|
|
: q! f+ S- O0 S. l3 Q6 o8 c. z- 2008-05-22,20:37:43& f2 ]! v# d8 ]3 c( y; a
- System Repair Engineer 2.5.16.9002 J. c7 Q/ T" k9 i7 R$ X+ D/ x
- Smallfrogs (http://www.KZTechs.com)
! m- \; c& A% o0 Q - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能; _$ F* p9 Z# ]% Y) b0 \# a; N
- 以下内容被选中: V9 \# G2 W5 y& D' t; O4 f
- 所有的启动项目(包括注册表、启动文件夹、服务等): j6 o, q# R: H+ V/ H5 q$ M5 y, K
- 浏览器加载项
* o1 W1 H4 |* {+ K7 Y# a - 正在运行的进程(包括进程模块信息)' w' ^6 s2 @9 L5 U( a6 p
- 文件关联3 q: }+ w* S; B; @" Z9 Y/ V
- Winsock 提供者
3 l: Z, k" N4 q$ F% e5 ~ - Autorun.inf, @8 z% ]& _, b7 v+ o8 X- |8 b
- HOSTS 文件. t0 u0 n( e! Y7 C* ]7 M, p
- 进程特权扫描
0 n7 T/ T3 ^. G7 G# s: M - 8 _9 U( l% e) ]3 s, ^: [3 N: @
- 启动项目
/ |& H3 s- i" ^ U% [ - 注册表) t' K8 c! A* }7 v1 M
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]) H! ?$ X: m7 ^9 N ^
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
. H5 u/ ^3 b' \5 D - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]7 V+ t, w8 S2 [& V
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]( @5 ?: N' k! Z' b4 w
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]$ [3 L( g: P7 F0 g. u
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]5 ~* E; G, Q; D6 N% O3 |
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
# i: v7 P0 Z% W2 i8 L% G$ S2 s8 B - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]/ M" \, R- K2 w/ A; ]; ?; v3 N+ _# j
- <PHIME2002A><; > [N/A]
( B& h# k$ ~( _# @( b0 x - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]3 u; f2 ^! V+ p- Y. f
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]7 V2 T) |* X5 k" ?) Y* ^ J
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]! V5 T8 \7 F( p
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
& g6 ?: Z& y; v7 J9 {3 H - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
$ q6 j4 j. q4 j- V* W - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
6 K8 J; }9 q* q" d - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]& y. H# l) @' G
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
) f( X7 U: O1 _5 S# o - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
% g* z) K2 p2 x, ]/ v; t: i/ A - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]- I. L. c0 r& q5 g j$ D! @
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
- n; G2 B7 a, f; Y( a0 e - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]; [9 Y* z6 Z- T5 s( R' i
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]* X! } ]$ R( \" c
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]% m6 x% [% F2 }. f! @, Z
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]% E0 l! K# _8 s- {: L
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
* ^( b# ^( F3 e6 j! H6 R - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
! F6 ]6 F$ U8 t1 J) l& f! A N - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]2 |. Z- }9 [! ]( E ^6 R
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]6 H0 }5 K6 R0 E" Z0 ]; M
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]: d5 T7 U3 Q1 t Q; q( D
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
A6 z! {5 I/ |# K - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
! N8 X2 z5 ?. B4 W - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
7 ]5 z8 ^% V. X - ==================================: T7 v/ P/ g! Q' D! D
- 启动文件夹. l R h0 m. P |( m# r
- N/A6 h9 K' J7 ? p$ t
- ==================================
" `) D* i5 R7 U - 服务
: `: e' b. L1 Y& F - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]; J7 i; n- C! }
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
: a8 b. S. W% c6 T+ x - [Google Updater Service / gusvc][Stopped/Manual Start]9 L% ^- @9 q% d6 z$ t
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
8 f7 o7 i% o9 t m) M - [Help and Support / helpsvc][Stopped/Disabled]
7 F3 V6 u; n7 l5 f - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
1 ]! |% V- P% j) K - [Human Interface Device Access / HidServ][Stopped/Boot Start]3 J. k& p2 d! H: A& \" v! U) _: a
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
: a/ J6 c1 ^0 v* L0 C - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]+ B1 W# I! z4 u% {7 k5 X
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
