|
|
- / p! t. s5 X/ y0 N7 q0 G1 |
- 2008-05-22,20:37:43
/ @. }2 C+ O1 w) U8 s+ y - System Repair Engineer 2.5.16.900, K! q6 w( q8 V6 h) t' ]9 [5 I
- Smallfrogs (http://www.KZTechs.com)
* i( v; M& p2 x3 h0 O! B2 h - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
! K c! d* e8 |1 e' o - 以下内容被选中:8 M/ h2 z' D5 @
- 所有的启动项目(包括注册表、启动文件夹、服务等)0 f4 H, r& |5 [$ l0 ?1 O9 L; w
- 浏览器加载项
# I, _( ?# A' ~+ K2 u p- x0 T1 z - 正在运行的进程(包括进程模块信息)
: Y- L% @8 c; \7 ^2 B( V, r - 文件关联& V0 F, d e& G0 V: ^7 Y5 ^
- Winsock 提供者
) ]+ P: l/ Q6 ?; t - Autorun.inf
8 e" j1 \' \% l$ s. p' L1 u - HOSTS 文件
$ a6 w# s: f, i! l R5 H - 进程特权扫描
' p. n$ z7 P+ p
7 N; ^8 A" F0 g6 K; Z- 启动项目
7 ~+ m8 N+ U$ X8 m - 注册表
# N0 z# q# _; b+ d6 { - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]* V! n2 z2 d0 K7 }& Z5 R
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
- [% n% E9 |1 D - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
1 j* C- @: o6 f' \# Y; a6 r - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
7 b. f6 q9 B+ _! e- F# R6 F5 o - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]5 T9 k2 }0 N9 w9 Z9 q
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]4 }2 R% C& _# J: A3 ]( Y. a% d
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
! h" M1 n1 \4 V. C1 h6 h - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
, K5 j1 K/ u K( U/ z { - <PHIME2002A><; > [N/A]
y2 K0 g5 [2 k - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]# j7 X) j+ ?$ @6 B! P! T* F% z
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
: O3 o0 H4 Z- i: d - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
& q9 l+ R D2 x3 E2 j5 ~8 h - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
; A; H' L' u) b1 W. r) V' ]7 } - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]* C- }- Z0 R& a* |
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
- B2 x% A6 l- ~ - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]$ U9 a, N0 Q7 n
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]$ d% |$ b! D+ H& e5 T+ K
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
' i- J% G8 `; U - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
% O$ c% o" Y7 a; x" O( L - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] l2 T$ W g9 k: P6 H3 y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
- E+ h. ?7 q2 g2 M0 y7 P - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
+ c& S8 S# V) G* w' x, X - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
8 U9 j$ f0 g9 m2 }0 C" v& D C1 ~ - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]2 i. L$ v6 G( W5 j1 {- L
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]( @5 M ]1 _6 H' K, n' B0 c
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
/ P/ d; x* q1 }0 j - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]# x x5 [( h& k. k6 i$ t+ ]
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
" ~/ |2 C, t% e; o5 b - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}], x5 s" R* ?0 e, e. }* S
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]% v; A1 x7 d0 E. t4 O
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]: J: a7 L" a0 z7 X
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]# o' a( w I+ C! g+ H- i' @
- ==================================! V2 {4 w- C6 D1 |; R. T
- 启动文件夹
1 X. j6 B5 j2 i! L - N/A+ @& u( N- c( t: I: c z" l) }
- ==================================' c, D* s3 y7 Z; Q) W$ e
- 服务) e7 ?' c( A$ L* V
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]8 y: p! }% W7 ?9 I. o
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>( L- z4 O( x3 }5 M5 ~! S! ~
- [Google Updater Service / gusvc][Stopped/Manual Start]
! b7 X" f- J$ `- X: U* I - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
& c( t7 y$ @0 T( x) O8 H' \+ v% Q1 M - [Help and Support / helpsvc][Stopped/Disabled]3 |9 [+ a. N" F4 \) h. O
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>8 i# ]7 G8 i: X/ D; p* ?! N
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
5 G9 F, c) \' C n6 r* x - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>* U: _, {2 ^( x% j9 L
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]# a" v7 T2 F% A3 V; }& f
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>& e; y# M. l: {7 P/ k6 M
