|
|
- ; A6 \! a- n5 v: F3 [
- 2008-05-22,20:37:431 Z; s2 N$ H6 j, ?8 [8 E
- System Repair Engineer 2.5.16.9009 B/ V! C8 X9 f2 b s
- Smallfrogs (http://www.KZTechs.com)
, [! B: L4 z- c1 Z2 b9 z7 e6 A - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
+ @& t) X" n. H$ L - 以下内容被选中:' }: M: B1 g2 b5 i! E" H
- 所有的启动项目(包括注册表、启动文件夹、服务等)5 X) x& k5 w. I H% j5 z& g
- 浏览器加载项& L- I* Z% F+ A# B7 t+ _
- 正在运行的进程(包括进程模块信息)* c8 Z: n1 ~. e1 Q# j3 y1 W5 K! x
- 文件关联2 Y" j7 X# T( L; |6 b3 Q8 I8 n
- Winsock 提供者
& s6 f4 X) E, _4 t2 X! Q# H3 r) V - Autorun.inf4 c- `+ b3 a1 q
- HOSTS 文件& ?7 u+ N( S( o/ G
- 进程特权扫描
) Q: U# x0 Y' N! e
+ L R# A; }; p1 T1 B& z3 |& e! y& m- 启动项目
" j: l8 S. i6 D9 t; t- l w - 注册表
O" A$ |' P) {! e& @ - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
5 s3 K* t# y6 m5 j0 h% r - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
3 t7 Z. l) _$ P O( Q5 g, S - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
8 d& u* G- ~5 ] - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
8 A) Y- a9 @: F( t) `# a+ i - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
1 x2 ^ E" j2 `) ?; G - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
1 ~3 o4 a! y, g# C4 q1 Z: | - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]2 _) V; E* }& F: T8 F
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
8 T9 q: w! b. I3 s! M$ Y( I1 E - <PHIME2002A><; > [N/A]8 M `6 D" t( L A9 f0 @
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]: C% ?- ^8 b1 Z$ \* k2 l, z
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]% r: D# g/ ?) g5 W: B" o+ C8 Q4 v
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]: @: Y! }6 q9 O+ P
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]- {* y7 i* s1 F) m" s) R' s8 y& r
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]2 Y4 n; _9 }0 i
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]8 [/ ]5 |# ?- F7 I/ |3 h8 @0 a. X
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]. p+ f# V! g: o1 e3 R2 S
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
2 L& t4 |& ~5 a) | - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]) [' w5 k# K1 v7 e
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] m( {" F! W! \. |
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]( a0 f# p" P- o' c9 {9 H! W
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
6 ]4 A$ T" c5 K2 \; g8 O - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
1 ~$ p3 e! C. M7 P ~5 w6 Q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]5 h' D$ G; R: E' X
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]) C- S; d! Y' P3 {- r
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]- o' F# I# @# x
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]) R) q# a) H1 h
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]! z. R( e. z7 r6 V3 b
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
* ?$ G! g( h. T; Y D) l- z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
1 Q2 D @2 z; e' s. t. L% p. T - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]+ K6 D4 u" a! O
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] ?& W5 D2 T( N2 ^1 G
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
# [9 V2 H/ T* M. {% N/ _5 j - ==================================6 e, H5 m$ N9 F; e6 J
- 启动文件夹
0 v# T1 y( `* w- K - N/A
- t/ Z2 n2 v# E8 S# u8 A5 N9 W - ==================================
* c8 X6 d- d) K* i4 j+ Y' Y - 服务
* I* {% u; ]8 ] - [3ware Controller Service / 3wareSrv][Stopped/Auto Start] I. Z. B$ J3 I8 n% Y5 i; ~
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
' X( \8 r6 F K" C2 n& w3 w - [Google Updater Service / gusvc][Stopped/Manual Start]
