|
|
1 V5 Z1 A# u* V! S- 2008-05-22,20:37:43
/ F! p Z; O4 U - System Repair Engineer 2.5.16.900( \1 X% Z7 Z* O
- Smallfrogs (http://www.KZTechs.com)
7 c( ]) b5 S H+ [ J - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能% D+ q# Y+ h+ e* v1 T2 P
- 以下内容被选中:- |: S2 U2 V: v6 y; i5 o
- 所有的启动项目(包括注册表、启动文件夹、服务等)9 j( p1 r* m) U4 O' h; t
- 浏览器加载项# B" ]6 `0 N( \) C5 \% v$ a
- 正在运行的进程(包括进程模块信息)
* f( ]6 B9 o- T; [3 U& T) k# P" D - 文件关联" p1 t& r {+ u0 h1 S% Q
- Winsock 提供者
: ~* T0 D2 ^1 O - Autorun.inf, Q* Y# t' U2 W5 n4 E) X0 z
- HOSTS 文件7 D: f& L$ Q4 R6 |. s+ _2 _
- 进程特权扫描
* @# W6 H* J$ Q* K - 2 e' _: T' y+ r c) C
- 启动项目$ ]4 l) Y2 k. |' w
- 注册表
9 |8 F! i1 ?( }$ T* ^) x( b V, Q - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]. E5 [$ V5 E. w) |/ a& \
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]; \6 {/ c# A9 X% ^5 Y# f- y* ]
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
j3 i$ [/ o! g! u) s - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]: |! H! z1 d$ v2 n$ p( H
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]. A& p) ?$ i- a' \4 Q. y& }
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]# k+ M" L: @$ q- u3 G' f9 R; ?
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]' l; ~: i5 U& g2 B- `) _
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]1 y5 P+ Z/ t/ c W I
- <PHIME2002A><; > [N/A]
j- C, _8 \" t6 [4 s - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]: q9 B3 ~, N6 C h8 q& |
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]" S, X3 `; p% [" X9 o
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]8 _0 F% |3 u& ?: ?
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
8 C# n7 u8 q5 R - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]" e& l+ w: P' h" R* B
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]' |# K, C; V1 w1 c8 E$ a* \1 {
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
1 x7 Z$ R+ V2 w - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
5 V+ L1 M1 q7 M$ ` }0 Q% o - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A], X% ]8 a1 v; s( ]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
1 ~* d0 j8 q0 H, E" `: P. j - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]) w, o9 @0 S! W% _; p {
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
& b# i3 L) h2 L3 a - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] ?, i' W& p) X A8 K$ ?1 C
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
# R) t6 E8 Y$ N - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]4 o% |1 C; O& V" ~2 W; z* W5 ?
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]+ d! l# k# _, ~7 A; w8 `; t
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
: w# H- K" h( z& [3 l; p9 x2 T - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]! E8 m) b$ I' N' ?& i# R; I+ s
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]# \! d6 Q U C6 |, E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]) U0 e# _# @1 F( X {
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
: q9 \7 T+ O' Q" _; ] - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]8 w. j+ T- k/ A& Y+ I; g
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
! u; b$ |' F% T/ z+ G; ?5 X - ==================================
# ?8 g, j- |6 A - 启动文件夹
) r* a5 b2 k7 s1 N1 K' t: F& N0 T - N/A
) A# L$ B2 ^; X# K! c& [ - ==================================
9 f' W( P9 R! W" b - 服务4 ~9 Z7 C7 y) w2 R. b, I* @
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]; }$ e; r0 }' Y! D) K6 w
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>6 k( i# f8 f% ~
- [Google Updater Service / gusvc][Stopped/Manual Start]; Q2 ~- E9 G$ b7 {. I# E9 k
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
8 S- s+ a4 h0 @) c; Z6 { - [Help and Support / helpsvc][Stopped/Disabled]- k& G7 o, N8 D7 L: i
