|
|
- : J O. _- f) z8 S& ]+ L
- 2008-05-22,20:37:43
: J* @- ]* S: s" \ - System Repair Engineer 2.5.16.900
1 E3 i: o; ~: m - Smallfrogs (http://www.KZTechs.com)2 ~1 h2 _( S' q- f
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
# R! v4 u8 [3 ]. T6 p) {+ f; y$ k - 以下内容被选中:
! d; L" q9 i6 d! B$ G - 所有的启动项目(包括注册表、启动文件夹、服务等)
0 T& ?. T+ o5 \# k. l! a- U: |( ~ - 浏览器加载项5 m7 s u( v3 @! G* Z G
- 正在运行的进程(包括进程模块信息)' E9 T3 Y3 P' }/ n
- 文件关联
V; i( E5 [9 h) I/ d - Winsock 提供者
( q# w p, Q! f6 p - Autorun.inf
( M6 @, z( y0 P3 a2 K, N$ B - HOSTS 文件
" B9 l1 ]& k; @2 t( `" d% s! A - 进程特权扫描& v1 A9 c$ w$ T+ g$ Q0 o/ t# Z
& M; O' t0 S4 f) ?$ r- 启动项目) |9 y4 @# Y4 ], \! q" l
- 注册表
. T/ Q4 g+ p0 i - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]7 |% w& Z6 T; c% y0 J3 m2 |. {" E4 [9 c5 y
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]& E: c- j S# W: H4 h3 h8 k' [
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
2 \- g$ J4 t1 j) j4 s! ? - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]* D* S0 o3 t4 ]' L/ S
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]! }. v; Z2 Q0 Q% ^, B
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]2 |) ]) h2 u" Q
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]2 Y1 @% [* m" A( S
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
" x9 y; {. L' P- ~, b - <PHIME2002A><; > [N/A]
5 @9 M9 _! ^3 T - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]/ L/ L) c) H1 c
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon], j3 c8 }8 T+ M% S) g
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
( ~2 M/ l/ P5 w - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]% ^5 |# X4 M, ]& ?
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
) i6 u. ~5 p2 O {& u - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
" g7 M! z5 y+ W/ L4 m, B0 B) W" f - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]' R* d% H* I2 T+ W
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]7 f2 V) Q1 r F2 L! l9 K- t
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
0 l, U$ j) x. m0 x s S( T - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]/ z/ W1 q7 K3 f# h' A5 X9 ?
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
$ n2 ^5 P1 Y0 [. a - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
* W# \ A- O$ w8 _5 {4 @7 K - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]+ G7 O4 _, ^# C1 ]! }
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]; r0 I$ H) H3 |: M
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] o& Z1 S. `2 g4 w# ?' K7 w% H; @* j
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]4 ]5 J; _$ z1 p
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]3 Z! t* {* h: y1 c
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
& k4 U4 |3 P# T, U# ^% J - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]6 q1 M) g/ }7 t q8 k
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]4 F' W% F! q$ A, a2 S: [% f2 i/ w
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
3 p/ L9 H$ y" ~( J - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]0 k! R) b/ D% ~9 I r
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
! i, D5 F& v8 l - ==================================, O* Z. n% _. x0 @+ F
- 启动文件夹
. ^9 d; O; t% |7 J- P3 S - N/A# v7 i+ L+ Q* R/ d* r: O
- ==================================
- p2 B/ Z" y$ I+ s - 服务
9 z6 n" A. n7 I0 E2 s - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
( h9 S3 P3 B+ R9 p+ K: K/ n+ D - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
1 f. g; U$ o4 r: d& w/ Z - [Google Updater Service / gusvc][Stopped/Manual Start]
" L" Z! h9 W% I7 g) Z% ~$ P" S - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>2 G4 B" X) W. \ m
- [Help and Support / helpsvc][Stopped/Disabled]
4 q6 v5 l) p6 b, h4 p - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>8 [! W7 X. f8 d3 I. h1 Q' x' `
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
