|
|
4 W' I. v0 O+ o6 y y- 2008-05-22,20:37:43
7 s8 B2 g E2 F' ^# J: c- R6 V - System Repair Engineer 2.5.16.9000 |* w& b @8 T; A; J" C
- Smallfrogs (http://www.KZTechs.com)% W2 [2 ?7 P& @
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能/ h5 g5 \$ v* M' C9 w
- 以下内容被选中:7 x0 L9 s! ?0 h
- 所有的启动项目(包括注册表、启动文件夹、服务等)
& @8 z( w) D* i. N/ a6 E$ } - 浏览器加载项8 h/ O6 m5 A" l( I! P" `9 x/ W5 t
- 正在运行的进程(包括进程模块信息)# k& S' w& m. y( R3 J: }1 c+ ~
- 文件关联" [ {7 }- ]- i7 r# X/ _
- Winsock 提供者
9 j; J2 c. ?0 P' K' ^ - Autorun.inf
{+ G- e1 P" y - HOSTS 文件
; z% W7 s+ z2 `/ G - 进程特权扫描, N6 g) {" C" j0 U6 I( D
- $ b, ~, u5 A9 M* I& _
- 启动项目* w2 ~2 x5 E7 d' ?. u' I
- 注册表; x' I1 ^$ k! I) d/ Q
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]" B1 m) a$ ]# b9 O. `
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]8 o4 y+ J: C* H" O) y
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
3 J9 t4 L, Z+ X! ^ C- U9 D - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
; b& ]- ?: h$ f; ` x# D, W2 Y - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]! C( U# X1 M# I* I# N0 k
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
( y$ s* R' C8 h1 h: s0 Q; f# e m - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
) V5 r) A% I$ b' V/ p6 Y% J) T - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
; h6 E" o+ Y' B8 [" O - <PHIME2002A><; > [N/A]" F& M( U% d" U3 L1 ^
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]7 P' R) b6 q+ I* M3 c/ D* l, Q
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]* M- k8 s2 l1 {3 ]! g
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher], _2 @, P- L$ [& Y! U
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
8 [6 F$ B. w( R% M: D - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
3 i$ @7 Q; u1 A2 ` q$ J( ~ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
1 f/ |, B1 c2 `+ m p2 l& s - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]& J( n- _. ?: |1 v# ], L$ Q( Y( T
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]1 {' L6 p1 p0 P
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]% _1 n/ v1 V, E2 G0 H
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
- i3 I7 V7 \# w) A! p: r) }1 p - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
+ T. Q8 {! V$ h( U I - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]. C5 ~; }9 S: j( I1 B
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
7 f( J# I, |& A8 Y - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]8 u& i% ?5 Z' `3 _& N! W
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
+ R2 }# ]6 ^" \+ f% n' ]6 H: G2 h - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]8 C; p' y% t- }' g
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
8 a2 W0 x5 p. y) o9 c - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]* R1 n. R6 m$ o& z
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]# U0 Y7 ?) K8 Q j6 h
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
# a7 L7 Q" E! ~) A7 B. f - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]' ]/ t- w# A7 R$ Z6 W3 p5 }, o6 G
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
2 b0 @; J, m9 [" b; _" I - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]8 w' n) b( X7 q; G6 D% Y+ c
- ==================================& I2 c. v$ E5 J5 J% Z: n+ i. Q
- 启动文件夹- {( i8 T$ L. F& ~! r/ k! h) p
- N/A
$ I7 {6 ~8 t0 `# T - ==================================
4 A) P9 ] A* Q% [) C3 F2 y3 j2 p - 服务
; y3 \ Y6 c" ~& Z- l; p - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]) w; {2 D0 v, C
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
9 k4 U5 l8 H) C1 L$ f - [Google Updater Service / gusvc][Stopped/Manual Start]
4 _, O3 Q0 x; b7 ^5 h. @9 \+ P - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
7 h% p1 u# W8 E. e) `# V - [Help and Support / helpsvc][Stopped/Disabled]
, J" b$ b- g2 y- M: p/ y - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>- P) d& _3 X1 O( ^) @! ~
- [Human Interface Device Access / HidServ][Stopped/Boot Start]2 J3 a$ h2 z# T5 w) R# `
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
; J" r5 H" d- d" b i - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]0 |/ _) }! m* H
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
- T+ k2 d+ j+ n: b - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]8 m: z9 j/ w: d: K% K6 p) d' |
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>1 z9 ]( w; a& s% l, u c
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
