|
|
- : Z7 @+ z M e- _) m2 d# k: Y
- 2008-05-22,20:37:433 a/ p2 ]# i; I! b8 M% C2 q/ |
- System Repair Engineer 2.5.16.900; M/ P0 R% U& i
- Smallfrogs (http://www.KZTechs.com)
, V* _$ \. K: ~3 k j - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
x+ x0 v, P; b; V2 Y" l - 以下内容被选中:, t# K$ U$ t: k# e4 s, ` }
- 所有的启动项目(包括注册表、启动文件夹、服务等)( J. D" V5 S a3 ]" g n
- 浏览器加载项
K8 E9 B' r* Q7 J! Y - 正在运行的进程(包括进程模块信息); _8 K, r- J1 j' K
- 文件关联
& k! O# U; k; l - Winsock 提供者+ s2 P' I3 u! `- e/ j( t
- Autorun.inf0 N; l: t4 E7 z5 _; Q* R5 j
- HOSTS 文件5 h: x! @' [$ l# o, |3 ?& s
- 进程特权扫描+ f! |! A/ @( H, c# C
- / e! T: f! X, V. V
- 启动项目
: U2 d( J3 Y4 y - 注册表
$ a2 s1 H( B1 i0 `. r& g" ? - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]* R3 ~7 T, K1 I/ D5 ~+ o
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
4 v; k1 [- |# }' y& j4 J - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]9 N; K) e! w8 D* `. D! f
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
5 m: K! `% b0 @ - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]! U% f4 t% k3 l" S0 N& }% K
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
* Z+ D8 O& I- l: K b) ^ - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
7 J1 N) ^6 i h3 H; ] - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
0 e" d3 {! l! P2 `6 i - <PHIME2002A><; > [N/A]
- Q# [. h; |2 E' n. r/ z% P - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
( l/ R, _# K1 c7 v. q - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]& @1 O" @4 q: z f3 j
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
. q4 E3 }! d4 e" b9 ` - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
+ Z3 F! Y" }" |% T ?5 X- V - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]9 ]. g+ _, P& U, x, O( f
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
h4 \' |; A% O: u+ {/ _. b3 H0 S - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
9 Z) V& v# e$ i - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
/ K7 p& c2 b* e, ^ - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
6 t- V) F5 {! l- C2 x' O - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
9 {+ @' j9 |) w" h - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
, m, J# H5 a# m9 f- m - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
* y# J- M+ A* q/ y6 {# L! T' m" f - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]9 D$ _0 a' C d# V1 q4 M& ]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]" w7 f9 j8 R) d" a' [
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]9 J8 x- p# `" u% w: E9 ?
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
- P r2 G5 [: g* {* i - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]( u% f, E# v( \2 ]& g" G2 w
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
! g( ?% r- x* T% X; Y1 f - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
7 f" K/ U0 D( X, W. [7 P/ a) V - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
5 H0 o$ Q4 ~) A4 k& V& @ - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]% C' g. j# R6 ]0 _. \
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
; d! P% B, I8 Z+ M - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]0 Y. h1 k0 e3 \5 r/ d
- ==================================
, c+ y) m" m% @! x8 |$ X+ _ - 启动文件夹
_' |* _! b3 H- n5 n5 B6 j - N/A$ c; d" k( ^! W' n3 {
- ==================================
; X" ?3 r! w) A# ?. S - 服务8 w* R4 ]6 C( V9 q4 Q
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
+ g, q3 \4 S* \( m$ O5 _9 X e - <C:\WINDOWS\System32\3wareSrv.exe><N/A>2 P% h- g0 T. ^$ M# X, J$ _. G
- [Google Updater Service / gusvc][Stopped/Manual Start]
& w Q. S Z, t, L' W0 [ - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>4 H3 E0 d1 V8 ?( `& k& m& D
- [Help and Support / helpsvc][Stopped/Disabled]$ C. b+ @* E0 S# M& Q* c
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>% o* b' \$ n, m7 V
- [Human Interface Device Access / HidServ][Stopped/Boot Start]' U# M- @: X' x/ U: c; f
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
1 C4 q6 i8 z! a1 X% Q; V$ L - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
! g7 F1 {; O: F1 T* o - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>) V- l2 w2 ]2 w j; J