3 B0 V E/ R0 }! b) w: e) u - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>- ], Z9 n9 k3 W3 S: ?
- [Help and Support / helpsvc][Stopped/Disabled]' x0 n) W+ y' d
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
7 Q- u; O# n5 n+ _$ M8 _! X - [Human Interface Device Access / HidServ][Stopped/Boot Start]
; F. u& Q8 K7 _, H$ Y5 _/ M - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>! J6 c9 W. X1 L- K1 O' F' y ?( k
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
x" W3 J; ^, t4 _ - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
3 v1 W( f0 @6 M4 C - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
3 ^* J: F$ }2 y _5 s8 s/ e - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>9 t+ C, q7 R( A" w7 O7 N* q" b
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]2 c# \& r. L) _5 @3 M
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>* w1 Q4 {/ U3 m5 m7 G) |
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]7 V% I4 `# f7 e8 U: V7 y8 D9 ~
- <><N/A>
0 J8 C& S% q8 w* D! e8 ^' w - [Qvod Terminal / Qvod Terminal][Running/Auto Start]1 J( K5 L, D8 a# f+ ?, t
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>3 S; _( \$ F- _! l) p
- ==================================+ o7 F8 `& L1 l# I$ _* I2 \1 _6 {
- 驱动程序9 y. o& k, r6 `
- [22j / 22jn][Stopped/Boot Start]( K3 P ?) }5 j# \' ]
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
) ^* f" x( `' E9 L4 I* o$ S9 c - [360AntiArp / 360AntiArp][Running/System Start]
( D* r% U z8 |2 E- G' ]1 E$ A, S - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>5 w0 Q$ C" [( a. R! i
- [43ec / 43ecu][Stopped/Boot Start]
9 y7 B) R6 g& k# I. [: o# _ j+ E - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>' z% y2 c* }$ h! ?% o
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
8 O; @. |, k0 t, B% P) r - <system32\drivers\ac97intc.sys><Intel Corporation>- k9 v+ E7 r1 k& ]' O6 b
- [Promise driver accelerator / bb-run][Running/Boot Start]
) w7 h" \& ~. U C4 j/ K0 T) o - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
# B4 I) \) h( B4 \ - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
1 C U( _! {9 Z - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.> i! @5 h$ p! N# ]
- [KAVBase / KAVBase][Running/Auto Start]
6 H) d1 K/ _' X$ J. A9 t- ?$ J# p - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
% h- N" U# Q, b( m - [KAVBootC / KAVBootC][Running/Boot Start]
! r7 T& y+ l8 V9 ~" \; i - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
% x0 u- `: N: b) | - [KAVSafe / KAVSafe][Running/Auto Start]9 l0 x) [3 H: e1 m
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
/ Z1 h' \+ U4 b- S; o4 i - [KNetWch / KNetWch][Running/System Start]$ C) }& t8 ~1 K# ]
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>' ]3 ^. ^3 J7 ^) a
- [KWatch3 / KWatch3][Running/Auto Start]) V. ]0 m0 H d; H1 g8 h3 R4 t
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
1 H7 @3 H# B. R% q - [ntptdb / ntptdb][Stopped/Auto Start]
5 m1 Y k: ~9 w, o6 U! \' b - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>' b" L; Z0 U4 p* U( }4 E
- [nv / nv][Running/Manual Start]/ `6 ^* _9 L. U" O( G
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
% \6 S$ G) z) z( d8 ^9 z - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]7 O7 a2 G" v, c, Y8 E5 J
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
6 N& a# ~) P& H8 P+ g! U/ n - [DDK PACKET Protocol / Packet][Running/Manual Start]4 V1 J1 G3 ?8 K3 t9 T6 {
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
( s! p3 ?7 p, K- _ - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
5 c& E6 B/ `) {9 ^# {# @. O7 ~7 ]/ I - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
3 |+ w0 S4 |8 m, n - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
% y: ~( R' P7 O. p! r3 a - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>1 Z6 k7 {" n6 q) F* s4 @
