|
|
- % n! k* c9 H9 G& w
- 2008-05-22,20:37:43
0 h4 R9 z' O8 x, Q3 H - System Repair Engineer 2.5.16.900- N# b! n/ O: Y0 b3 D
- Smallfrogs (http://www.KZTechs.com)
0 ?+ R7 v* U/ j# p' t - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
2 G* {& \; C9 a( Q& g - 以下内容被选中:6 I8 b9 W% ^( s' r, I8 }: A
- 所有的启动项目(包括注册表、启动文件夹、服务等)
$ \9 \2 G( O, g - 浏览器加载项
. n+ V6 ^' p3 q3 J( \% k( S( { - 正在运行的进程(包括进程模块信息)
1 Y+ C" W2 g. O; B+ T+ G - 文件关联( Q& s9 Y6 m7 G2 Z8 P4 Y( D
- Winsock 提供者0 w% o" x3 I! E, {5 ]% R1 f$ [! _
- Autorun.inf) x3 H* u7 ?4 X) ~4 h' p* w
- HOSTS 文件- `" L; W1 } a: r: N5 w& z6 Q
- 进程特权扫描
* R9 q4 W; _$ N7 S" _; |$ f - : C3 N# e( T9 D! w+ T
- 启动项目6 {/ l( g. Q& G5 s! A
- 注册表
) E7 z: [8 F1 ]% f q+ j% |# A, ` - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]9 S( t0 n$ _: M a% z% l
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]$ Y9 ?, ]3 a7 I/ U! B
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
# Q. Y! I* j2 I a+ Z - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]8 f0 q) s+ A/ s1 e! Q' l
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]6 ]* h0 F+ d% w% M- }# h
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
2 T$ x9 H4 t+ i: k2 ` - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]" E% F! A* R+ r
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
6 T$ C2 ?. a* J$ K, e# n' {) B& \ - <PHIME2002A><; > [N/A]
+ C+ @( a2 S k6 V" r- g* d - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
1 D& v4 ?3 c0 M& `; N! P - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
3 ]9 d; X% i% @. _ - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]3 P; X- J- G* a4 X
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]' t( W1 q6 I& j# J: V
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]! x' @8 b: m! O8 o5 a5 j, I
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]/ L3 a' F: S2 k0 f( L
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]8 ^+ C% x1 B; R) q
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
5 o' l- D2 D- }7 }, x/ H3 u - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]# r# H$ F% s0 p
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
: g' v# m; R5 f/ @* u - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
/ G: ]2 b) H1 [7 @0 { t' i, S - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]+ v0 |1 S. |. _" U; j0 h
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
9 A4 E1 g( P7 F/ K: M5 T4 b - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]' o- z" C/ E* ?, W
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]9 Y& |6 m2 `) Q' f1 K! r2 w
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]3 a2 x' H" m' Q5 R1 k* P
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
: @/ G R3 l- V) K/ f" u - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]+ U$ W. e; L7 k- F2 L
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
* O7 ]5 H2 X" z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]/ L% @. H$ a# ~" F0 v0 P+ ~$ m
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
2 l4 x1 u3 e3 p0 [5 H) P, x - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]; t# l& @! _% u$ F5 W. l+ N7 P
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
* B* B, [) y+ O0 r0 R - ==================================
! F9 H. k3 O. Z6 m1 [$ d' W - 启动文件夹
s! S3 S4 q: ~3 ^* r3 Q - N/A
6 v3 [! X2 L4 y) O' D - ==================================6 v, `6 ?5 L6 \. X- q
- 服务- | v3 Z- m- ?5 J
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]# g; R4 f+ v7 T5 {5 D: m6 i6 }8 R
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>- k6 H( o6 \- G0 W7 J
- [Google Updater Service / gusvc][Stopped/Manual Start]: p& f i7 Z! T7 }6 X& l M3 R
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
4 Z! E# i# Z/ s. q - [Help and Support / helpsvc][Stopped/Disabled]
1 `' ?) @7 e+ t5 L+ z7 c; x5 M; M4 U - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
( n0 l1 `8 c$ w# I1 I - [Human Interface Device Access / HidServ][Stopped/Boot Start]
1 @9 s1 @2 _( z4 o) L3 ^$ j - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>' T% Z+ P6 f! x5 m! a8 ~
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