& V3 x5 ]4 H6 P2 n+ H - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
% |0 |' ~ V4 v& J - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]2 _ W9 R; O9 X* r. U+ D
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>0 Z# F6 J& o' \2 O: a; t9 l: d
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
7 B8 D+ D' c2 m& Y - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
: \8 D$ w) n- s& s. v7 P# |9 X - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
2 O* j; ^3 ^8 ^/ Y) Z1 K* M. w - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
0 g3 v6 C- O, ~: h% D - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
+ i( @2 P. J* S - <><N/A>9 T8 Q) p& L1 W
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
0 X* H+ T4 c( B9 u) x* [1 g - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>8 D6 z) ?. j% z$ v4 _/ _
- ==================================
; u( R6 B! H& W, H+ h4 e - 驱动程序5 z$ l4 E, M' [+ P' o( O0 o6 f! o
- [22j / 22jn][Stopped/Boot Start], G. y( X) ]" X& \+ v
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>2 B4 I' k V: `0 d6 {
- [360AntiArp / 360AntiArp][Running/System Start]4 w' X6 @: D, g; i& E
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>9 _6 U" d) D5 U7 k) O+ ]
- [43ec / 43ecu][Stopped/Boot Start]
* i$ r! R, h! S. ~" | - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
4 D! ^ R- t/ R" j( ^4 z" ]# L: } - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start] P6 C) F$ Y G1 n9 }
- <system32\drivers\ac97intc.sys><Intel Corporation>
7 C! J0 ~3 }: X) E7 p - [Promise driver accelerator / bb-run][Running/Boot Start]
7 Z8 y' a0 H8 h! S - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
, ~4 p8 x B# K1 {, p - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]+ j% z9 J1 m4 G' L
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>/ ?# c/ n8 y! }. o/ X5 b% _* R
- [KAVBase / KAVBase][Running/Auto Start]
2 Q3 E |( f$ h+ ?2 A2 B/ l - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>/ Y5 l0 {9 _/ k* |2 e( N
- [KAVBootC / KAVBootC][Running/Boot Start]
1 i7 ~) {) Z) T; q( p+ z; r6 s; Y - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>! S, v# L- b0 `( D# M
- [KAVSafe / KAVSafe][Running/Auto Start]
4 d) x' p. h$ j: `. H1 O: e) q - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>5 a& |8 k. J0 G* H: G/ V1 R6 ~
- [KNetWch / KNetWch][Running/System Start]
2 e7 L3 V, D5 i - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>3 q9 q7 X! k' g
- [KWatch3 / KWatch3][Running/Auto Start]0 Z3 C0 `3 L1 ?3 V
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>0 m' }' m# f; O, p$ C& N( \
- [ntptdb / ntptdb][Stopped/Auto Start]
! ~, w6 x# x Q) V - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>3 V0 i9 R7 n3 Y6 k5 e4 J+ l3 t
- [nv / nv][Running/Manual Start]; H8 C) T" w* O/ ^
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation># }- O* u$ P" ]+ a
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
7 P3 F' Y3 W9 c# } - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>$ _$ F$ u5 W* y; M9 o( g
- [DDK PACKET Protocol / Packet][Running/Manual Start]
' s/ P6 |7 ~$ s7 K+ Z - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
4 w9 Y7 V9 A3 z- E - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start], r; @1 \& j9 A3 J! D; `/ X0 q
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>9 e$ i6 ^4 z- e) M8 H# z$ d! ]
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
' p- y8 M) w. T& C - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>. m& j7 P" R0 X9 F1 E L: {
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
, M9 F7 b" i! S+ c - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>+ O* G8 `) W& z0 Z p0 \
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]' M! Z8 r" I' D; ^4 K
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
4 N3 Q) b* |0 Q: Y5 @6 ^ - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
