|
|
- D, ]0 E/ B& Q- 2008-05-22,20:37:43
! \5 B0 f8 y" T4 D$ ~ - System Repair Engineer 2.5.16.900
8 O% } T; V/ ]* S- o$ P4 u - Smallfrogs (http://www.KZTechs.com): P; ]" s- m" a1 B
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
3 B. ^$ f0 p4 d, k* N) n3 g) I& _ - 以下内容被选中:# i L+ T. I8 ~5 O6 h0 i3 t
- 所有的启动项目(包括注册表、启动文件夹、服务等)
) D$ `7 x# X! z' A7 S - 浏览器加载项! }5 z) \, y3 O5 |" y
- 正在运行的进程(包括进程模块信息)2 D' S6 n: v, ?0 E
- 文件关联/ B1 y8 F! v Y( J( S& j
- Winsock 提供者
% w1 H! d* v5 F( s4 e: W - Autorun.inf
: i" A- Z4 j3 w# d+ K! f6 z% ] - HOSTS 文件% p A w) g* ~% u% ]5 D* m, L7 l
- 进程特权扫描" d/ W6 x6 s. C, {8 V5 C
" z0 t6 A, g% ?# n- 启动项目 m( x# Y3 N$ w& Q5 J
- 注册表
O1 {, G6 s, D/ g6 C: x! h - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]! A5 h" A# \4 I# \0 ~+ t C) h- a' k
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]3 h: t' I2 m$ }. K
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]7 E1 K" |8 l" Y) P# E `
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
% ]1 D) O3 i" k) q4 o* h" x" | - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]4 z' t6 n/ p% b+ u( H
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
' S" F$ \& R" k% j/ x - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]2 ^% x! o. y. T/ {# s7 {
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
# k& Z& `& X% q) @4 V - <PHIME2002A><; > [N/A]& Y' b3 m* a. |0 x0 P
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
9 C! M2 R8 \" g - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
$ f4 ^4 c% r6 p( ^3 R& g' ` - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
% y$ ]# Z& v. V6 `( ?' G - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]' {% E3 \, Z F# A: }) l' Z( G p
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher] n5 }4 \4 z( v
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
% B0 P: r. w! U! {0 n - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
; h/ J! A* o% x. F - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]# Q9 Z9 b% X0 E% |' u& d% q
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
/ R: ~; c, }# k - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
$ V3 o: B! G G! } - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]1 h/ V8 \/ m1 t3 g
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]: }, ]5 }* g1 _, y3 C* W8 x
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]* Z3 B) a8 v6 V) }/ v' k
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
: Q. f! E+ R# p# A( V7 L/ X. f - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
3 m5 Q# t M% ~3 A( B p1 ~ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
* n$ o }* r9 B1 l, N - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]$ m! S& W5 T& n- ]- X1 S/ I
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]& S' @1 _, G; i2 G5 ^6 `3 y+ l7 u w
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]2 {7 A; x" z/ _7 b; Z& V5 l8 i
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
: F: L7 `% ~& |! Y - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]; f6 B9 t! l+ t$ [( M( K5 q
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
4 }3 _) E- Z8 {8 r$ g# d* a; L3 f - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]3 l: \% F5 [. _4 Q9 o% e$ L C
- ==================================! g x6 K. O# V. x! b$ j+ s
- 启动文件夹6 u8 U: g. @7 d( \/ U9 n! V
- N/A/ ^& J$ K: z+ H7 ^
- ==================================4 M' G( t" P% \( D
- 服务7 |2 F# h0 \, |' [) W
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
+ v6 h0 c* `) h9 u$ B$ t! ` - <C:\WINDOWS\System32\3wareSrv.exe><N/A>/ s' B+ ` |2 E$ A8 e$ b
- [Google Updater Service / gusvc][Stopped/Manual Start]
4 `, O7 R7 J V+ V: Z4 m1 e - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>0 R* i2 E8 d/ W d) w v: _6 z% ^
- [Help and Support / helpsvc][Stopped/Disabled]
7 d. P% n: o$ K, S" ]8 N - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
, V8 O% w0 D4 u* H/ @$ R9 Q2 v* t - [Human Interface Device Access / HidServ][Stopped/Boot Start]
) F5 l4 g M/ z, Y0 ?: h - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
+ Q D3 k' s1 n7 l - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]7 P) }7 S/ I# L" F2 f6 g
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