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]+ t' i3 C# o0 {. _
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
/ N) P4 i4 r+ @# h - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]# K5 m6 q( N: ]; M' v
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>5 A6 h# y# o4 Z1 G3 P
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
7 E7 J0 s+ F( {, o - <><N/A>
4 {/ Y8 d) g1 Z+ h - [Qvod Terminal / Qvod Terminal][Running/Auto Start]. ]: `6 |' [$ h9 s
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>6 O* c; ] w' y7 h' Z4 D6 O# R" B
- ==================================
1 { w! G4 q% b - 驱动程序
, K, _* W$ b. }2 r5 v( T - [22j / 22jn][Stopped/Boot Start]. \ R/ P; t# a f( p7 P2 h/ e5 I" a# }
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
# P* x) P+ e2 H6 i/ ?8 r7 _ - [360AntiArp / 360AntiArp][Running/System Start]
3 f% q, o; P/ u# e! e; r1 h% M& P - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>" n" W. |7 g' _4 Y& s
- [43ec / 43ecu][Stopped/Boot Start]( X P8 C! ^. H* h
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>4 r* e+ K1 v4 C: d$ J/ F' X6 c& c! f
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]/ e, T) |& Q1 y! W
- <system32\drivers\ac97intc.sys><Intel Corporation>
4 p& c1 i9 C$ L! r% f, [ - [Promise driver accelerator / bb-run][Running/Boot Start]3 h+ `0 X, s* ~5 l2 Y
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
) Y& V4 N6 V$ s5 F' Y0 u1 c/ i - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]# z6 i' T- U7 O7 Q+ a: X
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>8 w) U, D ^" A# q4 S2 j9 L, k
- [KAVBase / KAVBase][Running/Auto Start]
% m7 b1 F" q/ `+ a2 y x* q - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
) r) r- v0 a6 w3 _ - [KAVBootC / KAVBootC][Running/Boot Start]
( ?) Z4 C1 f" ` - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>) [( r, j9 f9 O S/ x
- [KAVSafe / KAVSafe][Running/Auto Start]
& r3 I5 |% A9 m& U - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>" z! n3 x7 O; ?: b) F
- [KNetWch / KNetWch][Running/System Start]0 o: _% O$ ]8 q2 t- p& f) _
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>; |, p' C# G+ V5 z; N
- [KWatch3 / KWatch3][Running/Auto Start]7 q% D, k4 n( L
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>& c1 v. V* |/ s+ R+ @! D+ {4 I) S
- [ntptdb / ntptdb][Stopped/Auto Start]
# D, h& _0 d/ \4 {& Q8 _( @" O- {5 U - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>1 \: e5 t/ j% p% y
- [nv / nv][Running/Manual Start]
% Q- N* M* ^9 ~ {+ i6 T - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>$ K; N9 W, L) \' N
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
0 S X/ U7 U* X' ~9 S - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
0 I+ d% s5 k1 q, V5 l) h - [DDK PACKET Protocol / Packet][Running/Manual Start]7 _8 F9 _* d: m) s1 v, m
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
* x, J$ c6 I' P, c, P - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]$ q& z) a8 r6 K+ B# d
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
& \/ y# \: f/ B z. w0 v- A - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]& ]- M3 C o, E( p0 U( S
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
6 W" y) l: w+ ~5 {2 x$ U - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
6 o2 b% R5 c2 J( F( _4 N' D' q0 j( f - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
0 j1 o0 I/ f+ y N* y, I6 a - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]1 @; F# q) h: u9 v7 v1 }
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
: ^; m% U5 Q7 s3 L* D4 n" I- J5 }1 r - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
1 z" w7 R1 y' ~% o: ]+ s" ?5 F - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
2 b! K" h G# L - [Secdrv / Secdrv][Stopped/Manual Start]
5 Q( ]$ ~2 @6 h `3 |: A6 T6 c7 m - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>& g/ ^4 q u9 r5 D# @
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]3 i, h9 w, i. }' ~# D
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
4 G% y( M2 \. s - [System Restore Filter Driver / sr][Stopped/Disabled]
' m; m( x$ \6 Y - <system32\DRIVERS\sr.sys><N/A>
