|
|
- 7 |( m; u6 ]1 `7 Z5 O- R
- 2008-05-22,20:37:43: M* {$ |" G; w/ h8 `
- System Repair Engineer 2.5.16.9007 i) j8 Z( W# ?& w0 `. F
- Smallfrogs (http://www.KZTechs.com)& c) n5 D# Q" C$ Z: F
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
# }1 h$ s) [- I - 以下内容被选中:9 x0 H; Q- c2 E' d3 t( p
- 所有的启动项目(包括注册表、启动文件夹、服务等)( y8 I# j1 E- k7 q' P, r
- 浏览器加载项% Z# W0 L! s# z0 ]
- 正在运行的进程(包括进程模块信息)5 Z; i S3 q) g7 J& J
- 文件关联
* c" d9 ^. U6 ?" y" S4 y - Winsock 提供者
3 K/ ^. M) V0 @( F8 f. Q* k - Autorun.inf
7 h( o$ g; I: m# @/ ^* n - HOSTS 文件" d* d9 b) k+ X3 j4 p
- 进程特权扫描
2 m2 U8 t/ x: ~, H9 o& x
* d) @. }0 F; [: G$ G& F- 启动项目$ i2 Q; E* }2 E; V m; }, R6 R% f
- 注册表) T, x, r. m0 B# M
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
" }# \7 K( r& X9 u( |2 K5 P - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
* R; H6 r' A& M$ f - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]3 x' U) i2 ?( E. R
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
8 J; c1 C! {. r- }( J1 d( `0 [* g* J5 w - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd], v: D8 @$ @0 z: k& j
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]# i# L+ v% f: F/ Z. b* P3 v
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
) b8 z" h3 r0 D" y - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
) M X5 X7 i" f8 m - <PHIME2002A><; > [N/A]7 y% a; g0 R+ R- b
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]7 X5 l4 C/ c) a. l+ L) F6 H
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]( L9 z! X9 c6 T" X5 k/ `
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]+ y; ]1 t* ]5 K
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
- P1 _/ k' t! W - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
7 p; s5 J* g) H. u - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
7 k$ e2 b7 I- I" Q - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]. ]9 ~3 e0 H+ w* `$ p
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
- u8 [ C/ }' m0 g3 U! v: }6 D$ y - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
; h8 `+ ~4 V4 k/ g8 A% Z& m - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
3 K" m, j9 e9 G/ o3 y - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]. L6 ^$ D7 \: N3 \8 K7 H# r
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
. q7 t; _! b9 \ - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]5 j: c _# W7 V/ m0 c u
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
/ e& q, j. N% G* B - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
f$ E9 `2 x% T - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]: d( [% |8 O/ }# e) U3 r. E0 \
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
2 W% h* G7 O7 }1 `$ C% ?' l, @ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]0 m. |$ j) y! ^ B
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
4 T- r* y: \, Y. b8 A$ e0 V - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]$ Q6 d4 J% R) m# A, b, v$ Z: f
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]% @2 [ F. L' }
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
0 E3 t& \; F7 N& K( c: b2 e; z9 Q - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
$ ]$ M* F+ ]4 w$ U; | - ==================================& X, B8 v0 x- }) ~, e" o, ]4 g8 I
- 启动文件夹
- c! o( C/ W- t" _( z/ H/ h5 e - N/A2 h. d8 o% B+ @0 r
- ==================================+ j6 k" p& b9 ]
- 服务" x8 ^- r& U( X
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]& u, ?5 p2 m% ], s
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>; z5 C0 o/ B: S. b8 m. _! y, |
- [Google Updater Service / gusvc][Stopped/Manual Start]2 y1 I3 E+ R7 x4 B+ q9 x' ?) F
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>. z# g, S# {8 S4 D7 s1 O3 ~8 V( k
- [Help and Support / helpsvc][Stopped/Disabled]
2 J6 F% C: ^. g# f2 ]1 p, ?2 g7 e, c - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>' U6 Q# h# i! d" v( y8 D
- [Human Interface Device Access / HidServ][Stopped/Boot Start]% e+ ^! N1 P$ @* b2 b) G
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
' w C% V, _& N7 ? G - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]5 g" s. F4 S3 g# X' A+ D' S1 L
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
