|
|
- 7 K" M* p5 a! v4 b/ n
- 2008-05-22,20:37:43( l, d6 t8 ~1 \
- System Repair Engineer 2.5.16.900
8 H' w7 k* j; u; Z2 P J. Y - Smallfrogs (http://www.KZTechs.com)
4 s2 T9 s# ]. A8 G1 {& i, b2 d - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能5 i3 q; g) C; R3 `+ i3 Z7 o; C% u
- 以下内容被选中:
, N; D- F# r- l+ a$ E- J3 Q' L6 L: c/ r - 所有的启动项目(包括注册表、启动文件夹、服务等)
* V' I* h( A4 S4 c2 j' d" w( x+ q" W - 浏览器加载项9 r' y0 S) m2 v' h" z' t
- 正在运行的进程(包括进程模块信息)
0 K1 M9 P! S) ?; h, K. E - 文件关联
7 z5 ^; c$ C8 G. B) ?: ~% S, S - Winsock 提供者8 |4 p4 L( V, l: p
- Autorun.inf7 \6 E5 J" k& B; d! P6 @
- HOSTS 文件
2 p8 i. p' Q6 X, e3 d" F( ` - 进程特权扫描9 s) E$ j* ?! p
% Z+ H) f: x% E; U! |$ D' ^% k- 启动项目 h, `/ l1 X, H( f6 d6 D$ V2 |2 {
- 注册表5 o3 [ {2 C, _) f9 r/ @* o/ L
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
9 J+ q" M/ F) F$ [3 K0 L - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]; T l" d4 S6 \
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]! B/ [) V! L. f# c, p
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]. }. h6 @5 X3 Y( K; v& b& G8 C( L6 U
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
4 k1 F8 D- m8 u7 B1 e: i1 p! S( U - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
- T; C6 L. K* F+ |4 B& m# l, d# Z - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
) }' h. Q' y3 a - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]9 L' ]2 R1 \! T, W7 v- q
- <PHIME2002A><; > [N/A]
6 `3 u# `# Y+ T& I - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]3 C$ S4 P9 E2 p( a7 A7 v4 p0 t" z
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]" K, u+ C# Y* a- B/ P! v
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]8 S4 t$ S7 h9 h' [& t5 Z# r
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
8 }( t) c5 K& ?3 @3 ]* ` - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
4 [8 F0 ?) e' l8 L - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]8 c! ?) Q! E; R$ M
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]8 Y, p( y: `: ~' B
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
6 z7 s; W8 N1 u& o x; ^: e - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
& n% B3 @9 T! l' d! G. ?* E! x - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
, r% Z# u9 N/ d5 _/ O1 l - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]. r) `( z7 S( F# g
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
$ A I' n" {3 O - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]6 j9 g6 u& h; H1 Q$ j
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
6 U5 J+ T) K/ i+ g - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
1 M* J2 w$ O4 ]; N3 I - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
E) d- ~' H# X# C - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]3 R# s; u q$ ?1 I
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
: S; k* m. y& y/ t# ^ - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]$ F9 a% r0 {; K) V' ^
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]' m+ i L2 j" C& P# X9 D [
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]$ l" [+ |5 D+ x. X0 K( w
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
0 t% Y5 V( H, m6 z; v; B - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
5 W! T& U" F' | - ==================================
6 k7 i5 H$ a8 M! H& N( I: y% o+ n - 启动文件夹2 o% d* ?, @9 r! w) ^5 Q
- N/A8 O; I% s% o" x- o1 ?
