|
|
- - a5 q- l- a6 ]) U
- 2008-05-22,20:37:439 O( z5 u: p$ z8 Q
- System Repair Engineer 2.5.16.900
7 T+ W U1 h( A M3 k - Smallfrogs (http://www.KZTechs.com)( H0 H. o8 E6 h
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
- j+ O+ K" m) H0 o - 以下内容被选中:; i/ a2 d d9 j* ]9 p/ y8 ^
- 所有的启动项目(包括注册表、启动文件夹、服务等)3 T. l. o4 x# B% i+ t
- 浏览器加载项
7 ~* f9 r$ T1 b7 ?% @ - 正在运行的进程(包括进程模块信息)
* Q3 V- a: W* f1 \ - 文件关联
; g: b1 { r6 j* |3 y - Winsock 提供者
' t3 S& ?) R. {5 I* h# t9 ?' j0 B - Autorun.inf) X9 ~9 d# ^$ e ?
- HOSTS 文件) R6 U0 N1 l' ^8 z$ L0 i
- 进程特权扫描1 c8 E9 B4 p4 P, y
- 7 G/ J( d4 g+ \. ?
- 启动项目" a" c3 v+ t2 U% e. E) H0 `
- 注册表
* x9 v, V2 m$ K - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
" ~ y! ^0 \" J+ S6 O1 m' f - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]' R& F& \3 Z5 P/ R. J
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
4 l& Z' N0 C; S4 p% ^% ?+ a" M; t) g8 b - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]8 |, @: a# V: x6 }
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
( J6 k2 }6 M/ y# B) I2 W4 _; ^ - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
4 B! ~+ R% h9 e3 S, i) \+ C - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]' j$ K6 t/ j1 s6 Q
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
7 C) {& k3 i( G* m) w - <PHIME2002A><; > [N/A]
! D2 M' L3 D R, y& P( D8 @' i - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
# G# S0 b# S, Z! z - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
1 n. \4 ]! ~" b. x Y8 N - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
# [) b+ G6 Z( Z5 e* Z7 @( h! S. ^ - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]# s2 C2 V# P! g6 G7 m) [) ]
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
1 j0 n8 T# q& Z- p' _3 o7 p - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
* C8 A* g/ O! [8 F7 X* Y! r - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]$ @+ {6 M' I+ ?2 `) X" T+ _4 s
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] T( G3 Y+ \9 p8 j* C# @- a
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]' r7 B- ?" Z2 c0 W
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]+ Z0 ~! X6 t* D# O A9 w* r
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
: O' m7 r/ |+ U$ e/ h2 j - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]% ^% o0 w6 [" p. n) z
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
9 P/ q- b; p& ]* {6 l8 _1 o7 p" n: _ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]5 b: R8 v4 q! h; @* z& ^
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
( N/ k5 b# r1 J0 |& ?, d2 D( D3 r! ~ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]- c. m6 V' J% m$ ]4 s: N$ x* C B9 O
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]3 q6 Y# D* q/ P. z+ x& Z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]5 H. U* `4 j8 F# M6 K5 u. l z0 p
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]6 y" k% R9 L' m; k7 O' S! l
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]9 B& [: p0 B+ c B) H) {
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]% x# @! j9 l2 Q. }- B
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]' A8 e! \. B& R( ?
