|
|
! J% v. k6 t- y- 2008-05-22,20:37:43
1 K, Y1 g8 J+ K8 Y3 w3 x, j+ l: [ - System Repair Engineer 2.5.16.900
9 L% Q, U x# j8 P - Smallfrogs (http://www.KZTechs.com)
& Z; |. F8 X+ f7 G/ o ]4 d4 [ - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
, M& G7 {9 c) u - 以下内容被选中:
# Z: K+ D0 u5 u/ c - 所有的启动项目(包括注册表、启动文件夹、服务等)
; q) {+ m$ a6 q7 W4 r, r - 浏览器加载项" p' z. ~0 u6 ?% @. S
- 正在运行的进程(包括进程模块信息)4 G- x# g$ j4 y
- 文件关联
3 M8 v1 F# O5 c8 Z K Q - Winsock 提供者
/ k) [1 O4 N4 p! }1 b - Autorun.inf. S4 W, o: l) d
- HOSTS 文件7 v# B+ }+ r0 y! n6 H
- 进程特权扫描0 Q* y! J7 v) C7 f5 _" ~0 [; k
- # A7 w: ?2 N, r, @, o/ @7 J1 a
- 启动项目
. V3 A& R r# i0 g" H& |, I - 注册表
9 u+ R0 y9 x- e - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]! u4 H% |- O7 h* g
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
; D9 z/ Q* ^% B% e5 m/ I4 K - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
& H/ M+ _; c% [/ s - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
: l' x" p7 {7 [* \( q& K - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
1 a# Z8 j% V3 j! M - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
# K3 T$ y/ U" W# U - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
0 w, p& U8 u: _8 ? - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A], J K, m+ E* z* p; N& u+ I6 V( W
- <PHIME2002A><; > [N/A]& l; ?) i6 A& {/ S
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
5 G6 L9 s7 D* Q- `7 K) x( I. f2 g, v - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
y' w0 `; M9 T) y+ M$ Z0 P - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
! l( z0 o1 w+ e! e8 n - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher], C. x3 k. Z) D
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
8 \1 _) Z" O; |- }! b, G6 c1 a7 t4 o - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
' T+ u/ K( I4 n3 n k1 d# ?- J* K - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
5 x: E# ]2 x# V/ e- ?( r1 p) @ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
; Z' e: ]1 l# v2 h5 z, g8 C V; w - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]" n" V+ l% H7 R2 G
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
9 m. }! Z! R' g: d% [$ M: j - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]& V& ^# Y* J8 E3 n- @
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]6 b- t" t# c" m% _
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]( `' s3 w; A, u/ N [: Q& J$ t" w
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
% g: g- d" w% _' j$ m3 N0 C# j - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
2 V7 r0 o8 \7 `3 _7 n - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]7 u( J2 i8 {% O+ i& V* G' a
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher], B4 n7 ?; Y$ Z! _
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
4 L7 {1 ^/ w& E) w8 ]' J2 ~ - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]1 c# S" i3 d. c- s: {. ^
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
( N. y& y. W' T - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]2 X" t1 ?% t/ R6 l; E) U
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]4 G3 `+ e& y7 `) a8 }0 f5 b3 x
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]6 Q8 a) ?0 ^$ F( N0 g# \! L
- ==================================
# B& e- |7 k$ C7 h( |/ c1 k; s - 启动文件夹. b+ e! _; U7 B( \6 d) X
- N/A6 |9 @9 d7 ~2 ^! r4 h
- ==================================
4 V! Y. n ]0 `( y) W3 T r - 服务
) y& W$ Y- [8 R7 V! f0 A4 q - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
( [1 ~* ]8 e2 f9 [ - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
& V; V. z n6 v - [Google Updater Service / gusvc][Stopped/Manual Start]: {0 K' |0 [7 W1 i7 G( a6 b$ m I
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
2 p1 z9 p4 f* C% z/ F- S* X - [Help and Support / helpsvc][Stopped/Disabled]
2 i# P8 h) G0 T2 A- P: K! w - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
4 u' l2 X% Z8 ~/ D* J3 E" ] - [Human Interface Device Access / HidServ][Stopped/Boot Start]
$ e2 m9 z8 x( q, p7 Z1 `! e8 O* O5 c0 e - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
. r: J" T8 I5 O# ~1 y( Y9 Z; R- E - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
3 I L1 A Y0 Q; [. H7 Z& x F - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
& s+ u+ A9 J) m% p2 P' R - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
5 J! I9 ?) U% J1 h - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>. P/ z8 C5 X" Z8 R1 T3 Z
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
5 l6 M( j+ e5 C' R) U2 L' H6 M) R; g - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
/ M0 V0 m# c( q ^6 F - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]: h2 K/ q2 I' Y1 f m
- <><N/A>. y9 h: o+ X }4 s" i
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
" Y( e% y' E3 V8 C - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>! y, ?: a% ~+ G5 L3 E* [
- ==================================
4 N3 X& o! ?) b2 L: e% h# J - 驱动程序) s9 W7 V5 p% U8 \/ u
- [22j / 22jn][Stopped/Boot Start]/ v" [& x% ` e0 `
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>" N& Z0 w% t$ |& U; h0 h8 C
- [360AntiArp / 360AntiArp][Running/System Start]" ^% g, Y! e& j& ?