$ y- j! ^' Q$ F% V3 ] - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
# c/ o4 W2 x' E) B - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>* P0 ~! _* V+ q
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]2 c7 l q5 H# M$ ]
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>% c1 i1 X' U% A1 y% D9 V- `
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
& b5 Q4 j% D+ `4 g) O - <><N/A>; I w$ y, S( Q; K
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
9 {% C: z) o2 w3 t - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>2 q: ?1 U# t1 I3 ~1 b, l
- ==================================2 i* D0 h/ w: o7 B- C. O- z* n$ _
- 驱动程序/ r( T1 ?. w5 u3 l- ?& u" f& z
- [22j / 22jn][Stopped/Boot Start] s0 h5 h8 X; C8 M+ O+ Q
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>* o E/ k7 E2 Q* y+ L
- [360AntiArp / 360AntiArp][Running/System Start]
7 ?+ u) e0 |6 j# y+ K - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
# z& X# w' W6 Q3 Q$ F - [43ec / 43ecu][Stopped/Boot Start], p N, k/ n) U
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A># U8 C6 A8 O2 D5 Y- M
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
2 F4 z1 e7 o, u7 x7 h. _4 S- K5 r - <system32\drivers\ac97intc.sys><Intel Corporation>
& B+ U1 } K3 \4 z4 w3 f2 G; @ - [Promise driver accelerator / bb-run][Running/Boot Start]5 K$ c# S3 e/ b. ?4 Y
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
. [ u( s- r/ G - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]; Q4 [7 D/ y6 d5 `% ~$ z
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
0 }$ F! e$ d5 a j - [KAVBase / KAVBase][Running/Auto Start]8 {/ S& u% p- K! _' B( r
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
5 l+ D \1 Z/ i7 v1 K - [KAVBootC / KAVBootC][Running/Boot Start]" w! g6 d& ^& ]- o- F& l# U
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>0 Y. ~ T! a& W0 P) ~
- [KAVSafe / KAVSafe][Running/Auto Start]$ u3 e* f# J: o. b5 S) k' o* g* {
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
: h, M" e1 r4 n: F; B6 b - [KNetWch / KNetWch][Running/System Start]( m A) ?5 ~9 Z. b
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>% B7 L8 R4 f& `0 g
- [KWatch3 / KWatch3][Running/Auto Start]
' T) T: j+ i8 e4 }/ M- l0 _! }$ R7 D - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>; A( _+ T* `9 C- x& W6 N9 J$ J1 |
- [ntptdb / ntptdb][Stopped/Auto Start]
# E" Q* B* u9 W - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>1 ~' z: x$ i: M8 ~& l% O* L
- [nv / nv][Running/Manual Start]
# k6 ^! f' C: E3 p9 P - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
- C. c5 t5 U/ k3 f - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
6 `" ~* E+ _* A6 G6 Z - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
# a5 Q' F/ ~: t - [DDK PACKET Protocol / Packet][Running/Manual Start]
2 `- E6 {$ Q" \4 Y, I0 Z7 {, Y - <system32\DRIVERS\ProtoDrv.sys><360安全中心> ]. M9 f% A; i8 u: k
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
D y- y: x/ y" o/ N! Q - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
, ?: e) b/ _% I - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]5 d7 A0 g/ J' P {3 K
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
, J! B0 o4 W6 }/ O$ c - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
8 I( |5 q* {4 f - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
% m! j0 Y0 E7 [+ A5 \ - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
' J0 R! l; ~7 } - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
2 P$ w+ a$ W' V; o) P: h - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]- O% H3 }3 \2 p5 }# L
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
2 c, K" z4 w" f. s - [Secdrv / Secdrv][Stopped/Manual Start]- ^: g6 I) r# `: S
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>. o/ {" n8 x1 Y8 S K0 Y" W' N6 ]
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
. ^/ x8 [$ b/ _# u) w* n7 | - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>) A/ @; h( s7 W* n) P! N8 u- m
- [System Restore Filter Driver / sr][Stopped/Disabled]( x* \$ q) s: X6 \% V
- <system32\DRIVERS\sr.sys><N/A>
( I: t" o: x) m! J; w( G+ v - [TesSafe / TesSafe][Stopped/Manual Start]7 z2 Z, \+ b, Z/ [8 _7 G' q
