|
|
- ! M5 Z' X& U/ F
- 2008-05-22,20:37:436 p; F5 ?' M0 a
- System Repair Engineer 2.5.16.900
5 f; n: ]. N. r8 _$ ? - Smallfrogs (http://www.KZTechs.com)
$ R n: k- v" x! j6 F* ^2 g0 E - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
7 i5 Y7 ?, p# @8 z. t - 以下内容被选中:) i1 t4 _9 f" | f! y% L- k5 [
- 所有的启动项目(包括注册表、启动文件夹、服务等)6 M" o) m- a; w* Q
- 浏览器加载项6 Q7 N4 r" s* d1 z9 R
- 正在运行的进程(包括进程模块信息)
1 M7 |! N# o( H8 G* i2 w - 文件关联
& W) }5 @4 `2 t9 }1 \ - Winsock 提供者
3 Y: R2 e* q" c' ?8 {! w - Autorun.inf0 ~$ T) ^1 }3 s/ f2 n
- HOSTS 文件6 N4 J3 q6 J' n# v' I
- 进程特权扫描+ E+ e4 V% }9 c: X2 C, a8 i, h9 @
- . S! S' u0 J) u1 f3 s
- 启动项目; a# D2 @1 e7 A" z! d6 ~# S4 s
- 注册表
' e( N1 Q+ t) w/ L! r! C- ?) Y - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
& l8 p3 K5 h, \( ]+ ~ B8 A - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
) d& t8 n8 k i8 J4 y - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]0 l9 {- ]' n \# P. m
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd], @ {+ [* m+ H9 n7 F# O: ?
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
8 |( L% A$ p8 f7 e/ Y - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]: F9 s0 b+ d" {' Y. e
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
( i' M% m3 X9 ^, N6 N2 s, S$ G - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]( t5 x" o6 ^7 V3 N* l- C* e- I- r
- <PHIME2002A><; > [N/A]
* Y2 W' i5 k. B2 j# F% Z. ?' b - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]" @, f$ H$ p Z6 d0 v5 R
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
3 e3 f% [+ } Q - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
4 V; _4 T( o3 b/ h! W3 I - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
& x+ {% x' I( ] | - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
3 A, y3 ?. k' ^) j2 X9 `' X1 X! n - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
. A% e4 _" X2 g2 F$ I - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]' c# s/ `/ F) c; G, i, {
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]3 n. ]4 V4 e% r1 V1 ]- e
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
+ H, \7 }3 z- c, ]& z% K - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
, {' y3 ^0 K5 w" }. r0 |( e - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
C2 v3 M: g# S+ T0 [ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
- D! y) T3 o6 S, ^% _' r - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]+ I# Y% |/ K% m6 W
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]% k" a( @* }) k/ q+ q" i5 @
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
% x- U- Y K; J0 X1 t - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]3 i. S8 n! x& e ^
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
+ o; k2 `$ ^, D/ h( P& n) q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
/ u( g4 F" M" }; m1 M - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
i, s) Y- ]5 o - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
3 s2 S0 r! I6 J* {: K& T$ o - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
# I5 P1 Q$ L) r! P; Z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
; O7 X- a/ B' D+ h/ [2 q% B2 S - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]' f+ G. O0 Y9 u. g. l
- ==================================( f- B0 ?' a/ A9 K5 S' y2 ]
- 启动文件夹
% R$ N6 B- ]+ |# c& R3 B - N/A3 ^4 K/ D4 b# i
- ==================================
2 k) u1 z1 D% I' \; r e - 服务
- n' [+ _9 r. t# ] - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
7 O* t1 C2 \2 _+ L9 p - <C:\WINDOWS\System32\3wareSrv.exe><N/A>4 C/ j) a1 n! H
- [Google Updater Service / gusvc][Stopped/Manual Start]
# ~4 O5 T+ y7 G6 a - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>2 V! x0 x6 y4 z% a" E# d _
- [Help and Support / helpsvc][Stopped/Disabled]
* Q6 ^; X- C* b! ^9 o - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>' q- R' A3 {9 C
- [Human Interface Device Access / HidServ][Stopped/Boot Start] m+ I9 w7 i4 r h2 o8 U
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
