|
|
9 Y: s+ h t- \1 w6 M- 2008-05-22,20:37:43
- k/ m6 [. U6 D0 w - System Repair Engineer 2.5.16.9006 ?" ^( Q1 Q% b5 I
- Smallfrogs (http://www.KZTechs.com)6 T0 Z; r" ~* Q3 q: `/ c
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能 b! x+ S v2 l' X8 R
- 以下内容被选中:/ G1 Z5 w: ]5 G4 b% v+ K4 K+ U
- 所有的启动项目(包括注册表、启动文件夹、服务等)
8 |$ Q+ k* j3 M! o0 c* h - 浏览器加载项5 A; w: ^% S- {7 F7 a' u
- 正在运行的进程(包括进程模块信息)
. |8 H- C: r& b4 m) a - 文件关联' e ^! a7 [* G3 ?+ }4 c; k
- Winsock 提供者
- E$ p3 G! E+ Y& ?- D a - Autorun.inf
1 t/ @ ^9 g/ d3 F; G. l1 Y - HOSTS 文件
0 S( d5 [" N& P2 ^" A( { - 进程特权扫描/ `2 G R! o1 | W
: ^8 h* @) V2 r, }+ _6 u, E' u- 启动项目
. w' U1 T% g; }# f& f0 e! l - 注册表
! J7 }: l7 K! z! @+ O9 F7 T - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
0 M1 R; n" \- @ - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]# p3 {5 H6 P; o
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
4 l9 ? l& \/ o* @/ z - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]! P2 E$ E7 D+ D
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]5 c0 O$ m3 z# U' R$ f
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]1 d3 t( c4 q% f# l z9 I
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
% K9 b- n, D9 i+ o- n - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
" `5 {% I7 w) W6 I) y+ @7 P, _7 t - <PHIME2002A><; > [N/A]
, ]8 h" d8 u& \) Q - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]. v0 ~9 i Z# k* N
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
2 w+ |+ j" o% {7 ~ {' A' [/ z - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]8 Z/ L) z3 v# K/ v" d
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
# a9 [) V P5 ?7 w - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]0 p) Z7 e) n8 {' `) S
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
( w' l5 }. L e/ v - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]* L3 i% R- H. y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]% j5 K9 F H7 y6 W2 P) J. x& U
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
$ J) v2 a/ [: N, H - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
& o A/ r9 u0 S( I4 B6 w - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]2 e) a# M* A; W& o
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
/ x/ b1 `5 f" e( ~- I" `" F - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]+ N5 x* O6 ?- `* F4 H" b" K4 n
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]% Y% x6 T; N1 a+ a; b" ?) ^
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]) R, i0 @7 j7 z' c$ K
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
3 ]& e3 A2 J3 w ] - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]9 I$ Y9 o) g, u% ~6 p. x7 v) H
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]8 X+ Y3 |- o6 e) Z0 e y' W8 ~
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]' Y; y: ]0 r! P; E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
& g+ v5 {8 @$ T, v8 ?- e2 t - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher], e$ i; D: V. R: d6 P& {7 p
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]4 k; c! ^# a( L0 |9 Q
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]8 t& E: x, G, R
- ==================================
+ |3 U; \, T! v - 启动文件夹
" p7 M' r N- z+ B( x+ w8 E1 n$ } - N/A6 s9 j3 m5 R+ Y1 `1 y6 a
- ==================================
. K7 o8 [3 t' f) R - 服务
$ M& t1 s& T7 Q9 L! y2 L) \ - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]; w0 ^4 s' L# p& S( O
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>; f2 \: G7 N. N1 W' T* f
- [Google Updater Service / gusvc][Stopped/Manual Start]
& D# l; M3 A, q) J - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
5 s9 ?/ k$ l# Y$ c( r3 l - [Help and Support / helpsvc][Stopped/Disabled]) k$ u( o, V/ h
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
* S" m+ T8 o+ |6 r, i6 t - [Human Interface Device Access / HidServ][Stopped/Boot Start]
% c: ~6 M8 s8 ` f+ s5 @7 F - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>1 e. `- o3 P+ ]6 P1 ^- |- D" {
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]0 R3 w3 M4 h% v( @2 x
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>4 A8 Q$ s1 e( u) }% y4 r
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
0 K0 l% i! n( `1 t2 }( u - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
6 k: t; A8 n: H2 I8 M9 j' R - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]7 y4 ]# ?( Y5 g) h. n+ S
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
$ ?% x2 ], C6 v k - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]% |) ? x! r$ e5 B
- <><N/A>" x: m0 B2 c) x3 R& W
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]4 y! ?5 T3 ]6 j+ T/ i ?
