|
|
% p( v& ?* d4 {4 r0 [% ]4 b( z9 s- 2008-05-22,20:37:438 z7 \9 o4 N1 u$ r5 P' {
- System Repair Engineer 2.5.16.900
3 d2 F4 M$ C# @ s, @9 m - Smallfrogs (http://www.KZTechs.com)* D6 X6 F, Y3 U0 s7 Y$ R& T7 W" [
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
2 M5 l$ k: D& l2 E6 ^/ p - 以下内容被选中:
) n+ ?' P. Z! I% f4 r# l f - 所有的启动项目(包括注册表、启动文件夹、服务等)
$ |$ E# W/ R5 ]2 Q' _1 l9 y4 y - 浏览器加载项
' Y0 o% u( i; n0 N" K! @ - 正在运行的进程(包括进程模块信息)
2 e; ^3 d+ H; [6 g2 j - 文件关联
@3 X- O6 ~+ Y2 G$ c, g - Winsock 提供者9 A6 Q. a4 v* W; V- E$ |9 x
- Autorun.inf
, ]4 P \" M! k @ - HOSTS 文件9 v" H Q5 J( G4 j
- 进程特权扫描
) r/ n7 { k" }; L! x5 _
5 H$ E5 B, @6 Z J F6 d& w- 启动项目' r; R) t3 H( f0 y' W$ S
- 注册表
$ ]' D& E& p5 U: r. k - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]) D y# W4 d' A- W* Z" _& v
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]) H6 [% z& L3 r2 g! ?" k" p( b
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]4 x5 W3 }9 n, q. I& w. Q
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]5 I E6 N" W9 N' }- w: U
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
& Q! T2 d3 i9 B* b' t' T - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
! h9 V W& T# B; r0 z - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
( T$ E' i) w- K% [% q( K! ^1 { - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
+ r' G- @2 h g9 Z r( u - <PHIME2002A><; > [N/A]6 j; L; W8 ]! K4 L1 Y& W
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]7 ~. |, S! F* m, P# E, y$ U
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]+ w+ G4 N, S. k- R5 Q
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
( y) @) K2 n% ]# J4 M - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]# j" ]8 k4 p; y4 ^5 d7 h
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]( _; t/ C! J" T: d4 N0 x: D7 T
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]5 a( p* a4 y3 K, P8 [2 M
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]6 R2 [1 Q9 x6 h( `* j/ S$ Z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]0 _& G2 B" H9 t$ m N; H) b4 Y# b
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
; q$ n+ e: n Z6 I- f8 A' p/ \2 a - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]; Q( V( v5 B5 l+ u3 f
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
0 ?! |9 A5 ~& X$ z: y7 y - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]2 S: O* k0 N8 z
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]/ I, v1 F0 R' D. `4 }
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]0 N( x' h& T% I+ K* q
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
! p7 O3 s2 q2 F& ? - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
0 G- }0 Y" r" @3 W" r' v - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]4 `1 n9 r* z* m* ^7 ?+ q
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
4 G8 w& f3 z) w6 R - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
8 F3 k( w) |0 ]5 v - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
N. X4 t' t% p, F3 W% _ - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
+ \, {/ S3 _& [, F - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]; w4 P* P; ^& N: k
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]2 W( |: G5 i2 Q7 i
- ==================================
! A! Q7 B' ]" R% M( ] - 启动文件夹% w7 f# j) ]8 o- Y' z" ]& `
- N/A! Z/ A0 [- a! B2 n5 L) v7 c3 P
- ==================================
. v" ~% R1 r8 D3 \# X b$ G6 x - 服务
; d i+ H% K* h/ i: D! j) V { - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]; i( l# b6 d! n' ]$ V! v
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>- }5 }. N! f' H/ |/ D
- [Google Updater Service / gusvc][Stopped/Manual Start] Q9 Z$ C5 F9 w4 E$ m
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
' V7 o( }( a$ q; r; [( I0 ` - [Help and Support / helpsvc][Stopped/Disabled]
3 B& R* j7 g+ R, {* e - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>4 S3 B( p/ @4 @
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
- r' F: w7 N" P& D6 w+ U - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
% g) R9 j$ L& E+ w3 Y - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]! k; a6 H7 O& s2 S! Z
