|
|
! T" W; T/ P) {5 i- 2008-05-22,20:37:43
/ V. w. L! Z1 K1 B. D3 L" M0 w - System Repair Engineer 2.5.16.900
& A5 ?- @: b- Z+ R9 I$ A - Smallfrogs (http://www.KZTechs.com)( `+ k4 ?- t! i( w W, C
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
! z# I* ?4 f$ W - 以下内容被选中:: k, M2 q# X0 |
- 所有的启动项目(包括注册表、启动文件夹、服务等) W# x2 J8 |1 b$ Z. K5 y
- 浏览器加载项% q. L" s5 [& t+ g( y# }
- 正在运行的进程(包括进程模块信息)
, V+ W' |1 v7 d8 M; ?1 ? ^ - 文件关联
8 }( j3 |) L" n - Winsock 提供者) r0 Y8 ~) N5 s' I' ^
- Autorun.inf7 Q: x& P$ N; n
- HOSTS 文件& D6 @5 F3 p q7 C- R; e9 H# L
- 进程特权扫描. D* m8 C X. {3 o, z
- * V! w; a1 F2 K
- 启动项目
6 X# C R+ R4 I - 注册表6 f+ }( k4 I" K
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]- [9 q+ ^6 w: `. ~- _1 w8 t, X
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]& l; W$ t7 B! w; J; B
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
7 F$ H) K7 X- p% Z& N - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]# [6 D. y6 [3 u) e- f
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]) r9 m, Y' A' q
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]' N) ~/ C0 p1 d* X# K2 K
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
7 l* o3 ?3 J& m: T* p9 | - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
0 ~, y& _& S! R0 q. A - <PHIME2002A><; > [N/A]
8 r: `, t4 `1 C2 l7 P - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
4 R3 B* q9 [7 b# R! m: D" G - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]8 ^* N$ @6 U- ^; T, z
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]9 V& @; }# F! a- U
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]& f/ Y4 N( a: t+ l1 P. c0 y- c
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
6 H2 g1 J) l$ d9 { - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
6 j7 |; `* \$ J( w4 G - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
8 f3 g' b) b9 p - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]" W) S3 K9 w h$ _1 g, @# f$ b9 ~
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]* E6 Y* v- N4 v- r: q: S
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
' P: |' e8 {/ f' z% [ - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
( j8 n* I& Z; r+ y - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]9 s& y' F! {3 [
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
3 [/ I: R9 `0 m6 i: Q9 G* ?+ [! m - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
( |9 Q, A9 G3 K+ s) T0 x3 ~0 h% p - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]; y- [: X& d) Q8 d
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
2 O4 z5 c& S/ P* K7 q o- T o - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher], \6 m' N4 a2 j! z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
9 k* c- k+ Z5 g6 e- v - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
$ j! v5 T' P) O+ ?3 F- W - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
7 a" i5 E5 x0 I - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher], H4 r% g! L* b/ o
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
/ h( B8 s1 Y. Q7 I; Q- n - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]% u; O/ T; K: o% Q1 _
- ==================================
4 f4 k! C0 V( V& Z+ e - 启动文件夹2 {1 E5 ]3 p# k* W* [% ~
- N/A9 H, ?/ ?/ p" v# N! _ a4 F; R
- ==================================0 D, A4 ?% I; w3 G! C ]
- 服务
8 O2 S/ V# a9 { - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]# n5 W; J/ d* {; d
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
3 z' h, Z; \' c i7 R, z - [Google Updater Service / gusvc][Stopped/Manual Start]
1 l1 b& w3 A9 l* K - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>% U5 K8 o$ U3 r0 C3 w2 ]1 ~) v
- [Help and Support / helpsvc][Stopped/Disabled]% g' @; W) o+ y2 i3 d2 ~
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>8 u$ E( k# `# Q& Y
- [Human Interface Device Access / HidServ][Stopped/Boot Start]1 b: H6 l/ |+ b$ l9 ^. B
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>2 N( ]5 i' @7 a8 }3 d
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]' N& y+ U# V$ {' L
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>6 C7 O7 G, J2 H
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
1 V' {1 \6 S0 k: X, k7 q2 X7 x. n3 j - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>+ n2 Z6 k V0 W! P2 C
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