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
; @. H5 E/ _: H$ ~+ ` - [Human Interface Device Access / HidServ][Stopped/Boot Start]
6 S$ t) {3 q; N7 ]! |+ R: t8 ] - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>' I# A* i. h `
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
# D+ k6 O( q: c - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
$ s& G& c2 b" i& I+ l4 S- g1 C - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]2 \. U9 i( J. Q% q' w) @* t/ b2 p
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>3 x4 r8 r1 ]) n* o; M
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]% L5 k7 ~, L5 }4 R1 C* s
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
: m; f9 h5 C& Z& b, r8 N* } - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
$ u" F0 F2 }, R S( Z; r$ Q - <><N/A>/ u3 R% ?5 f4 m
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
2 n! T$ ]. B: r - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>/ F( X9 A2 u& q6 E
- ==================================% r0 `& Z/ S* u: B4 g9 S
- 驱动程序' {" f$ R- ?! L1 D' ]. a! a
- [22j / 22jn][Stopped/Boot Start]
1 X$ t+ r; F7 V6 m! y9 H: M - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>4 C- E: z) X5 _) T7 B
- [360AntiArp / 360AntiArp][Running/System Start]
) |/ a9 W7 g5 `- I. j+ G - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
2 l; B: a+ m, y, F6 l; d - [43ec / 43ecu][Stopped/Boot Start]& @+ _* d# |6 o- K8 w2 C
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
$ r4 g6 g+ R* P( ?: m - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]2 q5 W( Q( _1 O
- <system32\drivers\ac97intc.sys><Intel Corporation>
4 N6 P9 P, B( A1 ?5 Z0 V( q9 G6 x - [Promise driver accelerator / bb-run][Running/Boot Start]$ j1 M, z: v( l B O4 {( k: V
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>( B) l- A! u# \0 S3 @8 y
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]0 q: w1 u9 o. d7 R
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>8 g0 j0 S# B# C( P) s9 z* L
- [KAVBase / KAVBase][Running/Auto Start]" F: R# s0 G0 P+ g2 C
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
% Q8 V( o, Q0 D( a" v$ f' O - [KAVBootC / KAVBootC][Running/Boot Start]/ T x) ]; I& f% b
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>( P% S/ B5 J9 S& G5 G9 q7 X* s
- [KAVSafe / KAVSafe][Running/Auto Start]
* R( Q" R! r. f% z1 l/ l - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
2 H; l& c/ ^$ ~/ s' e, L4 f+ `8 m - [KNetWch / KNetWch][Running/System Start]& P+ ]4 G) K- n- \7 ]+ {6 m8 e
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>" b; ]1 M ?7 X: `# O
- [KWatch3 / KWatch3][Running/Auto Start]
# Y# J5 e# u2 U - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>% o9 n, w8 X1 U! X
- [ntptdb / ntptdb][Stopped/Auto Start]7 T. Y! S. Q8 A0 p- `" j: V
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>+ Q0 k% L+ B0 u% \, Z
- [nv / nv][Running/Manual Start]( A3 x4 N! q7 ^) [5 c! R* X
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
* B9 {$ @; P+ B- C+ @ - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
& u% I! {- d) ]; s. [* e - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>3 h7 v: ?3 v( I, m
- [DDK PACKET Protocol / Packet][Running/Manual Start]
& o& W$ r4 Q% n( A" n - <system32\DRIVERS\ProtoDrv.sys><360安全中心>, a) ?, ?( r1 }" I4 Z6 @+ a5 f
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start] x) P7 T# r4 q
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
$ @5 [% U( {- b* S - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]6 a+ s# |, m( g' b* ] s
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
q8 O+ _; m1 B7 x P0 b4 H - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]+ \, `0 i! o% \
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>7 ?# c( a6 J0 J! ?