3 z% R! A8 a& z& ` - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
& A) O7 }6 \# D2 T' G2 ^0 t/ A - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation> [7 @$ t5 s* ~% A- u, r
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]! }( D2 M. w' x" U
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>4 S6 W& i. b7 ~% P% ^
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
4 [' F" A- u. W" {. [4 T9 Q - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>2 |0 j. L8 ~9 Y5 N
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]4 t' B1 C' g& P9 \5 p! f5 ^% h; J
- <><N/A>: b- x' c/ A8 |/ u
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]3 D% G% o o( e+ Q
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>5 d+ E7 m( C( C: I* y
- ==================================1 @( u3 e6 R4 V! H$ M d
- 驱动程序2 K& ^# O* G5 L3 k9 _* j
- [22j / 22jn][Stopped/Boot Start]2 z) {6 L; ?5 V5 \2 i; z
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>! R3 g" F9 \3 G
- [360AntiArp / 360AntiArp][Running/System Start]/ V7 [+ N* g* N- N. w
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
" ~5 w1 o. s: K5 M, G# N# r: `9 h8 Y - [43ec / 43ecu][Stopped/Boot Start]
4 Q2 H$ G- i; w - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
3 T- b' g3 P3 i$ Q; \4 @+ \ - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]# W6 |; L- O4 Y$ `& o
- <system32\drivers\ac97intc.sys><Intel Corporation>; B5 @% P+ y6 h" P7 z2 L& z1 ~3 F
- [Promise driver accelerator / bb-run][Running/Boot Start]( K4 ]* E2 _! e+ j/ e: ^
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>/ Q6 V# V* t" `/ q# V; r
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]1 G' W4 L i" x" P
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>9 U1 Y' [& p' Z
- [KAVBase / KAVBase][Running/Auto Start]
6 f _/ V. S6 y$ P$ v3 x7 X5 ^% ^ - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>& A/ A Y+ q ?7 I4 D
- [KAVBootC / KAVBootC][Running/Boot Start]
( W9 P/ K9 Y3 r/ n: ?: U& g0 m$ \ - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>0 K" P5 g; x8 X9 P& i# g( O1 Z. p
- [KAVSafe / KAVSafe][Running/Auto Start]
3 R* U: Z" s3 K - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>& i, I' s2 q3 A) N3 x9 a5 X
- [KNetWch / KNetWch][Running/System Start]
% Q( H6 d; t5 L4 a& D! V6 n' h - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>9 ?) z; v' r6 x8 l0 l
- [KWatch3 / KWatch3][Running/Auto Start]
0 X" x" Y4 O+ J - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
9 V' o8 o$ h" | - [ntptdb / ntptdb][Stopped/Auto Start] Y' E$ L, c* k5 y ~6 z B$ y, p
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>9 D2 A. s) D: ^3 b/ g
- [nv / nv][Running/Manual Start]
% p- m9 h5 Z7 e6 m2 d! ^8 w: G - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>2 \. Z! H0 t" K" D/ C: l
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
) h+ @0 U$ e* d - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>0 u! l* a, M3 i( b
- [DDK PACKET Protocol / Packet][Running/Manual Start]! i4 v: I1 Q- {# }4 ~# s. S) C
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>% f3 u% K$ O3 H6 X! k2 D% }2 F
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
9 ]0 C! Z& L: N! r3 ~# j/ ^9 n - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>7 o" O" v8 a. G9 k: y+ [
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
( ^# Z2 v% I: {4 @" P1 e - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.># c) y) m4 Q, z
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
$ u% J) Z3 n8 e; E - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
: [% m$ y i4 A* O3 R! \# K+ ` - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]7 _% m2 [* |& ]+ q
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>" U# u# [/ ~* s4 e* ^: b
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] S( z( Y. f8 R4 w5 p- {
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>* V0 b8 l g7 P3 M6 q% I% V% [
- [Secdrv / Secdrv][Stopped/Manual Start]9 K4 z. Y) ]8 n2 }8 c