% w6 s6 N* D8 O8 h( i% E - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>) N S- e+ L0 H. ], k. j: W! f* c9 y
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
6 p# j) I" Z' h0 G0 E - <><N/A>+ Q$ _' r4 {- `8 t0 n, H% _' t3 Q
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]6 B5 _4 G% |' C
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>( G6 Q* Q) S% ]: _; A. W- f
- ==================================; C9 m) R3 c4 q5 a; \
- 驱动程序5 K* D) m0 `1 ? v7 s
- [22j / 22jn][Stopped/Boot Start]3 b' J9 ^! A. e, m
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>! V4 a% |3 `4 y! `# T
- [360AntiArp / 360AntiArp][Running/System Start]
* v/ Q1 l- D3 ^ - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
+ X s! v g- o - [43ec / 43ecu][Stopped/Boot Start]
) N+ I: c6 C9 j# r+ Z; s' u - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>) ~3 R, ^: y1 r7 H6 A0 p+ D+ l
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]$ z( t$ e" E9 j1 A
- <system32\drivers\ac97intc.sys><Intel Corporation>5 ?+ E8 V$ R, D8 d
- [Promise driver accelerator / bb-run][Running/Boot Start]8 V \/ f% [. @& c2 N
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>( C+ o. S4 R6 z+ u! `
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]% C* u1 g1 ], y3 \7 c) B
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>4 F0 P6 U. w# ], |/ T) D/ J. f
- [KAVBase / KAVBase][Running/Auto Start]
0 J, ^6 |4 m. j2 T( `: ^ - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
' W; Z- J# @3 z* f8 _# I - [KAVBootC / KAVBootC][Running/Boot Start]
* o& x ^5 Z" v% T7 O - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
9 g# \+ N" Y" k" o4 P# _1 s; J9 o - [KAVSafe / KAVSafe][Running/Auto Start]
}; P" z1 S4 V - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
! t' W5 U4 v% e9 _% v9 f - [KNetWch / KNetWch][Running/System Start]
# S& p+ g$ `/ H8 J8 p - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
3 k; L2 y/ W7 j' U0 E& X. t: Y( {: ^ - [KWatch3 / KWatch3][Running/Auto Start]7 E: `! H7 }, j9 d: Q. I% N
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
% @, Q. w, s' Q$ m - [ntptdb / ntptdb][Stopped/Auto Start]
7 Q! s3 B9 r, q4 {: q - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>, l4 t9 z) F0 [* r3 Z% v; q
- [nv / nv][Running/Manual Start]* e4 T0 d, x& v9 ~7 ]3 [$ m0 G+ i
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>3 D1 e% m6 J8 t# Z0 @9 P2 h
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]' X1 ~+ A& r2 J) b6 k* S8 t1 }
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>- C' {3 g0 h5 P) T% L$ B
- [DDK PACKET Protocol / Packet][Running/Manual Start]
) G& t# g# q8 h, p+ L - <system32\DRIVERS\ProtoDrv.sys><360安全中心>$ m" d1 w! ?* \9 h( @) |* v
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
/ U) I2 K4 [$ B# z - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
. T: ~! j; c0 b - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
( n! @2 v+ }5 u9 h& J. \; ^9 s - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
3 l1 k9 R+ R9 Q* I2 C8 u - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start] k; E3 s! N6 m! x# p- Y& v
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
, q$ _% l' S& d; ^5 p) q6 ? - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
2 ~6 I* `3 I) C2 L& Y' x9 e9 h - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation> f4 C$ O5 I3 W' D5 W+ K8 f
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]$ U" t9 I+ ]: Y+ \+ c
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>& n2 o: M2 {. b( {6 F
- [Secdrv / Secdrv][Stopped/Manual Start]1 X7 l+ y% B2 i. o( r
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
* ]* ]8 R' W! I a" ] - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
. x- B3 p: T9 F+ o; P! m y" m- O6 F - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
$ u& k% e+ {/ H& x - [System Restore Filter Driver / sr][Stopped/Disabled]3 ^ ^1 b) M9 a. B9 K
- <system32\DRIVERS\sr.sys><N/A>
; y% Y. `% A- u5 D - [TesSafe / TesSafe][Stopped/Manual Start]% }7 ^9 _6 {: K! K o# E
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>! }0 U. P$ t8 d3 h5 h- X6 a$ w
- [System Services / unzxzsrs][Stopped/Boot Start]: @9 Z, d7 o( H* {
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
, U" U% X6 _0 M- r1 V9 W0 S# L: Z - [ViBus / ViBus][Stopped/Boot Start]
% K3 ?+ B& R4 \9 A - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>: a( W' n+ z+ _! a9 y6 ]" X+ H& ?