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]! ^* N. s# N+ H$ R6 l3 ]
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
2 M2 {. i: h' [6 K2 O - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
, P* V- Y5 ~; u - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>3 z) Q6 H' I |6 Q# X
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
+ l' p. n) M$ O& m. @7 z1 a - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
/ P/ p4 k0 X' i - [Secdrv / Secdrv][Stopped/Manual Start]
1 I1 m% r3 S/ X% [% \, `2 c - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>7 j! h# c d0 l: K" ]
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]# G0 t, c8 Q8 ]$ M: V
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
* G, {8 Q7 d% t- H; q+ p - [System Restore Filter Driver / sr][Stopped/Disabled]
; H" h" ^" G0 A# b- v5 x( ] - <system32\DRIVERS\sr.sys><N/A>
9 N- R1 }; w% o1 T" ^3 w) o. T0 Z - [TesSafe / TesSafe][Stopped/Manual Start]
3 [! L- Y; v! g, B! ^ - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
' ]0 Z5 j$ l/ n3 ` - [System Services / unzxzsrs][Stopped/Boot Start]
- Q9 X7 t+ u5 a0 I/ D2 o' s- n - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
( A) ]) [, l' B0 N3 q+ j3 V9 b - [ViBus / ViBus][Stopped/Boot Start]. J3 L: d# e5 \ K+ T5 m
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>7 x5 G, K; P' A# O* U m5 j( {
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]& J; T* e$ Z/ X; O: S' A9 \
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
9 r% ^- ? i: z+ O9 z) n- k+ h) H% Q - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
7 o# ^2 U7 u) {7 _& w - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
' Q6 S7 g( y+ j* r$ C4 x - [ATI Extend / zhibmaso][Stopped/Boot Start]
( S, @7 ?# q& X# a - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
" d/ S/ `/ Y# z, \, p' O - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]: [4 H8 T) G5 L; B# B
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>! J. c; S% J% b t
- ==================================/ w) p1 V6 V: S5 p8 }1 m
- 浏览器加载项5 d& c/ C7 d: @$ r
- [Google Toolbar Helper]+ S' k$ }# d2 r" ^1 x& u8 z% |9 r% w2 L
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
" I2 M& H, n: y4 C5 {2 b - [Google Toolbar Notifier BHO]
( v- _) B6 L' J$ s) p - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
# j+ d7 f. x- u2 A - [SafeMon Class]6 r+ k5 m$ Z6 N6 d. y: s2 K
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
+ U# c3 u! t3 q4 g# T% b4 f( c; p - [kingsoft browser shield]# q2 `" u) c& U! `
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
1 C7 U: k9 q' ~& D" T - [IEBuddyExtControl Class]
8 ^- u+ O) C& o2 J" M- I$ L$ z& l - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>& [) F1 {* B2 e3 u* X
- [Zcom 杂志]
( y3 C8 ?5 Z* u& K2 Y- V - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>, X1 {, |! |1 U- t: H+ l# ^9 f
- [&Google]# I; P: j% V& p. E5 d9 o6 h
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
: h: C. K6 y- H" j J0 G( I3 I. M7 D - [KooPlayer Control]
8 g; i2 f/ b0 ^8 Z - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
; f' H6 P& F; X7 [! X$ u2 ~ - [Shockwave Flash Object]' w2 I8 h% t q/ ?: `
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
1 G; u {% q0 ] y, h( ? - [KUpdateObj2 Class], P( n7 K: ` P9 S
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
! H; E* |3 [' ~: |1 D7 ? - [Google Script Object]; f0 \! T+ l1 t1 p2 e
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
/ [( P( \* _0 h: h8 x - [EWA Control]
& E4 K" v- M$ e0 o - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
$ t6 V0 @+ k( I& H' | - [Windows Media Player]6 z' w; O; {2 d2 J+ ]8 [8 C
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>0 ~2 _# b* t8 O1 b7 |, `1 ?