: a$ j2 s x6 j$ N7 y5 u/ ` - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>$ ?7 Z1 @/ W; P
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
" f L9 w. {" u7 \% A+ `2 o" e4 A6 ? - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>: y& ^/ v, |6 i4 F ]5 b
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
2 X# f2 B$ d5 x6 p& M; w. M. v8 [& j - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>; |0 b3 r% j6 J! }
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]- R1 ?1 C! T0 p# s9 D0 n; @5 L( R
- <><N/A>, P4 k6 q% c# E3 I/ x9 |
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]6 }% l" V+ {6 n( m' O" q
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
6 G" n( ^: C; i j - ==================================& R) g0 d4 p9 o& S9 l0 G) c* o
- 驱动程序
: h5 w# V& C0 w& D, s$ t/ f - [22j / 22jn][Stopped/Boot Start]9 |+ }) t4 [3 I
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>. W. r7 p) d2 g1 |2 Q6 y# X4 D
- [360AntiArp / 360AntiArp][Running/System Start]
( n" J* r2 `" W - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
8 G) _( q) v, w& x$ ?. h - [43ec / 43ecu][Stopped/Boot Start]
2 y; v( o. `$ s7 E - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
, u4 m/ K( x/ b& z, c& P* h6 _ - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
5 H( Z8 Q5 K' p - <system32\drivers\ac97intc.sys><Intel Corporation>
' F4 `6 i# r$ [7 v0 G* q7 R; i - [Promise driver accelerator / bb-run][Running/Boot Start]
9 h4 q! ^: S5 p$ e% O' Q - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>- T: b- m% ?8 f7 C
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]) F7 A* }7 O& M% `. g* |; K8 m0 j1 Q0 q
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
9 m) ~ K8 Y+ f9 W/ H/ ~, D3 K - [KAVBase / KAVBase][Running/Auto Start]
4 I* s5 s; v9 R - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
5 H! W/ x8 M0 | - [KAVBootC / KAVBootC][Running/Boot Start]
M) ^( _" m" F3 U9 _0 ? - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
; ]% U; N( G/ c W4 O- l - [KAVSafe / KAVSafe][Running/Auto Start]
+ U: w+ O6 _( T* Q1 z. b. r - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>; N' t5 m, ^0 z+ ]
- [KNetWch / KNetWch][Running/System Start]% f4 Q1 u) I0 S2 ^# L, T
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>5 ~; H6 U# i d
- [KWatch3 / KWatch3][Running/Auto Start]
& `1 }, F/ ]5 ~! p2 ` - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
3 N5 l+ f8 c; @' O3 l0 e, @- O - [ntptdb / ntptdb][Stopped/Auto Start]
# U8 m8 {! V, X - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>6 Y# H( n g- M7 [* {1 ~
- [nv / nv][Running/Manual Start]2 c/ R) l3 b; d- s; X
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
( k& b! n$ V# R9 U5 r+ C+ d, H - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]. N1 r, C2 w1 v0 i/ D
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
' i `% C+ y! f" N. c - [DDK PACKET Protocol / Packet][Running/Manual Start]' w4 S; X: @" ~
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>8 q8 V% R4 \- \' `4 w
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]5 M4 z0 ^6 g5 [3 X
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
/ ^. K+ C- z/ X - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]1 e, z. d, i i9 _4 y8 _3 v& M) U
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
4 `# R u. m; ~% i8 D/ d - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]8 s2 c4 K, R' x6 ^# y$ I
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
+ x' L) N- R ]$ u" n - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
5 m8 f8 a) K G" [! f( D3 M9 D - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
8 V. v8 p3 w& Y, ]& t8 | - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
1 D" ]0 b/ A- T2 r: N - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>2 ?6 Q8 {4 N. k8 k% i
- [Secdrv / Secdrv][Stopped/Manual Start]. r4 ]+ D: w( I: P7 `
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
# f0 j3 h C/ b4 i6 y# i; @# u1 c2 Y - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
A% S' Z5 A% L$ Q9 y - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>9 Y- Y- [/ \7 D+ L) P, A9 j