0 s, y8 q! F7 r% e5 ? - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>; T+ a) s# p1 ?7 h
- [Secdrv / Secdrv][Stopped/Manual Start]
" W6 q9 t$ W+ [9 O+ V3 z - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
* f; ]0 f) p* {: ^, L' o% \ - [SATALink External Device Filter / SiRemFil][Running/Boot Start]. t+ K: E) O0 s! W& ^% L
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
) {" C4 p7 C+ Y) A+ K - [System Restore Filter Driver / sr][Stopped/Disabled]# g. ^# W/ {% @) O" Y3 l8 c
- <system32\DRIVERS\sr.sys><N/A>. c8 [4 e, @' e5 }# y. ^, e
- [TesSafe / TesSafe][Stopped/Manual Start]7 b" Q" L: i3 |) f! W
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
# n t/ J" W. `, Y- }* c - [System Services / unzxzsrs][Stopped/Boot Start]5 S+ A( T' O, k' k6 G
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
# y+ O. a- @7 | - [ViBus / ViBus][Stopped/Boot Start]+ x2 A% @. _7 y
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
- T3 r- w: j: c5 z0 i* E - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]* ^5 R0 `' m: e4 j& c, l
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
0 U1 J! I: l: P - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
4 H* R- z t7 f. B# R; x' @ - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
# C) d; U" m8 Z; p5 _ - [ATI Extend / zhibmaso][Stopped/Boot Start]
2 G# j* K( h: s4 \; K8 k( V' q - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
1 Y& U/ G0 `% A ?5 A - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
% H( n L' s5 h' w - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
$ X, s3 Q* O6 F% |9 w - ==================================
3 b" a0 N1 o, k s+ g. f - 浏览器加载项
2 C' u- y* J; m8 { - [Google Toolbar Helper]' g) z! k3 `8 A+ U$ a. e# `
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
, P( t8 V+ ^( F, v - [Google Toolbar Notifier BHO]& ]* L& ], `7 W; P9 Y
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>1 i$ v7 q) g D% ?1 J& h
- [SafeMon Class] Z4 U8 V4 k; V# @
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
9 W0 O3 s; }. v5 w: Y' u - [kingsoft browser shield]" z2 D+ H' P( E: L; I" j% Q
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>. k- @' g* f$ w! p
- [IEBuddyExtControl Class]! d$ }& \% T0 b/ n& L; K h+ x% E6 w
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
8 C i0 U* o; N5 S M+ M - [Zcom 杂志]
/ a1 I* B) z5 P8 A9 D( X. F# B - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
7 @, {) Z9 B$ a/ K' X5 H! [" @6 ] - [&Google]/ p/ Z, o$ |# q; W5 p
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
1 L. W) O# N9 G3 [" |) _ - [KooPlayer Control]
8 h* r$ f! U; L9 X8 x' A3 S& t# c, }* K - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
% x+ d+ @+ ` K* G - [Shockwave Flash Object]+ i4 K; x0 x* U8 _9 {
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>3 p# A% N- x2 }. J/ P! O
- [KUpdateObj2 Class]
' n4 W/ X/ d1 P* m4 v W1 T - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>8 Q9 m1 v) j4 u6 }6 X
- [Google Script Object]
. E; c, `0 w& S# m* G$ A - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
8 `. t5 N5 ?: Q' f% x1 E, j/ X - [EWA Control]
1 A% _! ?9 _0 Z8 ?) f1 ]/ C - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
9 j3 n( E$ v- T - [Windows Media Player]/ I$ p" t* v t* ~3 ^
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>) k5 Y/ K6 M5 G* w% t) z
- [&Google]. S1 t$ k+ I, M! w U( U
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
8 X* W+ T; @! e. g! F - [HTML Document]
{7 s* j+ h1 o3 d1 w! z - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>" Y% ^7 X) y2 j" R
- [DHTML Edit Control Safe for Scripting for IE5]& e' y* V& ^5 b" Y$ w1 W
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>! J$ Q/ |6 {, k" U. B" f4 J
- [RealPlayer RAM Download Handler]
" T$ L# j/ y1 V ^) t. m4 f3 R - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>+ h5 ~& H! |1 M: X% K( O7 D8 N# I5 ?