- [&Google]5 r6 ^7 C( N0 l5 I
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>2 D9 n1 n% F2 Y, l0 `
- [HTML Document]
/ r0 e2 J% b! a) z/ Z - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
2 n1 B6 H0 v9 E# t - [DHTML Edit Control Safe for Scripting for IE5]7 [- D$ d) [. ^ W
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>6 R0 f9 z# g3 T7 S1 H+ J
- [RealPlayer RAM Download Handler]+ |+ ]; I5 A- {' [ `1 n
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
1 r3 G8 g. p9 m" Y2 F; Y - [IEBuddyExtControl Class]9 B- p- d" V/ \/ s
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>9 a9 n5 m/ g/ H- U4 a7 I( a
- [XML Document]
( w: M* p7 y3 i' r0 [2 I' e; k - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
& B( F* [ B. c( g9 N - [HHCtrl Object]
* a3 h* ?/ e, ` - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>8 [+ r8 z, V0 g6 z0 w
- [Windows Media Player]; Y" C4 t4 ~$ q) ^8 |8 W* i Z
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>1 t* { b2 E9 T: q% B4 n8 |
- [Active Desktop Mover]
" J* T1 i) h* j0 A5 u9 [6 b* t% \ - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
; s3 C# f( @, Z1 S8 G w - [360SafeLive]
0 \' w" ]! F- v Q# M. O/ \ - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
! C) e! r( u- r5 c - [Microsoft Web 浏览器]; ]7 c9 f! u% E& o: N7 I1 A$ J
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>! Y( ?! N3 m1 A6 w
- [Browser Enhanced Objects]
7 |+ o1 X5 k$ c* m8 | - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
- \& J, y3 v% R/ | - [Google Toolbar Helper]( R2 \8 Y+ }) w: u! |% H+ S# x6 K
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>- i% y X# r6 k+ ^, r
- [Microsoft Scriptlet Component]
0 d* U6 F; {2 l% U! `0 j - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>% d6 I _" l" U; _- O- Z
- [Google Toolbar Notifier BHO], O3 I0 T0 a1 m/ {) h. ]
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
0 S' q! P# [& a6 [ - [SearchAssistantOC]2 W" j* r1 k) p: C' m9 o- S7 [8 |
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
1 Q! ]" L1 O6 {2 Q9 O - [SafeMon Class]
9 ^' x! H& s( t7 j+ K9 \ - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
. h* [7 i5 p; |, w& X( | - [RDS.DataSpace]
7 @* A/ D1 v% K% \ - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
& F$ Q' o5 \( E+ x# O8 k - [KooPlayer Control]
+ [# p5 ?* P4 B6 k+ v - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
4 f D* g. F8 Y2 _9 _ - [AUDIO__MID Moniker Class]
% [. b4 c( I0 A* W- b6 d" N - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>0 x6 ]& h8 w$ I( P9 [
- [AUDIO__MP3 Moniker Class]4 w# [6 O. a* S* ?5 I; R
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>$ D' \2 u, o7 n6 E1 k% r% Z* ?9 X- l
- [AUDIO__X_MS_WMA Moniker Class]
! s! ?+ t: g( s& k - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
4 h4 t! S s1 `! H - [VIDEO__X_MS_WMV Moniker Class]
: e) O6 s. Y9 s/ L. c( x - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>+ p' ~: }0 K' i# Z5 ^
- [RealPlayer G2 Control]7 ~1 Q1 Y- Z u* X$ Z" P
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
4 X+ Z9 Z: ]2 z2 H+ q5 V. D1 j z - [Shockwave Flash Object]
# r3 O& h8 X( v) ` V& {' U: A - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>; r! O- ^4 c6 U8 k1 B
- [KUpdateObj2 Class]
0 n- |3 \: q! A7 M/ `4 U5 }: V - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
" m- `% X/ Q/ u7 b9 [# Z - [kingsoft browser shield]3 ~# T5 s- P4 I5 |6 T7 o9 |9 O
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
( V) @; e' l8 l/ F1 n8 ` - [PasswordEditCtrl Class]
- Z: {$ W! H, S. o8 X3 \ - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>% n& X' o7 G8 K4 X
- [QvodCtrl Class], u- f0 a4 I( v4 A& l5 f
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>7 o S, }& Y' ], Y5 v0 A
- [&使用超级旋风下载]
1 s& c7 N: t* Q5 d" b - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
" w. z$ f- i6 P. {# s; R - [&使用超级旋风下载全部链接]
" G( {1 A8 `7 a g; t - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>8 ]5 V; _4 {& [1 }8 g. T! f) G4 d
- [使用迅雷下载]" g* g) K2 H i q
- <, N/A>3 `: J0 B* j( d: Y5 j
- [使用迅雷下载全部链接]
4 j) {0 g: V Y8 }6 v1 D - <, N/A>1 ~5 B8 Q3 S: `9 X
- [导出到 Microsoft Office Excel(&X)]
- T8 p+ v2 p# d [ - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
+ G- A+ I' p4 k0 B% D/ |( [+ ? - [添加到QQ表情]/ v8 }( c- W" w& R& d9 U6 f: p) H
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>% M0 A. Z, Y2 t! Z( j
- ==================================
0 _3 w, D0 Z- q8 E3 R; f - 正在运行的进程
/ G) B0 }& m6 ?! p a - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' m* j4 C' Y( m5 Z7 N - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