- [System Restore Filter Driver / sr][Stopped/Disabled]6 w5 ^( K$ i( l& l% R
- <system32\DRIVERS\sr.sys><N/A>
1 U' |* Z0 ~% ~0 Q - [TesSafe / TesSafe][Stopped/Manual Start]! y M2 c4 D8 d ?
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
g7 d5 [) [+ T - [System Services / unzxzsrs][Stopped/Boot Start]
. J+ m0 Q k0 n* g - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>! X$ {# j, R7 {3 L y) k: ]
- [ViBus / ViBus][Stopped/Boot Start]
2 l1 V! e2 N3 ~. k9 N2 W - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
: y3 j# u l$ D - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
% H; e: _ o9 {6 u! c - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
' s, u O* J. p% e/ X - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]! @$ C" X2 ~$ m4 Z+ _' z
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>% ]8 q( l5 R" b% M n% {- W
- [ATI Extend / zhibmaso][Stopped/Boot Start] X8 F# k" F& E
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>8 @0 N+ E; j: w- |2 _# B" U
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
' K( Q3 N$ n( J0 D0 V- C3 c - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
5 s& p5 R9 _ [( I- \9 m5 T! N - ==================================: Q* f1 B) z+ H% Z
- 浏览器加载项
7 {: T { o8 `) [ - [Google Toolbar Helper]
5 ~0 U/ N! H* Z# X - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>! C, t4 y) e' O
- [Google Toolbar Notifier BHO]$ y: m' J' r. W4 B( y8 A! Z
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>0 F4 t0 C# v9 f% T
- [SafeMon Class] i, Z/ |" \# _* q# o
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
+ q- [- y2 N0 @+ q4 N2 G - [kingsoft browser shield]
0 M& h0 A% X* G - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>' P: e2 d& e, v- X) X( W
- [IEBuddyExtControl Class]
2 f8 P$ S6 z: P+ [& C" Q - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
1 a8 b" t: x3 G - [Zcom 杂志]
& \4 k8 K2 p% n* r - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
) q% a% `/ A9 ^; G - [&Google]+ a1 l) J' a( c
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>, M* ^6 ]) w: Q7 X a- T Y4 Y
- [KooPlayer Control]
7 y" _6 W! c& L6 D/ k Z7 _ - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>1 l7 R* n) y: @( w5 J7 Z
- [Shockwave Flash Object]% T, [6 P- [: N4 s+ U L$ h
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>) j6 v3 [0 u+ g: R8 P3 K) G% B1 M; C( z
- [KUpdateObj2 Class]: @, h6 v$ T9 M9 x4 x
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
$ s0 f* d) w. J/ I y - [Google Script Object]; G9 l( H" O9 S# v4 L% a' S
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>! t& A& q2 ^* \& U8 j5 }! |
- [EWA Control]
9 J/ g$ O9 R' b- R& B - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast> {: t, d8 e3 k& f1 X1 r( o
- [Windows Media Player]
1 J) y5 y0 U$ x! k3 { - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>3 W D6 a- N7 V1 T2 q
- [&Google]8 _- i3 N5 e- g+ H
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
& B G2 h" D% p q/ T - [HTML Document]! I7 _# l* m5 V$ k
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>9 E" [7 h, v# N! L0 [& k9 L
- [DHTML Edit Control Safe for Scripting for IE5]
% z7 i6 \$ g+ V. ]6 M+ }" N% I - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
6 T& f) u. y# Y- J% ^! D - [RealPlayer RAM Download Handler]
, {3 b9 d0 G7 P& z/ j( E7 X H - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>9 k3 ]6 X+ V4 o" P: r
- [IEBuddyExtControl Class]: O- z- M8 {, [+ X( g0 i* s
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>& u" @" q. a* ]& {
- [XML Document]
7 x |2 M! H- C) l0 }3 ` s% A& \( m - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
# V* u; C3 Y' |$ V+ l+ v) h3 Y - [HHCtrl Object]
( M/ R- z- s9 |0 s/ F - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
n) z3 s) b0 [2 C6 o% O - [Windows Media Player]1 D3 \* x7 [( w& p% g
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
; k, \7 `# D V- S0 M - [Active Desktop Mover]
' s' d- a# J& `: ?$ [8 C# O - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
