|
|
: L% w* E$ P% g* H/ e- 2008-05-22,20:37:43
# E# i3 M- D4 D+ y# P2 V% q9 k - System Repair Engineer 2.5.16.900
4 ~$ z! L' N$ N3 u* R - Smallfrogs (http://www.KZTechs.com)' ~7 s7 ?5 O# R* I5 d5 i
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能" _7 L$ w1 w2 }2 O% X6 N8 u9 p
- 以下内容被选中:3 f# U# A$ ]# ^- m" Y+ C2 a
- 所有的启动项目(包括注册表、启动文件夹、服务等)* N$ q- c# }* y) t
- 浏览器加载项
( Z$ t* I: m) x6 F& v* y0 u( @ - 正在运行的进程(包括进程模块信息)
0 Z6 V4 r" Z* c - 文件关联1 V2 S9 w3 c9 ~
- Winsock 提供者
5 s; i6 n9 ^* e2 ~ - Autorun.inf
: G5 w2 J2 m g' t0 a1 @ - HOSTS 文件) s0 g6 y7 V. l2 x' z9 j+ I/ X
- 进程特权扫描
1 y, @0 ^! N' }) s0 d - 0 A: s! j0 O4 H4 k' N" @: A" W
- 启动项目( w# L& Y8 e5 k
- 注册表" D, p* K3 c9 x+ T+ C
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
( w# L2 k+ h' J/ l% A. v - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
6 a+ l0 P) A9 P! n - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]' L2 k6 T7 i n, W8 d- u8 y+ @ J" k
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]5 J3 U2 u( a7 M" R V, \3 Y
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
' s! |: }1 |6 F0 o; m3 F! d - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
( L2 w' A0 c4 W- m6 d - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
2 O2 x0 u- ?% G' M l4 ~ - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]6 P) o8 C$ D; y( J4 w o8 A t- `
- <PHIME2002A><; > [N/A]2 T8 }& u7 a! k
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
0 T d0 ]6 P+ u2 M% _, B' X1 N - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
1 j f. Q- e1 G% [) r - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]+ b& g, d& q) L. y
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
5 }- p- v! T' R! u/ e! L4 O - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]9 U! N7 O) ?3 N! v7 H5 w. B7 L
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]( }) ?8 Q9 b J' I
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]$ I4 Z+ n+ g4 e0 U1 U* c" p7 h
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]9 T& L1 i/ ~0 w( v- N `
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]% O6 E% x) h& }1 G" ]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]: j9 k% B3 s; s& k" P$ T$ p8 \. F
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]7 J! A( ^6 R: P
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
) X/ z) z3 k. Q4 P! T& W0 Y - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]3 z0 o, J7 z. V2 m# R S, m2 _
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
. t& d2 _8 s' A. U0 U' _5 O3 R' }7 R - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
$ ^6 T. g( C7 o% ~0 b7 Y1 V. ~0 n - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
0 r1 c! _3 [% D% W: a5 Y - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
4 Q. @4 p- k" Q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
$ X9 G: v+ }6 Y/ `4 ] - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]0 A; m8 h3 m9 u; M, K
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
: x/ C0 z- K' \6 I* d" p* U) \ - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]7 o- l. Z! u5 {. T8 D. N v& N5 a2 h
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]& E3 c8 Z$ E C* k( [
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
) a3 d- a( Q( p3 [ - ==================================8 J' g% M5 c8 z' ^, O0 J
- 启动文件夹
' {5 |* Y% A; ]( J9 w) s1 w- l - N/A+ I, A' x2 w/ Y2 o
- ==================================; F( n' N9 s8 N( B
- 服务, c" ?9 u/ u) s: p# Y" c& F( M
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]' \0 C/ b* |2 O* d* Z
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
4 @# N! X8 ]7 ~/ R& d! i# Q - [Google Updater Service / gusvc][Stopped/Manual Start]2 d0 F& g9 X0 o
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>- R. j( d4 e& f" V% p, a" `* v
