|
|
& V2 ?, O9 R. |- }7 n& j2 |9 \- 2008-05-22,20:37:43
1 `6 R5 t' V- d - System Repair Engineer 2.5.16.900) V8 f0 M& x! B$ q B' v
- Smallfrogs (http://www.KZTechs.com)2 [( O' O2 O, t, X: t
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能0 d- H+ N8 [' `! c/ }
- 以下内容被选中:7 K2 {6 I# U8 S1 _) N9 Y8 a
- 所有的启动项目(包括注册表、启动文件夹、服务等)
8 p; R7 ]$ B6 C2 y3 r - 浏览器加载项0 n6 a _+ r! T: a) d9 z
- 正在运行的进程(包括进程模块信息)0 X5 u: a" w; F4 s% B$ a
- 文件关联" m: x7 ^& X0 X4 `
- Winsock 提供者
( j- ^ ^1 M O - Autorun.inf& L! I4 ]- H8 r0 `2 V
- HOSTS 文件. [ U9 S7 Q; p7 r8 s* o. H
- 进程特权扫描2 ?/ U' q- A3 T; [- C5 t
- ( @. f* \4 T) t# y3 V. N
- 启动项目
6 q4 `) H5 H5 m7 }2 w' n. k - 注册表
/ Y. B9 t8 M6 k5 k f8 E- I - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
5 b7 i( J* I" t9 J - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
; y9 j, I3 V8 o' d - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
: U5 b0 Q* \. d- Z* ]" s - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
6 y$ l7 e( @2 ?% q2 C# {" |0 u1 g - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
* Z7 l) V7 F' {( O4 B8 D( Y - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]: M( N' E Q7 ]/ D. m
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]# L% o9 l% L0 H: j8 n0 Q2 i7 i
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]* Q* O3 q5 V. T
- <PHIME2002A><; > [N/A]
) g) \2 h0 G: l5 T& c& y$ e/ t - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A], v& I$ k$ X8 R5 c
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
5 |+ \0 N# D* n& g5 `, F; [ - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
3 Q" F# m* ]& h2 |' |3 `, v - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
3 Y/ {) W) u& C - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
4 a9 T t' g: B i; Q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
- v7 N- r& e% B2 f$ g$ Z4 s - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
( ^: C+ A! c- s! P$ t2 g' L6 H( w4 t - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]8 r5 M' Z" g8 v5 O6 M8 ?% k
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]+ h* A5 \& F( V8 Z% i0 p
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
$ v" X2 B- W0 R( o0 l - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
4 S, J9 R! @' t [ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]/ _! Q% S8 M8 W5 s% a. k7 `# w
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
: C0 A- n9 d/ z( ]. a - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]! o* d& `( w. P a
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
Q! \) y3 S% u" N0 X" n+ W$ R - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
& W0 w" V/ _' e - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]+ s2 g. m+ X( r/ w' \2 `, u
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]. l) W4 L; y @1 x% F8 u% L4 q
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
" x" i- e s* F/ f" I6 @7 C3 m( y - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
: h" w8 [# h& [. U - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher] c, y; _7 h% B! Y2 T8 I! e! V8 O
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]: `+ b7 P2 G( J$ {
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]( o( o3 f; ` G1 }! ?; u3 V# t
- ==================================0 N6 M7 X- S: s% ~ T6 F4 X
- 启动文件夹: V- `8 N% x$ S8 j4 q* a
- N/A* L9 a1 l: t8 ~/ \9 @
- ==================================/ D& n% M' T* c5 B0 V
- 服务
. R4 e. |- o# b1 o% F- U - [3ware Controller Service / 3wareSrv][Stopped/Auto Start] D) H' @1 \# H
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>! G* d& ], k3 q& k
- [Google Updater Service / gusvc][Stopped/Manual Start]3 q. ~( u7 T2 E! X
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>- G' ~. M! d. t* F8 u
- [Help and Support / helpsvc][Stopped/Disabled]
4 A! [# a C8 u8 l' T, w - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
* \4 l; i$ X" s2 H2 `8 S - [Human Interface Device Access / HidServ][Stopped/Boot Start]
+ c3 X; c7 @/ v( A" d - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
: J) d4 N) @! m) I - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]9 a' ~/ N* `" Q1 ^) Y9 z* m6 P/ ^
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