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
' e+ }/ w- \, w o3 e% ^/ T1 ] - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
$ t+ a' s) Y8 L H& K- z+ q - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
0 \& Y1 P! {3 A - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
1 q4 d+ l. z5 M$ [, c) w9 s5 U - [Secdrv / Secdrv][Stopped/Manual Start], i: I' _: w' A* r8 M- L
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
6 P& l0 C2 b3 U2 m, A7 V - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
& E: ~2 `: k% i: N - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>5 j' T1 w1 }' o9 Z. m( \* a
- [System Restore Filter Driver / sr][Stopped/Disabled]# E( ^8 `$ {2 t" ~
- <system32\DRIVERS\sr.sys><N/A>
3 z7 C$ h" `0 O' z! c2 r- g3 E - [TesSafe / TesSafe][Stopped/Manual Start]
, ?6 I a& l c6 u0 j' Y - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
: A4 o4 ?; _/ k4 }. M3 |8 J - [System Services / unzxzsrs][Stopped/Boot Start]
3 Z- c2 ^0 w U5 p$ k0 B, t1 K - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
* u5 U, f/ H( M; ^2 p& y5 H - [ViBus / ViBus][Stopped/Boot Start]/ E1 Q. {6 i0 w
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
/ \$ G$ Q- g O1 N* s' n - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
: y! F3 J1 o: u! h7 @# I0 T - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>4 k" P p3 i$ Z( d" B
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
: d! X2 m L( z) p9 s - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
& A9 z/ \0 ^; L0 N1 n0 a; T - [ATI Extend / zhibmaso][Stopped/Boot Start]1 [! s- q+ F/ W4 j2 t: p
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
; i6 r/ b z" ?- Q& E8 m# K c - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start], C* o( _9 u; V6 `% w- O
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
0 h0 q* \ Q( j6 B w/ t5 ^ - ==================================
- O0 I1 w& r. @* S( B* N$ k8 I, z - 浏览器加载项
- b# L4 C* S' I& E. w. _/ Y9 M - [Google Toolbar Helper]
- E9 q% G( q4 _. D& F. b - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>8 B1 w7 D$ ]& Z& r% H
- [Google Toolbar Notifier BHO]2 y1 M" |* P* C" a0 f7 u; N% V& H
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>* D' ~$ V; F: [" h5 b; k8 o
- [SafeMon Class]
( c8 g+ A- _9 o1 n: P5 s. a - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>" Q& @# a: Q$ {: l: W
- [kingsoft browser shield]
* T P) t8 h8 l- D9 V4 E% C - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
$ A" S- d& }( E$ x4 ?; y/ L: x - [IEBuddyExtControl Class]' P1 O3 Y/ M9 T. n* ~4 K
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
& L; m/ J. r2 I& Q {% S3 H- | - [Zcom 杂志]% L7 X+ W5 h: c; f
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>" Z9 N# E$ }% `: ~# l6 n' n# k
- [&Google]
7 H& a& Z. e% z1 w$ w# f' `" L) O) r - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
% _- v' w* }' u! E: l - [KooPlayer Control]
+ ~3 ~( ~0 y+ a$ y4 j - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
- z/ u7 A% M, q5 e+ A - [Shockwave Flash Object]
. I) ?, h+ s/ n. f8 Y' L8 @ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
0 u$ L1 r! N5 f( J. Q - [KUpdateObj2 Class] ^4 T6 g1 T4 l |+ Q
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
& a+ C! k, J& g# d' S) { - [Google Script Object]9 I' b f6 A& g: o& B
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>4 G2 b+ Y- k" |- B
- [EWA Control]
Q X% _2 T, k4 F - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>/ V! k2 j o1 Q( _8 I
- [Windows Media Player]6 a" F* i$ S% Z7 ~2 R
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation># K! o8 s* _5 I# |6 f
- [&Google]4 E2 m6 q, G3 [# Y _- t/ G
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>9 ?6 | v6 s) J: J4 ? H ^
- [HTML Document]* U6 ~, F; k0 g
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>- I3 U f) h7 p2 S
- [DHTML Edit Control Safe for Scripting for IE5]
: s/ P; s0 C e6 x- ^/ G - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
; M: l/ A: N# t6 k+ k$ d! V- J - [RealPlayer RAM Download Handler]' g$ E2 ?! W- ~1 y5 _2 X/ m, ~
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
0 F3 J+ q" c6 o' H' U3 v. [ - [IEBuddyExtControl Class]4 ?4 U; B; j$ w/ Q* o3 j
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation># e8 l) k* m+ P
- [XML Document]
) n# Q1 M9 {( ~6 f( t! e$ @ - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