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>: D$ P: @! L- r1 X4 F3 K
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
0 e' T2 J q1 O* f5 u5 S5 I - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
7 w$ Z( W3 S @9 [! | - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]1 f3 P& g0 G, l- T/ o: l, t7 Q
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
: I5 g. {4 t! E5 } z5 a3 g+ k2 q - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
9 ~! J0 u0 `1 g( K - <><N/A>( M; G! I4 d& f" z4 e; W
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]) m6 M' x% \' \8 `, C( Q
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>' Z. f- s4 g* ?; a X, z: A9 i# n
- ==================================# O5 G, c7 f8 K( T/ j
- 驱动程序! ]- V1 Y1 {$ J f
- [22j / 22jn][Stopped/Boot Start]6 w0 W+ `8 y* M$ } u& S5 E+ N
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
5 O' {! [; C! d9 h5 I - [360AntiArp / 360AntiArp][Running/System Start]
2 S! L% y7 D0 l* R5 C; Y - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
0 c- l+ {5 x0 Q! Z: L - [43ec / 43ecu][Stopped/Boot Start]
& x5 |9 x$ [% |- u0 ?/ l - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
" K- J4 K' P& ? - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]# w( w) ]/ g+ i( A
- <system32\drivers\ac97intc.sys><Intel Corporation>
& V( c q1 X6 K - [Promise driver accelerator / bb-run][Running/Boot Start]
$ n& d* p4 c2 u# ]" l# g - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
! Y2 i. m$ h. ~. K! G. h, I - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start], H/ w, i% N: m" ?! s
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>1 Y+ v3 _) I: t1 h
- [KAVBase / KAVBase][Running/Auto Start]
- O ]7 s8 I8 q9 i( Z- G6 z - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
0 V) V3 ?/ n- R! _" {' I1 Q+ r; s - [KAVBootC / KAVBootC][Running/Boot Start]
3 A. H6 j3 p6 J3 `( {8 C6 L2 r - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>7 z- h2 ^5 A3 a# Z1 e
- [KAVSafe / KAVSafe][Running/Auto Start]
6 w6 {) J0 j* H/ W. L - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
- c2 z# h4 x- k+ i - [KNetWch / KNetWch][Running/System Start]
. R% K0 Z' g C1 C1 j& u9 @- G0 a - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>5 l0 W& p7 p0 r* q5 M. g: R; z3 s
- [KWatch3 / KWatch3][Running/Auto Start]
1 X1 S( I" a) H! E8 ] - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>2 I$ l$ j% R5 A
- [ntptdb / ntptdb][Stopped/Auto Start]
* [' c' c, @: u; ?1 A* A' t9 A; s - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>; @2 ~8 U6 P7 V r: A" u+ V q/ e
- [nv / nv][Running/Manual Start]+ p& P4 _% h0 g2 u x/ x6 N+ [9 U& F
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>& p; N5 K6 \' C
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]8 z3 K& h& i* G4 q; r) f
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
/ m \& l1 i0 E# r2 i. J3 v2 n# i" K0 i - [DDK PACKET Protocol / Packet][Running/Manual Start]
! E9 P; U( I4 V& s* U$ h - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
/ x% v7 f" ^9 W% ` P$ z5 t7 `: Q - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]% K2 _8 ~, Z8 `. _3 I
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>; e) I& v+ s3 [
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
* `7 m8 k, Q$ I. j& [ - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
" |) I% X; k# H7 U, [" { - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start] O; }2 P- b1 l1 A0 {8 C
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>+ |5 n) _2 Q: O7 T: @
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]4 |7 p8 ] m; v0 q9 W
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
4 V" X& z9 g/ E3 G: n - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
3 D" }# ~ N& }+ N! S# {- A - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>4 M' @+ i8 { g
- [Secdrv / Secdrv][Stopped/Manual Start]
- f2 x: P2 J0 ^7 H - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
6 P" w! V: N" V2 o1 x/ S2 c - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
# {. T% \3 m# C9 f& k( r3 y+ q - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>% {& C; k' r1 j/ i' S6 T# h& [
- [System Restore Filter Driver / sr][Stopped/Disabled]