4 l. K+ I' l( r* j9 _ - [360SafeLive]
: b" P* e6 Q5 d, N- _ - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
* ]' t+ ]* V* r6 d& G - [Microsoft Web 浏览器]' u2 h5 Y- y9 o1 W# {
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
; @' e9 ?% j E$ d0 ^4 I$ v - [Browser Enhanced Objects]3 i; p& S, |4 K: W& E
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
+ } h: L# J6 y3 S - [Google Toolbar Helper]% S" ?9 Z' r% |0 h/ R; t& q* c' T
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
# h5 q% i1 A9 v - [Microsoft Scriptlet Component]; v& |7 Y4 g Y* X
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>+ w. S# d% C3 Z, X# x) d2 `
- [Google Toolbar Notifier BHO]
! F+ R0 \& h6 c T( R; w0 C t0 d' [ - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>1 B5 q! Q1 j( z3 b- H+ H1 }. a& s
- [SearchAssistantOC]0 }! }) S' I0 q% p3 \% U( ~$ k
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>5 S% e# C8 D E) I1 n
- [SafeMon Class]. p; m+ I8 L* u0 W% a$ S% m4 _
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
4 {5 \" V! w, ~9 s - [RDS.DataSpace], B( v* t7 Y' A& @+ k
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>7 r7 G, \+ D% F& I& ^" `
- [KooPlayer Control]
: o, ~6 ?! g. Y" K$ B! { - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>8 u! h' C5 E2 O. K, X) u# p& f- u
- [AUDIO__MID Moniker Class]
7 [. }- G, M- A: k) Z2 }2 `& [/ u - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
7 I* P& { y1 K" e5 z l - [AUDIO__MP3 Moniker Class]9 G$ F8 n5 y8 l1 X
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>) o0 g, G5 H. q& _9 ~2 e# V, g
- [AUDIO__X_MS_WMA Moniker Class]
+ D: I* i5 o6 C$ C1 A' D( |5 o - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>+ ^9 F' J: A1 s ~' W4 ?
- [VIDEO__X_MS_WMV Moniker Class]
, ?3 i; W8 }! i* U3 i - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
2 M8 h. n! j, ^: v3 }# \. q; p - [RealPlayer G2 Control]
3 p9 m; S4 }. _9 Z- S - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
/ U' Z- g2 @6 {6 c- D) _ - [Shockwave Flash Object]% \: |3 x3 _0 M' H4 \) n' {- y1 s) m
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>8 R( b4 |& q2 ?3 E8 c
- [KUpdateObj2 Class]
3 c" a/ \$ I4 |1 u, d7 V - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>3 P) i- l4 _) I, i$ e
- [kingsoft browser shield]
. V# Z+ ]+ t ~6 K7 `5 w - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
9 W* W. V9 i; t* ? j. j0 L& [1 G - [PasswordEditCtrl Class]# S, {+ r7 g& T5 R1 D
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>! k5 T- \+ `8 P4 q f- |
- [QvodCtrl Class]3 \% g3 F: |! y; o0 h+ o
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
- J* J7 e+ Y! B - [&使用超级旋风下载]4 L+ Q0 q8 ~( j. U! p' P' r# Y
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>( V6 N8 R0 |( P- [
- [&使用超级旋风下载全部链接]
" B3 q7 o6 ~7 v- {! h+ n! n! Z - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>4 `8 t" T4 A; T+ H$ m" `4 t
- [使用迅雷下载]
9 s q1 ~( W/ x% j) n3 K - <, N/A>
i$ b/ s- h; l- K# h5 c$ p" D6 v - [使用迅雷下载全部链接]
" {$ r1 G6 @: Y - <, N/A>& W0 q! G. ~2 l6 T
- [导出到 Microsoft Office Excel(&X)]
9 {# n& X1 Y: Z& S |- e9 t2 { - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>7 | u3 ?$ o, A, v H2 [3 }4 J
- [添加到QQ表情]$ J5 P; l5 y( S
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
) ~$ o+ U) C' c" X, o - ==================================
0 T9 R# [* L' z - 正在运行的进程- K! {2 r+ D: s2 p
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 P6 e! g0 H7 g# V
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' \+ H$ j+ m7 \+ k
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ M- {9 Z1 k5 S, T3 T( } - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
% G6 ?! n4 h' ?. g A$ ~ - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 C) X9 l1 x- H5 a. E
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 ~9 d' P9 a# U! u - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* n6 s& D7 g, M3 e ^: k, W( Z( K - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 v3 K* V+ R3 E