- ==================================
/ M) i# w" c$ j - 服务
3 U; S E# `5 j - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]: J8 e+ c2 s- b& y* }. L) h3 V
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
, D& m6 k- X. W6 U - [Google Updater Service / gusvc][Stopped/Manual Start]
0 w4 {/ x% o2 ^) D* W - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
% W) H' X3 I, @3 V3 n5 m% ?5 m - [Help and Support / helpsvc][Stopped/Disabled]
, K; k1 z2 W, w7 X - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>! x% h" n. l8 I. ?2 W+ J5 I) |9 ~. p2 M
- [Human Interface Device Access / HidServ][Stopped/Boot Start]9 ], _0 q+ s4 ^2 P
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
2 z9 _% w3 d& \9 A. L; { - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]4 ?0 x. `7 O$ w7 H+ [
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
7 H1 ~/ x$ U6 S - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
2 P3 {0 h: ^& @5 ~' n6 [1 ?7 J - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
; d1 }# J9 J# L2 N7 G2 d3 o - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
- Q% X7 Y# [/ d9 b2 L" o - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
# \9 b/ R' m5 Q; P7 N$ v - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
+ m6 o8 k% j, \! _+ Q - <><N/A>
# {2 ?$ N8 b3 z+ D - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
' x1 v3 {) e6 n7 f& C/ s. C' [ T - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
2 z1 G/ Z8 X7 T$ C1 H1 L) I - ==================================9 J/ o8 I. l" N- B, @9 V m. I
- 驱动程序, `! |( N' P6 Y6 F- f8 ~
- [22j / 22jn][Stopped/Boot Start]8 R- d4 s, u0 e8 s) a$ E8 V. L, o
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>. q6 _- N" Y* J: C) ~" n B
- [360AntiArp / 360AntiArp][Running/System Start] o8 y* z! r' E, O& D' l
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
& k9 \# d) J3 S& u6 T: z, i2 R - [43ec / 43ecu][Stopped/Boot Start]% Z7 p3 B; f2 I/ Q
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
: |3 l4 b- h* x/ Z5 L - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
4 @! h) J8 C/ y2 w* R - <system32\drivers\ac97intc.sys><Intel Corporation>7 V7 O, H1 [, E9 D7 W3 h( a
- [Promise driver accelerator / bb-run][Running/Boot Start]
# ^( m5 ?4 r! y* ~8 N- Q - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>, }! y/ Z# q; S0 Y+ t: j+ B
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
# S9 s) ], K, N d! T3 L - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
3 i# N. }4 I, u3 Q6 M - [KAVBase / KAVBase][Running/Auto Start]
9 ~# x. [% D; v; u7 ^, j6 d - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>; P# w% t5 [/ n7 ]5 S
- [KAVBootC / KAVBootC][Running/Boot Start]
* \- J: z; n' C. i' k, u! { - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
3 S9 z6 u0 E; Z- | - [KAVSafe / KAVSafe][Running/Auto Start]9 j: }: ?8 L$ E8 ~, |6 H
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
, H" [4 I* @) }. o; {2 h* v - [KNetWch / KNetWch][Running/System Start]0 Y* e2 K* H k8 P- U
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>$ P# ^/ {- M' E9 Y7 E3 A
- [KWatch3 / KWatch3][Running/Auto Start]
2 v0 ^9 z0 j& D - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>' s7 [/ d9 G0 O
- [ntptdb / ntptdb][Stopped/Auto Start]$ w) Z- `& h( q) I* p ?# I7 A
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
( \, Y! t5 }9 m* z( B - [nv / nv][Running/Manual Start]) F& h5 n* @; h$ q" _
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
( ]# [- C/ j! q( L8 I - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
7 v. z, [# y% ^* X/ b) | - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
k7 O, G4 I: K7 C - [DDK PACKET Protocol / Packet][Running/Manual Start]1 p9 y* O! E1 i
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
( d3 x h( {' F F# S - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
1 s1 i1 [/ O s. A0 b- L3 p( B6 k - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>4 v+ B& {' P5 H2 J
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]9 y( H- ]( H5 w4 b- k
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>& ?7 S- Z9 A3 S0 f! |9 F) f
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
" v3 h# [5 M1 Y7 `) C/ v: x9 F1 A1 X - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>) G( I% }5 N1 a
