|
|
- 5 u3 n* ?& K; m* L7 p0 k( P6 b- O
- 2008-05-22,20:37:43
7 W! G, p, `% Y5 o6 `% E3 l - System Repair Engineer 2.5.16.900
: i$ m9 f( x' i* h8 k/ X7 d! u - Smallfrogs (http://www.KZTechs.com)
3 w( p( } j( j- G& ^ - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
' `. _' i( l7 T k6 `/ O- U - 以下内容被选中:) x. ], Q0 G' E
- 所有的启动项目(包括注册表、启动文件夹、服务等); M9 `: ?: P/ J1 y. G8 C) d
- 浏览器加载项# G/ f ?4 z( ]: E3 _8 h# ]
- 正在运行的进程(包括进程模块信息)! ~: @* b( d$ _" h
- 文件关联7 A. j' b$ o# q; I7 D
- Winsock 提供者# }+ }5 q+ l! N N- h" I9 n; P+ h
- Autorun.inf
+ l2 c3 V7 A1 Z+ W) ?, Q - HOSTS 文件
8 R+ Z7 ^) k# P' } - 进程特权扫描1 Q1 n a) w, \2 ]: _6 q6 E
. [6 I: m1 I% H7 ?- \# A- 启动项目$ M9 u2 \# ?7 R; o) O! u
- 注册表
1 U/ Y6 b% o6 Y9 D! N8 N - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]' u, b) M, o; o& n2 X
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]$ N. D% q8 S7 s' U7 s. L
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
+ G) p7 a- v, U6 | - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]: R- b% A) A5 C/ K" T; Z6 D9 r. x) G: q
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]: ^1 W; S. Q6 ~6 u# l
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]& I! a& P) p' w. q' z. a
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
; X& P" w7 u& C5 |6 w* W3 m - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]' _7 l B P& V+ n8 Y) z. T5 L; K
- <PHIME2002A><; > [N/A]1 l% A- g8 a0 h8 F4 n
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
3 s/ x' X# ?3 I - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
7 F6 e4 z% d# \ - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]% r. X7 e, q; ~) M8 Z
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]$ @1 V8 }; r; ~
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]9 y. y: m. l5 D% [( j) x% c5 `
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
. x/ ^- l! ^& S% O. g1 Y - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]- T) |2 F$ u: h
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] p/ e( z+ l' L* Y
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]8 i3 D9 Z. I( y& q. q. q' c$ H4 W+ ?5 C
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]3 K/ J' y7 n/ B3 `
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
2 Z0 q0 _$ D/ ^; r - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]' c8 {! Q5 j2 W. q# E. a
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
* z( [) z$ v4 i - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]; I) ~$ L' J# G
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]4 l/ h) n1 a7 q& \9 Z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
+ ]- y. L2 @2 T5 e4 y: y# s) v - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher] S+ J g0 \- K0 t/ J
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]8 ]1 w3 c0 p+ i$ w
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
! D3 h! ^8 d% @2 j - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] c1 U$ r2 o: _: S+ F
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
, q8 Y1 C, p1 B* x, R - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
7 O" {/ j' W/ S - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
% t9 `" _5 p& }1 u! G - ==================================
/ ]" j1 w; c- j1 k3 u9 ] - 启动文件夹
B+ d% L5 I! A0 q6 c1 D - N/A
; Z: U+ o: D4 x! S - ==================================5 c9 f( X# Z+ P
- 服务6 V3 I9 _( a& t: K) ^$ S' ^
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
2 s5 q% }8 G% x6 ]; F& K! Y - <C:\WINDOWS\System32\3wareSrv.exe><N/A>. Z f3 Z& Z2 w& R* O
- [Google Updater Service / gusvc][Stopped/Manual Start]# L5 x" t. w% C+ X
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
2 K) N1 u7 C t+ D' Z - [Help and Support / helpsvc][Stopped/Disabled]' ?8 t5 A& K. x1 b) N" D
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>6 ~' V: e+ c/ y8 x7 V8 g
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
3 x# G @( x$ P' [4 y6 Q: e - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>; a$ a9 e8 a ~3 S4 f
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]( r' u5 _$ P- H6 i x, w
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
+ W8 T: \ W# Z7 G; y$ Y: j - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