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
3 n. a5 P% Q' _7 J n - ==================================
) G( {( E$ |1 T& f& y - 驱动程序. d @' y/ n& M" Y3 @
- [22j / 22jn][Stopped/Boot Start]
2 u* d& A. T5 y, _# D; E) X d - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>4 X/ U j( e) w( r7 n' F
- [360AntiArp / 360AntiArp][Running/System Start]
# g* H( I/ P% Z9 \; Z - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
: n# i5 i' B8 w6 b/ s - [43ec / 43ecu][Stopped/Boot Start]
' c; i% q: ~2 r4 d( y9 ?: w) g - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
[& k8 z' \0 O( k# u+ S - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
& `9 w4 h# {8 n2 M - <system32\drivers\ac97intc.sys><Intel Corporation>
. f! d; }. {) [* y - [Promise driver accelerator / bb-run][Running/Boot Start]
# K3 b! z4 [$ v - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
5 e6 a6 a* E8 }8 N& E% \ - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
# A' }! u. `( F0 ^7 | - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>% t% v2 ]+ z ~. k2 p
- [KAVBase / KAVBase][Running/Auto Start]* M/ w r$ [& F. ~2 v
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>4 n* Z I/ L+ c, O0 q+ q
- [KAVBootC / KAVBootC][Running/Boot Start]* K% C$ @) w/ z2 k y9 d/ T' p
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>3 W* r7 ]$ J* V; r
- [KAVSafe / KAVSafe][Running/Auto Start]
( F( O8 I6 r: N; K - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
1 r* Z% I$ ?( _2 K - [KNetWch / KNetWch][Running/System Start]
+ `: h: ?* h: Q8 _7 N# [. @ - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>7 q3 B! S# R3 _6 ^! G; @% m2 O
- [KWatch3 / KWatch3][Running/Auto Start]( r$ r4 X! ]. N" x- Z
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
/ k; y9 v1 }, \' k - [ntptdb / ntptdb][Stopped/Auto Start]
* @2 {& b# ^& S4 O - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
7 S/ e. w, Z. o - [nv / nv][Running/Manual Start]
& a) D& x2 ]/ {) Z2 S1 u% C/ O - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>* X' w3 I! C6 [# F
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
+ f. I* v. ^4 s9 p% K; E( H - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>4 ~, c0 Z; Q# |: e# L' j
- [DDK PACKET Protocol / Packet][Running/Manual Start] o( \2 B6 s6 H9 ^( H# C: E7 E
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>3 v& [/ ?: e9 s3 r9 c* I
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]* t1 G s1 v, V" g( ~1 O3 @: ^9 [
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>2 g9 s9 Z8 P8 _1 P
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]' Q6 N' c D" u4 j
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
" Y( g9 e6 T+ } L6 M+ a- \. }) y4 L - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
. d5 ]5 o# T5 S/ g5 m - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>4 r+ H, Y5 D- e. B: i- f
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
. @# b; G" ~( x) `* Q - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>1 Q' t, C* T0 E o4 s g
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]8 C( y# p! d! h5 Z2 l
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>! x1 q% R5 ^: ~: ^4 W
- [Secdrv / Secdrv][Stopped/Manual Start]
- L- q6 e! w2 z/ J; Q& j - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
, p2 ~! h7 E/ \9 T; ^9 Y - [SATALink External Device Filter / SiRemFil][Running/Boot Start]: p( H1 e5 X4 o. u
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
% z- I9 P; Q1 i/ a* X - [System Restore Filter Driver / sr][Stopped/Disabled]
2 L& g! ~( V3 S, ~; n - <system32\DRIVERS\sr.sys><N/A>
- f1 o. c0 g8 G; O3 R2 h+ t - [TesSafe / TesSafe][Stopped/Manual Start]
~, f A& R+ ]' |+ _" E" }9 g& ~' Y - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>9 A9 @. M! @: o. v' y
- [System Services / unzxzsrs][Stopped/Boot Start]
: p8 t$ u w* B, ~( n - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
( j6 t$ |; R1 a+ l: C - [ViBus / ViBus][Stopped/Boot Start]
Q) \- J* q. v: D: |* b - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>" J. ^# \# h- q9 A
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]1 i- |- ]' q& j6 l6 H5 O' o% {
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>6 l P) q0 Y% f1 b* [) X
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
/ i* F" Y3 V8 T# u' F' F+ l3 E - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc> R2 O0 ~( v o0 ]
- [ATI Extend / zhibmaso][Stopped/Boot Start]" q# e. [( R* c, w; H$ W) g
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>! ?+ j3 H/ ?" r# f
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]4 j0 H" t9 V, n) H: _