) F4 s$ p0 ~! [8 m4 }7 O3 U6 { - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
. G8 _; I- L8 ]! }9 S. d0 ^" ]6 F - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
" d u& s1 m$ n/ x& G3 ~, U9 D - <><N/A>3 W& L( C. Z2 M2 K
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]. n- [; ]; I5 C% r2 ^7 h
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>- ^+ u* b. H* M6 g/ g, S. W
- ==================================) N$ _, U. v6 |3 G- ~/ g/ N
- 驱动程序
7 T6 m8 {* V' ` - [22j / 22jn][Stopped/Boot Start]
+ x2 s2 \% S& C7 W - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>, \' m1 Y& P* s3 m, T
- [360AntiArp / 360AntiArp][Running/System Start]
# v0 K) g9 Q' r6 A - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>4 V) U [$ l* Q. q6 w
- [43ec / 43ecu][Stopped/Boot Start]5 b) a$ m) Q2 G' D. ~- P
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
% J7 ?) O- O. ^# w# x N, X - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]. m; A4 }" Q( @5 w) `$ f
- <system32\drivers\ac97intc.sys><Intel Corporation>. E5 N6 _3 x) Y. d
- [Promise driver accelerator / bb-run][Running/Boot Start]. G2 {# n, B' i( [. _
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>, s5 A. J2 h# d/ M. a D- A" i8 y
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]& c* c! R) x0 x0 f+ q
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>1 s6 c, a$ Y4 A! m
- [KAVBase / KAVBase][Running/Auto Start]* D! z2 y3 ]; M7 Q* {- ]
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>4 i( L7 T) w; D$ M x- ?
- [KAVBootC / KAVBootC][Running/Boot Start]( @ H9 q3 y5 ?
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>! J/ g# F" m5 ?# @8 f2 U
- [KAVSafe / KAVSafe][Running/Auto Start]
l0 h/ y! M/ S! L' i6 | - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>' f/ k' M+ u' B# r; L! G
- [KNetWch / KNetWch][Running/System Start]
( w. X' R* Z$ G. _, R F# U% l3 [9 y - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>3 w% w/ T3 x3 _' a
- [KWatch3 / KWatch3][Running/Auto Start]
% ?! \* x6 {4 M9 \7 E& T0 U ? - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
9 h' B8 F# r; l8 q; t7 t; T - [ntptdb / ntptdb][Stopped/Auto Start]; n6 }8 G* D$ D& h
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
3 p8 d8 A; r* f$ b; c - [nv / nv][Running/Manual Start]2 H/ Q7 y4 h4 F+ ?; E6 P" v
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>- e9 o ~& X, m7 a5 r P* }
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
7 ^1 ^) P b, F8 L* I6 q! ` - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
: B3 o" R" Q( l! {- R$ \ - [DDK PACKET Protocol / Packet][Running/Manual Start]3 v/ B+ X1 [# u- f$ Z4 j0 Y. l
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
3 B: p+ [5 S2 C/ V" A+ e3 J% ~ - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
% a- z8 u: G# b$ F o t5 w - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>' w! K* m# a6 s: M ?- b" J) d
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
$ S5 |# i8 ~. n' s- \1 W9 }4 | - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
0 ~4 l" J& x* a7 W2 X4 L0 g0 j ^$ { - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]/ P7 t3 y* O5 H0 G( `8 A) y
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>& T% l" d) F8 ?0 ^8 z$ k
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]. E3 E% D& Q0 l0 |1 z! z4 o
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>5 v# ]+ M5 ^1 W6 U- _# ^' X
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]2 T, {( h3 j- ]: d
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>) d$ }+ l: G( x. Y! E$ x Y
- [Secdrv / Secdrv][Stopped/Manual Start]) B6 U& K: d# f5 A0 y- e9 q+ N! f
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>% ~1 H X7 v# q) O/ r
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]$ E5 {8 Y, \0 M, C; T" b
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
! R/ f" V6 J e5 t- t - [System Restore Filter Driver / sr][Stopped/Disabled]: e7 }$ E7 O, f w
- <system32\DRIVERS\sr.sys><N/A>
2 x8 ^3 r* Z# z1 b% |! @ - [TesSafe / TesSafe][Stopped/Manual Start]% W3 C* X7 ]0 e8 \: U
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
( B+ f9 l, D2 [5 A4 w4 C - [System Services / unzxzsrs][Stopped/Boot Start]- N; S* A' |8 u9 K/ [; [; m0 ~
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>0 x: ]: a% s3 i# q: ?
