|
|
- $ k+ R) M; P6 R* _& K% E
- 2008-05-22,20:37:43 o3 T/ m: F& K. R
- System Repair Engineer 2.5.16.900; |% g5 B* e% }# P# f$ h
- Smallfrogs (http://www.KZTechs.com)
8 {8 o& H7 c/ R; k$ X - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
" x1 u- P" Y5 e5 J - 以下内容被选中:
1 Z" L/ Y6 |' K( | - 所有的启动项目(包括注册表、启动文件夹、服务等)
) c3 M, E* o/ w. i - 浏览器加载项
4 n7 v/ P, Y9 }% ~ - 正在运行的进程(包括进程模块信息)/ Q& Q6 P/ t( m2 L8 R8 w
- 文件关联2 ?. ]) t0 h1 `. n: g
- Winsock 提供者
( Z* G% _1 p6 H0 t" t6 ~$ s _ - Autorun.inf) ^1 |! M' e5 f _
- HOSTS 文件6 Z4 @0 K/ z! G! B
- 进程特权扫描
% j/ r: P, h, @2 x* R X6 q- D - 8 o( O. F2 R8 m
- 启动项目
+ Z6 I9 [3 b0 A1 N7 s - 注册表# T4 k0 F( a; m6 i2 [4 H
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]# K0 V/ r. @& }- ^9 W/ c+ K4 O
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
6 G8 E7 {0 K& p. _* c0 t - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
6 _: h1 ?4 c: l7 {6 I. K# T - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
- G2 K. k% g1 s - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]; C$ X% v' W) i/ r2 [
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
9 p! y# s1 ~* _ - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
: r- x- [* N: M* L9 K" G - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]6 M4 l* k l: m* ]. ?7 a
- <PHIME2002A><; > [N/A], ~* f3 B: E: m* b
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
7 k+ u3 k- Y# W% M' D - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]: r d( M' O7 Y: O" b/ [! h
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]. u) Z- u3 h2 }
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
6 O: ~& O' e1 ~ u - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]; ]% Y* K* S9 w. M0 R" Z$ X) Y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]! t F6 l! {, W1 y. s1 ~( j( @
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
. C* L z) h( x6 | - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}], ~6 J6 }8 U2 A+ i+ W
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]2 Y, V/ N& z( \' C8 N
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]- t4 `$ Y/ r7 c0 S, E E( f2 h
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
0 r- g2 M, J$ u' Q3 v+ h5 o - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
O% A2 V2 s5 q5 r# \* @- c - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]7 L5 x, E C+ Z6 R( e( Z9 {
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]2 a* _5 _( z; S) S- b& z- B
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]/ r: U5 y3 M6 S4 Y4 @' @
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
- X O9 _% x3 T - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]4 S( `$ [5 y+ F! P6 T+ X
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
$ L8 V' Q$ l# N6 n - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]- h$ I. Y" N4 s: i& A
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
! V2 e* O, l! g) Y+ ~) H5 Y - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]. v" p4 o4 D7 Q* O) w H3 D7 i5 ]" P
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]5 i. c/ r. i# X! y o
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
) p7 o( ]# H" H& y) M# i: w9 t - ==================================
; d8 F$ ]4 E4 H& t& b+ U - 启动文件夹
. M. c2 ^' O l/ J9 e$ Q - N/A ^* X# N( e8 v
- ==================================1 k8 ? K% \# W( @
- 服务8 \9 T a1 P5 C' U# n* a
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
) E2 O/ \1 @! x/ H8 S, ~ - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
- x3 T1 x) v P3 v" W" @8 c' a - [Google Updater Service / gusvc][Stopped/Manual Start]
, Q- C- q: P: x - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
% a2 {4 {2 z' d* V' w - [Help and Support / helpsvc][Stopped/Disabled]
3 F/ v1 ^9 I0 a) `) ? - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>- a3 U( U8 V! F( B
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
5 G9 _" \7 @' q- i9 I2 H3 b - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
7 Q8 R! r) s o9 g- _- f* z - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
+ t" w; s% ^5 X D0 k, K i - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
4 w8 Q2 X- N9 k: T - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