- [Help and Support / helpsvc][Stopped/Disabled]# [. O7 l7 o% C, M; j
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>' n( ?( n: e* Y8 s( {! ^; y4 P
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
: l2 x* N: x8 l( E" N. R - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>) ?) F! [- t" e
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]' M* k2 X/ g" z* r" o8 U, x
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
" e# J- t* h' [0 v$ C - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]; @* d8 Y4 h" Z, L
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>. @* y0 c% A8 x( `
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
+ m2 T& O$ ^& g4 F( w% x0 B" j5 u - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>- W- @7 X `4 ]3 j R0 I/ l
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
: f4 n7 f. d4 s' H! r" A" | Z - <><N/A>
1 K- l. [) x5 h N) ~/ j - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
% ]) M! ^% |7 `/ T# Y - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>% O b' B8 g7 x# @+ [! F- j
- ==================================
9 N% ^( G1 d( ^ - 驱动程序- C# E$ V$ M' A2 q
- [22j / 22jn][Stopped/Boot Start]
6 ?4 c# h' s6 }: i - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>" z' _+ ?. ?' `
- [360AntiArp / 360AntiArp][Running/System Start]9 v" h I2 h( a: d4 j
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>* K* K1 I" S/ K
- [43ec / 43ecu][Stopped/Boot Start]1 x& r5 y3 |' j+ h; y" I3 d
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>7 z! t- R4 |, Y& t
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
) h& ?: B, _0 Z. l6 x: w0 N$ n2 U - <system32\drivers\ac97intc.sys><Intel Corporation>
1 t) w; A' E6 g* i# D N G. k) s4 ` - [Promise driver accelerator / bb-run][Running/Boot Start]
/ }6 l1 ]8 _" f$ P' }0 e) s! f) ^ - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>* `, ]1 z$ A; ?, \6 c
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]+ Y, F! z9 p! `+ X% }& Z! y# I
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>* h. B$ ~; a1 g4 X' U
- [KAVBase / KAVBase][Running/Auto Start]' j) s0 Z# v& G8 Y
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>; g. b9 F/ _0 F
- [KAVBootC / KAVBootC][Running/Boot Start]2 G7 x7 `8 N) h0 e! i. f G
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
& _* K+ C1 z) V) c0 b; \ - [KAVSafe / KAVSafe][Running/Auto Start] [9 ~2 |; P2 C/ c
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
& }# L$ V% ~) L0 N2 E: c - [KNetWch / KNetWch][Running/System Start]
1 ? v. ^% N) S. L i7 t - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
/ L6 v) W) `0 d$ J - [KWatch3 / KWatch3][Running/Auto Start]
5 R" W4 C+ W' R - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>' h6 W1 N( V1 {) L; U8 J, U N
- [ntptdb / ntptdb][Stopped/Auto Start]* T X2 C. ~' l' ?% k1 R5 z/ p9 O7 ^
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>+ f. D7 G4 n0 b/ I: L
- [nv / nv][Running/Manual Start]
# L [/ l X. v( l, E - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>: ?4 B4 b" N& T$ f) |3 q1 j
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]9 B' s/ c5 h2 N, N1 m* q
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
% U. V. T# U- ~3 ], C - [DDK PACKET Protocol / Packet][Running/Manual Start]7 p; ~3 Q4 K$ D: K' @& V
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>& T, {. ?& q' f2 h3 r. r/ t
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
3 h3 N8 O' k8 S9 L - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
) s9 }- W7 {0 D8 s' `& z+ q - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
2 J4 E# N2 A& X/ {# ~ - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
n) i4 X7 x2 W) S5 l1 Y4 [ - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