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>" c, W* s6 H a( t4 x# w8 M3 ~
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]8 D, E4 p2 G" E* U% B- o, R
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
+ u: B' L* s5 \4 `. k6 d- V - [System Restore Filter Driver / sr][Stopped/Disabled]
' i/ `5 T3 W6 w% J4 Y& P4 K# p - <system32\DRIVERS\sr.sys><N/A>
- C6 O2 B5 y4 x4 q: }' S$ B& d - [TesSafe / TesSafe][Stopped/Manual Start]# K8 Q) M5 n- x2 T. v* W
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
5 N* i* Z- l, q( D1 f% T - [System Services / unzxzsrs][Stopped/Boot Start]
3 {* X5 {5 f9 ` - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
1 S0 z; @# j! N/ Z2 l( O$ r6 m' L - [ViBus / ViBus][Stopped/Boot Start]0 m: e5 D$ Z; u) b. @% P7 ?( G
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
4 s% j m- p* J' }6 \4 F; ~( ~; ] - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start], Y9 C6 N6 c! x3 A! j
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation># V' H! R: x* m6 ^
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]$ |9 q R# v9 b* h9 F7 a, [8 B% Z
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
: b' R/ B& h5 X. e6 r8 \. ? - [ATI Extend / zhibmaso][Stopped/Boot Start]9 p& u2 e7 @1 t3 f8 Z( c
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
. L. G. ]4 W' Y! K4 G4 W& H% y7 k - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
6 @1 v, k/ ?, q c) j0 p - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
& R9 Z! L, l/ J T" x+ _ - ==================================" b& W4 l/ u; k$ h& X+ u1 {
- 浏览器加载项2 c7 G; Z% K9 U3 \9 {. w: t
- [Google Toolbar Helper]2 J5 W! G* U0 q# q6 x
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>4 U/ L8 ]; l, ~5 Z$ p
- [Google Toolbar Notifier BHO]
- T7 j& z0 r0 u( x) W& q2 ~ - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
: c; W! F% n8 i8 y7 `; D - [SafeMon Class]
' l0 [1 ?( B* e! E8 ~ - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN> U9 z4 w4 l# K% ^
- [kingsoft browser shield]" W; Z( k/ g, u9 k# [
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
* n0 h$ N e% r" t- i3 E8 h, M - [IEBuddyExtControl Class]7 `" V( |: X6 i$ E+ T
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
1 ?+ v$ p' ^1 u7 O7 Z - [Zcom 杂志]
6 Z1 o6 t C8 X& N3 X - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
4 P0 L* u4 A% Y* l* N - [&Google]& `+ G9 u3 B5 E5 ~5 ?
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 d" m: _7 m: K5 j p - [KooPlayer Control]" e. V! Y, |! y. ~/ j
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>) o2 P! G& A/ f8 ]& l* }) ` S
- [Shockwave Flash Object]2 t. n1 T- J+ r
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
' I: y* B; ?1 w - [KUpdateObj2 Class]- s; B* E& `2 s N o. Y
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>; Z, q! ?/ Q7 Z
- [Google Script Object]
1 ^7 P3 h4 D7 L8 U/ ?$ { - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>; \7 t @. s6 z( ~
- [EWA Control]
' J0 j! A; C0 v" ]# |2 m% | - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
. k' m3 ~# I$ e- [/ s6 L - [Windows Media Player]
# S* L9 r! H1 T# K! ]% I - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
, R- d- c& O8 y; g/ w - [&Google]9 m( n3 {0 F, [6 d! g* g
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
1 r! Q& I3 `" j* M' ^, p - [HTML Document]
5 E3 G; U# T* C# C( P - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>8 ]4 }" B0 Q, u5 _0 x% A& i, a, Q
- [DHTML Edit Control Safe for Scripting for IE5]! f( W. i, y/ `, }6 @7 h
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
* r _/ d! y% I) z* a - [RealPlayer RAM Download Handler]6 r, |- H) a! p" h4 u( q
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>0 K" \$ ]" `! _7 B: x9 d8 k
- [IEBuddyExtControl Class]4 d7 r9 i/ w3 U# h8 V
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
& w d% `* ~- t6 f4 s - [XML Document]
! ]7 j4 B" k V$ P - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