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]9 r* i+ Y0 ?+ @, I6 c
- ==================================; g, m5 R- F- W! R- N/ G
- 启动文件夹$ {0 {6 Q6 ?; ]* Z- V) y' T: I
- N/A8 b% G3 E0 r8 a: j5 c
- ==================================- ^5 P; W9 Y1 J& V! m
- 服务
2 l" D- m* p; z5 j& |' i0 b0 z" d - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]* Y+ v+ K/ h2 H1 ^1 F9 y
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
% [8 L4 G' s& G1 ^2 `1 k - [Google Updater Service / gusvc][Stopped/Manual Start]
& o3 i/ Q' {1 I; t+ q- P - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
: `0 g5 b8 n, a& y* I( _4 F - [Help and Support / helpsvc][Stopped/Disabled]& c$ n! _* [0 ` a, H% \
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>; V A6 T1 L" [
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
- Q! U! i+ }9 C" W! E+ ]9 Y3 g9 d6 f* \' Q3 x - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>& q3 f8 E2 V% X: [& s5 i' C
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
z8 M/ V- J s2 X0 F8 E: K! M# ~+ N - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>3 F/ e* A% l0 s" l
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]/ w6 d/ ]2 z9 s# q* B# o `
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>. z+ A+ ]: W) I% Y, ? j0 m
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
% {# r3 L4 b g2 F; O9 G9 j$ m$ K - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>2 u" o. ^* r7 I* F9 {# y" J
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]. {3 V, v+ R; \8 {! y
- <><N/A>
( S! ~ b% u) g8 j( J - [Qvod Terminal / Qvod Terminal][Running/Auto Start]3 `0 L" d7 J) j- B. K
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd># T @3 p( g, S- Y* b
- ==================================2 g% q! r5 G/ S# K. y
- 驱动程序
) a9 {; i! e: q# L - [22j / 22jn][Stopped/Boot Start]! f4 }: t. T" Q) i% H
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
1 @/ j! p$ ~4 m* L E - [360AntiArp / 360AntiArp][Running/System Start]
* A2 d. N8 O! \' l. l - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>( F: [# D9 F$ _( |8 |; z
- [43ec / 43ecu][Stopped/Boot Start]
3 X8 j1 q9 t2 N" @ - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
' ~$ ~- x: t+ T3 z$ Q - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]+ T! V1 G$ ]/ N9 W
- <system32\drivers\ac97intc.sys><Intel Corporation>
( m1 ?, `" i5 _2 C - [Promise driver accelerator / bb-run][Running/Boot Start]
|! W% T& J) N; O- V V$ B4 p - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
2 p1 v$ {. f* I1 b - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]- @4 @6 t% `$ I1 z
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>/ r z' s' e3 t% X3 R- d, K
- [KAVBase / KAVBase][Running/Auto Start]1 g, |( C. I7 ]% v
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>$ p/ T) b( _# S# ?( t* C5 @; Z5 [
- [KAVBootC / KAVBootC][Running/Boot Start]$ m8 Q! r7 \; q! J) C0 _" {
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
$ e/ j1 k" u l2 b, r4 n9 ~. w - [KAVSafe / KAVSafe][Running/Auto Start]
+ _8 R7 d5 Q% a; s - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
% i% d$ v* B7 s/ p/ u' w C1 h0 J+ m - [KNetWch / KNetWch][Running/System Start]" i, U8 W( b7 H) u
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
! l; ]! ~& s Z# `4 D4 c - [KWatch3 / KWatch3][Running/Auto Start]
; \$ i6 l: i0 w# P$ p - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
& a8 [) r: {5 E+ ^/ `6 Y) Z - [ntptdb / ntptdb][Stopped/Auto Start]% H, s* w7 r+ r( y8 z [6 Z0 V
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>/ U9 u- z/ w% z5 P& V% Z
- [nv / nv][Running/Manual Start]5 `3 W Z# L: l9 p+ H
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
. R) B' ]- x4 _3 Z T/ Y - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
1 A3 _6 o' S5 z3 R - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
7 m2 z" @- x9 f1 p - [DDK PACKET Protocol / Packet][Running/Manual Start]9 I1 \1 N! b/ |
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
- ^; u O N- _( y: | - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
! ^( r9 X4 D/ k- j. J9 A1 ^7 g - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>3 R$ C, f8 F5 i$ S, H
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
5 E8 g# F# X# c - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
: J& J' k/ O0 _8 [3 V - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]+ A6 i3 F# g- _% F0 [. [" J: o0 q
