ t
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>) O; ]4 `9 P A+ |* X
- [nv / nv][Running/Manual Start]! x+ }$ N6 J' U
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
- l5 l( @ Y( i2 R# P- \. E5 t; w/ w3 I - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
% _2 I3 i$ y0 a# z, T - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
% H2 i4 ^. C U% t# m - [DDK PACKET Protocol / Packet][Running/Manual Start]7 q% Q. h) N/ ^7 r
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>$ d4 [( x1 D' I3 ^/ ?
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]- U- F5 K1 Q4 s% T- r1 d0 u9 [
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>+ z# O( Y" @7 u9 k! B2 g7 p/ e
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]3 F1 @2 q$ o$ B( Z
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
5 p2 H. A% @% R1 v8 i - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]. x' G& Q7 v$ B4 e% o) v8 }. r
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
$ w. N# ?' J" f4 T8 x - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]. Y3 S8 S7 x \, q* [# x
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
2 q* ]: N! [: P" w8 k - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]2 j4 N% E2 d4 Y p5 a' }
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
3 S* O0 [3 M: _ - [Secdrv / Secdrv][Stopped/Manual Start]
1 g* X# {6 O. z: d+ r- E/ r6 q7 o - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
& m: I; r! [. r+ f5 L/ }( X - [SATALink External Device Filter / SiRemFil][Running/Boot Start]5 k" A0 D; N9 F& U
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>$ M E( P! {. u8 q+ C
- [System Restore Filter Driver / sr][Stopped/Disabled]1 @7 S% i8 V! f r6 ^, F. g
- <system32\DRIVERS\sr.sys><N/A>
- n) U$ ?, x+ J1 k d' q6 z* E - [TesSafe / TesSafe][Stopped/Manual Start]
+ U# d- R" f! `! \5 I* k, i - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
- l8 ]* ^+ i) `/ z8 C: _ - [System Services / unzxzsrs][Stopped/Boot Start]
6 G; N" W, w: w+ l$ E - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
- A9 ^7 X* k6 x8 A+ R4 f. C/ } - [ViBus / ViBus][Stopped/Boot Start]
( p ~# v' G& Q1 P6 o0 v - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
0 C- Q) o3 A( }& L' } - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]9 k6 c, X# X! [1 X, p1 S
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>- ?( o( t& K9 e: U' H9 y6 m' v+ m
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
H3 p( k7 \! S1 s( r - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>$ b" ~; \3 D" o- q5 a0 z! T
- [ATI Extend / zhibmaso][Stopped/Boot Start]
2 B6 Y2 R/ @6 p8 ~( K - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
3 N1 W6 O( r- x h - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
" c/ u9 k% q8 e( { - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
' L) X8 L# c" C6 X7 w - ==================================
. _4 O o$ b4 @7 a) s6 n- R - 浏览器加载项
2 a( C+ [8 p6 `+ a# D- ]* n4 t - [Google Toolbar Helper]: I& a8 x9 W: e3 ]
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 [! ` e' l' @) j& b2 Q# i
- [Google Toolbar Notifier BHO]
, U3 S+ q& g* g+ C - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>% z h; p ?1 ?, V4 S! M
- [SafeMon Class]9 u5 C, N8 m4 G+ R* @# B' U$ h$ }
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
1 W5 y: e0 [7 G5 ?/ a - [kingsoft browser shield]
* i3 r' c5 I5 N& v6 Y - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
) D% c( [4 k) ^; c - [IEBuddyExtControl Class]
+ N' K- \9 e4 ]8 c; e- v2 {& A( I - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>" r0 K8 R) J) d" h
- [Zcom 杂志]
+ h2 ^ z% m# |" q T - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>0 u5 E9 W I; |- A% I! _. @! C: Z3 t
- [&Google]- l1 a$ F( \; ~1 n; c* e1 c$ P5 K
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
$ [% R' j+ w$ M$ R# m i- b7 O6 Z$ }2 ^ - [KooPlayer Control]& I J1 V" ?; q+ P# B, p
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
. l( ?) s( `, w - [Shockwave Flash Object]
9 P' j, O6 n# |9 l' x5 M/ q) r# I - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>6 _: c* u0 X* }' M3 ^: g7 d1 b# w
- [KUpdateObj2 Class]
) y( Y: \2 X8 N9 }' _ - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
$ j# |7 P- i2 F - [Google Script Object]
& y& d9 y7 R; e; ^5 B - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>; r2 L) G G+ C0 l
- [EWA Control]
5 a9 t1 y# Z i" h0 ~ - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
