|
|
/ a- H& D* e" c S) m; {- 2008-05-22,20:37:43
- S# n7 }* D( j. o6 z - System Repair Engineer 2.5.16.900
2 t% ?; Z- P3 D$ p$ s6 t - Smallfrogs (http://www.KZTechs.com)5 ?0 q8 c& s$ F3 _
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能' e8 ?' X) t9 ~0 U& O
- 以下内容被选中:
* g% l! ]& W' H4 z0 e - 所有的启动项目(包括注册表、启动文件夹、服务等)/ Y* V' f/ e+ g* i- ^/ N5 v8 J
- 浏览器加载项
% e+ G9 T- C- c7 y - 正在运行的进程(包括进程模块信息)
2 q% H7 X; g+ ~, Z# E - 文件关联
: Y, _8 G$ J p0 D& x - Winsock 提供者! T& T, g. x; ?/ D
- Autorun.inf& I+ D0 Y E6 J* i' g1 o- v
- HOSTS 文件
d0 w8 [9 o) O4 [0 r - 进程特权扫描
* i. s$ L' A5 r* D. O x) } - 1 R( ]* H, W( m! |8 H, A# f
- 启动项目5 [* t' j( P! ~" d; J3 M, O" Q
- 注册表
9 {9 m5 i: d3 z - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run], L% f- W+ V& b6 M4 @8 ?& }, p# K
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]+ h1 e/ S' Z3 J; B' o
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]8 ^4 \$ H" S& D
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]& \+ T% Z [! t- X- H& _: V! \% b
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
( m- n4 Q( Y7 {3 a7 [ - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
) {8 W7 T4 ^. X( @2 F) M$ j- t4 E - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]. T% t1 y. f Z* o7 K$ H# h3 ]( I
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
7 r1 e, _, W' a( v9 k3 m7 K - <PHIME2002A><; > [N/A]! s, n! [! M" j6 Q% w
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]# W, Y1 B# U/ {( `+ \( ^9 \
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]% o3 }% |! [ I5 S3 a
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
: x( W4 J$ e* U P; S# v3 y* k - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]) p- T2 m0 y A* @+ _
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
8 ~) t: T2 l0 b6 X$ V/ `, V& t8 G( g/ @ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
( T6 B( T5 L+ w7 m9 } - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
( Y6 G# I: Y: m+ u7 g3 J - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] f# `: }; n/ V; i% I% p
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
2 j: K/ n& G' j: X4 I - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
E9 j1 q J% }6 [ - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
. Z1 h' O4 p! O! G; k8 N3 S5 H - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]1 |* f6 l4 X2 J! n0 b5 z1 ~# T
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
1 G+ N; w+ y0 |7 F' n- X - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]% G8 m2 V/ p/ q* c1 m3 [
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]$ t, B9 }6 {! |6 w( h2 M: v! ?
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
8 E. ~+ h# k9 X: W1 W% S+ v+ J - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]( r. W* W. x7 W- x1 U0 b% _* B
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]5 ?4 a% u1 z1 e# d5 Q. y
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]" z1 B! p$ ~" s; d' a' {& I
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]# p2 x0 W3 H2 ]) c9 B% T$ D
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
8 m6 n" \3 _& t - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]% f `$ [9 K q$ [( S
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
/ L" W! l( t$ A |3 i; K% P' @/ z - ==================================
2 C, H: G6 T" y z7 U+ x - 启动文件夹
4 a3 u* Q4 N: w [0 H) k7 x - N/A
8 l1 S7 }, Z! ], B8 [ - ==================================
$ D Z; }& I4 q+ {9 [ H - 服务- [. r9 R. _7 N: n$ P6 A5 P8 y! j% e6 x
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
/ D& [3 w; {* M* Q5 F - <C:\WINDOWS\System32\3wareSrv.exe><N/A>* a) Q, l% i3 a' m7 n
- [Google Updater Service / gusvc][Stopped/Manual Start]
. i* s( S: f; f0 \8 T0 Y - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
$ h0 Z0 }) a* T5 x- d U) } - [Help and Support / helpsvc][Stopped/Disabled]' ]+ Y) v# t, ]3 E1 @5 `5 i
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
7 D; Y; ^; \) Z4 @7 J - [Human Interface Device Access / HidServ][Stopped/Boot Start]5 X; j5 A- r' R2 G* _
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>/ U/ r" v8 C4 U; X6 P& f5 i- O& W: t; c
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]% _! Q# C1 ]) C) C; D* L