/ I! n- n3 H# O# L. n/ P( ?+ | - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
1 K: M# U) \" k8 ?1 G4 e( o - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]' e$ m- r" k2 x8 [5 l: {/ Y
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>- v+ q6 B1 @" N/ N% F G( D6 n: v
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]* c; f0 N1 |1 r, _+ B+ @( z
- <><N/A>
7 p( O$ a; Z S% i& }, d - [Qvod Terminal / Qvod Terminal][Running/Auto Start]! p. K: g. v* ~. x& y b9 t
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>$ ^3 a/ Y4 _- k, z. Z6 k
- ==================================2 y0 P# m3 |9 y! B
- 驱动程序
: M8 o* }& T% O6 | - [22j / 22jn][Stopped/Boot Start]
9 Q: u; z- D: k8 f& i - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
1 u+ } Y" T( n$ D8 {8 l2 | - [360AntiArp / 360AntiArp][Running/System Start]% w3 V: m5 J# B5 N0 j5 d
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
# n1 [* o0 J N; W$ R6 i - [43ec / 43ecu][Stopped/Boot Start]
- l. b9 g2 I3 e' e) h( Q" I7 _& V - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A># z* o2 f4 D2 u# M
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
1 g$ I2 g9 Q0 z1 [ - <system32\drivers\ac97intc.sys><Intel Corporation>
1 s; r5 u: T. Z$ w6 \3 f - [Promise driver accelerator / bb-run][Running/Boot Start]) A& `2 h; w5 p' f
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>' W1 z, _# w' Y, {, b" E
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]0 H$ a6 i3 Q8 Y& N* l6 O5 N
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.> s8 H& q$ X! Z% N n
- [KAVBase / KAVBase][Running/Auto Start]
$ H- Y9 g2 Z/ D8 i8 _ - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
+ _3 S9 P) Q O' l3 T1 D$ I - [KAVBootC / KAVBootC][Running/Boot Start]
, c0 ^2 ~. y1 c - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
$ p6 _* x: S B: t, m- ~/ `1 r - [KAVSafe / KAVSafe][Running/Auto Start]9 I. k% B* n0 R, J8 h9 r9 @1 o
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>1 |$ [9 G- {/ T) S
- [KNetWch / KNetWch][Running/System Start]
$ a( y! W8 V6 S2 z" s, J# q - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>8 S1 J) {- v+ F0 B7 V8 t$ o5 Z ]. c
- [KWatch3 / KWatch3][Running/Auto Start]* f. p: R4 o, P0 q! m
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
. z- g: y0 F5 k7 z - [ntptdb / ntptdb][Stopped/Auto Start]. Q; c, x9 S. Z2 C
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
/ o# C1 U+ n X3 ?6 i7 B& F - [nv / nv][Running/Manual Start]
, k' w$ Q# m R& }) C - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
. {% ?2 G( ~ D3 y* ? - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
! Z7 P% W, {1 M8 L0 m6 i% x1 V; ?5 I - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>6 c- v: {; a1 X6 K* K) C5 e4 m8 r
- [DDK PACKET Protocol / Packet][Running/Manual Start]% u2 P* Z8 u( a$ C7 X1 C7 m# e% _
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>7 J8 w7 W- v0 a% J( o5 O
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
' ^. H) D' N9 q: K3 R - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
" r# {" D) x! |. D4 b3 _ - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]1 {& s4 {" S8 k' q7 S& }* N
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>- X+ v: B# e5 A" f6 V* ?# F
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]1 I. }! B# W# L& N
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
/ G* ~# \! e& C5 o) a P2 Q/ B - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]: W3 r- D0 B1 r; M @3 n- E
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>( {4 e; V( X9 y0 D
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]1 i. }3 L! Q+ m. g9 F
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
2 M1 I2 J2 Q5 s# K6 ]! J - [Secdrv / Secdrv][Stopped/Manual Start]
4 }( T5 K1 F: _: z - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>. O" i3 y5 @8 X: b$ Z0 U8 C
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
8 Q1 m& W8 f3 J/ p3 @ - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
2 H) g# D' Q6 I" t$ c& x - [System Restore Filter Driver / sr][Stopped/Disabled]
4 l- M; \6 q( f) `: ]9 l* X - <system32\DRIVERS\sr.sys><N/A>
. Z* @8 M, c4 o r! Z - [TesSafe / TesSafe][Stopped/Manual Start]7 U2 s" P/ k' \