$ M# ]2 ^5 S" a8 D - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
7 x/ q, ^+ W2 x4 p - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
$ d) |! z$ i) i6 c- R: T1 @ - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
& c8 g$ m) b1 `4 z& k, O - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
4 c/ u. r m o7 p - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]- ?! u6 [! }, |* D6 S
- <><N/A>
9 Y H2 Y1 N! G: ]% \( F - [Qvod Terminal / Qvod Terminal][Running/Auto Start]" T; U! l3 \6 d, @" B, a- w: [
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>% S4 b4 z" u/ K& R5 `; X
- ==================================9 ]; i6 G t' D2 W- _
- 驱动程序
" ?3 m/ X! l' q4 W0 ^6 d - [22j / 22jn][Stopped/Boot Start]; ]) o$ M. [) L/ q: m+ n- k+ K
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
- T1 _& F, x) r& g% u - [360AntiArp / 360AntiArp][Running/System Start]" b7 Q# U8 q1 h" \ @
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>, J) h- x9 y) r' y( S# j
- [43ec / 43ecu][Stopped/Boot Start] D }+ O: W$ H" h7 {7 w, {
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>1 [" ?/ s, ]$ N; {9 r/ y8 a
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]1 C) t2 R0 M7 f
- <system32\drivers\ac97intc.sys><Intel Corporation>
: @% d2 V% R9 h - [Promise driver accelerator / bb-run][Running/Boot Start]
' r! S" A2 d. Q. z. V% w - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
9 P' P# D4 t2 `, g0 h4 \% [ - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]( H" ~, W5 b* {+ |4 D1 X G2 ~
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
7 f N/ B% v9 A! v9 D' x - [KAVBase / KAVBase][Running/Auto Start]3 ~, l$ g t: R5 S: V
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>$ Z5 G& e9 ?' @/ b
- [KAVBootC / KAVBootC][Running/Boot Start]: `1 Z4 N+ r" S* E
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>- x- s) M* ^2 [1 ^
- [KAVSafe / KAVSafe][Running/Auto Start]* K9 F5 _: u: ^* h
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>9 @7 N6 L+ i* e, f
- [KNetWch / KNetWch][Running/System Start]4 S* p$ g, ~& j1 | a7 O
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
9 u: B5 `# t" V3 N) i - [KWatch3 / KWatch3][Running/Auto Start], z3 y2 v8 O( T1 V- W3 r. a
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
p0 O* V9 W/ u - [ntptdb / ntptdb][Stopped/Auto Start]% z/ H5 `4 ]2 r
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>+ N; O5 h: ^: o
- [nv / nv][Running/Manual Start]* O% @; c" I# V' w/ k: W& m4 b
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
8 ?# [$ L1 [) f - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
# C5 ]3 _4 E' W: V - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>: s. l, S) F6 w8 H
- [DDK PACKET Protocol / Packet][Running/Manual Start]( s0 l7 F# e* ?6 _1 {! ?9 o
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>0 `) i, D+ V9 a5 Z: I' n5 g6 K. Q
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]6 S5 o; ~7 y3 U4 w; w
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>: R- V* O! r7 d5 t
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]3 c2 x* _5 i- d; ^ A6 R, P5 N5 h
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>2 ?2 K2 H' z2 j( L4 }0 X7 G- S
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]- {& D4 B. W$ v% {9 K
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>2 t4 q$ O! o" P F" D. w) t- Y9 E! q& i
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
! ~. P7 X8 L3 ?# } - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
9 O) ~/ k# Z; m! F2 Z4 ^- c - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]' D% v c, i) D7 ]* i% }
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>: I5 W* h1 w* k6 f7 c( \1 i
- [Secdrv / Secdrv][Stopped/Manual Start]! m7 x# l0 U8 \- t* `( }
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
9 f/ H) j$ H, j& }) H5 E - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
' ]6 O/ W- U3 I' N5 K - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
; x( Q+ P1 ^# A3 ] - [System Restore Filter Driver / sr][Stopped/Disabled]2 I& U8 L* Y6 u2 T7 f' }3 C
- <system32\DRIVERS\sr.sys><N/A>
/ L% B. W3 }( u e - [TesSafe / TesSafe][Stopped/Manual Start]5 j2 N% F: T+ d A# j& n- Y
