|
|
- * R$ _5 Y7 w9 v
- 2008-05-22,20:37:43
1 f6 q c6 y' P& s" V5 `! Y - System Repair Engineer 2.5.16.9009 P3 ~& w# G9 h u7 i* \6 r
- Smallfrogs (http://www.KZTechs.com)( W' d2 B3 S4 ]8 M- E" h% p7 C! @3 S
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能. F) J6 _% D6 h# S3 I
- 以下内容被选中:( O: Q2 Y% E& p
- 所有的启动项目(包括注册表、启动文件夹、服务等). H+ O* K$ e' ] R4 D( X
- 浏览器加载项
6 _& b7 @" r# _4 C. T; Y' Q - 正在运行的进程(包括进程模块信息)
A( i4 V4 s8 L - 文件关联
1 f* A* w3 l+ i+ x5 Z3 M - Winsock 提供者1 V* B# a8 P3 D( I* u
- Autorun.inf2 y$ R1 h: y8 u7 I1 r
- HOSTS 文件
- B7 T6 X% F/ J3 Y1 p) g - 进程特权扫描+ K; j. ?5 X, k3 ]& \9 c
8 q0 `% A3 V1 s/ e* Y# S1 f/ C- 启动项目
( M- v, j$ Y' A0 U, A5 ` - 注册表- @, N5 X8 i# s+ H
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]1 B/ S7 A* r& n; Z! v
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]# j- y2 @" Y% R
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
* Y' B" S6 j) q4 m2 P - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]5 ~" d E" U: z4 d+ @
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
/ G! Y. h/ a; d/ @7 m7 P - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]2 A+ ^3 I: z2 |0 s: C$ k
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
) u4 e! {9 z' P( @( B( T - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]$ {: B1 r( N1 P5 t% p; n9 M
- <PHIME2002A><; > [N/A]% w' `) G) A. X8 S0 i
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
. p6 ^/ Z# t. r1 j0 v% n7 E5 @ - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]% {. f4 \ J, s% M6 L; U
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]+ @ w* o: Y2 f! m0 h
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]2 g q/ a, |; J' A) Q
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
9 a' b; d2 {# } - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
+ `9 T' o* ^) Q, |2 i) C - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
6 A" L, e3 b0 y- S - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]! q7 K' }3 _: j% n- H0 U! a% M$ O6 ^
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
1 n- j9 b6 G7 [$ [: m - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
* O2 K. g; v/ z4 |7 M+ _ - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
5 e$ a) t! Y; Q6 m6 l0 m - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]" g: V' U V- P# s" `5 Q, W
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
5 R' m9 Q1 R% ~ Z. b1 \" y1 Y) k% { - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}], R) z8 @ a1 D4 m- J6 n; b3 L0 J
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
- [7 E4 F& Z, ~ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
3 C0 I6 n8 I0 c7 J" A4 Q - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
4 O A8 j. X: @* ?0 q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]# W% F; [+ t# ?3 v2 m
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]+ S9 y5 w$ ^! B# F" {
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]. b9 c. ?+ M! o4 p& B9 M9 O& E
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
) f' f F9 k% }& D - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
, M4 Y+ e9 I8 _3 ]/ ^/ A# x - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
8 v w, l: y. r0 H! L - ==================================
& I2 } k0 G3 E' X v - 启动文件夹
7 U+ z4 A& Q! l# t3 X: s - N/A
+ K: R2 Y+ l6 c+ |" N7 [0 l8 V - ==================================, S9 d- C2 W; U/ h
- 服务
- \6 p# Q$ A- t/ T - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
; }" ^$ b' _! V' h3 X& W& ?. p4 G# W - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
: f* z& M+ j+ R; F' q/ J - [Google Updater Service / gusvc][Stopped/Manual Start]
/ k: Z Y% U$ A4 A" t a+ Z6 y - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
, [( Z3 }/ a* `9 U: u" Q6 c! c - [Help and Support / helpsvc][Stopped/Disabled]1 ~7 G5 e$ A# s- }+ O9 j% K! X8 o
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
/ Y9 N" V8 W3 A: b i - [Human Interface Device Access / HidServ][Stopped/Boot Start]
/ M' e$ {7 a# F4 n) Z7 H - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
2 M# ` a# ]& s" a# @ - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
% B3 a8 p9 n9 R9 G. M1 E! @ - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