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT> x5 ? j' s% C3 B6 d, w* [: n
- [System Services / unzxzsrs][Stopped/Boot Start]
5 {1 t5 ^$ Z( q4 X* @5 o. ~9 w - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>$ {: b. x5 {7 V: A- j# N
- [ViBus / ViBus][Stopped/Boot Start]
- X, g/ D! A* [8 b. r4 }" o - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>! J# F/ I4 E8 g' E( I
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start], [% ^3 s! Y( L8 _# w
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation># g; F4 d0 A! `2 C+ ~. ]6 P8 i
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
( @1 i0 @; F9 `# a/ H4 L- B - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
; k8 `$ b- S. f6 I2 @ - [ATI Extend / zhibmaso][Stopped/Boot Start]
; E/ A; P Y' G* _: E/ D - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
' [% m* ~+ P+ Y - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]& O, {3 F" M, O7 V: M8 L' O: c
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
" M1 P3 A2 d2 x6 E0 k' l - ==================================' o# I/ N* g; ?9 Z
- 浏览器加载项4 a1 c4 ^6 a: e
- [Google Toolbar Helper]
" ?7 C/ T* m' Z' g - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
0 F* G( w! u1 y# n. g - [Google Toolbar Notifier BHO]
' O9 y& K8 N) m6 R' @ - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.> H2 {/ C! h/ s! k8 z
- [SafeMon Class]/ ]; t7 w% p9 b! [9 K; Z* r
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
) z2 Z& }# X) j+ L) a. o - [kingsoft browser shield]; p9 {7 j" j1 R9 k4 D0 j) `: b
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
! p& U& @1 H7 t( \' E: i# m( k* o - [IEBuddyExtControl Class]
! z, s) s/ m _9 G: x* _) a - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>9 i. [3 D* j4 r; m
- [Zcom 杂志]; N" H6 ?3 Y# A' N) I+ ]: s
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
6 f+ l# P" R, F3 w. R- N - [&Google]
, w- h/ ?4 \* h7 e; @ - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
* R! n. f; y1 _' \* x - [KooPlayer Control]
& D7 U: `! v2 ^2 q* R6 p* S+ u - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>- X1 v/ ?/ W5 i% J* N1 n
- [Shockwave Flash Object]
8 g, T ]: a4 n+ _3 q - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>2 m+ ^1 ]3 l6 u) K. j! q* K1 D
- [KUpdateObj2 Class]
d4 ^) x/ O' {0 V3 w% K0 h - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
/ s: Z5 R" P2 k8 _( { - [Google Script Object]/ D0 K! {7 t; P' g$ _
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
' u# C7 V9 |: ]- i0 g - [EWA Control]) N* ^1 w7 `) X
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>5 q- D& Q) y: h P' p u7 n
- [Windows Media Player]# E% B2 \: Q6 |. v
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
1 r/ }* J6 b- V& { - [&Google]% g( \+ w) \* E. M8 b7 L7 N
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.># ]- P4 ?7 T' d& [* n) h" ~; b
- [HTML Document]
) k" ]5 l. ?/ M - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>+ n2 d! P5 K# C
- [DHTML Edit Control Safe for Scripting for IE5]: v8 O8 w# `( t# D
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>; E" y0 }$ \5 C+ v! A
- [RealPlayer RAM Download Handler]
# E3 }4 q# f! p# M, j ^) B, @5 R - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
" y+ f' R5 F; p! N$ Z: x - [IEBuddyExtControl Class]
! @, M, E. r! W, f8 Z0 l1 J - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>+ x j) T9 }& f! f+ s& i" ?) M
- [XML Document]2 X9 j% j0 u, [9 m6 R4 n7 h2 [$ J
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
' r+ s3 Z, j8 T5 Z" q - [HHCtrl Object]# ?) R4 o8 d* b. w1 j7 R
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>" a5 l+ Z1 R4 J, U. v e% P
- [Windows Media Player]
' B9 X1 l9 ]( D3 @7 n - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
& F5 x) H, ]7 m; Y( a+ ^ - [Active Desktop Mover]+ K' b& u" B4 e+ s' [0 k R
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
2 ?* a( V+ X ?- U; ^ j - [360SafeLive]9 }7 e/ \& R1 \9 @9 C; J9 Z
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn> `' o. N, O, C. \% _
- [Microsoft Web 浏览器]
" ~/ a( ]( j1 U+ i- K* P8 { C* l3 z - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>$ x8 x1 p0 t0 k8 l: U0 g# i
- [Browser Enhanced Objects]