8 x4 a; O z" B) X - [Windows Media Player]+ A0 P- y# B4 Y
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>7 K( ]* s8 o$ j. Y
- [&Google]: y. s0 V& S8 j) v2 j5 V' S1 W
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>" ^& \" x D5 m& H9 z: F7 O
- [HTML Document]& b) }' \( r0 _* c
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
# d& f, D0 X% r$ |1 _$ T - [DHTML Edit Control Safe for Scripting for IE5]
" i6 n0 {5 g2 O H - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>& E1 Y! y4 p/ f+ x2 h; ^4 M, t
- [RealPlayer RAM Download Handler]
5 K9 y( S7 V D- C - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
( e2 Q- w/ p; @3 ]( L - [IEBuddyExtControl Class]) H8 Z9 f; n& f, N; f; @
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
: V$ a* r+ p! ]! T' \; l7 v - [XML Document]
4 [. j6 d# t! a1 _) ` - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
6 r3 a- e/ D% R \ - [HHCtrl Object]2 R8 ?1 E* M; q( \
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>2 N* p: V o4 Z; @7 `
- [Windows Media Player]
: z6 J+ _& B: H5 e M3 o e) z( H1 R - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
2 |( ?; Y' r! f( m) X - [Active Desktop Mover]6 e$ r- l& A3 Q1 k) @6 }. v* e
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
, r& ? K2 w! R+ x L* |6 m - [360SafeLive]. a; q$ B h+ `8 ^3 H
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
$ C- n6 t+ G8 q6 O - [Microsoft Web 浏览器]0 T b6 V# W$ v; ]/ T
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
; B, r: z0 o- o, c5 x - [Browser Enhanced Objects]
! `! B2 u2 s$ t/ ~! |) ] - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
5 \! q1 f8 Z8 E r - [Google Toolbar Helper]
% v h n" A* ~) [/ \, P) Q - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>$ q! }0 T6 l0 W! ~1 T2 ?1 K0 \
- [Microsoft Scriptlet Component]- J0 K3 Z2 P# f+ E$ J) h( n* N
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
( p7 | _" \' U S, T" c/ ^! `6 w - [Google Toolbar Notifier BHO]
; u n0 i1 b% {5 w5 E - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>3 R: V( \% [! G( t
- [SearchAssistantOC]( z+ E& U/ { h
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
( M( k: G' b, e i; L7 [9 z5 P - [SafeMon Class]
# T: _# `) |: j. S* x4 G5 O- } - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
4 h) U' x) i6 }! k3 ?; m7 N - [RDS.DataSpace]& f6 p7 n3 Z0 O f$ o* A" s
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>$ |, k- B6 C; f3 G1 `3 z" r
- [KooPlayer Control]
9 J: p; e% I" l% D) H - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
5 x! U+ B- a( ]3 f# \ - [AUDIO__MID Moniker Class]5 g0 G" {' T. R: ]& ^7 J1 j7 e' D: l1 `
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>8 y: [, H4 ?3 }; B- U! n Z
- [AUDIO__MP3 Moniker Class]
$ r0 L7 z5 b2 ]3 l& |" v - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>7 M/ ~* Z% f& O( {" j% G
- [AUDIO__X_MS_WMA Moniker Class]
6 r3 Y+ l8 z! Z( y' P: ]" a - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>! e& l0 m) b6 W& S( h% k
- [VIDEO__X_MS_WMV Moniker Class]
7 l0 _. T4 J" S% y - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>) H7 _2 {5 R4 [. `+ N
- [RealPlayer G2 Control]
" q7 \2 Q- e' y1 [ - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>+ l+ P Q9 @+ h
- [Shockwave Flash Object]- U2 Y6 |/ j' Q7 i
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>0 W% C2 X8 ]& |$ i2 U w9 P" W
- [KUpdateObj2 Class]& n' V+ M: C' ^/ Y' Q# T! b
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>5 I) U( a6 E( S5 \% ~
- [kingsoft browser shield]/ h2 o9 S- q G' \5 B$ N
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
9 Z# }9 F$ U( J. m4 e - [PasswordEditCtrl Class]
6 y z# T* O+ [ - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>* U+ N- D/ ]8 c* l5 n# ?9 i5 \
- [QvodCtrl Class]
# L: [- u; K: n5 Y, ?1 B - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>6 t7 C% a5 z" c! Z* r1 I
- [&使用超级旋风下载]: |6 [' I. r1 ]/ C- Z
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>0 U/ ?6 e, {9 t/ @& e
- [&使用超级旋风下载全部链接]6 W+ w) T7 P- C1 ^# @" o% |% E
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>, n' ~8 j0 p/ J! ~2 V
- [使用迅雷下载]/ m; S# W$ V9 q9 i3 k
- <, N/A>
9 d& i: M4 ^5 e" b9 N! m1 [ - [使用迅雷下载全部链接]
: Z5 t0 W; r2 A1 M0 Y - <, N/A>/ l" }; |6 i$ f# w7 `2 B0 J
- [导出到 Microsoft Office Excel(&X)]
6 L) s7 U+ ~( m - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
3 i! M1 t" r: U& { - [添加到QQ表情]9 X/ Y; l) \5 ^- F; G% [6 J% i% K
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>9 ?* U; C( N' V5 t; N4 j6 O4 ?
