|
|
- . k, R$ @& C, `- s% _( U0 |9 h
- 2008-05-22,20:37:43; ]! [4 k! u1 P7 q" n
- System Repair Engineer 2.5.16.900' x9 Y$ d( i; N0 H) L
- Smallfrogs (http://www.KZTechs.com)
. z& E3 i% v! I0 B5 L) l6 x - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能: h3 x3 \) u# a- ~! R* N# U4 a* s
- 以下内容被选中:( M! J3 K* d6 h; T2 M$ I2 V8 G3 h
- 所有的启动项目(包括注册表、启动文件夹、服务等); ]+ X0 K6 _. I& h# O
- 浏览器加载项$ B; H7 U* ?9 m$ @' g
- 正在运行的进程(包括进程模块信息)
+ ~. q3 l @" y& h& q) |7 y - 文件关联
1 o* n: v( s2 }& L2 W( W - Winsock 提供者
1 g) W4 _- i L% j - Autorun.inf `& x. ]! j3 F; e7 l) h
- HOSTS 文件
# i& N& O1 C+ w0 i% k0 V+ T3 N+ _# G - 进程特权扫描
; {4 ^/ |" V8 o& O$ h - # C& m. [- \8 c0 g- _) V1 U
- 启动项目
# E; y+ ]$ j; f2 w - 注册表9 R* {. g1 ~4 ?# R B
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]6 T/ s. E- k- L9 | g$ j5 X) U! L
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]9 Z( e" P7 W! |2 f. s
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]8 r3 }0 [3 q$ ~$ {1 G4 s8 x
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
% X) V1 {) J4 `$ d - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]# x, ~ H" V1 _1 F; u# P
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
& U( x x# g9 q! s - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]0 @3 ]4 f% T" q; N: [0 M
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
# k3 O& ~; N- t7 p( g6 u - <PHIME2002A><; > [N/A]
; m+ ]' V) P! l& M+ M2 Y8 e, R - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]+ W. Z" Q+ }# y) ?* c* [
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]3 d" Q: F/ z& r) D1 L# l$ o
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]- N" h! S% p ^
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
% k, l& e" U _ - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
4 _, h' U: V3 P0 x - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
5 q$ r* f4 ?& L) M9 P0 l - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
! O c' J7 ^2 I$ G* y7 W& N: G - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
$ g2 ?6 y) M1 W$ @* p" q4 Z/ I - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
9 O. e2 _ O$ | - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
% ]" U8 B/ w" z - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
0 l1 Q. S1 M. Y+ ~4 x- a - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
7 D9 k c+ g- J. ] - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]! ?+ i6 P9 N& q, ~
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}], Y8 H% w0 \1 h1 V
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
$ M" G: b% n5 F - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]8 _% X2 l3 z2 \4 ]( N
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
+ l0 J& B" \- |# S( j4 T1 u - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]2 ?& P7 U8 O0 b+ E# |
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]/ d' R$ u5 o2 d7 g& Z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]) Q$ \ {; ^2 r/ j) A- A! `& C
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]/ C# `! l9 R6 U9 Z5 k
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
s* x$ Z7 ^0 o - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
) z! l; Y1 R6 o5 _/ {+ s - ==================================7 r% C7 J- v2 \
- 启动文件夹" W# e# ]8 {! M+ g8 n) d$ c
- N/A$ M; B" i2 U1 \4 X/ L3 ^
- ==================================
2 V3 I" L3 W* E2 c - 服务0 n! ^7 u( M" h& a, Q# I+ o2 V+ F+ G/ X
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]* \3 W7 V: G! K/ U4 j2 D i
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
/ E: u S7 y3 E0 _( g - [Google Updater Service / gusvc][Stopped/Manual Start]+ o5 p6 p. q" ~! y2 |) p) ]* a) S
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>6 k7 M& ~. G4 n1 b$ h6 r
- [Help and Support / helpsvc][Stopped/Disabled]: u' G9 _0 N2 n' \; x( K
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
' ^7 A x" S' @9 [7 B4 [ - [Human Interface Device Access / HidServ][Stopped/Boot Start] B/ A. g6 b9 V2 ]9 c* q& H
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>) K/ d) {% V& W& |
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