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心># b6 b {# j! T) b! U1 O& W8 C" l
- [43ec / 43ecu][Stopped/Boot Start]
% Z8 k2 G2 _" ^% K A* s - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>$ O. h$ Q7 `8 T) o
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
3 n. p# a: ^- ~ - <system32\drivers\ac97intc.sys><Intel Corporation>/ ]* v! O, a1 O( T
- [Promise driver accelerator / bb-run][Running/Boot Start]
! L" a+ x4 v/ u/ n2 P - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
1 N( W/ u5 C d. a8 l - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]7 \7 O. f5 `- U( l! U# ^
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
$ Q! m; }( l& T1 J0 p' ~ - [KAVBase / KAVBase][Running/Auto Start]' K6 u& X3 @$ a( {- D& T# B
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>( K$ k9 Q( e7 l) E
- [KAVBootC / KAVBootC][Running/Boot Start]
) c. n" ?) E7 N/ H* x6 G, Q- ` - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
! j; m+ K: ^9 d) t0 V - [KAVSafe / KAVSafe][Running/Auto Start], |* e+ P" }/ q9 B" T
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>$ Z; I, ~5 \' k$ U
- [KNetWch / KNetWch][Running/System Start] G3 |. |# p" o1 _: f( F! x
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>% [9 b1 Q1 u1 a8 f1 w r
- [KWatch3 / KWatch3][Running/Auto Start]: L5 \1 u) y: |+ q+ z
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
/ ~% n0 X4 _: c, X7 \: | - [ntptdb / ntptdb][Stopped/Auto Start]8 x5 U9 @1 m% n# S) _6 A
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
; T' Q) m ?3 \3 `1 D - [nv / nv][Running/Manual Start]+ ~2 g5 W9 V/ D
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>( V+ v$ e j: t+ Y$ b
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
6 H) n' d" V$ y, N* V. N' ^, x - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>. h+ e( W, ?/ h- _9 E& f5 R8 l; v
- [DDK PACKET Protocol / Packet][Running/Manual Start]6 o/ R8 f( P( [2 j/ B5 }6 G
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
9 Z& g0 w7 R7 f$ V' F - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start] U: K( N+ f: ~" U: ^7 L) n- S
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
0 }4 A% D3 L( K, n% } - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]* s( T, C' U0 b0 K# p5 z& `9 m
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>, s4 g5 ?# M5 w7 X* Q9 u
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]. D5 b. c" ^" V
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>. I0 K8 W( f1 a8 _% t
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
% \& j: t; i: i, n. r - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
1 n- f. F- z7 {# w - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
0 R' w; T0 i0 G8 O - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
1 M% H0 l* B$ S- m/ a - [Secdrv / Secdrv][Stopped/Manual Start]. R( z& a5 W- x7 x$ k! @
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>9 \3 k7 ]+ G3 Q5 W4 j* z% d
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]2 Y3 u$ G4 }$ K w
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
$ k- C! t7 q2 g) ^8 c - [System Restore Filter Driver / sr][Stopped/Disabled]
9 y0 \/ E. H, o. _; a4 D: o& x0 E - <system32\DRIVERS\sr.sys><N/A>3 Y4 I4 z. O# b0 v
- [TesSafe / TesSafe][Stopped/Manual Start]: j2 |" E9 x" H
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
5 O8 B" }6 j) F3 k - [System Services / unzxzsrs][Stopped/Boot Start]- g. d" u( {; O' J: K% m! y7 ~
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
0 |2 y% R6 V# W6 H9 U" N: m3 S - [ViBus / ViBus][Stopped/Boot Start]* R7 t7 v1 Q8 Y# w9 b
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
" _- e' l- B# a- a+ d* z0 A; E - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
* b8 u1 C! k6 K+ X3 D - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>% R8 D. S7 Z- c$ Q
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
' ~5 z; C$ r" m* y2 Z. n - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>0 R5 b7 R# e# ]( [
- [ATI Extend / zhibmaso][Stopped/Boot Start]