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>9 _3 W1 @4 |0 z- u
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
% S# }- H1 ]$ h - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>" a4 d! f0 I* [* |
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
4 O# N3 j2 T2 l. Q8 T) r9 @ - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
# }6 Q: Q. c3 k$ U5 y5 j& H - [Secdrv / Secdrv][Stopped/Manual Start]! y+ A' E+ k( a7 C& o1 z* m
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>( j# Z" D. L, S& O! p7 S1 I( N
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
9 _, g% N. p$ A, j - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
6 k* g6 m. i) e% G - [System Restore Filter Driver / sr][Stopped/Disabled]
6 A, M* a7 W; `( z* _; n8 {' J - <system32\DRIVERS\sr.sys><N/A>
3 [6 t0 f1 G7 p' F( J; f1 Q6 c6 d1 T - [TesSafe / TesSafe][Stopped/Manual Start]8 [+ w5 Y6 F9 e D; U% W
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>- L h+ p% j5 Z' r' e; _
- [System Services / unzxzsrs][Stopped/Boot Start]( P0 ~7 A5 A. F* ?. Z9 ~9 b
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
! v) ~8 C6 j4 s/ @- m" a1 _3 j - [ViBus / ViBus][Stopped/Boot Start]
' l. d0 M) Y5 _: ?* g - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
b0 Y5 |8 }; X- U6 L8 {* s! J1 } - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
% I. l8 S# m: P( M - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
" T" H9 y A0 F0 \ - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
7 Z& j( R" s- i- q$ N0 ^. J - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
6 u+ F* ~) v% h: q$ n1 \% O( { - [ATI Extend / zhibmaso][Stopped/Boot Start]
& t) r+ P* P+ s4 C) S2 Y. Q - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
; s: w$ V3 P: O' @% m7 y- O - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
5 K2 V) d! Z, _) b2 c) J6 a" | - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
) ~4 O3 R! j+ ^( h! v - ==================================
; n% f) n6 |7 M$ ] - 浏览器加载项
5 j$ o* u5 H0 ~6 r, u' {% S# g - [Google Toolbar Helper]
0 A5 S, w/ \$ H - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>3 Z; @4 ^2 Y2 G) Y( Z1 V" Q# w
- [Google Toolbar Notifier BHO]! e& C. v4 x7 L/ i9 J \
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>1 S9 ?* U# K: t0 G4 y/ G
- [SafeMon Class]
8 t p) X, f( O8 U8 D - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
4 v! a" l$ e" n7 H- A5 i - [kingsoft browser shield]
: R4 m) Y; [4 [8 i7 p$ c0 m5 r - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
: Q! Q s" J- V, p - [IEBuddyExtControl Class], }" h( I" ~8 H/ L
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>7 O. x+ F( F) W5 b, N# _+ f5 C- m
- [Zcom 杂志]2 O' @7 d2 z( D# {/ L1 U4 m
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
. C$ x6 v% I: ` T( ]/ d4 \; c - [&Google]# q6 g0 i$ P' I5 Y6 x
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
- I p! |. n0 e: v+ M - [KooPlayer Control]
! P# W h9 [$ d/ t2 j - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
1 c, _ ^( W0 B4 f' l& a- c! |2 r - [Shockwave Flash Object]
- z' Q# u `$ x9 S. S0 K/ m6 t - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>2 T/ W& `/ a1 B
- [KUpdateObj2 Class]
: V# K5 w! \( \; ]* |3 u' A3 ^ - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>! [6 y5 p5 a; l3 N! q6 q9 ]& J: ]
- [Google Script Object]. ^) T& C) a& }6 S$ t
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>. l6 C0 S6 f' I2 @( L; d; k Y- k
- [EWA Control]
: b1 I5 @: G. T - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>9 W9 G, ^/ z9 I0 S/ |, |. [5 y s3 t" e
- [Windows Media Player]2 j, ]8 _8 R* E1 j0 X
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>% h* x) V9 K, N# S/ d* u
- [&Google]3 t! t( R5 L" H4 ?, Z: B; b7 O
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 K. Y- K a0 M8 M* j
- [HTML Document]0 [ t" X T, o0 f6 l
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
* p2 z! T! y% c$ z% j - [DHTML Edit Control Safe for Scripting for IE5]
/ Y* Z) S/ n7 e$ L/ J9 w m2 r - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
$ E6 ~& k' Q( ?! w: m* Z& ?! [7 c& | - [RealPlayer RAM Download Handler]
; S, f3 X* X' M; K' K% \8 W - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>9 Z: r' e) d! D; K
- [IEBuddyExtControl Class]/ S P. Y7 p5 m: c+ O: w
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>, @& ~( @9 e5 V! s9 \' P6 s3 U
- [XML Document]