1 p3 H$ C0 {( \/ V4 F$ P - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]# V- a5 f, n/ v9 H. H( h+ ^; a
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
' U+ V2 Q* X- R4 l& a% y1 x" ] - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]7 F6 T7 p: e7 n& R- |+ i
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>% N/ j8 B; ~- V
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]6 T) C. _ x- L; }: j0 E7 h
- <><N/A>- v/ R+ g3 ? j! t( `4 O
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
. {5 m! s* N: K: w A- _4 v. O! ` - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>2 |7 d; {5 f5 x1 e: C
- ==================================
* Y7 u( Z3 ?; W. h$ j3 B7 P - 驱动程序
, W `$ |1 N4 P. x* c - [22j / 22jn][Stopped/Boot Start]
7 `) ?& ]8 S2 r! v* H# H$ D) ]$ z% M - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
6 x5 f( N' v7 r+ S% t- E1 X - [360AntiArp / 360AntiArp][Running/System Start]- ?9 T, j0 y/ v
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
, N \! {5 ^& R/ z& _ - [43ec / 43ecu][Stopped/Boot Start]
- b7 u( Y% e+ i. a2 r - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>- w# t' c* Q1 w" c
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]6 F3 @6 z9 g. f: H- w+ t7 i, k2 D
- <system32\drivers\ac97intc.sys><Intel Corporation>
5 [6 B; j: Y( g% k& }( X' X - [Promise driver accelerator / bb-run][Running/Boot Start]: d8 m9 ? p% h5 g# U
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
9 H- E" Q1 ^& L1 M" b+ b' b* ? - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]+ i3 U" r. y J; Y
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>! H; C+ C4 c) z3 B2 H
- [KAVBase / KAVBase][Running/Auto Start]
3 t& [5 q, V8 }: s0 w; n; t( y - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
$ r" b& p0 Q/ }. n$ P# V/ E' K - [KAVBootC / KAVBootC][Running/Boot Start]! ^8 P3 b/ ~$ F
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>8 }. k' `7 H- q1 U9 g F
- [KAVSafe / KAVSafe][Running/Auto Start]7 k) e" F. _9 z7 _
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
* o0 |0 B0 l; b. C4 m - [KNetWch / KNetWch][Running/System Start]
# B" F$ S. J$ ?0 W! q) a - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
8 Y5 P) @/ S! O7 r8 Z5 o/ w - [KWatch3 / KWatch3][Running/Auto Start]
2 X- V' x4 Y* z) M: O - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
g, ?1 I4 C/ r - [ntptdb / ntptdb][Stopped/Auto Start]
! ]3 r. [6 s3 e* }1 C - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
' j6 r3 h! N; w7 T0 A% \7 s - [nv / nv][Running/Manual Start]4 S1 Y A1 L! K9 P' c) [+ Z1 D
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
) a# p& K2 K/ k3 q - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]! H6 q# R# K- x, v7 B% v+ o
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
) S, `7 y3 O/ V w% r9 b. F) l - [DDK PACKET Protocol / Packet][Running/Manual Start]5 ]6 Q S( G. S
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>8 ~& }2 b1 `% h4 T3 L- S/ F- ~9 k0 h3 a
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start], J- ^. s! o) U& n6 j8 |5 s0 V
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>5 n6 Q3 R) }% s5 F
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]$ w0 f% O4 d' J& Z1 K: L
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
% p! C* w& ` ]) d4 k$ Y - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]" _7 O' O1 @$ B. m( h# k
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
( Y+ n% j3 e! ~+ G - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
a# W0 `/ I6 J: \+ S - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>9 R- g! c' R9 r2 l( H' U6 ^; d
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
7 A. k2 R- Q4 k& Z - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
. f0 ]# N9 ?0 _$ M# W, A8 |9 K6 V - [Secdrv / Secdrv][Stopped/Manual Start]
0 ]+ W" E( S4 q; R" n) I) U - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>+ e5 H6 g. ~8 i* O8 d4 {7 r
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]5 T( k# R( O- W7 I! x6 r" Y
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
. G# R I0 s: ]% Z& K. X4 q - [System Restore Filter Driver / sr][Stopped/Disabled]