& I( r$ s' a; g' }2 U- E - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>, B. R2 z. j4 [
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]+ R/ l2 z) Q t: _
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
9 w* @8 P- M! w- \ U - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]- a/ _6 d& ~+ \/ o# L' r
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>: v! ?; i; j( j( [% r
- [Secdrv / Secdrv][Stopped/Manual Start] D: G) |; e9 p, K( e
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>3 o; \8 Z& R5 X7 Z' H/ [+ q
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
8 m9 e2 Z1 M6 ?. T8 p - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>$ N' s! h; G- d! T9 `" a G1 F
- [System Restore Filter Driver / sr][Stopped/Disabled]
, H! {/ }. j/ @$ S6 C2 M - <system32\DRIVERS\sr.sys><N/A>' |0 ~3 V$ V. U1 t! ?7 X9 j
- [TesSafe / TesSafe][Stopped/Manual Start]5 h" d E9 R. M2 ~' R4 q0 X6 N, D; ]
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
& |$ ~& ~2 |, a/ g; c - [System Services / unzxzsrs][Stopped/Boot Start]
- N2 R! ^9 W( e# X7 A, ]2 S. ^* |, ]/ @ - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
7 x9 V! l& E8 A9 y, Y$ B - [ViBus / ViBus][Stopped/Boot Start]
( ^5 E7 w* |$ X; l5 q - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
3 i, A& z" s% L6 ^# K9 ~ - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]& B% S( j1 }0 P* z9 j
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>% u0 T! r" b; s5 S1 {
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]& f* Z% I+ @, K7 ^! ~2 s
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>8 v& l8 [7 E% A6 X# V
- [ATI Extend / zhibmaso][Stopped/Boot Start]
# j" j, m [1 _1 A0 ^; M - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>- j8 P) c3 v* z7 C2 m7 G
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]8 Z5 [5 t" k2 M4 a' h3 o6 Q
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>! B7 y2 o6 a+ D1 K- q" }1 V5 _( X5 `
- ==================================
* Q+ m6 W; k( g6 {) A$ w - 浏览器加载项
8 C% N1 A+ i# Y( [( {4 P - [Google Toolbar Helper]
# [ l6 j& \& A2 c0 e7 ? - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>) s, D! K% r. C# V2 u7 F
- [Google Toolbar Notifier BHO]
/ x( H% J4 R! c3 ^, q* u' g3 a - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>% ]: N2 ^) J+ [# F. z9 S9 Q
- [SafeMon Class]# I. C' W8 b% z- K. R* ?3 B
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
, B7 Q& J- z/ s+ y1 [, F - [kingsoft browser shield]
: s. V, z% {. K6 }/ q" f9 v - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
0 K) G! e9 k6 t' `; H* z$ z - [IEBuddyExtControl Class]( l' Y3 c' R, n$ W( Z
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>% q( x3 X0 K* Y% W. L" x
- [Zcom 杂志]
# c3 S$ |" o6 l4 m0 p& H: \% Z - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>( {3 }( `2 l. d5 z8 e- b! O
- [&Google]/ ^; ?( j `; b+ L2 Z
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
0 B8 O- O1 ^ T3 s - [KooPlayer Control], V: x, y Z b4 N1 r# |! W! _
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
9 Y$ k- M' `2 O$ t8 `" L - [Shockwave Flash Object]* h7 x2 b7 g6 w# V% @6 M C" `5 z, ~
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
, l3 F4 p) J6 I6 o6 U5 v/ [: u - [KUpdateObj2 Class]; }6 y. x5 w1 e5 ?
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>* @% N$ X& f: C5 o: P+ V& W H
- [Google Script Object], m+ F" d& |) X3 y1 s4 Z$ [7 v- e, E
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
9 Q! ^: Q* k; ~ - [EWA Control] p6 N& e% H0 H" u5 Y4 }+ y) H
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>) |; ]2 R4 l! U2 I, X7 `* l/ Z( q
- [Windows Media Player]8 b# o. S$ z' d9 k! p) r7 j
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
3 ]: k+ i+ e* l ^. o) R - [&Google]+ q) D1 H% Q) }/ V- P+ z5 ]. ?