( U' p! }5 B+ N: X; U# ]& M1 }* u- k - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>" p) r4 F% V6 q* V' m+ d2 Z
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start], k, a5 X; S3 C
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>/ W1 Q" z) W, C0 g' r
- ==================================' ]7 Q4 a3 L ~# P: _
- 浏览器加载项
$ ~" m0 G, B0 j+ @* a+ U - [Google Toolbar Helper]
5 x1 Z! ~2 u- d8 d9 I' o - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>9 {% n2 h9 ^& F4 @0 K6 W
- [Google Toolbar Notifier BHO]
Y! u# P+ S% a) n; T% a( | - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>8 y* W8 Q3 l) y1 Q* j+ I. ]4 S
- [SafeMon Class]
! g, ~' R- D h9 |) Y* J - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
/ m0 w5 Q" D3 L2 \ - [kingsoft browser shield]9 }& u9 n0 t% ^" f6 S7 R3 L
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>& K) q% Y% { G4 B( q
- [IEBuddyExtControl Class]- \4 p" r# ^" \ u4 D! L
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
9 N5 H8 i7 h) f5 ? - [Zcom 杂志]
4 F P8 J8 K6 W - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>7 I* K0 l. p: d, {8 d% W
- [&Google]
! d6 Z/ \/ M, k4 W - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.> w$ w% {% [$ J0 [
- [KooPlayer Control]& I+ m: L* f7 X
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos> v! O3 A1 c( D0 D/ N: h
- [Shockwave Flash Object]
, T7 c- N8 A. A: T/ h3 K$ F" n/ } - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>5 {* E9 M, V& E& D
- [KUpdateObj2 Class]8 `. ?) V# Q: s0 S2 G5 Z6 b
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
* V8 ~5 u j& `: g: k3 Q% j; c% ]6 b - [Google Script Object]
4 A* y4 _4 b* x3 @, ^ - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>; n; _! d3 C2 q
- [EWA Control]
* L& H8 @/ L: J5 A2 W) B - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>+ [/ O. t+ w9 T* t
- [Windows Media Player]
* ]3 Z0 K, A N& b* m* V - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>" p: [! c3 p: \; I
- [&Google]7 a. y5 ~: Y/ |) r
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
" m( A I3 B' x - [HTML Document]7 @& m9 s9 Z# I/ E- Q7 |3 {" C4 O
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
8 T5 P, y/ S6 n" j& f - [DHTML Edit Control Safe for Scripting for IE5]
, ^. _9 V; U5 z( x8 {! { - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>0 |5 e I s8 g$ c
- [RealPlayer RAM Download Handler]
; [# S- c6 r+ U4 D m - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
; {2 G i8 y6 Y h; p4 @2 \ - [IEBuddyExtControl Class]
; `! G7 D- j0 u$ a& Q* Q+ C. E - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
0 l/ i. w* n( M) P! x! R - [XML Document]* {# k4 o0 S1 k1 c* l M7 R
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
; ]0 \ d$ z! i P# r% c h - [HHCtrl Object]! n. ]6 G. D( ]% D d$ R
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>5 G) s7 S1 g( {; X- E- m2 W! |0 V
- [Windows Media Player]
U% {! y X% T6 I; _- C+ _3 ]$ ` - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>. }0 ]7 I" o# V! `# d Y& E J$ M$ a
- [Active Desktop Mover]
2 l( l! Y: j5 | - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
9 w8 x6 {, ]4 |0 R - [360SafeLive]
. }& i7 L! G# f; o5 t6 N# b7 | - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>9 ~/ k8 |/ u1 S8 W+ M' c
- [Microsoft Web 浏览器]
, n J8 K$ A: F+ J - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>4 I& j6 C2 {% I3 V
- [Browser Enhanced Objects]: K X) P8 N4 {& @% z- s, P- f
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
1 c5 B; b+ H2 ?, k* u - [Google Toolbar Helper]
) _- W1 s# A& k5 c/ m( f- |" F - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>$ z% H/ N% ~, N. Q4 {5 [: S. v
- [Microsoft Scriptlet Component]
0 M$ T7 m+ U8 o9 I5 b8 K% h - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>: R% n- p) ?7 i; }; R: @/ _+ B
- [Google Toolbar Notifier BHO]9 A0 l- B D" X' L: S
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
% [1 n) a6 E7 ~! C' [ - [SearchAssistantOC]5 W' w8 I5 F+ y: _/ i
