|
|
% f* i8 p! P9 N' i( q7 `! s- 2008-05-22,20:37:436 k- Y3 L+ R- r1 S$ A
- System Repair Engineer 2.5.16.900. i' E, O3 J1 v: w/ R g
- Smallfrogs (http://www.KZTechs.com) u3 E5 }; m3 @
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能' g% p. }# q. e9 x
- 以下内容被选中:
' {3 f5 v* q: Y - 所有的启动项目(包括注册表、启动文件夹、服务等)2 `- ]8 ~2 V: K0 W* C/ J3 T- I6 k
- 浏览器加载项
9 ]9 K) O# S1 s$ v0 `2 ? - 正在运行的进程(包括进程模块信息)
3 T6 S$ g9 t4 |* |' \/ E5 E - 文件关联$ j+ ?/ |8 a# i3 \; t# p
- Winsock 提供者
9 w% y) a( w6 |3 W z* g# V: u - Autorun.inf
2 v* t* c4 ?# M& U Y) S9 n3 M3 m - HOSTS 文件
/ y, ]7 d6 M6 i - 进程特权扫描, t0 h$ x/ r3 Y# d/ \! } x8 T8 V
- % A0 o0 S, r8 I4 y" N
- 启动项目( K& B4 B# }( ]
- 注册表
# H$ u: j3 k) j3 q - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]- U; Z! |4 {# Z+ V# Z
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]. e9 r" T4 X, M2 x: o
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]3 K7 i; k$ j* j* e! V/ G4 g
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
) n4 C$ L3 ?5 r) w" ?+ O+ J - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
; h+ f |" t* `4 Q& z: L$ C - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
, J' V+ f+ n6 z9 q/ o( b) D# M - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
2 [& S# h8 y2 O1 c% T* N6 Z - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]* ?4 J# ]9 H, N: y0 W7 A% m" z
- <PHIME2002A><; > [N/A]# ]6 W; g3 M' v* j8 k
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]) j5 v7 A m! `8 t/ n' ?, q7 k
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [% R6 s$ f, f6 q# R0 L- D; B
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]$ u4 |4 E) e! T
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher] K3 Y V1 w. j9 D9 p2 B3 i
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]2 H/ q9 G/ W( k* E, A$ D
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]' G Y, I7 O7 M2 }" ~2 R
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]8 Z( K" n" A u) b% o. D
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] R3 r+ V9 W z) [+ n* f
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]2 h$ |5 z) s7 S9 d$ L& n% C: M
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]' _* Y2 j' t- w
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]$ @ | |9 @: N# x; Y$ Y" d
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]% J+ d* L9 G8 r* ~
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
7 K" B) J' z7 {' O. | p' \, ]: i5 C - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
. P- i3 C/ u+ H - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
. X" U' N) v" d; V# l$ ] - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]; q% R+ E( t0 ]6 F# K
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
7 S) r; w. L, S# d- n2 q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
1 q- Y c4 Y+ L0 Z - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
& J. i: b& W; h, h& ?. z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}], n8 B7 X7 c0 ]" V8 C$ _/ Q
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher] P& P! J) ~* k3 A5 V
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]0 V+ O6 V3 S) S/ E3 f; q, Z6 B
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
/ [5 G f+ L# H2 \ - ==================================
, k. c4 Z+ l4 h - 启动文件夹
+ ]+ U8 M$ n' o. I$ Z - N/A- k- g/ m. [ L+ G: S3 J. T/ ~
- ==================================9 w* G+ ~1 f/ t. y. m( `
- 服务
) d& o, K8 G$ Q6 J, P - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
# L5 J- d- o: I - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
" v- u4 k. \ x; {; N0 z5 l - [Google Updater Service / gusvc][Stopped/Manual Start]( s" |6 d% J2 m% O7 Q, r
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>/ J' K: m/ ~' m+ L7 R D
- [Help and Support / helpsvc][Stopped/Disabled]$ l/ |5 w5 M, _- ]- `2 f
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>% a/ T+ z: D1 i$ c. a7 z
- [Human Interface Device Access / HidServ][Stopped/Boot Start]. a( l! p3 R% x- s
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>) Y2 P/ ~; O* G; _. C
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
( N( x2 q: g3 d9 G0 `. G - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>2 W7 Q. w/ X7 G& y6 p, p
