|
|
# b0 }/ w8 R% C$ G) C- 2008-05-22,20:37:43' ~/ ?/ n. _2 U- f3 s; A/ h
- System Repair Engineer 2.5.16.9009 ?1 Z/ v: I# R) W0 R( C3 {, e4 e. k. D
- Smallfrogs (http://www.KZTechs.com)
& P5 E& n' z% E4 b7 f* n - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能, Q! t/ [- Z+ H( d& k, e2 N% L# u
- 以下内容被选中:
# Z8 m/ c9 N" H - 所有的启动项目(包括注册表、启动文件夹、服务等)
6 d2 n' I: G! \% T; S; z - 浏览器加载项2 R. ]1 H. A9 N S) u
- 正在运行的进程(包括进程模块信息)
4 [( V. _6 p J5 M - 文件关联
/ s' [' e# q# J5 a - Winsock 提供者1 K6 h5 v. Z! ^, E% u1 d) ~
- Autorun.inf/ X. @% K% c" O8 ~4 t
- HOSTS 文件
# u% K- N; H3 l3 g - 进程特权扫描
4 `* Y1 ^ O! x/ w - 0 [. N- P+ R9 g; Y" F
- 启动项目
& _) M: g2 ?: Y' e" `0 v - 注册表7 g0 J9 u! Y' e
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] G" s8 t/ ?4 c1 b0 U
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
# c; L% a2 t S$ j7 N. B3 i: j - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
. l6 p8 i) P4 w6 [ - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]9 u; f" l" k5 k4 o: K# U4 O7 {6 g
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]+ R- S' H6 ?4 [, M ]
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]( [+ w# }+ Y `2 J
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]" P& I; Q6 c) L
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]9 U7 m) ^/ y* \0 z# t9 w, k7 J
- <PHIME2002A><; > [N/A]* m" R. d% B' C, R2 g$ r4 ]% Z
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]- b2 X1 r9 [5 G
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
8 b7 C4 W5 A6 G. g6 s - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]- V$ Q$ l* X% o) i( c" |: ^" R
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]) C$ p# c$ B9 N; b
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
' N8 C9 }& s5 b# c - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]0 d. }: Y' E+ O
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
. @0 `5 j, D2 l$ b - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
* n& u+ h1 j, H# }5 \$ o2 p$ b; \6 z - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
, k# i" T( }8 J0 T5 ? J4 ?2 @/ t - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
& ~! M2 |# N' q4 j" R' p - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
0 D% n, b+ v5 k0 x9 t* x. E: v - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
; J8 i. |2 a( C. h1 F* r9 z - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] |4 Q! Y$ M: ]8 k# {( d: Y4 M* n5 U
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
7 C* V$ P! L4 C: G( {4 { - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]5 M3 d% \5 ]( f: }. |. B
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]" c+ Q( J8 t1 I0 z# k
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]2 D& Y# y9 f/ R; R7 `, G
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
# e z) g3 G& V- m - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]( {2 O! D, A( Z- X; H
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
# s% B0 V: K: E! D - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
' i3 V' u9 ~# g4 P: {% j - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
- y/ N+ D+ t2 k& o! | - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
+ d& P" S# t" G1 R - ==================================( w8 @# n2 f6 K
- 启动文件夹2 f. K8 i+ i! D( ^+ ~! m
- N/A
2 v/ J3 `! O y1 e3 k9 { - ==================================4 O& _# @5 J1 k3 X6 ]3 }, w
- 服务
, s) }' N7 T7 D; |: | - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
+ O' n: J+ x7 i5 P/ ? - <C:\WINDOWS\System32\3wareSrv.exe><N/A>( S1 _8 c+ R6 j s5 E2 S3 p$ }: t
- [Google Updater Service / gusvc][Stopped/Manual Start]
6 |) O, }; y& t/ b* ?: Y- m - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>: E& P8 O7 J2 e3 C' {# B3 j# u
- [Help and Support / helpsvc][Stopped/Disabled]% I! s; v4 i n8 [: m
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>, P% o# F% F8 U7 r8 y* |' j
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
, F5 I' ^1 | l! n* y - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>3 p. `1 }( e) a$ C$ \
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
7 z J3 L7 X/ Z4 D - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>0 s9 A. [ h) O$ S
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
5 ~; s' b' E* |8 Y2 U" X. Z5 {. B - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
6 c5 h: H; n% i5 D - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]% N5 I; w6 J% q4 \7 Z3 e
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>+ R& C6 h/ v' X& m. f6 K6 j+ V
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]! N- W, \. G5 S% S1 _
- <><N/A>
" A9 [7 z2 h" D+ I1 i( R - [Qvod Terminal / Qvod Terminal][Running/Auto Start]; K# @ x( I/ K8 l1 ]
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>: f1 V9 t9 k% G9 k3 [1 ?