- ==================================
3 H+ X+ W4 ]) ~2 q2 C - 正在运行的进程% m% G' L& |1 S7 K
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 e' ^/ Q3 O/ V - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ k+ n3 m7 H( R8 J! X+ N8 I: P/ A& D* z
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* ~1 ^8 ~3 K2 t" { - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
6 G- E7 H7 _* h$ c; Z! C& d5 [ N - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 j" j; d) G% |7 h. {3 p - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ K( Q5 S4 T+ C( J
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ i( \, I! G- @# C1 o: D' Y2 [ - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* _0 b1 G( c% }8 }4 v9 x1 r5 x
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 c% Z- u7 o: D9 c& D* [% z - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! h! E6 U/ o M8 ]; K8 L, }( V
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- c+ b* @% [6 |# n - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]0 |0 ~% N: M. S6 N, ~$ q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
2 A$ y9 c+ Y! j# Y$ v* |4 ~( d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 Y9 k- Z( h' g
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]$ y! C8 K5 R0 H% g, b4 b
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
1 ?" a, t& m" B( F% F! E8 j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
3 O1 y4 ~3 l+ l; h! b5 ]+ Q - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
( j8 D3 B' X/ q' l# b' Z - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
) x4 o1 U Q+ r* @& Q4 i: E% g - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]- g8 c! y3 `4 ~' V
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
1 \" z* i6 G. f8 d3 T7 \8 h - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]3 g8 J" f% z7 r1 I: n/ m
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
$ \/ g1 o5 N) N8 F - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
! U( Z- J2 C9 R9 l+ n# J - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]0 ^3 Z) @1 S+ }- L+ t& C! E
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
) f7 G5 d: t3 a. e3 i- o3 Y- z - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
! n. B4 `" k7 k, B0 l4 \5 D - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* s |, v; t( C* S) A' J% h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ ? d% u3 U. ~! V; o2 C" F' S/ V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% Q2 ^+ _, V9 ~( M - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]7 W5 ^8 ^: w% m( E3 I
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ m/ z" j" g E( H( `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& r3 \& e0 z8 y3 x1 I. B/ c- |% R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' v" e X3 x) c+ _/ V; U - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( O' q$ z2 u8 w) y8 m- {% F - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]. T4 I9 I2 e( a) m! [( U* ?5 ~7 A
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]7 X. ^+ i, ^+ l# p8 ^. ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
% c7 ]# n0 T5 M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
- J: @6 E+ S+ a: R! |9 O& `0 H - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
7 c* k* h3 }( O B8 Q# @ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164] \! g2 {$ `" F `
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) M" S, a/ c9 R; d6 e2 A3 Q0 E - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 F/ `- k+ I0 m: X* R
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 Y, O v8 {1 `" U - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]3 S2 G2 |' P6 _: }$ d8 v$ o' V
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 T8 N3 A( E( w% W l - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 d+ X' c* g ^( o M# F - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]! K/ ?: ^" _4 U+ v7 S. d# y, A
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]/ |8 ?/ J' b0 ?* Z: f
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
- m6 z q( m9 G5 g& ]' E - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]6 Z& n2 i- |! V4 G4 A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% A1 R5 Q) ~4 p O/ i5 S
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]- r& W7 q; B8 Q' a' T
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
8 h. L Q+ _! U$ r8 e9 D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]3 O, `' j6 [$ u( n7 I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]/ l9 e! _1 Z5 t+ e9 Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
, c2 I; h4 A# J$ C+ ]0 o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
: V( G, B+ Z! i5 Q. s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
% o) Q+ }6 T9 L$ k - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]/ ^/ P# d; ~1 G* p; L1 G R" T; J
