|
|
% o# j1 Q- L& Y+ V% g" d# F- 2008-05-22,20:37:43. Y; L S; i' c
- System Repair Engineer 2.5.16.900
3 e2 t/ Q3 T9 J# ~9 x: y+ t - Smallfrogs (http://www.KZTechs.com), z# [. C' f# [& C0 g, I
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能2 ^! D' Q' m3 ~
- 以下内容被选中:0 T: i' W& H* P* z7 X
- 所有的启动项目(包括注册表、启动文件夹、服务等)
5 s& [' n& s' C" P' ] - 浏览器加载项0 S- ~7 `) N! ^3 d8 g1 P! Y& U
- 正在运行的进程(包括进程模块信息)
9 p4 o: I( d2 j8 g' \ - 文件关联
4 U A, {% N. t9 S; l% T - Winsock 提供者
( z, G1 o9 J: F B# [ V" C - Autorun.inf; c( l* M# h+ ?* L$ s- i: d
- HOSTS 文件7 n: ^. Q- R$ W: b7 E' L
- 进程特权扫描
8 I- W' s; Z# m0 [8 ?6 U. w - ; M$ i* p, }4 q, s* a5 N/ B' z
- 启动项目
- I( N6 ^" a' E- ? - 注册表. b6 Y1 O& D% O7 z0 l# b$ {( ^
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
3 @7 A! O8 t7 | - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
. M- X" J0 I5 d0 P, `7 m3 v - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]% K5 s7 v4 ~" p% s& O
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
1 W, ^& [0 Y" |- ~* B% t - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]* l2 B# u& e% h. E2 K) c) T
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]: z- p0 `5 f' z7 p. ?- l
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
3 S( x' z6 ]8 M4 O - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
& x8 d; [& j+ i4 S - <PHIME2002A><; > [N/A]
; X% k4 g7 V( i+ T - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]+ f) I$ o( V- r9 l
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
( @' i9 h) x/ T) Q i8 Q - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
; m/ ^) N+ a. c. M. f$ D- ?; x - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]' k: j/ Q# K% H" W
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
; v2 o. L$ K! _& ^ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
# i0 ]- u: Q; p& J3 o5 \3 s - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
$ z7 k# G5 Y4 {( U7 D - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
4 K+ G/ r! Y) x+ ~- @ - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
5 S' k0 R8 Y: c# b - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]) I% a, n- ]$ A/ B, B9 l
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]3 q1 b4 ]9 |: O/ D4 j- c
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]$ P' |9 R h* }, @& K$ z
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
9 a& c$ w- @+ w7 K Q$ ~' g - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]9 X$ v! [9 M( N5 M, I: _* v
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
5 S7 W4 I/ S$ k) b1 R+ ^$ y - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]# @/ i: j9 x& W4 o6 f7 b
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
9 b, n- n; [# ] - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
8 }. G4 B6 ]( |7 [3 H% z3 G" S V6 Y - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
5 R' o- X# d+ ]9 y8 ^ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
/ P- o9 L6 J6 _2 ~* {( U5 s - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
/ I) ?7 a( H& J - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
4 M9 E) R3 r9 W( H8 Q4 \! D - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]4 t) h% G+ H4 M T' r& v" C. G8 D
- ==================================
" G5 T: c1 y0 g# k - 启动文件夹
( v4 B" t& [2 u' h/ @ - N/A
+ g3 b( y4 f5 ~2 w7 _! W7 t+ F: } - ==================================7 ^/ c' f: ]6 L- l/ \0 _
- 服务; L, {. e" J8 A9 |
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]2 B# P$ K' G% p& A: g* G9 D: H( |6 R
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>: X0 Q7 z# } Y7 J) [/ y
- [Google Updater Service / gusvc][Stopped/Manual Start]
; @7 C% {5 r8 f7 O6 Z/ j/ N& o) { - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
