|
|
- 6 r/ H# i: A" z8 i
- 2008-05-22,20:37:436 I& r& X/ I2 U3 g: z: A% y, q
- System Repair Engineer 2.5.16.9007 i& `/ ~, Q& b- q* _$ G% c
- Smallfrogs (http://www.KZTechs.com)
2 N; z' Z1 i1 G) X. n3 x - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
* M% v+ v6 U- f, m8 ]( x - 以下内容被选中:
7 q! P" \1 y6 E/ m - 所有的启动项目(包括注册表、启动文件夹、服务等)
; G S b6 ]/ N% q6 L- b - 浏览器加载项
: p0 w% ~/ C6 E5 C9 O' H - 正在运行的进程(包括进程模块信息)
9 |+ X9 p6 h" v/ l; U - 文件关联
/ o. S7 _8 I. `' l3 ^% Q: P5 k - Winsock 提供者& j9 k, l7 c2 i+ c6 o( D! R
- Autorun.inf
# C9 j) `$ ^: {+ a - HOSTS 文件
+ V7 l. t! g( _ - 进程特权扫描& R4 {7 d1 o" B! _. m, J, Z/ _
- , ?% f2 u& y' |# {: ?9 ~. ?" }
- 启动项目
% f* T) q6 n- r- R$ X - 注册表
& k; s9 b) z0 p9 R) C - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]/ y$ J; q, a: P# ?! F$ H+ k
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]: R! E/ D/ _! ]) _' O& V- I
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
3 |/ p$ d: Z8 C" }( a/ U - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
, `; i. D" U( O1 g/ W+ B$ ]3 C1 C - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
: {" }- o* J# \: e, {6 Q - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
& @9 @( m$ l) Z$ u/ f1 k( ^ - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]$ @0 b1 S2 I9 C6 h) G! b% X9 j
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
2 W7 V6 _0 O9 q) q7 b m2 } - <PHIME2002A><; > [N/A]) T8 i5 a2 m2 A3 Q! ]3 t
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
" b) L& Z7 d$ E1 k4 D - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]& ?. }) o5 M- \! A3 ^7 X, S8 ?4 e
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]# g' ^4 B& c L
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]; A2 B( C$ L+ X2 y# G2 j
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]7 `8 E& w1 p) Y$ G
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
: H0 i$ q0 i9 m2 s" Z - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
, x# _! H/ t \& l, E - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
9 s6 d$ S) l) N( K3 O- w1 V - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]" w, ^$ _/ C$ c
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
$ K9 Q4 H7 [7 N9 }# z( F6 p' C - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]% `. R0 i3 |/ n, l
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
; l9 u* H( o2 |8 k4 n N! l# S - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
; ?! w' Q' h ]3 M; j3 O6 L; e - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
2 j, w, ]2 I# `2 g+ Y5 D5 U' T - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
- M/ C8 n: Q" G0 z' B5 O" ?7 e6 T# M+ E - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
h5 C' N- ~! |0 w, K2 J R/ e* z: ~9 i - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher] n: U: d w, q
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
1 r% k" S: a J) B( \0 L - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
6 j7 s. R1 K" q, m3 `) z' T; O) k - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]! P# `6 b4 U9 {2 y# P
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]" A# @+ C# H! G. S$ s
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]; d/ s3 e1 K, I, w/ a+ R, t: [
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]) P. c3 S: H( w: r* d" f' L9 S: b
- ==================================+ Z! V A. M/ B9 Y& m4 t3 w
- 启动文件夹
/ R; ], h; l' j. }! Q# T; S5 N# p- @ - N/A
% w2 B9 p: D/ m7 O) ?& N - ==================================
$ S9 g7 [7 d$ ~. W. I; y - 服务
& b- B6 [' g( Z3 o2 ]# F - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]4 Q6 m0 A5 [8 G `
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
: C* S' c& f4 C* i) I: i( M - [Google Updater Service / gusvc][Stopped/Manual Start]; ~) w9 l, e9 C8 r' @9 x
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>+ E1 l* n9 l- @0 _
- [Help and Support / helpsvc][Stopped/Disabled]
: C$ H# S+ ^' [3 C( Q7 P - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A> V+ z* F1 {7 F9 P* Q R/ m& v1 z
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
. u2 z+ n8 w% L* { - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
& W- N9 l, W6 H/ }0 g - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]7 f% z a" \# c6 e