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>' R" w& D0 j, Z; N7 s1 l0 J8 [. ?) H
- [SafeMon Class]% \/ H( J5 M$ `4 h+ j, A
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
8 C2 c1 u) C" ~$ N! } e - [RDS.DataSpace]
: Y1 _5 l& l! |( c8 d: b: Q+ p* ` - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>6 Q$ q) x& a4 T/ n
- [KooPlayer Control]
6 I' t0 h/ M% s" E - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
7 S5 c4 n6 K8 P L1 R. s$ ? r/ k - [AUDIO__MID Moniker Class]
' L6 U: N; \* X4 t' B* O. H( c0 i - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>1 k: ~# D* C8 q3 K! m& x3 v
- [AUDIO__MP3 Moniker Class]) ]6 k% x4 Y) K/ X+ X: N
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>+ {7 _; [4 \1 O7 {" u
- [AUDIO__X_MS_WMA Moniker Class]
" Z# k! L; ]% h+ d. D: D - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>/ |' N1 p* B2 a9 s7 V
- [VIDEO__X_MS_WMV Moniker Class]
# L# E1 H( X5 `8 r5 X$ ^$ u - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>5 t% s5 G: W1 F n: J: o( d
- [RealPlayer G2 Control]
3 M; j4 A6 t7 j: {" v9 I - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
, [9 S$ {$ j% U: h& T" U0 p9 d3 ^ - [Shockwave Flash Object]1 o) ~8 h& S5 K- |1 N0 O5 v3 s
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
8 z4 d1 M7 x3 J$ c; L - [KUpdateObj2 Class]# }" p3 [. S+ e: L
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
! A* o) W* W W - [kingsoft browser shield]
/ W& h! ` V4 {. r( |5 t( D$ p - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
' `: j8 l5 M: i0 F6 P- l. { - [PasswordEditCtrl Class]
" K: U1 M& ~ E' ~) G5 G - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
; P! [# Q4 D; T- n' O" d - [QvodCtrl Class]
$ k, ^) B; F& P$ h6 p7 A& J' E - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>3 _' u, M7 N1 @. q/ i- @" S
- [&使用超级旋风下载]7 c( P/ x- [ H! a
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
2 d* T; g, A$ ~+ A* x - [&使用超级旋风下载全部链接]+ g! a9 t2 t7 g1 \7 G: J1 _; {
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>' Q2 |. c0 M0 _5 v1 i2 C- v/ l
- [使用迅雷下载]
: d1 A1 Y6 Q6 S7 k. ~8 K! [3 c - <, N/A>' V `) F, \7 D; b5 M" s
- [使用迅雷下载全部链接]
# T4 T; t. V+ w: T5 F' Y7 R* z - <, N/A>
) y1 C1 I& B y - [导出到 Microsoft Office Excel(&X)]
# |2 i: n: Q9 K2 E8 R1 B# k - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>! d" V" A" z- @, i( a- f8 c
- [添加到QQ表情]
5 q" K1 ?3 p/ d/ G - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>9 X6 r7 N* L: C: u' h6 Y' {
- ================================== K: _! k+ p8 B7 q! L3 M/ g
- 正在运行的进程
7 w* A# A- {3 ]% Y9 N0 y - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 w. Z2 t5 M, E. i* s- ?) f0 k+ d - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 Q$ `5 W8 s4 l7 R) h
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 W& m7 Q' _) I" {( G - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
Q) x2 m" B) c& O - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 r$ f& q2 v c( Z' U7 \
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 N: \3 d: w& p8 ^
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- V% J. ?- d# S9 `
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 ] ~; H# r' t1 s! ~/ ] ^# y
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 ]" a1 N# l0 |8 `& F8 |8 a2 c - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( o! @: Y) I+ N3 |$ c5 u0 I - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 A- }4 i; K! T - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]2 e" y/ Z. F& x1 r" I& B
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]2 p0 i* h) `" E) L! s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) V5 Q, F1 F2 J- m8 E1 r8 c - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]- w& ]8 W& @8 l8 Q0 |' P
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) y+ M9 F0 x; Y# Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
/ j' T: Q5 [, P9 J* A0 Y0 M - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]! D( L9 }& r1 B( _+ X; L
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