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]/ e5 r: W3 I) X/ E& f, \9 k
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>7 y" F$ D: Y+ f
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
2 G# k9 g" d" p& N% F9 z - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
& I- u& J0 L. Z3 p) M0 L$ N U O - [Secdrv / Secdrv][Stopped/Manual Start]
; `. V4 e* u5 u' h0 x - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>% s# e) e0 V, \3 b/ n
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
2 Q( D5 {2 W4 P2 S - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>+ E! r% u0 Q2 R$ R& N. q# i- }
- [System Restore Filter Driver / sr][Stopped/Disabled]
2 X) w/ ?& K: v - <system32\DRIVERS\sr.sys><N/A>
! ]3 i! e! Q; P& A0 n. {; Q. O - [TesSafe / TesSafe][Stopped/Manual Start]$ t" v% c9 S" U
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>9 {( [" J- V( U
- [System Services / unzxzsrs][Stopped/Boot Start]' a" i; d, _3 f( a+ W2 s/ P6 o
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>( S# s9 B- x- A8 M
- [ViBus / ViBus][Stopped/Boot Start]
P! Z9 V! r1 u: P* z7 ^, m9 v/ \ - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
# t- g' {( @" O( [1 S - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]. A/ Y1 i9 ~$ I! F& S$ T+ o
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
# H% p! {/ g% I7 k - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
! Y7 w5 f9 m9 y3 y! M - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
- V' P; Q+ N2 x" ] - [ATI Extend / zhibmaso][Stopped/Boot Start]1 m" ^ D) y! ]
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>) v! ?. V9 \. F1 {# Q2 _
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
) w. D& D* h) Z - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
) x) E8 T2 \: A* } - ==================================5 ]5 Z b: i# O1 q9 o7 _1 u# i
- 浏览器加载项" d" T# I+ G3 \$ Q: c& }" X
- [Google Toolbar Helper]
2 E: E$ ^& }$ K+ l; _6 `" H - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 s1 X6 g' Q; Z3 F! ]; ? - [Google Toolbar Notifier BHO]9 P1 W0 [, H; n0 o0 ^
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
( v t& ^0 P& w# s) U - [SafeMon Class]
8 Z4 Z) X& R: G% `" O - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>* }# T/ u; g4 T2 x) ^* U+ Q1 M
- [kingsoft browser shield]4 L* `. y# f$ \3 M; n3 }9 Z
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>4 m# S @2 n* O0 d# o& B8 I
- [IEBuddyExtControl Class]
6 z. R, `9 h K8 ? - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>: q% P# _4 w& \
- [Zcom 杂志]/ L; g4 |' U& V; x& x
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>6 J+ d2 _0 e4 K
- [&Google]
) i3 j; C; w0 d9 I1 c5 C" ~3 b - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 G0 W+ r. ?" \5 | - [KooPlayer Control]1 F7 a! a- W) C, A# v
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
, ~' q8 a' S5 ~. g# E g2 [! }1 O- y1 o - [Shockwave Flash Object]7 |, Z5 D9 J k7 w! n8 i( i
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>' c0 i: a) {$ g
- [KUpdateObj2 Class]. ~( Q: `3 S- ?$ k
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation># b& b! }8 @3 k0 z% j
- [Google Script Object]
" `6 G/ q7 j3 V6 C - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>9 Q9 A; V; f" k* M, D% i
- [EWA Control]
" a' @& f% d: \- ]: _" L. @ - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
; k$ S1 F8 F8 G& s5 F/ l - [Windows Media Player]0 n' x# K4 }5 h( h0 y
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
+ M) J* l$ D' z h+ }% n' X' z - [&Google]0 ^' i, n/ @- f, I
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>7 y0 B/ f4 r) P
- [HTML Document]8 i+ ]% ^3 K) ^3 k9 l
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
) Y a% Q- B7 m - [DHTML Edit Control Safe for Scripting for IE5], u1 M C9 O2 `. s& l
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>8 g' ~8 ]) P- w6 R: e% Z% r: w0 Y6 F
- [RealPlayer RAM Download Handler]
. ]4 z* y) c C) t - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>! Z" D; t) i ^) i! M
- [IEBuddyExtControl Class] F4 ?9 @% Z0 D; E" B
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation> G( u7 k' i9 o4 e# A
- [XML Document]
! p l ]0 P1 [0 e - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>' r/ u+ E/ }" m: i' \1 u