' c0 d2 Q/ c6 ]/ x+ g& _7 Z - [HHCtrl Object]
% \! P* F2 z7 G. {7 E1 T4 `$ x - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
: J2 \/ t! [8 C; v - [Windows Media Player]
4 n! x; ]6 [0 E& D - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>$ |' G1 y( f+ P* }, u) |0 L' i
- [Active Desktop Mover]0 \3 y# y0 {8 ~# X" U
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
) O1 F: e& F1 L3 Y - [360SafeLive]
6 R9 @. _2 ~$ J( A; U$ c - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>7 x4 {* f) y5 z% V
- [Microsoft Web 浏览器]
: F0 ~( `0 J' ]& p; X - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
+ t+ k* q+ B" j+ O - [Browser Enhanced Objects]
/ i4 o N' t2 c - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>. [- B8 s' l6 U8 _
- [Google Toolbar Helper]# q! j1 C+ c5 \% Y* f
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>6 K2 M0 a( T5 p, _% `0 H
- [Microsoft Scriptlet Component]
7 V1 O. \) i, x2 | - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>5 ]% P- R6 e2 q6 d4 \$ e
- [Google Toolbar Notifier BHO]
% n8 T W$ D ]5 d - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>$ m: y J% N' m! i
- [SearchAssistantOC]% W9 }2 }" }" ?' i) }
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
9 ]9 k( O0 Q3 l1 j+ K - [SafeMon Class]
+ S4 C) x0 C' H5 | - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>3 H- R0 ]$ x% ^4 n! ?% Q1 w, i
- [RDS.DataSpace]
2 `4 L) L8 _! Q* b8 z9 Q - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>: W' i$ t0 ^8 }/ u
- [KooPlayer Control]# m& h% R- m+ }, n' K
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
: m( j4 V0 c8 t3 k( M - [AUDIO__MID Moniker Class]
0 G% F- L8 h! z) D+ T9 D9 _% N - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>& P4 w% T9 Z$ h3 V
- [AUDIO__MP3 Moniker Class]" m4 n4 f" }# h
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
$ ]+ Q2 X5 E4 a9 w1 d* x) }# U6 b - [AUDIO__X_MS_WMA Moniker Class]+ O' q4 Q; b6 h" y7 g- H! }
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>, ]3 R; \& h8 O5 c" C/ `* S+ b
- [VIDEO__X_MS_WMV Moniker Class]0 B+ r6 ?, y( k/ W
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
+ ?5 F' [' f- @+ }$ y - [RealPlayer G2 Control]
( U9 t8 H! d3 t1 E( V3 q% C - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
3 r% ]+ b8 [8 _: R! Z- T( a - [Shockwave Flash Object]
7 S' i6 L- s# L! X5 y( J - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
; }- Z: v; F. z; L0 @* w - [KUpdateObj2 Class]) }( A% s T" A5 Y0 }- X
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>6 E& p' Q* A% i5 @
- [kingsoft browser shield]; i1 d E- o' S6 B& _+ L
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>7 h {* z; A! a% M4 \, P
- [PasswordEditCtrl Class]
/ v& [( q" B1 I) k' u" a! o: B. T - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
0 V) B# G" F7 A8 N9 c; t - [QvodCtrl Class], t0 a& P0 M+ S5 F1 r1 N5 F4 T
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
* X3 e |; t6 `/ P. L4 W U - [&使用超级旋风下载]+ o+ n# z9 @2 K" S6 \* o
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>8 J0 W' e* F3 X1 r: V1 a7 b
- [&使用超级旋风下载全部链接], o' G1 P* M4 t8 f1 i0 B- P" y1 ]
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>4 ]4 @: |1 b( Q2 [4 i( N
- [使用迅雷下载]
; s i7 b1 j. o - <, N/A>
1 q# e; u; B+ e! U7 `1 Z! X5 c - [使用迅雷下载全部链接]
9 ^, ^! S+ g* s d9 k - <, N/A>
$ }! b' }/ H; ~& [8 o - [导出到 Microsoft Office Excel(&X)]( b' W/ k% }1 ~0 p H L) N; s& H
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
) y! @% L) @+ [! X! f6 ? - [添加到QQ表情]
0 N5 s0 c* ?; z2 h - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>" h* h& ?9 t9 L' o, M
- ==================================
6 F3 a& k* t% m6 F( A* Z3 e% n - 正在运行的进程0 y( Y& z- H. y7 `
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' K, ~1 s9 `5 u6 `
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 ?4 q: p) O! N6 Q' D" ]3 g
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ o6 Y1 Q; r/ _' t5 f- J$ ~& m6 P
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]. k' T2 v4 S; E) {2 k5 k( {# i
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 N1 Y9 D/ [: v6 V: k - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
, o9 s/ I* f' i( i2 e - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! |6 o! p$ v5 d/ B3 R; F; ^ - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