( M9 E Q4 ? b! g - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>( ]4 ?8 E+ _/ f, s: F; R# b# r( |
- [Google Toolbar Helper]% ^! A3 B$ B) K$ _* y
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
6 L- F1 I- C8 R% a! a - [Microsoft Scriptlet Component]
! X+ L5 K" u" P5 X! |( K: }0 w - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
6 u3 A" S3 p- w" J& W3 J* n - [Google Toolbar Notifier BHO]
& J' K# \- U" K4 Q' I7 c - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>( k+ f! {# b- U9 h) J: [! y0 H" G
- [SearchAssistantOC]
% e% b. ]! Y' o - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>- I; M2 E7 P. e! A7 o2 `
- [SafeMon Class]
) h) _5 q5 {7 D% h - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>) a& ~" D; ~* g) E9 n
- [RDS.DataSpace]
& a: J, }7 v) M9 z% S( o5 [8 _8 ` - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
: H, J3 k A2 R# {( \ - [KooPlayer Control]
/ ^4 h l6 h0 B) u1 t5 u' l - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>3 N% ~2 ` k+ Y' J; ^, \) f) w
- [AUDIO__MID Moniker Class]- {( `. T8 x' X) r# C
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>( t. ^' _" n9 r! j9 J2 W
- [AUDIO__MP3 Moniker Class]" M$ F! o7 z, J% y1 k4 C/ k
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>% ?; C/ Q7 K) T/ u; a5 W7 s
- [AUDIO__X_MS_WMA Moniker Class]9 }6 W, r+ K5 H% Q0 ^
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>' h; `' t$ m' a. n, _/ i
- [VIDEO__X_MS_WMV Moniker Class]
) M0 f9 p7 u6 _+ x - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
/ q1 ^$ I$ X$ ]( t: z6 T - [RealPlayer G2 Control]8 Z( i! I: k% E3 X e+ ~
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
6 y5 _2 r/ A; V$ \3 X" r( } - [Shockwave Flash Object]
4 O! W( m! I+ L* \3 _6 ` - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>6 ^1 L! w& U; ]- N- L0 C8 c1 i' c
- [KUpdateObj2 Class]
+ b, M" y6 o8 K; u3 ^& _7 i - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
: R0 Z, `8 q) z4 \# j6 R0 m - [kingsoft browser shield]8 c1 A' e$ v/ y) H9 G" V
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>2 ]7 N' o `) a/ N% P6 R
- [PasswordEditCtrl Class]
! X f- ?4 D4 } - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
' {, h' F5 w! D3 w+ }$ @; {) x% ^, H) b - [QvodCtrl Class]
8 r. I5 b4 u8 b ?0 U/ o - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
4 g A; K; p1 X0 _ V - [&使用超级旋风下载]7 N, s0 g# d9 a- E) k" q# b4 T
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>& X, d! d- k9 L5 J9 z! q! h
- [&使用超级旋风下载全部链接]6 V; g) A8 {) K( Z) o
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
1 e1 ^& \6 j0 ?8 `9 J' j& ^5 V) X - [使用迅雷下载]
) s2 _" a. s& ~ - <, N/A>
4 K$ C; E" H$ ~+ D. X2 m; p - [使用迅雷下载全部链接]
. b2 @: i3 P7 W7 N* u+ m: E5 F - <, N/A>
3 F. U3 O1 h0 z, x/ ~7 t! J - [导出到 Microsoft Office Excel(&X)]3 [# Q" b: ]0 `- [8 Q8 n
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
3 `, V' @4 s# b# _6 ^9 r8 m b3 F - [添加到QQ表情]
, e) Z* |$ f# [ - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
& W/ R% \4 _8 c7 K - ==================================
. p4 O# w2 s. a) h* N* e - 正在运行的进程
2 @5 A ~6 `0 N; E3 n& H; w8 y - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" r6 A$ [- w) ?9 D3 O: Z7 d
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 p% b6 S Y# @. x+ E( V$ L - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 v9 G2 |; I% i - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
" p9 z! q t3 I9 p; s J8 m; S$ o - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 d+ ~3 A2 @& @, U" L; K9 t - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) E# l: j3 k. B# `5 g/ w - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: p* k, z4 `: m$ }
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 b& a- e9 o1 ^% E - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 @) H0 {+ _% o: \/ W' F
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 y' H4 Y) J$ X - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' p& m" y- u$ M. P' G
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]3 Z0 ^- v. T; }' _' }* L! G2 Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
& W! d- D2 V% S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 v3 G6 R s; ?% j0 Y
