|
|
% ]( {$ n$ J/ h3 X0 q: m- 2008-05-22,20:37:43" P$ n" @ w9 y+ s, E T1 |) Z
- System Repair Engineer 2.5.16.900
, z, T! T/ j: P - Smallfrogs (http://www.KZTechs.com)
u+ b. d) E: v7 I- i - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能) V* i4 v% T4 U4 p
- 以下内容被选中:) g6 T( N- X1 b5 S. a* V/ z5 }
- 所有的启动项目(包括注册表、启动文件夹、服务等)
7 f- B7 B+ h4 l% k - 浏览器加载项
* y# y- Q% X, v% c - 正在运行的进程(包括进程模块信息)
. S; f5 ^/ G' m, K - 文件关联2 G7 M+ U c7 _ E$ [" f) O3 H
- Winsock 提供者& s7 p& R2 a0 T9 r, Y& Z
- Autorun.inf5 f) [$ y+ S0 V5 u% Z
- HOSTS 文件2 X) s1 ?7 ~5 h! |$ R9 o/ G8 w2 x
- 进程特权扫描) x6 x/ N6 N$ a" H* F; c# [
- : x# R4 e; C( j2 y v. j7 d
- 启动项目
/ a% F+ [ B7 H; M( z4 ] - 注册表
. Q# A2 U5 L8 w - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
& R7 \* g8 I( _3 m* s) h# J - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
6 E9 p- _1 O5 z/ v! O& O - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]6 s- k: _1 ~) ^0 X( Z# l' u2 g
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]* n6 q0 V' W! s2 X7 O; ^8 o
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]+ L( _8 u% Y3 r9 S3 j7 }% ^& G
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]6 C2 V1 G8 C6 D( i- {$ |# R0 e2 [
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]) O8 d6 n) p; n, [
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
2 v' E$ C, \3 \7 z# B) Y% h4 H0 D - <PHIME2002A><; > [N/A]
( v, W: i* s0 T* l# E - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]1 y7 K0 ^9 l; a9 p1 ?
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
# d9 W1 P9 n/ w; u2 e4 N& J - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
# m5 M4 x) I5 {0 W+ D* Q - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]/ @+ @1 d9 A; K$ a# m+ _. `5 q
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
1 H$ \3 D! l5 @2 ]) t - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
9 s5 y& j9 y6 V" I - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.] Z# t0 z! o" y0 Y5 a z: E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
8 t, f1 Q8 l: _+ P% E - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
+ ^7 d( t y/ O% w& C0 C* A2 a, Z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]# }, Y3 h9 X+ m. w6 ^
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]6 q$ N$ n8 z) g5 @& i6 G- M, w
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
: \' [+ [$ P7 C* B6 N4 [6 ] - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]5 Z2 K* F0 w( X8 k, y! P
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]; Y) V0 o$ M, t, r4 h: J
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
3 k5 A6 j7 C7 T2 p1 D - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
- W( O1 D& A5 D4 ]4 L* Z - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
0 \8 z: y* g, I4 V- p - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]3 _& K9 ^3 K. W0 T2 c) ^* H. u
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]% e. S+ ?2 k0 t& }7 V
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]& K3 C9 m c1 M* |5 p) u
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]' j$ `' Y5 f/ ~& \7 O3 E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]6 |- l) j9 n. M
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
( s: H6 M+ C. x, z - ==================================1 u3 w3 j. @% R1 |5 |. {3 x
- 启动文件夹" G6 a; r: }. D# \; w
- N/A
) W1 O& E7 g+ v* k8 ^" Q$ O; Q8 F - ==================================
8 n# F+ e! m- _- C$ m& l - 服务' ]$ P& j% P; n2 J& o8 P
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
- ]1 p C/ } Y - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
! s( |; M# l3 {8 Y3 L. A/ k& Y - [Google Updater Service / gusvc][Stopped/Manual Start]1 @7 X: v; V6 F; i! R
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>3 p' P1 Y; Q* W3 o
- [Help and Support / helpsvc][Stopped/Disabled]. D( F q- z0 o# Z. V) @0 p/ n
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
! q# l# t$ V$ T1 e& }; z - [Human Interface Device Access / HidServ][Stopped/Boot Start]
/ ]9 E: A& V7 N9 M# Q - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
G0 o5 |: _4 l' e- b9 G* h - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]2 e! m* G& J3 Z7 A: i5 a