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
% h" d; ]2 e R* V9 `1 J4 Z - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
6 c: c% v' B1 P - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
7 W* X, `' e4 `& ~! i) p% I - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
6 I* W3 Z, A9 w& K) U% g* t - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]. ]6 u% \: N" w8 @- k, c
- <><N/A>/ r- w J7 f( G; p! Y) h
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
* v$ i" p4 h5 \; b! O/ ?. L2 Y - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
- B1 W0 c2 F- R% [; F5 i# t - ==================================# I. d' }0 V$ _# m; c8 a' e5 u1 b
- 驱动程序
$ a }2 E: G C: P& N0 Z - [22j / 22jn][Stopped/Boot Start]
5 u0 S/ f) s- w0 c1 v7 E2 x! Y" e" w - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
' i+ K* e( K* Z; t+ i - [360AntiArp / 360AntiArp][Running/System Start]8 ~% |5 T6 h* {: f4 H0 t
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>& w7 G- N) f! H7 N) J* }
- [43ec / 43ecu][Stopped/Boot Start]
( m" r1 f& N4 j5 u2 G# a - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
% {6 N. h/ c5 J" C; i - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]; H, B- S. m" |( ^% f" H
- <system32\drivers\ac97intc.sys><Intel Corporation>& t2 d8 X/ g+ q6 c% Z' s) u
- [Promise driver accelerator / bb-run][Running/Boot Start]
# g' y* i2 C( K; h3 b - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>4 Q1 D" F' B5 j; i q4 [
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
- B5 N2 n1 Z! g- l3 U) Z7 z - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
6 |2 F' u7 [& }6 y7 b - [KAVBase / KAVBase][Running/Auto Start]
$ q: y# L/ c o" e - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>+ u+ l# |4 f4 G
- [KAVBootC / KAVBootC][Running/Boot Start]
* i( Z% Z, V: a+ H) I! W0 p - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>- y# X" i' L+ ]; Q2 P- F o
- [KAVSafe / KAVSafe][Running/Auto Start]
! T ~7 d# u3 P* C - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>" c9 ]- O# X$ }+ P8 S, w$ y
- [KNetWch / KNetWch][Running/System Start]
1 u) S5 p- g. u) ^ - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>; d& _# A% g7 P' U
- [KWatch3 / KWatch3][Running/Auto Start]& y3 s- w" n+ f% H7 R+ ^+ C/ j7 S2 ~
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>& ^7 E! O( E5 q9 r
- [ntptdb / ntptdb][Stopped/Auto Start]8 M4 x# R; ^/ {
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>. r) s; `. E4 ?+ `/ V* X. |
- [nv / nv][Running/Manual Start]2 x9 l9 M) h* d) q6 U
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>! i3 R) Z# p& ^, S% [
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]3 d- i8 N. z3 w% _& A% M6 @
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>3 @) b6 }) K1 \, O/ q' n1 i6 W7 x
- [DDK PACKET Protocol / Packet][Running/Manual Start]
/ g0 n9 e7 J1 Q: n5 N5 T; H( B - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
6 w% ?. c3 ]. E* H - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
. t9 s, C! s+ b) J7 g - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>& `4 @, H, ]4 P8 Y6 T
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
9 x2 C# M# G8 e - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
: s: T6 [! a4 x8 g - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]: d8 o4 [& c! [3 e
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
% b. T5 z" d; N, [2 r+ | - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]" {# \' {% D* U; ^' H! l; n) q
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>, f- ^9 Z, v) F% S3 U, V* @' R
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
9 N! ?* k! h+ T6 @% Y - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
7 y7 D) k @' O - [Secdrv / Secdrv][Stopped/Manual Start]$ Z: u7 l; q- `7 {. J
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
+ Y7 B. h: h+ q* m6 _ - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
2 f1 L& K# w) h2 N5 t \1 b4 b - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
# \: O: r, M! H, y: M" W - [System Restore Filter Driver / sr][Stopped/Disabled]
9 P3 Q7 w, X! @0 {$ w - <system32\DRIVERS\sr.sys><N/A>9 i" [1 `9 `$ g& O
- [TesSafe / TesSafe][Stopped/Manual Start]! O1 r5 Z: a5 Z/ Z$ G& f4 N
