|
|
- & I; b1 s! n0 i4 f
- 2008-05-22,20:37:43: ]( ?! I2 ?. r: ?( ~
- System Repair Engineer 2.5.16.900# r( R5 [! \9 c% s, L6 D) D+ R
- Smallfrogs (http://www.KZTechs.com)& a, L" f& t0 T
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
9 D. Z5 s" A3 r0 j - 以下内容被选中:8 V/ Z( @/ G; R2 s0 U7 W
- 所有的启动项目(包括注册表、启动文件夹、服务等)9 K4 e! K7 l7 o3 _6 d( C
- 浏览器加载项 ~' }; Q& N5 _+ ]
- 正在运行的进程(包括进程模块信息)+ ^) f$ m4 l- ^+ d8 }) z' F9 A
- 文件关联
$ p3 n8 L" {7 T/ p$ S0 a; D - Winsock 提供者
( V( y, v0 \8 G) ^ - Autorun.inf
( o) {5 f$ F: `$ H - HOSTS 文件
( y- U/ Q2 G5 n; E - 进程特权扫描, g" g& P" N* d" ^ v9 v8 B; @& m
- ! ]0 O& m. \; s0 P# a& W" x- T
- 启动项目
, w' v* G' D X, e - 注册表
" u0 x6 l% _, o8 O3 q - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
. i. m/ J& e4 }+ u# P: v R - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]" d- _& {7 _! A6 W
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]3 S! @" f6 }6 Q9 r5 _
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]8 y6 ?! ~! U$ @: x! h1 B+ E
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
1 t# g' [: s3 s# a8 i( ^2 f - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
/ ^* |1 s+ ]' G' ^; E x - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]+ J1 } Q4 m/ J4 Q5 [: L9 O7 {
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A] P2 |6 H, f* ]1 y5 e
- <PHIME2002A><; > [N/A], @4 r5 c( a) q) ?' v2 T
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
' j# x) H0 m" g% d9 }; T- B" g - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
; V( D( X W: T b& j) g/ b9 Z& ] - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]! `* ?9 Z# v4 L
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
" _+ T6 n0 c& O% X- w! l - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
# ~1 v- o/ y# H+ V& f4 Q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]8 c. ?8 ~& S5 F$ ?) ?
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
; g' J5 o, R" m - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
2 y2 e5 f4 ~* P" v2 U/ _# [ - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
* B6 s4 L" ~2 E( G& i4 C) g - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]/ m& a7 ^2 w$ o! V
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
3 W' o/ V- ~& F$ j1 U7 l - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
$ ]1 ]" V" H& e, } - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
) q+ Q9 B6 j- ?, i- U# R - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}], G0 O+ ? k3 P4 k8 t
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
8 P# c6 D, x2 G( C6 \ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
) K/ d9 {+ ]" O `; e6 {) T - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]6 k' q# n! y1 n1 `& c& j
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
$ |/ W+ t, o" J) e9 L7 M* ] - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
( s! s5 E3 {# ]5 f& m- T h - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
5 n6 E; \1 k2 t3 H9 A- N8 \( F - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]4 u* \. T6 b/ ^$ o
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
/ W+ }- y. e- r% s0 A - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
# q, P3 T |( q0 C: W2 p, u - ==================================
9 h" E% n8 c7 p - 启动文件夹
9 ~8 }" N9 n1 y8 H4 Y' [ - N/A
- A4 ?$ x' `) b) \" ]8 B1 q - ==================================+ R: R6 Q5 w6 \+ x5 q* B* k' B
- 服务! ^$ r, H; I) a, j5 G
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]; f# D% i4 q( v: r# A
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>2 ~; O4 U3 Q) o4 W5 n
- [Google Updater Service / gusvc][Stopped/Manual Start]* \5 \4 f; x8 Q8 e2 T+ W
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
2 a6 ^# M$ E0 o. D7 l, A - [Help and Support / helpsvc][Stopped/Disabled]7 q6 S3 M, j3 w; l$ d
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>* l/ f, h, C9 V- a# v3 W8 [/ W
- [Human Interface Device Access / HidServ][Stopped/Boot Start]: j- O6 N4 p. p) W
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
6 r p# R! P& ^8 l% N& l' n" ]6 c - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
n5 t5 M9 w2 A: P' t: s - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