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>) i! Q7 h6 k# t3 X
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]' R* b1 O7 `; m( @
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
* J v% ]7 f4 G. } - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]. G: V3 p* z: l$ U9 O4 x% o( i
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>, I8 _# u) }: X7 v4 _
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
; D" c( r9 C3 r9 a9 `: B0 |- ~ - <><N/A>
\( {+ d" ^; t' ~: u - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
% n: j- i, N) P1 c$ l6 I - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
$ K1 c" ?; _$ I$ e - ==================================
: r! o* p) Z; t( l - 驱动程序
; Q+ X; Q% k6 i9 c: r- u) P - [22j / 22jn][Stopped/Boot Start]
- c+ M- N, l; R" M% m4 [ - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>1 H0 p9 b% u' C, B
- [360AntiArp / 360AntiArp][Running/System Start]4 b' |. _" N& f# d! U! j+ V) O/ D
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>- X2 M& L% g. ]5 g p' ?; s
- [43ec / 43ecu][Stopped/Boot Start]8 F8 ?" ?7 R* D1 h- k1 c
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>' }% N( H) W, E. {- Q! ~1 q7 L" X
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]& s) V* B& r- j2 y9 l" |
- <system32\drivers\ac97intc.sys><Intel Corporation>
1 [7 H- a8 y" Z4 S - [Promise driver accelerator / bb-run][Running/Boot Start]5 p; Z# y/ I( z2 I1 g
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>; p3 T; Q( l( d$ a) w* q$ q0 B
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
; A5 s- f) q+ f! {, Y - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
0 V7 y2 t- E/ A/ A2 D% P2 Q - [KAVBase / KAVBase][Running/Auto Start]
1 d+ g" K* I/ }9 U9 S4 z5 [ - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>5 _$ r( r2 W0 S$ C9 Z
- [KAVBootC / KAVBootC][Running/Boot Start]) b8 \# r: H F) N; O
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
/ A7 _1 T, j7 y$ F9 N8 _6 s; n, a - [KAVSafe / KAVSafe][Running/Auto Start]( A" r0 Z' T, W6 | P8 }1 U- r
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
% e0 Z& N0 B, D0 }5 |' l - [KNetWch / KNetWch][Running/System Start]. X1 j1 u8 M$ O# r
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>& V! `- s) V1 n' n$ m8 J( O
- [KWatch3 / KWatch3][Running/Auto Start]1 M. F0 G2 O. k' r$ {* l; y
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
3 W5 n0 Y& ]2 B* @! z - [ntptdb / ntptdb][Stopped/Auto Start]
5 w5 E1 n5 g$ d8 g; }( t/ s - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
3 j) K ?$ |1 A. i - [nv / nv][Running/Manual Start]
+ R0 T. x) b, N, t. _# G" U - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>3 @4 z. ~; W' J8 r: t2 X: K" p
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]1 U1 W9 D/ l9 T( y' P) T
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
: r% |4 D( x% o1 p9 D( S7 B, p - [DDK PACKET Protocol / Packet][Running/Manual Start]( b8 v" g2 X) u' i
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
9 m3 `5 i% b1 o: [3 i$ e5 O - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start], j( l- D( y( Y' l
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
Z1 n; q) @* i$ K% o - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]' S8 C/ ]) K# m, q& q1 H; G w
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
3 q5 ~3 `: o3 a" A, V/ i& _ - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
9 K$ }' @ w T1 h - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
2 ^! V; M i5 C# `; {- ~ - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]4 i% f m( X' D! W' Y( r) X2 C
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
. U2 r- U/ F5 A5 W6 ^7 R - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start], t) O+ B7 f$ g8 {; H
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>, X5 V1 W+ Z1 X8 n+ I7 h( H8 ?3 a
- [Secdrv / Secdrv][Stopped/Manual Start]
+ h3 w' U, k5 c' u - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
* O1 X1 S# S% t6 I: |5 b - [SATALink External Device Filter / SiRemFil][Running/Boot Start]+ d. B8 T7 M9 z# g: \6 A$ p1 F: z
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>3 q& Q/ |2 T( [ i+ O