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
$ F$ K% u/ i2 r1 o0 T, U - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]6 ~/ b9 n& J& o* L0 G* J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]3 t# e" \. b( E" _. k. S( T) t2 c
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
1 j' `* b6 n1 K' n; ]. A" C - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]! s# e$ \8 |+ [. W( X- B
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]/ V C& {5 ]# U1 q/ b! i
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]0 \8 }$ o( i$ E7 e& h. k4 n
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 p- N- g# S7 f K - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
1 }; f8 f% B) P z. }& ` E) x - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
' N: Z3 C9 u4 q) ^4 g& D2 s+ ~/ @ - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
+ R# }1 i* k5 ]. j; c, E: B - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]5 r" F2 a# l' g6 s# ~ S0 w( _7 O0 _
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]! a3 F# N5 A% n4 r# q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]' S( _1 ?) H3 K# q; ~4 a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
' V$ n2 m, z# C - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( C7 t) y8 M: `/ w - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 d+ R, N; |$ h2 j7 a8 ?
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: x& V2 X4 s* ]- p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ M: v1 e, z7 m u6 A6 ^6 m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
: }! c" t7 d! a: W2 i" Q. {, [9 ]% h - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( A, u! a6 Z {3 B' r - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
4 s8 E6 b9 N1 c( X5 ] - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
$ D {8 Y- z( q* V1 q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
# B( @/ U" x! s4 V9 G S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ {8 D$ I$ j3 w4 u# j
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
& O& V% R" o9 p- F; H8 q/ ` - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
9 j% h6 H4 c: V - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
/ h/ C& L1 l7 Q, l - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
: {3 s5 i' h, B! } - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 B' s6 _, q/ c$ q - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]4 a0 T6 I6 k A
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* p* d+ Z& a- g0 y' n, y% ^ - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" C0 T0 w' A* Q: k; z( [ - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]; l1 U3 Q+ F# i5 L m/ p
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
/ G6 u8 w) t5 o' U - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
8 f6 X( B' G6 _$ @ m @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
u0 p) \% j/ o y7 q, Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) [# s* h( l& j - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
% e2 H( g5 j. p; }7 V3 B - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164], `; z2 [# |7 n G) [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]% q/ s( W7 I3 N" @/ m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]( G3 Y$ F: N7 N; L6 ^8 V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]' [. X9 U: U& A$ T$ l# o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
: N4 f- {2 L: Z% H* r, N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
& \2 i" y8 M6 g9 P - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]- a* s9 C5 v* x q$ J
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
0 h: j: P% B2 J2 Y - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
$ R. e; g; b! S* W# m2 r - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]) y L. m8 i) c w% F$ P
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
; L1 n3 H+ U0 |. ~1 e% v - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]$ g+ _; [* ^2 t
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
7 z5 Y. E$ y% a `6 p+ E: } O - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]# c5 K( g" z4 D0 B
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