! X' E+ K2 R3 s1 T. v/ ? - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]8 h" r5 M1 ^ X( s4 B: i8 Z
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
! s1 Q/ q2 B0 _( `2 r8 Q9 ` - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
7 b) R5 \: {- w: q5 }. A: W' d - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
7 F4 x6 T" I% B G, h% v( ] - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
: t8 }& G- ]6 l }0 V - <><N/A>
- p9 L2 ^# i* s0 H5 X5 m# v - [Qvod Terminal / Qvod Terminal][Running/Auto Start]5 b9 Q" }* b6 N3 _, s
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd> `+ G8 a. S [
- ==================================5 ]4 X! z, L# f' m& e/ k9 b
- 驱动程序( u/ o" p. z6 j0 }- L" w" v" S! G: i
- [22j / 22jn][Stopped/Boot Start]# s9 ?2 P& L3 @
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
7 c6 v# @0 ]' Y A& q( D - [360AntiArp / 360AntiArp][Running/System Start]8 Z; X' t3 t& u5 Z W
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>8 h5 M0 H$ L/ T2 g" h& q! U2 Y8 @
- [43ec / 43ecu][Stopped/Boot Start]% ?* | d0 a3 v" [- n* z
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
9 X( H2 o# ^. E% @ - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start], O* m/ r- s" y3 W5 z5 Q
- <system32\drivers\ac97intc.sys><Intel Corporation>; X' h; @. @/ h! L4 s4 W5 E
- [Promise driver accelerator / bb-run][Running/Boot Start]
" d" |1 ?; Y. ^. a - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
- D# q0 j4 ]% Q! U7 D - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start] n S0 ^' K* ~1 H# Y' E
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>$ Q# a9 r9 P9 G. H, @$ p: A
- [KAVBase / KAVBase][Running/Auto Start]
7 S1 w7 P9 _# A/ S7 i- K - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
$ G1 ^* j+ f; ~- `- o# c0 Z' |) E, i3 L - [KAVBootC / KAVBootC][Running/Boot Start]& ]3 N# a/ D6 z) R1 y- C6 c
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
: J5 X: U7 ^3 `7 \" z5 m - [KAVSafe / KAVSafe][Running/Auto Start]
3 N% W- \9 w( Q* d" ~0 F' N; c( B9 F - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>$ k) z" O3 O1 W) W9 M: u4 }# }
- [KNetWch / KNetWch][Running/System Start]
# Q3 Q) m; Y* y- { - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
, x$ E* m7 d ^2 G. G9 }+ J! V3 @ - [KWatch3 / KWatch3][Running/Auto Start]
1 M4 J# \# v# h) K S. v - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>, k+ H, R/ P/ m# ^5 ~$ f* ]5 n0 [
- [ntptdb / ntptdb][Stopped/Auto Start]8 b% O2 z& e6 Q5 M9 ?' f
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
" y O: R9 G% q# N' j - [nv / nv][Running/Manual Start]
+ X/ u& _# N. o6 X; U. X - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>. Y- p! Z0 {/ ~. T4 w6 w
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
' k" l6 G w. ? - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
7 n1 e. [0 S; C* m. l P - [DDK PACKET Protocol / Packet][Running/Manual Start]
( @. v2 Y! n3 S v - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
3 [! I; E# I# H - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]/ ?- M: O3 B+ m5 R0 H: O
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A> f0 j. B, ~) a$ H! s8 x3 X
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]6 B6 \* _8 }. N* `
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
' a! g, @) ]+ ^3 ~( f - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]* q/ s) T% u- W( J* U# R2 U
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>& b! d& p! F0 k# W9 n8 X+ K
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]9 h$ V! V- Z% t' P4 z
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>' }/ e$ d* g h3 I4 z, w7 O! j
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
/ a1 e) ~& P6 U; v% @ - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>6 W( ?7 d; }* Y- x
- [Secdrv / Secdrv][Stopped/Manual Start]. @" T7 ~9 h! w0 l; S
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>; I# I. B% a* i% h6 C
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
. K3 J/ h, Q' t! A9 {, e% t - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>* i# Y7 v5 K" }! W( F$ g; X
- [System Restore Filter Driver / sr][Stopped/Disabled]" d/ _; T1 X; [. K6 @
- <system32\DRIVERS\sr.sys><N/A>% b0 J @8 v3 [5 I$ X* J