- Y- L3 q1 N1 { - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
/ I. J2 j0 P5 O+ j$ A" l) u& G1 ] - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]4 Y" y( o) H, r
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
3 |8 B! r0 v7 ]& I - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
: R/ C, C4 C% T0 J- z, ?" q - <><N/A>
7 u7 R7 R& D2 n! [ - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
% W3 c( [$ ?9 A% C - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>6 B1 i6 @2 w& I& f9 V) F
- ==================================) r. D2 z! e; Y
- 驱动程序" x3 F) j( L% a0 I0 @1 w8 t4 ~! O
- [22j / 22jn][Stopped/Boot Start]8 _/ ]5 ]4 v0 v9 p, o% i! c: i
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
, d& V5 d5 z7 r9 R4 M9 C7 p - [360AntiArp / 360AntiArp][Running/System Start]
3 P! S# Z( R- S5 o5 o - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>% k9 ~5 d5 ~8 d. a
- [43ec / 43ecu][Stopped/Boot Start]
; `: d! c. I/ o- G6 k% Q8 D# m - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>4 F X6 J* k$ G1 r
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
. y5 m1 P- J6 a& z4 v: {, z - <system32\drivers\ac97intc.sys><Intel Corporation>5 x' M! B) P z0 M, g: T
- [Promise driver accelerator / bb-run][Running/Boot Start]: K- F8 f1 A4 q; Z/ L
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
& S9 V" d' `& O% e5 n - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
+ ] @5 w1 F O6 j: C; H - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>" L3 e6 ]+ r8 m" f
- [KAVBase / KAVBase][Running/Auto Start]
9 q% x7 O. ?- j* h- L - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>% j7 C" ?( s# {4 }# N+ }; O
- [KAVBootC / KAVBootC][Running/Boot Start]' U& M8 c6 _9 L r9 ]. L
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
$ c+ L$ i2 I7 h6 \ - [KAVSafe / KAVSafe][Running/Auto Start]
' [ U+ ]0 f/ \* c - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
: F* u! j( h g, J - [KNetWch / KNetWch][Running/System Start]" Q% W; x7 T8 {, N: ?% `
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
" L/ G4 ]. ~* n1 S+ u2 E3 \) @ - [KWatch3 / KWatch3][Running/Auto Start]
$ F6 X! A3 y' q$ B2 B, I: p( j - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
% m' H; u* U7 q3 P - [ntptdb / ntptdb][Stopped/Auto Start] Q! w* c' Q& t4 }6 l
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>+ x$ X' W6 N& ^) w3 F3 [3 g
- [nv / nv][Running/Manual Start]
( |* J8 o& y; ~6 T7 _4 j C& L - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>8 ^+ l! a4 l( s, M
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]7 w) L# ]9 T! g+ f8 e
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>% D. R$ W, _8 v" f* a; Y
- [DDK PACKET Protocol / Packet][Running/Manual Start]
9 Q) E3 g7 @1 ^; e - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
" x9 ~3 v5 z$ A( r: X0 Y - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]' l9 v- G4 B) j* d6 b0 h4 M
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>4 Q1 x( @" f6 m2 y
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
2 Z/ A' D$ R% B; u; t, a - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
: c! f7 o- P9 t+ o - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]% [8 i+ F \; e+ t( S8 O( O- \
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>) f6 Y* @) O) }% h& k
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]* j4 z5 F. }# e0 W: [
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>4 a2 ^ }) o% p/ F; ^' y
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]8 w% y1 k' Y# m4 _9 X% K+ \7 I# z
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
& e3 \; i$ J4 o3 v$ Z* [" y - [Secdrv / Secdrv][Stopped/Manual Start]
. [3 }8 N, A; r% R' U- Q# @ - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
2 w# c! p' O- p' F$ _ - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
9 m G5 M; L3 H+ O# ` - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
4 R% y# v8 V) f6 ^0 { G - [System Restore Filter Driver / sr][Stopped/Disabled], J) l8 A8 L2 z% Y
- <system32\DRIVERS\sr.sys><N/A>0 ^& |- N% Z" z. Q% D9 l& O
- [TesSafe / TesSafe][Stopped/Manual Start]0 A3 y0 C" \" u$ {5 e7 ?