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]9 R3 o3 T; [7 L( i) b' T
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
% g# T7 N) `' |& [3 J - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]; S" i" m4 l( A/ t& _, B! o
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
. v2 \- f; L# a- |0 q4 U8 i5 r - [ATI Extend / zhibmaso][Stopped/Boot Start]
# @) }9 P+ u- W/ Z8 j ` - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
& s) r& i( |: P, G( S* q& d - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
$ M) q7 w; B# R7 _5 I" V - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
& x) O" u- ?1 r/ t - ==================================
{' o/ q- p0 }/ G, ` - 浏览器加载项) u. U, R: N5 T! L; ~
- [Google Toolbar Helper]& R7 X9 T4 ^& U
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 U" _( O4 B/ X( T
- [Google Toolbar Notifier BHO]$ i H+ T) h6 m# D3 q
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>/ _; p. Q3 C+ q' k; h5 ^( o
- [SafeMon Class]
, b" C5 ?" e% K, x1 i7 S% ` - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
, e# N6 x* f+ N$ a3 K7 a& ~ - [kingsoft browser shield]
" E5 w* m7 m& I; { - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
K+ m! X# U# W" D- L8 E9 | - [IEBuddyExtControl Class]- V2 }# t8 B& e& s$ f$ P* k
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>+ T9 r, i* C" q: t$ a) N5 J
- [Zcom 杂志]
# X! Y, R6 e" m2 N - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
: o( p& ?1 E& |7 { - [&Google]' d7 f: i- A3 G7 G% S4 Y
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
! b6 F3 w9 h/ h! W1 x6 `1 }; L - [KooPlayer Control]6 Z" J& ]- i8 S8 \7 y8 Y, _
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
% I3 n: Z* {, {5 J - [Shockwave Flash Object]
' `& C4 N j) @' u. d- p - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>; p; j. Z; P4 r
- [KUpdateObj2 Class]) e1 ]' Y# k! H- X
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
: H. P* Y! o) T. T - [Google Script Object]
, q) y2 G0 H* U - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>$ v% c+ R, T- p/ j. H
- [EWA Control]
" k2 h" |+ i, z/ Z5 r - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>- M P8 H1 w& R
- [Windows Media Player]
/ E: Q" m2 W, n7 A - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
) f' N; s/ B# g( E( y - [&Google]/ \# t1 n7 ]+ A( _
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>0 a7 S4 V4 E/ F6 W( X
- [HTML Document]
# {8 Y+ D) w% A, T7 n - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
( ?6 S) b ~/ g# W# j - [DHTML Edit Control Safe for Scripting for IE5]0 [3 [( f M7 q
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>, g5 T [/ G2 E, V
- [RealPlayer RAM Download Handler]
3 ~- L. A9 e& S* B - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>( S, T; C$ {) Q1 q& l
- [IEBuddyExtControl Class]% y( C' [1 r, n0 O2 @5 }. p8 G6 Q
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
& R6 c' n% {' B8 { - [XML Document]
: x, q9 B3 X! } - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