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
% B4 U) v1 S: b - [System Services / unzxzsrs][Stopped/Boot Start]
7 j) Q' }7 T6 b" L# U. s1 _ - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
! m! \' P! ^( s) X% g# }- q - [ViBus / ViBus][Stopped/Boot Start]
! I* ^ m% Y/ w& n$ I6 y5 M2 f - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
5 K) r7 [: e( t1 M - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]% P$ {6 Q3 i/ G
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
' N7 Z7 {, @' x4 y* Q- _ - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]1 y' i* m' |6 G
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
4 f1 D0 }6 `; D4 m - [ATI Extend / zhibmaso][Stopped/Boot Start], o7 w7 l9 u) @8 W, G q6 [1 @# x: g0 t- P3 ~
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
/ L3 f+ @- F. }& \9 S; D - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
# ?* |5 t9 Q* j4 a( q - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
! V0 W: w& \. b - ==================================
" t) r, y7 B* m& {1 D A - 浏览器加载项1 @8 o0 E' N$ c% I: d8 I
- [Google Toolbar Helper]
0 b; N0 q- `% }" l- F - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 i; i5 Y7 i1 z5 B) W
- [Google Toolbar Notifier BHO]
% [* X! o' M; g0 o* n - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
0 c4 ], x( F0 y8 c& \3 u# W- N2 x - [SafeMon Class]
G$ p0 e* {8 c9 z: g8 _ - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
0 k4 [: z7 ?6 l. g6 Y8 i- } - [kingsoft browser shield]8 u& p4 T6 L/ V. p% I4 ?) T( C) ^
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>* p, e' y. r9 K @5 l' Y o3 V
- [IEBuddyExtControl Class]
$ g; c4 ~/ O' ^7 [: C - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation># P! b' K# G: L/ w! ?1 _
- [Zcom 杂志]
$ C: ~% E) U4 i) _( Q - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
* G& a9 b+ E5 p' a8 J c, H. E; G! J - [&Google], `7 Q6 i& d% s: H8 ~
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
: L$ Q& v [0 e - [KooPlayer Control]
; b+ I5 Z1 E5 b' {+ T# C- d - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>. j) ^4 \' }& @& P. v
- [Shockwave Flash Object]
( V& O6 E7 K( N+ `& q - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
' s4 T8 [ c& d4 k" e$ _( _ - [KUpdateObj2 Class]0 p( _) E& c0 S( X0 Y6 p
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
& L% O, }4 @/ p8 W! N7 L) B - [Google Script Object]" R. T. h" F0 n
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 i8 u/ k3 Q$ e% ^! S( `& g2 V - [EWA Control]/ W% [& M8 ]) R/ R1 H( a0 M
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>. U: C4 q, h e: h, o
- [Windows Media Player]
6 o( c; N+ V( T0 R8 T - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
8 @2 {7 f0 w3 X! _* i - [&Google]
5 a+ v) R0 _" m3 X - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>4 M) |( c( k) x* y
- [HTML Document]2 m( U1 A6 \4 Y
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
$ V! c/ O% [ i - [DHTML Edit Control Safe for Scripting for IE5]) k9 Z5 v$ d( M( w2 a; |
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>; ^9 j' m# b% Z0 Y
- [RealPlayer RAM Download Handler]
* ]/ z p% V) s- Y8 C- Y5 S: ?* z3 [ - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
" Z8 j' |+ [- h5 B" T+ E( e m5 k - [IEBuddyExtControl Class]
. }. e$ V$ p# _4 v$ s8 \( ^ - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
$ P* B1 Y. S' j* _' y* ` - [XML Document]
7 K. _0 D, n/ D9 r8 I/ Q; d - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
0 Z2 K" ?" z( { - [HHCtrl Object]/ Q& u- ?; b3 ^0 }" j
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>' Q F* _5 ]6 w" ^, l g2 Z1 [
- [Windows Media Player]! g6 W1 Q8 p3 B" |! o
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>. |1 q) J: u' \' o ~$ C# t
- [Active Desktop Mover]. u1 Y5 J& {& w; J' C7 b/ o3 w
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>& o8 m! d% b% y9 p" W6 E! |
- [360SafeLive]
4 _7 E% s4 J% {! I) V - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
0 C1 g5 k" g8 X% l - [Microsoft Web 浏览器]' j$ E: k$ Q0 t4 \# B& }
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