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
* ]. v0 p. B$ G+ H c8 G; C5 U' E" Y - [HTML Document]+ Z% F+ W* |* w4 S% E9 u
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>% Z" Q" |! y/ G8 }: c. n
- [DHTML Edit Control Safe for Scripting for IE5]
; }! {8 M- Y6 @ - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
' L1 \: C# W6 F$ \2 V9 j Y - [RealPlayer RAM Download Handler]
, a; h7 Q4 \! L - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>. F7 b* m- {7 k3 x
- [IEBuddyExtControl Class]' ?/ h' D6 G$ Z7 w8 E( e0 S0 h
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
/ {+ d4 c/ V9 u - [XML Document]
: u: z/ o. t$ _8 \! {: n - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>- @4 Q6 ]2 @3 }$ H
- [HHCtrl Object]( W1 L; z H- z, a6 L, }
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
( U" p& |" c o( j8 c0 B - [Windows Media Player]
* }$ |4 O; W4 S- {! ^: j - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>! K- e* I( F7 a6 M2 l# @
- [Active Desktop Mover]
) C5 }# c2 ~ l1 D f - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>- P1 x" f6 W R
- [360SafeLive]
6 Q, I; P( W% I0 `) _( {$ W; H - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
1 v( c$ b' ^/ G& A& O. b - [Microsoft Web 浏览器]% E* [+ t# ]' x8 k3 n1 N
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>7 V# H5 I+ L2 h
- [Browser Enhanced Objects]1 A% n$ ]5 H _- X0 A( ~' p
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>4 `; `7 k1 i8 a# d( ]9 m
- [Google Toolbar Helper]
0 S0 x; Q ?0 r$ B9 D9 E - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
+ k+ J9 }# b0 S* t. ] - [Microsoft Scriptlet Component], g w$ O. h0 V5 l2 S
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
8 @- P3 U- I" o' `/ | - [Google Toolbar Notifier BHO]0 O2 T9 F2 z. _+ \( Z
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>; M7 p7 D7 J; h5 j9 k
- [SearchAssistantOC]
! _& k+ L$ O4 k) l( h$ m7 n! b - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
/ i( k" Y) g R4 I- F - [SafeMon Class]( p7 @0 ]1 c% O; ]
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
/ |# i" g4 H3 I+ Q% ^8 ` - [RDS.DataSpace]& R; Q6 m% L& f/ H8 d% v0 x
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>+ o" ?. R2 K1 @- Z
- [KooPlayer Control]
( [( W& }' V5 ?1 ^/ ` - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
F$ @$ [! S3 s# u6 r. m - [AUDIO__MID Moniker Class]: B4 A* {* Q! n3 F4 ]3 \
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>% Z2 f' p7 d1 G6 [% O; k* \
- [AUDIO__MP3 Moniker Class]
% m, U# @2 d% i* b - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>: \) e3 g, O [' f
- [AUDIO__X_MS_WMA Moniker Class]1 M6 }$ {* t/ J8 E5 v$ a$ p9 `( M
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>* V' F: }+ d( Y: Y, ~
- [VIDEO__X_MS_WMV Moniker Class]
0 d; M1 k; q" N& M0 E% A ~ - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, v' }; N9 p0 K6 Q - [RealPlayer G2 Control]
5 }8 J4 M6 P# V$ \ - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>$ g8 ~: B; b" x5 c
- [Shockwave Flash Object]7 }9 N4 i( ?6 j3 f2 a
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>; x! M- ?8 T8 e' A) [: P
- [KUpdateObj2 Class]
. A$ V" S# M/ W2 B2 f) J, b% d - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
4 k# \; \; F7 k* C2 c9 j) E' [6 x, @5 d - [kingsoft browser shield]) o0 P3 y8 g) |8 ~& v) @
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
. Q2 `5 d4 T) V ?/ v) q - [PasswordEditCtrl Class]
5 {$ H. k" i! n; i. c Z2 H - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
; S2 w4 e9 M* q+ `$ k - [QvodCtrl Class], i Y; [0 g4 T4 p* @9 _
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
7 C+ h; F6 N% t: D- X - [&使用超级旋风下载]
6 O- F* B! r3 h) T/ l: T' F4 \4 C - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
! H1 G9 s! ?0 ^, J" _" { - [&使用超级旋风下载全部链接]
| X6 R2 Y! Z; D4 P - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
/ ]( ?5 w6 j# p- u* p - [使用迅雷下载]8 C$ Y" q% `9 h9 i
- <, N/A>! {/ Z% t+ m* }( K: Z
- [使用迅雷下载全部链接]