" p6 J3 z" U& v - [HHCtrl Object]
1 |9 E% t" S8 b" I& c - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
' W# D& F0 J& }# |8 K D - [Windows Media Player]
& i0 c) U* l* }3 k) g - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
+ h# t2 J# D, X* t4 A - [Active Desktop Mover]7 k4 K& \+ ` C8 U
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
0 X& f. R, r: U) d/ R' U, r, z - [360SafeLive]
8 {7 w* @; o9 j ?; z+ p - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
% K: S0 }- o Y/ | - [Microsoft Web 浏览器]
+ V9 }/ Y" M; j0 }. X/ I( R - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
6 S3 D* {8 A" b2 L - [Browser Enhanced Objects]
; r. }9 c' M0 s' k3 k - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
" E, f6 P1 v W' l3 F - [Google Toolbar Helper]3 R1 c0 R9 M: l, J( g2 x
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
! ~( y" ]) X! G; E, t - [Microsoft Scriptlet Component]
3 ]/ Z9 M5 R4 C! ~8 Y - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
" c: @+ g/ p- Q - [Google Toolbar Notifier BHO]
8 `0 Y# J/ z) m* Q - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
# l5 m% s; M! J k - [SearchAssistantOC]
& e3 u! K2 t; ? - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
9 x, r7 x; E" r5 @0 b6 d6 G2 y - [SafeMon Class]
( N- a6 l% O+ k& b$ I" E* M8 ~) E0 q - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
5 S% R! b' v! o, A/ ?! H( w$ X; K( ? - [RDS.DataSpace]
" g# d6 ?' O) V* w+ T' q - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>1 r6 ], }$ f& ~7 M
- [KooPlayer Control]
9 O+ p$ \- s) o8 f - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
2 \. K# W3 L1 _* i' V5 j - [AUDIO__MID Moniker Class]
1 a( T% H& p& `1 S" w- j0 @- H+ D - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>6 Q! D/ V/ m+ |1 o v: i5 K
- [AUDIO__MP3 Moniker Class]
" n1 i3 y! i6 R. e* @* L4 h - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
; T e4 y' v- `. L* p) L7 f - [AUDIO__X_MS_WMA Moniker Class]
$ a4 f/ L/ z' y* j; D' K9 Y. z" y - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
& G0 ^; h" d8 q7 _& Q! x - [VIDEO__X_MS_WMV Moniker Class]5 h) ]1 A3 n! u
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation># O* m1 G* C; C3 H
- [RealPlayer G2 Control]& ?$ z& C) @5 z) t% b- i
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
$ P. T R4 s+ k h" |" G - [Shockwave Flash Object]' }4 M" `3 U% l- B
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>) v. ]% H% h& B9 W6 E1 G! C
- [KUpdateObj2 Class]
) e* R+ g. T- E( q4 i/ w/ _' h - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation># N( z4 C* V+ L e d& C
- [kingsoft browser shield]
" ^ V) }9 S" b' O9 F - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>' C5 e% m! T9 F
- [PasswordEditCtrl Class]
$ M; A9 z- M) l7 ^, ^, d - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>& F9 [& a, n1 ?
- [QvodCtrl Class]
& N- q2 v) k* ~/ q; \+ S - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>0 M/ g7 z, r. { i! p& q
- [&使用超级旋风下载]. U$ ]# ^/ j2 r/ n
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
- ?1 [1 g7 C: q Q( I - [&使用超级旋风下载全部链接]/ k4 [ [7 q B/ c' C
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
4 u' I; C! g1 N j% y+ r - [使用迅雷下载]. ?! _" J, t0 {
- <, N/A>* Y/ X; u( ], q4 ^! Q
- [使用迅雷下载全部链接]- v8 M$ U$ q! }
- <, N/A>
6 }9 B5 }% H H3 O; P - [导出到 Microsoft Office Excel(&X)]
i6 _- Q2 q- J' V, j: T# Q, l" \$ E - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>' N4 u$ E8 {" r) I: @4 }, o: {$ t! u
- [添加到QQ表情]
: L, N# F3 B( m4 X% ] - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>" k- \: ?" ~; [( h
- ==================================8 N, v7 q* {- z
- 正在运行的进程- j2 N) E; C& @
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" s9 ~- U+ Z* e9 n a
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 R& W7 C# z3 j0 \ - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 d9 U9 M3 b, R/ ]) ~ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]+ _/ R* \3 u- ?