- ==================================* g. I! {; o" H# z, d8 Y' Z
- 驱动程序
: L/ d9 j) v! Z( e: }0 ^4 A& K7 P - [22j / 22jn][Stopped/Boot Start]' J( V3 j/ E, ^* d: C5 U
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>" g5 @- j k @# e, `% e& N) a& r
- [360AntiArp / 360AntiArp][Running/System Start]
' N; \2 v3 |6 C' h - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>1 S! T! v# h6 |) G( ^, Q6 m
- [43ec / 43ecu][Stopped/Boot Start]
4 W ?, N1 I) M1 K$ R/ M' C - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>4 Q& v8 B O2 K1 U1 m& \: l/ J
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
4 i. H, R; U3 k2 I l5 T - <system32\drivers\ac97intc.sys><Intel Corporation>
- Y' e& i4 u8 x) q2 L" P" o! i - [Promise driver accelerator / bb-run][Running/Boot Start]; d, Y! H+ i! J7 L: P. ?; Y) \6 }. F
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
- L! N. g) e3 }+ _7 ~% T8 g - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
$ A7 |% e" }( j: v2 R/ P - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>1 N, I% w' F% r8 Y ]3 {: b& O
- [KAVBase / KAVBase][Running/Auto Start]8 [9 \: G, J8 b$ E7 W$ `& K( e3 I0 _
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation># D8 N! I6 r% \7 I
- [KAVBootC / KAVBootC][Running/Boot Start]
. k7 k8 V2 M, H) P! S - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
2 }. Z) f9 L$ ~# C& p( Q8 i1 B - [KAVSafe / KAVSafe][Running/Auto Start]- G- B/ z9 ~0 j$ b7 u9 |! z! P
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>0 R% a, j9 L, V t
- [KNetWch / KNetWch][Running/System Start], Z2 n3 }3 K v% U
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
_( m7 @/ `0 F4 k& `! g! P, k - [KWatch3 / KWatch3][Running/Auto Start]
# o4 P5 b2 o" d - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>6 t* S* v. {; u- [
- [ntptdb / ntptdb][Stopped/Auto Start]* }; _# Y3 ^5 E1 [6 n7 |# m6 C7 U
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>, T. i' m# Q% q
- [nv / nv][Running/Manual Start]8 X9 a1 F! ^+ G( F8 I/ N
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
) ^7 e- X) H, G5 k s - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]/ E" `% A2 V, @4 k3 L( K
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>. ]4 a( v+ L9 {! t
- [DDK PACKET Protocol / Packet][Running/Manual Start]
. ^$ M! }0 t; F6 g, ^, e - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
' Q2 l' h! x4 C& [ - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]; N- @2 U- [3 T5 ~# ]) p0 o
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
2 J, c1 z7 H: Z9 g- C - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]4 P; H3 Q! \# R& G
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>/ S$ K) {$ R6 g5 [2 J
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
4 z$ ], ]; d# q' s+ f - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
0 B* X; D9 J& t, `/ h" N - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
' G$ ?) k% a+ O. Z, Z7 z - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>3 ?1 r0 r0 L. v+ V( }; N
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
" g4 x$ H: b. N0 q - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>( F; d- ~9 |3 V1 m7 e" u; J i
- [Secdrv / Secdrv][Stopped/Manual Start]# ]5 ~( L8 W+ |, M4 y
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
+ }/ Q) ?. [4 H, S! z3 p - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
! R; V) O& ~8 {& E0 d+ r) g! s - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>3 f+ F& V, b- j7 N$ g' |
- [System Restore Filter Driver / sr][Stopped/Disabled]. L8 V- h( N7 t5 c
- <system32\DRIVERS\sr.sys><N/A>* A* e) \1 K7 u
- [TesSafe / TesSafe][Stopped/Manual Start]
# S2 n, d) _4 a; n: s - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
2 E* u* Q7 X: F; u/ F - [System Services / unzxzsrs][Stopped/Boot Start]7 \, f+ p, e9 N; B* X
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
: J$ m5 r! X4 l/ P# y0 k - [ViBus / ViBus][Stopped/Boot Start]& ]6 v) d/ D; o/ Z6 v$ L5 q
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