0 @, ~* D0 O1 p% J: z- M4 d' ~ - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
0 Y3 _# r# b2 d0 C9 d - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>* Q0 K& g+ O" s; ?1 A% |
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]- J3 h. A _5 C- c6 l* f
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
+ \9 s" m- q& _( L: @/ k& g& H - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]8 y& b. {; Z3 ]( J; r
- <><N/A>8 ]6 X* O" }, D; x/ r B
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]+ [6 D- \9 w0 j; h+ Q% A
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>1 K* m5 P* t. B |, ~& S4 G
- ==================================
" A+ V" Q* l" v4 \3 F - 驱动程序
. H4 U7 G# C. D! K - [22j / 22jn][Stopped/Boot Start]
3 M7 g3 F* n$ o( D6 ` - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A># V" l2 `6 f1 }: L, c
- [360AntiArp / 360AntiArp][Running/System Start]
7 h: `1 u3 P% L# A" P - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>& I5 k5 N: i( C3 p. G' E, ~6 l
- [43ec / 43ecu][Stopped/Boot Start]
/ C8 j+ I0 X/ a) V* q9 p, H) ~# g - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
. P* a- ` G- e! t - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
9 w w* Y1 a* j; M/ p* m - <system32\drivers\ac97intc.sys><Intel Corporation>
' h, k# N- A8 Q2 |( k; D8 [ - [Promise driver accelerator / bb-run][Running/Boot Start]$ W1 F& P+ s% a: J `, D, `
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>+ i6 {0 c5 k: i4 V# Q3 m
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
. ^+ j7 K/ M2 Z% g - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>/ u" h. h! H. }, C k
- [KAVBase / KAVBase][Running/Auto Start]& p: y1 p( J+ v, S' I
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>& x a u6 l2 X! g
- [KAVBootC / KAVBootC][Running/Boot Start]
& q1 n/ ?' ?+ |/ C) F( h# ~3 r9 J - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>& p. o, N8 g6 k8 z0 n6 K
- [KAVSafe / KAVSafe][Running/Auto Start]
! m! k$ N2 s% a [, r- `9 k, a$ ` - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
! d# r' A" C: y% M" m3 r, U; `# P' r+ l7 _ - [KNetWch / KNetWch][Running/System Start]
/ {$ J; H1 w- r - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>% a9 B9 k" H" G/ f6 a
- [KWatch3 / KWatch3][Running/Auto Start]: Y# N" E8 b, [1 G. ]
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
' C1 W/ ]+ j7 R' ]# m& ]- }' D - [ntptdb / ntptdb][Stopped/Auto Start]. l3 X: x2 u: |) Z7 D
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
9 B5 e& j4 U G r - [nv / nv][Running/Manual Start]
$ B. D$ a4 D0 P - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
}$ M. N) X1 B: h% a - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
( Y$ {/ W( `$ j; Y* ]$ |% N - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
* c w# T- y/ w - [DDK PACKET Protocol / Packet][Running/Manual Start]$ g* `4 S( `5 i3 U+ A" [0 I
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>* I+ r! h, _5 N+ Q6 ~$ D
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
# f; W+ J" d9 x$ y$ H: g# X- q - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
5 o' g+ Q* r# D t; }3 T - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]( A& @6 w4 v! W3 j6 q5 P) O: z- L
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
: V# o: X' @7 j9 ^- c5 I - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
& g( ]0 G. G! ]1 T( x - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>( }' q& ?- q# G3 ^& L0 q# T
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
/ {1 g! y# s# n3 g/ A+ X - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>: j- Y4 r0 \" M2 E7 ~+ w
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
# I2 f! i' Z: F) G; H - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
( k7 {) ?2 D: |6 j8 x; w - [Secdrv / Secdrv][Stopped/Manual Start]
2 ?3 C& O, j% w& c# J - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>* X% J) _+ K7 R0 y7 h! P
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
& S8 X# v. {% j4 v* l# d% u6 j, [ - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
0 g, H! K& i) o0 A$ u. h1 B - [System Restore Filter Driver / sr][Stopped/Disabled]
7 a; Y6 r& M' T3 N7 a% D - <system32\DRIVERS\sr.sys><N/A>