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
/ J: x7 S0 r: q) P: t) r# V - [System Services / unzxzsrs][Stopped/Boot Start]
7 l% c. D/ k5 `; A - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>. Y/ r/ e6 _6 C- ^* o
- [ViBus / ViBus][Stopped/Boot Start]
- @0 p: j7 H5 M6 c0 R! C$ V - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
9 I3 B O$ H: X7 E- T! w- \8 b - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]& R4 ~) J* _% q% m H
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
8 {3 Q1 i! L% g& M0 O - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
; @" l- c1 k* ?$ X0 c; N - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc># F9 E& M& [1 y
- [ATI Extend / zhibmaso][Stopped/Boot Start]" \- p, t9 m$ w& D2 W2 C
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>- ^: n$ {7 y4 I# I
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
9 R) l4 Y# g/ ^4 T4 `2 k4 }" T - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>' O V% b/ M7 D. H
- ==================================( R7 }# E/ h2 Y8 U+ L
- 浏览器加载项
9 ]" c# i- d$ R+ ?& Y5 a t - [Google Toolbar Helper]3 |; A8 E$ X6 M9 ~5 T( O
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>8 \' _- T* e5 h) r$ y9 S& I! H
- [Google Toolbar Notifier BHO]1 k4 Z" ~/ W5 P3 A
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
8 G, @$ r5 ?! D6 l - [SafeMon Class]: l' R# G: D* [. B' J* c9 T
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
- G# g* s2 o% I* X/ M2 K+ q* R - [kingsoft browser shield]
( B$ l' Q$ d) B - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>. ~1 Q# X8 a8 e1 y
- [IEBuddyExtControl Class]
" }; x# C; s/ x, o0 l4 `: L. G; c1 I - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>9 \; @8 e! K2 ^% Q1 K/ Y+ A
- [Zcom 杂志]0 D- c: r0 G ^) t8 v
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>: s8 K5 H5 b# W1 A- y
- [&Google]
2 k/ A; Q2 Z* P$ y9 e) r8 ~ - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.># Z9 Y5 i2 s2 q- q
- [KooPlayer Control]
) H4 y$ x" t% A& K7 l0 E - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>- m3 d5 w0 }& _
- [Shockwave Flash Object]
. C2 x3 [" T& v/ h: c1 }) ] - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>9 \2 d* R k- ]; u
- [KUpdateObj2 Class]
/ Y3 r' w: e" ` - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>4 x* I7 n1 h' y4 b1 h" d; ^
- [Google Script Object]
% B" g& m8 c# L1 g O1 r8 m - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
: d! v q( `3 c1 K* X9 _8 d ?& k - [EWA Control]) J" m; z/ s, v" o* g# Q
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
* r/ J# N3 ?. z2 D n; Q$ g/ r - [Windows Media Player]
D, G, C7 i/ Q9 l/ G; x2 d# [7 ~& C - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
% _# ~6 N3 b# R2 @6 G - [&Google]$ a2 }, |* u! [
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>: h& v O+ X P% r' W4 e9 }, n& W
- [HTML Document]
4 c/ D8 H# k- X - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>% C; R& R$ m r7 }; ?; ?& ~
- [DHTML Edit Control Safe for Scripting for IE5]- A$ p4 ~- t% ^( I0 a7 f, n2 a
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>1 L4 |: Q9 a' F* Q8 s2 S+ N
- [RealPlayer RAM Download Handler]
$ Y" h0 f0 l3 d- [ - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>& N) ]: H+ x0 R* N% v
- [IEBuddyExtControl Class]
$ g/ B2 a8 b( n3 W. R$ x; \ - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>5 B/ L1 k& E5 a7 Z; G( N7 z" i' f
- [XML Document]* V3 j' p0 s. J* B
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>: l$ y" t5 h( u4 S+ \" _
- [HHCtrl Object]. j5 v1 Z+ Z4 J; P