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]2 b: J- q3 O- M
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
0 C- V) {( P/ v; S) ` - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
5 E6 H8 Q5 `) ^: u& S. U: O: h - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
( w" L& \5 V3 S. `7 {% j- V+ B - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]: p r f2 g# _6 B6 S% d& o
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
! p9 j6 U" k m: p" T - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]" P# P# K$ O" s9 A5 S# d' H/ [
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]+ c( L1 Y0 Y4 v
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]" ?8 x7 h) X. L# P' [+ L' Q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0] H/ o, I- A& f; z& q
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]# Y4 m( e0 U$ n/ { _" b; u
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
; f: x# c) D8 Y: b9 x5 Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]% u* B6 q1 b# v- ]: W3 L( f' |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 ~0 r) n [: U: D( Q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]1 X8 M7 S; z2 O1 u2 ?, X! w
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]; q; @# `- A7 m6 @* f
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 w1 T8 R" f9 {0 }3 ] c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* R. @4 h& ~7 n b+ P+ I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
V/ g! J/ L; ^9 M8 M1 J - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]: l% ], D* I& M( U8 c# z
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]% u0 D' L' l/ {' j x
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]2 ?: v$ t' @' {1 {" I) r* H& |
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ T" C9 x* I- L, D9 r9 y8 D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) w1 L% j0 X4 E, w& `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% t8 w# ]) A& `
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 n2 A0 Y: l2 O% k; n6 b; c - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
5 {, @) |& ?- D2 @ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]" ~4 C7 b6 w0 @; ?3 J6 m e8 B7 Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]9 E% P0 w+ K- q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' h, x6 W. X1 A7 A/ ]& r - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. B g' S4 [4 I1 m2 s' `6 g
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
6 B* n' J5 v* f8 d - ==================================
5 W2 g4 }" H$ U" ~ - 文件关联
" M7 m" u, L& ^2 R - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
9 M) u6 ?8 K$ m! h, @ - .EXE OK. ["%1" %*]
8 [, y+ k) o( i+ X7 A" H1 m - .COM OK. ["%1" %*]5 |- a! F6 P0 G+ K4 @" I
- .PIF OK. ["%1" %*]
0 {: t8 S5 b8 F& L - .REG OK. [regedit.exe "%1"]$ N- B4 @9 K5 X- q) O5 w
- .BAT OK. ["%1" %*], u% A1 S! b6 J5 n5 r$ C
- .SCR OK. ["%1" /S]# W% x# k6 Z- G f
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
3 r. F7 I- ?% [# ~7 |- o' X5 p - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]! h4 H9 v# C7 g( x5 u
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
1 s: f$ a1 r! z; q3 N6 j) N5 ^4 I% p - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]& g4 {6 J2 i0 O5 _; k; A& `2 ]
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
4 z/ g$ N# g) j& y, k( ]+ w) O9 r - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
: l$ q9 E1 Q3 l: |: u: R& _* G - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
; F. f H7 d* o0 u4 _+ l; Y5 E - ==================================
& \$ u* @+ r6 \& G - Winsock 提供者2 t0 }8 s4 V# L* ]
- N/A- l" }( a$ {6 c
- ==================================2 ^) D! u& e5 [, t3 C+ X5 U
- Autorun.inf
! _7 j* @! q$ t6 C$ [$ C - N/A
6 z) Q& g, X" y | - ==================================
* V2 V: ?7 b( Z V) l - HOSTS 文件* h p+ T; Y8 k/ t) Y0 @. [
- N/A" S* U( [1 P1 h6 Z
- ==================================
4 a5 B6 t! _6 T* I" `0 G( ]& S - 进程特权扫描
6 y: N% X# w/ C# q9 Y% ?" x3 g- r - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]5 F `# Q2 [* w$ T$ S
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
. O/ i8 S! P4 K3 G5 m - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
: V$ F% S; w& R4 `3 { - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]6 y6 r, I: ^' P$ k. o4 n
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
$ H0 z7 v# S0 U. E. [. s5 l7 T# @ - ==================================
2 b, x x, e+ n6 Q7 P - API HOOK
% q( l! |, Q! T/ m8 O! U - N/A
. y7 @4 E$ X( \$ Q& K; U Q. } - ==================================
6 X# I9 o( U! ]) H2 z+ s& Y - 隐藏进程2 D8 N; t- G# R' @- s, E8 [. S
- N/A
" L1 J6 A; [: f. o - ==================================: A* E. n: f$ d3 P% m4 n8 u
, B/ Q+ O/ ]( y4 F
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