- [System Restore Filter Driver / sr][Stopped/Disabled]+ p+ e1 x1 ^% c8 C; `
- <system32\DRIVERS\sr.sys><N/A>
8 ]/ P6 R# K U* ~% m) P2 H& N - [TesSafe / TesSafe][Stopped/Manual Start]2 ^7 R& f# V8 @5 s
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
2 Y1 o' |8 e4 \7 A - [System Services / unzxzsrs][Stopped/Boot Start]% j, u! H/ d; `7 c
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
- R( V6 o/ c% N' b0 t4 c1 F - [ViBus / ViBus][Stopped/Boot Start]
3 j0 k& @. ]: E - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>- z! ?6 m/ V$ ?+ q- `. F
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
; @) G+ _& K8 K6 z, J% j \. A - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>/ [$ G% N1 x$ y1 L$ J- t$ w+ [) N
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]: c0 u8 X; u7 l
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>' J3 y2 Y) }/ y7 P0 @& m9 G) o
- [ATI Extend / zhibmaso][Stopped/Boot Start]& A5 z0 d% |2 T* o1 U: N2 e
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>; s* p5 j: U! T5 a. t
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]4 s& z' ^$ ^2 y {
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>- p# g" m* y& F: Q W$ g$ I& g
- ==================================
H& C0 e+ `( V0 h! o' T4 e - 浏览器加载项# i2 n: G& m/ n+ @* C- B C
- [Google Toolbar Helper]) J o$ X' E4 |/ c( C; M5 q6 {
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
4 O* ^2 @* W- ?5 m; I; N - [Google Toolbar Notifier BHO]
' M( c# u F7 s9 ?- o* M0 q, e - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>: P4 i/ d- D( j
- [SafeMon Class]! V1 Y( R) F$ i5 ], r8 T7 L! V/ B
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>; S+ {. N8 G& R, i: }5 u
- [kingsoft browser shield]
E+ ~5 m& s" j5 y( R - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
7 b7 p y# [. L a) P6 y - [IEBuddyExtControl Class]( A) c" [& y! @9 t7 L5 r
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>) R2 x% w" m4 z `- t
- [Zcom 杂志]' R6 n/ `7 ?& `; n( A3 g& V
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>) g3 [, d: w6 u5 D9 ?1 B
- [&Google]
% L# n" B, a1 z - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
* v8 t' I) Q2 p2 r7 h# T' d0 {' R - [KooPlayer Control]
& d: Y% V$ o% B. o - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>' x% U f0 j1 o# K4 R
- [Shockwave Flash Object]/ |5 o% _! x P2 _# b
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
/ i _' U9 M: n1 ]- E# Z. d - [KUpdateObj2 Class]
2 u$ G' r, E2 y, @* o% D- e& T0 X - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>- u- H' ~& |; _+ G% c- n
- [Google Script Object]) U7 u( S4 Z: `! n8 P) A, h
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
# S# W4 L. S Y* O+ v! y6 P - [EWA Control]
, \4 ], }+ J+ F" [ - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>: {; |! R+ c7 w& a! \2 \& H3 y
- [Windows Media Player]
/ N* u# X. {+ p4 ^ - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
# \" S% A) R+ q - [&Google]5 L& T b2 \, M
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.> _$ j* ~; \: W) T6 w, I! x
- [HTML Document]
. n& ] G7 E# I6 z1 J - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
7 Z: e2 Q" {3 Q - [DHTML Edit Control Safe for Scripting for IE5]
' @( V6 c7 Z2 v - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>% y* i" E9 ]% X$ _: H4 M
- [RealPlayer RAM Download Handler]
) N. E& Y! P6 ^3 H( a! | - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>( v" y2 x" J% Q# X; B1 l* R# y
- [IEBuddyExtControl Class]" Z2 s% d) _/ n& D0 S$ w: {( [5 P/ g
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation> j8 F! P3 P6 l/ C+ |% U, d' r7 B Q0 v
- [XML Document]; `& j h7 J& A5 Y+ j" d! e
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
! i; T' \5 Z; M- ?; q - [HHCtrl Object]+ y% u2 r* _( p# U
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
2 \5 k$ G9 e- [$ Z& z8 X - [Windows Media Player]
/ K0 {5 k9 z. i, }5 Q - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation># C! ?/ C; y9 Q8 K
- [Active Desktop Mover]; D! I8 x+ G4 v! @ P2 g
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
. i l; T7 W! Q# p' \% w - [360SafeLive]8 ^: }4 q: T9 f. w
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>) F/ S; f' F+ A