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! a2 y; x5 F$ S# K/ Q! Y - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' N: V+ @# f& r+ S* L# V7 d
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* f: @7 {1 Z. e {
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 g/ ?0 h$ r. U' N - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& T* b3 f) F& v7 P
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 O) @% W! w7 R( V4 b$ k, ^
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ z' V1 g3 e. a2 I- w+ }8 L, W( X2 ]
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]4 }) f- O$ X' W" K" Q0 j0 w+ X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
7 H! n. j) ~( ~ G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
L2 R/ Q5 B' d/ Y0 {7 d# j: b3 D - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]5 R+ Y/ [! P* M' f, _! x4 C' {
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
}+ p( J1 [) X$ { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
2 w. c# |- ]+ I- I% Z - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]1 J t* E7 l' U* j5 `
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
- [" \* F# }8 L4 \; B/ j - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
8 O, V+ U6 m) w4 m. }5 J& D+ g - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
: q Y. j( q0 c' b - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
/ [! ~/ {/ A+ Y4 V6 s& U - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
: L% K" A% A! n - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
% @1 ?. ?; ]! {) w; R8 t3 V - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
1 m( j7 G0 K8 k" Q4 Y4 R+ ]$ y - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
' q f" G5 J% q6 A" \* w - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
# j+ I+ v, \- R S - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
* e1 r _& c1 {$ t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 @7 ]& b7 x' X2 A' _+ t4 R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; u) T- ~9 g: F& E. @2 H, } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
, a+ r' T6 M; x; w0 T7 t - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 E# c* s* P1 l# `3 u1 U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
3 |! U7 a7 d: w) }( f; P/ | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. W1 L, Z4 C( O0 n" p - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
8 }/ m4 U( g2 h. C# } - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
/ L8 y3 a: [2 d8 D9 K+ V7 p - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
# a% Q+ |9 @8 @% o9 K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) }" E k$ G: T; S8 L - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) C+ B# [, L8 f" T - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
, z- R+ B" z4 }( G - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]$ w/ z4 I K( Q* r7 ?
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
& ^6 r- Y4 V% o- X - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 m {* S, R% C
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 _+ v: N- y$ d2 l, P" G7 s+ N# o
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
- r2 q! }/ i0 m! m- A9 B - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% m* Z. h1 M {5 N( e - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; b! z6 c% r; A, E. A8 A a - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
9 b! W( h$ ~. ^* y# K - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]% p9 m* [% U3 _ |3 l4 I, U* m5 B8 t$ f
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 ^0 f! v0 R- Q& Z, G$ ?5 O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]7 a' A# ?/ V& f6 S9 N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 N* G1 `+ K! p - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
" T3 Y2 U$ z, A( R7 r* P' I - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
2 _7 F- _$ D% ]& `- ^$ s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]6 r+ ^: ^! l9 h- o# Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
5 ]) L9 I$ R6 D: _! ~$ m: @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]9 e: ]! I+ @$ l9 \, T: X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
' e3 Z0 D, e* e* D4 f- g! i" A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]3 G+ d5 ~ R4 b, x6 @ @
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
( Z9 r% c4 B \ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
, w" O9 l$ a O! o - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]8 @& G! o" D. `+ U+ P* E$ w
