|
|
- % b9 Z/ d! b' k( d' m
- 2008-05-22,20:37:43
9 Q0 B: M& X: S4 {6 z - System Repair Engineer 2.5.16.900: }/ l. p+ N5 S% J* j% _7 b" O$ n& ~
- Smallfrogs (http://www.KZTechs.com)
6 r7 {9 _; A" N/ l% M# H" V4 K% ^! U - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能5 ]* c: N3 g1 j: ?& H1 }; @
- 以下内容被选中:
1 ]2 R0 v6 U- V+ V9 U4 } - 所有的启动项目(包括注册表、启动文件夹、服务等)
/ F. k% Z7 S8 H) W4 I - 浏览器加载项
( I+ D @7 x: g - 正在运行的进程(包括进程模块信息)
6 H; y7 h8 [/ ]( z - 文件关联
' @0 B! E8 V/ N# d3 J - Winsock 提供者
3 j" I# J5 D0 Q( [ - Autorun.inf
, ~' A3 A4 U( k8 H - HOSTS 文件
4 V* C" X! V& { - 进程特权扫描
# E! R/ T$ N* m' m - : Z8 n1 J) [9 P* J4 U
- 启动项目
0 v2 D8 ~! E/ Y4 A0 Z4 x - 注册表" W. ]3 |* @- d& }7 |6 ?
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]; c' O9 j6 c M
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
0 }* w* v1 n5 Z7 b - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run], y. R) E5 [& r( r& f2 z' l$ ]' f
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
2 ~) K* V# s- U- O7 c1 f6 @" [; M& L - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]6 Q9 {2 x- F4 {; ]* u
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]- C4 Q9 N& u$ j' _, t: J: P
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
, z e% o) Q6 C, s' C - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
- _ F2 W) k: n - <PHIME2002A><; > [N/A]) X* g" k7 J) D; z& p
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
T/ s$ f& m4 @; l( V7 C' L. l - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
6 O- B+ [4 r- M! j. B$ y' Z - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]/ R( B7 i% T {8 }' e5 z, |
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
7 G/ M7 c& O9 u: A4 g/ W9 \ - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]7 ?/ e9 l& l# z! s- G. t
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]+ p: M0 S- m- `" y
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]% ~+ N1 q- R c
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]0 y4 K) Y1 N$ |1 N# y3 u5 T( A* o
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]! A" P8 w6 X. f1 ?
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]7 i9 [" f5 O9 u
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
1 O+ f( g Q/ A e! J - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]7 s# o6 o$ z" o) }6 Q/ U
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
: |) l9 a* |# O+ e0 C9 V- ]+ q5 T - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]/ D$ X$ W) B' F$ K3 e
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
$ J* V2 D2 o: j& }% {& g L% D: i - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]1 p- _. B6 y8 ~# ^/ `5 ?
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]" d! `# _, Q0 F
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
4 p l4 b/ c" B. N - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
4 [; D! g2 Q$ G! y' T" p - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]& w {8 S' O$ R0 ~
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]1 D" v7 J# r) d& L% N
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
- z* C" _1 p5 Y& R/ W - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] m! n/ K6 Y, w) V
- ==================================* v2 l& w5 t, v" d# z6 s, O& l
- 启动文件夹) v8 Q* z5 a9 S" A5 h" V
- N/A! v" n3 x% H! d& W" r( k( T" U' f$ E
- ==================================
1 |8 _1 g# M, P4 U/ l; Q, K3 j - 服务" ^7 A! Z- y( e/ p( Y* S8 S
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
0 k$ v z* a d, j' L0 M" _8 a - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
3 t, c+ y, d0 X! D' q. f% _4 L: y. m - [Google Updater Service / gusvc][Stopped/Manual Start]
p1 K" e* r+ m7 b! U/ R - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
6 Z: }2 d, {- V. H& R# F7 v - [Help and Support / helpsvc][Stopped/Disabled]/ U: V$ h1 f' n. W# }6 V
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>* G6 I$ f$ \4 f; V" Q' [- n+ k1 Q2 ?