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
1 M6 |. Y5 J- ~4 S- |/ D - [Windows Media Player]2 M5 r) h! Q+ w4 K& V" y
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
/ A; h: L# k+ Z - [Active Desktop Mover]
) J0 v( I2 n( I& J$ v" Y2 I/ r - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>, H3 d7 C8 K7 B/ a4 N' g$ S
- [360SafeLive]& q0 Q( {4 Y4 i9 g" V
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>, X" n7 r3 s& M* G7 T4 U% g$ n
- [Microsoft Web 浏览器]$ ?( d5 ?' @( H8 G: ]" U# t: {
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
" g0 }( \4 {; M8 i" U - [Browser Enhanced Objects]: ?: W% Z, ~, q: I7 M. j3 I# [
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A># s1 U0 t) k& R* ~2 z
- [Google Toolbar Helper]
7 ^, U4 U! b' b9 G- V - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>4 A) e$ G, x9 i$ M
- [Microsoft Scriptlet Component]
7 z d) V' ?' |7 I l1 I A - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
# m$ d. }9 C$ O) X: u! b3 j - [Google Toolbar Notifier BHO]9 J) N2 r* m$ {2 k8 N' O; N4 e
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>1 L2 P/ b5 r" _) |- T# {
- [SearchAssistantOC], i4 x& g9 J( \4 a- k
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
, I% o l* m0 y+ J; V - [SafeMon Class]
( Z0 P' P) A$ Z8 z6 t - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>: d; s& `1 P" b# ~; b% A" }" {3 f
- [RDS.DataSpace]7 }9 s3 a9 S9 ]& O9 g/ Z) Y7 \5 \
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
$ w0 w" L: N) P. @, q/ n) V& @! d - [KooPlayer Control]
5 S; m9 w/ H& _. V" J - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>* z* P: L0 t0 I5 Z i
- [AUDIO__MID Moniker Class]; d3 d0 a6 d4 H' Z" ?
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
( J4 `( B. A3 g6 q' T - [AUDIO__MP3 Moniker Class]9 I! S9 p o. H, e0 V& y( y- s+ w
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>) x( A, i, {& Q/ e
- [AUDIO__X_MS_WMA Moniker Class]
1 |9 o$ U5 s2 M! k$ Y Y4 u, j - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
4 E. o8 N; ?/ K: L0 L" g3 r n0 z - [VIDEO__X_MS_WMV Moniker Class]
; C8 U% J' c1 K3 Z" t2 [ - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
* o1 E. { v; O! E! [9 ]: w - [RealPlayer G2 Control]/ c6 H5 C) n6 \% I3 r
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>+ y, O9 p7 [9 l3 I$ M; |1 r
- [Shockwave Flash Object]- g9 E5 Y# C) x" E+ r
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>' Y; A2 g( k8 a, Z Y# d6 M
- [KUpdateObj2 Class]
9 w( C. I$ f# V9 m - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>+ M4 L$ i: o0 X" u2 l# O
- [kingsoft browser shield]! u5 B" U; E0 t% p' j% w
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
$ ^! B9 q2 M5 Q9 I' Y/ M4 k - [PasswordEditCtrl Class]. v# R$ `, B0 i5 H; X& f( P
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>3 `) l* D$ H5 S; l" q- a
- [QvodCtrl Class]
0 E( r* o7 l$ X" b3 ^, F! I" s - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
, z* w1 Z* Y: j0 S0 F - [&使用超级旋风下载]! r8 z; M1 |# o+ }2 ~6 W
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>: w7 ^7 }. L$ y9 n
- [&使用超级旋风下载全部链接]# g$ {" J2 X0 t" k
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
8 \- \5 I9 C8 m% T: x- v4 p - [使用迅雷下载]
) R, X/ E+ c( ~( |5 H' n9 @( V" F - <, N/A>
3 ]- Q3 B3 e Y# b4 c3 Z! | - [使用迅雷下载全部链接]
8 {+ A# V* J) q% A! r. ] - <, N/A>6 [& j R1 W, |3 L! ~- u
- [导出到 Microsoft Office Excel(&X)]
. ]$ q! c/ B9 e7 r. O* s - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>& ~4 `' o- @) }: e4 \( }8 L
- [添加到QQ表情]( c) ^# E: E9 V& F: ?