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]4 ]* u9 Z0 |3 r% D2 n6 W: y; ]! Y
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>4 M$ i6 d* A9 H# z
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]; G0 r) |+ F9 \6 H
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
9 `& n4 O; X: S3 K) U( c8 c - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
+ o! s0 M1 p& J1 q - <><N/A>3 b: W* R& T) Y7 K% x
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
( l8 V7 p+ i" q. R; c0 W% m - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
, a2 S9 `" T: N( H- c0 f7 Q - ==================================: K6 S% G& ~; y+ f+ Z
- 驱动程序
: p8 C K3 }' [$ J7 R - [22j / 22jn][Stopped/Boot Start]
) K& h) a4 z0 d+ E. U+ ]$ c0 Z, ^ - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
1 ^/ h. c; Z8 k& I" E, O: q/ ` - [360AntiArp / 360AntiArp][Running/System Start]
% z+ f! r4 z4 x' m8 e; j$ B7 j - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>9 D: L8 J. C! U$ `8 I
- [43ec / 43ecu][Stopped/Boot Start]) ]9 ?8 r0 k& |3 H. D
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>/ g6 f& v( ]2 @/ W: [
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
: l) L4 P* Y2 q) u+ q3 J& ~; f - <system32\drivers\ac97intc.sys><Intel Corporation>
3 _) U# l, l( ^ - [Promise driver accelerator / bb-run][Running/Boot Start]3 a7 [; Q! L) C/ J* F
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>, }0 @( B( h' h0 ^# {2 M( ~
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]" x1 X& ?: k" T2 e
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
4 S! J; D- i. c$ B8 n' o - [KAVBase / KAVBase][Running/Auto Start]
! }, u+ W, j0 r) y8 d' p - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
. Z; f8 U9 F5 M& ? - [KAVBootC / KAVBootC][Running/Boot Start]# z# [ f/ r0 {) t$ _9 }
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>/ n% |' U; f+ j3 k
- [KAVSafe / KAVSafe][Running/Auto Start]
) X% ?) ?2 a* M; O - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
4 l, t9 b N0 W& ? - [KNetWch / KNetWch][Running/System Start]1 _# O. \ m& e* X: e1 \$ I
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>( z2 [% y8 B2 {' Q8 _& E4 e
- [KWatch3 / KWatch3][Running/Auto Start] M" A. I2 p: V2 i9 d- U& X, v
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>. m( J" J# k3 C$ v8 @" q
- [ntptdb / ntptdb][Stopped/Auto Start]8 B; U1 J3 O, M4 K$ d" r
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
, w0 \0 I; c5 j9 S0 K - [nv / nv][Running/Manual Start]9 O* r9 \7 o4 z; m
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
5 q: z9 p6 }# b$ _6 O - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
* U; m c4 d% d1 z9 C- U- k L, u- S( H - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
0 Z: Z$ Y( |* _0 E; k9 O: V - [DDK PACKET Protocol / Packet][Running/Manual Start]
/ n$ N; {4 M: {+ d - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
- Q/ H+ s6 D. @& }' s, Z - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
: R* P6 F' n1 X& O+ ]/ \( c% F) N; U e - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
+ m9 C( d3 q+ W, d1 A - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
- @* X- {, z) | | - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
' j% o2 G: _. r - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]" }: x- N9 K( P9 d$ f
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
2 C0 s* {, \- }5 I) y9 P - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]* n/ y! p2 t$ n# z6 @6 {7 C" x
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
$ y2 J0 y) K& G! {, ]" ^: c - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]3 z, k8 d5 i& w$ D8 A v: I
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>3 F4 [! p Z; r
- [Secdrv / Secdrv][Stopped/Manual Start]& I% _- j1 v5 n* @6 O8 u
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>) a* c9 K3 p( H5 |9 a0 E
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
- o# ~% m2 o' ]$ n' [* }4 q/ o - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
n- ^! e b: I) K( _. ~ - [System Restore Filter Driver / sr][Stopped/Disabled]5 \( h; N3 Z) K9 ^5 E D( ^
- <system32\DRIVERS\sr.sys><N/A>! N7 }' H+ b! w8 Z* m* W: E
