|
|
! T& g0 `$ O1 h6 Y/ n4 D- 2008-05-22,20:37:43
) m: R& R- e0 K) @& N4 j) A$ i - System Repair Engineer 2.5.16.900
% T3 l- z0 [0 k! j. y9 }/ q - Smallfrogs (http://www.KZTechs.com)& T* B5 U7 K1 q9 p+ ]& k x
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
" j6 d/ e( S" U- U$ u f3 @ - 以下内容被选中:
! r8 [$ J; F; t6 Z6 Y* l - 所有的启动项目(包括注册表、启动文件夹、服务等)
5 s D$ ]& O! r) i. a" d - 浏览器加载项
: A0 Q/ F Z" [# A* o" j, O - 正在运行的进程(包括进程模块信息)& U# T$ A/ l# S8 p5 E1 H! f! U) V
- 文件关联) D3 D- z7 x {/ E9 S' ^% L) c
- Winsock 提供者+ ?: s2 f% Y/ F; l$ i8 s7 B
- Autorun.inf# l2 z F6 x+ C4 B9 T
- HOSTS 文件
% [# o1 ]5 L# Y% V0 h, d - 进程特权扫描
6 |6 {* w( k1 ?; u# T2 X; m
6 b+ T. K' X$ ^( d+ [- 启动项目
( f8 J B& J9 I - 注册表* y5 f/ T# n$ |
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
* I+ U! B/ l$ t' v2 H7 z - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
8 F! U( h$ T+ g - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
/ O5 Q4 X' h9 l5 S - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]# \' } f0 B$ t" k4 }
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]$ S3 m! I& u+ i: ~- R7 s/ T& E2 `
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
8 f9 D/ d. z4 { [/ W - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]! X- s& M) F( r; C7 k3 M) _
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]) k8 V' G6 ^% Z) @
- <PHIME2002A><; > [N/A]
- o9 L- j/ y* ]' r5 l - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
/ S7 B6 N {6 }, ?( y2 p - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
. V: i, b+ y. n: J - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
4 t8 K; N0 J0 M2 `0 ~# R, t& x: G - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]4 N5 b- L+ D. }" F6 A9 v& D
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
) A) y! f7 I; Y - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]9 e& m8 n9 Z9 D# @
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
6 a" F' k# |0 i5 ? - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
) W) m1 m( M8 ~& Y/ @: V - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
1 Z' X7 E. b! V& U7 s - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
& R3 U6 y6 Z3 ? - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
m; ^+ T" I0 w c# c - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]# u) w" v& X! B! G
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]1 g1 B" e6 u. e: ]& n
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]6 e8 ^) D% w# r5 o9 [" U
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]+ o- U. S- o9 \7 h5 P( k* w
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]1 `4 d& E) P* g& s" e* h
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]( f, z' f8 B2 ~4 O
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]7 k4 W+ I6 M) R( W$ G) X1 N5 n
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]$ Y; Z9 ?7 p) x$ y3 `4 L4 o5 M: _
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
& H, n* N; R1 a) ~. {, T - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]. P1 {. p. w( `: H6 b( \- r+ `3 S1 e
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]( m( Z- e. t9 \3 V5 g* `/ e( K
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
1 ]. V! S( |9 @7 W - ==================================: d6 p7 k" w5 ^2 t* Y
- 启动文件夹- D. @: D/ U, j8 S
- N/A8 ?9 Y& s2 C+ O8 ~; j
- ==================================! V }& D1 Y+ |' F; @( k
- 服务
+ K3 Q D1 E P: G8 L# K. R1 q - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]' c- |7 P- s7 Z" |
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
) s c2 j" ]) e' K) d1 `+ T: M( Q - [Google Updater Service / gusvc][Stopped/Manual Start]5 S, C: x3 o1 q3 t
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>* p' b) u5 o, ~" ^/ X. c
- [Help and Support / helpsvc][Stopped/Disabled]: P% n: ]' Q. L
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>1 E1 _+ F* w' Y4 M- e
- [Human Interface Device Access / HidServ][Stopped/Boot Start]. s8 W2 {! n, }2 s+ Z" ^3 n
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
: Q7 {: h7 @/ ]1 A2 r* Z - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
) {( ~( ~# g/ ~$ Q8 y" F - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation># _9 [# Z, r4 C5 m' g
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]0 ]" k+ E9 l3 n
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>: N6 C9 h4 l7 ]5 \/ F5 x( G
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