% A! }. w' w* I; R7 S$ j% y1 T - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
: F2 E. `3 k3 \7 M' } - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
3 q% `5 y* ~4 X$ G - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 F$ x& V+ _! [ B% I - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
9 e0 {! D8 O2 K7 { - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
: }/ d2 \$ s$ q' Y) @/ u - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
! B4 [3 X x8 l, O - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]$ Z- e' D5 b4 [' H9 C
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]8 E h8 x9 H, N) \# F7 _5 M
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! e7 V- G/ ]) m/ t) h8 _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& ^& e& ]3 l# J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ x0 O- |% L7 w" m! P+ T3 S; v
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
- i: j, G+ t4 X% o - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* h) }# M& G* o" K- I1 O$ `& d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ q4 Y; q4 s K* z/ ^' w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* i$ g: k# r6 ^" q! j! ]
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
0 o: J/ v, i, x, a - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]. o2 v( s6 R8 E3 U
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]7 b# o& F9 h7 R3 g* I A, E9 p# }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 m$ Q2 h/ o: \3 _1 s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 z- R' |7 X; u8 d: q7 _* m - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
9 v7 D& M- k0 ~7 @ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
) {5 S$ u5 m: F3 T/ D - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 w/ u7 D, X* N; y2 v4 E
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
, ` ]1 G. q" o( ? - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 ]2 _7 ~1 s! i3 ~5 K* U( {
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]5 I) H: b$ S- i5 b+ Z) ?5 w; G
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 z( A+ U- A& S- Z% Q - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) R, E# [7 o& G# G, F) X - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]3 o- {% Z& G" L5 @+ S! J* P9 @
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
; q- U7 R$ t+ q; {$ L. Z; D( `: Q - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 m% x O2 n. ^( x* E7 T9 S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, k$ k0 T+ P9 }5 B0 u* y/ j1 } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. T* x1 P1 |+ Q+ f) d7 c - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]3 H% {4 _- ?# M8 L: T2 h
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]( F+ n" {* j6 J/ W
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
' D# v* D ?/ k" r' h- ^+ Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
! S+ |( l2 P- p) A6 w6 M$ J. { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]' o3 ^6 u! O, A3 R; }1 E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
9 r2 I4 i$ G, m" K' o9 A) L( ?8 Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]( O& e: o J& c6 {7 j' X4 P: i+ O" W
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]1 g0 Q3 z" R: N9 E
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
) F a# z4 B7 N: Y. ? - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
5 m" Z! E5 u+ W: @ - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
$ E% s; }4 [0 i" G$ }- w* e0 b7 \( n - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
& ?$ p* X, X( W v - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
2 p+ x1 ^+ d- M8 O5 @ X; u - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
9 ^ z% M# n% F, z# O - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]7 C( {' E3 y/ g. R! ]; B' P
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
8 O, e% L6 X9 o0 L# V3 w+ D - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950], I. h- t6 n+ z6 v7 W
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]" z$ h% k; ~$ G1 K2 M0 R0 p