, K) l- V4 ~$ g - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; o9 Y. R8 G. m3 w2 k8 d6 z7 `4 i
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
- G6 r0 D1 h: x4 U1 j - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 y" R1 W* ~8 o9 T - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ u8 |1 n& Z3 }% q8 J - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 N$ O; y9 f8 F* M- R5 A( g6 Y
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ c4 l9 e* q) U8 {
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* m5 @1 i, g ?9 {/ M; d - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 V8 t' ?+ H% Y& Q9 @+ {& U/ c
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- ?+ v; b* ?* N - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]" N8 o! s7 K$ m! ]! w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]8 R3 Z! D, N0 g6 ^5 T7 V9 h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# ~* f+ Y: ~0 v$ z
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
# L5 g$ V" L6 l# M w4 ?! S; p - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]+ o! F3 d. V" h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
3 q( I- w. d9 L7 {4 e- D - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]3 |. j9 X2 G0 p- A5 o) [
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
6 E/ |& h* K/ h% C2 K5 O - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]& x, L! N- s6 A
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]" l4 u' O0 l' U# O+ e9 Y4 S+ Y) b
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; ?: _1 o8 ]# [& B
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
Q% T( w9 {) s; T/ ?% ~ - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]5 [/ v! T+ P |1 o5 ?- r" e3 S
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
- {+ I$ z; k8 }5 w8 W: F - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
' U' a m1 H0 X; ~; i; d; J o2 A - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
5 G3 b k0 b8 M6 W0 u4 A6 V. a9 } - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
* b) l+ Y$ r B8 o+ R' Q& B) u4 K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 l" K: F4 t4 i6 h, G: w! p) l: i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364] M0 I$ E: Y) E& m, s
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
r6 ~, g& i% c% x7 v - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ o# H# @8 u, t8 G. s4 X0 B, B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]6 W( `0 @; K5 E( J% ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% s; {& d, s8 k
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ o; }+ b6 M2 Z/ I- Z
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
( Y5 J7 }- g% W) v/ E - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]7 Y( F$ e) X* V' F- p" _3 O6 g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
! K; T6 ^! u, \2 \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* i: i# n; U* y9 e - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
, Y. K7 e6 X' v, [1 v - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]+ ]& ~/ G4 G G% R; H3 k. ~ [
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]' ?* i' b2 d" }4 E: @/ c/ @. V% |3 J
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
7 v6 g/ S, D5 b6 Y" S+ B - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- ] s2 @0 n2 ~; h' E$ y
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]7 c6 g0 l. t8 H9 z
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: g! |# F, f9 b0 x: q$ k
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' P3 u1 R9 Z) t* d o: B
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
" O, V( A8 B$ q5 F - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
- p0 I0 ^" z) V8 M& r! H - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) m0 Q+ d* f" y! C6 B
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]7 m. f/ s# B, `% i3 U3 ]# }4 O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ Q# x# Q6 v9 h- b/ `) Y - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
& N& A$ A( L# f - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
& N5 z8 ^" ~% h1 d2 [3 ^, R5 t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
4 j& H- ]7 `- _9 s3 | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
; K5 c" M3 B) x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]) Z( J8 h& Y; p* K
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
7 a! M, W/ |. J7 n, i( D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]* e6 C" |1 M" G% ]
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]4 J- G: A. d& j1 }* o+ e( w
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]! V1 D U( [( b) ~4 A& p' E3 B
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