- [Human Interface Device Access / HidServ][Stopped/Boot Start]* D; p1 R+ I- q C1 G
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>3 @# j7 x8 a5 R
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
& U! ^* A8 `9 H) @+ R2 C* [% c: q - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
! ?( s8 f- h$ k" V - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
, t+ g6 W Z" m* W9 S: B7 Z. n - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
, A- `! I+ ]" ~ - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
; |" C, n, R6 g4 N# s- h$ G3 P1 @ - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>7 s) |0 ]2 f( W t
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
, T. a1 T7 Q7 u+ @9 \, ~# t. ] - <><N/A>
2 ~1 w; z& I) Z7 E - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
$ C7 q) \7 c% E; ?. X - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>) p, a6 |# V, u+ T8 c: i& U* U/ F
- ==================================! w9 u5 V0 N* L# Q7 ]- l$ Q. V3 f- x
- 驱动程序6 B/ Y4 i X9 ^ G8 w6 O( h
- [22j / 22jn][Stopped/Boot Start]( Z: C5 J; `2 u" ?7 Y3 j
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
: b7 G- Y0 F# y# i - [360AntiArp / 360AntiArp][Running/System Start]% m- W1 F; F/ ?; f2 u; g% `1 M- b
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
; }1 I) T0 t) ?( c - [43ec / 43ecu][Stopped/Boot Start]
% T/ z' Y1 R' }, @* d/ \: z - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
& z k" A' X; k' g5 N - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]' L1 B! X, c& E# K+ h
- <system32\drivers\ac97intc.sys><Intel Corporation>8 B; }3 \! P; v( z8 ?, L
- [Promise driver accelerator / bb-run][Running/Boot Start]
' s* C; f0 m! V% P8 r" {, v4 u! W - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>( Y. Z. Q" `0 ?: _ [
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]" C6 d' j: [+ M& W* z
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>2 H3 ~4 {/ }' l. ^1 s0 ~
- [KAVBase / KAVBase][Running/Auto Start]
, a" Q; f! q* l) E, K( R - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>5 [$ F2 {- D& R) F6 Q6 e; R( ]% z
- [KAVBootC / KAVBootC][Running/Boot Start]
2 @# S) s' H; {* p6 r1 n - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>8 H- N; |; z1 ?7 L
- [KAVSafe / KAVSafe][Running/Auto Start]
# m2 f$ s, |, Z8 [* K - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
, J, B7 l' U3 _8 O( V6 ^6 w. h% [ - [KNetWch / KNetWch][Running/System Start]
' R$ r7 ?8 e7 n4 `3 ]6 t: j - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
1 ~7 Y+ q# r7 ?1 u% ?; U/ Q - [KWatch3 / KWatch3][Running/Auto Start]. E) g+ N# ?; z8 Z# X6 g
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation> L$ V! m- c- I/ p E
- [ntptdb / ntptdb][Stopped/Auto Start] U0 v4 D# Z$ ]# P
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>: k6 x+ g- s0 A6 w
- [nv / nv][Running/Manual Start]# D" E; N' J4 B* f9 E* g% l
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
) U# |" }2 q4 E/ Z+ i& v - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]" I+ D! _" {' G, Z, i
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>9 @1 o2 R" d+ a3 R
- [DDK PACKET Protocol / Packet][Running/Manual Start]
" U5 d" n( K; t9 u4 A - <system32\DRIVERS\ProtoDrv.sys><360安全中心>6 M, _# W( e( u9 q
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]% V0 z3 S5 F7 T) y' p# i$ i4 V9 J
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
& X5 k) J# t" e4 N - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
" ]" b }/ G# o5 t; Q2 {$ r7 ~ - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>6 q! D; Z( N5 ?6 B( B; c$ B4 B
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
* p, o8 M0 Y2 V/ @! \8 Y& ] - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
( u# t2 D" Z$ ?7 _/ [& \ - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
p2 K2 b$ o. s - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
( a' P( V; A1 }# j3 ^# P/ h - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]# n. b% z6 k* F4 s( x, j) V$ [
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
% [* s4 Y, F% s5 Z/ O7 p7 ~ - [Secdrv / Secdrv][Stopped/Manual Start]
2 m4 a* ~9 U% H1 r. g5 h - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>& O3 b" x2 l, s& \& l9 D P) a% J
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]5 o3 Q' Z! M1 |) I+ w4 I