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>6 i% }, s5 m3 {3 `- k/ W% {
- [System Services / unzxzsrs][Stopped/Boot Start]2 Q( f2 s8 a( A/ i x" ~4 p r5 v
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>6 D5 C9 y" q- t1 G" q
- [ViBus / ViBus][Stopped/Boot Start]
$ y+ b5 p' |0 q2 M0 u0 G - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
+ X6 R9 P4 I) U; N$ y! D+ g1 \ - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
5 s2 v0 k, K5 t( ] - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>5 }6 q1 L( z4 q& ? h
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
" z+ y. W# F* m0 Z# m) S) u - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
" L. A/ @) F" u) f, v4 g& ~ - [ATI Extend / zhibmaso][Stopped/Boot Start]
' v% J) z2 o3 B6 u+ W$ Z - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>; R0 n0 C8 S, {( P5 _" v5 B& z- r
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
' v8 p5 E4 d: C3 K7 h- G& C8 d - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>" q& B" k* b0 @, n3 _: a
- ==================================/ j) i6 ?3 G$ e& t3 {! R- H
- 浏览器加载项8 b8 N* Y4 ~0 N j
- [Google Toolbar Helper]& n; o9 C: _+ u4 d! p% s# `! e
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>. G8 d) g, v8 N8 J) }" B
- [Google Toolbar Notifier BHO], J2 o0 \4 Z/ K4 [* B9 Q4 q* k
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
2 L5 _3 S# V8 E5 p: c5 v - [SafeMon Class]
# m5 r3 N" x9 P/ ~% K - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
0 R6 J/ C. ^7 {6 P u - [kingsoft browser shield], I& M! v; s: E1 i4 Z( {
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
' d* X$ L& g2 }/ K# U - [IEBuddyExtControl Class]8 X* T$ l/ e0 X
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>2 x+ |( u# a. B! r% c, U* \
- [Zcom 杂志]
$ X+ p+ W$ b* Z4 M% Y1 ` - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
" Y) w. F1 ]% F' t - [&Google]$ Y4 O h: G5 R9 Z
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>! x( ]+ h: t& }5 z' Q( J, b1 a
- [KooPlayer Control], s- t3 U. ^7 B: [4 E7 b" |
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>/ G, q/ l1 y' |
- [Shockwave Flash Object]4 h9 p/ z; X p
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>, M2 f" P( J7 w: F
- [KUpdateObj2 Class]
% d a- k+ l( {0 w - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
6 \4 f% |6 ]% U Q* ~6 h - [Google Script Object]
7 Q, a/ I! J( y( Z - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
1 j a. e7 ~! p F, H2 H9 h3 j b' q) I - [EWA Control]
4 |, S' [: O: v( j- l; | - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
& f1 [" `" z! b) C4 B1 W - [Windows Media Player]
; t% A. E2 x& u9 S$ g8 _/ k; a8 Z - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>: c& V. S' Y2 W! Z9 S. `
- [&Google]
, g: L9 l+ W3 F4 B - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
7 s7 a" N5 `! i - [HTML Document]. c$ a. x6 l5 j: x C, |+ x& T
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A> n. @3 U \/ |+ F
- [DHTML Edit Control Safe for Scripting for IE5]
& O8 Q% p* V) G9 P8 } - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
) ^' p. ?5 _8 x# A4 T - [RealPlayer RAM Download Handler]
: b: ]- W! |/ M: j( J C - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>, o7 R( J! m5 n; U0 P# Z
- [IEBuddyExtControl Class]9 o }* @8 I" n5 Q- s
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>4 G% P) _1 K7 [! V# V1 B4 `9 `( E
- [XML Document]" r" c/ F3 ^4 `/ p8 W
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
! }3 ?% R. Y( o5 G4 v) a+ W - [HHCtrl Object]) m7 j E7 l, @1 e
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>7 _5 W8 P' L8 r( U" B$ b- ?# {% I
- [Windows Media Player]: V$ v- U' E, v" ^5 k* v* D' F3 f: P) n
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
1 C: H6 x' j1 h# ^, S - [Active Desktop Mover]
6 ]- C# x; p4 k- N - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>' }) o' j+ A5 L
- [360SafeLive]
' [6 t; d8 h/ P& d$ I. w- y( y1 S/ A; m - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
/ h6 _3 p; {3 m7 @) ]4 K - [Microsoft Web 浏览器]6 m% t4 v; U y( n
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>0 K2 m" s& O2 o7 y