7 v* }$ d) S: m- ^/ Y( k9 f5 t6 b - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation> d$ K7 [# D4 x
- [HHCtrl Object]; C( O& [* y- I" O: E9 g
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>3 V, R8 P2 m. F/ y/ T" Y
- [Windows Media Player]3 r2 a. o' r# S5 C1 R- J1 `
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>* q4 B; A5 A! i5 a1 M2 B5 u0 U" B) v1 S
- [Active Desktop Mover]
3 L4 P: Q- e5 ?! e3 @. b1 ? - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
. b1 }8 x2 }6 {2 x" i: I3 T# m - [360SafeLive]
6 N/ t0 ^8 r5 Q6 U5 R - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
! L, j# s7 ?4 D% g u% L - [Microsoft Web 浏览器]
G( P+ z2 g8 D% Q9 i- Z - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>- V! _* Q8 D+ g6 q0 G/ ~
- [Browser Enhanced Objects]
- A+ K& P' g; Y: x# f4 l - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
6 p- g+ X3 H; G$ n9 n - [Google Toolbar Helper]
' _( y0 T$ o- h; y2 Z9 L2 \* u - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
9 Z+ ~* x z/ G - [Microsoft Scriptlet Component]
9 ?7 o {% T7 @- ^5 ^+ L - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
: N& `8 X/ p2 M6 s/ W8 r - [Google Toolbar Notifier BHO]% V1 D" Q6 Y/ m' }
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>1 t& b6 E8 A( C' w
- [SearchAssistantOC]& l- A7 \% `$ l( l3 @$ q# j
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
$ e4 _, ^2 ]+ a% z" y' Z - [SafeMon Class]& C/ d5 [; n4 f; O% A' n. W
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
8 Y! `- p1 s& |5 O; }! P - [RDS.DataSpace]% ^4 h$ B) E, Z' d+ H* U$ M
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
( e2 {& C' x7 Q - [KooPlayer Control]! ^, F& B+ ^4 a3 J. E2 n- p
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
% t% x3 b' x! w9 j# r; x - [AUDIO__MID Moniker Class]( D1 n8 A% c( e4 r- A
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
" `* D$ l7 Q4 ^ - [AUDIO__MP3 Moniker Class]
; g5 V1 Y/ O1 r7 i9 B - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>: T& [$ M9 i: e) h7 y
- [AUDIO__X_MS_WMA Moniker Class]
% ^; j1 V! k1 O - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> b' z2 D% L8 X. @" X& C
- [VIDEO__X_MS_WMV Moniker Class] e# Z2 g3 M. I$ y! P/ L
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>. J) B/ U# R- x2 P/ h4 ]; F
- [RealPlayer G2 Control]
" K3 _. R( l: d9 y - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
8 M% y4 D$ M. }! i6 [- \* @- L - [Shockwave Flash Object]
- J$ U+ l! `5 b! u( U# q - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
- x: e/ |! q. L- ?/ t* L' A - [KUpdateObj2 Class]1 s, h& a1 C8 n8 G6 h$ L
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
. d/ i6 L7 D6 K* I1 n9 p - [kingsoft browser shield]4 x. I& O+ |3 J
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
* t. H. _5 \5 Z) l5 L8 V& G - [PasswordEditCtrl Class]& R, t, J) G) _% l# b& C( u
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>$ y, C) |/ l0 }4 P" D) f9 ]
- [QvodCtrl Class]/ O$ M( J" U5 E' G# y
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
, x0 E7 w$ C8 Y: ?: J6 z& \ - [&使用超级旋风下载]
? M9 C4 h$ d% c+ c" u/ ]% a - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
/ z- a/ B( R$ j; T, O - [&使用超级旋风下载全部链接]
F! q4 Y; x4 S ]' R0 a# ~ - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>" ^2 l9 P% `* q1 e
- [使用迅雷下载]' R9 g6 _% H: x6 l: ]/ W" D
- <, N/A>
B4 b, ^& M/ ]. D4 X - [使用迅雷下载全部链接]; s6 E' T/ ]! b5 @7 E# O* i) @( c
- <, N/A>
0 ^2 l3 ~3 O) k, Z- @. J - [导出到 Microsoft Office Excel(&X)]: B2 u) l& a1 I5 e
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>$ } D3 ^ z, A! ]
- [添加到QQ表情]! N4 g5 Y# Y N( ]8 t I2 B
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>+ k& U4 O' L, d3 Q/ T) W
- ==================================
4 V7 t/ t8 {7 f, v4 ^ - 正在运行的进程
8 T3 A: h2 ]& ]0 h; t* v0 W - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" x3 k2 T( u( p+ M4 w9 D
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 n) ~+ p: q, ?9 ]5 X
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! k2 k: i( i6 g! _" E! r6 x
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]/ o* L# H9 X3 V `
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 ~. z5 k- o: p! M; f- A, W - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* M, [0 u" h+ D0 u - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 ^$ W! i2 U' ]/ R$ R: B5 P2 ?6 e
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 `1 A' a) w* m( w