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>8 V' j3 S; u% V: C3 o- O
- [System Restore Filter Driver / sr][Stopped/Disabled]6 n; A: p) `4 i2 _' S3 F
- <system32\DRIVERS\sr.sys><N/A>
: [. q( m- S/ x; J2 }' [$ Z - [TesSafe / TesSafe][Stopped/Manual Start]
: s6 B9 {+ w" r% N0 J - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
& c# ^( y. J' T) b' D; L+ h/ Q - [System Services / unzxzsrs][Stopped/Boot Start]
. Q" o$ i Z9 U" k9 z% f4 J" o - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
; m4 l! m" Y7 I - [ViBus / ViBus][Stopped/Boot Start]; t) p" [- h4 S3 b
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>/ R9 i5 u9 o+ g8 Q/ K, w- b
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]9 A T: y3 Y' u
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
- W4 b* P) |% \; E8 ? - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]; ^9 z+ B9 N3 }9 f
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
% ~ k7 Z/ B+ A' } - [ATI Extend / zhibmaso][Stopped/Boot Start]
0 c4 E9 ^4 k: _; Q: H% ?* y- a - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
) d, [$ s7 i5 w5 L8 w - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
4 P0 V' g% |8 _ N$ j* w" @ - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
3 s8 e4 `% ~6 s& V; | - ==================================7 n7 p) u/ Q- `# `) i
- 浏览器加载项
( b- T6 H$ `* H' @ - [Google Toolbar Helper]7 Y. K4 }3 e: B) C& w
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>) V7 x2 p2 b4 r% a& a% `+ l0 a2 j
- [Google Toolbar Notifier BHO]5 a) Y4 m, K2 t$ r/ e
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
" C0 E; q* Z. F4 S4 u7 k - [SafeMon Class]
% ^; ]/ a$ I0 E: j8 c - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
, p) G9 A! m3 E8 Y+ H. h3 t; S* l3 X - [kingsoft browser shield]
+ Y9 \4 X5 w" a( P; U% _ - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
9 g: x; `( v: A7 W- F0 z# F R - [IEBuddyExtControl Class]' \9 c/ n6 |% p1 a1 u6 L- u* @
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>* L8 a ?, k8 g( P
- [Zcom 杂志]
1 N! b9 S3 }" W) I9 b) o* I - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
8 z2 e9 E( [0 d+ f( w4 X6 } - [&Google]
. Q* ?( ~3 {/ |% A# A( o - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
% J3 P5 e; A. M! @7 Z - [KooPlayer Control]
# D9 M2 u4 D" S6 V! Q2 e - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
. ?9 _/ T, T1 B1 t: k - [Shockwave Flash Object]/ ~0 ?0 k- G9 t
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
8 p7 f x% D2 _% j( v - [KUpdateObj2 Class]) L/ l1 ~* E* Z& _' W
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>. n, r7 L K8 U
- [Google Script Object]0 k! j' u% w. F/ h8 `7 ^' B
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>/ I) W: J4 R* R9 E- X
- [EWA Control]8 P" q7 m9 A' o! }: Y3 h! o: I
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
9 ~3 [/ G* f2 N% o - [Windows Media Player]
6 |! c' M1 q6 Y7 k5 w - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
7 |- G/ ?: F& F5 p+ A! C4 m$ K- q - [&Google]/ ^; W$ k+ N6 Q, X7 U
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
5 q- O8 @9 V, T - [HTML Document]
# e1 l. j) z& Q% |2 L0 e - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
_! G2 b* k9 D$ B' [, T9 A - [DHTML Edit Control Safe for Scripting for IE5]
' X+ ~8 r& L: ^1 g2 o* w- F - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>1 X) S3 k0 Q) z; `2 X: ^1 ~3 Z
- [RealPlayer RAM Download Handler]% ?9 H' H9 K* y. D1 |3 r7 g# }# H
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>& D0 A, f( N7 d5 T
- [IEBuddyExtControl Class]6 Y2 C- \$ a' y% n9 r3 d3 T+ ]
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
9 P5 N0 |0 r- U z2 I/ v7 ? - [XML Document]# g! L O8 Y0 l2 }+ k
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
' M7 f* P% C% Q& d' }+ D1 I - [HHCtrl Object]
5 {( C( T+ s% M: [ - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
9 \0 b7 y" {& _9 T% [1 J; G2 i - [Windows Media Player]( |! G$ p7 t2 O v' g8 s" O8 N
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
b5 n# N8 s t' Q3 _) c. G+ ]! z - [Active Desktop Mover]3 F8 J+ \- Q0 F* e' |
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
0 N# o1 T9 O9 V& R - [360SafeLive]. @ g: k. \3 t% h
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>) u( c3 z' J P- h2 V8 g1 ?