+ I; g) w+ ^5 D: c. | - [TesSafe / TesSafe][Stopped/Manual Start]8 y9 V2 P7 Y5 O$ v) d" r
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
; X* c5 h2 O3 i* h7 { Q2 T Z - [System Services / unzxzsrs][Stopped/Boot Start]
: X9 Y" n" _# `8 s: J; p4 S - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
# Y5 [5 `9 t- n9 S9 `; U1 V7 {4 k - [ViBus / ViBus][Stopped/Boot Start]- H; M6 l2 r5 v! \0 j
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
+ L2 k- U( G% G2 V" q) H - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]' C# k8 ]! k( i4 Q' G# S! L, N
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
* e( K2 M% f# r0 g% [ - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]9 |4 b6 d* }* ~* W# h1 p
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
v/ G# |8 V7 L0 G) R! P: {8 B - [ATI Extend / zhibmaso][Stopped/Boot Start]
A( r9 s* I/ C8 ?* g - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
# l1 B! w+ I9 A" X' B7 b - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
/ f) [# z& E$ r/ [) e- }! J4 z - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>, t/ {, l( j, Y- e) Y5 C" @
- ==================================- R$ n) Z3 l& |3 t5 K1 f& H
- 浏览器加载项
$ A5 w1 C! L9 S" f& g - [Google Toolbar Helper]8 G' F2 b& c3 L- W8 s
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
) G2 v8 y6 d2 T1 n( g% }! @ - [Google Toolbar Notifier BHO]
/ |# @: S4 D- f8 n, b6 v. J - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
' W* y& ?1 u; a/ i - [SafeMon Class]
( s) I6 F) S. S - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
7 |9 }2 C) p: ~# {/ E3 D3 ?% l - [kingsoft browser shield]' M/ m+ h) E; Q6 m' U R! D5 I+ y
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
8 p' W9 q* ]: p - [IEBuddyExtControl Class]
7 [' L& h2 D5 d* I- P$ {9 S - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
7 t {8 j+ h6 \" @ - [Zcom 杂志] F. N7 r# f% f7 Z- p x8 ]7 F8 B
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
6 J9 n/ I4 U' a' c$ G+ _$ H% v - [&Google]3 q0 `6 ?8 C0 J# x
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
' f; j3 w C' X - [KooPlayer Control]8 C# D2 r' V& L
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
. _; R1 ?9 H7 n( |' J. u$ C - [Shockwave Flash Object]5 y8 r; O3 Q1 v4 w+ \
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>' S& v4 M/ S N N5 K/ z7 t2 n
- [KUpdateObj2 Class]
1 p3 I' ~, w3 o; z5 q# V& D/ P - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>9 }5 c- R# ^7 |
- [Google Script Object]) |1 \% M' k! ~5 @1 n
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>3 U" \9 m0 R- Q7 i
- [EWA Control]: \/ \1 [8 F5 X W, ^. v
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
+ d1 C" T! ], J. w' R - [Windows Media Player]
a; Z% v: M* Y& n - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>8 u1 k; X6 M2 X0 f- d, q
- [&Google]3 m, L, K6 E/ V2 [
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>" e' |, G9 l1 M5 o
- [HTML Document]( f, ^! e- Y! R$ ^' X+ y7 F. Z# P" G
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
* `% O6 ^& W4 { H* v8 } - [DHTML Edit Control Safe for Scripting for IE5]
( j( ?+ U" r+ t - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
/ B# M' y9 v* a0 ^+ F; L - [RealPlayer RAM Download Handler]+ o! V7 ^+ s2 Q7 i
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>' I) T0 d. p. |, M
- [IEBuddyExtControl Class]
" a1 q9 p6 e" D) q3 G - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
7 i- v" Q9 g: o0 o# B' | j - [XML Document]
+ t: ~8 ?5 n7 x( \3 _0 h' a# h, {0 b - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
) Z! @9 i) R- k" H% U - [HHCtrl Object]
( h3 F6 L0 N- [; [* X - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>) s& z5 W, T, B5 [+ o7 L
- [Windows Media Player]9 N; p% o% v* |% X
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>7 C! h+ M9 w3 o
- [Active Desktop Mover]0 e/ p# @& T7 T9 E# ~9 o, n
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>; _1 `/ H0 n9 F! m
- [360SafeLive]
0 H' G( d! V7 X n7 s% R1 C$ X2 b - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>9 h4 V( H& I. J4 ^. B% u7 ]
- [Microsoft Web 浏览器]
5 {# ^6 V! Q3 `$ T7 A; f% s - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