6 B/ }2 q# I. M4 x+ ?6 z2 v - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
9 x& ^, M% ?. ?7 o5 u0 C - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
9 {1 X( z' ^6 c# n* D - <><N/A>! d! I& D4 i$ }& h
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]! k* b* f( U; [: s
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>; c; j/ \* R0 L7 Y+ b: M
- ==================================
# h2 d' h& I1 A% x, Y, K! ~) N2 x - 驱动程序) y0 O0 i6 S: V, O5 u( B, q
- [22j / 22jn][Stopped/Boot Start]" ^" C2 P" m1 s5 m4 J: F. k+ r
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>+ T+ s4 r4 _0 I8 O$ O5 u1 O
- [360AntiArp / 360AntiArp][Running/System Start]
; o( ]1 \" c5 ~/ o o - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>- e3 C7 P1 J; `, K( K
- [43ec / 43ecu][Stopped/Boot Start]; h9 \6 S, `: N9 r. `
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
7 ~ z2 g* O' e& F9 E - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
2 X/ o; ~6 E' @ - <system32\drivers\ac97intc.sys><Intel Corporation>8 }4 @8 |/ K- W. |: k
- [Promise driver accelerator / bb-run][Running/Boot Start]2 T* h: O( X E, B: J* h
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
/ A. i% g2 T- ]) P7 @9 m7 d v0 J - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
9 S3 I6 z6 ]" v a+ N* c/ @1 C - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
# t8 ^0 y# F" m! X% ?( T2 W - [KAVBase / KAVBase][Running/Auto Start]5 R, }9 f" F- e$ C8 m/ z
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>5 D7 `3 Q/ e; _. g; p* G$ J. ^0 U
- [KAVBootC / KAVBootC][Running/Boot Start]
. f2 A! r- X# ^1 p5 d - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
# N, g. _3 o* N! r6 j' c - [KAVSafe / KAVSafe][Running/Auto Start]
! h8 N" a2 q1 q) ], l$ O - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
2 p' L+ B) U6 o - [KNetWch / KNetWch][Running/System Start]
6 }% H7 O- h0 c1 V5 @* Q X2 g9 _7 X$ n6 w - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>3 ]2 k* L2 I* G6 P
- [KWatch3 / KWatch3][Running/Auto Start]( K1 J U T9 @* b) A/ }
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>8 R3 j+ m0 W9 a1 k7 g3 [. T
- [ntptdb / ntptdb][Stopped/Auto Start]) c' E0 n$ h' B H2 n0 U7 T
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A> x! t2 |+ M& R; z3 s
- [nv / nv][Running/Manual Start]- \) c# V& l6 a& b# ~$ P3 }
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>1 l. A( j% `4 a0 P8 \2 X
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]4 H5 J9 y) H- f- B
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
5 w) }; Y* O. v! s/ p# \3 x - [DDK PACKET Protocol / Packet][Running/Manual Start] V! h/ m8 {/ t+ J2 r2 m
- <system32\DRIVERS\ProtoDrv.sys><360安全中心># @/ q N1 w/ U2 b
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]: l X" x8 I# W6 c$ \. a* d# _7 {
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>+ }9 i6 u4 X# W
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
- S5 k7 k9 y1 f' X: L - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>9 [ d& H' [# ~2 f* C; V ~
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
7 k$ I- m: N( p6 s - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
' i% l/ g/ s3 i* b' y - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]4 r5 _( K, Y. Q% D( k8 U
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
# n' ?! o9 V. R. l/ o - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]+ x( `/ \$ x2 t# G. K' ~( A q3 ~
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
6 G; {. `: v8 N, Y - [Secdrv / Secdrv][Stopped/Manual Start]& Q0 V, S; Y+ W5 N5 u
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>, x* I. R1 @: d
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
/ } ]8 L R) W8 l% | - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
+ i1 O4 Y: _. ?- b+ G' ]+ g; @- w - [System Restore Filter Driver / sr][Stopped/Disabled]5 H/ x5 y$ N8 t' |6 n8 C
- <system32\DRIVERS\sr.sys><N/A>' I4 P: b% y7 U" l) X7 g0 i" y P
- [TesSafe / TesSafe][Stopped/Manual Start]
( b t4 C2 R- H5 G$ c6 ~! _ - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>9 ~, N8 [$ n; m# k" q4 Y
- [System Services / unzxzsrs][Stopped/Boot Start]$ S1 l1 _2 k$ p6 |! d
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
$ s/ u( ~! W7 w/ _ S9 K% P. h - [ViBus / ViBus][Stopped/Boot Start]
8 Y- T; k' u8 v4 h8 w0 l4 _" T( o - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>3 c8 C3 n# q- y7 o$ X+ e
