|
|
- p5 L+ h/ }+ z* Z
- 2008-05-22,20:37:43
8 N# x9 N" }! U - System Repair Engineer 2.5.16.900: A0 y/ y6 X5 u5 v/ p% v, }
- Smallfrogs (http://www.KZTechs.com)
5 j5 i, s2 J1 o8 W; U) W3 U - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能; b& M, [% g3 o3 F1 D; X7 y
- 以下内容被选中:
2 D; e, T7 v( {, k, I$ W! T - 所有的启动项目(包括注册表、启动文件夹、服务等)+ w0 F0 Z9 p5 m- A E/ E& _
- 浏览器加载项
) Z% @+ E# R9 N8 p! W- z - 正在运行的进程(包括进程模块信息)) `7 |( {& v3 ], g0 F
- 文件关联
* I# N2 f5 g; @8 S - Winsock 提供者& x/ W( J& a: f+ B: z6 c$ i, `
- Autorun.inf
4 W! {0 A! z# {; O$ L0 I - HOSTS 文件% c4 H+ z* J8 t5 O# b
- 进程特权扫描
2 x" S/ ^1 z# `+ F: u - ' w. u; i& M5 d$ p4 r2 S1 @8 ~
- 启动项目0 z0 D {' j7 g8 [5 @: K
- 注册表
/ y' P& b! u% N* e) w3 _ f) O6 h - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]3 V( f! x8 J' c3 H* o$ `# e% {
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]# N6 h) b4 R1 u) W I6 x" U2 H+ ]
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
! B% U: H2 ~6 ^3 U. d5 ~ - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]4 {- X$ D4 Y. J" n) O
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]% s: z4 Y% J# B7 ?; J) \
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]* z: ~0 d. [% E" m6 Z% w) n4 i
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
& |& h3 p* u* v' h9 D - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]% K2 ^' \ h5 v9 \
- <PHIME2002A><; > [N/A]) H$ `+ r" V2 I/ W- S
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
0 k& i. o6 n1 y/ z" ^ - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
f7 ?# D& P h; b+ A9 V* I - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
1 I+ I% m* H: L: C - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]3 i! H3 ]8 ]7 }0 |
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
# J) q3 U! m% z; v; D- Q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]& Z* m5 K, b w/ U8 x
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
* j/ D3 J3 | F# s: Q+ ] - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
% S* j3 V0 k; F+ ~. { - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
3 R( B: V! O) _+ R: @ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]3 F' l; o- h. Q8 N! ~
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
, k& a; k& _+ Q0 T/ U1 T z2 U% } - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
* W( s3 B) \. S4 U4 c - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]- d1 z; l9 R' T5 |4 s/ i' N3 y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
( ?" S1 @ P5 w4 h) c2 e; z - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
7 U4 p& G5 F5 P5 j8 |+ H - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]- {* Q( J9 X) G1 A& ^4 ^
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]1 D2 x( T# g5 X- C5 I1 y' S5 ^/ |
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]4 o! e6 z) Q; f: e. d) S
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
. k+ {% p d. ^) }( m" g5 \ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]7 O8 Q& s, k: Z5 p! x: h0 B
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]( T I$ u$ r+ ~- D$ A
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
+ ~8 V6 Z |7 d0 L7 w/ j - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]- |! X5 A0 T- O% F7 G( n
- ==================================
# r+ O2 V. W; a5 C0 m1 H) h2 Z' @& D( c - 启动文件夹
# F" s; X* d! m) s - N/A
# c+ f! h) ^! `1 d9 X4 T - ==================================
* y2 ^; B3 U! F1 K% k - 服务3 a+ E( k: E* L$ r