3 o: {* |# r3 [" Y - [Browser Enhanced Objects]
) j6 H0 S2 D2 o6 l8 \5 O0 H! }9 z9 @ - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
$ Y# q# L( o2 _' D - [Google Toolbar Helper]* O6 K& B0 l s* N3 |
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>% o! C! B- J, `9 C* t. F7 q0 a
- [Microsoft Scriptlet Component]
# j6 G. }, h; w b - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>+ v: c$ y4 _# G% h @. b
- [Google Toolbar Notifier BHO]
/ B8 V/ o: ^. V) U - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
- W( y+ N% g2 `0 g6 p6 @ - [SearchAssistantOC]
! G6 t. ^* E4 A4 p6 c: ~- f - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
, C$ S& ?* x/ m6 {4 o; f# q - [SafeMon Class]
# ]5 S" A4 y8 J2 l - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
2 m3 H/ W2 @, a2 K - [RDS.DataSpace]
1 S" N) O) ?9 g9 I - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
8 c6 t K/ [% `0 |, W - [KooPlayer Control]
! U- y' } V: ?7 x8 S! K7 l- k - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
& `/ F, K5 y5 I+ b- R3 P% x% l - [AUDIO__MID Moniker Class]
+ r$ z9 `' v/ l& B - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>: ^+ A3 T& d/ J9 t- V! e9 v
- [AUDIO__MP3 Moniker Class]% I# G4 q- j1 I2 r
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation># H6 A# c% Q J" y; @' }+ P
- [AUDIO__X_MS_WMA Moniker Class]8 f3 o; y1 R( C7 n
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
5 n3 Q- A" f% c. h/ h - [VIDEO__X_MS_WMV Moniker Class]3 ~. [" c" ?: g, E0 I O* ]
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>! g+ H+ u9 x8 u
- [RealPlayer G2 Control]. W: w o$ O$ ?$ ?0 p7 _- R
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>+ U' @9 K& r" _. J& s# E
- [Shockwave Flash Object]
. [6 {7 W7 m" E# S y# P0 G* T - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
7 B% _+ I$ W+ W6 I - [KUpdateObj2 Class] [; o# \7 n0 e+ ]' r' U
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
0 {1 [: x( s" ^$ u g, J - [kingsoft browser shield]0 o1 S. ?8 e# o( M7 B# N! |
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>% E' \7 Z. h2 K
- [PasswordEditCtrl Class], D+ b @& y8 f L0 m0 m; k
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
1 K, R' T* `. ]" {6 } - [QvodCtrl Class]
6 y/ s; J# Q# o5 S - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd> Y0 t, @6 C. ]
- [&使用超级旋风下载]6 k2 e& K1 g6 C7 D7 _9 I p
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>% h' m) }* L# C! Z3 W$ D8 O% N+ S
- [&使用超级旋风下载全部链接]# v8 e0 P0 U6 x. x* I
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
6 N* k7 m% }8 e+ D7 ~ - [使用迅雷下载]
! }5 C* e5 E3 F; w, i _8 ~ - <, N/A>1 a l) l e* F; K/ I
- [使用迅雷下载全部链接]
6 a% Z& k7 |, s/ u - <, N/A>/ s9 s, r! U0 _% B' H
- [导出到 Microsoft Office Excel(&X)]
2 @& O+ t( J) Q' \# ~% b) q V, W - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>2 _" y8 p6 | {$ K( ^; V0 [
- [添加到QQ表情]: L1 w7 ^1 e* c; O7 N
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
7 [5 Y3 }' x# O' g3 C% o0 E7 L* q- l - ==================================
+ d" v% y/ s) _) _! K+ Y6 k - 正在运行的进程9 k$ d8 a2 Y, a3 ~( P/ n
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 m* Z E1 `+ m/ ~( Z: u
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% b: M) \8 @( G4 A/ s# g& \
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( F. j2 y0 G9 g- N - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
6 @3 @! [; Q1 G+ A- \) M3 t- L - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 T$ [- Y- F, w$ Z% z H - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# @0 Q+ X' X+ `+ x7 p; L8 V
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 F- x0 |, w3 [) r& p/ T1 a+ |! M% B9 X
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! n% D2 B6 T, @& \
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; e4 [2 B7 Y0 v! B; V* N8 v
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 m/ D" M' H9 ]6 ?) Z. J - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], Q2 t: q$ j! J" e/ ]$ v
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]# I3 N# K! m X- d, N3 \" P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 h& n# B0 D' d& U7 e, ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ }# Q: h3 j8 T" R: c q' V - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]" l" I) J9 @7 [! h