0 y2 [+ A4 L( g3 x( @8 V - [TesSafe / TesSafe][Stopped/Manual Start]: {5 C6 E6 y! Q1 v& a
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
' I7 i& `& e- r, G" Q) [+ u, ` - [System Services / unzxzsrs][Stopped/Boot Start]
0 H) G$ ~/ l% o - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>' O* X9 }6 x) S. ?4 }% |: F/ Y" H& m
- [ViBus / ViBus][Stopped/Boot Start]
$ C) ~) q4 M) R# N% ^1 P" m - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
; d9 L4 k" ~8 V* w# y8 K0 S, | - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
1 \5 Y" Z3 W- V8 u+ F - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
: S7 q/ h; J, A5 ` @0 w - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]8 m7 L% p O9 G0 I4 R1 C; }# V6 F
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
5 Z& G/ }# P8 [5 K6 S - [ATI Extend / zhibmaso][Stopped/Boot Start]
$ b0 d y6 v% ~2 f* {; ~% f - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>) E6 E! z& \2 H, }5 y8 s, W
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]7 N2 c+ Y# f. n% G. u; q" J
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
2 W7 @$ q# F9 ~ Q, k; y- I( T, o - ==================================- U Q, ~. ^$ O6 ]! o0 K/ J/ }* q
- 浏览器加载项) G: s5 v: J3 t2 x4 b6 y% o, B
- [Google Toolbar Helper]$ i, w* O, _# q% n: X
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 x3 M# ]( ]/ t0 v1 p+ o
- [Google Toolbar Notifier BHO]
7 ^7 v r1 @! U; } - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
' i, e# ?5 i! R8 \: P; X& y# A( X - [SafeMon Class]
/ `8 L: ?7 _/ r- R9 y s9 h - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
5 h( @% J, w/ j - [kingsoft browser shield]2 i) D4 L! i" j; O
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
. n6 Z3 P* l* g# Z( U9 s% c - [IEBuddyExtControl Class]* N2 V( a+ o$ H7 N
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
3 @9 s# a) ?" ?" D8 a' @ - [Zcom 杂志]
! t5 `8 I. X7 G& K$ i ^ - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
, n( d' p5 S4 d, k - [&Google]
4 P/ E2 D2 ~! v+ N8 s& ?, K - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
R6 G. n0 n _6 |0 g$ }& b - [KooPlayer Control]
7 o' @. ^" ]4 H( u$ V6 y - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
# t: s: d0 o" d7 M$ t5 B R - [Shockwave Flash Object]4 q |8 s' s" O. N+ C p0 X
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
3 p+ ~+ k' I+ @7 q) b7 } - [KUpdateObj2 Class]
& a* B+ k# j. G' \6 F0 V - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
" @' N) U1 O7 w' u - [Google Script Object]
& ~$ O, j& ^% P! |1 A! ~ - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 M% a+ g# N! \$ d/ v% S
- [EWA Control]
% A" Y) x$ P& N - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
4 a5 \2 a o4 H# ~. e; e - [Windows Media Player]
4 B3 P9 c4 R3 X9 K( Q* w - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
( Y0 i! G4 S' c1 A$ g( T8 N0 v4 n - [&Google]6 T% \& S1 Z0 Q7 O% L% }
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>% U# f6 k6 G' f& U4 s: h0 k
- [HTML Document]
0 q ]( d" ]5 K0 M5 O7 w: r - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>! r& C3 u( F% ] b$ h- e
- [DHTML Edit Control Safe for Scripting for IE5]
& n# b8 r" o2 M2 \. Q' d' T - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>. t; s% v0 U) Q; C4 A9 r1 L/ L
- [RealPlayer RAM Download Handler]
0 g- {; j8 i! [. c) g8 o1 B7 N - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>% R9 e7 ~; p' P5 l! L
- [IEBuddyExtControl Class]
; }6 J& T. Y0 T - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
# u1 z1 K3 b% e: W - [XML Document]5 R4 C4 r- m3 ~, f! r3 _& j
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>/ U/ h7 h9 t2 E, X7 `$ G% }
- [HHCtrl Object]
9 @: a1 W% X1 z+ c- G" n* H/ } - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
4 G* V% R4 \: K - [Windows Media Player]9 S5 \4 v G' x" I4 w8 t" J
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
) U1 O8 `' V3 L5 l! A6 M$ }2 t - [Active Desktop Mover]! f* T/ E. n3 E+ i
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
4 X) z3 W7 G+ R3 b' C - [360SafeLive]5 r$ E4 J( E0 v/ m
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
& ]) C% B2 A. C# | - [Microsoft Web 浏览器], d. }3 w) W6 V. ^" W6 K0 @