) A, _$ [' X3 c7 G - <system32\DRIVERS\sr.sys><N/A>
4 |; ?. M, s3 b" j# z/ s - [TesSafe / TesSafe][Stopped/Manual Start]
1 o9 V* y! G0 G9 D, `4 F, |/ d - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>4 A3 q' I& h' c. M6 K
- [System Services / unzxzsrs][Stopped/Boot Start]; i. Y8 ~1 t2 Z' c
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
0 j* X J X- b6 K0 s - [ViBus / ViBus][Stopped/Boot Start]& c# K2 E* @3 Z$ D' L6 m/ b
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
5 g9 j: U/ x8 u6 R; p5 m1 C; k - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]& i7 Y9 R$ \3 B7 [. H Z& V! e/ }
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
; o6 P# u, b: @0 N - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
! H: t+ o# J \9 g' X6 t - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
: o9 r1 {9 K3 U/ H - [ATI Extend / zhibmaso][Stopped/Boot Start]8 ?, Z3 ~% T2 h6 z8 o
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>+ M1 g; w2 O( ]9 a; `
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
+ @- s) k, G; {& ^0 |1 Z - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
" j( Q3 k$ y1 h+ e, V - ==================================
% c5 O8 F6 t# F& |5 u - 浏览器加载项+ }7 G; o1 F4 n9 L
- [Google Toolbar Helper]
0 I: k2 F, H3 C7 K; Z! k# _ - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>3 u. K5 s* G$ R
- [Google Toolbar Notifier BHO]
( a$ N! \; i \2 c5 u$ R0 M - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>- b* I# v& X" ?. z
- [SafeMon Class]4 v L! ]6 W7 i, \- h/ u* I9 l
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>6 f; S4 ?# X, y5 j. p- o1 y
- [kingsoft browser shield]0 p: c r2 ?2 ~! o0 X+ C1 u& w
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>4 n. b9 s! e0 X: U# O( o% Z- w
- [IEBuddyExtControl Class]% ^/ ^' ?# u* {) v
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
! y5 a( R4 f& B# f+ |/ e) O% Q' t - [Zcom 杂志]9 s. ~! n' S) {
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>/ T/ j- @% U# U3 i
- [&Google]
/ U% l( p6 y' f, g& ` - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>$ ]+ | ]9 R! ^, ]1 y
- [KooPlayer Control]
2 z2 b M& M2 q/ y4 v4 E3 | - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos># y7 T- b7 p1 Z* v0 |1 m
- [Shockwave Flash Object]
4 y8 Z. g9 G# H9 }, H - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.> o/ ^! ~4 |& A; \( Z
- [KUpdateObj2 Class]
0 Z4 G$ j6 L( w, { - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>* c' I2 M) R3 D5 N2 m( E
- [Google Script Object], j* N1 n2 S- D" A# B# G
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>" f- u; i, E' M# ~8 w' j9 \
- [EWA Control]
5 C2 K8 N, k# s5 t. |1 D - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>: J3 A! o V8 i
- [Windows Media Player]
0 W( z7 P/ T! K: X/ P W- v! k - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>" g/ a8 F7 C {' o/ l
- [&Google]
& Y. ?7 `, R7 P+ O/ X, { - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.># f: y5 A& j* F4 r$ A/ P" O2 \
- [HTML Document]
4 i( T% _: t1 }- R/ C/ h - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A># `, ^# P, p0 {! T& f
- [DHTML Edit Control Safe for Scripting for IE5]
+ l! _4 I4 l) U. {2 p - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>1 q6 ?8 c5 ?5 k" q, d: b; \
- [RealPlayer RAM Download Handler]
. _0 D) K. J1 {& O - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
% y3 T/ q! U# C - [IEBuddyExtControl Class]
$ J# x6 ~+ D/ I - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
7 g$ u9 _& B8 X - [XML Document]
: h/ o0 F( O* I4 x7 ]% r - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation># A% k; o8 T8 y n' B" E& w: O; R
- [HHCtrl Object]4 t$ W$ k* r8 P0 E! t4 S5 y) b
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
* X: y, X& l. {* q3 S$ L/ p - [Windows Media Player]) K I8 w" E% u! ^1 @+ k( K
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>4 t# f% D) L' k: |6 q+ o
- [Active Desktop Mover]
0 W# J: j% Y4 a( X6 Z - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>3 H: n, n* @4 J
- [360SafeLive]
- @& j& A t8 j4 Z6 r - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>% i6 N( \0 @& A% N% q. P
- [Microsoft Web 浏览器]