5 a5 R& e4 q# x/ b6 m8 p; l - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
, {: }7 G! R7 u3 ?" C5 Z8 {/ B7 E - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
9 t" j1 `/ `% B - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
; o3 [& X! O4 B& P; l8 O - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>$ q7 _: T, t$ R: o. u
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
/ P7 I/ D+ `: p6 T$ C - <><N/A>9 i/ B1 Q- {- [& h) b+ H4 ~
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]' Z; j# o. u- T( _
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>8 L' z& s% Y, N3 n- H3 H- ^" ?/ T
- ==================================
+ _# j( ?$ J- Z+ J1 D# o* C - 驱动程序
% Q0 o. _5 p. E2 d1 D7 e - [22j / 22jn][Stopped/Boot Start]
- j) O1 R5 D5 ?2 k& A - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>- I& k: r! }- y" g: @! r
- [360AntiArp / 360AntiArp][Running/System Start]# m+ w1 z" j2 A) w/ k0 T* r
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
+ I) r2 C& R7 T2 D - [43ec / 43ecu][Stopped/Boot Start]. w3 a. ]: |9 j. I7 m3 G5 ?
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
* _! R" S) k- w7 d3 F' B - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]; i1 S) O8 K2 }$ _8 T. a6 h
- <system32\drivers\ac97intc.sys><Intel Corporation>
" V$ |+ @6 h+ D0 M - [Promise driver accelerator / bb-run][Running/Boot Start]; O- r* I( w; E# I
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
( Q" b: X4 N1 w7 P: ]- Y2 y: G - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
, a* }8 a- ^+ `) o/ F1 A x- Q - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
& X0 R, @0 ~/ t0 p! B - [KAVBase / KAVBase][Running/Auto Start]$ S) K1 E6 `8 K7 e% z$ z
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>5 J' u; C! p2 z
- [KAVBootC / KAVBootC][Running/Boot Start]
; p: S' o. O u& p! M0 K - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>$ u, N6 B, }2 D7 k y: ]8 a x
- [KAVSafe / KAVSafe][Running/Auto Start]2 q$ K) x3 Z1 R& J
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>" H E. H" _' E
- [KNetWch / KNetWch][Running/System Start]8 m& m2 r, T* \/ I
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>' o+ Q; R! ~3 o$ F% R; ]
- [KWatch3 / KWatch3][Running/Auto Start]
, I) u! K* [* G1 @7 E; B* U9 \ - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
9 A }/ p, x( C) R( I: T - [ntptdb / ntptdb][Stopped/Auto Start]* C. \! u# r }3 e
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>2 f+ q) W1 K# K; M+ M4 A
- [nv / nv][Running/Manual Start]- f# Y9 \) E+ P
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>4 Q' z9 [& ^6 i6 M4 F
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]0 d1 ^0 [; H2 n5 P
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>- h3 f# L% l5 O
- [DDK PACKET Protocol / Packet][Running/Manual Start]
) |) m) I$ {8 n. _0 ]1 o* b - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
( x5 ? w. r: I: A9 k I - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
( `1 m m7 Q w* R& s5 J. l3 m - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>7 l' R2 J; a& @2 [
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
# m2 ]9 @) }) A% Y2 M - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
. |! m. h8 F1 \3 |" e6 Z - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]& [* n4 `' w6 b- {# t; a4 Y
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
2 l3 y# M9 u' x/ D2 B K( `# ^$ J4 k - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]% {/ ]2 g) L& R8 d/ f6 {
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>/ |: h+ j0 B' }8 F( b9 l) H7 I
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
; ^& a: i! s+ M) L - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>: Y; M1 m9 ^, q; C3 o
- [Secdrv / Secdrv][Stopped/Manual Start]; S+ P0 A6 H G
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
9 {. h8 N' C8 M9 p* ^% Y) F9 t1 G - [SATALink External Device Filter / SiRemFil][Running/Boot Start]" |; M, ?5 j' s0 @
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
' r A8 }$ u: @* T3 _( r - [System Restore Filter Driver / sr][Stopped/Disabled]6 h, C" P9 e1 v6 Y) N) c
- <system32\DRIVERS\sr.sys><N/A>4 v: D6 T' l* N( N1 f0 M$ `