, Q' r, N, o S4 G( {+ W: V - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]$ S- {& `7 x" a
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 n8 [' L: A" D7 V4 |( d3 K/ d - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]8 u* I! C- W) f ^6 D! x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 c7 g+ S4 D4 q) G$ J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
. ^ s$ e9 i4 A9 r( q+ g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. y7 v) \- A5 x# c. S, |9 B4 Q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 `& ~% o5 S% K; t- O& F( O - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]+ A1 q1 b7 C) i/ _$ T2 q6 {
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* f8 T B( \: O1 v5 @) u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, H; N0 ^. {& w9 p4 o* W' m5 g3 ^ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; k5 M6 t+ a1 k& K- d$ w, c- M9 K1 H' t - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' v& ~* [( y) y ?% L6 G - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]# T* ~. m. J+ Q4 i
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]- X: g& b$ q% H7 a# @2 C) n1 _0 s. m
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) v' d$ H% }8 h* h5 r: r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; E* Y$ P' [; V; A7 x: j* I* J) I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
9 B5 @, Q+ N0 k; C! w( r - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- d7 I2 `/ j ~. O/ ?1 b
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
: n! e- m4 Z* c+ F, g - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* a+ r4 P: @# n* u5 V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 n2 ~; v. b6 t: k( Q# N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]- n2 Q5 w$ i `% `& F$ I
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* j; J# k0 `& M# G6 v5 g
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]4 [' B8 ~) q, y; I: \5 w" [
- ==================================
! P/ ?8 M* x9 S- H, k1 [ - 文件关联7 r l, n0 D3 F+ c% j8 M
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]/ {7 z% `5 d+ K5 k, b: N
- .EXE OK. ["%1" %*]
! r4 ? I" q6 m* \ - .COM OK. ["%1" %*]
& q3 ]4 h/ B9 P# L4 S5 u - .PIF OK. ["%1" %*]
n6 t; |2 \/ M# I: g. t6 N8 @; S - .REG OK. [regedit.exe "%1"]
+ @- j# I' a7 B1 U/ X3 f - .BAT OK. ["%1" %*]
0 D: k9 X0 Z: a/ ~ - .SCR OK. ["%1" /S]; X; i1 C- l* W* p
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]; t- v# {& o- X+ b) t* T
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
& U$ @4 `1 A2 ^9 T! [' T& O - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]/ X6 Z: j9 T C4 i6 @7 E
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]3 M& x" ?$ P H! `, [+ \0 U" _/ H
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
4 d: K) @1 ~% v5 c. J - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
5 f3 e; _& S- n* F3 E/ w% X - .LNK OK. [{00021401-0000-0000-C000-000000000046}]+ h2 @$ I4 D" |, D7 b& [
- ==================================
% z3 `4 a! Y, X5 i4 M( h9 v2 ` - Winsock 提供者
/ c( W; Q# A* t& G. }; D& x6 F - N/A R1 R ^4 V( `8 ^. d& H" h
- ==================================
0 v4 O/ C: K( B4 {* _3 H - Autorun.inf& u+ ?/ ^) ]/ {; Y; _
- N/A
1 z/ C( Y3 m( ~5 @+ Q8 d - ==================================
: W5 A g) ^' ~2 \7 V" @ - HOSTS 文件
, X& I: C# f1 ^" ]* T/ A - N/A
( k) R# `2 C/ O1 n - ==================================, W$ I3 G: p2 ]+ R5 [+ |6 C
- 进程特权扫描
1 s$ f9 _2 [6 s - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
( K' G R: G s# ]: m: u, ` - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
2 r, p1 c* H6 F" e5 H" w& ] - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
M) J: Q6 ^6 {7 G) x - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]+ V! X2 p9 O- t! c; }2 A
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
" @1 K, P8 J6 t+ {) P$ W4 Y - ==================================3 o2 n; B+ s6 |7 u, C7 Q
- API HOOK
5 ~8 N. H) u* ^/ G5 j! v' J, y5 B - N/A7 F/ x5 ^: w" H* F9 a& Y
- ==================================
9 N8 ?5 o4 k# A6 B7 H7 c - 隐藏进程
& O% g3 `. a# d6 [7 g - N/A6 ?' x0 Y! Z Z8 A
- ==================================
3 b+ z1 F+ X; v6 s/ \ - 2 \, ^1 i E$ X
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
