|
|
- * ^5 {3 v; ?$ P3 |, L
- 2008-05-22,20:37:43; y- f6 G9 Q0 V# v# {! [' I
- System Repair Engineer 2.5.16.900
- `" `# v& q" Y9 s; w8 I5 j9 d - Smallfrogs (http://www.KZTechs.com)
) E& p( c2 n9 ?% L - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
* F5 V7 X( z$ r: g - 以下内容被选中:( V6 _* U" k7 R8 m% q/ \+ u |
- 所有的启动项目(包括注册表、启动文件夹、服务等)6 K4 L0 r0 i+ r6 O0 L
- 浏览器加载项
& H9 v7 ^) k3 `2 b4 i. ~4 U7 J - 正在运行的进程(包括进程模块信息)9 d' o- ]; K. h6 W0 _! f* {
- 文件关联
0 k" g, M, Z4 @" [ - Winsock 提供者
; h3 r$ C6 Z: R2 l - Autorun.inf
/ G" R4 {* y7 ?; t% r$ n( { - HOSTS 文件* B7 |# K; m( w9 j# W
- 进程特权扫描
& [; c9 I6 @. T) |, P( E2 V i - 8 Y0 c3 N+ L" I
- 启动项目
/ t6 X+ {( ~, e4 _' ~+ p7 U/ H0 t - 注册表
, ?) f1 x( ]6 l+ o/ ^+ L - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run], E( m4 d* w, O, N& J+ a/ h, W
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]2 ~$ ~' `; M; k: C
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]* y4 Q. j( A" i2 p6 n- I
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
0 n c Y/ M/ {, H1 _ - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]0 Z2 J% r) O4 i% e9 [
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]. d" C0 d0 R9 P" j5 n
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
; A! n, |7 z6 S0 h7 _ - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
; R( v( B1 {3 m& `- q4 ^% _ - <PHIME2002A><; > [N/A]4 f( w( k% i' m2 l+ H) n: `
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
5 B, }) C. Y Q( Q; ]; p8 B- Z - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]& D; B9 ` j* V) ^
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]8 T! {' p7 Q$ w* E& H( |
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
7 o7 I/ }* g9 `' h7 _; C6 C }! k/ X - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
( ]4 }# e6 D3 _ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
+ f" U5 K9 i8 T* l E - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
* b: U' z0 S- Q, Z+ k, r9 j0 s - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]; ]/ e @# Z" Z6 g, u$ t
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]. b0 s b" ?% @: h
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]. @ m" x U$ X
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
3 l: o( N5 n( P k& s8 B: J - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
* n* J: V& a7 N; ~7 U/ T - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
/ Z0 Q8 G0 `# `: ~ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]9 j- ~! |' N8 ]5 V* J6 |
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]. m$ f8 E8 B; O# V+ A" S6 p" v) m
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
+ k9 J1 b. Y* y$ R7 x& ^ - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
3 y+ L# j' y' z: ^: Z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
. r4 \2 L" d. M - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
; B+ w- C5 ]. Y3 l4 b, q. L - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]* _/ O, j3 o2 D) c# f3 c0 ?0 n
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
7 f4 d+ [" t, z5 a5 E - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}], `5 H! a' ~, Q
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] ^# `* y9 ~ r& O0 A* R
- ==================================
* |$ Q m! X5 T4 ^ - 启动文件夹
& I4 |6 D) X- C' U - N/A
5 w' ?! t% N$ t& r2 \0 W - ==================================
. p' G g; P0 D4 _/ l - 服务
- u2 l& t% I; I# T4 A - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
% q6 A1 ]4 V7 V; A, x6 h - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
& L( b* O$ e4 b$ |% |. c1 T: ?# ? - [Google Updater Service / gusvc][Stopped/Manual Start]
) X& {* i' [- n - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google># t" z& }9 E8 ~. d! y
- [Help and Support / helpsvc][Stopped/Disabled]' j+ s" P( b/ Q+ ~