- [TesSafe / TesSafe][Stopped/Manual Start]/ w Z5 j3 p4 `& e; y
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
$ ^, s" R- `: V! Q! b6 a+ F$ ~ - [System Services / unzxzsrs][Stopped/Boot Start]* \/ m; O& I; ^7 M% S
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>: g) A; T1 s2 e: s- R
- [ViBus / ViBus][Stopped/Boot Start]
8 ^* _" T; b! f8 y, j - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
" z& d) p2 f f6 ?) G& O - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]9 E% ~; \6 P" `
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
$ a; r8 B* J8 j' u) q T2 e9 r - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]8 L4 {% m6 i! h) \- Z$ j
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>: V" x0 g: f& n7 R
- [ATI Extend / zhibmaso][Stopped/Boot Start]
* I, o/ ]: d; b* x& L - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
7 ^9 N3 q3 T. p8 { d% `) ]0 ]6 S - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
/ s; f [) h9 [' |: g4 U - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
# Y1 M$ g0 m+ Q - ==================================( M/ B% q2 r$ M2 M% I
- 浏览器加载项
+ w; H5 L( z% \7 u% w4 g6 S& _; @ - [Google Toolbar Helper]! r7 C4 z8 a. n9 t7 ~
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>/ U0 {$ E0 o+ {( |4 s# }, U
- [Google Toolbar Notifier BHO]' E' e* {/ q q- o1 U [
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
+ o8 K; i% g# \% Y5 \: D% ] - [SafeMon Class]5 q* J6 J5 O& F, `$ X
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
6 [# G/ Y. W' r5 f1 d) V - [kingsoft browser shield]
! W! n; Z& g! F8 W: H2 y* I' Z - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>5 j1 L4 q& L# Y7 n, o9 U
- [IEBuddyExtControl Class]3 y# M- o' ^2 V. o" B0 x
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>, l3 g0 q5 u8 x6 Z
- [Zcom 杂志]; u' e; D9 l% @8 r
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>9 ~: g" h3 s# @3 F' a
- [&Google]
: {% d8 f; q( v - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
8 D0 W) @6 n2 }# Q3 ` - [KooPlayer Control]. Y/ A) m( U" N# ~9 a6 n
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>, G @ }8 m8 S5 b F# Q1 `+ O
- [Shockwave Flash Object]) z0 a0 a# [6 I& Z* L- q
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
* e# v/ P: I/ t7 c6 G7 _ - [KUpdateObj2 Class]
2 @" V% I- b% D) u2 b3 ? - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
- P8 L$ j3 [6 v; C* [7 { - [Google Script Object]5 w+ d, F% }2 Z
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
0 \' ^! Q- I) R+ o; o% ~( c; w" Y( Y4 |4 ~ - [EWA Control]' o; {* I4 y$ z% b9 q4 Q
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
0 W, R+ I" W- z3 ^, { - [Windows Media Player] ~5 C1 i# ]5 f- P6 H1 f" U
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
. Y" y2 q8 ^" P$ w2 T, z - [&Google]
5 f% ^* N' q7 }; W& { - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
8 E! Z9 ~' U% ^8 D* R: J+ h - [HTML Document]
/ i$ n$ B# X0 E1 P* M" X - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
3 G5 F) v* p4 t) o7 q7 p - [DHTML Edit Control Safe for Scripting for IE5]
! r0 D p3 ?* j a$ w5 e! W# t - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>) l* x5 |) q: [. U: S- |) u2 }1 T
- [RealPlayer RAM Download Handler]
, W9 o; h2 ?4 s$ {5 h7 [ - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
; w$ y6 m$ U1 T9 _# J2 _! h - [IEBuddyExtControl Class]# J K' ~7 F! ^+ A
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>1 h# U& Z0 z/ h. W. G! l4 z
- [XML Document]
. ^2 ? I1 s6 z - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
7 D5 N. b, M9 j _! D# {, c - [HHCtrl Object]2 N2 q! u0 u7 W
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>. \ w' ]8 ?9 S+ I8 t( n' r8 F
- [Windows Media Player]
' G; x, I( T1 | - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>4 g8 A {6 U7 `
- [Active Desktop Mover]$ m' }' j) ~, K5 z; g: c
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>& L3 o2 T9 }3 I. H6 u
- [360SafeLive]
! W i+ @. @; t7 a - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
4 N5 ~3 W' {! \ i s" T - [Microsoft Web 浏览器]2 V+ F! G1 T8 e0 i# K: F$ G
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>+ c7 _ i7 b0 Y