- [Browser Enhanced Objects]
1 M/ m. X& F" q2 W7 @" d - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>+ ~4 I- [$ B: e
- [Google Toolbar Helper]& r& T* v% k2 Y( p7 p
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>- u; a& \: W) y
- [Microsoft Scriptlet Component]# o5 J0 P I0 U8 b
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
: m6 O3 }3 b& K& F7 o( H k$ l - [Google Toolbar Notifier BHO]0 [ s8 k9 U3 D! B* T: E
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
# p5 s$ I& l8 @5 m/ f) i- z - [SearchAssistantOC]2 U* t7 U2 E: ]6 F" T1 ?' G3 ~
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>' M' f, O8 U+ Z) D' Y' o
- [SafeMon Class]. _6 y% p+ J- d- I0 P
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN> S1 x2 W. S/ o6 n) T$ }! @
- [RDS.DataSpace]
) k" \/ w" _; X7 Q& V% X - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
4 J6 q: v2 R" N* s( z0 i+ ? - [KooPlayer Control]5 v8 q& d( N$ J
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
. e. E/ R( J3 L+ G6 v" f8 ], r4 H - [AUDIO__MID Moniker Class]
f9 Z4 y: e# N+ g - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, {( c3 E- g1 @5 r& `# o - [AUDIO__MP3 Moniker Class]
/ @' V& I+ G' W1 t! q - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>8 r3 @- U; m2 }8 X8 U
- [AUDIO__X_MS_WMA Moniker Class]* L0 j2 u: f6 J8 i6 [& p! a
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>+ P; R7 q, U+ z" O
- [VIDEO__X_MS_WMV Moniker Class]( q0 F6 q* q' @' e1 b. }2 Z
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>8 [. I5 w: F; H6 u" w$ R4 m/ E4 d! s
- [RealPlayer G2 Control]" u1 G% p& d x5 Z
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
% s) R+ N5 n: s6 t8 {' Y9 \4 ` - [Shockwave Flash Object]
1 E2 s' g9 V5 p" l( H; t i - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
1 U+ @% y0 v: |' t( f8 | - [KUpdateObj2 Class]
1 M" e1 t, Z3 C& Y- u! n7 a - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
6 j9 B* b) }5 B* l K* k - [kingsoft browser shield]: g' q- b" _: i1 e9 |% O
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>: }! T/ {. L; J
- [PasswordEditCtrl Class]
- h" a; E1 W0 v$ m9 Y) s; x - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
! v5 r- L" M: \ - [QvodCtrl Class]
}. Q* B) G. X- D4 V$ s - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>( }) N6 R* u6 d" P1 |- v
- [&使用超级旋风下载]" ^+ r5 Z8 A2 M1 [3 T
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>1 H; ?* D r: Y- s0 q
- [&使用超级旋风下载全部链接]
1 ]5 C }/ b$ G% g4 h$ w! ?: ? - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>5 S1 t9 T; z, d8 B. n. y8 P; B8 r
- [使用迅雷下载]
( m' K+ u% L5 N' h - <, N/A>
+ x0 S* z/ t* i+ \) c7 T( X - [使用迅雷下载全部链接]
! p* m+ T/ g' ^: P+ B! c - <, N/A>; r+ O7 O6 l) u
- [导出到 Microsoft Office Excel(&X)]
k! ]0 Y( n: i' \9 I1 r& V; U - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>* ?2 ?$ A" _7 S; j. H$ c
- [添加到QQ表情]5 U. u( r8 J' K: G
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>2 U" Z* e6 G. E M5 Y7 q
- ==================================5 R' ?( q& E5 u$ o, o6 D6 S
- 正在运行的进程
% T0 @" E$ _5 F% q - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 I9 ?2 O Q" _$ f$ ~
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ E! e7 ~& Q9 W* I/ y
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 c- b* C" h" U: h - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
" g+ j3 C/ O* g% v - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 `, {2 O8 V( |* z: @ C9 x& Q( S) D - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ K, C7 U' o7 I5 q3 S
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' ?; y) @0 @0 n, I! r
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 p8 `. ^% Y8 M8 r- l
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], ~; v& ^" l" V7 ]; F! i
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- C0 I' X, j5 g - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( K" x8 C+ R2 a2 Z$ x* U: U - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
+ V9 Q# q8 N- J C" u9 H+ ^ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 o: o/ Y9 f( N( R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]- V+ e- \. f8 _$ `9 `* u7 y