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
$ |8 H) |3 m0 @ - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
5 Z7 b* }* b- i3 E3 D, x - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
; q4 e: P. D* C) a0 e - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]4 [& g: {) S% w; ?6 |
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>3 ]* E, ~8 `$ R3 `$ g, w' z3 l. h
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
9 t& B- u: r u+ ^ W - <><N/A>/ T% m2 z R! R- Z
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
) `2 l% z9 J' z - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
' ?1 W: F1 x) F5 h/ M+ e - ==================================
# v/ z. x7 g. o$ @% O9 L. k; O - 驱动程序* ^+ N0 }7 L' s
- [22j / 22jn][Stopped/Boot Start]* ]/ ^" g* I0 l. r
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
( E' K. s: `8 ~ - [360AntiArp / 360AntiArp][Running/System Start]- _/ S' J- A1 J7 c: ~
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
6 U* x( W* o& D6 l( m, i - [43ec / 43ecu][Stopped/Boot Start]
3 m0 Y) e' F5 e/ c! D7 Q - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>2 r$ e2 m, q& E3 V
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
u) U0 q! ^* R) C0 Z6 N* g - <system32\drivers\ac97intc.sys><Intel Corporation>
2 g+ H& W7 z1 o8 f" t) j - [Promise driver accelerator / bb-run][Running/Boot Start]# `" V4 o3 y- C @# p. C
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
5 Y! X# ~! v) f: p4 R - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
" I( @/ T" V& O. U - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
; _& v' D/ N" X4 U - [KAVBase / KAVBase][Running/Auto Start]( h3 n' y! Q$ d' t
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
3 S6 p9 h4 j2 w$ L4 J# P' F; I, |7 D - [KAVBootC / KAVBootC][Running/Boot Start]
1 {& L4 C% ]- \ - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>, o0 @+ X% R. ^
- [KAVSafe / KAVSafe][Running/Auto Start]
( o- J. ~7 A# S4 b - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
# B; n$ u) t, B- |! T - [KNetWch / KNetWch][Running/System Start]
4 l6 ~+ B/ Z4 i( ^ - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
6 q3 \$ U8 \& ^& |( y, j% p( R" D - [KWatch3 / KWatch3][Running/Auto Start]! I+ j" X& I. S$ }. p/ P1 }9 G+ r
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>- u g! l, ]1 V
- [ntptdb / ntptdb][Stopped/Auto Start]
2 F5 r) F3 D2 w* c; m - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>! N* n' W1 t2 M, [& A( i Y9 t
- [nv / nv][Running/Manual Start]
' { G/ W$ c7 p3 X - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>, P% i4 I. s6 t; k1 h3 b0 u* Q% b! h' ^
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]& Y& A4 K- h+ m0 O, M3 N! o k
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>9 S$ G% e4 l o* V# u
- [DDK PACKET Protocol / Packet][Running/Manual Start]
' P* E* `8 a; U+ ~6 Q: k8 y4 X - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
8 Q0 \; C1 ?/ q8 u+ D) F - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
! E! W& J% X0 x+ E% N# P - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
' F+ x& v( C' i - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]: ^6 ]- l E+ w( v- R; s3 T" K2 l
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
) e: K# u! i3 ^% Z3 b) d" { - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
' ~( c1 {2 m* O3 b# {- o - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
/ x4 C( {- X; R3 P& t9 w: N' J - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
0 d' w8 m1 a6 Y/ L; i) l+ u! V - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>$ p% s t9 m4 r8 ~3 M
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]* V3 \; E( F7 l& y9 v3 ?; l
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>8 Y* H( Y, @, q# D* i1 h, x' G. R
- [Secdrv / Secdrv][Stopped/Manual Start]2 o5 W8 A3 Q' e, u6 D4 j1 Z5 \. j
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
7 S. g& z( W B; ]$ H L# }. y - [SATALink External Device Filter / SiRemFil][Running/Boot Start]# L) ^6 D- j& b! G
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
- ?' {) y% }& s. d+ @ - [System Restore Filter Driver / sr][Stopped/Disabled]
- S- S% C# u8 U. k+ K9 g; L4 h4 e - <system32\DRIVERS\sr.sys><N/A>/ I7 {( v& j2 _# ?