0 v n. r5 i; ]- r - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]1 Q9 O3 X: K/ O
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>7 I* h) B; B* n: A) H0 l w, [" T
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]. |% R8 N$ v2 }3 j1 y& P2 f$ O ]
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc># c6 {% j/ Q- {. d: }/ ^
- [ATI Extend / zhibmaso][Stopped/Boot Start]
6 y/ `1 D& K& I! D - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
0 Q# E& ^# ?/ U) r - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]+ c4 q& Y0 O# K$ a- }( m
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>* [. k% T+ ^: l* ^3 m7 U
- ==================================
) ^( W4 N+ j: S! T- Q/ r' E$ ^ - 浏览器加载项
, } y2 G8 [7 `' C7 M - [Google Toolbar Helper]) n6 k/ @ x8 c* S: u6 {
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
( d3 E1 A3 N9 O8 U0 `" E7 E. o - [Google Toolbar Notifier BHO]/ C8 c J6 g5 B( O% O' l4 c
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
" r- @9 c0 f7 D: e8 f" Y* t - [SafeMon Class]
' a- j( Q9 d' R; q5 K" C - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
7 [7 f9 u& t$ |+ i2 [: T" ]$ s - [kingsoft browser shield]
: G2 F: {0 \: j, |* k5 i7 j# K( I - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>/ s5 }5 |* `3 r( e, P3 A s
- [IEBuddyExtControl Class]6 t) D, ?5 X, P# r( y* S) r
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>8 t: b ]% S1 V0 r: o
- [Zcom 杂志]0 \ p/ E+ w) M! E: Z& B
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
S) Q; Z) l1 `" z - [&Google]
) N. U7 `4 c: C3 Q - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
d1 i1 p% W+ x* S - [KooPlayer Control]" g5 T& V' A' K/ q$ r' c% s) f
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
* l+ K0 ~( v/ |6 F8 j - [Shockwave Flash Object]* \& D1 e+ _1 R
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
. ^" [. I. \1 m. \+ @& L - [KUpdateObj2 Class]
9 Q8 i4 f. G3 G+ Y! O - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>% v) A' P( O4 c" J
- [Google Script Object]
8 ~5 c, |* u, e% c - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
# h9 f/ b9 a2 j& Q" N7 ? - [EWA Control]
7 G E( _4 ?' ~! ~ - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>. o1 l; R2 {$ ]6 B
- [Windows Media Player]
- ?. G0 U& a0 B" z' J& e& X - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
6 q& ~# n4 H, O6 C* }$ S - [&Google]
0 _4 L; g$ d G- A( c0 W8 A& P - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 b# \+ j! a3 N% T9 _ - [HTML Document]
3 ^ z! \8 C# S# F/ i - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>8 V! D" d s& ]4 q! _# J9 F
- [DHTML Edit Control Safe for Scripting for IE5]: @! `: h4 H- R+ q
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>( g3 e- o5 T3 |
- [RealPlayer RAM Download Handler]
Z R' f: q7 v Q" K0 H3 z - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
, t& K S, @) R - [IEBuddyExtControl Class]
* c4 F' M# R$ K5 C - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
1 _- N! P( F) {. Y1 F$ W - [XML Document]3 D: J; e: y& A
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>8 ]4 d4 C N T( t3 N+ |
- [HHCtrl Object]- b9 j* o7 H. f, }
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
1 g! r, y3 x) m8 i6 m+ v - [Windows Media Player]( B5 t, u4 i* T
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>! Z$ _/ c0 p! n" H2 ~" F1 Y
- [Active Desktop Mover]
/ M8 f) Z( j) O) q3 Z1 |4 R) p - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
/ J) X+ C/ [0 _ - [360SafeLive]
; S' l: S9 r, p S2 g2 R7 A+ ^ - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
7 L3 M" H1 @ x9 j - [Microsoft Web 浏览器]
( {5 q: |3 }4 S! f t6 N - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
& [5 |' N1 I6 Z+ ? X - [Browser Enhanced Objects]
* } r7 K9 |9 T" H ~: } - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>$ [) C5 u' Q) @* T
- [Google Toolbar Helper]
j' a& @7 C& }" Y4 E - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
- |' X! S% a( _( w- e - [Microsoft Scriptlet Component]7 r1 ^ u7 E2 j
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>. S+ Z* k: }3 H' _- F8 z" g6 H