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]( { u; I; r4 ~$ V* ]5 Y8 s
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* Y) `; i( S1 @. I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
, ]' A) R4 `4 R7 j# P( `& D - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
4 g3 S' o+ N2 N6 \; t - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]% }$ Z9 b n3 H/ B9 O
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]8 f: I' o* Q' b& C3 x6 |
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]% |3 _9 D( Q/ ~7 t' E! I1 D# U3 q6 _
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]6 ?. [3 X0 B# r6 c) v
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
?5 V- [7 t/ H0 J: C$ I - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
7 o: Y" v" i+ \ - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
6 u& o7 n9 Q& ]$ l7 ~, d: m - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
3 }, w t% L9 Z7 |" c# ^( h N: v! Z - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
& y8 z& E) I$ C0 d7 j- s- j* Y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]: r4 Y9 ?; K; e- _, M) M3 i: w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( B: W0 m; e l9 S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 ]: Y6 J0 g9 @" j: i% l" X - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
A' y1 g5 q9 h* K - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# _6 F' l7 {) w, v8 v8 [; J! { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]2 S( T8 z1 [( j! y; W+ V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 O; ?$ r: `* e2 S: k2 s3 R$ l - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
1 i1 W! A' D# x7 k5 k( U - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]" J) r' g( l3 ~ D9 l# b" a
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
1 b# |3 J/ Q/ s0 r; ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 C" C- {& n5 N4 y) m. E' ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ m' m$ b( i; O% H6 Z& N' { - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]. J, O5 `3 O* [. s
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]& q! e; B+ f: ]2 F2 P- g
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) {- v5 ? x7 k; D. k3 A, x+ @0 x
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 ]7 |% T3 {0 B0 q
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], G# @6 L* t) b
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]8 n0 y- i3 _7 \7 _( G
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 i+ g9 x' p, m+ R! Z
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 a& p' a4 f0 a0 `
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
3 E2 ~8 i _0 s - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]( h0 {, I% c: f7 h- u9 K
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% h$ Y d; H6 _4 J# |$ t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* V& F/ y( t5 _1 g! M% v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 y; o) [9 J+ r' y1 o! a4 o. z - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]% `0 x. a1 L U# ~$ J! |0 p0 t
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]0 v% G: h# ?' I, @4 C ~4 l$ U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]$ {' [0 \2 j1 t5 f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]( K* s2 ?5 X" Z7 G
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]% Z" J) n( U7 t2 g4 s3 n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]) v% O# y' {" j! ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]) |' d# O E" s0 k% Y
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]7 O; I6 d' ^6 D% h x1 C
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]( }. d5 |( s$ h( Q1 @
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]! f% Y* ?7 n0 ]
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]1 P0 U9 V4 X% K
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
( o. n" v4 d: H: m - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
& e! f# O) p& c& L- n - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]: g8 R0 `6 D3 d- C+ T! l
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0], P$ W! b; T* n; W3 S( \: j: e% n
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