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>5 x" t5 Q& l2 _
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
. X2 o$ ? E# N3 f8 Z1 A - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>5 s$ H6 y- Y2 w) d5 w Z! Z
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
9 ~7 o7 c ~' q% y* C- s% L8 D/ F - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
- R! E; e* g3 `% f6 u: e' z" x - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
$ z/ H L1 O$ W8 u7 i; A - <><N/A>
4 R" @7 Q, m6 t! ]2 q - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
- z% c7 |9 L- b" Z6 ~% i - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>: y0 s& R; U! J1 o
- ==================================
* K3 `) x% x4 L5 H$ a# P - 驱动程序
5 x: \; p" ?9 G7 c9 o& G - [22j / 22jn][Stopped/Boot Start]8 G$ a- E" K- v/ k, P! u3 C
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
( I8 |+ Y, I+ X5 g$ j, h8 ~ - [360AntiArp / 360AntiArp][Running/System Start]8 g1 M' x% M8 T
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
$ `4 q- ?5 I5 t" b- }+ C+ ^ - [43ec / 43ecu][Stopped/Boot Start]
0 n0 o& K# d5 F- M- l - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
8 n5 ]8 G: J5 K* c) L0 ]( L - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]0 X7 z/ u! z. d1 V$ ^ J
- <system32\drivers\ac97intc.sys><Intel Corporation>
5 K$ z* \4 `2 m4 o1 I- C. e - [Promise driver accelerator / bb-run][Running/Boot Start]0 f5 Y7 s2 D" H6 c8 b
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>3 o3 C! `) @4 ?( f7 `5 P* `% m
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]: K6 y5 i" }1 a9 [$ o
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>9 {) y# l# X# ~5 Z0 g' `! z8 ?
- [KAVBase / KAVBase][Running/Auto Start]
+ M. Z& s* Q D' S - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
" S4 A. I3 X k) w/ q - [KAVBootC / KAVBootC][Running/Boot Start]
# O# i( K; Z7 B; w - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>- b1 ]6 |% Q% ?6 ^
- [KAVSafe / KAVSafe][Running/Auto Start]2 \# @, X1 P8 g
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>6 A4 K0 T2 E, R% @
- [KNetWch / KNetWch][Running/System Start]
( [8 V) q" b, w; n# | - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
( P1 b% ]/ I5 T, r3 E$ L& Q: Q - [KWatch3 / KWatch3][Running/Auto Start]
0 W( G/ ^$ e' A' w" R9 w) f - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
[& Z0 \3 C+ j L5 l3 p: k+ l ~ - [ntptdb / ntptdb][Stopped/Auto Start]5 ]2 \9 b3 `- m$ L1 Y! @
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
) O Q( m# V. n. t9 Q3 I# D7 O - [nv / nv][Running/Manual Start]
2 ^' A+ h) c" x9 V# l" V - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>6 x; O1 B$ D3 I9 G
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
6 q& F* y, @( _# v: M - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation> u3 L1 _* ]" O: S5 z# R8 C4 w
- [DDK PACKET Protocol / Packet][Running/Manual Start]
' o# h: c7 f3 m8 l/ Q+ l - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
. J2 ]- E4 V2 p( d+ w - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]3 D" d/ Z- a( f% t7 r1 h0 d
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>% ^5 y' Z: m( F% i7 F
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
) [+ g S8 n. n# U; G% R - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
, c( X2 o6 r/ j# e& W# o6 w - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
) q- E& u# J- t: h% f- k* c6 y - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>4 O H! o. I3 |9 I7 m, J
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
; E* @3 }6 T9 s - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>1 p8 j3 v3 O9 g( d9 c
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
4 W# {5 S" z" w. G) a" I& p - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>8 L. p& ]$ w5 u- o! w
- [Secdrv / Secdrv][Stopped/Manual Start], o4 T: H& Q* `7 r. E; \
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>$ W2 p4 [4 C+ }! e
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
6 }% V! I- }6 ~2 q* l- w - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>. p7 U, y( r' q* t. Q' }3 p+ x2 \
- [System Restore Filter Driver / sr][Stopped/Disabled]