- [TesSafe / TesSafe][Stopped/Manual Start]
+ N5 s' `7 n* l - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>: _5 e) n4 N _2 P' u: ~# H
- [System Services / unzxzsrs][Stopped/Boot Start]
3 {- S& c) t3 U, D - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>6 M& p- H* H' g# N
- [ViBus / ViBus][Stopped/Boot Start]
/ G5 w8 B8 N3 a$ p: ] - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>9 S0 m- ~5 k' M2 j' I
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
+ w B, M5 j) f! q$ p. x - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>9 T2 t' x1 n! T3 f$ S
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
! o' \) K0 K5 ^2 Z - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
) j+ t3 ~7 Z3 L; M) }. s - [ATI Extend / zhibmaso][Stopped/Boot Start]9 Q. G2 X, P7 N) I4 r
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
! @5 p; p3 c! G* Z. d - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]( S7 s1 E& c4 P5 Y3 l0 l. G
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
) K- ^# O. F* z( r p9 Y8 Y - ==================================3 I+ D" m& j1 r
- 浏览器加载项# o+ q* L# S( s% Y/ m
- [Google Toolbar Helper]$ R" m% X9 C+ m M
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
" G% w, P9 Q, p, S6 z: ~ - [Google Toolbar Notifier BHO]$ c6 P+ Z4 T. i" d/ Q
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>2 Q; \/ B1 }4 f
- [SafeMon Class]
: p. ]/ X& ^5 s& O% ?) U- L5 `- n - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
# T/ X- t# |' V - [kingsoft browser shield]' f5 B, p7 U0 Z9 W# ?8 Z
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
) c2 Y1 e5 \2 @: y8 r - [IEBuddyExtControl Class]
, n* `: ^# W0 X1 H$ L! l9 ] - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation># i4 w; y" s2 v: ^; ]
- [Zcom 杂志]
1 p9 s' E& X% x& W - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
, `. L7 ?& I: d7 o! M - [&Google]* w$ [& D# M7 A9 }5 n5 _! K0 F
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
& n: n) J+ l' E0 A! P7 x - [KooPlayer Control]
& D/ N- A3 O& z' K4 c - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
# U; m/ l. f( K! _; o* T+ C - [Shockwave Flash Object]
. K0 I8 H; b( ^" i* r2 ^& [ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
4 u* n' K9 R) c# L - [KUpdateObj2 Class]
$ w) V0 q" P0 u7 K7 J9 {+ Y - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>2 o" j `; c9 B
- [Google Script Object]9 a; q# }8 a$ s K. {! g3 Q4 W- j6 o
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
* L1 n1 Z; ]' y% w+ a* W2 q- s ] - [EWA Control]
: _3 a0 Z1 k# X% m1 p0 T9 J - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
" x Z+ b- D( `% i! X0 | - [Windows Media Player]
3 s1 Q5 ^( @) Q4 d - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>, C* ^9 J/ |) w
- [&Google]1 X) w( [4 a C+ `1 _
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>, k+ B; ^& d" u/ b
- [HTML Document]) S: r @; S( g/ v& z- Y0 l G$ G8 }
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>+ N ]. |# g$ e
- [DHTML Edit Control Safe for Scripting for IE5]
6 I0 j; T2 p$ ]$ u( e - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>* W3 _) w# q9 [9 I5 _4 Q
- [RealPlayer RAM Download Handler]
* v; h1 W+ E$ Z, I. K1 N {6 @ - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
# x) q9 h. M [8 V/ z% [3 ?% b - [IEBuddyExtControl Class], N4 y; k+ x1 S i0 P9 L
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation># d0 t: z- A/ N+ H. h9 W: W
- [XML Document]% w) _# F" K% A: V
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>4 S6 r# n/ ]" V. \, S, w- o
- [HHCtrl Object]8 ~3 O8 h! K/ R
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>- n$ r. E; z4 T4 |* Q
- [Windows Media Player]9 s) u9 R7 x# }. n( i
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>, \$ ~1 }- n; m8 R, `& k5 E
- [Active Desktop Mover]
: Z, O1 [: E$ c3 {0 s - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>: Z( @* X) i% Q1 D0 A" \: S
- [360SafeLive]
9 o0 c2 L. u/ P" k. o3 ? - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
* C- }2 W9 H* [* n# { - [Microsoft Web 浏览器]4 l- T) B* l' |- x
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>: U' r6 O# x. \7 B: O/ O/ r; z