- [TesSafe / TesSafe][Stopped/Manual Start]
" U5 s6 {- g9 W6 {+ j - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
2 u) F9 t E, Q( c$ w7 Q0 D - [System Services / unzxzsrs][Stopped/Boot Start]7 d1 l& b/ w4 |1 J
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>7 a( c& o3 {7 ~8 S3 ?. D- W
- [ViBus / ViBus][Stopped/Boot Start]' H: O. Z3 N7 }9 r5 v3 G
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
& S& x* j" r0 d - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
3 A E; e2 i7 T; f2 {) C* ~- E - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
% D, i" K5 ]& L6 G; z$ z+ ^ - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
3 c9 A/ j& N, r3 ^! s) G8 D - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
8 w! f7 [+ c* H' A3 B0 B; @ U) [* [ - [ATI Extend / zhibmaso][Stopped/Boot Start]
8 A4 j5 Y0 N+ q2 ^: ]5 K5 M - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
. G+ ?' L+ ?: c( P/ r, j. B0 h& o* T - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
0 S. U7 U( \ H' w+ @2 V/ v - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>4 w% `5 G- i- q3 @9 ?$ l
- ==================================/ c' U" w0 O9 ~7 j. a( c7 G
- 浏览器加载项
3 _6 D( Z- d. Y' w/ a4 ~) E - [Google Toolbar Helper]/ E( W4 x2 S( A+ b2 K
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>7 U5 h: D' W Y4 q; S% {" h8 W
- [Google Toolbar Notifier BHO]
, @' T; z+ I% d9 Z% M: W - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
/ [ g* R9 @* p& U: t/ c& C% j - [SafeMon Class]8 O( S) m! F! t. k
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>. h; F( H/ L" n5 ?: Y3 b# K
- [kingsoft browser shield]
, C/ R0 a' ^/ \+ g - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation># H5 Q% |/ N$ t+ r
- [IEBuddyExtControl Class]
- s/ O8 F2 `6 y% Q/ b' ` - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>' F9 y1 f: d8 i7 V& Z2 G- M& V
- [Zcom 杂志]( q0 P- ~9 t" I) ~
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
: Y) Q1 g7 D. w" h0 ^# [ - [&Google]
' s7 p" k/ ]: Y8 Q1 a! o2 i, d/ y6 ? - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>, B+ O# a7 v. f* G; i
- [KooPlayer Control]
/ h2 d$ ], U5 t6 Z( m - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>0 d" E# \5 p% @+ M
- [Shockwave Flash Object]
. T* }/ B9 K5 N- J - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>5 d( T1 H/ ~7 o' D8 P
- [KUpdateObj2 Class]
0 {, ~* _" x+ q; S0 u - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
$ b4 ~( r% p( Q - [Google Script Object]2 W* k; w& D( o$ m; j4 ~
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>2 _8 X& @# c+ u$ l
- [EWA Control]
q# H" ^3 V+ {4 r( T - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
, G4 F/ _) B0 ] n% f8 n - [Windows Media Player]
: A1 ^3 B7 [; h! X. f4 V6 ~# t2 R - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
) f; j& O. K7 W% a9 ^ - [&Google]
8 `( X, H' K0 j1 G - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
; P) P m- t5 a8 I9 t$ ~ - [HTML Document] b: ]! r( Y5 ^+ j- f+ d
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>( Z; D0 F" w7 d; U# o
- [DHTML Edit Control Safe for Scripting for IE5]
+ u; J% f! P: C - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
5 J' _5 _9 @8 {; ^+ V. i - [RealPlayer RAM Download Handler]/ Y) }, s& z# z; o% ]2 q6 |% d$ M
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>1 h, I% P( M" D1 C/ G. ~8 E4 W8 e
- [IEBuddyExtControl Class]; N$ i( |6 m j6 r' [) o" |
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>2 [' p( }. F) v% e/ v6 z. i+ y
- [XML Document]
m1 A- o% V- g6 y- y! ~) O$ L X3 k C - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
5 w0 }) f+ z8 f5 @% v - [HHCtrl Object] Q/ y6 ^, q2 H0 W
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>4 v# }/ ?$ U, Y
- [Windows Media Player]
+ k9 l8 i# d* f; g/ Z: o - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
" a0 N3 Y6 W: i3 i* ], { V - [Active Desktop Mover], \5 T/ J7 |2 g, N( |1 z/ b
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
3 c0 q4 j3 O. y' Y) e( Y7 P( p - [360SafeLive]8 M: M. @2 G3 v, x
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>- }1 Y$ z9 ]% p( v% M$ w
- [Microsoft Web 浏览器]2 I7 C; v5 q# V. b' `
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>" [* L" [5 h: S; f0 V K$ W