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
( D v9 @1 v0 Y# x( W& ~ - [Browser Enhanced Objects]
, ]! n9 O2 i4 `/ l3 v - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
% b- c/ W. P/ f+ G" _( _1 ~+ ]& W - [Google Toolbar Helper]
! G& L3 c9 G$ S - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
) v+ P4 Z* o% ~3 S - [Microsoft Scriptlet Component]
. `7 J& g+ `$ h, l6 B1 [# _ - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
1 P4 F1 _8 B, p) o) T - [Google Toolbar Notifier BHO]
0 Z N& t9 g3 D$ ?; p7 U# w - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
8 O3 p \8 m9 t! k& B! B - [SearchAssistantOC]3 o4 z+ D5 P: n$ C" r
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
7 r C, s/ a- }' x& W - [SafeMon Class]
4 C/ I: D" P9 ]8 @- R9 k, r - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
+ R$ ~, ^1 H1 K' P# o& h/ g2 W8 j - [RDS.DataSpace]4 k- O# g. V% u
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
2 N1 w9 Y2 V7 L% W" W6 I - [KooPlayer Control]0 Y9 i9 ?3 x! S4 w9 @
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>: v" @- J+ k" V- |* T4 H, r* R1 ^
- [AUDIO__MID Moniker Class]
5 ]4 l. `! s, a - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>! {4 m4 Y- O; T* f" A4 V
- [AUDIO__MP3 Moniker Class]/ a ^3 E; ~2 i, h
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
5 C/ E0 Y0 \! S# r5 |/ M) h - [AUDIO__X_MS_WMA Moniker Class]
a. y5 Y9 v: ?- {8 T - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>/ l" u/ s$ {9 I+ r; d d
- [VIDEO__X_MS_WMV Moniker Class]5 u0 q* Y. J& U& i( Q
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
* ~0 u2 O( \: k1 R: T$ E4 b5 h - [RealPlayer G2 Control]( B# e1 X9 ?* C
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>' n; {, X' W3 E4 O! D3 {- T' W
- [Shockwave Flash Object] U+ n; |; Z& o/ W, M3 [* N1 U
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
8 c# v' A9 U6 P% Y - [KUpdateObj2 Class]
- Y* O4 b2 u) G1 a/ L. d) z: k - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>- n3 G4 v0 R# O7 Y) z4 s) U% o
- [kingsoft browser shield]
% r# Z5 C) s! t8 |) g - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>7 ^5 |7 _- @4 R$ m1 m6 j9 m
- [PasswordEditCtrl Class]
) v; R5 A" ~* k2 ` - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
( h7 k1 ^( f$ u: Z- X% I - [QvodCtrl Class]4 u* N; t5 b! v+ \. m. @/ p6 o* T1 c
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
, T6 {0 |/ ?* F' U6 O - [&使用超级旋风下载]
8 W; }; x. N$ a' R - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>1 L4 n$ i& v8 n8 e9 C' k. q6 o
- [&使用超级旋风下载全部链接]$ M) b! d8 T" ~. u
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
+ c, \) x( w$ f4 Z% L' P4 ] - [使用迅雷下载]! m5 T! c- r* r
- <, N/A>; g4 `. ~7 Q$ A. q, x: R
- [使用迅雷下载全部链接]
0 K4 z) C" b7 q3 C - <, N/A>( p0 G! p" g) ?7 y9 m7 D& e
- [导出到 Microsoft Office Excel(&X)]
/ N# e. c- ]1 m! t$ s - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>. Y H1 H" ?9 W0 E; j5 z' N
- [添加到QQ表情]: s; W1 g) ?: j- z
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>7 L& Q. s/ I% a8 f
- ==================================
0 W, Q% M: P4 j; q. e) i - 正在运行的进程. @; i# D" e- i3 R
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ A7 h- E! P2 M% B5 L7 `) } - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( a) x4 I- P/ f1 ^- o; C* {" L - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ p# W# F [1 D* u: J1 Z* A" R
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
& J" d6 {( _( |0 M1 p/ \ B - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ v: e$ x& D1 _4 Y( _
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], v2 f$ M6 T: \1 G' Z# K) o
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 ?3 G) {3 f# `' Q
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 `4 f8 M" F0 @% S - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ y* F' I0 \* l
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& G. k3 C& i; P - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 E( F% M* n8 O" o2 B - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]. J5 j, x$ M3 O5 n3 ~1 l4 o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 [! e3 Z! ?; F0 t. F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 O1 c, s7 c1 F