- [Browser Enhanced Objects], R4 g$ k8 @/ O- c2 P8 A
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>: V0 o1 c3 L& q$ j. t
- [Google Toolbar Helper]
6 R* _5 W2 J( a' a5 B/ m+ g - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
' o) f7 [. g1 z# V - [Microsoft Scriptlet Component]2 n. S3 t9 w2 b- H9 x
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
( @; m3 d, C# y& { - [Google Toolbar Notifier BHO]
4 n1 l/ l; P7 o' s1 i7 M5 t8 K0 Q5 ? - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>8 J- e; H8 B. a/ z8 Y# t: e7 o. l
- [SearchAssistantOC]3 T0 |, U4 }& E- `9 D8 D1 u
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>0 ~2 j5 D: k" q/ a+ j1 ~* _+ ?4 X) f
- [SafeMon Class]
% m' ^) ?3 N: R. \0 b( a+ s$ b - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN> D$ v7 M/ A" T# b4 @( |( c
- [RDS.DataSpace]) ~' n! e# b- R" y
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>. b1 A y, S/ i
- [KooPlayer Control]
: e' p, Z5 `3 F" y' h - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
L6 }3 s. g! I% a) s; `& Y' z( _ - [AUDIO__MID Moniker Class]
* a; w! h# k% ] t. s9 X9 B8 P - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>; T7 H& T k2 U* X- w
- [AUDIO__MP3 Moniker Class]( _) g% V7 r- j6 b/ ]% A* M4 k
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>8 D7 S7 ~& @* C; T: S
- [AUDIO__X_MS_WMA Moniker Class]
: ]/ S# s2 Q) a- z" u W! t - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
1 C5 X) b) b1 u; A - [VIDEO__X_MS_WMV Moniker Class]
7 [+ x$ y. v9 J4 }8 z4 F9 M - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
+ @# y+ k( a9 F: t$ E$ W. o - [RealPlayer G2 Control]
: g6 n& r. l& G0 \ - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
% _) c% v K( [& O! E m - [Shockwave Flash Object]2 q6 r; ]" H3 s) @% q
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>( m% z/ X! m& I8 G! z+ o; T( s
- [KUpdateObj2 Class]
3 i& K2 [0 T- K - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
3 [# E z9 n# W' M' v0 Z - [kingsoft browser shield]! Z. D: K3 I7 P# |. ^3 ]
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>+ s9 n+ f. }+ F! Q5 k' Z C+ r
- [PasswordEditCtrl Class]2 s( ~1 H( R0 Y$ k
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>0 ]( z0 d6 u& ]( L5 ~- a' ?$ e9 t
- [QvodCtrl Class]
- |2 I' ?# L8 E* q, ] T3 T - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
! t! `& S0 w/ w$ t4 L( p8 Z - [&使用超级旋风下载]) z! G* d+ o/ V7 L3 C) [
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>2 \) v( T W4 |' U0 d! E3 u
- [&使用超级旋风下载全部链接]( v0 e5 X4 X+ P; h, a
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
% Q" m+ n+ `8 \+ | - [使用迅雷下载]; L" Y' i/ C( b$ F6 i
- <, N/A>
7 o9 c7 Y- S0 V - [使用迅雷下载全部链接]
# y+ q4 M2 Y0 ]# ]5 C) F, h s - <, N/A>
6 A0 J6 w! j4 f' k - [导出到 Microsoft Office Excel(&X)]$ W" l k6 {8 i5 u* d' a
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>1 p9 N, O( `6 G. l
- [添加到QQ表情]
3 @' V2 S! k) c0 _' D - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A># M; U: o( ^0 Y- x
- ==================================9 x1 }: ?) i0 I+ a$ i" G: _0 T9 t
- 正在运行的进程7 G) y4 N+ G1 ?8 I* n+ P* M2 T; V, i
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 F/ l5 j& `2 Q! G- D
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) g! Q6 h c. d. f - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" K0 M- s5 |1 T0 P8 s" A( O
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]& N0 ]$ b: U( N5 g+ Z% ~5 a
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% e B+ K; K, i3 x' l$ `$ {& H
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 V8 r' u& j3 a3 r! t, A4 u
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ L# ]- R" Y- J4 k0 T
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] P) O8 C- |' O4 n# Y4 l1 a
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 {- Z- O: i3 W5 _2 F1 a/ t# U! u
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 ^7 h/ R, {# p- d, h! h% F - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 a U: U i. \4 r+ l8 V
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
% ~4 X# X! E$ c8 z$ { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]8 } j2 u$ R/ H$ `# ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* |( h" N8 F6 n$ K( U0 V0 q% \2 L