- [Browser Enhanced Objects]
' F; w% B6 _5 l" d$ v- b( z - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>( m, S. G6 y |2 t! h' R
- [Google Toolbar Helper]
# |: Z* @. @; }/ \$ u - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>- L6 ~1 N$ k5 d3 E1 c
- [Microsoft Scriptlet Component]
$ k( N6 Z2 X- i5 P- D& a1 a - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
3 K2 G. Y$ P% ~% f6 t - [Google Toolbar Notifier BHO]
# Q' \5 m% r% `8 f/ e- d - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
8 n& \/ c3 x- D7 ~5 r - [SearchAssistantOC]
8 Q; b+ n! f7 {3 p+ s - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>1 J. L6 ~9 Z3 n0 M9 l* u: ^! @
- [SafeMon Class]
" B/ L2 f% ?! g. R2 \! o% r, q - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
/ ^( j$ b& a: i: j( c3 ` - [RDS.DataSpace]" _( g1 j0 g$ }! ^
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>0 _) c+ M: c7 E, S
- [KooPlayer Control]
( q: n; K4 Q$ Z4 ^8 \3 Q/ y - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
* ~/ o6 Y' ~4 D/ _6 k3 D/ H9 S7 ? - [AUDIO__MID Moniker Class]
# V! ?1 z) U- `8 E5 n! ? - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
) E, B- P/ I6 D$ v - [AUDIO__MP3 Moniker Class]
9 f* l7 I2 y! P, G8 Z$ H4 O7 h - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
1 v }9 h' R, A' g7 a7 R - [AUDIO__X_MS_WMA Moniker Class]
0 i* }1 y3 W* J6 m - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, [8 k; p3 K8 W* `* S4 m, x - [VIDEO__X_MS_WMV Moniker Class]
+ K1 }. F5 D. J - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
. s* }9 @) r5 C - [RealPlayer G2 Control]
% l) x4 S' H/ y* `$ G - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>, N" I$ M( Q! P- B6 T) h' X" C
- [Shockwave Flash Object]
; ] }; X8 `0 m4 N/ M( D - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
1 b- h4 W6 G6 |1 S1 f - [KUpdateObj2 Class]* e/ N% }4 v# g+ }
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>+ p$ t* D4 [" X' Z4 e7 ]- K2 } E
- [kingsoft browser shield]8 {# ] R) A; [4 o$ w# u
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
3 e/ n8 [1 P/ f1 m8 W - [PasswordEditCtrl Class]) W( r4 x* x7 x T
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>/ j( C% `: {: F$ o% F* t3 X
- [QvodCtrl Class]
8 |( I7 m" ?/ U: ]% m - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>9 L2 z' [# x% ~
- [&使用超级旋风下载]
1 A7 i3 f" K: _$ a/ g3 Y/ z6 u - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
9 |; j" G0 ~1 a* u1 R- ? - [&使用超级旋风下载全部链接]* m, B% i F! \% l6 h3 h/ s$ z2 p+ T% Z
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>3 C7 _; j% ^( X! y7 |6 h
- [使用迅雷下载]
+ n& ^+ B3 C9 ~5 Z5 [9 }" Z - <, N/A>
% _! r4 y9 [) f+ K& { - [使用迅雷下载全部链接]
. I0 `* ?8 k6 L' ~ - <, N/A>
- e8 t$ m0 B$ q - [导出到 Microsoft Office Excel(&X)]
a Y, e" X7 v! a9 T - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
~4 r$ Q$ M* Y - [添加到QQ表情]
' l9 E* S$ _4 N* g d - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>- s2 _7 F* F8 m* |/ z, n8 r' B
- ==================================
" t* |. S1 w8 ~, e& t, }" z9 ^/ v - 正在运行的进程
# j/ {3 i% j ^' F7 D - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 ~' W, w" [' j2 G+ B1 _
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( l' Q" o; O# q. V - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 P- B& X4 p" S
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]. S4 U1 j3 f+ ^, L- R2 y. u0 u- k. S
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( [9 |9 n/ y4 A1 s
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- Z0 I( }2 w4 `- _9 w$ Q - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& H: M2 O0 T* ~ m J
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
H I7 ]5 n# y: ?- m - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& J4 t& q2 C& x% [" @, g- X% u - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ M" Z+ N" Y8 b- C - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 U' Z% w; ~' v$ K: O - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
. y- F. O3 u- c+ p9 L - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]8 i. b7 F$ Y& }- |3 M. W7 R. ]0 a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
& V* k- U. ^1 j+ I! s - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