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
3 G$ O5 X. Z% U0 T- @$ v - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
_4 u. r0 k. k" I- x$ j - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]: V9 N" p1 U" m9 _, K
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
7 X0 H' g. c- d1 Z. q3 e - [ATI Extend / zhibmaso][Stopped/Boot Start], X+ X p. t. k* f; {) c! e: p
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
+ N+ I( M/ y6 H* Y( K8 R! F - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]& J" A8 {. Y- Z+ L" q& b* A; _
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
! w# I/ y2 Z& ]; a3 C4 W - ==================================
2 E; N% h7 c3 M1 b - 浏览器加载项
1 ? u5 d7 u8 n - [Google Toolbar Helper]
6 W0 H0 R8 t) D: F - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 f4 O: I- s( _ - [Google Toolbar Notifier BHO]$ x, d: l# R2 m% _# N6 y
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
8 g- v1 r' |) i- v j: D+ y' z& u0 i- e* X - [SafeMon Class]. ^3 G0 ]1 j2 p. b3 { [. k( v5 ~4 x& b: S
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
2 B1 O% Q# E1 A+ h - [kingsoft browser shield]
% |: g8 T0 p4 x1 j8 u/ W2 M6 R - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>, _$ ?# B( C4 q9 g$ P2 ^9 v4 P
- [IEBuddyExtControl Class]4 _' n! O% l% z" a/ @( ?! a& {+ V+ i
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
1 q: j+ k) `% {( T9 h5 h% @ - [Zcom 杂志]0 M) t7 j% J* \& i/ |- M
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>6 q0 r1 ]+ ]6 q8 H: m
- [&Google]
- u# Z7 O1 K" O d7 H% d - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
1 Q+ T( Q$ [7 L% G- A - [KooPlayer Control]6 P5 P" @& b S: W/ u
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
; L$ i5 S$ z5 A5 [% s; ?) N - [Shockwave Flash Object]1 c+ F$ ? {3 _! \% B: O
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
4 ~/ s% w Z; e3 c W - [KUpdateObj2 Class]
1 _0 i6 F# \: [1 \* ~, E - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
$ U$ o: H4 j6 ^/ }1 P0 s+ a A - [Google Script Object]/ g8 s' I& j* |& q
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>8 [, H* U8 P+ m+ y
- [EWA Control]
9 f3 b1 \" d- o. M( W - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
( k9 ~% A3 r5 Z - [Windows Media Player]
$ }8 w9 v- s# S# c; X4 \8 n' O9 k - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>! q/ W, \% c% O4 U5 m3 q' v5 H
- [&Google]
1 n; U4 L( h, A5 O4 w4 d; M - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
+ _- y3 i! ?, [! ^# y9 ` - [HTML Document]
# b# X+ j( E3 E" c4 Y - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>3 C# T, l* F( {% S* ^9 h; X
- [DHTML Edit Control Safe for Scripting for IE5]
" V" z4 d! }- P/ b2 C L - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>6 n7 p; M8 C K3 y4 Y
- [RealPlayer RAM Download Handler]
9 m, D0 c2 M( M9 O: I" C0 e - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>2 a: N% x% y. f% P
- [IEBuddyExtControl Class]$ R, t7 ]' n- ?. U, q) p
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>; F. U3 ]5 d& }% C: V( V5 n
- [XML Document]) z2 P# c& U5 ?$ y0 q/ X
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>5 ~3 I2 c! I( ?4 I
- [HHCtrl Object]. X2 A& k7 J' S h
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>) l' e5 {. m5 { s: ]' \ A
- [Windows Media Player]# |4 F; o; P1 W% D
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
) g2 X4 _4 I8 \! |' R - [Active Desktop Mover]( P; t7 x4 ~- N8 Q+ q3 o E
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
- \* k+ [9 H9 K8 r" Z - [360SafeLive]
) O. i+ H) z" `7 r! q6 [1 h - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
' z# q3 W9 q: v: q9 I - [Microsoft Web 浏览器]' M& o9 k( |% M! O, k
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>( {9 |4 q- m# a" ^ |9 T1 l
- [Browser Enhanced Objects]
% A! w; C" l5 q! k2 l: J7 H1 | - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
8 U! |' H- x' W2 e" h# ]( x - [Google Toolbar Helper]6 j# R! G. ], |! N
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
$ ?- C* {- R6 K4 z! O. G3 P - [Microsoft Scriptlet Component]
8 R9 w5 m# C: R& z' B2 \% z0 ]5 G - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>% \6 y* p8 u* K% G4 }& o, u( H3 E( C
- [Google Toolbar Notifier BHO]& K3 g* B3 ~9 ?4 D4 ?2 e& b6 {
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>$ j& W, E$ ]) V/ \0 R: R
- [SearchAssistantOC]