- [ViBus / ViBus][Stopped/Boot Start]
3 H& ^2 @4 e# q - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>4 C( q+ M, `" ~% a. Z% q
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
5 J9 O7 H6 |- S' x ^% ]) i - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>: ]8 j# z: q9 h
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]2 S4 d/ W, m2 G8 h% z
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>. Y, S, b4 y G9 V$ Q& }+ z
- [ATI Extend / zhibmaso][Stopped/Boot Start]# o; h, K1 G8 S* Y7 f; n
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
, x7 P* n6 H' k! R4 w. c - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
& F# Z# l8 J q - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
6 A a- E b( V) V1 ~ - ==================================
3 I5 H$ u n' l& ~ - 浏览器加载项
7 o0 Z, U0 l3 j7 k - [Google Toolbar Helper]. x( ?: Z, f6 x' j/ m
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
6 c6 F! `) i5 p5 S$ A, \/ I - [Google Toolbar Notifier BHO]
7 G6 [1 Q; x& I1 ^, l7 r - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
8 t" k% `3 ~1 a( g) G - [SafeMon Class]
( k9 ], W2 U/ z. s- V - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>, c0 z% g9 J) W1 ~5 ~; g/ b0 D0 i* W
- [kingsoft browser shield]
6 Y+ B6 O5 m) i5 L5 A' | J% H - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
2 o8 y+ L- D& _! i - [IEBuddyExtControl Class]
; L6 ~# `1 t3 O" \" K Y, K+ } - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>8 }) Q$ F" A3 V/ Y; V1 J
- [Zcom 杂志]9 r/ J) L' m. L1 o9 }! V, x$ j" m& i
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
$ h1 @1 L8 @. B9 [; u# x - [&Google]% O' G5 M$ [1 x+ O& k, s* Q. j
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 h% T8 H6 K* K8 X
- [KooPlayer Control]
. {% A' ^4 C2 N2 g% M: | - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
2 g S+ k& W7 D6 }; Q - [Shockwave Flash Object]% y/ C1 k6 b/ D5 ^" M
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>+ l7 W4 N( D; o: \8 P
- [KUpdateObj2 Class]
. D; C/ @2 R, }3 e ~, p9 g7 J" k: | - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
7 `+ [. t( L' c0 l - [Google Script Object]8 e- r Z; X7 A6 a! [ E
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>: |8 H2 p; b1 a- p2 b2 s
- [EWA Control]2 K2 M+ H" ?7 P1 T( T2 A3 x# @6 _" {2 S
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>$ x$ e3 w$ g1 d
- [Windows Media Player]0 ]6 D8 _& v4 Q4 `. b
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>: Z$ F3 _* @5 W5 t
- [&Google]
- E0 Z3 C" D- w - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>' A6 l, H9 C# X( C
- [HTML Document]
* A; U' C9 ^1 R H4 l: Y - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>5 K, m- a9 _& Y: g, L
- [DHTML Edit Control Safe for Scripting for IE5]( O |0 E+ N' @2 @
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
1 ]6 e% }! R, I; E4 J2 B - [RealPlayer RAM Download Handler]2 p* c3 L* E+ n: f. R+ X
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>' W# v c) v% R5 _
- [IEBuddyExtControl Class]
( u! w, z& G: U3 ]" l - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>0 I* d9 X8 f6 p3 e$ H8 e
- [XML Document]5 ]4 b/ U- x8 a O5 Y
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>( k( K2 \! e1 A6 [
- [HHCtrl Object]
- W& K" v9 K* F5 R5 d - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
( d3 D a/ o; O4 T; j - [Windows Media Player]
v: T7 U* A% b& A% X - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation># {9 y0 y( E% A5 I7 q3 O
- [Active Desktop Mover]
- \' U! a" X6 b# ]8 H6 o1 Q* V' h: x - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
! ]: u) s: Z; n - [360SafeLive]- b F' S5 `1 K6 `
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
+ h- e7 s) L3 @! d - [Microsoft Web 浏览器]
* \9 h. |- ^6 v - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>* q) D& r/ U. |, X, ~9 W! M0 X, T
- [Browser Enhanced Objects]& I o6 V# s( F5 @5 |4 I. x" @
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
$ \; S a! n, j0 y" w - [Google Toolbar Helper]
6 K h v# {2 L; ? - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.> U6 x8 j# y! `9 Q* L( b, E7 L