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
1 f2 K5 d' I% R" B; F6 [ - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
7 D- u) A7 C7 D% f, d* M9 J - [Google Updater Service / gusvc][Stopped/Manual Start]
! v# b7 r5 T; z" j i - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
* U8 ^2 m% A2 |, r4 P - [Help and Support / helpsvc][Stopped/Disabled]
+ H2 K, r- |2 w, _1 d# G - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>4 H$ v6 f q7 O& j1 E4 f
- [Human Interface Device Access / HidServ][Stopped/Boot Start]8 e! g( e- v* V# j
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
, G2 A2 D9 p* X' m5 o - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]$ u$ B+ x. R: P
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
" D" I* ~2 c" a5 Q6 k - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]1 f# Q4 b0 v0 M- r( _& t( v5 a* l. u; I* w
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>( o+ {$ K* L& p M: H
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
! I: h% z+ r/ S: i) Z2 f - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>* e6 K& `# z# s# c+ ~
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
; I3 s* C2 f- g; i# y9 Z - <><N/A>' W, d* e* X( u2 l& u4 M
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]* B2 y$ [9 N) C: {% P6 @
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>; P' p% o: @; Q8 F* v5 O
- ==================================5 F* q$ R: S L9 @: h0 G
- 驱动程序. }% X9 T% b% b7 Y& ]4 ^
- [22j / 22jn][Stopped/Boot Start]
4 Z4 n: p$ q; x% D/ B& y3 r - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>! M0 Q$ z8 M, [
- [360AntiArp / 360AntiArp][Running/System Start]1 C) N( A9 L) H! s
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>! b$ ^! F4 f! e/ {' h
- [43ec / 43ecu][Stopped/Boot Start], b6 v+ s! X6 N( U0 P+ U1 Y
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>( V! F# l) g+ l
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
" |$ ~+ }" h2 @, k+ } s - <system32\drivers\ac97intc.sys><Intel Corporation>
* j7 N5 B* [* C) L3 a6 l - [Promise driver accelerator / bb-run][Running/Boot Start]
8 {! c) Q$ `$ C( | - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
U# K# J$ T$ I& B ^ - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
% D0 W3 Y% Z5 ?5 D" X - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
9 t$ e7 j7 q& U - [KAVBase / KAVBase][Running/Auto Start]% Y/ C( R. B, Z6 b) e p
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>2 K) k( d( Y, m
- [KAVBootC / KAVBootC][Running/Boot Start]2 s1 x0 E; Z% s: X$ a; J
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>5 \' R$ G) I) A0 R- A
- [KAVSafe / KAVSafe][Running/Auto Start]7 H" g( }. e: u8 m5 i1 \# x
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation> R# l+ s& K% X* G! i0 I
- [KNetWch / KNetWch][Running/System Start]
& J% T5 v! M' h$ j$ F0 H - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
0 B7 e3 ~$ P' q D8 K - [KWatch3 / KWatch3][Running/Auto Start]
8 P8 n B2 ^) [: ~% K& I, `2 N - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>3 v8 M4 l. L! r! I9 T! j
- [ntptdb / ntptdb][Stopped/Auto Start]
+ r4 l+ ]& e! F$ L* p* ? - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
% U( I( b& S4 O - [nv / nv][Running/Manual Start]6 z2 n& a" D5 A1 |! A; ~" ?