# |( b1 Z; s$ i9 f3 r+ l - [Browser Enhanced Objects]
/ m' p4 ~8 ~) Z& _3 C7 v* R. B - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
; ]+ F8 u. k, {8 p, S* ~ - [Google Toolbar Helper]* g* m5 R0 Y! j; M: F6 F& _' R+ z* V
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 M+ T7 f1 l( C7 R5 [
- [Microsoft Scriptlet Component] O% T, v( O5 @9 g) ~% j
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
, e4 M# c9 v6 u* s( E - [Google Toolbar Notifier BHO]
- K5 [9 \& O# ?. h S6 g5 y - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>- f5 L4 d. X6 Z: h0 A: |, O
- [SearchAssistantOC]
) E5 j' r, z2 C- h7 Q' @9 d( b( o! p - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>1 T' t( t7 I5 x8 V! ?4 [
- [SafeMon Class]3 m; A/ k" |- s9 S$ S0 z) K
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
2 D. s6 R: q( x9 p3 n l - [RDS.DataSpace]
& O" ]& b) \$ A4 ?* Z - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>1 h/ R3 m" r6 C- U# X
- [KooPlayer Control]
! p7 k2 p, [$ @) ~ - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
( b2 D& F1 A6 s9 j - [AUDIO__MID Moniker Class]. C F9 f' _; e ^
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>. p: U' M' v* e% p- o
- [AUDIO__MP3 Moniker Class]6 _2 y( {4 ^& a' K9 N
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
' x j s# W% ^ - [AUDIO__X_MS_WMA Moniker Class]
1 Z! x( e2 \5 N1 F6 d8 F- V( L - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
9 K, i( v" m' a0 X* O - [VIDEO__X_MS_WMV Moniker Class]0 y6 l1 b3 }: J( T2 ^+ L# G
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
' T5 N0 J# W1 e, c7 W3 f7 Z - [RealPlayer G2 Control]; R, T6 \. ]/ Z4 S0 v: I8 F0 z( P+ ^! k
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
B- r5 r# k* \; x" ]; }8 l/ [ - [Shockwave Flash Object]
* v5 c) N. N7 h: r0 L" X; O - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
0 g; R8 [" M$ G0 S m& o3 d - [KUpdateObj2 Class], D' ^' [. v9 F1 J; I
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>- S- k w$ G5 x2 r/ D
- [kingsoft browser shield]+ y& M6 U: `2 h+ C
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>" f }, s, R! K3 q+ i
- [PasswordEditCtrl Class]
) j+ F7 y) C! f9 v - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
3 ? H# Z% O2 w: ` - [QvodCtrl Class]$ C0 T6 Z1 d8 X- M2 H% c5 I
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
( I9 ~* `2 N8 M) X2 C+ Q! D+ y - [&使用超级旋风下载]& e' c0 h! G, a! m( C: O) X
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>0 q2 B. B8 G9 A" D L" q8 p
- [&使用超级旋风下载全部链接]/ F1 g1 g4 T7 Z/ F, T& @3 L0 P1 V
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
6 M7 c* B4 }2 N- i' H5 X9 k - [使用迅雷下载]
$ T. w* Z. ]) D - <, N/A>
* l' n. Q1 O/ [' Y" Y M) h, ~2 w - [使用迅雷下载全部链接]9 n( x. l$ A' d
- <, N/A>7 C, Q; V# ^ s$ j% p
- [导出到 Microsoft Office Excel(&X)]
6 J5 \# D2 ]' N8 j5 V - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
0 _" E1 {3 h! }& N) o - [添加到QQ表情]9 U$ k. t7 g* M2 b/ N5 W# f7 y; T% X+ f
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
* w& @/ p7 \6 @9 D) l3 Y+ y" p - ==================================* `1 l: m, ?7 x$ C
- 正在运行的进程
; v0 x9 \. R% { - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ b2 B0 I. }2 q5 w" H - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ E) X- c. t: @+ h1 X! z2 U+ s$ o
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ `( Y- q3 ~; G3 u - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
. v6 ?0 Z5 u, _ - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" W% R5 ?; U0 Y, D& D
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 ?8 W" W( S- f: y a& a
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" G! K! Y1 K! k' s0 R. s2 |
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 C$ C, I5 W$ q3 H. }' F2 e - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- Y( T2 {7 q* Z5 y
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% y5 e7 E6 @- D
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
, C* |% o1 N; G0 n7 _( u# A/ Z - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]6 E% w+ Z' H9 O1 f. ~* Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
2 k2 K1 V5 w' u N( C* X4 r- C - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 A5 Y4 b' c* S0 d# Q+ Z* L& `