- [TesSafe / TesSafe][Stopped/Manual Start]
. S7 E! E J) C - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
; M1 H. \5 X/ H. k- d4 l - [System Services / unzxzsrs][Stopped/Boot Start]* V( m1 u& \: z0 L- q/ M/ w1 p
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
: z8 y' I h+ S7 [0 @& Y6 H& B4 q - [ViBus / ViBus][Stopped/Boot Start]
& N$ h* A8 {5 j* Z - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>9 n$ p; m5 O7 ]# s! v# @
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
( F4 G5 M- G) B! i) d0 W* \, z - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation># G9 p8 Z* b( S5 E. M/ Y
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
% P. b" w4 l1 t5 H* Q - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc> z" T# T" ^' G ?' w
- [ATI Extend / zhibmaso][Stopped/Boot Start]: R0 f/ v5 b5 b1 t, X& I
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
: B5 f1 e* f+ W; L& T - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]6 x! }; {7 J$ g( F8 Q& ^( |$ S
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
4 a1 \6 a+ j/ {. L: N/ D2 K# M; z% U% h - ================================== E# g! D0 |6 n0 h" j8 Y
- 浏览器加载项
0 E* `/ Q V( z. _' X( Q - [Google Toolbar Helper]# B) k' _; \# F3 M+ ]
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>; ]1 `; a% @7 N6 @% a
- [Google Toolbar Notifier BHO]
. Q: A( {4 B% O1 c+ M# T - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>2 C% w( X% _8 e( x, a
- [SafeMon Class]
) w0 j# A& U1 S! s3 k9 V - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>6 e" x/ I( s' I% l% C1 T
- [kingsoft browser shield]
* P! G& m7 P! M - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
! N, b( A {5 E1 e9 z1 c - [IEBuddyExtControl Class]
2 l+ h4 v/ b8 d9 t0 n& W$ r( Q+ x - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>$ v% Y9 z# K2 t
- [Zcom 杂志]
+ T; _6 D1 m7 A( |$ `: b; x/ ^ - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
9 f& E$ b& c* N5 _ - [&Google]
) J! M, ]6 Q: l5 w5 s - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>* x5 o/ g' O, ?' M5 l; @7 Y# }' H! l) V8 T
- [KooPlayer Control]
& W/ ~' f/ [, J: U+ H9 R - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
' F$ l; \; |; k6 {1 A: f1 v - [Shockwave Flash Object]
+ H: j/ F+ [% s; M - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>( ~% C+ F* i+ }; A, }
- [KUpdateObj2 Class]: L; p5 L3 m3 C$ u! I
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>& |" C; X$ S1 h; y
- [Google Script Object]
6 |2 }3 ]8 c8 H) v% N0 }4 Z$ R$ _ - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>3 P% ?9 `" B, e, D
- [EWA Control], h% Z! E w2 e0 F
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>, i$ m- A; g$ K# L2 P
- [Windows Media Player]2 \5 m, c4 F$ f& o9 \
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
6 ?; \; U5 a- [ - [&Google]
+ @8 x8 Y& @+ F4 @ - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>$ |: u( N5 U6 y3 _
- [HTML Document]/ n8 L5 c6 b8 J7 \$ a1 A/ u$ O! [
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>0 N) |# x0 V* i( d+ e$ r: ]: B
- [DHTML Edit Control Safe for Scripting for IE5]
6 b o7 g8 o1 @0 ?) c6 N$ m2 n - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
9 z) z$ m; n, W) L- m0 { - [RealPlayer RAM Download Handler]1 N: C9 j. |1 h: K
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
6 d5 X6 w4 a$ y; E - [IEBuddyExtControl Class]
$ V% h/ ~, ?% _4 ~4 S1 V0 E - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>$ @) z. E( k9 q1 h
- [XML Document]; x* B' f& c+ k3 U3 |" t/ W9 q
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
* M; Y1 r% f% R$ c0 r - [HHCtrl Object]+ s* G! N1 t& J: O+ b# w0 y {
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>0 O' b0 ^' s v% t0 x8 q
- [Windows Media Player]
& ]& ]+ Z; d* p% W - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation># B1 G* x6 [" _5 B# b
- [Active Desktop Mover]$ d* Z3 ?- @8 j! A* m' N
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
. y% _, p2 S8 R N q& v- \ - [360SafeLive]
8 R: `2 R7 A" q5 M( t: h0 m - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>( J$ R( E" J& k
- [Microsoft Web 浏览器]! l9 R9 s, ] B* A7 j) `# ?