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>$ \1 h5 C/ g: r8 C3 g# u2 i) P
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
4 \! Q: d' ^! X, p% I - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>- z+ r. o2 f' C1 x; P$ S
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
2 _5 K* v% L0 {' Y9 N1 P - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>- E1 A- H" l/ V# z' N. `
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
. T. X1 U! K: N2 n - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
& E/ ^; A5 }& \8 E, A% ] - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
: P2 Q$ s* u* h5 r0 q - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
2 {" E, i; s; b3 i7 o0 n - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
/ m" ?: [! E I6 |; k - <><N/A>
3 s4 o0 `2 s$ d - [Qvod Terminal / Qvod Terminal][Running/Auto Start]9 ]! E% A+ P# ]- y7 ` K
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>% U+ U# L0 i6 Q4 h- ^9 w- B7 [4 ~
- ==================================
1 O7 G8 i2 d8 c3 Q2 u( { - 驱动程序6 i5 t/ A9 m5 i* L1 s$ T `
- [22j / 22jn][Stopped/Boot Start]
' C; c- W" z- g7 y$ a3 E - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
' p [1 j4 X2 S I+ w - [360AntiArp / 360AntiArp][Running/System Start]" z$ I3 h3 p3 m" Z7 t' q
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>2 u3 |0 M5 K5 }9 w0 m+ W
- [43ec / 43ecu][Stopped/Boot Start]& ]9 N/ q0 J* m+ T! e; p8 e
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
: K& O0 _& m: o# {- g' Y- l% m0 j. Z - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
" m" l$ {; d5 B+ `: H' ]# ^( b - <system32\drivers\ac97intc.sys><Intel Corporation>
& }* Y4 H4 m3 T! ^2 a5 ~ - [Promise driver accelerator / bb-run][Running/Boot Start]
G1 B1 @& A3 s' x$ f$ n# z - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>: H9 d& {! g) y9 ] [1 y
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start] I8 {" ?: {! X, [7 r
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
- s g% Q4 r. \1 I1 Y5 n - [KAVBase / KAVBase][Running/Auto Start]* p' G; ?5 a% _7 q W* Y
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
' I% U( f2 @' W - [KAVBootC / KAVBootC][Running/Boot Start]
: v ~, E+ |/ B& }) l3 }& _ - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>3 Q/ g. i2 H. v4 F
- [KAVSafe / KAVSafe][Running/Auto Start]
3 q6 V, n" x) M# `3 w) a) r3 M* _ - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>! h1 A- p7 [" a. h8 q/ c. k' t6 ]3 x+ P
- [KNetWch / KNetWch][Running/System Start]2 f! y, {3 S, V
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>9 d1 p1 Y j* g
- [KWatch3 / KWatch3][Running/Auto Start]8 n1 T+ ?3 U9 q1 B. V3 I& s3 G* C
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>9 ?) Z# ?$ l. {1 R2 | F( _4 F. I- H
- [ntptdb / ntptdb][Stopped/Auto Start]' |3 T/ t n5 g, E f) M
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
4 r6 J: Z8 {! k. e - [nv / nv][Running/Manual Start]% N" B3 D! s' w1 Y6 R4 N( t+ v
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
% T" Q" y, [3 }3 m* I$ g0 w. ] - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
% p$ H( _1 Z9 D' d; X3 V7 @ - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
; H5 E, [8 P4 B - [DDK PACKET Protocol / Packet][Running/Manual Start]
9 E( e! e, I, P# R7 o# k; n - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
2 ~' ]+ P! B# e+ H+ l/ N$ J' I - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]( U2 z5 U- D7 r) Y- A; x, M' }
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>2 k% Y9 S/ e* a# w) W
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
! @) T3 o6 M1 s& N% [5 q - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
0 _; p3 A. a- J. i$ I% i - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
2 w5 M& i1 P; L9 P! e - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>8 ]! @" |; M' [( O/ q
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