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]# H& {5 ~$ ?3 U, E8 k) c
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! _' m- D6 u% Q. I7 {- @, h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]/ u. p2 c) g1 ^& v$ f2 j$ j
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]/ \ y9 D4 i% \3 \6 c) i+ [) t
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]8 V$ M3 W! F/ B4 I. m
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]7 F# m4 A' _( \7 z0 f8 c
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]* B x7 h, } \0 E, H6 i
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
8 ?* v. y, p, T - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]7 O( d& t( `, b' G! }9 ?2 T$ B
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]/ G( k6 i, U/ e+ N9 x
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
$ n" D. \! E% K6 E6 @ - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
# e; r3 }# x4 x6 W. @! M - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]9 a+ ~9 B, y- d, ^: H5 O
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. C! C/ Q% [. P( c. ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" L j$ ]8 v. z, {( C" i) E4 ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ j& \. W& A: I$ k) C4 T
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
; ~2 P: `: \! h/ l& X6 O4 f - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 ]2 A( K7 K, y. F6 L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ i- }% d# I% X2 q8 }- f- q$ [3 p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 r5 z- m! M8 K
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ B9 W6 N- B: P
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]% C y+ v9 o, B3 w! D
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]( d) x! s7 x, z' j; B; U5 m, Z5 E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; d+ c( C, y# a. P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]( P5 C$ L+ |. t. m8 W9 L
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164] h/ l1 d! y; g
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]& i; A4 i; \0 ?4 p6 m5 D3 w
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
: i$ n# d9 V$ i$ I; f& p - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) T- g" Z' Y* }2 H$ e, y- O/ R* \ C: h - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# C/ }% G [% L% Y' J
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
7 C$ o2 h/ B4 V. b - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 j6 m6 V( U+ Y# B" N
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 C( H7 I; e0 e- A - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
3 {6 W0 [% z. H2 g H! O" S - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]- |, Q6 I. v% h, \6 N
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]/ {" {( Y" Y; N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) i& a! V+ L; ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 a# S7 C' N% y9 V% [: H - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]0 w9 r, L0 y' l" c
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]+ K' n' O2 ]3 c+ T2 t% p' z8 Y6 F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]! U' F3 { y$ U1 k3 P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]0 M# q$ K' Y8 M# H1 G4 G5 Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]* G5 [7 s2 {1 x5 j z) @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
, Q, ?" l* _* m' S# U4 ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
2 c& U: f* @8 X - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510], O8 o+ u1 g% a/ h
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]8 t4 b- t% {; R- S+ ]( M5 B& G0 G
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
3 A5 c* _# J: v - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
/ D2 b- @- B& U! M) _5 R - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
1 x8 K6 ~! J) r: \# w: H1 P - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]( y2 R* m0 k( M: p/ w0 l: _" @
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
. x% @! R- |8 Y - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0], T8 m3 Y, W, c. ~8 ^