( Q2 n; N% o7 Y' c7 E - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
+ ^, t# G" x9 u# P - [Browser Enhanced Objects]
4 m C! g, Z% X - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>3 c; G4 x6 Z' o3 P: }, V
- [Google Toolbar Helper]- J; R# C! F- [* E) Q
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 W- a$ ?& \4 q' I1 @ - [Microsoft Scriptlet Component]3 F) W; v$ `2 ^9 y
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
9 j$ v+ S0 ~$ {' I - [Google Toolbar Notifier BHO]
( A1 F# F* }$ s8 p+ k' c; d - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
2 K2 U2 v/ E( W - [SearchAssistantOC]- O1 l0 w4 {3 J% p1 r6 C% C
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
0 C1 I3 w' {- y1 g - [SafeMon Class]
9 i4 d, y- B* D" J2 j9 d - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
8 l3 u3 C, }$ ?/ N! q% _1 e; m - [RDS.DataSpace]+ Q4 L: b7 Z6 }( U
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>" R; G; ~% F/ O6 Z$ s- n/ H
- [KooPlayer Control]
& @1 S8 v3 \( ]+ P - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>2 H" @: n( j6 W1 _5 T- e% f
- [AUDIO__MID Moniker Class]7 j( r; z$ B' j+ ]
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
% n& u% D8 a: {: c - [AUDIO__MP3 Moniker Class]5 h9 q( q+ F" N( H% }8 O; C
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>/ j! E* q; l- G1 Z1 k
- [AUDIO__X_MS_WMA Moniker Class]. q6 X2 u# g$ C# a6 }- _! {
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>, E, H M# ` h0 V" K
- [VIDEO__X_MS_WMV Moniker Class]0 w8 s! I! ^/ m; m- N
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>- R' b! M; L! J
- [RealPlayer G2 Control]
. Q6 A& P) n( u; y7 V - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
+ [) D2 ?' [/ Q6 O& V) u - [Shockwave Flash Object]
: a0 Z c# a+ d3 l - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>* ]+ b3 n) n. m
- [KUpdateObj2 Class]* _- D7 e' L9 o6 t+ {, _# k* F
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
7 g! i, y" a$ f0 s' h4 i6 ? - [kingsoft browser shield]
6 s. ?" P9 l9 J0 m: K - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>, \2 L+ X% f& f
- [PasswordEditCtrl Class]8 u8 P- j6 t9 v& F$ F8 O: k3 ]4 T" E/ q0 f
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
) v- u: a' ?; S" i& g, D - [QvodCtrl Class]
- h& L8 c0 {. l5 ~; N5 e - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>0 Y& } p- B& i3 ^- i) \& h
- [&使用超级旋风下载]
" G3 U- k0 d5 _3 m W( v5 |6 ]: Y7 V - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>, O: p6 U3 u+ L# _) u" j/ }
- [&使用超级旋风下载全部链接]' p& \ z5 E& |
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
- N- n3 x, f+ W7 ]9 o - [使用迅雷下载]8 ?. e- J8 L# F" J* G
- <, N/A> d3 m' }( @: N3 k
- [使用迅雷下载全部链接]7 E$ A' @0 a, g! L! }6 c, L
- <, N/A>
5 G5 F' _- ~0 J2 g0 i* V, K& |; K - [导出到 Microsoft Office Excel(&X)]4 ~1 h6 b9 C. V* S7 q- V
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>- n# E: ^' l$ V/ F; n6 t& \( }
- [添加到QQ表情]
! j- `+ d( X3 x# j- e4 P! |* w9 G - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>' ^! y; n$ W( Q
- ==================================
. `: [8 G! F9 u - 正在运行的进程
# |8 t" C1 O+ S9 ~7 i3 E - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& M Q9 w# T" S; Y
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: b! I, d' K# m
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- h( F' H$ B9 L$ A4 H5 @) Z$ H
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
5 i6 g4 @( y9 @6 A) w, @4 u- g4 X - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 Y5 D3 `8 T) q1 \; L - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. C; h6 V0 Q! m5 m1 }* j - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 P0 v- p% F3 P q% N4 M
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 L0 d+ g @4 u H6 Y) s C
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# X- `4 y! y4 U; ]- x! v7 i
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% ^ B B, A: O
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! g. N6 Q$ E+ P% w0 u
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
9 F% _% w) V0 Y% n9 C$ i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 D9 z0 R# \0 P! X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