& m3 [* F l$ H( m0 v! S( d6 c - <system32\DRIVERS\sr.sys><N/A>7 [0 x1 z2 ]" y- E% U$ A
- [TesSafe / TesSafe][Stopped/Manual Start] N* _3 K% P0 D% h" A+ K3 E
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
$ K$ s) ?, c0 O- x7 q. ^ `$ Y - [System Services / unzxzsrs][Stopped/Boot Start]
, _$ d7 G: E$ P; q - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
' y# d6 P1 l; Q, P; |7 ]/ `$ D: ^4 l - [ViBus / ViBus][Stopped/Boot Start]
. A+ ^4 f; r' j4 h - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
( e# N4 k4 ]$ Z s! Z - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
& q+ h" k/ D+ y - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>6 [5 [: k& d7 ?0 v4 O
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
7 H, V3 C1 m1 i z - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
6 o1 p/ M: K" S7 Q* ?. V4 A3 ?$ O8 s - [ATI Extend / zhibmaso][Stopped/Boot Start] E/ e+ w: g2 I; t# A: s9 P
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
, X& l% X* S( z - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]+ ?0 w7 @ ]2 D9 Z$ r! C, z9 h
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>2 ~3 m0 }3 r7 j0 O9 p
- ==================================
8 G' H6 H' g) C3 o% Q. A - 浏览器加载项. ], x' w9 _+ D7 E
- [Google Toolbar Helper]
- G0 V: r3 {1 n* ?% f E- n4 e - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
1 r( C& a. V4 w: Z- p5 Z! z - [Google Toolbar Notifier BHO], a" O% G" J( w; v6 Q
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>/ o% P4 i X8 q* b& G, g! u. y
- [SafeMon Class]) w, i: }# i8 b6 j4 i/ Y: ~
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>% n& [9 x" f% \4 n% F. M5 d- @+ {
- [kingsoft browser shield] o7 w, l8 W; f$ n: ]- D( s- e, M9 z
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
- G8 F3 o, v& Q2 W5 p, C - [IEBuddyExtControl Class]
$ {( ~2 w4 K4 E0 n/ u - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>9 d- g+ {; G' W( p1 _
- [Zcom 杂志]7 S$ s# ^6 b* `6 Z" c7 |. V
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
6 q3 T+ L, n1 Q+ `+ ? - [&Google]8 D9 A: }" y+ |$ D9 s1 G. ?6 Z; d
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>) n7 G% Z& x% h& V! E
- [KooPlayer Control]) C% r1 [/ I9 N# t6 g
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
6 b5 l' p& Z: q/ I+ y+ `- u - [Shockwave Flash Object]
+ |/ C" |; R4 d8 F: T1 D" W7 p7 F - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>2 E! W8 X: p) g. K4 x- c3 @$ f( r9 u
- [KUpdateObj2 Class]
( \( F! N/ [! ]2 p( E - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
( @; G# P% F1 E4 t - [Google Script Object]% W( r/ c& r$ r0 {" e
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
+ ~: |/ x; _7 {5 A" k8 E - [EWA Control]3 }8 I. {* S) |0 J- k6 Z
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
/ G" a) l. q) @4 J+ i6 S, X - [Windows Media Player]" d# C1 w* p F6 K. W5 k
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>- I a+ j$ w% P2 o2 d+ C
- [&Google]
/ J3 u4 g% @4 K' M) d! P: S! G; w - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>9 }6 c2 L, J: o4 H8 T: B7 f# o* F. R
- [HTML Document]) u% Y' _ G G) g( E6 j, z
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
6 A3 E) f5 t; p2 F - [DHTML Edit Control Safe for Scripting for IE5]
6 r7 ^: j& ?" x6 b" W0 f - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>5 X9 b) e% T1 d0 ?1 u
- [RealPlayer RAM Download Handler]' m& @' z) y, G, D
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
" s) I7 o; _3 o m% q$ ]( O - [IEBuddyExtControl Class]3 Q6 r' o1 Y" J) H, g) R" Z5 d
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
9 ~( O" e9 d3 l - [XML Document]
* g- \1 V/ ~8 S6 Q: d: _4 q - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
B0 `$ f3 N! @1 \" w' r - [HHCtrl Object]. @# H! {) |9 l8 U/ L" i& C4 n
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
+ j, \$ v% I' {8 h7 a5 z) t - [Windows Media Player]6 L, U9 c( D6 \4 q! r
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>* B- @: N4 \ l) I: y) @
- [Active Desktop Mover]
; b) L7 O9 ]5 n, K; U' } - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>" n/ j) f V& [- @
- [360SafeLive]
! Q8 V( B1 C- ~% }" n: I - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>3 w: L$ @. X: P6 g