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]) j7 `3 T9 u0 ~" F' V7 M
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
7 F6 r7 t: R2 Y8 `$ h - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
7 v( Y/ a' L7 o1 E - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
: \( X' w, i0 A! Q2 ^( H - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 Z# L+ F8 D' |, L: P+ v" b, H4 Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], F1 w3 g2 C2 e; x. u7 y ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
7 {- D1 g# r5 a: a - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]" L! K7 u. c8 z
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
/ ^: F; B" O! k& S1 f h1 W4 n! `* P - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
0 L8 N( [) ?% u% u+ K$ N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ X% s _0 ?/ B2 x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 c- \$ i* d- L, w5 z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" t2 u7 Z9 [) y. {1 K - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
! d M% Z ?$ f6 R - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
; c, q1 v. x. [- g - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 y; h: f: B; |+ N: s9 e3 f7 K8 M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& o( d! W5 S) X0 W' y _$ W
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 b7 _8 |" j7 E3 B- P0 Z" E
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( u/ t/ P' c3 {/ h - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
+ _6 d1 T, i; m5 o) J9 V - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 |/ g* ]: |/ @& S5 L& A1 O" j x+ H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] I. j7 l" Z1 M5 k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
9 ^; g! N* w5 q3 a m$ @ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 U& d2 E, F2 @' j2 C1 F4 T" R - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
, N$ \4 G9 m6 K7 U$ c$ X' D - ==================================
4 R) u1 u; r, }4 }2 |" p, l, U - 文件关联& @+ @( c) H L2 z# v
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
. x, t$ O3 K9 g; G - .EXE OK. ["%1" %*]
3 h6 a5 `9 v& g& B: C8 j - .COM OK. ["%1" %*]6 f. O0 K8 ?6 i' ?1 N! f* S
- .PIF OK. ["%1" %*]2 V5 ^6 E2 `2 q- \
- .REG OK. [regedit.exe "%1"]
$ G' |, e3 p. z; y% T - .BAT OK. ["%1" %*]0 ?. i w8 Z+ _" ^. g1 W
- .SCR OK. ["%1" /S]3 R: { a w0 I
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]0 I. Q: {) X# w- g2 Z
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
7 o& L9 h; j$ B% O: D, h - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
6 \, H, A9 s7 W5 ~ - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]" t d y* `8 X0 }$ _4 H7 y
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
" G- N3 q/ Y5 Y& B* A: k. h( j - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]* b( q, _7 k5 |1 {: V( h$ [* i
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
% h% I7 c7 Y+ J4 n" Y1 v# W - ==================================
' [) H) B/ X' p1 w( R3 y4 z& g - Winsock 提供者
) ]* t1 ]3 W, z6 l- v - N/A
# W% X: u8 I( h - ==================================
6 h7 d# a9 u0 @; D, F5 z" G# ` - Autorun.inf! Y5 U: L& J5 x. ~. q$ F5 O
- N/A* c9 w! F7 B* l# {: j
- ==================================
2 \5 I) L) N- D. c, e$ b - HOSTS 文件
4 ?7 o5 b* }$ F9 p - N/A D# ~3 X# w! r( q
- ==================================
R( W! Z$ r: f5 l# K ~ - 进程特权扫描) D, h4 p7 N" k: \1 C# ~# V6 E6 M3 u
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]2 s9 @9 X1 l6 ^( ^1 H8 Y! [
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
0 ?/ z* ?/ {9 E" J - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
3 ?# U2 x& _# L - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]# l/ L; W' _" z9 V* ]) T: y$ l
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
$ U4 L! s* j& T, H" s - ==================================. x1 X4 w* y, {" t; S
- API HOOK) n/ @' m; \7 F
- N/A" V( Q1 b+ ]$ j5 F
- ==================================" i0 G4 I( v% t; o
- 隐藏进程
. L2 i: h. b8 v! I; w% L - N/A8 i5 z) D4 m1 B; Q
- ==================================8 }! A) p G; J5 H0 t) o" w, `: v/ I- Z
% W& @/ g1 d, Q
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