4 O" Q- M- t, X4 u- T. ~ - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]0 V2 y6 ^6 b! Y- G
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
3 f$ P- C% s6 ~- Y o - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]) f) g, O0 Z2 Y' A0 {
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
+ P1 }2 H5 u }4 s" C - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]- Y. y, P2 l7 `; ~$ r( Q1 U' P3 g
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
5 [6 ^* D# l+ V# B% K5 l8 T& \2 W - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]1 S5 I4 t D* G3 U
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
1 V# M i+ W T+ W# k7 Q* Z - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
/ W$ o$ o F( T; @8 V3 G: Z) [" T - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 Z% v9 S5 c( ^1 w& S% a% ^' w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 c( u4 ~' \5 M5 {. {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ Q& r. h5 R% I$ _" n$ u7 p7 y+ Y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 a0 N8 F0 k( p# [+ A' q1 u
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]$ U9 ~# m# T6 X# z0 e$ Q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]0 A# ^* a& f. I3 s; L6 C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ ]1 o+ v" j5 D1 [) n) Y( q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
: }3 c! s2 N6 V4 [% ` - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]4 _+ S6 B# D# z- V6 L+ w( E
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
2 F6 ?2 d o* e4 z1 ? - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
" a- H8 f2 ?" p: V& Y& ?" ] - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 S' q$ ~$ `* {$ T7 \* ^3 d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] K+ n) q/ b9 F2 z, E& j; O4 `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], A7 p) z6 v8 T1 R: {9 w
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% E: P1 D- Q8 W# ]1 k' A - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
" }! k5 T; n6 e4 R - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 e6 [; [1 G. v; e, {$ v1 g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]! l2 D3 M; a7 E: W6 v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 ~$ d; a: Q3 L7 q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 R6 M' T. v+ n" N - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
" ]* U# J9 s7 J - ==================================
, g# R6 p' ?: M% L - 文件关联' I# B1 v1 h6 A/ w' J
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]+ K& |- s# i7 o1 G% y
- .EXE OK. ["%1" %*]3 j9 ^! j X. b
- .COM OK. ["%1" %*]
. y, x* x' @) J3 b& E0 k! H3 b - .PIF OK. ["%1" %*]
/ | _: M; e0 {. ~' ^" L9 s5 T - .REG OK. [regedit.exe "%1"]
# e& i. D8 F! R) r) N - .BAT OK. ["%1" %*]1 \. `% G) Y( a T( U, e. y5 H
- .SCR OK. ["%1" /S]
5 I0 v# |/ @* f& r - .CHM OK. ["C:\WINDOWS\hh.exe" %1]: x# B* [9 |- T, p- ?
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]2 u) [0 m% W. {) G7 V
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
$ O" ~, r) v) G6 L8 x z. ? - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
0 g( n; n. u: c! K/ Y9 j - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]+ C/ T% w' n- A' M, S- w
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
3 K5 ]9 x; g+ k) p. M- m8 m - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
" P* B) M1 b4 D0 E& E - ==================================
2 ?% n7 e! ?6 m4 z D - Winsock 提供者
8 r1 r) Z' @; d0 ?- S2 A - N/A& w' p1 ?4 R' ?( i$ O3 N E
- ==================================
' y1 S6 b1 h* b! y - Autorun.inf: A: v$ ]; v( i: o& T& w
- N/A
+ f' x, S. K9 f4 p5 U) H% V( @: B, W - ==================================5 X& e( B; D1 L2 N# p2 G8 Z
- HOSTS 文件
+ i4 H: E3 v' H, s - N/A# {9 p' ^6 ` q% }0 C. g
- ==================================
4 |/ s' E. Q, W6 K# V4 Z1 d/ y - 进程特权扫描
) m1 P, O1 k, p* A! I' ^ - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]; I. Y! C# X \! F) R
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
6 _+ H) }4 M' v4 p - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]6 c2 q6 @4 P5 ~' w! r/ a
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
1 M4 O& J6 Y4 S8 w+ C, B - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
) a" n/ k/ }. c! o# |5 Y8 U - ==================================0 ], ^- L0 u# d4 O) w# ?
- API HOOK: f, o2 z- G6 l4 w
- N/A* N* g: r O. ?$ v4 U
- ==================================* Y& v; [3 \1 s2 ~! w9 g
- 隐藏进程6 f+ K8 e3 v8 F# K: I" ^3 F. v
- N/A
: x E4 M1 X$ ^, M. i9 n4 A$ F8 \) P - ==================================
! i- r5 R8 T$ U5 ] - ( c8 H6 W Q7 T
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