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>6 N& s, o5 ^- Z- t
- [System Services / unzxzsrs][Stopped/Boot Start]4 ~: O& Q( i+ M
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>8 S! `2 e! L- Y, v7 b. I) ]
- [ViBus / ViBus][Stopped/Boot Start]
7 e; m0 P$ d9 m, _( ], H) s0 e( _; H - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>8 T# k# }* K& q. [( _' K
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
8 k9 z2 y u5 }/ A0 ~& H5 J6 v - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
/ {3 }" }" e' ` - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]' Z4 @' u7 m* M- R. P
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>* _+ B$ t. n' L7 q
- [ATI Extend / zhibmaso][Stopped/Boot Start]: {& G, R0 M) i
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>5 L" L2 ~7 W' _3 X S
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
' L+ c% W5 \0 _7 [: I - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>1 e& O( y9 r: M+ Y* w
- ==================================& V! Q8 P* W: \- w* U
- 浏览器加载项: ]+ i7 U6 o& _+ X/ }
- [Google Toolbar Helper]# h/ m; m& w, m$ k
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
1 b: a4 A1 h9 J$ o7 w - [Google Toolbar Notifier BHO]
( V( w& ^0 d& _ - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
+ e1 v8 |# W! v( h. u, E - [SafeMon Class]
5 B. u& A8 w: ?# N* L* P - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
* a" g. u' j5 Y0 c& \ - [kingsoft browser shield]7 Q# X. }# j; i: L, t8 j& ^7 a
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>1 x2 r6 }4 p- P9 Y: P
- [IEBuddyExtControl Class]3 ]! Y" B( m3 j" M% F+ c7 q
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>" j, h, M }; M) P
- [Zcom 杂志]( O% x! d) q. g& _2 B7 l/ I! C
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>3 |/ C- b# |- }7 c+ y6 g: s
- [&Google]( g6 ?$ p( |3 d) o4 N, J
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>$ N. I6 y/ F9 a4 E- |7 U) Q
- [KooPlayer Control]
, _$ ~) U/ H+ @7 V+ R6 L - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
' }. p8 K7 O3 k ]7 B# J - [Shockwave Flash Object]
7 W. K+ E% L+ m: A3 [8 A* x, \ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
5 m# x3 {& j7 E3 Q- K9 l7 y - [KUpdateObj2 Class]
3 F5 {* u$ O: q t& V( O2 { - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>% W& U; F$ ~+ ]: N: k9 t2 G E- [
- [Google Script Object]
5 y) M. \+ G: b. [" O; W1 H+ L - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
( X E7 S8 n# \& \ - [EWA Control]! A" \% x' x3 G3 H( I
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>) [; |8 R+ O& R
- [Windows Media Player]
4 N6 C' N5 e8 ] - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>+ d# S* m' P9 v7 X4 n" n1 i
- [&Google]
$ s5 B6 @' m2 } - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 n% O1 C: }5 w l - [HTML Document]
Y+ T- v; O z" v d0 ]$ H: l7 l - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
; v$ ]0 ~" n8 ~0 _0 Q - [DHTML Edit Control Safe for Scripting for IE5]
; F- P# e7 i. k, W( e - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
! B6 {# `1 A/ C8 W6 K: E - [RealPlayer RAM Download Handler]
: C9 ]6 E8 N2 a8 Q0 s0 u& U! c - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>7 s6 P& e% _& J0 G" y7 u5 c
- [IEBuddyExtControl Class]7 M) b6 I9 c4 {- ^
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
7 M; e4 S; K$ `3 b5 g ` - [XML Document]8 c8 _3 d) ]0 p* D. h) ]1 M# U
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
) q+ t: D& L; w0 E& W; n+ ~) p - [HHCtrl Object]* l# D! C$ p+ U. ~
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
- n M6 V8 O7 R8 V: L: D - [Windows Media Player]
0 _: v2 f& M( f } - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
O9 @6 e" _" R: I; m0 Z( e - [Active Desktop Mover]
' a. K7 a& Z" y5 X9 ^# o* C: N - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
8 ]. O! B4 s" S& a - [360SafeLive]* ~. L0 @% m1 F3 \4 A/ @
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn># m( N3 R0 A! s! r2 D; c) H! A
- [Microsoft Web 浏览器]+ J% o2 |' [: W0 B) R: d& J, U. b
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
) H6 a* F' y5 c( q - [Browser Enhanced Objects]
; x! O. r, ]* L {) I9 R - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