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
6 j5 v4 v. H7 U- C D* O! T5 x - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* C/ q2 q! }+ O7 R: W3 n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]( o& W# @5 q Q8 W' g2 D7 \+ l
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
; I: x3 b n# A% ~ - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]' l. O: K0 o2 @7 l1 s0 R
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
# Y' ^) {" ]$ z7 C& U+ T$ | - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9], M* R& \7 Q, ^( H# P1 K; X4 X5 I
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( \- V5 I( y2 I, c2 c. F) _ - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
0 Z2 b! {/ v& \1 b3 Y - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
5 L- u. a$ L D0 Z) H5 q - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]9 E) G/ Q8 X) ~& n" B9 K4 i0 z
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]% Q5 |5 F3 Q! I
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]/ V% w/ M) M* F2 l& w
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- W% ]$ ]" P3 I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) ]- E3 f) n7 L, r) j( N$ b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 b4 V! L7 O0 G* ]- I& y) b$ _
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ p! a/ j6 O: J9 t" w$ m* r: h
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 N* S: W) J( u+ R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" ~% ]1 E0 A2 z/ f1 Q/ R2 z$ l* D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 O( V* J) Z- N; @
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]% N5 ]$ j9 z9 g, z
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]; ^ E6 g9 N( h8 G6 _2 ^
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]! k5 E+ _0 J: E5 @( t5 Q$ q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]1 | i( r/ t7 g, h% n5 I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
3 U5 w" e: W- }9 z3 q - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
2 o0 R/ ~0 B, J4 h* b9 L - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
: M1 p- a8 o& @' Y1 N - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]/ ^2 d$ x3 d7 B' D7 s
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
- z# q* n1 `% |2 ~ - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 I2 A+ |, w8 Z9 B- z: M
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
$ b3 [4 j& ~( r6 `6 m U) Y - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; ]% b' C# D" f U3 l - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& m5 I, ]8 \4 I; t: S - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
4 e9 e: Y" V1 @+ }# Z1 }$ G - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]) p& }# Q T; g2 ?/ V
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ e; k: ?2 W* r7 c8 y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: n* H6 C( D4 b" M+ k6 a9 J( Q" M6 J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], {5 l* J" C( t' W% n
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
/ w) u% S/ o/ c; O - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]1 S' v/ q9 e( l1 a' v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
; B/ F- l. H' M+ y/ ~# N9 W/ {! S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
; k0 U" u$ u5 a" b6 m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
/ r+ d, L! [( v L+ ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
1 E0 D# w1 J: o; L, Q( i: ?' k - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]( _2 O5 d) X! g
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
) p% { Y! l$ o - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]) x' H: T3 }. i% [+ m! q% g
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]5 c8 o' P) h0 q1 V7 G
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
; q1 \ j5 Y6 Y! k8 c - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1] G: d/ s8 r2 Q. e
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
2 j1 k! l3 m# C, D - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
8 \4 G( U! r# @5 r4 g - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]( I* R/ F, Q6 l! h/ `
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]/ M( |0 D) u$ f3 z; H5 t, J