- [Microsoft Web 浏览器]. D0 g4 r* U1 Y0 e- k
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
- i+ d) ^0 ^8 I3 l7 R1 X9 \ - [Browser Enhanced Objects]7 V% b( g* m9 g% z* p! [0 S- z0 f7 p
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>7 d; `, R% ?, D. `1 f% _* Q
- [Google Toolbar Helper]+ u3 \7 l$ y5 x: S- R
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>' e) B( ~& B; F* H6 x
- [Microsoft Scriptlet Component]2 D' d, ?- v; J% k1 q
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
5 g0 b5 f: Y- {8 s - [Google Toolbar Notifier BHO]
R' v' N, p& d2 `4 W - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
* y6 y& m8 R: v4 w% M1 X+ s - [SearchAssistantOC]
4 B: E: a8 X: o3 F1 T1 i - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>. K5 a4 P. A. r+ ]) o$ w4 U
- [SafeMon Class]* L) J$ u6 R0 {; o+ f5 \( {' k
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>$ L3 @. K* e2 d/ @4 X/ A
- [RDS.DataSpace]8 {& y0 J n) U( v! o4 W( v
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>- x" I! f( ~4 G) u6 d" ?! G
- [KooPlayer Control]% f" w2 E& z5 I$ ^
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
+ V% W. g& N( N. H' l4 t0 ?( W+ z - [AUDIO__MID Moniker Class]7 p. y+ J0 e- j8 e: I- x
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>3 W6 L% X, r. U: ~
- [AUDIO__MP3 Moniker Class]$ ^8 N1 t! H' M
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
/ h$ ?* _. H' S* ] - [AUDIO__X_MS_WMA Moniker Class]* u4 f/ @/ v1 F& {
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, Z" V5 k( d7 `2 @4 G - [VIDEO__X_MS_WMV Moniker Class]
, U2 Q* q. I% f5 v+ G - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>8 V* ?6 w# ~2 f8 a
- [RealPlayer G2 Control]
. S- \# x0 j( k+ { - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>% x# ]* ?" A$ Q$ }) C
- [Shockwave Flash Object]+ g8 v4 ]4 F9 @6 x2 F
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
+ X5 Q% r0 V u. n - [KUpdateObj2 Class]
# e& g; n' i/ `) H6 r- s9 p) u - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>, \3 U/ ~4 G, g( i6 S
- [kingsoft browser shield]
* J1 j7 `8 w# h9 L ~ - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
( Z4 s3 f G( K& x; R$ K3 w$ C4 b - [PasswordEditCtrl Class]) N$ q$ U2 v2 N$ L4 ~. @8 O
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
) ?3 V! |$ g4 v/ i* A - [QvodCtrl Class]) l7 b7 N* S; j7 k- v# G6 L
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
7 |5 M3 \5 o0 c G - [&使用超级旋风下载]& ^. K0 j3 K5 s1 m
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
, W6 G, J i- S, Z1 x - [&使用超级旋风下载全部链接]
" l& [! \# t3 ] - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
. Y9 b- k& ?' c% R; ~ - [使用迅雷下载]
( ]- m0 \: y3 m9 o* e0 ] - <, N/A>1 |( ]2 Z$ Q# E: e
- [使用迅雷下载全部链接]& q1 J U/ }3 [9 v2 U# b9 U
- <, N/A>; w( ]: V% _3 F8 | J
- [导出到 Microsoft Office Excel(&X)]$ h! n4 b; K$ [) u) M
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
8 i: |3 ^3 ]# G* s9 e- ^* D9 ~2 } - [添加到QQ表情]" |1 B0 c: c/ Z5 u5 R* t6 \+ r! V! u
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
/ d# c% t8 I: v, | - ==================================$ \! P4 ^* X+ o& q1 h+ u
- 正在运行的进程
/ A' A: M r7 l% u' [ - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 B* x5 b( R2 C - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; d1 t' I9 X* D0 P0 J1 i - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% A6 r9 {. h5 s8 T
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]/ m- Q* M% \$ Z
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 F y0 L& o9 V1 q' `4 y+ C
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( N& z1 [; A2 f% b* j9 x - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% u: @- U# m r% T; W) E5 L* _ - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. e. O( ^9 x; z$ u/ n2 w4 H - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" ?2 ~, t9 Z% f1 ^/ C* u
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. M! k( q, v' v# o' d; @3 q
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# T, h$ u$ r$ A" y
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
* r# x. P; P* t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]% E, J0 @" e' ?3 f; {7 Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; v/ k6 e6 Z7 Y; B8 ?2 ~6 R