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]# p1 v4 X |; z5 X3 p* ~
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
- p6 p. U u1 y - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
# i( a9 A2 I- {& P1 R- q0 P+ g - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
& H) ~4 v/ S. O) b) a - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
& [( C$ `) F0 U/ ]8 V" ^- ]. R! P: | - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]2 z6 o7 B5 U. v2 A
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]7 I0 D' X+ G+ I6 E; m
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 [% |- d4 @5 d5 K- D: G
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]2 d- i& `' f; G# q% v7 T, W
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ i; ~" V V5 U3 U, [9 P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 A1 ]. P" l% X+ | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( ?3 M. y Y j9 }; k9 m - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. v1 X/ O8 c) T' `, ?! C, v
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
$ i1 x4 I3 Y( o1 ?& {+ b5 w - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 f1 ?! X8 B5 L* i* {0 v - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" S. s% @$ G+ T7 C. S5 j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; R) s" L+ p9 ]3 }: i+ J2 T - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
- b! x+ N( `" T; r. x - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
8 l7 t. b1 O+ G+ H; }1 i1 c - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
* R: X/ x- \# D1 e5 u - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 t' U6 ~' d% b1 P( C2 ]2 K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ m" g @! C L' a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]) c: I: s- ?# P: O3 O
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' u) R" H- h* L" W) m$ y$ t - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]5 v7 y1 |; d Z" x m% d" N4 n) _
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ P+ X; h. x1 A1 R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) A+ ^6 w, Q( y, s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
# f* K) S- h: R6 l' P; V - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- h8 g1 S- ?$ h1 I
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
4 D4 {2 |! [6 | d- [ - ==================================8 B. P0 G8 a' F1 _- x- g
- 文件关联
9 P8 E' E- r$ ~! r3 ^ - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
% G( `2 Q& u8 m) I9 W f" ? - .EXE OK. ["%1" %*]5 r8 ^# q. t$ R/ e/ E: `0 k, N }( I
- .COM OK. ["%1" %*]& l5 b, G+ o+ f9 F4 y
- .PIF OK. ["%1" %*]2 n5 {% g) e, t" _7 z! C
- .REG OK. [regedit.exe "%1"]
: s' ~ ^6 j4 u: }1 n - .BAT OK. ["%1" %*]
2 R h% H8 l" T - .SCR OK. ["%1" /S]
& F: b5 ~3 M8 a0 F# H - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
( _/ c/ ?0 h' h, A4 B. l8 M* N - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
# X3 \ X. u5 h( I. J0 Q1 h - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
, {7 }; K7 D, y; O4 A - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
( B4 ]/ e) \% d0 |8 u - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
9 p' R" d8 ]1 O* [ - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]" y, B" s+ M5 }: @ u
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
9 N0 W C5 J7 ~1 J, ^( k' f - ==================================
; R3 L9 Y9 j/ X5 M7 r% n. H - Winsock 提供者) f3 W: l) d$ e0 v1 y8 H% v2 b- I( c
- N/A
' z5 d9 `, \! J) y - ==================================" i7 L4 X+ s8 c- a. R
- Autorun.inf
" l3 K3 \& S* B1 Y$ K, o' P - N/A
0 s" ~' b+ G9 f) C9 ] - ==================================/ h$ i; }+ X1 U0 H3 y
- HOSTS 文件1 f2 m/ Y; d( u
- N/A
7 B% L4 g5 e4 K! z8 e* B' e4 W - ==================================) H. a. ?8 r$ p+ \& t8 l5 Z
- 进程特权扫描
+ ]! w& x6 t; p/ Q9 b$ | - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]+ u8 v. f/ T1 U) ^7 |
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
! d) o" {. v( @- }3 J4 J& V: B# Z- g - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
3 V0 k6 K: K, M- e - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]# E3 X1 c" C6 r1 ] i$ u5 z8 F/ X
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
8 ^) T1 X( a% c - ==================================! {8 f n* K- w) G) v, u" V0 p4 A
- API HOOK+ y c1 D4 b9 _& {* ]3 F
- N/A
- v' }0 v3 w7 y" N - ==================================
# q1 r8 s7 {$ N1 h - 隐藏进程
' G# O# `- b# s) B# D - N/A( }0 O5 L$ Q6 Z: P
- ==================================9 ~* A x" p& U! X" T/ M
6 u; G3 Z Z/ Q, |4 a
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