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
; l% f, ] k7 y* ^! T+ ` - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 ~% V0 ]7 b1 e4 }" U7 n6 A7 d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]- [1 K+ Z1 I: V) z
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
- V% b7 H* f: \1 ?, X y - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]. [ M# |7 B) E) _7 @+ \" u
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]3 J5 Z- B( [1 Y- b5 @9 ~
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
# c4 j) O/ U) I7 K; ^3 _ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; E* t! t0 [+ @3 {5 d- o" ~
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]5 j0 b& @% h# O/ |
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]% f8 R; E3 Y0 R j) m/ ?3 q9 i! p
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]* A& M# `+ [0 G5 a* }
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]' Z) {* s# v( N! D' K2 j" A% M
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]5 \( I; s* E4 L8 s9 @, |0 b! P8 F
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]5 r: r' W1 G" L( f- f+ P5 n2 P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
1 z" H: u7 e; E% Z: W' t( O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]8 B' {- b' M9 O% w
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 k0 \, N# j% J5 k - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 C. V: s6 E3 T5 N$ t- Z+ T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; M5 ^2 x3 \3 ~+ i4 `- i- k: Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! z- r: b4 [$ n. E
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 x6 V4 o# S) z2 ]$ d
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
- m; d/ U, @' }; y7 o2 p - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164] F( j- K" g2 u. t8 A# I6 t5 L; Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; X8 {( r! y4 r3 P x6 k+ ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 @& ^3 }: r5 b. u - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
3 v( d5 `* S% L* x7 `7 I$ V& g - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
1 g) Q" a \( J+ j7 `, K - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* Q4 \& Z. n0 T
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]4 Z9 J4 ~6 M+ ^& ]
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 _7 Z+ K- F8 ~+ o' N4 ~ n - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]& {% l3 p2 I% w
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" G% J* _8 y9 o- k2 A/ B" ^# k
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" X) P' W/ a4 Y5 l& [
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]: x) z* ~/ r) A
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]0 j# [: \& J. L- r( J3 X. K0 d
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
& W+ L* p3 O @' H) K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 p/ W3 V/ e( V3 H. W1 S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% r M) ~/ I9 R* Z, O1 Q - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]/ w9 D( }( v& I, ^6 c
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
* ~& R+ ?" k- U! \3 j X7 x3 R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
5 w) f/ N: W& ~! O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]* p. c% F- r+ X7 v# `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]2 B. T2 _/ U7 ^6 k6 w+ g1 l5 `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
. K0 y' J+ r, w7 t! }5 | e) h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]8 x9 j, X8 G h# y+ O: ~" h: W& d' d
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]; t; b+ ?4 i' S6 x
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
$ F) @ g, g5 o( i& L, t. L - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1], w- M; W8 B0 U. S
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
$ A# b6 J5 ^0 Y" n0 S+ S- p) f1 v - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
E m3 O" `9 r" w' K6 ]% B# e( N - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
+ |$ b, `- N, r H4 v - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
6 d) g; i3 q' i" n - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0] s% W2 @' t0 Q/ V6 X* ]