- [IEBuddyExtControl Class]
) _* X! h$ p8 p - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
0 Y$ r) \8 u& P0 S. p/ ? - [XML Document]8 S4 f0 C. o- W- p+ w0 B2 x3 S
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
* T/ \/ J( M, ~! w } - [HHCtrl Object]
( e5 U( v' q- ^. p k) k6 ? - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
" p3 i3 K- ^# x; {; h - [Windows Media Player]0 v8 j2 l% }8 A. M0 L; m
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
0 t1 Y) K% ~6 S7 G - [Active Desktop Mover]" }+ u- t8 \* ~- B- I5 ?8 C
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
% r8 }# a. r0 |5 ] - [360SafeLive]) X/ r0 |8 p: a8 X' F2 z
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>) R/ M# b0 S. F) ?" d; D
- [Microsoft Web 浏览器]
8 u& t. K4 |% C4 i. X7 S: W% z - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>5 d. \- t. O% {
- [Browser Enhanced Objects]
; p+ j# u! R0 M9 _9 Z - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>; ^4 r3 z4 t; g+ j( M
- [Google Toolbar Helper]
/ Z! I$ C9 J" i4 c" | - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
+ L( n% m+ O1 U4 m) t( h% m - [Microsoft Scriptlet Component]5 v2 V& o. P8 X3 |% z% X+ `
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
5 v g" `) p2 u5 k/ U - [Google Toolbar Notifier BHO]7 |) v* Y& @* l% n& k! p# S- q/ U. A
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>$ t; P1 u5 |/ H: Y F
- [SearchAssistantOC]
# G: _4 q" i( C8 {9 x. t# H - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>6 j; V, P0 c+ a6 ]" W! E
- [SafeMon Class]" O* e( h$ o2 W8 q7 [ w \ m
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
% |+ e1 l$ g6 W, Y; Z5 J1 r - [RDS.DataSpace]
4 \/ b+ U. i. D - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>% V4 `' g- f2 f- W# F2 [( V
- [KooPlayer Control]
' |, |# y4 o" r- e$ r8 _ - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>$ p, J* b6 y$ O; ^3 y8 T& n. P
- [AUDIO__MID Moniker Class]; W, E' M0 v5 S1 s+ u- w. ~
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
7 R+ [! `9 O% A - [AUDIO__MP3 Moniker Class]
% X& C' F O- k7 a- g# S) O - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>* Y" n8 G8 @7 T4 }+ X/ r
- [AUDIO__X_MS_WMA Moniker Class]
1 [! P' b9 G9 E6 d- n - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>1 r2 P. U) r: b/ k4 W5 n+ V4 H
- [VIDEO__X_MS_WMV Moniker Class]
* I1 ]& H+ m% B2 v! h* S$ ^) e - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>4 u7 \& t4 N# c, n* Q3 l$ r
- [RealPlayer G2 Control]" \4 X( N. a Y0 K. u. a8 R
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
6 k; X" S4 M: j! Q N - [Shockwave Flash Object]
: C! o5 b* y( \2 g0 I' [ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>% x: M( Y; }- I, x& \ \) y
- [KUpdateObj2 Class]( ]) o; n& R1 u7 ^' W( A7 H5 }
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
) m. N4 Z4 q; z& p% B - [kingsoft browser shield] n5 u6 r7 j* l% ]% G4 S" s% C" I
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>7 H. G9 O! Z! a) B
- [PasswordEditCtrl Class]
2 P% Z) ?+ j: r6 u, y7 u6 r - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>' I( g0 J0 t7 B' K4 S8 h
- [QvodCtrl Class]
' @$ z1 V" d' O# u - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>8 w5 Q% w# ?4 W7 [3 P4 [
- [&使用超级旋风下载]3 V/ u. ^7 O3 p
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A> k7 F# Q: K1 M y6 E
- [&使用超级旋风下载全部链接]- b7 W4 Q4 X- s: }! M5 {8 M
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
5 f: C% \" Y6 v8 i$ } - [使用迅雷下载]1 t2 J1 P. p8 h4 d
- <, N/A>2 @6 N# Y) k: M2 M' {
- [使用迅雷下载全部链接]
9 }% a J2 d! a# q" i% v; {% b - <, N/A>
; w, H \& Q/ S9 x9 [( u: o - [导出到 Microsoft Office Excel(&X)]
% G; k) Y9 S0 i - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>' a2 z ^6 {5 r6 _
- [添加到QQ表情]
T x7 V; q, ~" W; a& \0 \4 g - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>3 o& F, F. ^2 R5 V2 K( b
- ==================================
- F# ~9 V! D7 B - 正在运行的进程
d& g1 A5 [" e8 s# c: G% \3 h8 o - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% {& e' y" c5 l* m1 h8 U
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 j" q+ ]; a. E* F0 d
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ [. m9 Z3 } e, O/ W - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]! H( j4 }& m7 a& S
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 ?1 x3 x( Z% h! f8 Z! M
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: x6 c0 _" ] P1 S- J* P - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 ~9 p2 h1 d- M) _4 {5 P - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' I* B8 \# w3 K5 G5 j' g - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! `& O0 k7 G Z+ b: z0 \ n" S/ y1 ?3 y0 t - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" D0 m. W W$ i- a - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# T) g; \! x/ u: R3 c) ^ q" y - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]! B$ {8 X0 ~! ~4 D* M+ Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]9 c9 u+ F6 z% u5 q" I t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]( g# M+ ^# D% w! ?