- [Microsoft Scriptlet Component]) P1 l# }5 e0 V! g
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
t; b3 A9 v% C( l+ R - [Google Toolbar Notifier BHO], A/ \, w& I, W6 z- ^
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>1 P1 A$ B) ~5 H3 a7 u, o
- [SearchAssistantOC]/ X/ F, a( R p% u& e! a3 F
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
2 m. L% h% n8 \; `4 k( M* S4 m/ T - [SafeMon Class]
! j$ V. i8 ^* {; C( ?# T& o - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>: O( E( }9 L# B0 B4 d4 j, ~% I1 L c
- [RDS.DataSpace]
5 `1 N4 V Z, x$ e$ ?1 C& r9 J' {& e }+ [ - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>( z, z7 B3 K B/ e, b8 t# f
- [KooPlayer Control]
/ q" x& ]: v& z3 B# e - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
9 @7 t% M8 F+ |, J0 R8 R - [AUDIO__MID Moniker Class]
" u" H5 {0 X" e3 @+ I - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>4 e9 P0 ^ V9 ^
- [AUDIO__MP3 Moniker Class]
2 T1 ]* N7 e: ?$ c - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>' D( L+ v t0 Z. ?
- [AUDIO__X_MS_WMA Moniker Class]& ?: U8 }( ^* d
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation># ^0 f2 s+ e9 [# B! f8 `
- [VIDEO__X_MS_WMV Moniker Class]) K5 r9 ~: c8 `9 B! q/ ?
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
9 [* R# N4 r7 i3 L, d: ~ - [RealPlayer G2 Control]' B8 q- `- i8 K5 f5 y9 w
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>5 ]1 l- o6 z3 Q3 p) Y; X( f; f9 X( N
- [Shockwave Flash Object], |' i7 Q; O$ q+ E/ \. G- b* S
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
B- c9 W- s. V, h% z' B - [KUpdateObj2 Class]: T' n" a! [2 H$ G. ?/ j
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
/ h1 ~- ^5 a& Z; g+ c! ~7 c - [kingsoft browser shield]
; r% _6 k& [& m7 |, x. z - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
~* }9 ^0 X- Z' R) ? - [PasswordEditCtrl Class]' s, s+ D( w; l# g; j
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>: S6 z; @2 E) }
- [QvodCtrl Class]
: R* q( W0 T8 s- L, c - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
4 | J& d& i" n: x3 J' p - [&使用超级旋风下载]
$ m5 B- j4 W6 p# H) H# P$ T7 `+ I4 g' g - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
* c# M7 ~$ l7 H1 x - [&使用超级旋风下载全部链接]& `" v6 a% O$ C5 H8 O0 p
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
8 V- j7 G" I0 c5 ^ - [使用迅雷下载]/ I: _5 a; b) M
- <, N/A>
6 i' U. a$ p+ W# V" b3 M - [使用迅雷下载全部链接]% V4 @- o/ W3 S; M
- <, N/A>. h/ X( o: g3 Y3 _& v4 |! U
- [导出到 Microsoft Office Excel(&X)]! E5 i* D: w O. L' `, Y. M
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
" e0 M1 r7 t- C& o - [添加到QQ表情]
0 @- t5 U0 w7 k2 {6 R - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>7 \8 C+ O# C. Z0 Z8 V
- ==================================! o( W7 L( c: S
- 正在运行的进程
" b1 Q; a" z. E5 `+ Q - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ c/ T$ u& f o: j$ L) T+ \% g - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- k# r8 @7 w8 ?8 O
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! L- w) @7 d" g; R4 m3 K5 S# ~ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]8 Y- Q7 E. i* P) n, v4 U9 M
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 |9 z" R+ D: w7 _+ O& a2 Z
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# _$ |# N- ?5 Z7 K$ M: e - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], `+ D$ o" E0 r4 g% m: o
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 M, `* U7 C6 V s# ?/ C' p6 f, ~ - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 G5 e% w* [3 T( J4 Z M
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 P& }! U1 j) @/ G: F: [
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- h n* m! q) f7 M) ?' x5 L$ H! r
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
0 x% d% y; ]5 C+ d2 P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]% Y& t* v! e& |# ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! M) R3 P) F/ o$ ~& d
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
: P% A* H" g, |/ J6 U! e0 s - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) N |/ C* [- V9 Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