9 v+ c+ A) `- p1 ~2 _# q - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 {, O% r2 r& k$ D& P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
& s' u( w6 D! } - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
/ C9 N Z$ B5 T! i - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
( {, g, ]4 e; O) c! j - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]6 D6 ^) O2 P& Q" \9 j
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]( G& m2 V& i5 {' E2 b9 t5 t
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]7 J1 C; n& p* _* x3 `$ t a
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]8 N" [# O8 ]+ V1 d6 O, @: T
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
$ {& a: {# H" w& Y; A% }% p - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
* q# d v. \3 c7 y y B/ p - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]4 }, f; P& i* C# r% ^
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]7 O, j; ^. z" B- k# c$ F
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 v9 N" A0 {: E; d) E3 o1 A6 D8 j1 Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]8 E7 @. Z# H( j/ ` _$ k+ X4 M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ y- n5 K8 ?8 a# W) _ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ o& p4 J4 i. f/ Q+ d0 d7 z: Y
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! z( e( q* @1 W0 i3 r3 b S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
~; O: J+ v, l, ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 B, p b# f8 m6 Q6 R7 T1 U
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. U5 h7 f: B! N, U$ d6 j - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]9 x o* T5 L0 N9 j1 {: K) v y9 b) Y4 T
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]! @& Q# }$ E9 X: O' q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
R, T6 d, a3 p# O" E# @2 u& _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ O- t; ^/ i8 f
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
1 h, |$ `0 Q" R! e - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]0 [( n# o4 Y; i/ z1 g! C" h$ ]
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
9 @1 j7 f; S+ z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 E- P" Q$ C1 O" d1 S
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) P4 i" H, f$ O) M: L0 t( P - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]+ m# d2 _: U! H: ^
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! h1 V4 S/ m+ y9 E1 X - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# F0 r: D/ C* B- {
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]9 y5 H. O: e6 h) D5 i' j
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]4 x3 I0 c& `" [
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% i$ B5 y2 J2 v1 f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& }2 d4 E0 m, E4 [* x4 b4 @: @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 F d% `3 D9 V ?2 l, D" r0 Y A! W - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]3 k6 N% ?0 { O
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
1 v3 n/ @( K3 _* {/ t0 f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]3 F _! ? ^1 a( N: ?4 m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
; i0 Q# w/ v2 z+ D* ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]! y& t& t' i; y+ y, X7 I# E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
4 S' X! J/ H: V, g! B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
1 G# T( m* \) ?% c# X+ u - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
# ` [; w0 ^) z: o& w - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
& U, {9 a; ] x - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
* B, ^8 ~) M) C4 G- c0 i0 Q - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]6 B% \5 J8 |, Y+ k2 y
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
1 @. x/ }9 u5 W3 ]$ \ - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]/ K. I! k4 L$ v( s7 ~( H: e7 d
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]: I* \# j1 Z3 @7 j; |" Y% \! M1 @ Y
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
) p$ Z% v& \* n - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
. M; J; [5 U1 }; A - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