+ i- w% L( k: B3 C* t - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
4 w/ l3 E+ T; R. T7 y" A - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
, N+ N! s! Z" {0 z) i' \4 M - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>0 F8 l" }4 z$ |: h1 o! N/ u
- [Secdrv / Secdrv][Stopped/Manual Start], x1 [' o8 @' e1 `: _" U( q k
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
' }$ X- c$ S3 M6 |4 L. A2 _ - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
5 f, R) I+ n+ ?: ? - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>4 G, I0 a9 I' h1 E
- [System Restore Filter Driver / sr][Stopped/Disabled]
4 s' l! l0 u9 i% I4 o& ^$ y - <system32\DRIVERS\sr.sys><N/A>, m& A% e! f3 i- T3 e% G5 i2 W' f
- [TesSafe / TesSafe][Stopped/Manual Start]
2 `4 U1 ^/ S) V: B4 A7 s - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
8 S- b2 }$ r! u/ W$ p4 v4 t) T( Z' l - [System Services / unzxzsrs][Stopped/Boot Start]8 V* R5 V& E" L/ b$ K4 ?4 J
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
1 P/ a& K8 ` m0 { - [ViBus / ViBus][Stopped/Boot Start]3 {7 _; y% }: B1 p! ]$ |
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>" Q9 |1 U+ @. @/ C# v! Y
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]5 d; m. @4 U& b% O6 B3 `
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
8 Z; o B, z$ a - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]8 o# t! j7 y! y/ | Q2 L
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>; H9 @ M, | K
- [ATI Extend / zhibmaso][Stopped/Boot Start]
! A/ V9 q: V9 T - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
! p/ x$ `/ R/ k; x: y - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
5 }( C; r: E( Q! |; g - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>* O7 a3 g, Q5 j' o' e* w# x
- ==================================9 _! H# d- f+ ?) ]. W7 Z6 l& o$ |, Z3 W
- 浏览器加载项9 y2 H5 ]) k7 T/ _# I3 O9 ~6 Z m
- [Google Toolbar Helper]; H3 o% v7 l' {+ q" ~" f, \
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>0 @6 |. U, ]5 M N/ `) H
- [Google Toolbar Notifier BHO]( S2 J" L) V" B+ C8 r# J
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
! O1 Z' V* f( W - [SafeMon Class]
) l" h- U% T: u8 w. l: |% v( X7 [ - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
9 K. r. W: [3 c: Q% Z - [kingsoft browser shield]
* b/ D9 N. _* A2 u5 O - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>6 l5 d3 L' O3 V m3 V+ R, x+ e
- [IEBuddyExtControl Class]: v H# c* F: L( I; j3 M
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
5 Y# ^: v1 t5 Z/ J - [Zcom 杂志]
u6 p6 k' |$ E5 h1 ^ - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
2 |0 d7 S. s I" \' ^# ]8 u3 }1 Z* [ - [&Google]
; f# b. Z! v' e0 E* g; E! r2 o) v - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
. t. q1 @) {6 ^3 ?8 p - [KooPlayer Control]8 _! m- Z+ @3 s+ l5 j- E% u1 h
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>9 @ q, _1 c6 S& R( N$ i: I
- [Shockwave Flash Object]& b% l9 u% D! J6 F/ z. [. C; V' J
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>2 r2 s0 _0 a# S0 K7 L7 l+ E, @
- [KUpdateObj2 Class]
% y/ k$ e; S w' D - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation> |' B0 t* H O) F- G+ o2 o% e
- [Google Script Object]3 J1 s) J/ R; H' t) e G
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
" C0 r- \7 f) P& F - [EWA Control]
* t- j! F O, D* k7 s - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
: |& }2 C K$ F- Y+ ?1 k - [Windows Media Player]. h6 h$ F$ g# q! V S$ ~
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>7 \4 _5 U% a, [: O$ I* U, N: U
- [&Google]) C; |/ E! \6 A) f7 d, p
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
; \% M9 V% E h; w+ N; \! H2 Z, L9 s - [HTML Document]
5 s' \$ j# y+ k! Q - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>+ I9 [9 |! x! R1 y4 ?