- [Browser Enhanced Objects]; n( n0 |$ [' Z; W5 W% S1 \
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
& y( l, e5 k/ F* c; M - [Google Toolbar Helper]
! t! r9 u) S$ @2 H! _8 O - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>, o' A3 S9 q2 |1 w
- [Microsoft Scriptlet Component]
) O6 {" K2 ?7 f0 l" j: N - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
# ]. v( Y6 L8 F& P+ L* ] - [Google Toolbar Notifier BHO]
) i4 J3 o% g# ]) N4 ` - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>9 C0 F ?3 D* j X5 `* S, q
- [SearchAssistantOC]
. M _1 `4 T/ m - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>9 F) T& B8 Z7 K# V' q) X
- [SafeMon Class]1 B+ D7 D6 w9 l( k) i. |7 v3 `
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>) h! N5 n7 P6 h8 `
- [RDS.DataSpace]% E* L) k. b0 s* s3 X/ b; w
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
0 L: A2 O: a# J4 X - [KooPlayer Control]
( q& s2 y X0 B1 _4 A - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>) q1 r8 J% i; V9 R$ R/ d, v/ y
- [AUDIO__MID Moniker Class]
J6 I+ n% ]" l. N8 B# y; ?- I - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>% Q; t& N' J) K9 a4 M& _1 {
- [AUDIO__MP3 Moniker Class]
* Q6 |2 y5 u& w: l - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
1 T* x' Q) p3 Y& {1 Z' m - [AUDIO__X_MS_WMA Moniker Class]4 [+ f( S8 l4 k: b' B
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>( w. x+ F7 L' i1 U m$ B
- [VIDEO__X_MS_WMV Moniker Class], Y8 s, p6 l- e' `8 f( l/ ~
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>6 n. b) I% }7 q* f4 P; z( I8 m
- [RealPlayer G2 Control]# z; z) O$ p4 |5 @8 \6 _+ R
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>7 v# k5 q4 p: ?
- [Shockwave Flash Object]
1 l; S3 f/ v0 E1 }2 P - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
1 m% l* Y! j d/ z6 G, W& i \; C - [KUpdateObj2 Class]
7 X' u8 e$ `3 C7 |8 P - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>/ r$ S9 W. M- Y: Y {3 T
- [kingsoft browser shield]
' @3 W- l# h# P: A2 I5 _ - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
. l! h8 k' R, i. ]* }9 j% R - [PasswordEditCtrl Class]
' V2 j* J. P* R9 }0 n% K9 h, Z+ C - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
' ?/ V7 D3 B! h4 [) N% l - [QvodCtrl Class]$ \1 }6 _9 Z0 ]
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
( \3 h2 E- |3 f6 u& b3 v5 |- I5 C - [&使用超级旋风下载]
; W- X& ]5 x) W3 ? - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
: Z( }9 ^; @8 c' o; P - [&使用超级旋风下载全部链接], z8 B3 i/ y6 R _' h
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>, [' S' B) _, P% V: i
- [使用迅雷下载]: p2 Q# q4 ~* a1 ^; k* s' g, U
- <, N/A>
0 p) [, _1 N6 @* q" o( g8 B - [使用迅雷下载全部链接]
% m2 p4 h" _2 K" R; z - <, N/A>
3 _+ P' Z6 ~+ s) ]. ]% X" b, K - [导出到 Microsoft Office Excel(&X)]" s% B. f. P: }$ C) ` G. u- j
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
1 u9 _/ s" N/ B& _9 E - [添加到QQ表情]3 D! L0 k A' G" _) f
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A> k7 k% O ?) x$ O& E' }: X
- ==================================
0 ?/ W, T8 v! N; v3 ~" q: i( g( i - 正在运行的进程9 W0 }6 r) G) Q- z$ p! l% D
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
u' _; G, O+ I9 f8 h - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- i0 w* v& d$ ]" t$ ?1 \ - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: `' \/ l6 P+ G/ ~
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
+ E z$ `% m% T; e H - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 Y- ^$ n* V' P0 |4 U- _ - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: X6 `" K5 h7 b C4 D - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
, O0 V% H- j; Y1 T _9 @4 t2 x - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 n0 m c) E3 w' B - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( T6 `, }5 r( H5 V3 C
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& |! v. Y* ]- ]# |. A! U3 J - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ c+ o5 t% L2 g: ^: }1 V
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
: L. R# t- C5 Q6 ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# U2 F( y! H/ k4 c8 |5 X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ V3 `* {# U* Q - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