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
2 g) e$ j8 G) J) A, I, ^( d - ==================================
) C v {* Y! R' q6 ]8 n - 正在运行的进程8 d5 f& l5 L# n) T4 W
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 z! x2 t9 B) Z% {/ U6 d N6 M - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 E3 e2 _# h$ Z9 P! B$ G - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 N: f6 u3 d* w1 ~7 J8 i
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
2 k6 F; v# t1 y. Y# e* V' t - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" u( S6 g/ J S - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' z' n3 ~7 k1 I7 n - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 I+ p0 l' H8 K1 F" I: t - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" D2 F0 J+ Q( `: d z - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; d- F: L0 j. h& d) ] - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 F! g: \4 O0 E3 ^! ~
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 ]0 m4 M5 ^4 g3 O$ A! ~) a
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
6 }* d! o7 n/ ~7 |; h6 y4 T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]8 R2 l% @ C% l( w4 ^: V, y! s+ j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ {# E) E$ T; \- P# o! _ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
4 A) {4 i4 S! j6 _8 O3 | - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 X5 @* O% s1 ? Q: d; Y: ?, ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]8 i) X u- o" k2 z
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]5 y% ~8 f: b" F8 B5 x4 B
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
3 ]: H! y' \( F9 O - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]% j1 ~; ?( A$ V% a: n2 W
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]1 S2 H! l6 D! j& w
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
! G( b8 O, Y, e: |! N/ P - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510], M) Q/ F: B+ ^
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
7 r1 J9 W) {8 Y! d2 C* p+ S: ]% I1 { - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]! h4 i. ~+ N4 T$ R
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]" s) Z* @% l2 S3 W# p# k0 z
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]3 ?2 y. }/ N) b+ s9 A- s& I( ^
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
& s4 \# `* c% z8 V/ u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 R2 a Q! g/ D+ d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ u5 d" ?- @9 ]/ h5 A9 a - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 V1 y2 g. J& r9 m% _* T! Z
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& L( {4 ]1 K1 _+ b0 @ S1 C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]! G$ x7 `1 Q" f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. u* z, u( A w2 Q; ^ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. B1 U1 G! Y& m7 s7 n9 ?$ L9 ?
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
+ r* ]9 t1 T+ H: ^ U2 B+ T - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
0 \5 |9 V/ ^. s0 ]% o D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
. B: l3 |. {: I+ w; ~3 K+ v+ M+ O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( | I7 _' [- W - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
2 F& H) }: G" ?; E$ u* f9 V - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
2 ~% f9 M7 y3 c7 Z4 Q( H9 Q1 I - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! Q: u" t S1 _3 } i: V) j
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ p) O8 ? E( ]: O9 G
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] n3 e9 M' e' i* M
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]) e0 p4 ]9 g; t1 t1 H
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( f% G6 H' |' j( L+ z
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 S! M/ }0 M) B+ J4 `! z - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]2 A. y' n5 p0 E; e# x: ?$ n% _
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
- ^5 d/ i& o; }: {# j1 G - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]1 O* f0 o2 s3 L- U* ~6 u* }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 T2 y9 r, w+ v v- [) v5 z: S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; |9 L/ I: q2 s# M L5 Z1 k - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
9 n$ X5 r! D, C/ ]6 b - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]4 u/ u# V. M! z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
( ^) F& g& |8 E. p- ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]3 a4 @6 |5 h, O9 m0 S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
% `( H1 y, A1 `% L5 t# l - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
( x- B/ A' T; Q7 X) f# ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
, t; c. K2 O5 I: ], D - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