- [HHCtrl Object]
8 d- l* d L+ v% j2 n0 s - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
7 d8 G1 r3 c. \: g( L! c - [Windows Media Player]
G6 H( U- L8 J! ?2 o2 M% k - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
* ?2 o) F! S$ ]1 _7 B3 H - [Active Desktop Mover]
1 y4 i' F' a, M5 B1 P; V' V - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
4 Z! G' v8 }( a+ }9 N; M$ U* Q7 I: [ - [360SafeLive]
( L3 E( ?1 G$ o2 G3 [ - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
! f9 K m8 U! \$ T - [Microsoft Web 浏览器]
- ]0 h2 b- F! X1 W4 j& B# m - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
, G) v4 Z$ B1 o5 u9 ~& i4 V - [Browser Enhanced Objects]
: d9 L, ], n$ @% [* p% q - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
0 S2 X5 x6 w* o - [Google Toolbar Helper]
6 ^ R* I8 [2 ^7 L" p& g - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>, g. G% Y" Y# ^( R# @
- [Microsoft Scriptlet Component]
0 l; o" j( L: \! O+ { - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>) T1 k7 q! P5 w
- [Google Toolbar Notifier BHO]
$ S) g2 |2 r$ h0 V - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>5 Y4 r, C" {- N
- [SearchAssistantOC]+ S+ W+ }- i+ K1 ]( I1 C) Q; ~) Y+ q
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>: W6 l( W2 |, W& N" [
- [SafeMon Class]
B1 T/ r |7 z0 b9 ] - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>' p2 e* O7 J7 i0 x# K% }4 ~/ E
- [RDS.DataSpace], y8 t9 @" p# V, H
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
& A) A; F7 P# j" a* I M - [KooPlayer Control]' q+ B, q# s2 Y# E3 h
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>9 H! ]# Y! z4 d( v5 @
- [AUDIO__MID Moniker Class]2 D$ ?3 o9 ~, K' U6 q6 O+ t
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>1 p4 q# y) {* ^, e- L/ W+ M
- [AUDIO__MP3 Moniker Class]
1 @% s f# ?3 \8 n - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>2 q5 \; ^/ d' t
- [AUDIO__X_MS_WMA Moniker Class] p4 Z; _, Q# s9 w9 g7 M/ Z- l
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>6 f8 ~! v( x% _2 E7 n$ E; }3 j
- [VIDEO__X_MS_WMV Moniker Class]
$ L# @; P/ D+ d6 ^0 {9 i - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>; b! i$ w+ _5 D O, Z
- [RealPlayer G2 Control]; }1 d# f+ b" R1 H
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
8 N: @4 M" G3 R9 {5 z% z! i - [Shockwave Flash Object]
L! O0 T3 k. e5 z: A8 L3 O/ X - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>/ |: B6 F9 m) y
- [KUpdateObj2 Class]
! q L( L; r4 b- B0 Q4 E - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
H- p- @5 [1 ]2 K( [ - [kingsoft browser shield]! H3 u+ y$ m \+ u
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>; o2 G4 d# v3 v; t0 S' R3 l1 e
- [PasswordEditCtrl Class]5 r- u) Z& k7 H) S
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
" A5 ~+ h0 I$ q7 d - [QvodCtrl Class]
. |- T8 P0 U& y5 }8 F - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
1 L4 v4 l; [0 s0 d, E1 H# J! C5 S - [&使用超级旋风下载] I: A! Y a' g- R8 z0 R- _9 }
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>. g3 ?- N( e* z+ m( V C% s
- [&使用超级旋风下载全部链接]
" b" ]$ d0 j8 P" s2 O% @$ L - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>1 z3 y/ M. l6 W+ B
- [使用迅雷下载]& G c5 N& I6 N" F
- <, N/A>4 }/ H, A2 P9 n0 `& }7 \+ k4 e' k3 p @
- [使用迅雷下载全部链接]
: `( {. C- M8 L8 S/ q& A: p - <, N/A>9 g# e" i: W3 |1 A: s5 |8 n) O
- [导出到 Microsoft Office Excel(&X)]
8 k7 O/ x ~% s- u5 c - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>8 V/ Q( j; {: ^. @; [% Z4 y8 s
- [添加到QQ表情]
9 Z @, C) F J* i2 K1 v( e/ P$ ~$ \ - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
7 B! |2 V7 Q3 W. { - ==================================
" U1 _( F4 u+ o, d% ?% N - 正在运行的进程
0 [2 i5 ~5 K' k& F6 p, y - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: r/ H [* P4 s! H - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 i. H( e7 i4 a/ r: g/ ^# e
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: b; z5 I0 p+ g: k+ Z - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] r! e( _& Q6 z J a
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; z7 S5 g7 R4 i/ Y2 v& ]3 a - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 `' w4 E+ |6 y* z) Q: G# o - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 u, Q& e1 s% p- ?