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( H; H% D. n+ Z. w4 a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]2 _; m f# E& ?' M1 t# f* `
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
% N% g3 j$ D# h+ M6 M7 U - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
' I4 y3 H1 A B% s/ b7 k+ | - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]# z2 y n7 ~" ?
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9] J8 E& X D1 f* U
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 d; ~1 D# v9 \& N- ] - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]/ P2 f# x: r- o: o- A4 m) S) q- Y
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]$ _1 {" @7 i" F( I" h5 x f
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
6 [0 W6 U8 S/ Y: O - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2] F# o: e( L' F' a9 b7 O
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
8 X" e( ^+ _2 I* A - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
1 b2 q( D' d6 J9 A; g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
* k: ^! w% P9 a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% D; H/ I/ ]% T# q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 { r# o1 m q) I Q) Y! f/ \
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ l$ z$ U3 L% ]! K- I4 |% ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 M3 O1 p! `8 G& |+ @0 u2 q6 Q* x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], m8 z& X" s* o" O. h4 r
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]6 {% y6 J8 A2 N/ [& M7 v$ e
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654] d, C1 T- T' |
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
8 t! Z4 V4 V3 s Q9 l5 Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]! b( ~) [/ x2 \* q ^% d3 f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, y1 s) J+ x9 F* J% |! G1 P - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
) a2 M% Z* Y" l' ?8 i: u - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
4 J" ^4 m* R7 p - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
# z: `. x' }* `; H; i& W. j - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* p7 e- a8 C. J
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# t" D0 b( \& p: c! T: N. r$ Z
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
+ \9 ~8 V" j7 y - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- @- ?: t3 {) Z0 A2 Q% \
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( }% d5 C# y1 B5 L8 G - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
5 j: k- N, X! y8 V5 E - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
# |. \* ~7 m7 L' R b5 Z - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]1 C1 U3 l" I- W
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], N! N& @8 U `$ S5 @1 _+ p% x- ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 T, N# u% @ h2 a: Y3 m) V, t7 X - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]8 @, i7 _( u& A, @
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]) ~' ]) ~: s, O0 s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]; u9 V% W2 u2 w& U' \& U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
- R0 ^. h* j2 }& ]' g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83] l9 ~) z! ?1 @( \! Z- c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
# b1 N! q n! H { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]5 ~$ P& `" a2 t( E* Y
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]3 z1 z$ E5 [5 Q* [; y
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]5 F3 {. ]3 \# P# ~8 c% a- o' j
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
* x4 t9 ]$ H, F! p7 }. }2 w - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
) @- I' @3 ], g1 q* S3 G - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
$ A0 X6 t, ~/ q8 F0 P6 D9 K# a - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]$ a" _# u4 o' V, q4 y
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]$ i, C2 |+ D& {/ j3 m
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
' v5 N; Z* _" p- |. D8 A. y - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