- [Google Toolbar Notifier BHO]
; P' O& i( b Q7 |' ?$ b - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
0 A5 s4 a' w6 L; b9 B: C - [SearchAssistantOC]
: P+ f1 j, D. R8 |& ^ - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>4 L/ }) C# K' j7 C
- [SafeMon Class]: j- }! D4 j9 H. H) r
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
% S }! Z/ W3 \ - [RDS.DataSpace]6 x* L1 F7 f/ ] _% A
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>9 z _. Q. O& E8 [: S5 z
- [KooPlayer Control]
" Y$ h% k/ }3 D - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
# f" v0 N. X( T/ B9 C" r - [AUDIO__MID Moniker Class]
5 }: v& Z) Y7 I2 r# w8 H* H! c: n! p. ^ - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>" O/ i: w6 r1 y3 k2 {3 w1 d
- [AUDIO__MP3 Moniker Class]
5 h$ z! f3 s ]6 u2 C - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
! M5 H; Q& b( D/ k* ?) a+ {; x* M - [AUDIO__X_MS_WMA Moniker Class]
9 f1 {& S! j% ? - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>0 d! v3 ^/ b3 J
- [VIDEO__X_MS_WMV Moniker Class]
- y1 K5 O* e8 h3 [: G. f - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
/ a+ b$ B4 C& R0 K$ F# r/ ]' R - [RealPlayer G2 Control] p! i0 E" J# L5 O1 K8 y
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
% `# T1 n) `* M - [Shockwave Flash Object]' C, l! e& I0 R, p) I+ Q; q
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>( J# F- S; M& ?8 V ?0 Z
- [KUpdateObj2 Class]
; }" Y& ^6 j3 S/ U - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>8 A/ Y& R9 ^/ g: d/ f3 z
- [kingsoft browser shield]
7 T' H# ^3 v4 F: h9 ` - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation># H$ n1 |# L/ I; \# P s. c- h2 T2 P
- [PasswordEditCtrl Class]
' o7 N0 u9 Z* t! R - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>: x4 T' [& C. p# E) k0 S& q& I
- [QvodCtrl Class]! o, }3 c5 i3 n5 @; }9 X2 G3 W
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>, w! b, C5 P! O5 I+ L$ u/ x
- [&使用超级旋风下载]
7 ~0 a: H3 l2 R0 U% I" {, [) H% C - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
2 y( x' t6 x# ]% C' r - [&使用超级旋风下载全部链接]
* p: _) l# S, Y+ F - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
5 c; U0 s5 L& D& Q4 ? - [使用迅雷下载]. y' F! N4 O) R- ~/ C; w4 {
- <, N/A>
! { u6 [ K5 y; }* u - [使用迅雷下载全部链接]) Q( l; @/ X$ y/ M& x; m3 [% q
- <, N/A>9 J! D% g# f& w8 O$ e p
- [导出到 Microsoft Office Excel(&X)]
; F: v3 Q: t, _/ S' q - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
- z6 i" {9 X5 U* Y - [添加到QQ表情]
3 b y# ^5 C7 k6 _% m - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
3 a2 t3 g% E4 B0 {5 j k+ J - ==================================
% ^* Q2 e. C1 ?8 u( t/ B$ E - 正在运行的进程' c8 V: G9 G- w7 D
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! t M3 H3 [! n( Y& Z1 @- S
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' b7 Z6 L& a; Y
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ K& A6 @$ S0 r i0 ^) Y - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]3 \8 q& q8 `6 R
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: k" k7 y& S5 d4 X - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 e, m/ k# @# @6 P- q" f - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 ]$ g) |, X# `0 c" C - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 B9 m! K% C u! } - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& Q1 ~# H! [0 O. ?: {' n! E- g - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: ]& c& T2 O* q! M
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 O) \. ~+ l! T) X* m2 A- n - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]4 R, G! v" S. D( { f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 y3 O# `/ J: M( e( g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( Z0 v) [* R$ s( W, o; t' b - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
; a7 F( ?6 ?5 U9 j, }, A - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
/ B8 K3 X2 S) b! I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]- z* b) m7 [ Y3 m5 l
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]! ^/ q; h# R2 v8 P5 { o& l" j# X% _