# \2 `, g) z# E, h. G' A4 v% b7 G. U - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]. ~& l, H' m, ]/ a1 P) Z& u
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]( \4 Z" l+ _3 c# o' c/ [ u8 j
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]% ~; n, @8 k# ~7 X, {3 f! w+ a& n) N
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]& \$ ^+ Z' [1 ?' D9 p0 L" `
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( L9 S5 z( b$ I+ _ - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
5 U9 K- U, ]$ ~% H. [ - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
# k! {$ [1 `! W' M2 X1 j% j - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
; h% T/ l F/ C. E8 @ - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
2 ^, }* N5 x3 F( { - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]3 d/ f- p! \( V3 x9 j# M! ] s
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% c2 j! Z1 ?) z R. Q; y2 f, E/ Q+ h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) A0 G+ u% g2 I6 o8 i9 ~% M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
" S& \" L, e, ?% b7 W1 l' c3 w - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
: T* \: m! g$ v; f6 v+ P; I! ? - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 }5 W9 g* I9 {: Y5 T( ]& j4 Z* k - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
' {0 i( ]# l, K8 _' P4 b3 j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; T$ r- ^7 W0 S$ a( y# y* j
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' g, U# Y4 ]: X5 [. e5 b9 ^: I
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
" |! Y4 _* e; ^1 i+ b$ f1 h. u5 G - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]* b) Y& Q, x, P* v' r, {, H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; z# K) P/ N1 L( m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: G. w5 `" d3 X- ]
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
) @0 B* \0 Z, @$ k! d: ~ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]* \5 K; }, T* w+ H2 O
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
# \+ G! R3 v X - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" W$ q6 w3 H% e2 F3 b% J2 Z" U - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 t0 n) y! [( N. ^% ?, y' G
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]& s- W7 g3 r- N7 N( {
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( o; R4 E8 M* C+ Y) H7 `3 q - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) K# r7 X7 P, D+ y
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]% t- u: F& D' `( s; n4 R
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]0 O! V' X2 [! q) u3 z5 Q- y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
, N4 s( Q% U( G1 u; h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ J! w# x. S1 N- B/ I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 _3 ]% c4 @# w. Y% E
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]( R2 Y0 n$ y( i% `3 w. z* T
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
( j3 w/ `% m- y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
+ p* @, ^0 x1 b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
5 ]# b& A& `% Y, I7 W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]) `: l0 H9 ^7 { d3 O A# m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]$ J! t& b/ i1 P) M* X3 z: j" M" t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]6 w `5 {$ j+ i9 A
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
% P: J0 d0 r* P: M9 q - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]5 r- b& V. R. S) B! g# Z0 t7 d
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
/ A. R2 ?6 q( ?$ _ - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
# m0 c& z: S2 _! n+ n7 \% o Q - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
2 G, _) Z9 D5 n1 z/ L9 n - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
) Y; O" J6 ]" M' l% K! j - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
1 J$ h% b5 b. E# F+ {( i - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0], T' t5 c* Y( l; `; m2 E F, i
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