2 B# n) N5 ` T: l3 e" ?+ \2 `1 Q - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
% ]+ W/ o& b) p: a x7 q - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
' N4 k$ {2 |- W - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
' b7 r K8 ~* W* ]; _0 ?* E9 n - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]9 ^2 F9 S9 p( P& G" o6 A
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
+ {% y* F# [6 N; ?2 r3 X0 d - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]: {5 d7 I. w) O7 P/ c
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]) F: b! I: v- S+ ?' Z
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
2 a1 }+ v, L3 \# p" Z - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
2 O3 R/ I M& X$ w2 O% f1 p - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 f& U5 }8 r& H8 ~' t - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
1 K6 U% W" T/ Y7 ?" j3 F2 [ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001], ^* n! o ^. Q: O% n) Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# x8 M( ]: e& W. U# x% _- b O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
9 `8 @0 T8 k" Q: _' p( L2 C, W - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; o1 h( Q* Y- }8 W& o, L
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
. [* D# y; R3 V/ W+ c - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 @6 X4 m5 h9 }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. o' E( X1 ?6 j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ |7 e' V7 ?$ q$ i- a - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]% Z1 e9 l5 W6 ]3 J6 O1 W- @% H& n& n
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
0 j# I4 Y4 Q0 i: k - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
! R8 ]7 J2 U% m, H# O - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 Y) W/ H X: j& `- @. x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ ~2 B2 c W% P! l4 Y& R& \" z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ n" ^1 R K1 K* _! s% u2 E1 o+ h - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 @& T: i0 H6 ?+ Y2 W - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]5 i/ B/ M4 M/ r( O& S
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 W3 x5 c$ j! f/ f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
2 o: @' @* I+ B+ ^4 Z8 w/ g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 V; S% E! ? ^* c& g8 }! G6 g - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 d. D/ H6 |1 \$ T+ e; w5 l, s
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]: ^# ^) U5 s+ f
- ==================================! p; _: ?2 E- e" \* h6 a0 h- E
- 文件关联
/ _. s# w6 q8 g: o# I; c- P- o: W - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
( ^$ M) [2 R& V, V" b4 R& } - .EXE OK. ["%1" %*]2 w1 ~5 z+ A: P
- .COM OK. ["%1" %*]8 J4 h% A9 J! a* d# t, [/ L3 r
- .PIF OK. ["%1" %*]
! w+ _! n9 u, |- u2 P" F - .REG OK. [regedit.exe "%1"]
& N# S$ A( M$ i# s2 T8 q9 ? - .BAT OK. ["%1" %*]( k( Z$ M, E% D7 F' z8 S$ Z& u
- .SCR OK. ["%1" /S]
! J( Q& B- H7 c6 D% l0 N - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
% V7 Z* @7 u) ~; d, n: D - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
+ F& [' J6 q$ ?" K - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]. w6 P+ ?+ s( Z
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]6 X$ u) r# f' k& _
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
: J- Q; x5 Y) A" n: i - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]" x# h& e$ A4 s) ]
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]8 K( [& e! b) L, ]( e9 {5 |0 _
- ==================================
6 C; G Y( O: ~3 Z4 m0 Z1 y - Winsock 提供者! s, X) ~, I- R0 j' ]* M0 a
- N/A' L1 L$ `5 s8 Y- W V q5 s2 B
- ==================================
, b4 r9 A. [4 E" ]) M - Autorun.inf
* D1 b, e, M- d/ p- Q8 }. D1 n - N/A' e K* ^' A, B5 _0 \( k$ n
- ==================================' e F6 f9 e1 L; p9 s
- HOSTS 文件
3 u `3 K# W; P- o - N/A
. \" s- X2 X6 ?; v5 | - ==================================
8 H. r, @( u$ x% N: t - 进程特权扫描5 l- k' _$ j# \+ @( ~4 r
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]4 m, k( x) V3 c
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]" K& _9 {" t! G- ~, k8 f3 [ u+ K
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
- l P6 Q$ Q! i2 D, Z - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
% G) k9 J. ?4 e' K0 b/ }* A - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]8 ^/ B4 h. S; @ |) K
- ==================================
# s4 s( i. M) c6 X8 n - API HOOK
# N0 A5 e7 K: }) s* E- P+ y - N/A
9 w* E: |$ \7 R: ` F0 s - ==================================
0 r9 m5 g3 v8 \/ p2 K5 D: }7 x9 {, N - 隐藏进程
( p" A" R8 `; x l# A, G - N/A- ]" z: `$ B! J8 C
- ==================================( j0 c q3 M+ d! [9 n
& d2 z/ Z; q& `- ^
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