- [Microsoft Web 浏览器]
& V! E: {6 X. w4 V8 ] - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
^: n( l/ H5 a! \8 j - [Browser Enhanced Objects]9 _: \# [3 K$ Y& Y3 e, J
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>7 W4 m$ f# }+ @) X" o8 Z. I a
- [Google Toolbar Helper]
" ]0 V; q, x* |* [0 g8 T - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>6 A0 Y" b3 s/ W4 r! H
- [Microsoft Scriptlet Component]
5 W! f; z- M- E8 h1 n( O: M7 I - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
1 h2 B6 F7 Z4 f0 X - [Google Toolbar Notifier BHO]
# U5 a) K4 G% s - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>6 b5 G1 m& `& n3 ^) ?& m
- [SearchAssistantOC]; [9 \$ n. o _$ i
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>' e" L! p: R% [# F
- [SafeMon Class]4 o) ]4 d8 Y- p' {/ e, G: n
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>- T1 v/ p, f- V$ _, P9 k8 g4 q
- [RDS.DataSpace]7 @$ p) g) A ?! i: W. c8 }
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>; w4 B0 U0 s6 @& ?3 F
- [KooPlayer Control]) W$ K+ w, }: d
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
( J/ k' h0 _+ j( s$ F* X* P1 F - [AUDIO__MID Moniker Class]
/ I7 g8 _; |- p* t' M7 V - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>/ v8 n$ A/ O6 g0 e. E
- [AUDIO__MP3 Moniker Class]) i* J5 c# ]$ Z9 d/ @
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>; z* h+ _6 @/ _. H! v: J1 y% E
- [AUDIO__X_MS_WMA Moniker Class]5 f: J0 p0 \7 U% m( a
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
; |* R9 j' x2 j: K7 ] - [VIDEO__X_MS_WMV Moniker Class]* {3 i$ J% M# S9 a& u
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>* b- M' C: J& e3 a# W% O0 B
- [RealPlayer G2 Control]
8 p# X9 d6 \8 b9 S, t; Z- V) H - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>8 `/ o8 }' A$ n1 ~: @
- [Shockwave Flash Object]' _1 ]( x% d( ?% K, K
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
) ]; A/ D4 \3 d7 ]5 f. i7 S! L* M - [KUpdateObj2 Class]
% @- ^6 I" L5 ] - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation> o& D1 S, M" Q T) g
- [kingsoft browser shield]
4 E m6 ?; i( T! D8 Z3 n - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>4 `8 R" f9 j0 ]7 Q5 H, b
- [PasswordEditCtrl Class]' N) c9 @7 U- s/ s
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>; }% s; I6 f9 C3 l1 r, m! T8 i
- [QvodCtrl Class]
7 o3 m$ f+ m4 @+ s" M1 p - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>! j' o* f) a5 ^0 g% c
- [&使用超级旋风下载]
/ M. v8 t) N/ @1 u - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
* Z5 r5 I I U" @$ G9 { - [&使用超级旋风下载全部链接]
3 b$ \( L: A5 f - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>. K; T, Z) P& B) r: A: a5 f
- [使用迅雷下载]3 S7 W2 h) x! h. L
- <, N/A>
4 u* b7 R( I$ v3 i" Q- u$ h - [使用迅雷下载全部链接]# i3 e4 L2 j+ u1 c2 w8 S! G m
- <, N/A>
6 n. g& h% u N5 ^8 g; ^' w - [导出到 Microsoft Office Excel(&X)]% W) b; [* k4 A [: N+ K
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
0 s1 q6 d3 g7 ?' ^( y - [添加到QQ表情]
0 r9 {6 \. \; R, [% U6 S$ M% K7 Q - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
9 C; I$ V X( Z - ==================================% c! ?$ t# q: E, N5 z
- 正在运行的进程
. }$ q" X1 n7 G2 `* a2 d- H5 A - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 \( a; Y Z8 A6 F: F* i, K - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 X- `+ d/ B* P
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 H2 \* {3 k' X0 e% } - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]* d Q( f; n; U) M# T; j% h
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* n" i8 S: K( T' W- U - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: A3 p8 z* ]5 ]/ z - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; E: k! g$ \6 i5 u$ I8 R4 {7 ] - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ `+ B0 [8 e( N, E0 [; E
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 }5 x9 J6 u9 @1 Q. `% I
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. r0 c7 p. {: O5 C4 x- e; \
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 f* |2 g! h: _" y. d6 X; s - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