* P5 k3 r/ i4 c- h8 O* C" { - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. G* S# Q# f. r; Y( S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373], c# [9 n) s6 q* c1 c% ]# I4 q
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
Q$ F& T' y) q8 T Z) G8 G0 o - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
6 x C1 c7 h, F* x3 ? - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]- N& Q/ T, B% ^% f! i7 O6 o* s+ Y
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]' w W* p: D" `
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
V/ k. h5 z, s/ b* x1 S8 B - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]# O7 I/ \( |* |
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
i3 l* b5 g6 _- O - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]: @4 Z) ]2 ]# q7 R
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]4 e; i0 V9 C$ {5 G, R0 f
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
4 c+ G$ j% k: u& `# A( Y/ z - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
& g. ~$ B* h- q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 H$ Q+ {5 r$ ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 \* e" o: b2 l9 r' k - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 R A8 e3 ^7 w# v# ~7 G7 I - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 _/ F! V% S8 O G8 N1 b! T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. m0 m8 f' y/ P' \% d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 ~4 D$ ?# Y+ {$ b - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' k- p5 P& }% e9 `- e. Z: N# M
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
% m, P ^/ T1 [ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
* [2 b8 o/ p7 Y( ]3 N8 z9 a( O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 g1 B! g6 a! `8 O- ?4 d5 }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
& _' M7 \) d6 f/ a/ k! s - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
9 d) H* | R* w+ l) \" g4 u - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]9 E* G+ N# F/ L( E7 r$ v4 @5 g
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]6 x3 v9 c r$ f8 { u* S( O1 e. J
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
/ F- c2 e# _0 F% M& e/ H% R5 c/ U - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 f, ?2 g" U$ m/ B* J8 A5 f' c
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]( C+ E, P9 K$ F! x
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 m8 {8 w% f! ?, _( ^/ c$ w6 F
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# ?9 c5 Z! ~" T! o6 x% t6 ]
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]: L( C7 w+ w. T
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]' k+ y2 F" C# e4 Q. ]# k
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 K; M, t# g$ l& k) j9 Y& @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ e; T! h9 z; V ~; J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]( {* J! E3 I! [# M. @/ a
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
$ C% u5 T$ ]0 ~5 ] - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]0 S$ y! @2 K! n- A9 F! t y4 B
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
* u8 A! P5 r0 M! B7 V; J/ n0 a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]/ _+ |' e* ?$ {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]9 ~+ E) w0 A2 M4 ]( T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
, R1 n6 x$ y6 _1 {1 j: B) J - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]1 ?2 j9 y4 m4 x' [) e5 y
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]5 w- j, j' ]4 K' t4 _9 c# X
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
( S2 t4 Z e) |9 D U$ A9 o" U - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]6 `5 x- x3 ~. b; |- v/ Z. N# E6 a
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
( u9 N" D. {9 c% c K2 U) c, M" y' g6 J - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
5 b! u: O' E; ^2 t2 n% M: C - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
6 r% o$ E( \5 b- @ ^" C - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]+ H) W2 l6 m+ G, I( H/ |3 b" w
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]5 s4 c7 h9 B" z6 q; q