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]+ I3 i. ]; e) B ~3 o! R* n# P$ C
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' J) I* k0 G6 |0 s - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
2 T3 o8 W, L5 F' E$ m w" }( V - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 h- i a& U, W$ s; Q- c* c. X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ c$ D6 |1 \0 Y! ]8 O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" U' R# h5 y/ K8 h' t k
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( a7 b6 M) M- X5 b2 m* ~
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]+ P8 f2 b( @2 g+ l4 F
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
* c4 f! x' I3 v- `* T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 ?% T* O; L& X5 e- c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 X2 O! l# _' l - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( q, ]: C. I% Z. _" i - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
) Y3 p, w7 Q, R9 m, t - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
6 _ ~; T# f+ {& X( m - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 A$ y4 z5 y; g# M2 { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]1 u, P% g4 n6 s9 M+ b5 q- @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" k0 e9 H, j# f0 c
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 |0 K3 J: N1 e% w - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]0 ?1 [: U" ~! I5 f& d; d9 Q/ z
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. o' [' t5 c' O: d! B4 p3 V6 g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] ^9 `' v$ P. g( Y' {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 B8 t# M4 A# h2 B# S" Q+ Q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* O' l$ z3 Q* b. ?0 X4 r4 q - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] S" B- z2 x( k q1 b, V7 l/ X5 \
- ==================================# @0 p' U/ [* ^( M$ A$ Q8 m E
- 文件关联
7 b4 `0 m" E0 t4 ~- J A: Q - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
1 o0 q! L9 y: D+ D, Y - .EXE OK. ["%1" %*]8 D1 N1 q5 v- o6 D
- .COM OK. ["%1" %*] \* F0 x$ @% N" \. |. s
- .PIF OK. ["%1" %*]
0 L6 j- I+ o/ T6 \5 ]7 a5 C$ x n - .REG OK. [regedit.exe "%1"]
( s* [- s7 s. {8 w - .BAT OK. ["%1" %*]
1 l& N% h! M8 s6 s, G, l% x - .SCR OK. ["%1" /S]
( P v! e7 O+ x - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
! \0 W/ r) Z `" S1 [4 T- K - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]1 e7 e8 ~/ @' Y, V4 [& r
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
5 d/ J6 v1 g! I, d7 P - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] T5 g7 {( p2 a% j; o
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]0 X' w! s6 \" B5 b$ k4 @. V
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]$ c' u# w& G- r
- .LNK OK. [{00021401-0000-0000-C000-000000000046}] t) j5 q5 ~, Q7 \/ _4 F
- ==================================, r: G3 M6 o2 j8 D
- Winsock 提供者" |( [5 P7 Y H) E- ^
- N/A1 \3 m/ e! D) T: L2 Z# j6 u
- ==================================8 n1 G/ l9 H* K' q! L4 P, d
- Autorun.inf
4 E9 U9 |$ a0 e9 E1 V( X - N/A: X9 y* R" _$ s, C! F
- ==================================
* H5 O. N8 K: C g. L8 q6 f. M - HOSTS 文件
3 x' k' Z* \- H - N/A. J% y% i1 m# R0 d
- ==================================
. A8 ~- J1 Z& E$ U - 进程特权扫描9 Q# H; m. Q1 r O3 Q. l; }* H }
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]% o, s! n Y! r2 P5 W# ?5 p- T, _
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
. `: ?* u- I8 y - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
8 d" a% P& u6 U" t: ~% T - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
: q4 R7 \, b9 J3 b2 }) F3 Z, A - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]/ k1 R. M" Q- P3 s% V
- ==================================: ~/ j1 \. E' }' J
- API HOOK
' f, ^2 k8 n* Z0 m) v - N/A( G* @( N% \4 h4 |, W$ Q5 c, E0 O
- ==================================
! I" b8 e9 a4 Q: ?1 n - 隐藏进程
0 y6 S# {! ~3 W/ s - N/A4 ?, I$ @; }( f1 N" _9 x2 x1 h
- ==================================
$ O/ U- `- J6 i* ]+ d# y- i9 k( }2 n - 3 c0 S5 `% a7 k/ M/ k- z
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