4 |! _/ N( F& e/ j: G- ? - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]+ |4 V* v% Y* a9 p
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
7 S* o( l0 Q1 |& c+ y0 E9 _) L - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]* O! k, w- f' g3 k+ x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. h' D9 d" k) F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
1 ^- _; K5 @4 s- L( F6 p( ^- u: i+ d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 {- B$ R8 Y& M9 W; E0 M' e - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. N5 x$ E. s' T. X6 F - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
; n* P- r7 I" w& w5 E# i! {1 @ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ s o M/ `: o& y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
% t- g9 H5 x8 k% `& c! r* i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
2 G# n) J/ V, T - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' [% a, @, H$ l# A' a
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
) N+ M. T% A9 _; X* `- s - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]: @; t% N+ j1 H4 j2 M
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
8 r1 O3 ]& B* R9 f& T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ [% Y8 E; _6 g9 r: v1 x5 z% u2 i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]& d* _* }. ] J& C
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* c3 Y3 w) q* q8 h
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]: c l+ n3 [) _/ g, @0 X2 E' q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 I+ f G% R& H9 L( l
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]! y0 K3 D5 ^# q5 v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% \& j& X5 J: ?: v' |
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0] q+ V% v6 w+ P; X6 E
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]/ i P: i: ?9 l6 L |
- ==================================; D2 X6 T# p& C6 ]7 M
- 文件关联
s3 C2 b* D n9 ]. @ - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
0 o- g3 _; Q8 M - .EXE OK. ["%1" %*]! g' V; k9 a! p1 p0 v3 P+ d" X
- .COM OK. ["%1" %*]
, A) @, e/ D; J+ o- e4 e0 s! W - .PIF OK. ["%1" %*]
6 Z% R: F4 v+ { - .REG OK. [regedit.exe "%1"]
. J$ C5 ~+ v# [3 [! T - .BAT OK. ["%1" %*]& j. Z: p3 x# o& N& b! ~3 @
- .SCR OK. ["%1" /S]5 x4 l4 M- i. o6 T( R& E( ], J: O) l/ ]
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
, w/ [( H8 V+ E( X8 _8 | - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
9 S8 @6 k8 x9 {9 m - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]4 k! v# H$ G7 `+ \9 e4 k
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
$ j ?0 w- O" A+ g* @9 ?0 | - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]4 k4 W8 y# g u1 P9 R9 }
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]& w3 S9 Z0 |1 G5 o
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]) s0 y$ p$ b$ E# U" N
- ==================================5 C' J3 ~, x1 {0 }6 f" y/ q; e, q R
- Winsock 提供者
) u* O$ Z9 X0 I0 X# r( y+ t6 ?2 U2 b3 w - N/A
4 n: ?" h7 |- r) b+ E* f - ==================================! [6 g8 Z6 v; J( ~9 k$ V
- Autorun.inf
# k/ F' m& n$ \1 ]9 ` T+ K8 l - N/A
& P/ a% ?5 W9 M* [ - ==================================
; Y% h: m8 B. ]% ?6 s - HOSTS 文件; ^2 j8 R6 D' S! M
- N/A
2 w: Y/ b9 k6 E( e$ `: @ - ==================================: s7 _7 r7 ~6 |
- 进程特权扫描2 h% k7 C `2 o1 L6 j
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
9 i0 J4 [$ C: A# Y/ R - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
( N c* E _' Z2 ]/ m - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE], }) h/ T( V" i* y }& x7 M7 J
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
$ T5 m( G! `2 ]7 L- w - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
) y6 C3 A6 c6 q3 c; @2 z - ==================================
/ {3 v) U; [- x/ {7 ?' {' t0 j - API HOOK
" Z" Y& u" P- p9 f1 N8 ^0 _: ~0 O1 G - N/A$ G% P/ v4 E5 l! r% W
- ==================================. Q6 J6 W; ]8 b# t1 q4 U
- 隐藏进程- @! D& `2 ~0 m1 K
- N/A
" g% G9 V" \! X - ==================================( @9 u$ B9 m$ ^: F' ~
- + Q$ f7 [ y4 H) X' L3 y
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