x a5 h5 \7 \: m7 N+ L+ i: E, U7 v - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>3 J+ n+ ?* s$ Y4 c
- [SafeMon Class]
+ n* _% `6 x6 D - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
0 v0 B( o f: z* P5 `# S - [RDS.DataSpace]7 y/ K' g/ T( e. Z
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
# Q) [$ e0 z, K' S - [KooPlayer Control]
; @) q0 A0 w% b+ y; k* u- v& l - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
- c/ `6 C* L# r+ f( u/ G6 _3 h- G - [AUDIO__MID Moniker Class]/ H( e: i7 V$ L( ~! e( f) `: k8 R
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>; m, j, [. z/ F* i0 G
- [AUDIO__MP3 Moniker Class]
+ ^5 C$ ]' K3 Q+ @' f: G& u8 J - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>$ l- g6 @6 }* O, U: L# f4 t7 ?
- [AUDIO__X_MS_WMA Moniker Class]# a" m" E" T7 d& [* U
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
# Q* f1 T. A, R4 b: |8 `5 x - [VIDEO__X_MS_WMV Moniker Class]
n' }# _3 N0 H. P+ ` - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
6 A1 \% f4 Z% G0 F1 e$ B; f - [RealPlayer G2 Control]6 \" q" y( O" W; }3 S" t% H
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>0 a0 C7 H! _0 H. \
- [Shockwave Flash Object]
+ a: o1 ^0 P% ^$ c( E - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.> t; C& \* m( a6 K& B
- [KUpdateObj2 Class]
4 ]. b- }+ w, F2 T3 z* Z - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
) E6 r$ @3 M6 T - [kingsoft browser shield]5 Y1 Q! k9 R/ N/ R3 N
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
! Q" ]# Q5 \: G0 J! q- Z - [PasswordEditCtrl Class]9 A" w2 _0 m8 A
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
/ ^. g- R' Q% R - [QvodCtrl Class]
+ z+ J4 h! A4 ^1 c8 r - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>) d' T+ \, Q) } N6 m7 `9 r4 ^, `, z
- [&使用超级旋风下载]5 Y/ j. E8 Z j8 V5 g
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>$ |3 e2 r" W) s# l, S
- [&使用超级旋风下载全部链接]3 }2 s2 V, B% W, q% m( z& r% U
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
1 }+ k+ @9 _! n- B. ~; ? q" B - [使用迅雷下载]
) [$ x! O+ e, B& O9 S - <, N/A>- Y8 v9 v7 K- W7 B8 j" B
- [使用迅雷下载全部链接]
0 s8 i9 ]* R2 c- M2 c8 c - <, N/A>! z6 i, }2 }4 u! ^
- [导出到 Microsoft Office Excel(&X)]
1 H# W: {$ k% A k2 x9 p. o0 M - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>. f* `8 B. J6 Q, s# k
- [添加到QQ表情], y9 |- J. K( s$ ? e7 w
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>) ]2 I; w- z4 k: f- X# C: Q2 u7 @. |
- ==================================+ Z3 _; ~ _ h+ U
- 正在运行的进程: b' ? z+ Y7 o G
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] x8 @/ `, R" f0 W7 f& y
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], M0 D# p4 ~3 _
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) j3 j# j# m( e/ \ u) z
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
$ ` Z6 x# h4 i3 |8 \" } - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 b$ s& d! S* X7 Z - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ U! K3 @! a0 l% {
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: O, Q2 U7 V! g7 w, k
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] j: j- F: N$ `% |0 g# F! h2 Q
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& M: l' F; z. U, v - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) U3 N, c6 P. w4 ^1 c1 Q2 ?; n
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 _& F0 n9 o1 c! F- ?/ m
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]. w% U6 E) Q- O/ g! e' e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 z5 M2 {( B2 U j4 a! R( y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; J4 g$ ]+ v: Q' H" W! A
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]: h K0 Q+ a; {2 h
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]0 i* S% ?3 i$ r% ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]8 e# e* C$ R# b- n' y" w% g
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
. G+ Q4 e2 T6 n1 K6 A - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
6 k; A4 f6 |3 m- s, `' C( L - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
7 w9 D& ^1 x' z - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]1 A: |3 a2 ^, ?7 N4 L$ V( D& k# A
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 ]; ] w1 \6 E4 Y# e) j& F - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
( q( A+ z3 N) R; K3 C1 Q0 \) G - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