r/ ^# s& M& b; n1 d - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) g5 D. u0 j7 e. {! [ - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 L6 `# Y% I' ]4 R. k* k" y# a
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. B5 o! \0 X: d' x - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
$ {3 x0 Z+ z5 e3 D+ } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- c5 g8 a/ d8 i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% k: a4 ` I# S) ^( w' b2 V% R1 s* C
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]+ g# t) [' l1 h
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 V7 V" g2 m) h$ R! R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
3 X# W$ _) W% d7 P0 L$ }4 v - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
2 M# `7 f, |0 ~. Y: K2 { - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
% Z o! h! [0 w! Q5 p - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]. Y3 G6 {; {- ]- W4 R
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]# X n& m$ k2 C; G, N
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' y; f6 f% J: `! ]/ ~" H% j
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]/ ]6 ^/ e3 g6 c$ n
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]: V# y3 n# a. K9 I: X# q3 H
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
+ v' S& n8 V% N% x$ V$ U' u) h9 O - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]4 @7 Z; E1 C* V( S6 |
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]4 H& w" [2 q% H: t, Z5 P2 O
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]: F5 ] S5 I; ]3 \: [/ J( o/ v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]% l+ `, }, s( i2 g0 ]7 A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( R7 E7 Z- s& l: T/ w5 f - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- o4 n" e/ ]0 Q9 o
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( I& I" L' ~4 ~4 u' y7 n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 [/ w8 u/ p* z: n0 y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* `$ V, S g+ B( G2 Q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0], x, r" }' ^5 x( x: ^ u- G
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
; W. w I. E/ `: w$ L* { - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]4 S8 y- w% k ^6 ]8 t. Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ M& ^7 n- U! B" `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ i# X0 T& V2 X7 c/ `) G. ^' Z
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
: I0 B% R) ^# q" w9 U; v - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
. O9 W" C, S- h5 J6 q( z - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* N i- Z6 B; r( E& L
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
J# ~; H) {- X6 c - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 G9 v8 e( s9 [ - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
" X2 j3 q8 a0 `; G, w& X' z - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! Q! U, o4 t% Z1 Q# K* A3 e; v3 s5 } - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" ?, m9 T) R" a" E/ x
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
' Y9 I. h$ S9 s) K- a+ E5 X - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]' z F$ Z1 T1 H) {6 Y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
0 m0 T% x% R1 p5 j1 r/ a" S: q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
2 m. i [& \ t q4 Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 ]7 \) w+ c7 q
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]- J, {, u% j! b$ Z
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]- [9 ?% g7 N$ g* u+ ~$ I6 W
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]9 `2 c: g% |; k, S* W4 B
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
0 i1 _# d( _7 q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]' b/ o& j9 t0 r% k4 ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
* D, |: p$ _( O/ a' m2 m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
2 C( h0 x" l. W8 G$ } - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]3 O; g& _$ v. w: t4 L; Q
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]: L& Y& Q* d% V
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]1 k, _# _ c) i
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]7 g; f& j3 A' Z
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
% N) m! D7 V& k0 z) M& |, Z& \ - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