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
M4 k; P2 q7 a5 P2 \ - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 s0 g3 O1 i. r/ D, I+ ^, I - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 _, X7 P7 B" _/ p' ^
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) `* Y9 d+ |/ G( @+ d3 T9 U# A - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]4 l2 ?! p! r* m1 z& {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ Z5 Q- g, J8 s# O$ W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; [7 D2 M, h _( \$ x% f" p
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
( ^& x4 f' f6 W+ l: A - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 c+ D2 N1 C* k3 z# M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
8 _. E" N5 B/ O& ^* S - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]8 r K/ P! n3 y# p3 o
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
, f$ ?0 a* f5 V. P. K - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]8 m2 r9 _3 G* ~, I, H0 a z- k
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
+ C/ ] v9 {% h$ E* a$ B - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
1 u, A' ~5 M* u( I4 S" [, O - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]- M8 A8 k8 {7 U
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]$ m2 W. \! i+ |1 q9 t0 w
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
% {% j+ L+ I6 @7 p, `2 M' V - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]6 z4 c# B9 L$ d6 Q2 W) a
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
3 ~6 L; S3 _/ U! ` x - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
- v& }8 J' f1 ~! Z5 B( Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 T( C* a" l& {8 T( z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: G3 I6 V9 l Q; ~; R$ D7 T1 W+ C
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
& A% t: z1 \& S( O) K3 f- C/ o - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ V0 t9 q- F; f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]7 a8 H. k; [& y8 Q3 ^8 g: e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ V- }* Z+ {6 y* Q5 M: A
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. Z: Y, x! J% m; B. B
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
; c( ?/ M7 a( o, O3 v4 U - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
/ z! F j) N1 f A3 a# s! m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]' Y& X- C) X# ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% O# x$ {# Y) }) G7 s0 r; {
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
* ^- H0 w! ?( d6 Q - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]8 ~$ \. s5 V% T. k: Y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 e# [. o/ _& n( X
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% D# }4 v! q' @6 f4 N - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- L4 B, ^" K; q5 C' p' y6 c* w - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]4 z3 q; s0 x: [" k: r4 @ R1 K! G
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( A) [ g% i) |* Z# [# M3 _
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 b8 U* V5 [7 n" B7 |/ \& O - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
4 n1 t' \; X+ a - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
( d( f7 W( W" [5 b - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
- R) V. S5 ?* @" ~8 Q4 T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 J+ q8 W9 I4 B; q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]7 I& q/ E0 v" H0 L3 z4 T( x8 H' q
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
4 o! T: A) a& y! ?0 n; z8 |. s - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
% N( E6 q- _4 q! ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2], K* X5 Y+ i4 a$ `, k, h D; o8 J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
3 Z( Q* s+ m* @1 ]% { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
. |* r: @% e. S2 y F* u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]2 m% T5 u0 ~( F% w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78] h0 I+ e$ G6 j& |+ K; k
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]" x3 w0 h/ j) g- a3 s/ \
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
2 v& y+ g1 j% W - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
: C. q6 L9 k& R - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
" W, Q2 g1 ~9 _# [: C - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