- [Microsoft Web 浏览器]
6 B! j/ e5 C5 w5 F+ w3 ^ - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
; d, M' ?2 T* P: q: y' _ - [Browser Enhanced Objects]
) W# G% G4 Y; T' J: R' m! x - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
. w" c3 I! v+ E- Q - [Google Toolbar Helper]
" A& o% |& ]+ t( N4 m9 R2 X - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>( U5 Y- R0 }0 d% ~# S- Y
- [Microsoft Scriptlet Component]1 F: k3 A! ^: u1 Z; }
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>! K2 {7 ?, q2 U
- [Google Toolbar Notifier BHO]$ W6 @6 o+ L. c
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
" R) c W- ?; f# f( R- d9 P - [SearchAssistantOC]: l4 ?$ T+ \; E
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
$ }0 g) h: U( D/ v8 r - [SafeMon Class]& }9 S' a+ E' g: T
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
5 r- ~7 `6 @( U4 c - [RDS.DataSpace]
! h( [ X" T9 _' o3 x9 Y4 C/ C - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>2 |0 p7 `8 ]- ~
- [KooPlayer Control]
y0 f$ Q D3 z- n - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
2 y3 S9 o8 Y& b. v! k) j - [AUDIO__MID Moniker Class]
6 I+ z$ Y' F8 v* @ - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
1 X1 e1 E. I# E/ q0 F - [AUDIO__MP3 Moniker Class]
' Q9 y( Z$ ^6 X7 B% ?, R - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
/ `2 B/ ?* o& j7 Q1 t - [AUDIO__X_MS_WMA Moniker Class]# Z( u7 p/ I2 {! T
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
+ c5 r$ e: x1 Z6 P1 K' m9 [ - [VIDEO__X_MS_WMV Moniker Class]
* X2 { K P& [5 Y - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
|3 X& ~- H- D: A8 R% y# I - [RealPlayer G2 Control]. o0 \+ K0 a0 M+ {- d
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
( s5 J( g* S( L' w# K8 K - [Shockwave Flash Object]: @" |& X* t1 `$ u X; m
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
M8 y# m) M# w( W O5 V - [KUpdateObj2 Class]7 s/ E5 t a6 u% r
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
% ], @, [, [4 ]$ u - [kingsoft browser shield], b6 [2 ?5 o# [9 i' ]! M
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
! b& y# {7 g R: Y9 v% ~/ J3 X - [PasswordEditCtrl Class]) v! a$ }- D+ a
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
3 t0 H4 n' [+ y+ k4 j% d1 o" V - [QvodCtrl Class]
- D, r) j) K& Q - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>' s0 ]0 F/ L _- D
- [&使用超级旋风下载]
- G$ R( G1 n) \1 s" |1 o% T - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
/ v5 f) `. s5 Y; f" J - [&使用超级旋风下载全部链接]
+ _8 n% b' c z' s; W# F* Z/ O - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
U J& [% M5 H; o4 Y7 L - [使用迅雷下载]
. A9 i- P' }5 Y7 o- s! d% Y - <, N/A>
% Z6 X( d8 W6 a1 d. y: h' x - [使用迅雷下载全部链接]; H& L: S$ Y: e+ Z/ R1 m
- <, N/A>
( X. S# A: L& p, b - [导出到 Microsoft Office Excel(&X)]
8 G8 m% |1 ?/ Z+ ~ - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>+ _, y# {; e7 D" n z
- [添加到QQ表情]/ q1 K, q! {9 W+ Z0 _% p4 X- l6 I
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>" P( o. P% h4 R( L% O1 f- ~
- ==================================
/ q* Q M2 c! Q - 正在运行的进程- U. F, d# H! ?( ^
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 s2 a7 {" T; F& ~6 [
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 T4 Z" [- N3 L8 O3 A
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 b/ U1 ?2 \, I% I. {9 p( O8 E - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
! ?* d8 C; ]/ Q; h: b7 R6 { - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ N! p' @4 J9 U
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" x. D3 R( N a! s4 q
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. D1 P2 }! Q; G: c1 {) m - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; ^' p. |% k) a/ |: k2 G
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 j" k) U( J- ?' ~* H l" J# c
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ [2 ~! @% g* t - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! @7 ], D6 i) p- j$ O
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]2 c. @' K3 O% Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ E" _5 A& w m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 L9 W- @# |( u3 u' `. n