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
0 R) g! \& g( j* ~ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 I+ r- _3 Y8 X: x7 W, s8 v7 e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
: M" q* R$ v- ~7 r. n - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]* W. W+ h" o+ x* d7 E U
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0], Z% Z1 W0 t3 v
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
6 l' n% m% n( _/ P/ u& c - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]) ?, u" L4 z: q9 i
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
! r+ U( r- \* N; N5 v9 }: s2 H/ f - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
, h" ?& Y9 H$ o6 {) P; K' B4 I) E - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]5 U* K; C0 n) ]- h/ ~
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
. E$ w# M; z0 h - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
" J1 I: R3 \: p, B5 v0 [ - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]' M' S& [) U6 t5 d' z
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
# n% s* V7 t; W6 P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], d/ r" K9 i3 h9 p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ I: j! ]; y; W! D4 ]! t# x* F
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ h/ ]- J4 @8 y4 m( H( W K
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" M' Q4 y' p3 Z% o) v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
7 Y7 e& F2 K, |; s1 b { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; |( J, I9 M0 G; I
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
& X1 J. ^3 `2 h: L - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
& y* R3 o4 {3 Q- W - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
2 t; o, R3 q6 e. T4 ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 z' l, U0 \# o+ a6 V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; ^$ A9 ? N+ t5 N# o
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]/ u; b9 d$ s: e( h6 W
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]- x1 m0 J: ]; v! W: f" H
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]# q( F% W: \9 y; m, _* {
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
, I" {* Q0 K; _- t4 t% ~% l( j4 _ - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& t$ S6 D+ E6 x0 V- h( ~
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
/ U; ~& t* Z! z9 X$ U - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- T9 X; p+ b7 g5 j* c0 X& H - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 |( }" I H" X" K, g- R& E - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]' l9 N4 D. [8 W
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
2 N8 X/ v- I1 R4 ^; P5 ? - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 R" P* l8 f, }) M8 c, `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ Q$ i @' D, X0 b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 q* L4 |: f" }7 o' f0 e2 ^
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
* L L# ?' ~# ]* |2 f - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]; t9 A# z2 i7 M! r1 @ [/ H7 \( t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]2 h# o' Z# x- h, K" n& |, Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]( l$ ~# j/ Q- f6 ~+ W) p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]0 _" @" I$ ^; s7 U2 H/ |4 D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
& P# S t* W f$ V8 ], A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
( _" @8 d3 v, }& G: a$ { - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]8 m8 e2 p- B l4 s: d
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
' h3 }' F& Y; f% V - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
1 a2 U' T0 u9 N3 M - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
! w3 e: d% f. e0 x: D' k: l - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]4 [4 L+ c: \. P' V* w; b& L
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
9 s& b' F. Z: [ o6 Z- G - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]0 S) B3 m# r. }1 D# X2 g& B* p
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]% f* C* g6 [) m; s+ }3 x
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]( |! ?3 ~9 ^# @1 `* ~- h