, P5 X! V/ }" k$ ~ - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]; R: O' h6 A* k( ?. p
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 `# b$ t3 P, C2 [' `$ t
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
# l! j: @; j6 X+ p! p" V - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 \6 L* w& N1 J - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( p3 e$ D% r3 k- ?3 O9 d: N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ t2 ^6 Y9 ^" p - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0], m4 Z# Z( ~- ]( I$ H
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
6 b; H, r" h% Z- O) ]. U - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001], Z) \( D: _0 J/ [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" B$ |5 G5 L0 B" r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 H& B. x; T# n
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' n {6 C& ]/ A - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
) d& [; M# r( u) D5 } - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
) O+ n3 w! p6 c4 J7 B& | - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 S. m; g) f$ a# A/ Q. h0 ? g2 e" } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 l2 `- ]8 l2 W2 ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 j' Q6 w8 S! D. A
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" O) Q- Q( L7 {* v - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
7 y; q+ }( q3 Q - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( R; h) k! m, n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 q; E1 l6 V- _" s. m: x3 T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" V( s# v$ Y% d0 [3 [9 g
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ N# W$ U7 I9 \5 | C! B0 U
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]9 K% h( a5 r, U# ?. h- M6 e
- ==================================
/ F7 \( u3 D9 n4 k - 文件关联' G+ a* }3 V6 ~' n: c% h* f
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]# v6 k8 t* Q+ K5 B0 b$ K/ a
- .EXE OK. ["%1" %*]3 Z! a) S2 E( `3 E% v6 T
- .COM OK. ["%1" %*]
7 E! j$ v. ]$ K: v. d+ L - .PIF OK. ["%1" %*]
2 O0 G# G% @, [( |! c0 J - .REG OK. [regedit.exe "%1"]. ^! J( H! D( W( l' o* y- D1 P
- .BAT OK. ["%1" %*]' a) G4 _! \' v
- .SCR OK. ["%1" /S]8 @ F' L( \0 `+ J* H: O
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]3 [8 x# K: u( ]$ k S
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1], U- a# e) y3 X* Z, \2 z8 @. _' H
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]" o: Q5 K, A0 q# ^
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]8 U/ C; E. }6 Y9 @/ z! W, g* E
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] A7 t- w" V' j" H8 x- U2 N: f
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
" O, h4 t. P8 U - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
7 O/ @0 `$ a: g: h1 J - ==================================5 J& R+ @+ }( x! L/ \5 Y# h$ i- e
- Winsock 提供者
0 H# l# g3 h% u0 h# \' f - N/A
; r) g+ w" R7 S7 @+ e - ==================================
# K# K- ?; k' k) s6 F - Autorun.inf! Q7 z% ^0 o. u* g. l/ o4 c$ j! w- d
- N/A$ D2 T3 |' m3 I& W! m, D
- ==================================5 C3 _% v# `& W* l
- HOSTS 文件
; a, V0 {# R/ }8 ~6 e3 C - N/A
( T8 W2 N' l+ ^ [# m; e - ==================================5 E( G. |& r \4 X0 b
- 进程特权扫描5 ~* _" g* s& R6 s- n+ @' |; Y
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]3 g1 G C- f/ n# @: V2 `9 t5 o# i
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]% N" N& F9 [8 n R; y( t
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]- {8 w, \$ b J, D( c0 h3 Z5 v
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
% z. X& l$ _# \7 N' L- ]( @8 x - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
. L3 j5 u z8 W$ S# q9 v - ==================================
* s, @9 U# m( G9 P" j - API HOOK
! B" _2 @4 ~9 z* q/ U5 ] - N/A
l* {1 r: M+ @2 \) o, H" U - ==================================3 `/ p1 f0 Q# ^2 O0 N. S' }
- 隐藏进程
* ^6 m f; ~% O$ S7 J1 ~+ ~ - N/A0 Y7 J! g& d. e2 L
- ==================================5 x, X; D0 ~; T0 v
( E: |' v& [2 k q1 N% `: G' A
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