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
# Z- m8 \% D Q; S- G - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
1 ~1 O2 S7 J0 Y2 ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]; B: H, G8 z; m2 M- Z
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]: b* z) z2 j! s* w7 X
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
0 T* `% G* D! W7 b. a3 w1 Y - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]( s5 B8 i8 |9 I; p/ G6 o8 F
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
7 [+ l- k6 L. ~- r. } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ s4 p. h: s e ^) z2 O8 e& l - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
: z2 J7 v( s( M; m - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]! B6 h* Q' _; S; m" \
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]- z8 ?1 j' k d6 s7 Y, r' H6 Y, k" ^
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]2 N9 Y- C4 g" h5 ]" V/ K4 u
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]- H. h# r" | u( y, J- o0 h4 Q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
* J/ N( u# n( j9 L9 X3 \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; q6 x4 M$ c5 C; b2 A0 w* c! R* I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 ~( ^3 E1 j: v5 u- _ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 A+ n6 N: \. j; q# p$ B, t
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ m8 O3 O' A" m! Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: a6 p# B k0 C8 Y, m/ N, Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]& K( b' b8 U: N6 O; h
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 `2 t1 V% C) F/ ?/ {7 n
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
0 H( H- j: L6 g$ C+ F - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
' r( L0 K: B2 v1 w) x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] c* q* g+ d3 y2 M9 y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 f4 W; ?* i( O9 R/ p$ c1 I n" A - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
7 w; J5 b6 u$ h" i4 x: W0 E$ N - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
1 C9 M) e- R. }6 f' m+ c - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
: `. d# `# x: Y2 _" i) ^ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* a/ K( |, v. ~+ O. h
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 V0 L6 f: e5 e7 D+ P
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53] [( ~" u; f* J- s* h
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
n9 T: ^2 c( N- I - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* O8 m @3 |. m; Z
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]7 ~5 q6 @3 X5 t# c( f0 ^6 T
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
- b( I# n8 d) X0 S" [4 m/ n/ B - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]+ w+ c- r2 {8 ]* k2 k6 I7 @' ~# C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 X1 n( K9 W p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; R8 w$ R; W9 B- E
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]. B/ M1 j. A# X1 |' M' Y
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]5 {' [, b# U: N" {' ]& M' D# I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
, }5 B5 {( Y$ h9 {* |. p1 l - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
7 d% Z* S% a* W) { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
; o3 A+ D" F+ {6 H+ } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]# Q- J3 I$ B9 m7 I7 q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]7 P* v3 E' a1 T$ D: m) U
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]# D' J/ l4 D' n6 f
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]! p3 y, C2 u6 H. O2 _ y1 v
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]. N/ d/ U0 E7 m9 G* Y
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]* R1 @8 P0 O7 t: x' S' n0 n
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]1 ~8 J0 g, L' n% m% r- E
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]8 o& c) Q+ p; w( n
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0] E1 A; J+ N4 R4 p. R
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
/ @& N( z0 r7 k a# U$ F2 f - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]* l' {# c2 S) Y. v2 |