2 z: P7 _% _9 i4 ] - [Help and Support / helpsvc][Stopped/Disabled]
T" A6 D6 M9 o" L - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>7 O) F- v- ?% @/ g6 E/ r
- [Human Interface Device Access / HidServ][Stopped/Boot Start] M. `7 }9 f2 P% ?6 V5 O
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
" ?- x$ m" o4 A$ O, F - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]" W; B# k" I9 ~/ J1 i
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>' _- J& Z1 v$ [
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]0 @. V! b Y7 @: t/ a
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation># y; F O) {1 q
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
5 s; h3 J& b9 | N' ]* H - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
) @, c( Y; E$ x& @! B2 i+ c - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
$ z9 c* a: B/ h3 {; l( e: b4 C( D/ R5 V - <><N/A>
$ j0 n3 a5 L0 K0 w% H8 L - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
+ k: [5 h( U# v! \2 _& c! w( W - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>" v2 d; ^& r$ K4 c6 y- |
- ==================================8 S6 i% p8 @( y" p. y1 Y
- 驱动程序
& d6 w) b3 [& x - [22j / 22jn][Stopped/Boot Start]/ \8 Q% ~* Y. U& s; _
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>7 U" Q7 ]$ ^; Z k6 N4 q8 e
- [360AntiArp / 360AntiArp][Running/System Start]
5 k' D4 u$ X* q# `# Q* N - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
) E L9 d* E& p3 B, O' Z - [43ec / 43ecu][Stopped/Boot Start]& y. I- i: y, M8 Z$ O
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
% P ~- P0 O/ P3 t - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
- Z# m7 C) A1 y- D1 I - <system32\drivers\ac97intc.sys><Intel Corporation>1 n- M7 n- A; w( j; I
- [Promise driver accelerator / bb-run][Running/Boot Start]8 S, @ o' a3 a: E
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
0 Q% H) I* c" m2 w) E. | - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
! [1 G) q. e' l( Y+ d - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>! F( l* b" l1 W( w% K8 a) [
- [KAVBase / KAVBase][Running/Auto Start]
5 r# F% ]" n& j4 n: y8 i - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>* L V+ \& f) Y3 ^/ L( \, N2 A
- [KAVBootC / KAVBootC][Running/Boot Start]. O$ I& F2 _- _3 N, `! ?
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
' E1 t# l! c9 n- m P - [KAVSafe / KAVSafe][Running/Auto Start]' {- A3 d" n- P; j
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>) @: c* }* Q7 w# w8 F
- [KNetWch / KNetWch][Running/System Start]
0 r- s; N6 B; T: k; @. {7 X - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation> G5 | {, K& |
- [KWatch3 / KWatch3][Running/Auto Start]
f- F+ y: L) j$ v& t6 ` - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
+ P0 H7 y* u; n$ B! h1 f - [ntptdb / ntptdb][Stopped/Auto Start]9 o( t0 @( {. s0 u: q7 h
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>% `( M1 M: x& d$ c/ C
- [nv / nv][Running/Manual Start]; i2 R* ?/ Q0 p, `) @
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>! p7 P- |7 O- H9 u
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]5 Q7 m2 a# x5 t; ], O4 [- g
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
0 ?( s* b& W5 i! f0 S, p' V: u - [DDK PACKET Protocol / Packet][Running/Manual Start]8 {4 V- S; ]3 J4 E2 x; Q, e, K
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>5 }3 ]( F* X# {+ O4 [! s: L( ~
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
, d4 s) R% x6 O - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
3 d) u0 y) ` S) h. j8 o - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]' S3 E- `: e$ U' P
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>8 u& j. Q7 Z0 X8 u# R+ _' ]: E( t