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% F* X9 s' | z: O o
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
C. _/ k: j _8 w4 w0 ]" ]2 | - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ i( y% A+ w$ K( m, c* ?
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]3 y h9 w* o q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. j$ L. |0 B9 K' d0 o- s; j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]. g* d' c" ?, X( P9 Z0 }
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
1 ], w9 I( l$ h: U& R+ U$ y1 N( m7 w - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 t1 O! Y% k/ c7 x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
: d8 n) O. ^' Q: ? - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
9 f1 O. r; w: `7 d- D% G( o. k - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]: A- X/ J; X% C+ ]& c
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
' O0 C8 B; }, H9 c* J3 N! d - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
# D3 d& z* K' {$ X4 E - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) W' o3 U8 G& j" Z) x - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]9 R6 K9 q) ]4 e0 _6 c/ P7 K
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]0 Y! A# D2 f- T! ^$ I3 D
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]8 g7 g& ~2 ]( N2 x
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
3 y" S/ @: K7 @4 p - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]% U+ p: W/ P! }+ _
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 o5 C; |/ H8 a/ s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 n4 e4 q0 _" Y/ Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! A# J R' g0 M# z9 P - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ D3 L9 J! V1 ^9 x- j I# s, s
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# [+ d1 v. w% A3 f" n8 ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ `9 \+ q' H- n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 t6 h5 `% z2 |1 u& ?8 ?3 X
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0], L# B c, X+ t( F
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
3 s, y3 [; K# U- Y - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
( y7 K. {" Z6 w8 A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]9 W4 _4 k# m/ D6 ]7 b2 o: u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 L# ]" M; r' v2 k" u5 [
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
" I$ A& N5 r) E) n- R9 ~- m - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]7 z1 n8 q" I. R4 x7 |- D# R
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]0 Y8 {3 L) M6 b9 `
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" @8 J* ]# @2 o* m/ ~, K - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; l) g" V3 n7 `" x& u* J
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]$ t2 q3 \* l! u. U, {3 [9 \
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! v" k: q$ H' y6 m2 j2 Y3 p
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
, m+ ~4 d6 M' P" L: s - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]' M, y+ j, S8 ^3 {0 ]: x% m6 x2 r
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
9 s b+ V7 A/ h9 i; d8 h" Y# m - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]$ J: X) T2 N8 H. l8 x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
. U1 u* c4 {5 A/ W# \( v - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ z# y, A9 ]9 g% w# o/ v6 C - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]3 K0 [; Q% e2 A0 M- l @2 z8 k
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]- @) j" R4 {4 K! x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
/ g2 a' y# G) }; w$ s5 S4 i. R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2] n! _+ G, X8 w2 u' |. F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83], H+ z- p, T3 V( d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
4 N, H/ d7 S$ ~! z9 b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
! m. _5 f( r( {1 j - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
+ \5 [- c' ^3 ? - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
' k3 R+ K" t* S+ ~ - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]/ n2 f% F! v c1 }0 Z
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]2 y2 F" B5 u( K" e7 M8 l( q* }9 D
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
/ G1 g( Q. A! d+ r3 @( p* O - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