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 M- V. w M: X0 K, @ e! B
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# e2 d' J! a; |- P
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 \6 [' ^8 v3 F. c/ T' J* a - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
. D J; s+ E+ a% g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 ~5 n. f9 s l0 V- s4 ^0 T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]' G1 R6 {. h _1 R- p
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
$ F0 d2 G0 R! Y" b$ i# F$ F3 i) f+ W! b - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( A! D% Z0 ]( d& Z7 g* S# k5 d, S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
& U* c1 _9 v1 c; T& J - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]1 j6 X: N8 o( t) |2 v& w; y! t
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
) U; o0 y8 a1 O, e* j7 m3 e+ | - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
$ N. O8 X* l' G5 E - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]) d$ I) l, r# s
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. ], f- I" _6 i7 e/ `) e( Q
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
$ J6 f8 L7 q v% o& `- H - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]2 ]. v9 h1 i( Z, c6 I: _
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
Z- t# V8 B6 o+ D/ _ - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
; A5 @5 @3 F2 `9 p - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
1 A/ s: a0 {# \; z% I# R - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]' ]: ~) I6 j( a6 [8 p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" J& a' f" r9 A0 p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], b' Y6 `+ c& }/ n( B7 Z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 t: `* b" i3 _! }% `6 Q2 k - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- b' X. \% T C- I3 ?+ {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], p# L1 H# |% F% [6 ?4 a) E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]( c7 [3 n* _. Y) g& B4 C3 U
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 m, G& s; Z. i0 G4 ^% C - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
8 I' F1 J$ V }6 ~& d - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]& y$ i: O- O" F9 y( }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], D; Y: G+ ?/ _! U3 Q0 V) d6 i; B8 Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 S5 } t- e+ D+ m. o" g
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
7 P* [3 Q8 D, }& N# Z" Y - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
" E; _/ p) G, ^, c- H$ Y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
: p/ Z& d! u$ J- c7 Z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 I% @+ {- ?: [, l1 C* c: i
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 ~+ h, P/ v% O& ]' K( [
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]; B. l9 p8 m( H! j: C+ W" C. v
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: _+ H' E- R* o) d& ^/ L X
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 U/ c$ C- _* d( q2 D% W: X+ Q
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
' n$ `. ^3 v/ w" h- x) t - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]' k. s& T! I1 o8 D9 P1 ^/ l* i
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 o |( l& T! W# k - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" ^# m- G/ P1 }, Z- g* G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 }3 b7 ~1 M* n+ L* S, g - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]/ E% ~+ i' G0 |: `8 J
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]2 S* V: \% A. V: W! u/ N y5 c: e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]( X+ e/ @* L" W3 D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]0 g [! t# Y7 D! L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
8 f: ~, J: b# f' { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]' ^6 e$ e0 v9 ]0 P1 s5 z' L+ ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]+ r$ g: ^8 c2 d# o7 m6 z" |
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
( U& R8 ]6 h2 e' M - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
. c- T- Q6 T4 ?8 C1 [, ` - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]5 s8 g4 Q" w N
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]7 ~) w* }# M$ z7 v+ b
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]0 z& [ c6 e" n2 w( j. D