5 {" r6 k* {. k/ } - [Google Toolbar Helper]
1 `) T, D: J6 q% x - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
5 d! s3 L; d/ g9 h - [Microsoft Scriptlet Component]1 k( L* @( J3 |6 L% T' p& U. ?/ t
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>& E$ E0 C7 ?& d. S B( b) A
- [Google Toolbar Notifier BHO]$ U: }) R" o: ~7 f
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
8 r1 d j; \7 a f8 {, U" H& ] - [SearchAssistantOC]
# U2 L* N9 a5 c$ r+ }9 Z - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
: Y, Y4 E, q9 j* b6 L" s6 p - [SafeMon Class]
2 M3 Z. n7 V( {: y; M' ?) ?8 U3 ^4 _8 I" y - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>8 Y/ P: { l6 h2 B' k, y! g5 T
- [RDS.DataSpace], i$ V# l+ _: f' T
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
! a1 x" P# G* u% l- k/ c' k. }6 j0 e - [KooPlayer Control]" A) _: b- n& l
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>0 Z. {" H. r( u ~' M# D
- [AUDIO__MID Moniker Class]8 e& c( ]0 Z; V$ d! Q. v* s
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
# P7 l2 Y) i3 n0 }9 v* d# m8 e7 H0 s& S - [AUDIO__MP3 Moniker Class]/ V9 I) x# E: D
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>& z. C g5 U$ F0 g" r
- [AUDIO__X_MS_WMA Moniker Class]
3 i8 w* ~& D; t1 R- D9 _4 Q% y - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>- V# Z& c+ j" ]# ] t* s
- [VIDEO__X_MS_WMV Moniker Class]' X! m, I! v N' J$ o, f: e! l G
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
8 m# @3 J; H: R5 f' |3 e( V" k - [RealPlayer G2 Control]
4 \& }8 J4 b4 d9 [) i2 W K - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
1 X+ O0 F$ K1 J8 b; C$ y) D - [Shockwave Flash Object]3 ^: B) i% H# s& p! d- g0 o
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
' ^& g. o4 c8 X, H1 _& Z - [KUpdateObj2 Class]
% z, V0 y* {+ g$ f1 p x - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>: ^8 d3 Z+ v( |5 R7 O. _, x
- [kingsoft browser shield]
% c: I8 P4 L# p7 Y# Z - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
+ {: ?) o1 c, ?2 g6 \/ M3 `0 x - [PasswordEditCtrl Class]$ ]: Z# s% }( g6 S4 a4 _! R
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>7 U8 I. S" i+ {1 {9 P
- [QvodCtrl Class]$ U" P5 ~% N8 W
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
6 [+ Q- m4 ~' W0 q- ?0 t! g3 P - [&使用超级旋风下载]7 |2 R" [" q6 ?5 b" f
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>. L1 w9 q* e& u! s6 f$ k4 T' g
- [&使用超级旋风下载全部链接]
/ S4 @2 V Y/ ?0 L* _5 b - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>1 _0 |0 g6 L+ V6 F( M5 D
- [使用迅雷下载]
5 T) o- p% n- e: p. N) @3 g- C - <, N/A>
/ W$ U# r4 w3 j6 z - [使用迅雷下载全部链接]2 N# t4 t/ L$ y U! B# R x8 |* J) V
- <, N/A>
3 k: Z* Q# w# _: W d( s4 F - [导出到 Microsoft Office Excel(&X)]
- Q5 u( n+ g. f5 E9 r* E - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
) S2 s, m1 C% _' A - [添加到QQ表情]
5 r5 }" T9 q3 R9 N. u: b - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
- {% Q0 {- o3 e - ==================================
( w4 k& F4 Q7 G: B& O - 正在运行的进程3 F4 D! |9 r G) {3 R6 C6 x
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 w6 R' y+ N7 R3 L
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ g0 g$ b2 x, t7 u, T0 F, O+ w - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 R- G3 k2 E/ H# L - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
, Y# W# p, L+ N u" a - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# d; \5 g) ?! |' F: Q# z x
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 |3 z2 b1 Q1 B8 |; I* ~ - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 m% T: W9 Z& R* n; T
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 |' I& z8 f- l3 m# H! V - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( P! g9 j- U9 P- p6 ~ - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 j+ _* V& I% O/ v2 ~$ W - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ ~$ g1 Y3 o. C3 M) Y( o+ u; i - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]+ J" d) Z9 X! C6 h$ I, D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# U" k" r" Q: W0 b) i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! q; @) m- N4 W - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