8 g" T( S! }% ?8 v - <system32\DRIVERS\sr.sys><N/A>
+ u! B0 n& \6 A) b9 [+ |1 ~; h* ? - [TesSafe / TesSafe][Stopped/Manual Start]
. k1 }7 W7 W# S - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>; ]& x3 \5 T$ M8 v
- [System Services / unzxzsrs][Stopped/Boot Start]
8 V- m+ Y7 I+ [& V+ `! F2 ^3 g - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
& _9 n0 ?# s0 f: X- n6 a2 E1 C- p - [ViBus / ViBus][Stopped/Boot Start]
* G4 K1 g, ]! h7 }/ ]3 F O - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
" i, V, b i) U9 p: t& a" L - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
2 ^3 V0 A8 Y; J1 b; S - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
; m/ ~" ~/ [$ r+ r6 T - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]! [' [* }* ]9 ?& J/ R, _
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
0 s$ i: k$ m0 J: e - [ATI Extend / zhibmaso][Stopped/Boot Start]+ s# ]2 J9 g& n7 J n
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
/ [, f+ T; f' K0 u2 E - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]+ q6 z5 B$ p/ c- n: w0 j
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>, G% S! V; A5 `/ L( I
- ==================================
1 E: v# m, Q# a - 浏览器加载项
* b! w' U, x, ~3 f - [Google Toolbar Helper]5 A+ f" ?1 I' v! U7 ~( ]
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
# G% p: |6 H+ {) [" |. S - [Google Toolbar Notifier BHO]
9 S. {7 Y; {" Q* J- O - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>) J, M0 z$ g2 U
- [SafeMon Class] G9 r, t4 N: R Q
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
$ Z: z% ^8 e1 @7 O! T - [kingsoft browser shield]% K9 G) I9 |, b5 ~
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>% H' I, y& h4 t# w' y
- [IEBuddyExtControl Class]: T! T3 j( _7 F
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>8 `" k: x2 I0 `
- [Zcom 杂志]
- z4 E: Z V ^1 u- d - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
2 V8 `8 F/ h% m: q* M; q# | - [&Google]$ }- h- T O& J! q. n5 [
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.># n# w8 f, m6 V- Y
- [KooPlayer Control]# |+ q3 [0 E9 ^
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
! v1 n+ C% u2 S+ F' m+ V - [Shockwave Flash Object]
: Y, P9 P5 Q6 \4 j- M* M) p - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
# R! p6 v$ N) v - [KUpdateObj2 Class]
) w3 [2 [! h3 Y; T; I% l" j1 N - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>+ i0 B# ~' e) d! P% @ z4 a' G
- [Google Script Object]) @' Y l5 ?( } ]6 r- e0 e; ?9 m
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>+ S, U. L% |$ D
- [EWA Control]* q3 d% i- E' X3 Q5 v& @
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>, k8 {' l% K5 y! j5 B
- [Windows Media Player]
( `" L3 ^) a, a, o$ e, h - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
1 H( U3 r! P- n$ Q! R - [&Google]
+ P5 D% {- m/ [5 ?. Z - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 r( x7 y: e0 p0 n
- [HTML Document]
0 Q, p5 c$ V! p3 l' q0 A j - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
8 d$ z: K5 B% O* M - [DHTML Edit Control Safe for Scripting for IE5]
% J/ }. H- m: W/ x, C - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>- W1 ~9 ^) C' {( n" S) s
- [RealPlayer RAM Download Handler]; r3 D! K5 m s/ l9 F0 o7 z
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.># G0 B: U6 ~" e0 ]$ j
- [IEBuddyExtControl Class]
* F f- d. G$ X( h* u5 N' f - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
" C6 g/ @$ `. j" {' f; `, Q% r! i - [XML Document]( ?8 c" B# a" H2 {' @4 l) H
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>" G8 H, e a* k3 Y, c9 E
- [HHCtrl Object]
( ?8 G' z( A- l. Q: c: \$ o - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
5 a9 _: ^" T: u - [Windows Media Player]
1 j Y; ^4 C, r* |, e - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
: z2 `# d) U* W4 ^( o1 Q5 P0 {) Y - [Active Desktop Mover]
6 q2 E4 Q# j* H0 O& W - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
, Z" \2 L- ]! Z4 L7 R8 p' D - [360SafeLive]" O9 m/ h% R* x: X' R) k- o
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
) ] Z/ i: s8 c' [+ y. y - [Microsoft Web 浏览器]) i4 H P. l& v+ f; N
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>. M7 l& e" p0 l2 Y8 a# ^