1 H4 }1 `6 F. J/ _ - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>1 f: Z T- B. K; Y5 ~, R
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start], E* m; s# N, U7 ~
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>' v* a) b) @! X
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
7 W \/ Y, K0 T; Q4 y6 o1 z - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>( q# ]! l; J( a/ A- H6 b% {; B
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
/ u4 z, h" t9 t% N& b: A! I& V - <><N/A>
* R$ S9 X; w9 g/ f - [Qvod Terminal / Qvod Terminal][Running/Auto Start]+ i# e; \7 Z1 d9 N3 U, j2 h5 k
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
1 U8 m1 \- |* H$ ? - ==================================
; |, D" S& e3 K+ y. W - 驱动程序& Z" O6 l5 ?3 f" a! A" w( p- ^
- [22j / 22jn][Stopped/Boot Start]- E" A9 n; F% [0 s' X
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
# [! Z8 H( [0 Z* S0 v) C1 z; J - [360AntiArp / 360AntiArp][Running/System Start]
' k6 `( S$ D6 F# p6 B - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心># R) g: B. y* c$ Q% e
- [43ec / 43ecu][Stopped/Boot Start]: x8 L3 L' ^# m' \( E+ B6 f
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>+ l' _6 d- [/ w; ?2 w# F7 c2 D' b! O
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]6 T! O7 ~5 q l8 Y4 ^' b
- <system32\drivers\ac97intc.sys><Intel Corporation>
: n) E* J9 n, O - [Promise driver accelerator / bb-run][Running/Boot Start]; _6 r- c! x$ J2 U5 V7 B( M% @
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.># `8 ^% |7 K; f4 c* Z8 M* S! g" Y
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
/ s+ Z$ F) i! B- ^; j4 i - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
6 W; m8 e9 I, Z. j1 z - [KAVBase / KAVBase][Running/Auto Start]) ~1 r; D( k3 E1 o
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>! Q& z. _- S) S! m- ^2 t0 [
- [KAVBootC / KAVBootC][Running/Boot Start]' y& c( B6 B: q
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>9 l0 H4 M1 M/ h4 v+ D9 W g
- [KAVSafe / KAVSafe][Running/Auto Start]
, _! l K% ~- | - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>* o# D g+ G8 @' ^
- [KNetWch / KNetWch][Running/System Start]- b& \+ \% p P; o2 h+ V+ B
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
* {3 h9 P0 p' w4 a - [KWatch3 / KWatch3][Running/Auto Start]$ L5 v# E9 G: J, s6 w6 O7 s
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
5 g+ @* i2 o- V2 _7 D ?: w& C - [ntptdb / ntptdb][Stopped/Auto Start], ?& |& R, t/ K+ v4 g
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>- L, F+ h1 A2 h
- [nv / nv][Running/Manual Start]
Q+ N# A! i- Y, } - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>% i8 _: {2 P, b
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
4 q/ a* c0 p9 T- d; w7 k - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation># q7 g9 g4 Q+ R! o6 |
- [DDK PACKET Protocol / Packet][Running/Manual Start]4 l3 _1 j2 ?" Y# D, f
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>6 N; p8 u6 h- F4 X4 E8 l
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]2 \2 K2 G% p- e" Z' J
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>; o& N0 S5 i# b5 ~5 N
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]8 o( M/ ?6 g+ v( K& C: I4 z
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
, l5 B: _- c! M$ V/ b% b& } - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]9 U% I9 t( z! Z& H4 U
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>1 M% x! i9 N( t9 {
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
) A3 z4 k% V+ I5 M3 d' n1 g - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
2 A; c6 S* P. ~, n5 s - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
4 W4 I8 H; h5 w. @ - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>. l \7 J/ C$ O; z
- [Secdrv / Secdrv][Stopped/Manual Start]
# t' P @; K- d+ U! a7 s - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
0 @7 }9 Z% W' R7 b6 U/ V+ Q - [SATALink External Device Filter / SiRemFil][Running/Boot Start]; w3 F( L2 r5 f+ ^$ y
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>2 c9 Z6 Z) C' _% \$ ?