4 J" A; ]' m9 a- ?. Y - [HHCtrl Object]# b& t7 {. V& O6 X1 g
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>5 b7 Z, H. O; E% O8 L
- [Windows Media Player]3 [! \( n, f- g- U" t9 S8 `1 h
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>6 M1 M( `6 A4 n/ T: U
- [Active Desktop Mover]7 C+ p, `$ D L2 ]* M3 Z: i
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A> G2 s* ^: @+ {! b! G
- [360SafeLive]$ J7 B8 u1 m8 U! a7 ~7 B! U
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>6 h5 `. N4 Q" e3 x
- [Microsoft Web 浏览器]
' I, X1 v: M# b/ Q* I% J - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
& G, l; c5 [7 p8 p% x - [Browser Enhanced Objects]
1 r- q3 {3 Z: m/ S9 v - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
b) L; I% V5 e3 d5 r% [ - [Google Toolbar Helper]1 L' P, \: S- P7 ?) E: y
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
0 W' D* T! @% Z; d; C* s - [Microsoft Scriptlet Component]- e1 u' b8 {" X7 E9 d$ g
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>% }# B: A9 l5 t9 f$ \
- [Google Toolbar Notifier BHO]
* {/ b, I/ I* y% O2 p - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
4 D( h! n/ y. b - [SearchAssistantOC]- I( M' A1 j. h6 D+ P, R8 W
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
$ V% d& k3 ?# m {) ? - [SafeMon Class]
7 q% `) {9 a2 n, M - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>: h- t+ o* ?" \7 b9 O% N
- [RDS.DataSpace]. q; b5 }5 u4 C# x; y1 M$ b
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
$ O K/ @4 C; A; V$ k - [KooPlayer Control]
1 ^" H- f) D/ X" y - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
; s7 a: v: B& U% _$ O0 q' K - [AUDIO__MID Moniker Class]4 B4 D7 A. h5 H8 [. e3 D
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, f9 O9 \. u! \# u' z - [AUDIO__MP3 Moniker Class]
8 E9 b! t6 S. `9 u6 I' v* ~ - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
9 i6 E3 h# S5 I g* a: [5 N - [AUDIO__X_MS_WMA Moniker Class]
' L. w3 f' V3 @ u a$ Q+ y7 z - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>$ m4 r/ t) \. d+ w! U1 ]2 `: w
- [VIDEO__X_MS_WMV Moniker Class]
& l3 w1 q, B+ @7 ` - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, E% Z0 w/ {( @: I. P - [RealPlayer G2 Control]
3 g; B5 ~% D. \ - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
3 w8 o& ^3 L K4 E$ i - [Shockwave Flash Object]
' Q; o' w( j6 V1 L' A - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.># D+ v- |& ?3 \6 d% `0 Z
- [KUpdateObj2 Class]
, _# C: X% s; a) l5 _- b+ G - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>; \2 n9 S: ~+ s( r# J! n# M
- [kingsoft browser shield]2 @$ d7 c9 ], B
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
% E$ A6 m7 [, Z% n( f - [PasswordEditCtrl Class]( p4 M# }0 ^+ {8 c5 f7 i
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
% E j8 D1 j* g( k, J2 o. F - [QvodCtrl Class]
& o) r# @9 r% ~2 A - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>; k- V; m) a& D" ^9 ?