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
4 D: R& x. g ^' [5 W* u - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]" g- G6 s1 e( _% G9 D
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
4 c' E" M8 j* k' ^: j# F - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
- z7 K/ ^5 O. H" U" A) G - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]& [ A" R, J& }* g7 E0 B2 m% ]% o
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]& [* ~# q+ {3 {- }, G
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]' M+ \/ t* ~9 D9 @7 d9 T d
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
3 f/ q" w* ]* [" U1 g& v: d - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]" I- K. g% b4 n* Z* G& ^7 n
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]+ h6 w& }) D3 G" N7 |( {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], N% M" f2 @& R& ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]7 P8 e3 {! e3 t' U# h* q) x
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
8 G$ }% i( x6 f T3 U W# Y% y - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 n( ^4 ?: W; M) z! k, X+ g5 V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# Z4 q; ?5 S% [2 k1 t4 {$ _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 t z* F' G. W$ |5 s7 }% T$ [
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
& ]1 D- p* @/ U# `& l - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
- g; b$ J1 }2 a8 F' s# f8 T) f5 h7 ~ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]+ o+ L$ L, }& N5 r% x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" t. G+ t3 i2 {. i' g, J. y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) z% `: d. e, D) @- }: ?% | - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
9 K2 C' F2 j, R/ g% Z3 v0 [ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]* \$ d7 S7 T- s9 T- |$ u
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
& F, f2 R8 P/ G9 K2 r5 R - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 @$ u% F q1 Z/ h2 R' l0 m
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 X: ~, y2 B7 K r
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
5 X# C3 M; T8 G# q - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- J. |7 M; A8 ]
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" T2 S: Z k& t
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]' v- J1 K9 h! j$ M* N9 _
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]0 i' q; H6 c; c5 }3 m! G4 d4 ]
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
* ]+ b8 U, c, q l) V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
- @8 K+ k8 ?$ S9 y$ B' r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ g8 }, {7 v" G7 p. j& Y8 b1 _5 ? - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
+ F# F9 n7 m- m - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
: a" |: X/ |& [0 ^& O& e" ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
, `, |8 n- z* ` J - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
' Q: p5 P) X. D$ Z! {% | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
) O( W# j$ \6 J' K; ^5 n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]& J* Q+ K* U# o, C* `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
# N' i3 l' U: `) E7 d" r- C - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
9 G& i0 E/ H& y/ z - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]( P. l5 f4 f+ ?$ |* [- R! `
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]. K5 `: n; `" W6 |
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]1 O3 |* ^$ I' h7 f
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]- D4 ~6 F% S! H+ g6 w5 v% g
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
. S2 \2 U: K2 Y/ B& @ - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
5 l4 L2 O9 U& q+ l* O2 M7 @ - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
! N" i& Z5 n8 a2 p+ d - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
. J; `+ J. s. q - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