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
2 K% a) h( l Y# [7 F - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
; O8 f" b" N5 l. U - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]& i) P* }% B+ d8 ]: x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]1 G0 S* ^9 O* l0 o9 m) r
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) W# i/ V! ?) n6 X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ y* G; S4 j8 @# T2 M
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 ^0 }' h- y& p! q8 Z6 T0 c3 r( p
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
, j$ }" i6 a' B" i7 Z - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
9 g4 W4 i7 Q; ]5 [' h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ q5 \, f' ]: e# H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
T+ P+ Z8 C9 K$ U. F* J% ?" c% u" B - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' _9 y! A* U: D" { - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]' B$ L% v+ y3 p6 o2 b, m" f) Q4 x
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
9 f O% I7 u0 d$ p3 ^7 w( s, u - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 D9 O( W; ?+ g8 j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
1 i& P9 v/ B( J# T( ^& @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 D5 W# |9 S" @( `. b
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]! P1 M0 c `3 W, c2 M
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]& m6 @ F) m% H- D
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
g; u) }: M; H4 K$ ]* C' ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
# v. O: a4 X0 f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
3 }: ]5 P) B6 G! r& p - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; f# E8 H. L2 v2 b- }4 D& z) X$ R0 n
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
3 f W0 E2 T, ~ - ==================================
9 t6 O% J( Z) Z3 A - 文件关联
4 @* G1 d! _9 P6 z# V' [ - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] q# o9 L. G e+ p& H0 D2 O' _
- .EXE OK. ["%1" %*]: P6 S8 W4 N$ W% c/ T
- .COM OK. ["%1" %*]. p% w& O+ K e3 `3 y
- .PIF OK. ["%1" %*]
5 M3 U# z8 d+ Y/ ?+ S: p0 A% V - .REG OK. [regedit.exe "%1"]
; }, g& o2 F& p* l4 A$ `/ D; Q - .BAT OK. ["%1" %*]
: k* Z9 X+ J* z9 f4 K, i6 o( K - .SCR OK. ["%1" /S]
: u) e; |: G+ Z7 `/ h! T. V# n6 k - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
( o3 k7 a3 W+ B1 H- j - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
8 |5 I3 b U+ C% N' V* N - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
: }; D* P/ I3 c) E9 ` - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
+ C! D- r( |8 K2 H5 d2 v - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
2 O# j- S! H8 y% u2 Y - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
2 m: g" Y0 d# v! ~9 }7 g - .LNK OK. [{00021401-0000-0000-C000-000000000046}]/ y) @" V4 J) d8 r( Q
- ==================================
4 \9 i0 D1 @- C6 f, P; S5 e0 f - Winsock 提供者' C8 V$ X7 h0 O& o7 c( [3 {
- N/A
; a: h+ P& U; Y3 b - ==================================: W% ?5 e. r- T+ H! O" G) N4 V
- Autorun.inf
* C/ u4 _- f- E+ c+ W( {2 m - N/A
% Z5 i7 h( e! y& _; ~- m! j - ==================================, K2 j' c |7 T) R+ Z. Z8 Y8 H/ J
- HOSTS 文件
& v5 y. d R i3 M, Z - N/A
; @( E6 S! i8 f& `9 [; S - ==================================
+ l8 c$ e6 d1 E$ }( E+ ? - 进程特权扫描+ `( E4 S% ^" P4 q
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]' n' z) P3 G( ~# }! u
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]1 K$ w. A1 D- a3 b% v& r7 S* Q
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE], f m) Z3 p/ I3 J. J# N
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]/ D# E- s! u% j! e7 k
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]. Z0 E2 d9 i, D
- ==================================" D1 u6 @ U8 p' V! o: e+ _" _% T
- API HOOK4 ^; ^7 v% w" e: B7 c
- N/A3 a' z$ g) v) |
- ==================================. P6 k; g5 r1 y% a/ r# z2 y
- 隐藏进程
; _6 R: u$ L; k6 j7 @6 u& D - N/A; m5 H2 j5 n$ [- ~
- ==================================" [# C" ~( m- M
7 B6 _! b. P- _2 n+ Y9 }
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