! b8 u" C) i; Y' Y6 i. p9 M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ M l+ K; K1 I1 w" m$ n! b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: X5 S7 a) C( t1 S
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
* W% F5 ]- @- U) g - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 Y3 u5 {2 e, k. \; c: ^4 J2 i/ L - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
& H: x) q7 `: _0 |" { - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]* t. u0 s- I' C. L9 u6 Y
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
% ~: X5 v8 c; l, a* X8 I - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]/ S( P( m* Q8 J. o( @ W2 b
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
% G$ l0 J0 l5 q$ A2 X: f - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]% i! b- o2 ^3 ^# [1 `6 q' g; L
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]. I* m$ J: y) F
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
0 F# g+ v5 ?4 j9 X% v - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]. _6 c; ^# V+ t* v+ _; Y. s
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
1 f g1 t6 `4 C/ N. Q) q - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]: h* v4 o0 b' f9 F' {: o
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 ` o2 [) u* K+ c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 s2 y4 p3 H% a- q% k - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 G+ Z$ ]7 e8 z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ l8 k4 K; A: H7 N
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& d; n p7 V' Y# i$ t0 x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]8 r$ v/ D$ b1 D4 {# I1 I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ n- J4 c* E& u; {' l% C, v - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]" C( z" W# y# F8 \
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
+ B/ O3 c$ R3 O+ t2 h - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]: y0 ^- c7 L i8 A3 D; j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ y9 E& b5 {& M6 O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], _" @# B7 A+ R i) l! t7 x( q! u0 a
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]( L( h; q. D) F7 y$ z
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]/ g+ V! | g- L7 L
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]1 C% C! W2 U. |- c1 V2 A' `; U
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* ^2 H2 Z8 q+ M* A( f
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 Y) a) [+ u( g! Q5 n' W - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]9 j3 Q7 [7 h/ x
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ _& f: A4 S# b - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ x/ ~9 j4 W" x U0 C! y
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]' B4 N9 K4 `* k; C
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
& `( d1 L+ u6 y0 @" F7 e$ X - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
, u8 P o9 f: n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& M+ N5 E1 o# x6 X( u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 |* U5 ~# i; V6 n8 }% \4 ~
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
- y; v! W, ^ } - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]; |+ Z/ V+ t$ [/ P1 H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
# ?! f) ^) H: l( s9 R- Z9 O. D; j) x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]. ]1 f `- Y7 T p; s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
5 a- V# n" e; e: y& Y9 k - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]1 R3 E, {- W5 V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]- O. s O6 G) B! k. E7 o
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]% b ^, Y; O3 N6 Y* a$ i' T S0 M: i
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]8 I; m) z' |& H- d! w
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
& t: ^2 {$ j; p) U) w$ j - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]7 m( U- M2 n- J
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]. u2 V) U3 J+ J8 u3 W" r
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
$ G2 I! g' M& m - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]; f0 p2 n. h% l) ^/ G o
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