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
1 B0 f% w" { s) z1 b, A - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
8 J) S) X7 Y8 L - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
4 s, b5 B0 h2 a! e' V8 S* ^0 w$ } - [DDK PACKET Protocol / Packet][Running/Manual Start]
" H& a( K; N9 \ - <system32\DRIVERS\ProtoDrv.sys><360安全中心>) c; Z% b+ E [, D" b7 ?# T; [% K
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
# w5 u; L5 a) S$ \! u - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
* |8 {( P& b4 U: H - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]* Q1 p T$ U4 P+ ?; a3 k9 c
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
( e" d0 g$ ]) @' |' J; L/ u$ b - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]% Q3 y ^: G: C; d/ X
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>3 r9 z5 p1 p; v0 B" S) ^' w# V# [
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]+ \+ W/ J- D8 {1 |; i# d. x2 f* B
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>* _2 O: u! D% @
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]: {, S3 B I* W7 j8 M0 q2 n- |; h
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>6 |& t) o* [: [+ B9 s
- [Secdrv / Secdrv][Stopped/Manual Start]
0 O$ c/ R8 `9 y6 Q4 O6 O4 L- V - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
& t! K7 D* S* U: M& E+ X# ]. s# z - [SATALink External Device Filter / SiRemFil][Running/Boot Start]! b- L' L% g" w3 S
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.> ` }/ X& S5 B% T" N! a
- [System Restore Filter Driver / sr][Stopped/Disabled]
# J" K( B, }; J" \6 h9 w3 o - <system32\DRIVERS\sr.sys><N/A>& O+ a8 a. e! c6 S
- [TesSafe / TesSafe][Stopped/Manual Start]
8 F$ e/ V( p- W5 l4 o - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
9 s2 B1 w% t' }1 p2 R7 d' K - [System Services / unzxzsrs][Stopped/Boot Start]$ Y& G: J2 A# w Q2 m% O
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
: ~ Y' D5 m7 q5 y) d9 E- C' M - [ViBus / ViBus][Stopped/Boot Start]
4 A) M' U& E# H1 U( o2 F - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>. R9 a3 R# z. r* \% e8 ~/ }
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
4 O1 m' W$ ?; K, b - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>9 h: x: @9 ]9 N, Z
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]/ C1 v' {3 N' X% Y# y
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>3 F5 \ E5 v9 Y
- [ATI Extend / zhibmaso][Stopped/Boot Start]
! U( |" {4 U# h G - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
' A' F9 Z2 g' Z - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
3 T) p( j( ~6 h: Y z - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
|8 m2 }" L7 ]9 d$ f6 | - ==================================
' `7 @7 m) ~. o/ y. _ - 浏览器加载项# C" H2 N1 Y4 B
- [Google Toolbar Helper]
7 Q$ ~4 W4 b+ u! ]: S& C - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>" o+ p; N7 H7 Q
- [Google Toolbar Notifier BHO]; Z) x: W1 p$ }6 Q, y, t
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>1 S- U7 L# ?) K/ L( n$ ^
- [SafeMon Class]4 c6 E4 D/ |/ p, A3 n
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>) r: I# f0 b" E$ \" R9 g
- [kingsoft browser shield], k1 u$ F, C& k' T2 H
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
+ m& N3 Z' Q8 o - [IEBuddyExtControl Class]1 ?1 E }7 g7 a: X5 k9 D9 K
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>) {2 K' d1 Y7 w/ \
- [Zcom 杂志], G6 a3 F/ _4 G9 o. Q
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>; p( \# D6 t' W- h+ d' d9 }
- [&Google]2 q9 x7 P$ `* _9 I' m# y
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>) y8 X4 d- O( C' {
- [KooPlayer Control]
: p% h/ V( z+ g, r' }# f - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
4 J/ r+ V% t& c5 Y) ] - [Shockwave Flash Object]3 I4 c/ u% ?5 L5 \1 [
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>$ \/ z% H; a6 H1 a' b7 C
- [KUpdateObj2 Class]; H( a; U+ b4 w3 V9 {+ L
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>3 n1 t' _% `) o8 q! A
- [Google Script Object]7 |8 p7 v# U& `- l
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 Z' ~! d+ d% z6 ` - [EWA Control]
& W8 A, t% E" v1 n - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
* g, J6 g; T1 `1 c6 E - [Windows Media Player]# L9 r( n6 ~6 w0 Q
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>* i7 U: x9 u5 a/ a( g
- [&Google]
4 {( }, F9 n* b0 g! v) l - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>" i# D' T* u9 E i/ U, S, I
- [HTML Document]
3 A" r' A; s" e - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>$ c. x" @0 O, Z