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
- K8 Z8 _2 b6 B# M) [- e7 V - ==================================! d1 w, w/ t2 X+ @' U+ H5 b( I0 \
- 浏览器加载项
' [3 a2 K- b& ~5 u9 A4 k - [Google Toolbar Helper]
- q4 e& L: N9 i - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
3 c0 W: D, r% j" I3 q4 T9 B0 l - [Google Toolbar Notifier BHO]
$ q, V' ]( v1 A b% A$ O; C' @ - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>2 k2 a. U4 G' q( E
- [SafeMon Class]
) g9 W" F4 }0 w: I - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
) [: y. y7 I" j - [kingsoft browser shield]
# o& e7 Z& w& {! f2 i8 T+ Z - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
4 w1 A3 E, f3 M8 h) M ` - [IEBuddyExtControl Class]
. d' C' K9 c- ~, ^/ j8 E1 L; j! v: X - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>; {2 \6 J* o6 _$ Y1 ]
- [Zcom 杂志]
- j% w5 X" ^+ c) C% z ? - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>1 i/ T: ?6 ?2 k0 g
- [&Google]
% i0 H& \! W( h# m# L" e - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 H+ y5 x: |0 v$ O' w0 ?, B+ \
- [KooPlayer Control]
+ J. @7 G. ?+ g! b. `7 ] - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
1 V6 n+ n) r6 q' M/ {: o* L - [Shockwave Flash Object]# U r* X3 |& B4 ]
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>" r- S( y# W' h& h7 N s( |
- [KUpdateObj2 Class]1 k* u' I1 p' }) R0 k( P' m4 q
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
7 E5 n3 s, r) S4 x( N0 V" q - [Google Script Object]
* `3 ]% C+ b1 j0 i! A - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
8 \3 O! z" ]! H$ }& T - [EWA Control]
- a0 ~3 D$ p" C- e1 L- b; W9 p - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>$ y* b2 E* M; x6 b1 q1 F
- [Windows Media Player]
6 [. S1 N( V3 y - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>; s; E. E1 x- O/ J& U' m$ ^: Q/ _
- [&Google]
: r+ r' v# o* K. Q! N) d5 N - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>( N: h' I1 x4 C: `
- [HTML Document]. d2 u& j: F- q0 n# |; b% N
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>3 V+ d3 x" ?& e8 O1 g( I
- [DHTML Edit Control Safe for Scripting for IE5]3 |# `8 m& I: P' r M! H6 O
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation> l5 y' k f' ^ d- Z
- [RealPlayer RAM Download Handler]/ w! T0 i* n9 h
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
- M4 ]! c s. X3 W - [IEBuddyExtControl Class]$ [9 F) O' i9 ]. O! s7 c4 r3 ~
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
' `5 c: b0 R6 k. }& N - [XML Document]
4 `* B& I& ^+ Z - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
" T4 L, a8 ?0 \3 ?/ }2 A - [HHCtrl Object]
' U# T& t" V% @7 [3 w - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>+ T" u: K9 [- r2 n8 d
- [Windows Media Player]8 }' k3 N( t/ h
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
- S' }, q9 M+ X: B) ^' J - [Active Desktop Mover]9 \0 M6 X' ?2 F/ O* }" F
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>2 N1 `' I$ i; p s
- [360SafeLive]/ R& ^5 r: y \
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>2 x, T3 T# k( ~( h
- [Microsoft Web 浏览器]
* J4 j1 ?: Z6 x9 d; g. C# L - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>- P4 H$ I \7 V9 W1 L7 D8 }0 N
- [Browser Enhanced Objects]. v$ m2 N7 W8 e- N* w3 u& U
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
: h. ~+ K$ ?: e& m - [Google Toolbar Helper]; ^, k q. m: I" X
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
- i5 J+ u) a. O/ k v, g! X* i - [Microsoft Scriptlet Component]9 k5 T8 I; @7 x; u
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>$ Z9 L) v: e1 o S1 E3 \0 s$ j
- [Google Toolbar Notifier BHO]
6 s8 l8 q" w% l% { - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
; s, _( H9 w6 z2 L; ~6 H - [SearchAssistantOC]! X- O: T, ?' p, j5 _
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
* @2 A, N- e1 V - [SafeMon Class]" P4 A" {1 \7 X8 b5 f
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>. n! @7 }5 }3 ]: W5 F6 K
- [RDS.DataSpace]
/ B$ q9 B; E( H6 }! {! w - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
0 b& R I. x4 o% v5 b7 v8 z - [KooPlayer Control]
$ G0 N u0 Y3 N) j" W# s \, K" m - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
* s* Q0 P( L. \6 j - [AUDIO__MID Moniker Class]
! T- W3 D, K# {: _/ C# O - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>8 }/ w0 j8 r1 ~0 R; x0 Q
- [AUDIO__MP3 Moniker Class]5 e" |3 h+ v1 A
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
( v. R& \5 W( O/ {2 q) c4 y - [AUDIO__X_MS_WMA Moniker Class]2 D' K" ^9 ]2 i( y C