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
: Z* J9 D" l/ o! s8 K - [Browser Enhanced Objects]( m9 S3 q9 Y; O" b
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>7 M# ~) @6 F3 I
- [Google Toolbar Helper]
a# H* g! c2 Y& Y( R" r - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
; y( a u2 |+ | - [Microsoft Scriptlet Component]
4 u9 e! h' o5 m, q' W6 e - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>; G% |' _# J- R: h" ^, x' c
- [Google Toolbar Notifier BHO]* o1 a. Q6 O( ^$ ?
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
1 d# y) U D; s - [SearchAssistantOC]; J/ J7 ?: z" L+ {" B" g+ [
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
* _# G+ E- d6 Z$ B& z. f& l - [SafeMon Class]7 o: ~# i- A, f, z6 Q9 {- H: @
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
3 Y6 W. ], p o9 I - [RDS.DataSpace]
`0 @" W# \& @) o6 \ - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
! z9 y! W2 v! M - [KooPlayer Control]0 C: F* i5 `& C- C2 N; O/ z% K
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>& R( z! ]/ i/ V+ R z) |; B
- [AUDIO__MID Moniker Class]+ s9 R% K7 S$ R3 O' S
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
9 C/ Z% N0 S* _ H& d3 g ~, C - [AUDIO__MP3 Moniker Class]0 \" W5 Z* q) r# C1 P; V( c; E
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
: m+ ?6 c. J1 B. [' s" l9 n - [AUDIO__X_MS_WMA Moniker Class]
! ?8 o# h* Z' p - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
# X+ G: b+ K5 W3 P( x6 r - [VIDEO__X_MS_WMV Moniker Class]+ X( x# l$ s& `# R% _6 w# P
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
6 R i. q' r2 Z. w) i8 w8 ~ - [RealPlayer G2 Control]
8 Q" P1 j% Y) G - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
; a6 ^7 e" V% o; `% z% n - [Shockwave Flash Object]7 v" i5 r& ~, ~( M2 O8 }: V
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>. p. ?: H; r1 b
- [KUpdateObj2 Class]
+ k& j% `0 }( H W3 ?% w - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
8 K7 I3 ^* A v/ ]! P6 O - [kingsoft browser shield]
' t* `, D- T" V7 I, y9 ]2 k2 m7 k ` - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>1 f5 Z# i/ u) h0 D; x
- [PasswordEditCtrl Class]" H$ }) K% X% x
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
1 R4 B& T+ G! F; `5 Y; c! k6 ]) C - [QvodCtrl Class]
% c' c: O5 S0 U d1 F! k - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
Y7 p' G& u* U - [&使用超级旋风下载]. K- x8 ?: G2 n9 l N
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
* L4 Z2 n* d7 J* w% u2 B: d/ d% ` - [&使用超级旋风下载全部链接]
3 W) K! X1 u5 J9 {# @- }6 \ - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
5 [3 A7 x0 \2 A3 [& M$ a - [使用迅雷下载]
2 [' j3 k( s x6 | - <, N/A>
. Q# ]" h: c1 N2 `; N - [使用迅雷下载全部链接]
3 Q1 |9 O, \# y5 `1 R H+ l- K - <, N/A>
- t9 i4 x8 g C0 R# b/ K - [导出到 Microsoft Office Excel(&X)]' `" a( q9 B3 W% ]3 w5 v8 a& `
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
. U4 E A2 ?( x, _# E7 t3 ^ H - [添加到QQ表情]
, F4 \; B% w9 E' [) b& c& c - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
$ U6 }+ f+ a5 v8 w- e3 x" M - ==================================
6 H1 J6 T8 E) C1 u5 F - 正在运行的进程# B8 o6 d! c- A7 D, A: D
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% T5 [* l& u+ e7 D& C( U - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 |2 J) ?4 r" {& I. _4 Q
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' a- |. a/ H9 [ y" l. v+ y9 v - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]7 d# R! w$ x' ]
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! g4 s5 g1 u1 }' I, ^: Q8 o - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 `( C% N! `% e& g( f; | - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- l7 Q- M& @9 f- R# T5 M - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 F5 E6 l: J9 L- r }9 v - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& R+ K/ |0 l5 Q* y - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 D) i Z7 c) _. ]3 Z4 W: o; o1 [7 q - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 A+ x( B. f5 s# T7 b, d - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