# \6 D! l* ?8 J - <, N/A>
7 p; S% [' f1 w+ y+ ` - [导出到 Microsoft Office Excel(&X)]
& z' ` I! k6 y0 Z8 l - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>; o. n3 [5 z% N9 l+ L! z6 r
- [添加到QQ表情]# a" q' F" k% v7 u& m
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
# m; c8 ^# i& A$ V - ==================================
$ K/ ~+ I# u3 U/ |8 X! j. o - 正在运行的进程& q+ U! l7 t) ?" \% g: M9 K
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. |" Q( ~$ B! |( j$ W( S9 {. Y
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 k1 N4 y& F" I' L' I) R - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 i3 N4 s# I3 o! \* Q' k3 ]0 k- y) b - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]# Z" r9 b' P8 [/ A/ b$ L
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 B4 i! S8 `% c2 O+ I8 M( @ - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) W1 z4 G' g+ d7 I6 p
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) q2 f* a u9 s" {$ v - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& [6 S9 R) h( L9 x) C3 L- r" w1 }
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 s4 f# f: m9 l U/ R. u$ i# q5 i9 d - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 s" Y6 b7 w/ H& E9 }7 C
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* X/ h# A: f7 ]" P# N0 j) o7 `
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
* r8 O) j, r; d. L' Y% J - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 H; S+ H1 |0 |1 a7 J! n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% ~& W( Q( Y4 Z' f5 t - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
1 U0 C0 `. A# p" w& d6 ^, X$ H - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( K: k. g* ?/ q5 N9 W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
$ s7 O/ Y' K8 F1 [8 s - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
" `/ q% G8 W' [2 |" K3 e$ p - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0] n* e9 j' u, j
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]' Q3 h/ ]; {; z# W7 J a6 |
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
9 R3 I' ?: ?3 R' |% @# o4 Y) T - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# Z* H1 g+ j7 @/ m0 `
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510], Q3 D+ i2 y+ J/ `/ ]5 `9 M
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
, p. E. k5 J! a2 g5 U6 u2 H" M5 f5 t - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
! ]9 l% H" M# a t' J0 }7 R, ^1 O0 P - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]5 ], I- Y% Y! ?. S
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]/ M" F" D* `/ f
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 f- J t7 ?3 e* J7 Q* I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ t! H2 h! c" k- V+ \3 K
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]) I3 { ]3 g7 |+ o' U; r
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 P0 O% h5 @( d& n( R6 g - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ h$ h1 v' g; Z+ Z q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
. W; o5 {+ v8 X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 ?" p2 N9 u& \6 r; B4 i - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0] u( R, h: j" y: T
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]7 m+ u3 O1 y- R! K9 _
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
$ ^: k. o1 V) f2 S( S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 O2 ~8 l* ^; \8 z8 \ y- X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% F0 k7 r5 l8 v/ m! I. T - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]+ P6 J$ v: _$ z2 B. C5 {- _$ N2 q+ V5 ]
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
6 ]) s8 Z# u, W7 n' d$ ~ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]$ z+ f- v+ b0 @: W U8 a5 ?
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]! _' y% @9 Z, ~( t) v
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 s5 I. h2 a/ w0 p+ e# N- K
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]* G; _5 l% j; V9 @7 A
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ y) t$ k H, b" n" j% v ?