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]7 W, K* D1 i/ m- F' N0 Q
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
4 W! n% c. B- j$ p - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]" }! n, H; l* G* z) v! J+ _- j: @2 ?
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
9 O" C7 ] | d2 q! t - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]$ d/ D- J* K1 c/ s
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>9 a6 P3 I+ M' b" ?7 @+ F8 s8 D( {
- [Secdrv / Secdrv][Stopped/Manual Start]% J5 n6 @4 [5 U- I1 g
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
- O7 X" j# S9 N4 }) I - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
! D, f b3 X; J/ U0 E - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
w+ O: y9 K. @7 _5 r d - [System Restore Filter Driver / sr][Stopped/Disabled]
$ j0 G2 |# \, D7 n - <system32\DRIVERS\sr.sys><N/A>3 A8 D) o4 f7 M; z4 f
- [TesSafe / TesSafe][Stopped/Manual Start], B$ H; f. B# K j2 \ n
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>% e4 ?' u6 y+ h: l3 L/ x+ N9 I
- [System Services / unzxzsrs][Stopped/Boot Start]
) L: b: x1 U% [ - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
: P! e- B u* W. _/ P% b& }% m( p1 ?2 ? - [ViBus / ViBus][Stopped/Boot Start]
( K" V$ ~% b5 g# M$ ]% o" R; d - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>6 h" Z- ]+ k K0 _' S
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]6 }2 {! P& X( ~% y& w- ~1 e
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
5 [6 w$ c4 J `% `8 V8 @- u0 F - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
7 ^( o+ s# d3 `" C- \2 U( M - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>' p! p- ` \( B# z( b& r
- [ATI Extend / zhibmaso][Stopped/Boot Start]0 G- T8 m6 I4 N3 g5 S+ Q, a2 c
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>% j7 I4 z0 O' Y
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]$ n# \" x6 d+ H
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
( G0 A' Y8 F) F9 a! J' G - ==================================" t4 U' \/ U( \# X2 H3 C
- 浏览器加载项
: \) K) x, I, b( X8 t - [Google Toolbar Helper]! Z( W1 W/ k5 o/ }5 E
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>3 L# v; m) r5 e
- [Google Toolbar Notifier BHO]
% i i6 m$ D: B& w - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>5 u# n% ]4 r g
- [SafeMon Class]& J" R& f% p. M% m" m3 W6 n
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>" ^1 q+ ]# G1 Q8 k! h, Q' {5 u
- [kingsoft browser shield]
0 [' u5 \0 X% @1 U - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
0 G; Z9 Y( R7 L6 y( ]% P- g - [IEBuddyExtControl Class]6 ?% o5 g4 X0 l5 D% x5 p2 d
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>8 ^* l, p) H0 G/ y5 w3 c- ^
- [Zcom 杂志]
& k# a1 N; N3 e5 ]( w - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>- B. m0 E9 G- S5 _. E2 m3 o
- [&Google]' `7 x' U' X1 g" }( s
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
, G( J8 N+ R0 S" m' h: J! J - [KooPlayer Control]
% d1 O5 u8 ^4 u* P - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>( I* z3 {$ p* F
- [Shockwave Flash Object]
7 k9 K+ y7 [- x6 Q1 T7 V& I - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>- i' q E2 X; {
- [KUpdateObj2 Class]4 V5 w* }+ v( |2 t5 E
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>9 Y1 {5 R3 l# w/ {7 @3 E$ u
- [Google Script Object]% y# { ] y$ F9 ]; w, P/ {; [
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
f+ k3 @; s+ t! j - [EWA Control]6 Y) [' e* e, F% c9 X7 O$ B
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>: {1 K! B( y- e. [
- [Windows Media Player]
7 G, H, I$ {/ i- @) ` - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
4 M5 f$ M7 M, p' X' A3 W r - [&Google]
1 n) [% i) a3 S& C9 m- F - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>2 j, A0 q t' J$ k( c% D
- [HTML Document]
) A3 L' G( t. e; X+ B" o7 T - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>* N& l* }& e% j' m f q! N4 o$ j( A
- [DHTML Edit Control Safe for Scripting for IE5]
1 U) d3 I# r3 O4 L* ?2 N - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>& z0 ^6 P2 X0 M0 o3 K
- [RealPlayer RAM Download Handler]
% C9 D% n6 O. y% t! y+ H0 G - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
( x5 @1 y& F7 v - [IEBuddyExtControl Class]! k) w3 ?- k# U r
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
1 I/ S) d9 b' X$ g' a - [XML Document]