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]& O. y; g& S$ {+ P3 {0 f
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950], R! T; Z* F+ Y$ V' g
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
: [+ r' a& z% I3 N - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]+ i1 H" C) \ r
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]5 N% Q# y$ w: A, E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ }3 Y, R0 s$ u! I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; u {5 |+ [# p; ~8 p2 B, K- K+ C: c - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) ~# x" b# a9 @; i% `
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]8 |0 f/ Y/ e! E
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 F- B0 \4 E, G# o7 D5 r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ {. ]* m* X0 H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 O; m1 t+ ^3 z. K9 V( I/ X9 B
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 v/ V2 ]1 A* w6 Q' [" J - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
( X3 ]$ f: h4 j' F5 V X( w! m/ y3 T - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
. ^: k' B! q2 `! F9 N - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
; k C4 N* Z W$ h* ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( Y5 W2 e6 D: X# K$ h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
- z, w1 H: q3 F+ e$ r& t, M6 | - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* o& o! }, A# ?0 v' ~
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
& k" p' Y8 e6 I( u) W3 R - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* P- |% @6 f+ x# n- e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
' ~8 R/ q/ F* U; f5 f4 g: h Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
: n" o+ M# H8 F+ U! A! I7 V - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# L. B* A- \: ?! g$ b
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
( O2 L- \/ m7 q8 d3 \% y - ==================================" z3 {, v" k% p$ d0 B( _
- 文件关联; \, M% W8 J3 j% Z U4 A9 T
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]' y- J# H5 x! u+ ~
- .EXE OK. ["%1" %*]
: e, O- Z2 X1 G2 x3 Q3 I5 H - .COM OK. ["%1" %*]
S) y: P) f; b# A9 i5 V - .PIF OK. ["%1" %*]
& Z( n _4 r. ?3 ^ - .REG OK. [regedit.exe "%1"]) f; o- s" q7 z+ G
- .BAT OK. ["%1" %*]
- A: M5 _% @! z2 X& q% x/ P# p - .SCR OK. ["%1" /S]4 z4 Y- g) }! P) B# w0 I' n5 f
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
) J# K# [; z: } r - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]. Z! F5 X* S) ]" U# _5 w
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
8 o* |* l0 ?" g% x! g% j3 G - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]6 P1 d: b: F) X0 T) U \: m; I6 S4 {
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
2 L2 J- y& t c - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
/ e' R- s/ I; H" g7 u% M - .LNK OK. [{00021401-0000-0000-C000-000000000046}]" [3 J! K7 M3 A4 G
- ==================================
9 T" o7 A o2 G0 v# ?. p3 g - Winsock 提供者% o/ t3 J: x9 J4 H
- N/A
" d) ]3 H; v4 [& c; Q& j - ==================================$ N* |; m6 [. X, L: W$ M8 t
- Autorun.inf' D! ?7 e5 V/ ~! g
- N/A
6 t7 W! @$ g$ i$ S [- T) U( _7 L - ==================================% S" f4 j1 t3 q V$ P
- HOSTS 文件
; d3 z# ~0 U/ @* ]$ A# o9 x' Q - N/A
# W* Q2 k2 u2 ~% ]* H3 c5 f& I - ==================================
1 G& { a9 ]) L5 }1 h - 进程特权扫描
7 I, X% O) d+ }# r! ~% N6 C - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
: s! c% z5 @& E! b2 s- ]9 F - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]5 p! X/ }, \+ C) v/ Y
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]: k: W5 Q& ?: n) ^1 h, ]
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
% W& O$ r$ `8 ?( j" \ - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
' a5 ^2 ?) f( C- I; A - ==================================; ~# X9 v2 q# T, K! j5 z2 `5 i
- API HOOK
* j; R; R/ J" {9 \) h - N/A
, o2 K1 R" W# | - ==================================
7 | g+ Q" _" o% b$ z' \ - 隐藏进程
/ b) a- ]! ], u8 E; O7 Y+ Z - N/A
$ b/ K7 Z: f7 L0 ]% w - ==================================
, ~! N3 N. a& ^; X, O3 Z' ] - 7 M5 e: ], V T. d
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