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) V0 |6 I7 e8 O6 @ - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
' K. B! N2 q" N* T( t - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)], n) B& F# Y( g8 @( u
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
5 {) M, \8 \# |: e/ x- @6 p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
@1 g/ F; Y: J# r; t1 E - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 ? s' Q F% `* _ a, f - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
5 J* {# V/ L( r - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
7 ]) h7 b7 x! x& \) O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]: z- n' i7 k$ q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]0 A* D r; h+ l; x7 o3 M( I$ G4 V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]& U5 v" x2 [* a } ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
* b7 @8 o, R6 x0 P6 \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
, _) I9 A2 Q# X) G9 g/ U2 _ _ - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
' t4 ]; H3 C- @' w' F - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
$ g+ d6 K, B( t" r - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]3 w. a; S- n* m' v. U0 x
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
4 }4 U. J8 M) W - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
7 m$ c. F D# d3 i. i4 Q$ d! T) f - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]) [: q* X( b8 w, U) }( J
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
6 P8 |. T8 U( n7 Z: H3 S/ \, q - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]4 Y: R5 Y# [/ H) b2 S8 k" a3 h
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]( _3 c) |7 _8 a0 v" v1 g L% _
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
z, H7 c/ u- K, k - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
, l) o" a- `2 }; d - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0] t* C! V6 s' z+ F: P
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]0 ^# C- V8 r+ v5 M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]9 L7 Z. T1 h+ v& N7 c5 Z2 r9 x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]6 E, N* _& Q7 y4 o
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# n. U3 i Y6 W
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]% s3 Y3 E g/ U0 o6 Q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 u4 X. s8 J$ E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
2 X; R1 x; Y6 b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 M9 `1 b0 f" n4 n5 o5 N9 ~
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
; i# h# @( e b& L9 c - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
3 `* d/ m3 S# {6 k5 l: G - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]7 z; H& {. H' ?% n7 K; n
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 j8 a2 k1 J3 t, w6 p6 L- i6 F8 h5 v - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 R& _6 Z" f( B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]6 R. ~6 G" U* G5 m2 Y$ [; K; }
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' a0 \. q$ k# F$ O" p2 N& R- o
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]/ P! d" D4 c3 C8 A) n
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! \. ^/ Z* ^ h/ \/ m8 a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# I" Y# C4 j) f! _4 o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: l3 G* K1 |+ e# \8 S
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]" q7 S, C1 o* _. ~# F7 W
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]) H% X( v) d) m" `# ]& K% ^
- ==================================) P( F) U& f; K! X/ ^) Z
- 文件关联
& ]7 ]) ]' e6 t7 ^ - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]7 z* r: F* z( Z- c$ A7 P9 o
- .EXE OK. ["%1" %*]' N8 D1 U9 M0 d2 x# \* A
- .COM OK. ["%1" %*]
: m7 {6 Z9 V+ w - .PIF OK. ["%1" %*]0 P) o6 C* G; Y, J! f; p
- .REG OK. [regedit.exe "%1"]; x) }. k% G" U
- .BAT OK. ["%1" %*]3 g7 ]! w' m* }
- .SCR OK. ["%1" /S]# J2 T: m* {8 f( R6 \. K
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]6 D8 U* Q9 o/ H
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]3 F- H! B. A8 U6 ]5 `5 q
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
" L9 G, B D# H. Y' I8 j' d% y - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
1 B% @' x4 C5 y - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]0 ^8 N$ y2 Z$ i W9 U5 _3 @
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]; z9 x7 y" \! v" M( s' \: k
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]! p3 K; w- C5 N$ S/ ]' `3 o
- ==================================! M! D6 [% B8 W' `- D! q
- Winsock 提供者
( Z% |% q7 x3 L. w5 l+ u5 K - N/A
; W% A1 K! E9 N5 A" k - ==================================
5 a( O, M: E; _: w+ q) x/ W - Autorun.inf, v9 ]3 J( d: h9 a# P
- N/A
( R4 u+ @1 `1 v; N8 ^ v - ==================================
3 u* }- }% A$ t2 k# q! f - HOSTS 文件) y- ~3 b. j& Q2 _, h
- N/A
1 G1 e, m$ p9 @5 e; ~& L5 j - ==================================4 W0 _" _# B: U1 l1 N* P6 w
- 进程特权扫描
& N3 J6 o2 C! }9 \# R$ L - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
" W6 V3 w/ Q1 S& ^5 S6 i/ @ - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
+ s1 \% R) s7 U2 S - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
8 P0 e1 h z, y; Q - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
! [# ?# W9 ?# \! S6 z+ Q - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]) Z6 @9 M+ B9 `1 I' ^; z
- ==================================* w+ Q# c# V' C& G7 N( U- x
- API HOOK9 G. m3 x8 c' `! Y& R1 m
- N/A
& Z8 d% A0 u4 C ?( F- M3 Q# s - ==================================
3 ^: P2 u) j2 g% Q; T - 隐藏进程 Y: p0 t/ {8 F; b
- N/A9 ~* L9 k! M! n) E j* F! C; G
- ==================================3 [" F( t- p' Z. _" ?
2 v E% g5 ~6 V0 e- }1 |
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