7 {" z8 {" a9 ]8 t2 y' C2 i - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
@* _- I+ d. x: I - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! y; r6 g" o2 J: N. V' o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
+ j- F' Y# i0 G2 H- C - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
& N4 t3 M( r( p8 u6 D* l' Q2 \ - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0] ^+ t9 d/ A4 D3 d
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
0 `! [5 t# G4 g5 V7 | - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
; V2 G7 |8 X# j4 T! N - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 d( m9 L2 l. S7 B/ l. P
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]. J. z9 g3 `; q
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
@( J6 c0 v4 h" s - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]/ m6 @( A: n0 b# D" s8 p( i8 u
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
7 w9 [+ l$ s, N* D! D( {6 Z - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]5 K' c4 S) K3 `- J3 m2 }
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]& m5 q+ ^( }/ i$ ~5 k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ {" z: Z- @3 E* }/ V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% M) J- N3 T4 \3 J+ W8 ]0 { - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 h) Q5 b4 B" h6 X/ P0 U8 L - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], y! {! t* c% ^" {* X# m$ R- B) F9 U C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
3 ], K3 l3 n4 v8 a P* S5 X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 T b- u" A) N+ z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
7 W- ^5 w& p; G6 k% P, m& D - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654], \. }. {& c/ Q0 P# g* v$ g9 Y
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]8 z- V" D4 @& r- b1 g; c& x$ X: `: H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. j+ ^% j# y" W9 t+ g# n, X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
& K: ^3 h4 R5 M" o$ x. h - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
, P8 } K T* K - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
, I; Q$ ^! w; R, F - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 H5 ~- Y$ _$ P+ C
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]" X& a# Y2 S8 I, p
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 {( P" w" @/ q. S% i4 {% ` - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
" W" [9 @7 H7 ^( O) N - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) L3 w e. }& _5 X$ ^
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 R; f$ m. b0 q& [+ s* W0 ?# |
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]- _1 `5 ~: e. Y
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
o' d- M4 F3 G8 S4 a7 u* {0 O! h - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 I T% k( p. c: Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: s; g( Q5 q3 r. L _, ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, b6 A5 k: Q- i8 F+ W - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]9 {- @7 h$ s! \7 y+ d
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]7 T, R4 o" o% o2 l6 g( [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
# X5 _# v, y( { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2] V1 G; x1 m1 d ?+ Y/ F4 O( o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
" n0 f+ m2 A) N* u) r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
; Y: |( _; U z- I: ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
" J. G! F' G% i3 L% T- D, i: d - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]( e- `7 A9 }& z4 _% x
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
$ V" j: _3 _0 C6 p4 z - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]: `: i+ ^3 [% h0 Z7 M* r) |
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1] Q# Q0 ]2 D* u/ c2 s' K+ h0 ?5 @
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]* P* s4 M! g+ I
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]% u2 X5 M, ~6 C8 ?& I* i" T1 {
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]! ?) ], k; {3 E. @/ n
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
3 _" Y) X0 ~% v9 e D6 a/ d - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