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]6 o; a3 R: F0 E2 \0 ?3 \+ T
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]8 p. O- g! z- m3 x
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
& H7 m* S* ^; F* \% \4 @9 L - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]: [1 m3 x( ^* k9 M
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]/ S) l* c" I- ^1 M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
. B9 \! y. h! b$ o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ z* M: R! Q. C& P
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
, |/ s1 f0 Z8 j3 H2 D0 n - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
. K( S" c" ]5 m - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
' ~" I4 ^* e n& r6 b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) v; w% [8 a' f# b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( p" Y5 _' f$ t7 c/ \; e. C - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ J4 Y$ X- i! ]- }2 R5 P4 s
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]3 P9 x* W4 g) k2 |' y
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
1 x, p' p( z& l7 u2 r0 l5 J" ?- o - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]$ j0 x8 A* U) l5 q% ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 A5 V' R0 `) |1 H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
: y) D/ n8 T* s! G - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* g% }$ J; J5 @/ p' o% O
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]4 ~1 U1 P7 n8 \, B8 d M
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001] x- b- e0 N' m1 L6 }9 v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: a' ?2 @0 h5 e Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
- W8 o7 O* r2 {4 q; h - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) m' t; G* F$ ]$ O# T! r - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]8 e) B% r- i# i. X) u- F6 t+ s
- ==================================
, N" P) i8 b @/ W( s9 s" J, J - 文件关联, ~1 W1 t/ e4 I& Y, k
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]/ A# K. B! U: K" E
- .EXE OK. ["%1" %*]5 E8 C' X" h: ^! d, P- ]9 M6 @
- .COM OK. ["%1" %*]% d' ^. N4 S/ z% g. }7 H9 m$ t
- .PIF OK. ["%1" %*]' U, W( A/ [# m
- .REG OK. [regedit.exe "%1"]* R! E+ ?6 t" J. ~+ o) {( k. |: ~
- .BAT OK. ["%1" %*], {4 t( C. j/ J2 k% S: }* |
- .SCR OK. ["%1" /S]
& O7 C) e) S2 A% d7 d0 i6 c - .CHM OK. ["C:\WINDOWS\hh.exe" %1]+ B- _6 `1 e) R* D' H+ C
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
4 g: q" o- m9 N: J9 z) F - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]% w; {8 t: u/ R( v& c
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]4 w$ y1 H4 \7 O* M3 f- [
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
. R, d5 ^; P) v, t- M' p - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
4 a6 D x% u- d, C1 W' h7 d - .LNK OK. [{00021401-0000-0000-C000-000000000046}]0 V0 N+ K* S; K# h5 e9 g# ]
- ==================================
- Q% T1 W: y) Q9 ?6 ~ - Winsock 提供者
1 v6 j+ s( ?) Q2 e - N/A8 U% P `) h7 y4 y
- ==================================- \$ _# o' q0 L8 G7 {2 I
- Autorun.inf8 ~' H B# @4 D2 L% d) d* f
- N/A
9 q/ e2 G; s* [- `% S8 P - ==================================
% f n& `, x5 | - HOSTS 文件/ ^ i+ h5 b3 x @
- N/A
1 x0 \% {. {* U" a6 J2 C% F - ==================================
; l. N& e: F' c3 s2 Y3 ~* h - 进程特权扫描
! O7 P. A; o1 n - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]8 K8 O0 h6 L" I( R/ Y- L
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
# L- H# r: p) s: e/ N - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]& t# f+ N% {% H( b# D7 ]
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]3 ]) m* J7 Z# N0 q. I* n+ {0 x1 r
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
9 v. a& G2 B9 g9 g) q. ?: \$ F! _ - ==================================
2 Q7 F5 q' X, \4 y4 S7 w - API HOOK
& ^: V6 k' ^5 \3 M( V$ S1 n& b - N/A
2 p J4 B1 n9 ? - ==================================9 k8 |5 ^) D9 B7 S' I" U
- 隐藏进程
/ o( @, {9 P7 U, P - N/A3 f; F1 I1 w( I q
- ==================================( b( A& ]+ m, p1 p2 @
- : I. G. z; l0 T0 p( _1 h% y
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