- [DHTML Edit Control Safe for Scripting for IE5]
M( F- ?: u+ v* x! z - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>: e) J! s& r4 K4 a& U( ^
- [RealPlayer RAM Download Handler]+ I# ^# I9 L8 D- B6 t9 t
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
- U) z% j2 ^" w0 F+ f# z - [IEBuddyExtControl Class]$ r7 ~8 i8 M9 x
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>2 j: _6 j5 B' s/ U0 }2 d
- [XML Document]4 {7 Y7 G7 S# s4 S
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
$ u4 o Y" T- @0 i - [HHCtrl Object]& L7 b& W$ v" \7 x& N! T B2 i
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>4 J5 e& \) h' E' T3 C; c6 ] e
- [Windows Media Player]
. S1 L$ Z& `, d; E - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
# ]1 Z8 z. N: |" [! f; u v - [Active Desktop Mover]" z* ~- @' Q; n4 B) g
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>: A7 ?4 { j# V
- [360SafeLive]
* m' d$ W- I" q, x9 S" { - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
( T8 c! _% @5 g- q$ M - [Microsoft Web 浏览器]
0 i2 A9 E, N. P/ n0 A - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>+ V' [8 P1 S2 A p
- [Browser Enhanced Objects]5 j4 M1 ?! q6 r( t9 f* ]
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>4 t/ `1 L& Y$ S7 R& u
- [Google Toolbar Helper]% B# `: R5 B) d$ I7 f9 x
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
1 b U1 p5 O1 z. d - [Microsoft Scriptlet Component]5 T- O' l# L: m/ H9 N, O( s- r% N
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>$ Y% s. t0 T5 [
- [Google Toolbar Notifier BHO]
, [1 j; t' c' `7 K: D - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>: ?2 b6 P/ E) _, e0 J5 d5 H
- [SearchAssistantOC] r* R+ }4 Z% e- U
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
5 \# n* m( |( C2 O' A - [SafeMon Class]
# s5 } ^+ V- F) i9 @3 O+ K2 u - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
9 v6 j+ t5 J( d - [RDS.DataSpace]3 G0 d+ @& \! P, N% u
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>9 ^* a" F" w: B* i3 o, ~9 ]1 X
- [KooPlayer Control]7 y/ H: Z( G; J& M# Z' m. ? S
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>2 @1 W: x- q* k; ?. U+ o
- [AUDIO__MID Moniker Class]. s, s" e ~% F: t( W) y) v
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>3 F- M; L( {% `1 F/ C
- [AUDIO__MP3 Moniker Class]9 u9 [( S- z! [; }8 W
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>" @" l" P- v; L& [
- [AUDIO__X_MS_WMA Moniker Class]9 Y. E/ {9 o* f# O6 b
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>9 v( |4 V4 G3 Q8 \) U
- [VIDEO__X_MS_WMV Moniker Class]
# e: y1 E0 X" ^5 v' P4 f" W - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
Q/ ^; E) k) S# B- o4 W& p$ ]% g - [RealPlayer G2 Control]
: z# k* P' d/ @" Z - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.># v3 I5 ]1 F0 A k9 B' z! H
- [Shockwave Flash Object]9 j( J; \; x9 V
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>: @0 T* h9 G. Q/ I
- [KUpdateObj2 Class], |% p2 M- \! U8 X
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
. c- B; J! L2 u - [kingsoft browser shield]8 P+ h( C% \$ B# F5 B
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
3 ~5 B6 k j# v: ]% M$ \ - [PasswordEditCtrl Class]
8 E( k9 S& }5 e/ I1 Y" {' ? - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
4 t, T8 y7 p) }$ |& J% h q - [QvodCtrl Class]" `" k. z4 j2 {8 l' k3 J
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>: b3 ~' K3 X7 r2 O7 i" h6 r6 n
- [&使用超级旋风下载]8 M$ a- H, r1 {$ k# `
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>( b& h, Q7 M' I" {* p( Z
- [&使用超级旋风下载全部链接]" k: ]$ H/ d6 {2 i6 \* ^; u
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>( e/ N% A. Z" Y' q
- [使用迅雷下载]
+ U& X- o! p/ z) A1 r/ G' E - <, N/A>
3 I% [( @. b1 |8 }" R - [使用迅雷下载全部链接]
: A5 }0 u5 S" y: M; G/ L+ U - <, N/A>
- s; z9 L; p, R7 v: R, S - [导出到 Microsoft Office Excel(&X)]
+ A% ^/ p. e' u+ r3 V, X - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>* ^7 `. Q# N( {
- [添加到QQ表情]0 u0 Z# Y4 i0 E) s8 B
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
$ j# B5 h" a2 l2 _7 w$ R% |. Y - ==================================
0 }( [3 q4 e. R8 [ - 正在运行的进程$ p: F2 W, \" k" c2 K
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: c1 v) I. w1 m& }2 D, X2 `8 ^
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ e+ R+ [# O1 U% n! e3 e - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% B1 F3 |9 I4 a! A2 \+ L1 d - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]0 P% E! L+ I3 W, i% _8 D
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 G& |/ C* M. U& [