) |5 P# U/ s4 r0 ]: A$ S) ^ - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]0 X" z+ ~" s- |, r; r
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
* j4 x+ k, X, D" I - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
2 P( r% E" V% L - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]# b9 k4 \7 J e! O
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. g3 u( c9 k* T, S5 f" c - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0] }, V N8 q/ L. s3 R' N
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( l* S+ f' F0 n/ Z- [! c3 J - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* G; p- U- N, I: J' ^% \
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
& q" o! L7 F7 n- L - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. G! O; u( n7 A& p( A8 S8 M* U - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
4 p; J8 c/ E! U9 e$ l9 @ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% @. f% x4 E# T5 l* C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ R+ G9 p+ N* T% n) o( z& R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! h4 G- q% z7 N1 K) { - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 ^) ^6 S; c$ ]# B* I1 R
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]7 q: E2 Z- }1 n+ |) q
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201] g6 |5 x0 Y- u9 _; }" j4 i' |# I
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]& {7 w3 h! I& f; U3 f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; H- d$ e* x- Z+ O, i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ g K$ W7 `. X
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' w; f B4 T( T7 d5 [) d
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900], D9 b" c! N4 s; s% e8 ^# G
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) q& P0 k, O x, n- C3 I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
2 ^; c. L, }5 L& E - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
6 O& F5 w) W; P% d' B - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]! k! } A; c% N" z! g6 [) a* D8 C
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
X) J/ M, J, q" h" A' i. m0 J2 | - ==================================2 G* _8 J/ l7 n! N2 Y8 u
- 文件关联5 ~# ^" k7 Q; s. s6 q& Z% Q4 P
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]+ K; Y/ `/ i4 i! g( V4 ?. d
- .EXE OK. ["%1" %*]4 x& Y7 a' Q) h& A7 r: O
- .COM OK. ["%1" %*]
4 r' ?% o* g1 N3 q" ?8 \ - .PIF OK. ["%1" %*]8 X+ h, c6 z3 A8 Q& l1 c0 ^
- .REG OK. [regedit.exe "%1"]% m/ n, d* n" g! y; Z
- .BAT OK. ["%1" %*]9 D% d8 W' Z5 W' I# f
- .SCR OK. ["%1" /S]6 a$ u3 e' J9 |/ o8 v% f
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]+ l3 T& I7 A: q/ v/ h( V+ g
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]8 P. {( U* p$ G- V$ ^! t
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
2 B: i* M9 j# a: C6 D# U - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]0 R5 z8 P5 f( Y8 j$ Q# `, Q; `
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
$ y+ f$ d, ]: p3 r% p - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]4 d1 B' R- x3 I# L
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]/ ^1 b, S* O' M: Q) }
- ==================================8 s& \5 e9 j6 ]/ C
- Winsock 提供者2 _( a8 b2 o" h9 S' N
- N/A
0 B: O R+ f. x) W5 ] - ==================================* L% h& L2 m9 V7 R" m0 [
- Autorun.inf; Q& u7 s7 \+ R+ w; _% k
- N/A) T% J- x6 e1 o
- ==================================7 K2 H' w; Q5 G7 w; V2 i/ U% }9 r
- HOSTS 文件2 ?, e. `+ G, S' K
- N/A4 ^7 [+ ~; p% I- T- J% q9 i' O
- ==================================. r7 @2 h4 T( B c8 k( Y
- 进程特权扫描
/ m( ?( T; F) y - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]2 G* o4 S E9 k4 q, }" h5 }' u) N1 t' ]
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
+ D% d" v4 A) j5 y/ M$ c - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
0 ~7 v& Z; x8 u! x; L8 Z4 Y - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]4 R g) z! j4 b8 H9 S5 }
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
( k4 Y& V& |5 v - ==================================" W5 b- b& }2 [% \7 `& k. _% y
- API HOOK
! e, D3 K! j& m w1 a) | - N/A' g! R; q/ @6 h6 M3 L
- ==================================" {8 s8 A' Z: ?8 H: V
- 隐藏进程' x# d( z0 g# N* f' h" P
- N/A
3 `$ ]" D( d. N0 x - ==================================
; I; h5 G8 g$ j$ B3 A
7 @- B. F5 z( `, E# B' m( B
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