- [Browser Enhanced Objects]
& R" N1 t8 j7 ] - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
^- ~) X! D5 }+ ^! z: e0 b! C - [Google Toolbar Helper]
) E/ c' k1 ^7 f6 q7 Z5 G6 o; T - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
6 L# z& Y* B U/ k* M+ c, E - [Microsoft Scriptlet Component]
+ S* K1 ]3 ~5 m% s9 O - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
" U- M2 h; u Y( C( T1 c - [Google Toolbar Notifier BHO]
/ r, T5 _. z- D' D- @) e - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.> l$ ]# j2 U8 M# P$ H2 E- i0 y
- [SearchAssistantOC]2 K: A# v7 e ^6 s, a5 `2 _
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
: U* H: ~& {, x0 x, C, D) g% o - [SafeMon Class]2 Z, Q; e# N" K* I5 B6 v: r7 d
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>& ?1 W- |7 H5 x6 t
- [RDS.DataSpace]
0 ?' D o) X5 R7 g1 L) [# e - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>! l1 C6 T% L) U$ t& m1 N/ p; D/ @
- [KooPlayer Control]
9 y. R+ z7 {9 x) `: e& A - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
7 \5 n6 c" C0 L - [AUDIO__MID Moniker Class]# Z0 e# ?! g& d6 B0 a; ?
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
0 ?! b6 X9 s/ m" O0 G% x - [AUDIO__MP3 Moniker Class]( \( f% E- O, _" `
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> U3 Z7 M: k5 O
- [AUDIO__X_MS_WMA Moniker Class]# H2 W! s; n2 A! Z9 Y5 ~5 J
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
( G! g/ l \. H. @4 k. H$ d - [VIDEO__X_MS_WMV Moniker Class]$ r5 c3 s) H$ N2 R1 ]* |
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
1 t: [+ L. E" O7 g- ~) E' k# U" W) E - [RealPlayer G2 Control]; \5 p* I) r$ Z0 l: ?8 n; _
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
2 T, Q3 l! E* ~8 C/ n1 B8 g# C4 i - [Shockwave Flash Object]
/ E$ M3 m4 r) f+ l - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>0 z' R/ g# H$ }; n9 E/ Y$ N [0 V
- [KUpdateObj2 Class]- t) A- S: b* Q2 ~
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>( f- d& P( |( W5 M4 E& W+ s& c6 a8 B
- [kingsoft browser shield]
% e* j- m$ I% \8 p - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>8 H6 U: w' i* V3 f* v- |4 h
- [PasswordEditCtrl Class]
% e! Z ]2 n2 |7 I5 r4 x: H* I - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
, z* O% L7 C' E) Y; g8 J - [QvodCtrl Class]
! e- N7 R5 f8 Z. ~, {( \" X) _1 X; \ - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
. A$ [! a: t1 Z% ?5 M: Q - [&使用超级旋风下载]. Z& w/ c3 @) g, s7 P- W7 K4 _
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>) d$ _0 {5 m5 d$ h
- [&使用超级旋风下载全部链接]
, r. N" @; J$ f) h5 Q - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>- f& g; S: j8 Y
- [使用迅雷下载]
' A+ F6 x9 S% Y1 ~8 N- O - <, N/A>
/ v% l9 v7 K* ], E - [使用迅雷下载全部链接]+ Z; K9 s, c8 Y3 _2 E
- <, N/A>
h5 B# r$ o3 K2 J1 N# i* B - [导出到 Microsoft Office Excel(&X)]
; t: k& k7 r( X - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>/ d) R# |5 }, h0 G* N
- [添加到QQ表情]" b" k& N2 I8 x R7 O' J$ g7 H! R
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A> y8 u. f. J7 S
- ==================================' W8 d0 v9 R$ N: j" |
- 正在运行的进程
, F4 P5 w7 E6 o3 s. Y2 }- @" a- i - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- p( p u6 l& Z+ Y( w( C' F - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& _+ k- r# A& x7 f- ~) `
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" M( W2 O0 d2 l; `& @ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]* j+ E- \9 H! }' _
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 }, |9 d1 X5 i0 t7 z; y7 | - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 U! U: t+ N) B4 V - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 L% P* u' [$ N6 i# \* K" q4 J - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 ?1 A& Y. C- ?# H0 b; H2 \4 y - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# M+ [6 I7 v* C1 u0 @; V - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ N* J2 A4 G; h2 c* Z7 U9 H - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 i/ J- \# }$ h8 R
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)], p" T0 D" H# ~* L/ y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ I9 X7 P. T' G4 t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! {. \0 U/ g( f' ~8 e) L4 q+ n - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