- [DHTML Edit Control Safe for Scripting for IE5] x) z: G) u' r# Y3 `% q. L
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
) `3 m6 n0 Q/ J - [RealPlayer RAM Download Handler], R4 u; m* m' l, O
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
/ a: W0 Z1 b6 ^! u: e- j- u - [IEBuddyExtControl Class]( f6 X: M; f% G, J3 {
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>7 a: s9 D' N K! l4 y2 e
- [XML Document]8 }, B N Z" L% }
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
4 e5 R& k6 R6 }1 h; X' h - [HHCtrl Object]
, p( A/ H3 a Y8 W - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
1 [1 W/ P/ i2 v9 t - [Windows Media Player]
$ o- x+ y) j1 o. Q$ s; ^$ W' c - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
/ R2 Z( I" O. b" p( r3 D - [Active Desktop Mover]- ?; B k5 j' A0 e* o" ^) z
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>! E0 e) A6 Y4 `- L. e$ z8 F$ I9 X
- [360SafeLive]
4 c% G P6 q- w - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>1 i; b) |/ L5 u: F% J
- [Microsoft Web 浏览器]
7 f5 c# J" f/ w# S - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>" U+ y: S( b* ~3 _* Q+ Z1 I; g1 x
- [Browser Enhanced Objects]7 y( T% K4 P& c# h# B
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>' G$ ]! G; L& J7 h. `9 m
- [Google Toolbar Helper]' G* s( {0 h: q
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 N1 n) ^+ }/ o: @ - [Microsoft Scriptlet Component]
6 Q: G$ u& m0 a& N - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
; H, w/ o. D4 }# C - [Google Toolbar Notifier BHO]
6 ]: ]! w; p8 |$ S6 i! f7 G - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>8 k6 ?! Y8 ]1 {. s/ Q, u
- [SearchAssistantOC]
) U6 d6 b3 H. a. \ - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>; |# A/ r- G, e' ]" b( W
- [SafeMon Class]6 t$ ]( q" Z* p$ P6 p
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
! u4 D# c4 D1 X; K( ?4 ~ - [RDS.DataSpace]
7 o( G/ }( o0 l9 w' y9 u' \ - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>% Y* x1 Y/ l- M7 A( M
- [KooPlayer Control]
; t( o" p' G. M! S# `0 K# n" G - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>& q! p/ z- f. Z* `8 w
- [AUDIO__MID Moniker Class]
V a$ S9 W' q. A - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
2 ?' V" F" P& V' f5 w, T - [AUDIO__MP3 Moniker Class]5 i% g# p' x O5 [& g
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
& w4 Z: U' k* i0 _4 }' n - [AUDIO__X_MS_WMA Moniker Class]
3 Q8 @9 D. t6 o! x" L3 o - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation># w5 B# j4 Z4 u7 Z7 Q# M8 t
- [VIDEO__X_MS_WMV Moniker Class]
; u: j v9 r8 S. U - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>0 E; f- W4 }$ W4 Q* }. t
- [RealPlayer G2 Control]1 ?- |9 N; k* q' n) P
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.># Y8 K: F8 Z. b* w- J
- [Shockwave Flash Object]9 r" O; Z. d- e6 W3 B; I3 O
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>3 [6 G& F4 p4 I* i- P! v( P
- [KUpdateObj2 Class]
0 O: a; N" \3 W* S0 m, t% N7 | - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>+ z& b* H& P9 {/ D- v
- [kingsoft browser shield]5 X7 C7 \! w3 t7 U* f! n
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
( E- I+ ~/ b# f6 k3 H - [PasswordEditCtrl Class]
5 H; s7 F2 Z4 m0 f8 f; s, g - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
2 O9 Q, |7 l" T+ e, x - [QvodCtrl Class]
4 C; m* g7 m3 Z! G/ U; r: [1 z - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
3 s% S. `9 D Y+ P4 `3 A - [&使用超级旋风下载]
0 O0 q/ e+ H1 J' Y& L7 C - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
5 W8 _+ [/ k, h3 R! M - [&使用超级旋风下载全部链接]
: r" n6 [6 o8 A {' x% A - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
% e+ V3 a4 e( e* o* O" F& _ - [使用迅雷下载]- y* h3 F% g2 O$ z: V/ I
- <, N/A>& {1 z7 x- C5 O
- [使用迅雷下载全部链接]
- [+ B( c; }% e2 g, P# X4 C - <, N/A>+ K6 P5 [) V- f1 J3 ?! Q
- [导出到 Microsoft Office Excel(&X)]! ~3 W' i J- P4 a e
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
" w- `* C( I5 J3 r - [添加到QQ表情]0 U! }$ E% ^+ q* f. E" ~
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>8 u1 N2 z/ `+ Q! z2 U$ N' x/ q/ U
- ==================================0 U# Z* i7 k1 y& l- K/ T
- 正在运行的进程
3 n8 n* g! l& m, e& S$ Q. S - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" p( F& S& J" C6 j4 W2 Q# y
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 V% {/ |( X( o
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 M& o( ^2 C3 P1 X - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