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
3 d: M- v* R) w$ S# c% n1 n - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]# H9 N: v q; H l" \! r
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) b) I7 c g" y# `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
& f6 e$ i7 D1 p+ |2 S8 T% J% ^8 W - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]1 x) W( C+ g/ N- |7 \" _+ e8 F( h9 a
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
( w' f0 ? W* o# R! J' i5 f - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; c- a' r& u# _& {) h) d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
7 r5 B* \9 d7 x4 T9 x6 |' e - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 @. z4 p, ?( H' a& X6 _' q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 z: l) [! `8 @ p. w$ x
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
( j% ]1 X$ G: Z% n! G3 c) N - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
6 a5 f9 n! {" c9 N; _% [ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 `/ E7 P! ]; y/ V7 Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
# ]0 o7 N* j q$ W' z6 l$ E0 E. I* j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
7 C* U- C7 G7 d) J7 h9 Q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]1 G: u* x& P) O& x2 j) b" X
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
# c* m* B1 e9 I/ K - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
% o+ p3 e% O' s3 `' L! W. C - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( z7 g/ ^) f' _/ a: _. Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]- M3 Z9 }: h' ~ g% b# W# g
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ ^. k; k1 K7 L2 b& n3 m% F - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
2 G+ ~) m4 _/ a p8 g7 f' @) _ - ==================================: t) \# G5 ?) T) Y! N b
- 文件关联2 h, C3 m+ A8 C- b, F; s3 y& i
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
5 A" x, l3 g' P0 U - .EXE OK. ["%1" %*]
c# t0 A6 v8 J, F - .COM OK. ["%1" %*] @7 T( n( d, q9 b5 O# p7 @! v
- .PIF OK. ["%1" %*]
' e/ q: ]$ |7 T4 Y& h | - .REG OK. [regedit.exe "%1"]1 J1 k; }5 _" B% _2 Y+ w
- .BAT OK. ["%1" %*]
4 X- z" h3 ^% u& f3 d" r# j( s - .SCR OK. ["%1" /S]
" a2 N8 ]0 I! }2 n: r - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
3 S. V+ K6 `! h - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
" H% V' M$ J& l4 T' y - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
, V, D! Y* L/ a, Y5 e - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]; Z y. q8 r1 V8 u0 E) O
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]1 x! s+ ]" p$ i$ N
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
# l+ z, S8 U' R - .LNK OK. [{00021401-0000-0000-C000-000000000046}]+ _! F: A3 i5 C/ H! y- v
- ==================================
4 s0 a% v5 L- j: y$ q: r! u - Winsock 提供者2 o% A1 w7 y" R8 O8 T% N7 i
- N/A( y! e8 A! T! G+ B
- ==================================
+ E7 A8 u8 N+ X7 j5 O9 l - Autorun.inf
, j( w/ I9 C2 ? j- } - N/A3 v! n- j$ ]" V6 O' p) V5 v
- ==================================( W- L% M! Q3 s* D, }7 V
- HOSTS 文件& T+ H l' } M/ f( G& k; @
- N/A/ |( y; U6 Z# M, K9 L6 k8 g! D0 E8 y
- ==================================( |. n5 c3 Q% s. c" k
- 进程特权扫描& ~% j: u4 ^# v) w
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]$ S* U) w# l: N% G
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
8 `2 A1 p C* Q6 \ o8 O - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
2 w6 l# @" g4 n/ x# d - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]" E# w+ J; m4 c
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
8 b7 G/ P8 X# `% X" ]: T - ==================================; v L. E* o3 T
- API HOOK
9 T. g0 Z; @& e" {4 Q# f - N/A
9 A. y: ~( M! r8 ^2 g - ==================================5 ]# ?, C& m% x5 b% m
- 隐藏进程* p G/ r7 s# ~8 b3 a6 L! o) @
- N/A) @ |0 j8 |2 W7 A8 X0 F* s
- ==================================
8 ~" k7 y3 R5 f0 B - % g& z# X0 z l8 f& a( ]3 C, W
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