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' m0 V) q; B6 A. M+ i
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 q, m' a" t3 Y8 n3 V+ E - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* u2 `: O8 _. h - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 N; a3 o5 H4 \# T8 M - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. \! | u! y0 V u
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( m8 A8 J/ c0 A& n, k4 h% ~
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
- J( c+ |2 y, o4 e5 z) Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]! t7 d, U# G' ]/ H2 F% P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ c, B0 O' T" Y7 u3 P a+ g s - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
) ] V" d! B3 O$ n - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 S/ }' f: K& Z. T( U" U9 u% U - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
5 [- g2 }* b, Q9 l5 { - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
6 W7 {: u+ h5 f7 X6 i+ n% M - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
$ d* @6 x5 y0 n9 p# g( @6 h - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]5 H# G! [4 K* ^. ^
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
0 }! @, D6 P4 C$ @! W6 a - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" @) |4 ?: T4 i5 D/ X+ Y - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]9 E: L6 M0 v4 F# Q' ^5 J! ], h" ?
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]1 f* _) N3 U8 _; S W$ t
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
; a. G2 @6 f" p2 ?" ]7 x5 | - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
. R% n: U! [6 ~8 E - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]/ ^5 _2 ~" }8 e4 T# v1 l' h
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]' C/ p! t7 J- q4 g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 K. ~7 i0 K0 S4 R6 \# X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! X! G: c4 o: S+ s6 C - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 p5 K! l1 e5 w& |, w t% a9 V - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; A4 T/ J# w7 R' z9 U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; u% S) {. m7 z$ }" K4 z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 Q& u& ?# g6 { - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0] s) k* R/ k. R( A& s7 }" g4 N
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]' v b: A# a, Y9 c- z/ ^, x5 g1 {
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]" k+ t5 @6 ?8 a% e' F$ Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
! Y; D1 g' f/ S/ ]8 C2 h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]- K( ~( ~! \& P; I5 n7 v
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164] y' N! p! X* V( {
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
# f8 t, {8 Q7 z2 S - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ O1 d D0 k6 Q; l - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
8 ?6 T; \, j) @% f+ O - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ e% C! g: c- s1 _8 c
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
* x! }2 s8 u* s7 G - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' W, {$ u; N+ Q' f, W0 n- P1 b
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* i3 D. Y2 D/ \1 } N6 D
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
" l0 ?) l& }% ?8 a - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
5 L3 g4 t( ` \$ s; x! X - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 T% P& E- c$ d- Q( P: f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: k6 H5 J0 Q6 v! H2 F3 ^ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) m5 e0 a$ P7 l g) E# H9 p# @8 r - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
. g* h1 a5 Q; L3 {' q0 ~ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]- N4 e6 O$ E: F3 w; D+ a+ L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]6 S& Z3 l U1 K. h& V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]( x1 J9 r+ k# ]6 {4 {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
8 J4 s" d) p( b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]5 o4 K+ Y8 C' p# T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
N% G! L1 u5 f' Y - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]( o: M" ~+ Q U9 D
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
# X9 R# i( e. V$ I3 }- P& K$ g& s - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
c- S% [; y9 f9 K W, a& C - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
! k# c' F! d- C( H# l - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