6 z: ~# E% N: b4 i; }5 D - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; V: j2 _* E4 i" \9 T( T" \, ?+ L
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]) K8 a5 @3 P/ M1 C) g+ M! z( x( D
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]$ Z, j+ u9 E, [7 B$ O3 [8 j: @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( V+ b/ [1 V6 C$ j- i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 c" ?& k$ b6 {; \+ S2 r
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
; H, v' y- [0 z6 t: i8 q - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
8 y5 K; |) ?( } - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 m9 h+ g* W' o1 H; \8 y+ l0 o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 `, `0 M' J7 M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 R! q3 N" j0 ^! {/ Z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
7 O+ A3 [5 d/ a8 c% G% E8 L# `' ~ - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
. F: v/ _1 f# @ - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
2 q1 ~, D8 @7 U! I$ i, B3 v8 t - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 T4 y. f6 I, i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
* T/ K* j- D& k0 _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 B' L$ v4 [, ~, j4 _ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* ~+ v% K4 u; E @3 A7 y
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
8 D* b/ q# T3 [/ }; x/ a! a - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) I/ e7 G6 c' r! i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 Z, B! X: [- X4 w* j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 g+ R8 x! }& n6 Z- W% b5 @ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0], t( _2 v# o+ R# ~# V; X+ E0 d* R; ?; `
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
" V+ v$ N3 z9 u- M - ==================================2 }# L1 ~7 O4 O0 P& r$ u9 @$ c* M2 o
- 文件关联
* c& \' }1 {4 L( s& \3 S - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
4 e _: ~% B0 l) `% R - .EXE OK. ["%1" %*]! ^$ `* j5 z! _7 C4 ^2 q
- .COM OK. ["%1" %*]
* ^; k% x H' o) G; W - .PIF OK. ["%1" %*]! K' `, L* I R
- .REG OK. [regedit.exe "%1"]1 J9 N( d- [( m8 @1 B
- .BAT OK. ["%1" %*]. J' [4 h2 }% E, H
- .SCR OK. ["%1" /S]
/ b1 V# |, [ E/ E0 B( H - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
, i% _- s& S1 }1 D# n( ? u9 g - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]( I7 H; J3 f4 R# A
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]% [, [) j1 a1 F. X* m* }
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]2 d1 e4 b0 @& K( b- x& r0 I
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
: w1 ~3 g; a4 Z+ |4 e: C - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
0 c) {: r. Z, p+ J) X - .LNK OK. [{00021401-0000-0000-C000-000000000046}]3 Q# l% Q- D4 D, n2 Q+ I3 u
- ==================================! |% T" e2 S1 P. p+ z
- Winsock 提供者- r3 e5 S4 m6 l
- N/A1 {% X1 z- N: K- d# ~
- ==================================
. b' t7 Q8 a. T1 d: M - Autorun.inf; ^. T: z8 s( W
- N/A
( P& V. X+ E) |/ |& ~ - ==================================
+ n( L. J* k* d8 b/ J4 ~ - HOSTS 文件! Q" \% K3 }0 i0 J# F2 l* I7 x
- N/A% A3 T) L* x/ `5 c/ D$ e$ p) u! N
- ==================================6 H3 g4 u0 K- \/ G( K7 b
- 进程特权扫描
3 M$ i8 }* m0 v3 N& D4 L: j - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]* c# O+ l, R8 }2 X) o* m
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]! f7 o- r" o3 B/ G: b4 p
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]! W; G/ n9 R. U
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
5 _, a$ D2 _3 ^2 T* j# A - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
; f' c" h6 t- O; S# E- g - ==================================
/ S. X: S7 p/ a8 [& p0 A - API HOOK; s0 v) F3 t# i; k) D
- N/A/ q( r8 a, U1 K+ }/ i) o3 [) c
- ==================================
4 e# u# B6 n/ G; X7 ] - 隐藏进程1 O' C; P) n5 M3 j
- N/A4 e9 |0 C. ^8 p3 e
- ==================================
' u9 D% V0 [. \, H3 D
/ J( Y2 r5 G4 M, @
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