- [System Restore Filter Driver / sr][Stopped/Disabled]
3 v' W" [! C) }9 p% }" Z - <system32\DRIVERS\sr.sys><N/A> T! Q# W4 Q# m9 ? Z
- [TesSafe / TesSafe][Stopped/Manual Start]0 o9 G$ H9 d$ @1 B t
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>3 ~* o: ~" Q1 c6 @' R9 A
- [System Services / unzxzsrs][Stopped/Boot Start]. Q/ E, f6 \/ |9 O. H, S+ c
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>) ~$ t& S, w6 J$ Y w
- [ViBus / ViBus][Stopped/Boot Start]( w1 y- J0 l- Z q( ^, n
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>4 g+ n7 A2 a' D3 J0 {; J
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
9 i; h' f! r1 w& a; G" h - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>. d# t+ [) x, h
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]& b4 J' M- [2 {, M
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
/ P) [: o6 F& B6 H, x" u' ` - [ATI Extend / zhibmaso][Stopped/Boot Start]1 J$ Y8 W8 E4 M8 u$ [- ~* ^
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
9 g( l! T$ K' r( C - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]7 q3 D& c) }" B) G
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
& g- b& x3 {) o8 c, z7 i - ==================================
, `9 y) t2 o) P) X. M' k" ~ - 浏览器加载项5 V9 [: [6 m0 F! ^- |+ i
- [Google Toolbar Helper]
# C* P( E6 ~5 x: T' T# _2 g - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 P Q" p5 o7 @6 g, s/ _ - [Google Toolbar Notifier BHO]
5 ` e( {/ a1 R" P8 c u# u - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
! j6 T6 o6 p8 x - [SafeMon Class]
- i7 z0 M! @$ }% |0 f - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>: l8 m1 l. Z4 n2 r1 o8 J' r: g2 f
- [kingsoft browser shield]
' B/ v0 ]0 G& }( G6 o - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>+ m/ T3 k0 @$ Y% L; J5 x5 B
- [IEBuddyExtControl Class]
" d5 S1 u, ?6 R' { - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
5 k/ W% j, [* n9 N1 ] - [Zcom 杂志]* k! Q* f5 B% I h
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>; _0 @8 |' l6 Y2 w; G9 g
- [&Google]
: C: b6 s& k: D - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
# x% i8 H/ m: U3 U% C - [KooPlayer Control]
* f; n7 v/ b" |7 H$ O/ r- i - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>2 {" x7 g/ O5 @/ Y% y8 Q
- [Shockwave Flash Object]6 @# k% D# a3 c) F" a
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>( A$ e' i8 f' @* W9 g) |& r2 i
- [KUpdateObj2 Class]
) I( k6 f6 T; P; B - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
F1 I) [) }. A- O! N - [Google Script Object]
: _! P) _" f; E( ` - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>. ~+ K0 r, O J7 b
- [EWA Control]
5 [- ]- l5 c1 q) l; D - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
" @! H1 p5 [# g/ X - [Windows Media Player]
) Q8 A6 z' Z* v. ^ - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
4 X* R) b, W% E: N - [&Google]; R9 N/ O# V) g" p/ Z& i" J
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
8 `+ [) a; C s8 _/ M0 b; Z - [HTML Document]4 E5 d! z; u& R+ k
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>! P! D: @7 H6 ~) x* O
- [DHTML Edit Control Safe for Scripting for IE5]+ l0 x. I1 @- x- P5 L6 _2 o
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>& o8 m6 q& v j E/ ]
- [RealPlayer RAM Download Handler]) {% C1 L6 _( ]% w: E/ [
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
" ]& X4 n+ d( e - [IEBuddyExtControl Class]
1 J. V- z2 E$ U) m$ K: O- Z; D7 C# j - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
+ i- n4 _4 G6 ^7 f - [XML Document]
n( B) ]6 L& c4 h: |2 \% E: x2 P - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
) z) Q# ?& S- A x9 D4 U+ p - [HHCtrl Object]
9 m; ^. L$ y4 ^( n - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
4 ?, t4 t* } m - [Windows Media Player]! Q q( ]: C6 @' P; X# y( @
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>& J, n5 |. m2 k7 d
- [Active Desktop Mover]& \! |4 x$ S( u$ y
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
; b3 F- v, N h; b) S - [360SafeLive]) z: y& `" X" H9 Z4 A1 T
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
$ L; m' p, P2 Z0 ]8 c - [Microsoft Web 浏览器]8 b# y6 v' R( R& [
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
+ P. {, W( j$ A" v. K0 p0 G - [Browser Enhanced Objects]