3 B" m" b" ^* D E6 s - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
v6 ^ @3 @ T& y - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
! }3 V5 H9 N, u. a9 k+ d - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]4 t; t2 L: f5 x' }% }* O& [
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]2 _6 H* w0 h) ]% y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ E8 {5 `- j* V; `+ V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
1 c' t3 w. p( \# T0 v7 q3 e4 ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ A6 D4 V# Z$ t& a. L
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 L( }! _3 c" g1 H! J
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]0 J* D6 h& n: z! H+ M1 Y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 m: x2 l9 L! B. I- C( g5 a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) V3 b' |/ i$ ~, U3 B' P8 \ N' m. P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' ^: H) K ?/ B. t+ Z4 } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 p0 {7 B/ u/ G! @& n7 h - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]( y- J5 T2 G. A$ l$ G# `$ i
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]# I: T: B) r; h- y0 I' |$ o
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 g+ M8 V( f! D5 j" ]$ n+ m* u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 M) G$ b+ I+ X4 ]" C ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; `8 i3 ~. b0 \9 T4 ~& o' W
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 F' d" Q+ R( K$ q. z9 w2 O8 i% W/ r* w
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]+ B9 V/ S2 {. o; f; W
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]& k7 x: h& N* E2 A& Q$ Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 u3 s( T4 q4 R9 b. J2 a8 ?- p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 L( C1 d- p1 R
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* [& R b! ^' ]2 m6 O3 e
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
5 t5 ^6 E6 ]0 ^ - ==================================! |( j# F+ Z. y
- 文件关联
+ G- A9 P3 H: I* o - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
: x6 S- S( W/ s; X# y! _ - .EXE OK. ["%1" %*]8 I! m- x7 Z$ q/ Q6 `
- .COM OK. ["%1" %*] C; }: E' K3 r4 S8 G
- .PIF OK. ["%1" %*]+ B. M4 t; f: f) L3 h
- .REG OK. [regedit.exe "%1"]
; `. \3 N, m4 R8 j- M: y - .BAT OK. ["%1" %*]2 c/ [/ E; s" i7 b' u! g
- .SCR OK. ["%1" /S]
+ `$ Y* q5 P& Z - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
4 S6 Y% U' l9 P - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]& N( s3 Y" k( ~ z/ C
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
% r" g6 X! _ x0 S% i - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]6 i! v) F z' ~0 M
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
" a0 S) U- M( p/ w0 E - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]8 C, H! Q9 b) j; l# D
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
6 q: z$ Y. O' M+ l, w) o0 z - ==================================
0 \) B7 e8 F, a- `4 u3 ?+ s: T' h - Winsock 提供者5 A: ?1 z" D0 |; |3 u+ T' F
- N/A/ Q: ?* P, J# k! Z) a, v! Y, Z5 D
- ==================================0 o S" { V5 ]" v V: A7 ~- N
- Autorun.inf- ?) m) C; y$ J; a' Q7 U& [
- N/A
7 A3 x3 m$ J8 Y) `; c( Q* e* i - ==================================
\1 c0 |4 D* B; s - HOSTS 文件
1 S/ r$ r- r6 g - N/A
1 z9 o( F" N( T. P# T - ==================================2 K! q5 d, t- `8 E
- 进程特权扫描
; S. e8 E+ L- i - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
- }) w4 m; Z/ W - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]( E. w. e8 [$ K/ j8 V
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]# e: g, V2 i( q) s/ p1 j9 T& B1 m
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
) d9 n$ t/ T& X' H - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
! y- o) g5 e* k$ S; r( D0 I3 r4 x - ==================================
2 `) B) A) c( ^% D - API HOOK$ J1 I! ~- X: v( f/ b' f
- N/A
) z9 l& s; R- N7 d* ^ - ==================================0 Y( Q' o% P6 q8 Z9 d0 S9 ~0 [
- 隐藏进程
" s7 S8 I0 j, {7 C. t: g - N/A
: D& S. c* w8 ?4 }6 [ - ==================================. z! T0 Q0 G# _1 b8 c: |
2 y7 b: p) m8 r6 C
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