; g) J6 G3 g! V8 o& `) F2 i - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
7 `, a; L# O/ t# i/ R! T - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]' }' ]% } V! w: e
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
) Y& K8 e2 U B- a: z - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]5 a% L9 X# J+ `0 D( o
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
" @: @9 ]& V7 s2 Z% y9 P# s4 {" ` - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% x" |0 X5 O+ H* U2 k. j# E N - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]! s9 e* p5 v5 o8 r" K1 K
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 X, R" O1 l ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]9 I, m' T" Q: v2 r7 \0 ^. `! v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
" ^9 }) I; A/ J! k, d - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* x$ c3 a* Q0 P - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
: ~( X0 t2 p2 O$ h - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
- D5 o3 ^/ D6 u! t: r( i% G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( D; y# E& N S4 Q0 n+ f6 i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 K5 r: m9 R+ j* z5 M - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
: H3 d& h& `) q: |2 e - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
. S; o) w% R# C: K0 ^ - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
! m- g$ r- k/ n - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 i0 h+ `& y. Y+ j- _# o2 y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" _: H! O5 G& A( I' f1 R& V/ C2 ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' b/ @7 R0 N% e ~7 T" U6 ^ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ \1 S. v5 B& O! J' @: v% c
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]3 Z# \7 r, M( e; s' A! f& B
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( X' z+ B: l% v9 E, r) A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 m7 A) u. l, I& w, p4 I9 N9 z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364] c. M, C2 A+ c% p6 C4 g) T1 D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
& }- U/ [6 o6 ~1 G' B: i) B5 L" X2 D- q - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]- X# }( x! |) S" y9 K" w; B- i
- ==================================/ L3 b$ R8 [4 I; S
- 文件关联' g; Y7 y+ z) V( h2 U: k
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
# N1 K/ M8 E. t, K - .EXE OK. ["%1" %*]
2 X0 w; k! B2 S( W0 q- |+ G - .COM OK. ["%1" %*]
9 L* r( E& Q+ G3 _; ^( [$ B+ f - .PIF OK. ["%1" %*]
: s2 M8 [: |) ]4 @7 K4 @ - .REG OK. [regedit.exe "%1"]
6 K" e3 C7 h2 W* `3 B - .BAT OK. ["%1" %*]
- V+ w$ X+ c$ s2 ~& d: f( z - .SCR OK. ["%1" /S] ~, o( N ^1 A: M7 B0 @6 G
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]( F% J* B, P8 E5 H2 ?$ r
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
1 Q( Q: R% Z/ T; b$ J: _, e; a - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]/ p* C$ S" o& R- ]5 q2 T* w) \+ G
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]2 N( a1 u$ S) i% ~$ v
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
3 z# o4 G* e& l3 V/ ~1 c% D) e) T - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]+ U) m# k( _' S+ V" q2 k! }
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
( `) u# p S1 q" z7 g6 X9 b" L8 ~ - ==================================# y1 k2 P9 p9 y+ P& k/ v
- Winsock 提供者
& ~2 N% w" P4 { c% p - N/A& p' Q: d5 k& X9 I W2 {7 `# F$ g
- ==================================" h$ m% l7 t9 u6 l
- Autorun.inf
* \+ e9 `% G/ C - N/A4 }3 x+ s: i% [& G
- ==================================9 r! n- e: _4 g! {
- HOSTS 文件5 i9 i) D9 j8 S4 I( Q# i+ m& \
- N/A b: ~3 I3 ^8 C, m6 N2 S
- ==================================
) [, Y9 ~ U! E0 K: N8 c0 K! B - 进程特权扫描
9 S3 u$ l% Z4 ?" O8 a - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]* l$ @. o+ `" ~# L
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
6 Z6 H, _: `: A - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
' V( ^5 Q: R" f0 }" b - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]. U& F" w4 g, p9 s. d3 S4 K
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
/ W0 q' X G- T8 I' T4 e - ==================================4 w8 H( p* } `
- API HOOK# y( u; u: h% E4 `2 ~6 v) w$ @
- N/A
# c3 M) g/ }8 R+ P; B - ==================================
) ^0 }& S& f; @$ u - 隐藏进程
5 d! e+ x1 y7 ?& ` - N/A
. q* @/ t4 J1 @; i1 y2 U3 ~ - ==================================
' K) H- d9 e7 M" ?* Q/ Q. d
5 g3 r: Z7 F& }+ C) i2 J- Z
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