6 ~$ h' w# d1 m v; r+ Y, b - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]* n% k5 H4 C* V3 V; f2 _
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; L, D" f& |- c1 {$ B0 j$ [
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]% _( W% ]6 v8 K0 |) S" L8 N8 D% _
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! c S6 M( t) j" ] P& e6 _+ n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 [. H* t& j4 Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
9 b# `9 h& `+ P! H - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]! i' V0 ^) {: k/ z
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
. J5 l' A o( ^! P - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]' ~0 Y0 n0 h r4 K- q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, v5 ~8 A% r2 Q3 T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ N$ `9 F9 L6 q* ~1 m) a
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ x; J# K0 j* c( r
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]! c4 y0 U+ z A7 [8 [! n, A* m
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
) z$ v/ G/ u! S X, y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* n/ Q, e: G' E5 U" D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
# n) C) [4 _3 x' n: W: W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 p9 e) y. M1 ?/ d, Q0 `$ F
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
w) D" B" A: A - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
. Z8 d9 a" b6 w/ ^! O6 a - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]/ I( D7 C3 W1 P) Z8 K+ d$ P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]' R8 @: a8 I1 R* E, A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 N- T" B+ _0 q( {, L5 Z# S5 w% }$ A - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
; ?+ E4 m: }- M+ @+ Y - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]2 k& m$ H7 ?! L. x! j3 w, j+ d
- ==================================
' @; K- z( W+ N8 O4 K N, } - 文件关联
% n! v2 W, L4 A - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
4 v# w& [* c3 X, l; v& V! j - .EXE OK. ["%1" %*]0 m1 H+ A1 ?. B* M
- .COM OK. ["%1" %*]8 N, |2 e. i, @1 x/ y$ v
- .PIF OK. ["%1" %*]
3 f9 h4 f" y0 y x0 v W. H. H - .REG OK. [regedit.exe "%1"]" M7 [3 i3 b% [9 f2 y
- .BAT OK. ["%1" %*]
% a, W& P- U v - .SCR OK. ["%1" /S]8 o' J7 u2 G* q9 d
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
, v) \0 Q% K9 i; ]! U - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]6 s( s8 |: X0 E2 h5 h+ u9 S) z
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]: i0 J4 J$ U4 _2 c
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]# {' k7 q; Q; T( x( a0 T4 B
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]+ ^% E4 V6 o' {5 f5 ]
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]9 e/ A2 a9 i/ s0 k* p
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]' u l/ E, U+ ?& n5 r9 Y
- ==================================$ }. ]# x; {+ G/ R+ c
- Winsock 提供者
& x8 S1 V9 ?4 R Y, {* u - N/A
" ]# z. ^0 X$ P$ E- Y' M - ==================================8 _- x2 }4 j+ Q e
- Autorun.inf4 j$ E$ h7 Q4 n0 E1 s
- N/A
! S. B# _2 S9 U3 I( l3 b- T1 Q - ==================================4 i$ u P- e5 K% h) t7 y
- HOSTS 文件. ]: O) D( f% e( U6 x
- N/A
+ _; N+ [: ]8 V2 S) } - ==================================( `5 s4 d4 a q0 a# f
- 进程特权扫描/ ]$ C8 X7 y. x1 k( ^ g
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE], ?* t8 u J% n" \& Y7 j/ u
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
' c- c1 n" q- [8 a& R" H& q - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
" r4 I- X4 o4 M - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]( v* F4 k, z- z2 h3 y
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
- x- } q% \$ {( U0 ?7 u9 ` - ==================================
( l6 k S' {0 q5 _) a! H - API HOOK
! c3 t6 ]( F3 m/ k& j# y8 w - N/A* z* i' x; k) }) u& E% E
- ==================================+ R% e6 y1 `6 Q3 \
- 隐藏进程
c1 L/ p) S4 Z5 p# Y - N/A* n: u0 Q- O& [& n) d+ o0 d; ^
- ==================================7 ]. D6 l( V2 E) t
- ) a. [- c/ G. A
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