! s/ K6 j; r- ?, U: t! v% |0 W - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 N R7 W, r& j$ o1 B* K1 Y ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]5 k; S- g/ E" T! k# H* A p* n
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
) t9 ^$ Z8 F8 z- {$ d/ ^ - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]/ t5 s+ [# O0 K3 A& L9 s
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
/ x8 G: N% D/ O `& b6 e - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]+ X6 \" d9 n; v1 g! D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 ?2 b" p& G' r& s: a% Y: _
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
$ j' r0 z( P/ `. q; x- r$ f) \+ l2 O - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]8 k. N; {8 |8 k! P. Y
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]- {3 P# `1 i- M, g2 D5 b
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
. L5 b' a, X/ n$ z, A# l, h2 f# ? - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
. `: ?. _# R- K5 [7 n - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% }/ O5 n% U7 M9 ~# f8 |/ a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]9 U1 l* A7 h# g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
3 G4 h% E+ g5 e% O/ } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( U9 I, V9 n* c+ l - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 D" Y m; X+ p- \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 w% |2 H# w+ K7 O: ?+ J- ?2 v! o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]- S; {8 G* R" Q6 v# S
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]" h! s9 k9 _/ y% @% t& l' ~
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
3 U% o" Z# [2 t: z4 T! j8 p; m+ | - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]# L1 Z1 G6 L0 h: T0 z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) k; A- s8 N& b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
2 [6 {* j+ X( W. L: p% ? - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
, _0 }) h' ~ r; W$ `# d& E. h - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]8 p/ A0 \0 ?7 s& J
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]6 b) b( o2 @- b4 ?
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 K" ~! { Y6 ]& w, n - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ e( Z# m4 T/ I - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]4 K e& I% m, r6 T% I- j
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( \3 j% i2 ^: ?9 G4 K+ [" o - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], r0 q) B9 Y5 A3 d
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]2 z: N5 z2 R. [0 G8 f
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]6 @: p% R( {* j$ T
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! p) G: k5 d& e& K# v1 R! F - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ k& |6 H, H ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
: e8 u( c* e% U; K1 k. B3 j; m- g - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]7 K3 r3 |6 H& J2 r1 X* k# K
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]* D3 b; O/ q* b; m7 t1 l+ r
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]+ [5 g: S; G- E3 {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
% X1 m6 k- x& V+ t% w6 ]5 } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
0 y' y7 P$ q3 m; e6 U, _& r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
& Q4 O: ?, T# ]2 P1 k, K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]* x8 ~3 x! y, O) k
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]2 J9 r" R8 j& ]9 O- W/ A- E
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]: ]2 |! m$ m _+ |( B, j) f
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
; {% c2 I# F+ p7 ^3 x5 r - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]) g! i, r4 [4 G. F0 ~
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]4 c0 y6 ]3 k! W8 p. n7 L% A* f
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]$ C0 w, t9 u5 Y" ]
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
& ~ z7 U. b6 o' z - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]6 K4 M& [. D, S, f