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]3 q1 l' F ^ v. @/ O4 V0 W t/ M
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0], U1 {$ B5 i+ R7 e( @; G
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
2 s) B, l: X+ W - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
# n9 \9 h1 U( I! R2 ] - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]. A9 ?' F+ g& r/ H) |
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 h7 O5 a7 g/ q& Q
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]9 O3 ^: E) o" [, h
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
5 b) V5 Y) P0 A* L$ A' v - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], X5 @: o- x& X: c' X7 y, F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" a; B2 X& k: ~1 o; e
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
! R8 P9 K0 \" ^) v/ ` - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
% n2 P1 k6 a1 B( K - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) `5 F v7 `+ @8 a! {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]' \6 N- t6 P7 @0 B# S8 j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# w5 ~" D# i+ T/ l! R3 |
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 M- V& J: v6 u! z
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
4 `0 ]$ g6 B' j/ _* N6 L - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
- b# ?; N% k, W* ^: ^+ Y, f - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 H, l; O: f. a; v/ b3 ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) I+ c+ T6 t+ u; P- d9 N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
6 \& Y) R7 {( q: | - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ ~9 N8 [+ C( j# y
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]$ ?5 H+ a$ ~. W2 ^ @' m" M
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) e% L# B3 ~; T: ?' s/ B s8 ^4 ~. [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( z: w" y( h2 F! A9 a6 o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]8 C {. x3 W0 W+ E3 Y* N
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
# u2 [/ f& {) ~ - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]6 i: | m% ?* i; p# Z- ^9 k! P% v
- ==================================5 @$ s1 X4 n1 \. x. J, [6 o
- 文件关联
* V3 E& I* [; M/ d9 H - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
$ H1 _7 F) [8 V. V7 y - .EXE OK. ["%1" %*]- F; ] [ H+ ^
- .COM OK. ["%1" %*]6 P- S* D+ d4 x: N$ P u0 r
- .PIF OK. ["%1" %*]
) S1 p, r2 z6 i - .REG OK. [regedit.exe "%1"]
5 Q1 v# p) k6 H% {2 m q6 H - .BAT OK. ["%1" %*]
& @# `$ u6 T$ e, x- j$ t1 x - .SCR OK. ["%1" /S]6 t* g' J( K( a! U8 {$ O
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
; F. ?7 O% k+ v& F - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]( V4 ^! ~' u7 B5 `3 k! v9 \% K
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
1 ~9 E. S1 r7 H8 f+ U, S, {8 ?" Z+ j - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] k& c9 W* s/ h4 }
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
7 s6 B3 D# {& C- r; U ] - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
+ c+ |" E- W% T8 J* Y - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
. M, C) t! M \ - ==================================3 h# ?( `; n6 i5 H
- Winsock 提供者3 t7 r0 u3 g u, @. L
- N/A( W' }6 z" ]! [4 }
- ==================================
. A/ L9 k3 W: u7 c$ V O9 ]+ ^" o - Autorun.inf4 Y9 |$ `1 x8 e+ u2 \' T
- N/A
2 v$ H4 h0 W- V/ Q& {' v- H - ==================================
; g+ E* u) Q A. D. v% m - HOSTS 文件
5 ~1 R. g" ]1 x2 A2 s% G - N/A
$ y: p' V1 j" o) e5 ^: K - ==================================3 e: R" ?9 O0 z
- 进程特权扫描/ n, `+ p4 ?& U* O9 s
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
+ m$ @3 ^( N8 D$ c9 Y - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]* p5 `- U' K) X: ? N
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]4 s8 }5 O5 n5 S" E% T. c% C$ x
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
5 y2 \0 }! u6 `' ]1 ~ - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]# Y1 S: l% E+ u: |' k
- ==================================& ?% {$ x" ?0 Y3 G$ _. h# D& U9 P
- API HOOK& T% C3 s# l) M; B$ p1 E( p- b
- N/A6 A$ E z( Q- Z" x
- ==================================: h2 |. e, y5 u) k4 ~9 F% l
- 隐藏进程
) `% n$ l7 c$ r6 F d3 S6 x - N/A6 n) [* N3 n: i( r) S) D
- ==================================
8 j4 S+ v- V$ [; P1 K+ X - 6 J! W: u9 m( Q0 o K: o$ y' D9 F! N8 m
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