. g; g2 n' W/ k$ @* i1 y$ `& j3 c - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% N2 f. Y$ y' D) P& \. E5 F# |& m - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
Y3 W! K8 J9 L4 R5 i% }7 _ - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 w" [3 y u7 q, B, Z1 S
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ a9 H* E8 z \6 ]) ]
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ Y" x' i1 ]5 j - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( W3 p3 s: e6 Z+ j - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! H+ G \3 Q2 b# B* ^- f
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
8 i* z0 h2 D0 s7 j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ P( Z, |5 n, m0 A0 i$ C0 w: X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, H1 }' s: } Q1 M0 B: @ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]- a/ n) o" L9 q) ~
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
: s" W0 ?! Y( r9 G* W; u+ f5 V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
5 j, U/ J3 w+ `) R. m - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]4 l0 a" O. O4 d4 i0 Q3 l5 k
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]% P% d- l* Y5 F
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]& P3 h. ]% [! E7 O1 F' ]! s& O
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]$ Q5 p. Y9 h1 E0 y, o3 i: n
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]% G% |( H* u: i) @/ q, S t- M/ p
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]% r( G5 u; z- T8 W% Y0 x; o# r& y
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
2 l0 }0 |6 z) c& _! P, ~) H - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
: K' q& ?& t2 j2 {9 o2 K - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]+ C' ?6 @9 S* L: S3 A# s6 B
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
6 K5 }0 v# f5 E - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
- h1 m6 g7 \' b5 p8 X) L; P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 O( j5 Q3 e' P" {/ w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]- i3 K }& _+ B- a) o
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( m* E; b1 c; A& a) |1 Y4 K - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( [3 j1 O# |" p2 d5 \8 A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
# ^- ^* p/ w6 ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! I2 V' u. \8 n! f$ i& c) N
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 {) `7 J2 }& B/ U- E4 f0 t5 X6 d
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]6 I1 a2 d. c6 @+ j/ S$ K# n
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
0 }+ o a" O# n& |2 M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ R2 U$ s6 D; C9 l9 U X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ }7 I" I5 v5 m7 o# p6 b - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
# _; }2 b; A# e/ C$ |( ^ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]8 c5 P" U Q9 a }& E
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
/ ?2 @# p3 I. \8 M - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 ]5 Y) c7 [% a1 O8 _) Q9 j, n - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 w3 r$ Z) g" l% @8 X" Z
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
2 {9 U: Y, J% R, w$ C: K - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( `" t. R& I D/ j, y
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' [" h. u% x0 F0 t
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]8 \' g& m6 ?' F
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]5 H) p+ r$ X4 A% A
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
* T. T2 |9 Z3 ?: W8 E - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]1 B! p0 C9 X% f1 ^$ h/ v' X1 u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 y! ^7 v$ C2 [( K4 T K7 j8 x; [
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
1 v3 ]& `& U: \ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
3 H4 e6 B* n1 E, A" [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
- {/ j) p3 v, {9 U- _. g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]0 ?0 H1 H: x2 e# z/ R. [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
$ r. }" z$ c1 `9 A8 l3 E - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]) Z# t& [/ a& `/ E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]3 i K( V+ x% R) W
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
/ J& j( H: y+ `- [ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
0 Z+ ]' c: o4 B; R3 k2 g - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
! `( @$ T) f* B) D9 T4 ?7 ] - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]( p' m2 B$ P' a