1 c: g7 U, R4 ? - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>0 G. G X! t: z2 O6 I3 g R7 |$ k
- [HHCtrl Object]% j# j+ _ E6 x. e
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>; p. }# S2 y' A: r/ P; m
- [Windows Media Player]5 R0 _0 W. s7 H* X1 W" C
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>& i! H, _: }0 W
- [Active Desktop Mover]6 O8 w1 E: V6 f9 S4 y& A9 t
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>$ k- t' ~4 i' k
- [360SafeLive]( u$ {$ U, P9 B- S
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
4 m0 l+ w/ V1 n( e1 G% W. g0 y - [Microsoft Web 浏览器]9 d& S) S& d" M) k8 h! T
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
1 y% s; }# t. h - [Browser Enhanced Objects]
5 X( U+ J3 @+ R: O4 }! m - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
9 u( ?$ c8 S/ C6 @( a- i' B - [Google Toolbar Helper]8 h/ i7 }8 I" N* l
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
- E/ v0 |. e0 u* ^4 {% C - [Microsoft Scriptlet Component]
/ i, T, f. U: ^ o; z3 W - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
0 m5 y+ [2 ^% b5 k- u( a: | - [Google Toolbar Notifier BHO]- v' `6 @+ U6 \' r r# p
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
/ \9 ]1 |) V7 e' K, U& C - [SearchAssistantOC]: G8 H) j& z. G$ V# a6 t
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>9 q* \) f' M/ {. t' W7 S
- [SafeMon Class]5 P5 `8 B* N$ U' ]0 V
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
8 R2 T! c& D0 f- {; C; a - [RDS.DataSpace]$ F0 q) m, V6 g
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
" ~7 P* J- Y+ I w - [KooPlayer Control]
: \! \& I" ^; E) A# f, n7 Q - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos># L: |+ A. K5 o/ [# f* U
- [AUDIO__MID Moniker Class]
, r# v4 x% s3 v: ]' a7 m. B7 J - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>/ d" K9 a; v- l( K! c
- [AUDIO__MP3 Moniker Class]
5 t& _9 T* `# ^3 Y3 l4 | - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
! j8 \9 j/ |: ^& `4 _# h# L% h: \ - [AUDIO__X_MS_WMA Moniker Class]
- u8 O) w) J) X5 h { - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>6 s1 \# ]; X9 R9 m% |$ t5 B
- [VIDEO__X_MS_WMV Moniker Class]) P. [: T* A/ x& K- M0 P7 O
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
' p" _- \# k( k& T3 s - [RealPlayer G2 Control]) G ]" U/ n5 n5 O
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
) n- Q/ x) \4 c6 d! U! P) R/ D - [Shockwave Flash Object]
. Y# f r3 C$ u% c - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
0 B. a/ S3 I! X' _+ \ - [KUpdateObj2 Class]( m/ t3 J. @+ m/ a
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
# D) |. S3 d) F! I - [kingsoft browser shield]* u8 L+ {$ ?) S. V. o$ d% K4 [1 v
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>/ O% e3 J l Y* i$ [* M# M
- [PasswordEditCtrl Class]) n! a! J, B9 T, l. V
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
8 n' \6 i) p. ~ - [QvodCtrl Class]. X+ L6 `/ u" C s4 h
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
; [: |: ~7 Z/ i0 h+ `; P - [&使用超级旋风下载]
! @1 a" `* P% ]! }. N, n/ e/ b; h - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
: |2 d! z0 s2 k( o/ `0 c - [&使用超级旋风下载全部链接]
9 a6 f; n* c5 P# C - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>9 o% n2 M- n% L4 r1 I* D0 j
- [使用迅雷下载]
9 d- i1 Z8 e; ^0 W" Z8 p4 } - <, N/A>
7 d$ S+ n& V0 h& g7 W - [使用迅雷下载全部链接]3 S6 P# o/ f' f7 i+ V. ^& T
- <, N/A>% a+ p0 \0 R5 |1 B
- [导出到 Microsoft Office Excel(&X)]& c6 Z* m8 ]0 o0 ?* H% u
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
& V6 f. Q# J( R/ B0 H4 N - [添加到QQ表情]
. [- |$ G" H5 i8 I8 F, m - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>6 J! P! c5 Q5 A
- ==================================
+ z1 F) M( F( ?: j: g- j8 | - 正在运行的进程) @3 y, a* g& E- _1 _
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& J6 K+ ]9 V$ \% C
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 m3 u' w0 d3 r* } - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 \: s+ r( f' D2 p3 D8 k
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]/ g) n) A5 C% v b
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( D: `- e1 d6 m - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# Z) P" a; I, q3 i - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! z1 Q3 ~7 Z, I+ i& D( \7 {) {- W& |
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# `( s- C) C- I( X% v/ B* K0 P& o& k