4 E0 Z7 ~; A3 @' m) Z+ Z) G$ b2 ] - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! M1 T$ r+ C$ V) } y. g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
% K/ ^) m2 `! o @9 O8 k1 d' j) D - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
' P6 j! I9 [' B& I g - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
, n. ?- Q' p# e- C( y - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
5 ]5 R" S7 u1 H* ^6 B1 k e - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
+ Y) j& ] V" T& k - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 t1 \5 e) ^& c4 P
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
$ {! y5 A8 u7 y$ m* w, @9 y - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
' f& x9 K1 ?9 p& Y% k& Y3 m+ [ - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]5 \! R- ^$ u: a& {9 `
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]( |" n5 Q! x' ]9 X, h8 n$ H
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]$ f7 {8 d( ?* P1 v* F# J# l- D
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 `8 a! u/ M9 j' i/ ^4 x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
# C$ I+ m6 H# O. F: E. h! ^ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ C' t/ f" J! t - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# {8 b+ b* n! x9 e: P: v1 B5 F6 ]+ m
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) |7 }% N% B& e6 c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: i* v$ \ s. h' W
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ y- U, _3 p6 {: C8 {
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 x& X* _) ^2 t8 w7 Q0 { ^* ]7 D - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
, ]7 a( b% y" [% d/ W4 ~2 v - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
& l* K9 U: ]" R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
1 O9 q* b- l( s% b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]- Q2 h8 y0 A' ^* N+ b
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
+ Y; [+ j8 @/ J6 u/ B& U - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
- A" w) ^) D( y j - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]& |2 _' l7 O( v7 S L2 v
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# h+ w% E. |5 Z9 k" G/ L( S
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
, c: F' N9 M6 v1 Z. X) f0 O2 m+ p - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
* F" E/ L4 x2 Q. ]4 g Q5 { - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- g; x1 F6 N/ q! I- x. [2 X* D - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) ~2 V3 J! O0 n6 S% b! O - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
) m3 Z2 W; D, ]1 A1 D - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]2 y+ K6 C5 a5 L8 ^
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; P( G7 L! R, u( f+ K; A: O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ S: B0 O @( [& d/ F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]. \/ l. U: y* Y, J. j& I9 s& h
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
; \2 ~ B% H d/ X - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]- \0 |6 X$ U) a# y6 J9 x- A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
, n/ `' ~, \& a1 w - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]; @/ X/ h8 F5 \ \, p5 j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]5 L" }+ v7 x0 \
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]. \" ?( w; b' V4 l" ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]6 {: L; H+ A, M2 U; @5 e
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]+ w: t4 e& Q6 q, b1 M2 }( F0 C+ w
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
e% j9 e) M9 F/ F3 v - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
0 w' j; `9 H0 P3 u% h1 C - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
6 |' _1 N, Y; x* ]* P - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
( M' L: a5 J, F. O7 g" O - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
8 T1 ~) G1 L* M) L' M1 x - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
/ ~8 r7 ~; ~' T7 B# W6 Z1 X - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]! c) A- @% Q$ M
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