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]! m7 b" U( B. R& X7 N
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]" A/ m2 L9 G8 S* k K* O
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
' a- n+ j3 H+ d% @ - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
) u0 v: E7 _: d2 n7 d @$ s/ T/ e/ }( D - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]1 ~$ L/ h0 x; r' j* B5 |5 `
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
8 ?+ @4 L9 V% c1 i; E; { - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
& L+ @7 M4 f) o4 K/ _7 i2 v8 _ - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]! k- Y" h0 n( Q1 O% \$ j) M
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 G; @$ _7 t% s# i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
# i1 C$ {/ }& F& g% C* V% y: d. w - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
2 u% K% [5 u1 [8 k# K3 Q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ g) h: K+ y0 S9 M6 X# u- S
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]* r! \* N+ ]0 F! x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 e! ?0 F3 k$ x' D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& t/ p5 H1 j, X% p+ F& x) m6 @; v2 W
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
O0 Q$ n6 ~' a! o. V4 j - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 \! p, g& |, s1 \) W - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
# _5 ~9 _. u/ X! _* X% S - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]% x& v3 o& `& o$ i
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
1 J$ O7 @9 A# R, ? r. {6 ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
3 a$ e1 J+ s1 B& l8 U9 W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ \4 q' R4 M n; G: X/ {
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]3 ]" z9 ~& [* Q" E l0 I- z* T
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
3 Y4 g! B5 ^6 L; B5 o - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 u: b- w5 ^. A8 B7 l4 t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
- y! P% A0 z( H0 N- r2 o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 w, l0 x4 Q/ J8 r
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
# J0 [& I* ]3 m" b& b3 C' J% F7 t - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
8 B: }' u/ E6 q5 q1 m - ==================================
$ k' f: t: T6 c& `; D - 文件关联
/ \# M7 A" P7 h% y/ } - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]& N% v$ _1 X$ o# @: w5 Q
- .EXE OK. ["%1" %*]
0 b3 _- g5 N8 I/ M) ? - .COM OK. ["%1" %*]4 b1 x q; y( V% {$ H6 Q$ A* P
- .PIF OK. ["%1" %*]
3 {; n/ x. Z0 l0 Z( ^) c - .REG OK. [regedit.exe "%1"]1 g: B+ x$ ~3 f, Y) L$ H
- .BAT OK. ["%1" %*]
/ t1 z/ Z; d M - .SCR OK. ["%1" /S]! e; v& f5 L. i! S8 K
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]4 M% s" x* D( O; V0 W' @
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
; e8 Z: y" O$ T4 T, a - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]. \- L) Y7 e# o3 t: k0 ~
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]$ {( R1 ~3 v) G+ `+ T9 @0 H* u
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
7 |# q: m# f' ?2 m - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
7 x+ I5 p6 ^! k - .LNK OK. [{00021401-0000-0000-C000-000000000046}]1 d8 M+ m( }4 j
- ==================================% a; ^1 |# M2 |7 q; c
- Winsock 提供者$ c. a; `1 e' Q3 b
- N/A
+ {8 n! E2 N" L" B6 _) ] - ==================================
: N5 x, Z+ a9 L( T; S - Autorun.inf
X2 h; D4 i2 ^* q5 l - N/A1 s1 W6 L' Q. m9 ~
- ================================== P6 ` y4 n' `1 w2 {# s
- HOSTS 文件
+ t. n+ z$ n7 l - N/A
+ a; u) B" S. A$ d" G: j - ==================================
' D& y! h& [9 O! N: Z/ C2 ^# I. ?3 a - 进程特权扫描7 C/ S3 R1 F- C& M
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]# K/ f* w) c8 `6 j2 @6 H, X1 h, i
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
# ~: g J6 f$ Y- u - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE] {2 h* x' B% V% j3 y- B
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
, \6 ]3 j3 h% \. V8 J - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
1 L# Z& A" C3 Z" g* k' T/ Y2 @9 z - ==================================
& j* M" l) _) X/ w8 K# d" L - API HOOK
, ~. R. b, @ a1 @9 b% M& i - N/A
C( h: F6 Z( \ - ==================================$ _& i4 ~8 q$ ^! o3 P8 J' x
- 隐藏进程
4 o( e, B" \6 O+ F5 E - N/A
$ c$ H: z5 c. K- D2 x# W3 G - ==================================
$ j' @0 A$ Z7 }5 X$ f: T - / a( P7 ]8 X$ q4 `4 v: D9 {
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