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* r! S* v. }* C
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' k) E, F# p6 {) S$ L+ W
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 k# r8 e! o4 p ?" t) N
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]( X% j, ?& H S2 a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. J( }/ }* E/ I0 E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
6 H0 U& L6 F7 @1 ] - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
H2 g3 T7 `: [* c2 D! X8 a; a - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
8 Q' i i* [' B; ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
: m) c4 u0 N$ f, d( r! v - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]; c* I1 r6 E- n6 @; N- L
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]- k4 B' E7 \8 t( g
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
$ ^# \, B) K" V* W- ^, }: v: {" Z - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
9 [9 b2 V7 X m/ r - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
1 W) K2 f9 C, z o8 t' | - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] C+ J% x& j3 x) U. [) d
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]# I( \( K. I7 n4 d$ h1 }
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]/ p( o0 Z5 _+ q
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]9 N. e6 ]) {9 l; n( B
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
' |/ w: ?8 X+ j1 g Y# v! O9 A+ ^ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; k: C5 q9 Z5 k) L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 F2 I+ u M0 ]) j4 A# z3 E7 \
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
X/ s* d$ R! \! E6 ]2 U, i9 E- q1 q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
/ [7 H6 q3 k. E! I2 l - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# `# j3 j- B- E4 h# j6 R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], M, ^- ~' s) a, y) m4 r; f& u+ [2 h5 F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 _/ [+ X; i+ x. q/ C7 I* n
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
; W( c2 O S# V3 B - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]" M E. i0 Z' Z5 j) [6 a
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
f. x1 j6 [1 u7 H) T1 [# U - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
! G# k5 w7 X+ Z% b& A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* q* X3 n' }, V8 U& ] - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
: N) Y! p8 l' g% s+ t - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]4 Y' {+ w4 B- D$ [
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
5 R; @& s! X6 G. f; n' f - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# `+ H$ w1 @% a# h b
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ ^4 |. }: e# _
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
! p, g6 V8 Y0 D0 t" U0 ?- Y- y2 o - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 L: ?0 o7 c! n; W: B; p
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 K% U z G7 s: `) y8 D
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
* N8 s" D; v5 a! o# u3 k g- c - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)], ?0 ?# Q4 o* y+ N
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001] E3 y' O5 @$ N8 C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
! y9 I' a5 D$ T8 m0 p8 p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% m& D6 R2 e' I/ D - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]1 Z" ]1 S& n0 a) M6 U
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]; F" q" Q$ K2 ~2 ^, _+ g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
3 q! I/ o l' g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
9 M. V; E1 o8 T' v l - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
3 I* y- K; G, y/ I8 h t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
/ f& a, V2 y7 Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
, h3 T6 H- t! F2 {# N7 e! x - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]: W( {& A/ P0 D0 `" ?! _9 t
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]$ a! @1 M, f# P [: N' G" y4 ^
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]8 F! I! ` ~ a" P" l: u
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]! a1 [5 ?6 c! w- D" _8 F2 _
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