. w: G3 v' A1 W0 F2 ~( m. n" h - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
, l4 F- J8 \1 F0 K) h - [Google Toolbar Helper]6 E9 u# X) J2 h8 g9 {
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
. Y& T1 L' J R) p* z3 R6 u - [Microsoft Scriptlet Component]5 ~0 q: G3 ^5 o3 J$ r
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>. @9 n: D* o. I8 J5 a. ~
- [Google Toolbar Notifier BHO]
- `$ o; }" A l9 n9 g, Q: ]! B - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
# ^' x& w% H! M - [SearchAssistantOC] i- B" V' G; ]2 L1 T/ K ~; B. |
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>0 ~# U' s" r$ ?% A m* }! U
- [SafeMon Class]6 x* p- o' r1 S; U2 J
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>/ L. |& K+ ?2 z) `
- [RDS.DataSpace], }; f; F6 {, D$ \# b' Q; R
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
8 l# }" H1 m1 ?: E, b0 e- G6 J' S - [KooPlayer Control]
, b5 G$ ]7 x- E' l# v) x- E8 | - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
[- A* E8 @+ [" r9 i8 U - [AUDIO__MID Moniker Class]
' s+ G- S1 A, `6 k - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
% B$ D, [: n4 {0 S6 c! H. _* _ - [AUDIO__MP3 Moniker Class]
& U- R4 V# V+ I8 Q - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>( G/ M0 f) p, |: P8 s/ a0 v% b! Z7 e
- [AUDIO__X_MS_WMA Moniker Class]0 Q" O9 J1 U6 S( i, K9 {( g! ~
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
8 i0 l7 Y7 w3 X& i; f/ o+ g - [VIDEO__X_MS_WMV Moniker Class]6 O0 i) J, k1 e+ d
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>) I1 o# z6 `8 e& Q) O
- [RealPlayer G2 Control]2 h: d5 O+ B- }
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>% x4 a4 k8 p p' Q1 P
- [Shockwave Flash Object]
# ?0 z2 f+ f( u' x/ t4 ^ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>/ `, i6 z' H; z* T) b' T2 t h
- [KUpdateObj2 Class]
, R6 Y9 b, ^6 e8 n+ C( f h$ q - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>4 l! H+ w9 K! L
- [kingsoft browser shield]6 a1 L! Y/ \0 ?7 l0 \) N
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
5 u' W2 O: V+ ^" `' \6 k! [ - [PasswordEditCtrl Class]
+ M1 `, @- F' P; y/ U - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>, W3 ^# K; Z4 Y: F/ J, f
- [QvodCtrl Class]+ P" ]" [% q/ |! r1 n
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>( K& N# i7 D8 B" I6 W
- [&使用超级旋风下载]1 m5 B5 r4 `; `* S
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
; u k+ w2 z) A3 D+ |7 s* _ - [&使用超级旋风下载全部链接]
+ U1 X. | ~2 b* B. Y - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
" p& D7 k) Q: a7 w, ? B - [使用迅雷下载]4 P) j2 f+ ], ?8 X. x
- <, N/A>
& s+ ?% B) [3 e. V/ L - [使用迅雷下载全部链接]. h$ P0 F' s8 u% e# H
- <, N/A>' D) c- s9 t- `, c' L
- [导出到 Microsoft Office Excel(&X)]+ M1 P5 `% F! K% o# d+ }6 a5 |- D
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>3 h4 p: g) a% p+ n; q* H2 |
- [添加到QQ表情]
2 O, d C* w* b; Q& [% ~) l6 Y4 B5 m - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>: D& v1 ]* |4 N0 a
- ================================== y* A& o$ i) L: ?' a+ f
- 正在运行的进程) o' y5 Z R1 t; c
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] N" |' v$ G# ?3 j! M
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ `2 c/ x4 s K9 |6 _; M - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 z# t) z, e: R) Y! I+ Y/ N
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
2 U c! m+ t5 A5 ]; }8 E8 h - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" {, ^- ~0 Q: e9 X( L5 B9 L# ]3 ~
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% t% H0 Z3 S1 j! C E. k m - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 J8 C9 I+ h$ l, N1 A0 J- q - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" T5 ], _& ]3 H. i - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ r {: `9 @8 ~+ ^0 u& H9 u
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' [& [6 W" m# f8 \4 r6 @: V
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& h0 G/ t: t% {; E( ?/ h" w4 Q - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]- [) U. @* l$ V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ _$ ^) ~9 [, p6 v+ Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 Y- p% K7 H: X* Z. F - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]: n7 d& D1 |& X+ n% c7 {