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
5 P6 Y* G/ q3 M, Q8 ?* U& u - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
h% d$ P. ]' @ }0 Y, j, }0 M8 M - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]7 F/ U4 s: i! [) Z
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
) f+ X7 T0 M- R1 O - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 B0 F! j! A; }5 B3 a8 h. ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], A8 ~! C5 F; v# y9 m* H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ Z0 h& w! l, G! A% H
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- H. {" u5 k9 W4 z5 ]
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]! S: f" ~ D& }2 G# q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 y p7 v7 o% G3 j' Z$ i* Q" s* M1 w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: U0 I' x1 @$ | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, Z. \2 K5 a8 b1 O) j1 k - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 Z# Y& v: r( u4 [% h4 l3 o3 g; K - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
4 J4 U$ n Q. j; c - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]2 N4 u% S, O* h' r9 K
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 h( e3 }; L) J% f% x* h' K
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 L1 I: g/ Q3 u% ] n7 T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ \/ ~1 ^' j) d, e7 q, ?) q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 y1 A& d! V0 k/ k0 g
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
8 @4 P6 k0 \/ g* a, }# H7 D! t* ` - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
0 x$ }7 \# \' ^: w; ^2 s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 J0 ?$ W3 p* }0 b8 }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" L4 V. D$ v5 Z# ?' Q5 B
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* P- n, f ?' t e+ @
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
! z7 Y/ F- y- j H - ==================================
! T$ C- ?$ L# r; e - 文件关联 h0 u& Z, R: b" v: B" n. z% W
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
2 F4 C* `3 D& _3 p' V( P/ Z - .EXE OK. ["%1" %*]& U9 p# U: E) Y G7 q- w" p
- .COM OK. ["%1" %*]( f* b$ Z3 A3 e/ {; j# r
- .PIF OK. ["%1" %*]' h4 s: a' Y7 ^2 ~' T
- .REG OK. [regedit.exe "%1"], E/ z* \$ h7 s5 i, }6 K; z' M
- .BAT OK. ["%1" %*]' i P. v! Z; U' v. A
- .SCR OK. ["%1" /S]
6 M7 U. F1 `0 e; o - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
/ ?8 B8 _: [8 L. I1 E/ B) I - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
. ^4 @& _$ x$ P" \ - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
7 X# K% Q( u" H" r0 C3 j) h - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
; a" w5 o- S* ] ~+ X - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]1 O; l3 e5 m9 B: e! N- G
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]; L$ O7 j/ U9 z/ L/ K
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
" V$ s1 w( p( v0 U4 V - ==================================
" |* m8 O: o. s* a( _. E - Winsock 提供者
0 T0 P6 \1 y6 A6 ? - N/A9 }7 L2 q3 z) X5 P6 w* y
- ==================================0 _9 ]3 R! Y) `/ J4 U9 W
- Autorun.inf
: w" U) p2 F- A, G - N/A, U$ ^- ^/ M- u% H
- ==================================
0 e+ j O" E5 l. B - HOSTS 文件
8 N" y7 f8 }9 C; B - N/A
! Y7 J' n8 r8 F# S1 ^ - ==================================# c5 G0 W' I4 y8 G
- 进程特权扫描; H, L6 I r, ?$ f, F" @! o# b
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]' P9 O, g+ G8 L
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
9 j. K3 z6 o. G& e$ M0 U2 V, A - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]5 F3 n* |& I9 B6 X' M
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
5 {$ e) O/ g! D8 H* n - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
2 ^# G: k/ w% g) z5 z# T - ==================================9 ~# k6 R2 U Q1 p$ a1 B
- API HOOK( w( p5 B+ I5 s. {8 q
- N/A5 f# f3 z& A o& n/ T
- ==================================0 |; V( r) l, q2 t0 Q: v
- 隐藏进程! L; M u6 D5 j) b2 g/ |
- N/A8 M3 E( E& _4 ?
- ==================================
6 {6 K5 M3 l$ N+ y
1 U: m2 A6 o( w- x* N
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