" N1 s% g) V) \ ^. \ g2 p - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]2 g6 w* W% c$ A( O% v6 x' E' r
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
# M% w5 v3 p$ w9 _, m' } - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]8 H2 ~( B, H' o
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
1 E+ q" F. ^- I8 z! j9 E! J' y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 D* {- h0 |6 [/ H9 R& q- |4 r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ ~2 P+ K7 l! K% e$ h3 k - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]! B% J" g0 d. |: M) X, o% r! e. a
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] w: L3 U$ P8 J* p; [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 j3 j2 K1 o) N8 E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 B! N( D$ R9 y! I& Z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
- N9 N$ C5 W+ P5 M" g4 q: U0 i - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
3 X* Q8 q8 k0 a; X - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]8 u3 ^: m/ ~0 j% \0 y* U% ~$ h& S0 J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- I M2 P/ @% z8 [- g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]& [' n, I M* u
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
: W& m$ K7 W# v - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
. I4 ?/ o( n0 R2 F - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
8 ~/ F- q9 Z0 z6 ^5 o - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 U6 _3 |! d' I
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ m1 }- W7 R! }0 J - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]) p* w+ P* q: L! D* q
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! \4 [$ J% \* q: e ^( }2 @ - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; A# R3 Q# @( B E/ A( c& z3 Z* ~
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]9 _! A% C# Z) a, {5 x" T
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
$ S! a5 a3 l; S' g6 f, L% g, N+ x - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! I" U6 Y8 w! H* K3 N2 ]4 A1 c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 }% y9 }6 ~% i1 A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( g) Q$ M4 X+ N: i - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]% H: t9 F Q7 ]) |) \
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
8 _2 a8 y& \" }1 c' x. F$ |0 Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
; D- S% E4 L! d8 [! l# Y4 e - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
1 J/ {+ M# w# N& j/ F" f4 T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
. W+ M) {7 w+ e0 ~$ N9 Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]5 F- ?* o$ c! j9 s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]- t" Y# ]8 W) R3 v3 @7 z" K
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
6 E5 t1 K Y- _) i! }) q - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
9 f. D8 u% W0 t, a# D - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
3 O$ q( n' m( J! w8 d/ L4 w - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
8 D# n/ h2 b5 O- W+ ^4 s9 w' U - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]" N) t2 l* z* c6 f& S9 r$ B
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
. a1 [0 H" p' i" |3 |' s% N8 i - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]- W$ G% }+ H1 C# G6 W7 s
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]* a0 ~2 [. J0 q* y
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
3 c3 g/ d" l4 V - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]1 O5 d, V) K6 i, h- E8 O+ e& n
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* D% c9 v9 N1 t/ ^8 M3 r8 s - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]0 R# I+ v: P! \
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( E ]/ ` S$ \3 z: G6 f3 i4 G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- z) A+ \0 y1 h; l5 q$ H! _7 E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 c4 E3 J, d* z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
! M0 v* ~1 p! h) I% ~5 X - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]2 y& C8 h7 [* n" j C4 J0 M$ V
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]+ b- P- {; ? a0 i: e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 E, }" K( ~2 K$ ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# C& I$ T2 z$ _1 O+ }
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# b5 H# k' }( S% X' N* ?