% \" C! M, L3 A6 H% r - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]6 H/ r; b! V/ f# A$ F: ^
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) u7 z# V6 {* H6 y
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
1 m8 s2 L r% G# z - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
& w: L+ l8 s9 ]; v) r! V! u5 x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 S& s/ W! V+ B5 T! r$ ?! \6 B$ Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 t% b5 {8 q3 J C( C/ O - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* W5 p4 u# g0 F3 g s# M - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]* e" i2 ~7 h7 z1 z
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
# i! Y* c d8 ?6 ?. V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ l# _" a/ i3 ]4 s0 _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]' h& o q( o+ e0 i& _
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 y4 F5 Q3 d# O* T- r$ l: t+ H - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]5 l& p& F- ]; o7 }9 @3 r9 b
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
# P {1 S6 r1 \2 [( L - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]$ w- V+ v& S( A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# a# d6 a3 c. Y. K8 v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: e: S3 k) J( U) A& z! T* e c) G
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- m6 X f' O. j7 A; `( R5 S/ g
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]+ I" L* m( c1 N' y r) J: G- n
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
0 P# K3 i: V* h! Q7 R: d# w" F - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]8 D ]8 y; K( e1 m) r
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 |: p4 R6 V* T) m( A: X0 J1 m9 n
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]3 D& Q x" _3 ]& C# h+ O% Q
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]3 ^' D, ?9 }" a5 ]: \ g4 u: ]4 o; o8 \# e
- ==================================
% @9 z; ^$ u B2 k2 P; j% Q: `* V4 n - 文件关联" [. u( m/ P; [0 g$ f
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
' J$ t B r9 k6 H ^* ~3 N4 o - .EXE OK. ["%1" %*]& R/ T J$ ]6 X$ X1 B- W2 k
- .COM OK. ["%1" %*]
- J* s: {+ X. D x0 E9 S - .PIF OK. ["%1" %*]. A8 y1 [, @6 W, k- m$ F( s0 h" [: U
- .REG OK. [regedit.exe "%1"]4 y8 q% H2 P5 t: \
- .BAT OK. ["%1" %*]
6 b9 _0 Y( S* A# s1 @ - .SCR OK. ["%1" /S]- ?8 H& Y' m& V& J# y
- .CHM OK. ["C:\WINDOWS\hh.exe" %1] A/ @, c4 ?5 W q1 x, f2 K) ]& i/ l
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]2 V; {' s; h( n1 x4 o7 {
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
/ s$ V" t" Z& f - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
+ }8 f# O% M6 G4 y+ _ - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*], B' S2 P( y G" b9 r
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]6 O$ ]. `( R' q
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]2 q+ f9 [$ ]& a. c e8 e
- ==================================
2 y& e( d( g5 {# G0 F - Winsock 提供者+ i5 U) s) P3 r8 R
- N/A
/ p5 p1 W% Y1 S- f4 {1 y - ==================================
* _0 F" e4 {# F1 U; s. t" @4 m( f3 [ - Autorun.inf
; l" i5 H. r" A8 {% ^3 J: [# y - N/A; H0 F9 p* l0 R: u3 H5 K' ]
- ==================================1 D9 X& r1 L2 k3 d8 V! ~" ]
- HOSTS 文件: R( ^& o y9 A0 e
- N/A6 c6 p3 g' `3 W. {! J# ?- Y
- ==================================
7 ?3 {- t/ V: W; Y - 进程特权扫描
) w* e% p3 V4 ^& S5 g+ Q* [( L - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]2 a0 i# s+ g# Y# r9 T+ G/ @8 T7 ]
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]3 w. h% x" e8 M6 s; k4 V5 f
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
3 F: A- v# J- M% H$ b - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
' r: G. D$ U1 ^; l4 O - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
; o0 }9 f D4 |4 r. F$ m2 N - ==================================4 {& c) \" d/ s0 K
- API HOOK
& K' i) B4 g0 O7 @' T - N/A
/ [- T% X2 l/ Z% Z% G' d- X# P - ==================================
5 o9 p. M+ J& f. b$ s, J5 F- v - 隐藏进程
) T. b8 p$ h H0 s2 U1 { n' Q" h - N/A+ N1 H& G$ t4 q0 f/ ?1 b
- ==================================
% C7 Q- |- Q: r; l - - T+ r" h3 ~: Z7 q4 P% W( J
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