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! D/ N1 S1 f- q. j; t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]' M& t4 \7 Y- H7 t& t' t
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
9 ^0 i. V( g+ T: i: Z+ j. t& l - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
2 w* g! ?" ~* E! I$ M+ _% b# N9 L( a - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
8 i4 t% Y1 ~) }& o6 R9 v3 }2 Q7 Z - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
, l8 m V! D7 ?$ v8 s - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]1 g: x' f# |" @$ ^8 R6 R
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
& t5 k6 D( @, ]! [! { - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]1 L- y; I8 J4 M' |9 g& n9 U% R
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
' [8 _: L4 G. k9 N - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]9 o7 N' C7 v% l) j( i
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
2 C D4 K+ N2 X1 b' a7 s' u# S - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 ^" q/ ?: C7 c0 @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]% W2 r0 o# Q) c( L, n0 r
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 m" G+ Q n" z" d7 V - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( Z3 Z% p' ]3 C
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& H, M U% B c0 C0 \: s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- ]1 y5 g& f+ m1 L7 L& M) \
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% H" \ ]0 Y7 O7 I9 k
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. }$ {# x" \9 k: A; J6 }- o - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]) Q4 b# Y( J0 [3 e0 i, i
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
3 a5 u" Z n0 r* ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) d: G [, l; ~! @ {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
& g9 c" j4 v% ^* g; N* X - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]1 y7 K, g0 E$ `3 j7 E) y
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]$ `+ Q+ b" w$ o! a8 A
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
1 I( [$ O0 t8 m2 k1 } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ `. J" {$ h% Y% T6 A5 S
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ C5 R$ L: K J0 X
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
% T$ O: j# @7 j( I! k' | - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) ~* ^. U' X( |- K5 R - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 w+ ~0 l$ u$ v+ @2 B5 j - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
6 o) \+ b2 F& m6 u# q( G. K - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]1 |) n3 W9 Y* Z" D1 {& Y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
9 q: _& m8 K& O+ o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
o; r% P% w+ x0 ?, g( t1 H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
7 `9 t c$ m& x1 }6 F! E - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]9 @8 G2 y1 h% y3 I; s
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]$ q! i4 ^7 K, Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
4 L8 i& r/ L3 @$ h4 G/ ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
. F; A4 d( i: [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]8 ^. g b; u, l: ~6 d: _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
& {5 R ^* [* @( v. e - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
) u$ _9 D9 }# m" o - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]4 S9 r9 T% P9 `! y1 ?0 |
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]( f8 a1 H2 [' ?& }( w8 A
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
- X% i' C' K& R9 a* P - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
% e+ b0 N& s, U2 a/ a' t$ L - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]9 |/ I: V3 q; ?' r( U
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]( F/ n; _) L6 v2 E D ^
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
- \! V* U* C3 b - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
: S2 A8 @" G7 B5 I. V3 l- W - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]& q* Z. p) l) s l
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]& n& f! ]& b X2 ?
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]& b a) D, ?7 g2 Q7 ?