9 q( U) x0 R) P, k - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
/ y3 M/ w; ?4 y3 g" ]% \ - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
! h; Q2 p: ?+ f4 y, Y. F% ~ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]$ J0 `2 i# ]) k* Y" R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 W3 M5 c/ v+ m& z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]7 ]/ P+ H* {* [/ V- l* Y: }! X
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 f0 d6 `2 x# F2 _8 u, R
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]$ T' U0 V1 M. b2 \) }6 v: w: G9 a% r
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. o, f- _; l+ q$ J( o3 M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, U N" o3 @/ X. ?$ k( W3 a1 j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]7 Y# b, Y/ k% u6 y1 n
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ b+ H0 p, P; N* X8 f8 k& v9 r' j1 z - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]' A& c) Z+ ^8 g# A& u
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
! ~# e" Y. F \! J) ?6 [ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]1 A: O- m$ m3 d" s2 ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& g4 S& j2 m* F* |" n; u0 M* u3 ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* c7 @* d: C8 \) z5 x v8 W
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% k% o" e* p* |; T! f - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
" ]. J* R/ t) Y7 Q8 i% \0 |: { - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 @' U1 B/ Z/ T/ A; ]* ^9 B ?) ], g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
- F k. g! P. n8 Y6 N; f5 N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 U4 b$ {* c, M5 V; E, E - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. z/ j/ C: y+ {* e. i+ i/ {, x/ A - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]) n4 o' [7 H: P3 X, ]5 a8 U% ]; |) }! S
- ==================================
! k7 x8 T9 b, J - 文件关联
6 }, U5 ?6 w5 m$ b - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
3 _8 Z- ~' E$ s* C$ E% R# b - .EXE OK. ["%1" %*]- T+ D/ f7 e0 w4 ~! w0 ?
- .COM OK. ["%1" %*]
- R# e) J7 E. b4 i6 q - .PIF OK. ["%1" %*]
+ }- M2 \$ D6 B5 N, l - .REG OK. [regedit.exe "%1"]! e2 O8 u# H8 y. v; {) q1 w; x7 K
- .BAT OK. ["%1" %*]
5 d3 a$ P/ `* w- j7 D( T$ B6 ^ - .SCR OK. ["%1" /S]
/ g x/ l; A8 K3 P5 P - .CHM OK. ["C:\WINDOWS\hh.exe" %1]% Q1 _: E3 p. p& T& _" y
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]* R, U# P# Q. j4 v3 F4 [# A! G
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]0 v4 L0 m% w$ n$ C, x
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]' u( Z: b ?1 H, L8 c' W9 A
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
" n: q3 W' x# a4 x, j2 |# J - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]( {9 g3 _+ w7 X2 j
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
/ _3 B$ G/ O4 b+ b; ^7 s8 a - ==================================
: z( _, J" C& M o6 A: @3 t - Winsock 提供者
( x0 m; }1 K$ ~" o& f# L& N - N/A
, v8 @5 E; D6 S6 [ - ==================================! G, k$ q1 r) Q; \/ ]! s" x. T
- Autorun.inf
# e" B6 `: i$ w; K0 h8 j, { - N/A
4 b7 R5 C& G# U5 r& g `; }4 T - ==================================
- p- z& p ^1 J$ d. ^; \- b6 p" L% s" d - HOSTS 文件0 D$ N2 i: O; t8 H" L
- N/A
9 n0 d% n6 i, ]' {+ V9 y4 ? - ==================================
& e* |$ g# y0 I h2 i1 Z% @ - 进程特权扫描
: m2 I* V8 O {' q8 ] - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]/ L/ ^# j3 {. B* r6 ]8 a
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
$ T* m% ~" P/ S/ O - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]% O) D+ ]- Y8 F3 Y# Z
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
; E- q7 [- w4 P6 c4 z% [9 v - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
5 b7 q% }- H2 j1 B. g - ==================================
1 B8 J$ P0 U8 D7 w" s - API HOOK1 Z$ Y5 e6 t' V. n4 H% `2 l
- N/A
) X2 f- j2 G: e; Z, s, I - ==================================$ T4 N+ b" `$ Y7 w- q1 c/ n
- 隐藏进程
$ ^+ B0 f8 I$ ]7 U# {' _; {+ t - N/A
" d. y" ?+ ^5 f& C - ==================================- A3 J, F4 P% c
( |5 g) p ~. u* K" w
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