7 M$ n/ H P3 n7 N, ` - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
3 H m; R5 J0 s `/ W5 y) D - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
- ~9 {0 O& V8 U* g - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]1 @+ e' r# m: _
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
6 @ _- R- q8 J; _7 w - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
2 @: R- l2 Y5 |$ G3 } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 T% r: G1 r3 T0 d5 t - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
" r, |9 U. K0 A: C1 _, W - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]/ I$ N0 G% h$ s; t J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
! a6 s; O" G/ Q" u' N% G: ^/ ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 D& h3 i+ [1 f' q2 i% h! t - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]4 e8 e2 ^! j% t" r9 a) k1 @! a
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
% V! E9 X2 j( @6 i. B - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
9 @( {* v: a" h) i: X9 A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ a8 j1 [ i* L/ F& J- x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 z. w) ]) T6 t$ Y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 R5 d* L) N7 Y! s - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
( |2 X5 ]8 |) x$ W) Z - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]5 m- `# l# D, ^) V
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 \- Y# H& N$ e' e5 }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ Q9 W5 g, P+ W8 h/ [+ p3 \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]- ]/ i+ F# b T' {
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ |/ K0 @1 b) e' m4 ~- ~6 G
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]6 Y( b5 Y7 ~1 m. y. p$ j' M
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* L+ L3 O3 q' @- I! g5 \
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) {7 k$ R+ ?1 n' Q3 Y; I" L% a; G+ m, G
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' B# g) J: H/ d3 M8 x9 T2 F - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]1 q' D- I8 G o7 {- Y
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]4 h( m7 [, ~1 Y+ J: O
- ==================================
4 M% ?& O7 j* K1 a9 x, h, Y - 文件关联6 G/ b8 }3 B% M! T1 k4 y& w5 D
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]0 l7 Z! W [4 [5 A( N8 C
- .EXE OK. ["%1" %*]
3 |; {1 R" D2 Q$ `7 V1 A - .COM OK. ["%1" %*]( G" Z2 h" k, l. a- i
- .PIF OK. ["%1" %*]
1 F4 v2 V+ v+ N. e6 G" z. Q9 G - .REG OK. [regedit.exe "%1"]3 d- @- P+ m. [
- .BAT OK. ["%1" %*]
$ H; m0 ~# U# Y. D! g- z+ }( C - .SCR OK. ["%1" /S]
# e+ X2 B, E" G - .CHM OK. ["C:\WINDOWS\hh.exe" %1]+ w4 P2 ]5 I1 |7 l; x6 @0 Q# w/ T
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]; D: ]9 \) [6 J4 s3 M9 N
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]1 P" ^! M+ C0 t5 \6 @
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]' P; d2 z; H" c5 ~3 T7 Y! ?6 j
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
6 d0 G+ I/ H! @5 F6 t - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
" t- o& Y* e& H' v) t - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
$ J$ h- l6 k; c# R - ==================================" N6 A' y8 M. @; _
- Winsock 提供者
% r1 Z0 t6 U" F' d - N/A6 \9 I. ^1 }) g8 }3 T
- ==================================
: a. w% T+ _! u3 D - Autorun.inf
, J; X+ k5 b0 t) B5 I& x - N/A
1 B: a& T* K" V - ==================================
/ a. x$ F# u7 N: q$ t - HOSTS 文件
2 C: w- w, i: E& j - N/A
$ B/ L! s! [( L6 b1 f- K - ==================================6 ]5 S- a2 U Z5 T: h
- 进程特权扫描/ v% o3 [4 f1 F, @6 n1 C
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
# j4 J% H, ^6 Y5 V" w - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
/ U1 N$ Q* O: ]$ c" e - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]4 x" V$ ^# V4 @9 N0 j+ f
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
/ ?3 \. U r; { - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]% l6 X; D9 C8 \: z4 c9 B
- ==================================- |( v) C1 s, W' D. ^; l9 Y
- API HOOK: Q' y3 C/ T* }' d) l
- N/A
: d* W! l( e& o8 C2 y" O - ==================================: D9 R$ T- F; d; f
- 隐藏进程
7 J% a, b$ L9 s K* k7 h) o- w - N/A
7 Q4 w& C6 j+ A+ p0 [7 Z - ==================================
3 j1 J1 M& l3 ]% ~9 _. |! O
' H9 N8 J$ z! k9 T# P) E9 I
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