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
1 _1 n) ?( ~6 I# { - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( x! t2 s: [ f9 V - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
. D5 C0 [' B ?( V - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]6 m/ n& U' H% z; l1 v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 [% ]: f |) C" H8 |, f) e- B+ | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 l0 }: @" k/ e- R% E: g
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( C( ~9 \5 K) F( B. H3 w3 S; W1 j - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
0 H8 G, }3 S; @" B" |; U& o - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. ^) l2 H/ _' | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
6 `8 T2 }: _2 d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]. [; G+ k- q, e7 x
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' ~5 x( S! ^* u* P( p& ^2 `0 y
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
6 w/ ?# E4 i- X% j! b4 g - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]/ {( M5 Z! H* [; I% y: I
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 Q* Q1 ~; A% F* ?4 y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 c& X7 `* N. g4 Z5 ~8 H# Z1 f9 D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]- a+ q7 d( f" {& u; ^# E! [/ S
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) W$ |' e5 \% }( C2 _4 X
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]1 ^0 ^* z( f3 o) V! g8 W
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
8 D! v+ s; a6 E w9 m2 v% m4 d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) I3 V! q/ P3 {$ D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% m: |- X% q' Y" C - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
- M% b! T% T, F - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
' a! c, Z# J$ Z& F9 w; F1 _( v$ A( P - ==================================
% y! J1 V$ H0 j0 U$ |8 K - 文件关联: ~) K/ f9 e% T; F
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]3 e& H0 R) j" I3 t1 o3 V
- .EXE OK. ["%1" %*]& b- Q$ U1 d# \/ D# q" K8 I
- .COM OK. ["%1" %*]( x% G) I9 H. y* l/ V
- .PIF OK. ["%1" %*]9 }. Q8 b/ v( x/ g& B1 E3 A3 Q* U( w/ m
- .REG OK. [regedit.exe "%1"]" X4 o$ g- a; L( l
- .BAT OK. ["%1" %*]& @5 r9 w1 Y7 R$ m& e
- .SCR OK. ["%1" /S]
. x# h9 T; m- z8 ~) j5 m. F - .CHM OK. ["C:\WINDOWS\hh.exe" %1]+ t9 j8 [3 O2 o
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]& B$ F6 i/ i4 x
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
/ X) J% F; ]% o+ V$ Q4 j. r0 i) ^/ e - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
3 O% F4 P: ~2 g/ H- ^& T; U - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
% x8 Q/ w) G6 b, n/ I3 |0 Q/ y% c - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
( C; A$ e# A- U8 w) }# B! s - .LNK OK. [{00021401-0000-0000-C000-000000000046}]+ X+ [. `# y+ j' H9 w3 w
- ==================================
: W; l0 B* |: K* a- C - Winsock 提供者0 N- a. Y0 Q+ Z) E: n0 O
- N/A
2 g" D9 W, f1 ~, `4 t - ==================================
& f1 h" ~# n5 F2 |4 f7 z$ @ - Autorun.inf
3 R7 F$ a7 J7 t- w; F - N/A
4 x9 M; [4 D h) L5 i7 `! S - ==================================7 Y$ Z+ E) z% r
- HOSTS 文件
6 w6 ~6 V/ A5 e' W7 O3 H - N/A
. A H1 n; [9 }; L5 O" {, y | - ==================================
0 R! _9 ]0 ?) g/ {% W. d - 进程特权扫描% k+ k1 }" s% X) L
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]1 `2 z: Q' M+ K9 ?+ u/ g
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]6 i3 ~9 E: x( L6 Y% [8 z- O. }" p& D
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]5 p$ R7 b _& ]0 f
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]" a# F2 B B( e- V
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]" R( Q" z& U" Y# X" L5 S! L
- ==================================, U) g3 Q. t) e; k0 ^6 C; K; j4 i
- API HOOK
! h8 c, n2 d2 v- Z. j+ R8 J+ X - N/A
8 @: O6 H8 @( S: @( n - ==================================0 R1 q. h$ d! ~# G5 w
- 隐藏进程+ m' b9 F" }) l" M% H7 c
- N/A
3 o( h5 q1 r1 `# m: x - ==================================
4 j1 w1 p o; B1 d
7 Q, ?- @' ?5 \
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