- [&使用超级旋风下载]
1 m# {. t4 W# ?6 }) a - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
. O# ]( C2 [* O - [&使用超级旋风下载全部链接]3 j- M' H- \9 z& r( S- m
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
6 I- u- D/ G& }" _6 V$ o - [使用迅雷下载]
/ P/ W( @' ` c3 S# ^7 u ^4 d$ Q- W a' J - <, N/A>
7 n$ \3 O8 K& |; k& K - [使用迅雷下载全部链接]
. b1 B; p/ `/ W+ E6 H+ ~' H7 ` - <, N/A>
4 S! f; K0 g4 T! y5 |! m - [导出到 Microsoft Office Excel(&X)]
6 E+ M K) f4 z - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
' ^1 `7 I. S7 [0 I+ ` - [添加到QQ表情]; @% H) z, s( z- g! R( F& F
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
. \6 K7 ]. D6 |0 ~; J; e4 {7 j - ==================================; o" ?2 {& S+ n+ O+ R5 R
- 正在运行的进程1 @8 k3 @1 U+ |& K* s2 j& ^
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 [* z& `' m- N; ?% ^* s
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] u$ i3 s3 h, s! t+ C' i. f1 O% X
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. b, n# m$ C! q - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
6 N2 K+ r/ Z# f V- A, U, p$ D) T [ - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 s* b# V' `9 m5 V- k" c0 N
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ @. r1 J, Z3 x! {, S8 d) P6 q: B/ E* S - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. a, l: [3 g Y& F4 X! l - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 E3 |5 p) E, _+ u - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 l- y7 b- I: m - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 Z3 f' O& I& F# g: I. n" o
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" H% s8 F% N% b$ O* E5 B. Z
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
. l& m, `% L/ C2 l' w) v" z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 [0 v4 T' g+ N, C - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 c7 W9 x$ t. v. v0 Y8 m
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
$ o" M. E: v4 f/ K- ]5 i6 y8 D - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. A' b9 L8 q& s' W% L9 Q1 O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]( f' Q! T5 ?; V, M( y
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]5 L) o$ I) @9 w3 C% X1 w) Q9 L, n& v
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]3 T+ W6 `, c( N h+ t
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]" k2 T; X: ~) ]6 q
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
) P0 \" ] V# i* c' I5 L6 O0 g! Y; m - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 g, {3 b6 R f- g! F
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
2 W Z+ } ^1 L2 k5 T - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]: V* F/ l+ a2 M6 D3 F8 O9 a
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
c3 O# O7 u! _! v4 P. M6 v J, L; w. t - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]5 r5 e' B" _# r; ~4 @, A. e
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]+ E4 x5 o; b# f& R
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. P7 M. v4 ~- ]: W* A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]2 x7 r! k5 O0 d7 s; O5 F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 K1 _6 d [3 ?8 d* L6 t
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 h' f) a; q: l$ e- s - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( i% s7 k$ J$ k( [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]6 f" O; L- _, V3 E" a# H% f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
- b2 I# a- D) ~3 g) O - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. G g7 n6 x6 @# F! x% G - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]8 v2 Y+ f0 z4 S4 w
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]( Q& Z3 f" m5 \& Q P7 x+ l
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ O4 m! S+ T% B6 Y8 D5 w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; W' N: t6 p( ^8 @/ b2 E' o; B U
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
7 x9 m; |2 S* L C - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]' N# x* w& ~8 V7 H! ^
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 I- V) l1 b) ^7 n. X( N7 Q& N; G, x - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]3 y: F" v) Y5 i8 t+ Z1 d
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; t- N+ ~5 q# z; |2 h# k
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]7 B# R9 i2 g7 p! t+ g& d
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 [5 v; |& Q8 q+ f9 G
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 [5 @% c# D, |# E. T# V - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
# G2 P, Q; d7 C9 G) x2 ~9 | T - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]# a: h. s- G r9 W$ Q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001], G2 ^. G1 L4 O# y8 d+ }4 J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]! R4 R: Y: m, J; X+ J8 A; J# K4 z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# b1 C7 N- s% l
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
" ~$ p$ z( r/ i; M - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]3 B; R% n# z* X& ^: C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
) Y( k2 b( V$ L. M$ |1 C# F5 C - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