' a* m2 t6 W( X9 M5 [0 s& V0 f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 r7 ^, u: y( c8 |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* l2 z# c& `+ }' g - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)], h( R" d. S8 U8 W4 |2 Q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 Q, F; G/ S2 |& u7 Q9 c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
9 Q. P! w" J/ V$ @: q3 g - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]3 `- x( P/ i8 D! E) M
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
* B' `/ r5 y+ k5 m5 i% m/ n; \) e - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]0 H ^# }. E! i6 ]
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
0 V9 O( T# y5 D) m. r; } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) Z+ A1 W8 y! @) ~' _- o1 y' \& @
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]! I( {6 V: m, l
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
; l2 J4 H4 T V" x) S - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
; |; g8 f' o1 Y% b- X6 c. p - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]1 W! O/ ^( g/ @9 I4 m8 W& c4 D4 m/ w
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]6 O3 d3 ?5 D6 ]3 G: \
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. c, F/ j" X' [8 Y6 l2 L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( f7 M: ~: L2 `, J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# f1 k# m6 n6 A$ k1 l
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 W7 u: ?) m: J$ q; |) s4 n - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# B" o: ~% {" Q& {" ^: R n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- }- J3 X: U; J6 A9 q H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* v/ o) P0 d0 x* f! ^. f( h
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
! z* g' q) ^ }4 F - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
* W, p3 t2 ^( q$ Y( P' x; \ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
9 ?0 y4 h$ ~5 _- [* }* \3 o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 p& L8 o+ ~2 G. ^ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' f* X \. P( V3 m! `' Y - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]' E) [: u5 k. g" @' q
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
+ A- v/ b4 V% l3 Y) E0 f# W - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 C' R) Q+ }) a+ m/ m' {7 ^ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) j& o$ c" t2 Q - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) [- o- U& ?3 y7 a
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
8 k% v9 Z3 B W2 q( z - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) B% Z- q$ P$ E# ~! w
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' I$ m2 Y, ^. l2 Y% n
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
6 A0 g8 N/ b: o8 Q2 v - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
) U! ~; l& i+ ^( F5 u4 }# I) c - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
" s1 G. k8 P* Y% U. j$ [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ x( n1 B% K8 I) U, x% k" S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]8 z/ {$ v/ R. g" Z5 K* E
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
' Z2 q+ {6 ^) }- } - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
' w& v' p3 o/ k3 k7 O4 J" g8 \' _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]8 u/ r% J$ D( s: g" ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
9 m: I- h6 v: x0 t8 c: t, L9 \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]8 {6 d8 S' S! ?4 Q; p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
1 f! Q# _5 b8 Y7 S- h9 O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]2 k, b3 S& M; e2 b2 H( w
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]1 \" j1 Q# I T7 f3 p
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]1 J# o; m" a; z0 S& [# A( j4 Y
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
]) m1 W" a' ?( n# f - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
! X' R3 d0 J, h. S( \ - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
' W: x6 F. ~5 f# o& V/ t5 h% r - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]$ O. }# e; c' R5 c& B7 X
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
* v9 y C6 a# [ - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