: p% m) J* N* }3 O1 y - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]$ g: }; R5 b9 y
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
8 _2 C3 R6 g: H9 S' E" X - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]- s( Z+ w+ ~9 P5 F
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950] B$ t- h: N6 \1 l8 [! x- U1 B
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]/ a( }) [9 T: o
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- ^! E# ~+ B0 L# z
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
! `- A ]& b6 h/ w1 E( W - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! k. H" `4 Y9 P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 L0 W/ `( Q t- r# N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]7 _$ S; x6 j1 I! t* a* q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]! b) q# U% \) U+ `5 L( V5 k
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]: b: a) f, N) O
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. g8 @/ c% N+ E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
7 @& m, b$ {" d* _: T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ ? e' f4 z, _) ^
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]& @2 p3 V: i) L1 E, S4 R C
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]& b, V5 @* v8 ^/ k- ?% J! [4 C
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]+ Z8 Z s1 [, Y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 J/ s7 z7 F3 U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]' |% q, z8 [, O& I. }: J6 t N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]. i( n; o/ T, d) k/ P# L) S
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ s8 a( w. n9 t6 l" x
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]! }. W7 V, y& u/ _$ j( ]
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 H" q# {3 P, ]$ ~6 ]( r
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
! p3 u5 D* Q! | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], @- h( O; Q1 z# r
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 c& W' A& e: b0 M- x! i - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]6 Z) ~2 W4 M* F Y v/ `
- ==================================
7 e# \9 a: L9 x' n0 R% g! } - 文件关联- k" {. B- }4 \- j* \( O! ~
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]4 m" S) |, q" O
- .EXE OK. ["%1" %*]3 _! l/ A5 M5 p a0 {
- .COM OK. ["%1" %*]) H. N' h# H8 d1 X
- .PIF OK. ["%1" %*]
, v' J2 w. R. Q& T. I4 q! S - .REG OK. [regedit.exe "%1"]3 m- I: M. ?' b, ]3 l+ ]
- .BAT OK. ["%1" %*]
) c+ h3 p; \ _: _+ r - .SCR OK. ["%1" /S]
7 c" D% C* D' N - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
6 G8 ~- x/ F$ X% [( f: t% ^( r - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
; Z; n$ l) X( H6 X- i) W _ - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
9 a* c2 y* l1 w. N3 G - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]3 q9 t |+ |! H) S% j
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
0 f, r3 `7 [2 }" {# Z' X, G6 a4 _3 p - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
: \' w* W0 E/ G0 U - .LNK OK. [{00021401-0000-0000-C000-000000000046}]3 n# q; a# T- ]9 [+ g6 k1 z
- ==================================- `: O& O$ G7 w) g& d9 i
- Winsock 提供者$ E4 E8 i+ B+ z6 t4 P& }. a0 F0 a
- N/A
8 L7 ^' K: b8 A: T4 s - ==================================
+ c, C a5 C5 t5 ]) x - Autorun.inf; q# f7 m. ?4 f! E& {' W, e6 b
- N/A F/ ~& ~2 l+ `: v9 Z7 N7 ]
- ==================================
+ ~1 \0 p. V0 v O - HOSTS 文件
" Y4 m' \2 n! `8 C - N/A- g8 Z1 C4 W! h/ Y
- ==================================
! O/ r$ }" h3 w7 |3 ]* d - 进程特权扫描) _7 V1 b/ u$ I
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
. V$ | O6 R6 E" W. g4 s; f+ v* k O - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
/ d$ I: D2 X0 _% N9 O& w - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
' z C1 U) L6 ?1 f# `1 p/ j2 T% A - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]. s- r6 P5 z4 A4 W0 B, o
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
' `! c4 t, [. y - ==================================
; [- P% [6 E9 u v# A - API HOOK
9 G& v+ n+ Z/ H$ _1 }1 d' | - N/A
8 T; V1 o# N' O# ?3 r1 E. p - ==================================+ C2 n! a7 F9 p v5 {. u* @) f
- 隐藏进程* D4 \3 q8 |3 O; ?4 h1 g R# n# b7 n% |
- N/A
! N: B9 R0 F# K( I. \4 M" j - ==================================
- a/ ^! ^$ T+ U
3 Y5 |. `/ _8 E
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