! r5 D9 U1 ?! S9 b$ z1 Z - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
3 ^* T+ q% P6 a) `6 G - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
# Y. h" b$ U: M& a - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
: [ I/ {# f& D( q6 T2 d - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; ?2 o/ G. |# a) L/ V4 E# I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) Y; Y' T2 |) e1 d. q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" Z: }# X. l9 j; e! w, m
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0], _8 p' C$ G" @( |& Q4 {
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
' P' j+ M7 }1 F+ I8 [9 P# M - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) I8 ?- q$ O% E M: i; G
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
' a7 s% v. z2 U3 A/ o* u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ y; i) s8 e+ z( s) h
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( R v+ t- r6 K- s4 a) p
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
! M1 L6 p. J# p0 _6 \ - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]) { N% y. H8 L U: `$ D
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) T" r7 r! {7 k/ f; n# M, G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ q1 ?8 t9 |7 c2 l% t: R$ [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
g' O) s( {4 Z9 [, S4 [ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 u% @3 e0 f" s: N3 t0 {+ h* z
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]4 D7 g. j& P t% w
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* f" t# B% ^ G2 @) M) W) ]' r
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
* L( E! ]/ E! L% w# n- k/ n2 s! d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]' m( v% \. M* B
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
; h) E8 u5 Y- i - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]" j4 _4 ?2 j# T4 D( _
- ==================================8 W; S, C# r5 d: u% u8 p& M1 v
- 文件关联1 T3 q/ E& Y6 }- T+ e! R" b) m8 g
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
2 ^8 `' z# o) } Y0 ? - .EXE OK. ["%1" %*]
) U, V5 E1 \6 v, d: P - .COM OK. ["%1" %*]
1 y4 H; L7 n6 j* n1 N - .PIF OK. ["%1" %*]
: @0 u- c2 `% M - .REG OK. [regedit.exe "%1"]
Z- v, \! m: k( R8 j- p - .BAT OK. ["%1" %*]* U1 g( N9 H: B1 s# s! A
- .SCR OK. ["%1" /S]* Q+ E7 G a/ F+ G! |
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
3 X% _% v) \% F - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]. |2 t! G' @+ r9 d
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]! s; u: I" T$ r5 T1 E
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]: ^* w/ C3 f3 \+ Z, m5 |3 T
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]7 b* k+ G" `* b H( q8 \
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
]. n6 E) q5 u: q( \0 J K% G - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
; u6 @& W- s9 Q - ==================================7 x# C; d' _. c, D& a: Y7 h0 ^
- Winsock 提供者
. {6 f/ c) Y# u' ? - N/A* q! v+ M( G X1 y; g
- ==================================( K/ s& J# U& U9 v
- Autorun.inf, g* V/ ]! V0 Z/ B
- N/A( g% |' ~+ U9 M$ @0 y$ J6 p
- ==================================, b' Z. a/ g- c$ ~
- HOSTS 文件/ c2 s- l( r# e) \/ Z6 u' b
- N/A$ u, n0 n p% Y$ C. y# X6 Y
- ==================================: ?% g- y; H( @$ g q3 z- j
- 进程特权扫描
5 Z' ~+ ~5 D2 \7 C) e! D5 f - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
3 j; M- n% _* ] - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
6 e0 W9 X7 g1 m$ l* G6 l6 K - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
`/ c: ?& D4 [& r4 b - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]1 V8 \- D9 K; x' B
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]5 Y, H5 M" F$ k; e8 c1 b. g* R- v8 h( {4 K
- ==================================
% W6 ^* s0 x1 c8 P - API HOOK
* @* G4 Q6 g4 g5 [3 J$ B1 o3 I - N/A& v$ z% U- [( W+ P
- ==================================) N) A' E/ N l# |( v- c3 p
- 隐藏进程! ?8 @/ {' ]0 n! H
- N/A
7 w! X& [. e' }0 V% Z/ z5 P - ==================================2 U7 B; |( U2 j' c" I
! ?$ y5 L* ~+ ~# i8 Q0 g8 p9 q
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