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
9 l+ {& @5 F. h# [5 m- D& g - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% R; w+ V1 J9 h. ?6 U5 ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* c% |( R5 j: u+ l1 H& Q. j) `( `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 I' s& J' t* i# B7 m* Y: v8 e2 D" e
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 `! T4 Q5 \ v - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201], K4 i4 B) M# C5 L! U
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 ]6 w, e0 Q; N: B) _/ G$ V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 n; ~9 \/ i. t- K/ q w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: x: q9 M9 W0 R, L0 b. h
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. x* n: ]! U R2 E- {) K/ z+ a8 K - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]- ~! T1 a3 K- ?! \ i) O
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]4 e# v% b8 i0 k H/ |" d- _
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ Y% l$ v5 Q5 f* T3 I1 C) z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 C0 O ~/ y5 ~" e4 h9 ~# A& U: h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]. W. ] ?* `1 _0 x; v3 I
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ G/ i( l" C; r9 m: A. N
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
; `3 J' n) L2 h: q1 b( k! K - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- T9 M$ }7 g8 z; Z) _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: ?3 ^% {/ I5 G R( q- L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], U3 b! ?. M- v
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# Y, ~) a5 v3 D2 g6 p+ O
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]0 q# C. c, P! z: f
- ==================================
' A6 p! a6 n9 l6 G2 c8 j' I( T* T - 文件关联/ Z$ z" J! V4 Y4 ]) F9 T
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
6 t( j$ ~2 `5 y - .EXE OK. ["%1" %*]! V! M1 }$ P+ f+ d$ D5 t4 [8 r
- .COM OK. ["%1" %*]
. M) t- O6 ~" Y3 p( j" { - .PIF OK. ["%1" %*]
( |" B: b- R7 r9 u8 i# u( A - .REG OK. [regedit.exe "%1"]
- D* n4 h2 M8 p0 R; y6 c: I, \$ y - .BAT OK. ["%1" %*]
$ E6 t9 ^0 ]+ i6 ~& A$ j - .SCR OK. ["%1" /S]- J( V6 t# i' l6 Y y/ F# a
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
6 ]. k' T& c& N1 G$ w7 b, D6 _; C3 d - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]. n6 o5 I, v. ]
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]$ P$ Y7 G8 l1 a% s( h: u" c
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
, G: h% X( Z+ |4 c6 a4 M. _, P; H$ h - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]3 G+ T. {: l6 V
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
& {, {2 ^* e: m. m L2 E - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
0 Q; z0 X# w: B) d/ x% m& ] - ==================================
% E) U* L7 N; g& u7 q) f - Winsock 提供者6 B, ^, K/ N$ h
- N/A
* R2 I1 Q. l# s - ==================================& y( V/ x) X) [$ ^
- Autorun.inf
/ E% G7 }8 O4 t! a9 J7 b - N/A
7 y: M7 k! P1 m8 l* Z3 B1 [ - ==================================; m( D9 [8 D. ~2 f5 F
- HOSTS 文件
) I d8 n; g" n% e - N/A
}8 H; t" P, e# F7 e - ==================================9 E" ^- q2 ]+ B# E) z) E% ?
- 进程特权扫描
; U0 P- C' W o3 m9 S - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
/ h _2 H% N9 O - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]6 V4 M3 p* _$ m2 `5 W, |' N$ |
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]+ s# Q* z: n1 ^& i4 [: R4 L
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]( ^6 e/ D! g" ?9 \5 ]" q
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]. H5 D3 y6 F4 a$ u( C
- ==================================, W' ?! V- W A6 S5 J# p K: z
- API HOOK
+ r$ ]6 h# U+ K' @) N/ z" n4 w6 n - N/A2 _1 P5 s: }8 Q1 L
- ==================================; g6 R$ W- |/ H* X& W7 b
- 隐藏进程- D B9 [, W# ?& ^6 a0 h
- N/A
" C3 C* I' ?$ Y5 c5 A$ ^% c v4 E1 p - ==================================
7 h$ E, b2 A e- f2 p5 l
3 w& S# F9 v+ r% C$ r
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