3 x; N( H) j8 P/ p6 y* B3 b - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]* h. m) g! O |: @ n+ |9 ^
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
. h; i! \- I5 L9 e+ j. c - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' k- N( B3 @5 W" d# n* y, i" E
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
# }$ B: A* [& C( J - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( J/ P* t; M* T" D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 M: ]& i3 d0 q5 m1 y& c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; t' C' e7 p& l. Y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]6 S% L/ g+ W+ k8 r5 ?# J2 {
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]( f. c7 d' P. K" `9 x; g
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) u1 s2 ^# J) Q) l% t% u, b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
% D; i: m M0 X+ r F6 m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
# T! s( `& \6 W0 e; |" s4 A0 A7 G - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 N9 D: Q8 }* z- y, j
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
- h- h3 s: n! @; z! y$ R - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
/ T0 o) Q& `$ I- i% H' i4 V6 `" D - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]: \3 d0 g7 _8 x$ o; j( k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& l6 i+ K( Q6 Y! r
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 D" f1 H: L9 z" @# B0 o, l- a - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 q" T# b0 ]7 g7 y
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
8 k, Y$ h. ~/ ]+ N - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
9 k" d1 K, {! k% w. E6 Q o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]1 A! B+ c2 O" v- c: e' e6 O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* T. s9 T1 F5 `4 X% a; y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
+ R& @. w* j( h2 S& d# D - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
* r9 J( m) W; S) t/ W8 `+ N; e3 u - ==================================
6 f- |9 G7 N( a0 {2 Y0 T, _6 k( y - 文件关联
# U1 i+ k5 x2 `9 o, F - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]3 Q$ H( ^% k9 a" M. }& q
- .EXE OK. ["%1" %*]: E/ j8 J$ ^* {
- .COM OK. ["%1" %*]8 o3 I3 x2 F u, H% s. B" {; L
- .PIF OK. ["%1" %*]
6 O1 k' `0 S: R9 B$ B$ u - .REG OK. [regedit.exe "%1"]( b, @# _( N( @3 Y8 m2 K' r
- .BAT OK. ["%1" %*]+ g z1 B3 Z$ c$ f+ {$ ^; a& I
- .SCR OK. ["%1" /S]9 q% l. `5 U8 L2 d# t
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]# b+ [2 r/ \" S% _/ ?
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]) E% E$ K" [8 I2 o9 ? Z
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
3 h7 J1 |. Z- q) @ - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]$ n* L/ _ \( H) [: [
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
) D E& U& a7 n1 B; N% M - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
! U7 {1 Q9 v) s/ s5 B j* t - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
0 |* N1 T3 p+ u& J; ? - ==================================2 v' a! L' n1 z0 ]7 }; J
- Winsock 提供者
7 K- ]6 }4 u& ^% T2 e# v - N/A
8 o% c+ A) h+ j- ~4 m - ==================================3 N% m" ]- V' `" T
- Autorun.inf
! x% R7 ^$ ?0 k: k - N/A
4 g6 |& m6 y2 k4 V* p* \ - ==================================; L* F7 x; i) g5 p
- HOSTS 文件
" ^( W4 U. k0 m! s - N/A
; ]$ v6 J+ z- L. a/ Z" e - ==================================
$ j$ ]! |; k/ O I5 z2 c0 a$ s: J7 w - 进程特权扫描
. S4 f) T4 P. p4 z - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
4 K/ j: C" ^& |$ }3 m - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE] O' ^; K1 _0 M7 Z0 `9 ^- m
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]$ L6 X: D/ W) S; C. \# O' n
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]2 k) }) R8 _" Z/ q8 Z( Y
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]- B: D! S+ G+ t$ {
- ==================================
3 E! f& H6 O" i% v/ {, } - API HOOK
; d" B1 c6 `" U) b, Q - N/A! W" E" p# e6 {
- ==================================# p5 Y/ y3 u; i
- 隐藏进程
+ `" u( Z- P6 M8 W- X - N/A
) Z' @# b# E' N8 ]4 I, R/ B - ==================================; Q' ^' Y; n8 L9 a, U W" m
0 }5 a5 }5 @3 R1 v% ~
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