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
1 @5 i9 [/ U# R" f* S. c8 {; h - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201] w$ z9 j* b- N3 v
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 V2 A( z7 v" f4 j! r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# }- T* V$ D [* m( V, t! E3 L# j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ I" i; @ I5 y4 ?
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% d# O1 ]3 a& l. e- e/ ~ - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
9 L" d( h. C$ h+ c0 g" T8 i, y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ [' B* _; k1 ^' @; K+ y- x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
7 ^9 G# [- a$ s" y3 k% o1 F - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! E+ V4 V' x4 N. I5 a7 a, l" v( a - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; _& O! h3 T) E1 V! J9 a( W" k% e
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]. V* f+ p, ^" |& k" ~) D$ B
- ==================================
: F; ^* R) } v5 b7 [/ \ {) D - 文件关联( ] _1 @: b. }
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
$ p; x) m/ c$ @3 F/ e1 o - .EXE OK. ["%1" %*]3 z9 }/ X. j, q1 J( b
- .COM OK. ["%1" %*]% \4 H+ w5 @- \8 A8 K* D; r
- .PIF OK. ["%1" %*]" d: y# \4 m" {$ ]* K
- .REG OK. [regedit.exe "%1"]
" D8 n. y# X( s' H0 N0 E - .BAT OK. ["%1" %*]; A+ E0 V8 u, d5 t2 r; j
- .SCR OK. ["%1" /S]: r1 r/ M( V, {! V/ N
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
1 p7 r$ y M2 G - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]& P* T" M7 j/ r; k: S+ F
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
y1 m% s+ ~# S - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]6 l; K2 x B. X" R# v& U
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
# m2 {, f8 E8 |& F. _8 K - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
' Q+ |0 T6 A: E! M1 K - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
( L+ W0 d3 f1 k9 F5 }. f - ==================================* d- f- ^$ D2 a( w" p% n/ t
- Winsock 提供者
8 C" R) l. P/ k - N/A. u' q- ^. [) U2 K4 b8 O& r/ u
- ==================================5 ]. \) H4 m5 B- m
- Autorun.inf! b+ R! H" F8 M' w2 t4 d
- N/A h: o9 [$ a0 w( I
- ==================================- H5 J) x8 R f8 v
- HOSTS 文件
# T: l7 ^' A6 N6 I- b* y4 j - N/A
, ]) H% A. b/ K5 z' l' [ - ==================================& z8 q7 y/ V$ }2 J8 t& T
- 进程特权扫描
; s6 N0 ]2 E7 x. \2 N" n - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]3 H+ p: \4 t. ~" e
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]% S0 V/ ]) D/ y5 l P5 b8 `* B
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
7 h8 Q+ T" j+ N# K - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]& h$ H$ Z+ ^2 x$ J3 S
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
1 x) _0 g! _" q7 Q3 v; d4 S - ==================================, ^; q' {- z0 J$ O- K( I
- API HOOK
: B# e q- x' `2 u9 A) P - N/A- G9 g* r3 d2 {. W ^2 r6 ] a
- ==================================: _3 n5 G: M% t- t8 Q9 y' }' m5 C1 m) d
- 隐藏进程
- @+ A6 h& V- z5 n; m5 a9 U - N/A0 T2 J* N9 t( Y8 j& A" ~1 K
- ==================================
* H4 d% K( e1 R
0 [5 y* C8 H. g) X! N5 \/ ?
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