4 n' R) e0 r/ f5 d5 p! j- e8 s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
9 x$ v& I: c1 X2 T9 m O- N r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]( M @3 c* _: v' J) v* M- _6 O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
/ g, z9 w3 U& ~* O% Q - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]2 K% e" I- ^! S5 g2 j
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
/ O' c# _! i; @ a8 d& k, Y& m1 U - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
' X9 Y& G" T5 R* V, J: s6 A - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
( o" {6 n/ h+ d7 R8 _& ^6 q9 r7 A - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
4 e3 S8 A7 }* y; \- r - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]) V/ B& W ]$ n" h3 L' L
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]( |, _) c' Q9 {6 Z2 A& q
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
$ m V7 m0 a+ B. l! I) S+ s. ? - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]* C6 \, f& }! {( Q
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]3 U- m% o9 K! Q1 A, t, H6 r4 s
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
, @8 O9 _2 ^6 \& ^% U n - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
2 e" Y- m) U% l - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. O h. b; ]3 I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 i# t, \5 D8 d' D' A) ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 h- { n% }! D! u1 q \" o - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( `& y/ P) w5 U8 m# [
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]& D, b1 ? b2 @. K
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. t3 o, v( }4 Q* |" y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 ]9 K. P/ D; G' E8 z0 Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, c" u. x! l; @% r - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]3 F4 @$ V; Z5 _( a& P! V
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
& V/ k3 I0 O5 H& o - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
# J7 {* F) b) R0 T# e6 r5 ]! s1 ~ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* n+ N: }/ @% f. x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) L9 k% Z8 ?$ L7 ^4 N% b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ \0 Y, |4 I; O- O4 @0 c( S9 X
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- ?7 W- C4 p* s/ Z6 `
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]+ r2 D8 V' _7 x8 C
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ z2 p- n7 Y' E" | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 a3 [& s. a; x8 T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ w" P- v! S, h6 g( m - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 o0 T: P- O' X0 s* g- J6 D. \
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
6 ^" V& g D P1 F/ E - ==================================
8 T, E- C( m( o - 文件关联, k" _+ T9 A$ ~# e; x$ t# A- o" {# Z4 ~
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]5 v8 S: v) P- f5 B
- .EXE OK. ["%1" %*]
8 F/ B8 I0 z# d6 e, H6 r/ Y& m, ^1 i - .COM OK. ["%1" %*]
7 h( Q4 _+ X7 }7 g - .PIF OK. ["%1" %*]- w& v/ O; B4 h; ^2 U9 L# b
- .REG OK. [regedit.exe "%1"]
- b' Z# e* j# N7 z - .BAT OK. ["%1" %*]
6 b1 h A$ V# _3 I0 i - .SCR OK. ["%1" /S]
: P/ C& m$ Q o* S' | - .CHM OK. ["C:\WINDOWS\hh.exe" %1]& y5 o0 r: o$ d
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]) I' E0 F" T: G3 I# k5 ~
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]! Q2 j2 J3 A7 t, P) ~
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
8 m0 g) s% v7 g - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
3 ~5 P. ?4 h% O$ T" ~. }" ? - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
; g9 d- S6 C9 ~; ^ - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
7 I5 \8 I" e2 m# K% F) t - ==================================
' ~4 N1 T, m; ?/ T" M. X+ F o- W - Winsock 提供者4 x5 g2 ^) ~! b+ ^) `
- N/A
0 R, u' z+ F$ F2 V4 E/ l - ==================================
7 c1 w7 k5 B4 ~1 s# g( Y" V - Autorun.inf
7 M+ N1 K" l& p+ S - N/A
- k/ \# K/ X0 ]0 r9 `3 D5 b - ==================================' D3 S0 W0 X+ r3 Y. {. f
- HOSTS 文件
. b8 o0 v: t, }: U - N/A) S! Z7 N J% i+ ]% h3 Y' C4 |; Y, A
- ==================================5 I K2 z, {) F) A$ _) b+ S& h
- 进程特权扫描( g9 {, s* X' ^# Z$ c! _
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
# k7 R7 E" t. z% b7 Z9 Y q - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]! u/ j1 j' s2 E+ }6 y3 S8 z# Y# D' \9 j
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
6 n0 ], ^6 R+ c8 x/ L: z# |3 T - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
, P+ g6 v2 M9 H1 r+ r - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]7 b* Z: z: e( C/ ^+ ` A
- ==================================
* P8 x9 F; Q/ }) ^- Y& j/ X - API HOOK
+ J. [8 a$ S5 i3 c: ~4 }$ O0 S - N/A
; `, |: y6 R% M: Y0 z - ==================================
' R" A. w. h3 W* d2 Q, N+ P7 x - 隐藏进程
( u0 V. l5 k, T9 |- I - N/A9 V k, _6 i* s K+ b% ?
- ==================================( e ^2 t1 V" r; D& z
+ L& ?! z: Q* k C. a6 ^
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