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
( _( G7 @0 T( @! x - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 @0 W6 Z' J2 s% r* @6 ^8 I! m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
, z6 k0 X1 A6 _) u - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]6 m; x8 l0 ]( I4 k9 b
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]2 H3 u9 I7 a! a
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
0 q) g, U/ k+ v) n6 m9 G - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
$ H# N' s9 [6 }. \# U) ~ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 b2 Y0 I3 S: g% w) ~ - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
* T9 r2 V# s* O5 W+ H - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)], G: S7 n% D' r" X9 h
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]+ p3 m r5 s. ~* k! V
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
7 ]2 x8 i' M9 t) g: S - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
: E. w, P. `3 j x/ ]' B* u - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
; G6 w- ]/ j9 q: U7 E - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 `9 q8 O/ r+ t4 W4 A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]6 d. G7 y' I' \; A
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( L% |; A. l' h9 P% T& q
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 Q+ S8 ?* A4 G9 u4 c4 {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 _4 \! }1 W* t; ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
& _. q3 I9 p9 f8 n a! a- i, Y: Y - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 F0 r$ s& p9 u, N/ d - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]' D& V* p/ s* W4 G
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
$ a" G) Q5 y( a; D p4 z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- y7 w, ^# `+ o& }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ p9 V# g2 R3 k" V: b
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]4 C& n% h' Y, s c2 B$ r& Q
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
# _$ w' k% a7 x" ?: ]. d - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
% x, S- D0 J8 c2 b - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; Z: @6 J9 p. c2 U) j# T+ Z3 M. Y
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ G8 P4 {4 ?+ D" p, }4 `: l& ` - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]3 Y% Y1 G, Y) b, t+ {; {
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 H, @+ f3 @# z! A& E- g9 S - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 i9 H- r4 ]/ h4 o+ L
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]6 N5 z( f& I9 F
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]4 ~" y) k, w& k" O1 o9 _
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
N7 f+ K7 j0 E% K+ g& k - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" X* w \3 `6 U# q8 o+ H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 c: h, ]" A( D: p3 W! N" e - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]. {6 W& @6 H! Y- H
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
2 C( M# s9 H4 [, T. k0 _ H3 p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
9 C* e3 r+ ]2 u7 u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]7 E& I( R( ]2 s1 _3 }. Z. h$ H( ]; V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83] ?8 o) @ B" A6 A& |- _0 T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
. D1 y$ g" P$ F3 C" P, t* R1 r5 M0 X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
" h; u4 d/ }- V. a - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]5 V n! J- p4 D" K3 m, X e$ T
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]5 J- `% G9 {$ m+ z: b, D. e& Q* E
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
% c$ D% o) ?, u b. _- N$ ~ - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
( v8 k' h. c! p7 M - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
' v4 _; W5 C! o7 _: a2 L- \6 r# f - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
" I0 T) `. M/ Y# E% S* }3 f8 Z3 } - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
- B# e" d; w$ j. L - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
+ \/ o: J9 A4 i7 j; _' x - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