# h7 J$ x, \; Z, Y- _ - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
' F$ V! p( R4 f! E) k) N7 @+ j - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
2 P6 B8 I3 Q( o# Y - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
* H# v8 C8 Q6 ?" f8 f- B, w( g - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
' y5 G4 z; j- p/ s8 [ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]! y* }) M" ~3 Y0 @, ~
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
A) w A% S$ y% o7 v H8 x% I - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 |% Q8 H/ _# m; S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
* _7 C" l. l7 ?" W* T7 z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364] E# f5 R4 m' h4 X1 i
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' ]* W; n. w" `8 h! i* r - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
`( Y2 w0 `5 @) s* n3 B; t - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) Y; P% s( E, e/ m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]! H" j' W! x" x- B0 _8 r, B E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 O: @# \. W) x - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 \9 N2 i+ _/ z2 n" k1 | - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
6 }3 X- D9 z/ W - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]9 l0 |% P; L) X$ ^8 R: C6 s
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]5 _7 ~/ }0 I% b3 E/ p# P8 k& L- l8 {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 J. j: P# Q, J( K# X' @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]. m6 t0 P' ^& l0 X1 R7 f
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. x7 C% M _) ?! A+ ]: Z- K - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]; g( u; a5 L+ F! O" _
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]+ P2 P( \+ ]+ K6 K: Z5 V* ^& w5 A' J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; X) K" k( w" T- s1 B( O. [9 H3 a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
6 S9 T. t7 ^0 l/ n! o/ K - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
B F! m) T7 ?+ O9 T" A9 ] - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
3 s& e: V! m) ~ - ==================================
4 k+ ]' Q4 s# e& `5 V: p - 文件关联1 D& i3 c( C9 T# ?5 b
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
: q( `8 M5 q( y* n! B9 v9 R; e - .EXE OK. ["%1" %*]
0 s5 y: M* H3 g4 w2 ] - .COM OK. ["%1" %*]
3 o- j' e1 e! _0 L: g9 D - .PIF OK. ["%1" %*]
! s# d+ [& n. g1 B- C - .REG OK. [regedit.exe "%1"]' f& d5 d. X0 n' c7 ]% _5 s& Q
- .BAT OK. ["%1" %*]" _+ V8 r2 B6 D- j
- .SCR OK. ["%1" /S]
4 n0 r4 V6 T) G* S: ~ - .CHM OK. ["C:\WINDOWS\hh.exe" %1]& T* Z& \, H$ ~" [/ i! |, E+ g
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]. N6 l! c2 K) t; j
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
: m p+ m3 ]) [: F% t6 U0 U, O - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
9 x3 u, T5 s1 F2 o - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]( Q' p7 n4 g+ W4 v7 q
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]% [, v1 ]7 `% R( M0 h
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]# |4 c( V/ L+ e4 J
- ==================================
' z' h0 R4 [ t# c1 z( K) U* j - Winsock 提供者
/ i( P8 o* E2 f9 N8 \! g+ [ - N/A& z C7 g: `2 g/ P- b
- ==================================
: h( A: t8 T" D) ] - Autorun.inf/ P: Q7 p* x. N
- N/A7 \5 ? L1 t( O- t# p9 C
- ==================================
& H, d" N$ e ?; x0 a9 f+ P - HOSTS 文件4 X$ ^2 g' b8 r4 B! L# |
- N/A7 K7 O4 G7 t9 H- F- @
- ==================================
. |) f) A8 O8 G( w n - 进程特权扫描
7 T. d$ X9 A. B: { - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
9 b Y( a- G8 V5 Z7 R+ E - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]5 k8 {1 Y( u2 r8 T1 B+ N" e( E: _
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
9 f1 p/ U- ~" ^4 L1 g* ?, ~$ \ - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
* y3 F* K1 A x - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]+ N6 M( Q' v$ N( m( _
- ==================================- C; ]1 r. ^: M9 J5 _3 j" r
- API HOOK1 w# `# C& I' `4 A+ l/ |. l
- N/A2 k* A3 B9 L! ^7 C- E
- ==================================
6 a, `0 y% ~0 i4 U5 Y3 w, M" F - 隐藏进程
+ R8 F$ D; n s+ p$ K- @ - N/A, r3 _8 ?! c% i: D0 q1 W" x
- ==================================
" X( [; f; k( u) p+ \ - " e- `2 }+ I+ ~: y6 l
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