. f1 `% p& r: u% E5 _- e. _1 x# b% l - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
0 U( i! Y i: L: n' e - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]3 k1 Z& h2 Q& M6 Z" w. v
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
( N4 N- M1 z' ]' D( z3 U% m - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 _+ T! U: Q6 M* l2 u8 j- d9 D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ V8 H2 s& \( L( r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 v, w% S4 L {/ _. N/ A5 ]2 Y - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ z, e( ^& c: Z' D `/ m' Q! i
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]. M, v, f7 b6 {# m% J) \/ B* ]
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
" d3 s3 Y; y8 P/ }, }% j/ y0 g$ W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
# n6 y8 }9 b6 @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 c- t# ~. e8 n, S( W9 M
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 T8 g4 D! e, [+ X. ]7 [' G0 L
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
# I& s H( p' p. o. l b* j1 o* N - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]2 B( y5 s( N( k0 i' ?* b* S
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
# I0 }7 i" M" n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ h/ |( G6 n: b" R1 J* ?; } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, h% v z- c1 z; Z0 T1 ] - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) H: U8 A( U: t& d7 t - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
$ G' W- x1 ?* N) J - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]1 D7 P2 ?3 n9 S6 p3 M& _3 H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
* {/ g- \, D: x4 c6 {$ d& I% o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ ?- M0 K3 Q" P! r4 ~* _! m; {. W- s# f - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
S, O. G" x2 X - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]- d# g- R+ \$ b) j# ~" W& A
- ==================================
! [( n6 q! b: b0 \0 L6 m/ A - 文件关联
. }( V/ H. d2 a/ G - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
# ]" O; z) a5 S, k3 p* F1 g! N1 [- ~ - .EXE OK. ["%1" %*] r8 o! s" o- k, b6 }* d+ j, H
- .COM OK. ["%1" %*]0 O2 q r3 U- s7 f S
- .PIF OK. ["%1" %*]" I* q( P! Q& ]4 N
- .REG OK. [regedit.exe "%1"]
' ^' `- u9 U0 t. J) Z) H# A - .BAT OK. ["%1" %*]! e- V) j, K1 U6 J, m
- .SCR OK. ["%1" /S]
0 r+ P/ U% O0 \' f- {" A - .CHM OK. ["C:\WINDOWS\hh.exe" %1]% W- z4 r% r# S. ]3 \* y5 b
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
3 l" i" a+ ]& [/ p, N. x5 T4 I8 K - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]# [% N: z; f3 d0 _& P+ u
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
( M% l- j, y1 g4 D - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]. b9 z3 t, t% u$ I6 q- D( B
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
- w3 d" F. \: O, m0 p: y, ?( f& W - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
3 v8 U m7 w$ W, e& W - ==================================
9 C8 o$ C- G6 q9 m - Winsock 提供者# C! E0 t& m8 @) T9 `4 v
- N/A4 q& S# C d% G- B5 ]( l
- ==================================- H* @' j$ U' D! b2 @+ Y2 c& j' |
- Autorun.inf1 \5 E4 N6 g% Y- c8 e
- N/A; c6 o Q) z3 O: Z ^' q# |
- ==================================. k0 H, V& P D
- HOSTS 文件/ m- t( h" _0 d; S- b
- N/A; y: ]( c: d6 D
- ==================================
; _) U8 J/ `& a( F1 ? - 进程特权扫描
0 X0 r' K5 R, g+ @. R - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]( m: H+ `1 z$ K2 p
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]2 @) ^& @& {) f& a$ E* i x
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
3 A4 T$ _, {6 L) t; v: Y - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
! C: |) X; Q( J* V - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]- Q1 [+ t, \& B6 Y2 Q8 q: j( C* `
- ==================================" x+ w0 G2 N- i9 `5 \ ^0 z
- API HOOK; B4 ~, Q/ Q% i2 V. ?! a
- N/A
. r7 [1 h0 `$ h- ?3 g& s3 N4 a. g - ==================================
& ?* x4 `5 |& [ P - 隐藏进程
+ g h, W! U) X! m! v* ?4 T - N/A
( [! N1 h0 I5 p: i2 I - ==================================
/ N. y9 P; J1 Z7 B# _
5 j3 K! p+ `. K8 Y7 \' g0 |
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