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>; b. z5 s1 Y8 L) A
- [VIDEO__X_MS_WMV Moniker Class]1 K0 `/ V, ~: A% v$ j# S# l
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>! ^- `: _1 J u/ p1 o+ }
- [RealPlayer G2 Control]) G& d5 t% u2 v* q
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>. _2 h9 C7 J# C7 k
- [Shockwave Flash Object]( v3 c8 f/ S6 m( y& C8 U2 e. g
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.> X/ p" W9 F1 q0 c
- [KUpdateObj2 Class]! e9 _% ?2 _0 i$ n! h
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>$ F. g+ m- J# T7 z
- [kingsoft browser shield]
$ }" ]* V8 @9 f5 k9 w; m - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>/ L9 d$ M# a/ x9 P, S4 @, T6 R
- [PasswordEditCtrl Class]
4 ~% j" g& u- B5 E( _ - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>0 j& x W$ y# \! h
- [QvodCtrl Class]
' @7 q, q3 [! h1 h% l2 z1 a, y& T - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>( s1 [9 d6 W5 X. C
- [&使用超级旋风下载]) G* P% K" s9 a$ E& u1 R$ q' f# Y9 Y
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>) ~2 [% t& W8 r; s! R9 I; @- y/ d/ j+ }
- [&使用超级旋风下载全部链接]2 _' l- A4 X: w; ^6 Z/ y, K
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
$ p2 {- q! P# r5 W& R" Q - [使用迅雷下载]
5 t; K5 S) @, c6 }& ~* s6 h6 e: p - <, N/A>
, _* P+ s* v1 q5 { Y - [使用迅雷下载全部链接]$ N, a; ~) s) P
- <, N/A>0 r, S0 [+ ]' V6 E
- [导出到 Microsoft Office Excel(&X)]
6 q4 b8 f) B# O6 g# [( B* a - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
6 ]' ~6 v# P P3 H6 H7 i - [添加到QQ表情]1 X' O7 w: D+ `$ p4 n4 A5 z* Z' a
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
- d) Z+ |+ n6 d9 F5 l; P* t - ==================================
m# S# |5 J5 p9 ?' b$ M# [+ ~ - 正在运行的进程
2 j2 ^* b3 i* b9 k c2 I - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 M3 L6 e1 A6 t8 T3 k1 g& n
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] V& Z. o& `. @7 w
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- Q. M4 e3 x! H: O6 p6 x
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
2 e& u5 V& ]' @+ a1 L - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# C" a5 ]) f# \
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 u# ]1 E* d/ { - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" x1 [) [# x( [/ z; [! x0 B6 V' H - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! H4 H/ ~0 P& `5 g' z
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 _- S: A' x+ M1 |7 h' f; ~: O1 m - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: |: I) \: R) D8 }+ v+ j3 ?) t2 C$ g - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) O1 _/ {' ?5 u) b, z4 b% O
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
3 P" S# H. Z" W0 {; r* |" { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ O3 I8 l; u4 y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
" A, Q' N: s4 B0 L3 [( H - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
# @/ Y i+ D' |: d - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ y. l2 g. a( E& N5 C. G# x: A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]* B& y3 L# C' f$ }/ E$ y+ F
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]( k# u0 @& F, P4 _, k, P5 N
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
1 N7 m; S2 A [4 K8 K) h - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
& Q. d. I: K$ |: Q# J - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]" L) t" k) W; B7 p
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
o% X7 x/ c# B6 z7 r( i2 i& y6 n - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]9 m4 |/ I" L$ |, y5 h/ f0 V
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]" J8 I; A, r, G1 T e9 n# z2 g
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2] }0 G0 | w/ v1 q
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2] W; q& s/ v( Z9 X7 S
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
; _1 A3 p7 L& w! E, |0 r1 n - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) L( v" V# M j4 H6 _) D/ Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ n1 A# C' R6 a2 ]# p( a/ m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 q( N- Q3 X8 \+ ^
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 y3 o! [5 o# ~! B' n ^, X - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 R: W( Z7 ]1 o4 J. r+ a4 v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 u- ?7 o+ b/ |0 h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! l* w3 D- m& n6 |5 l9 g `$ \
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* [ \0 C+ Y8 F5 G( ? - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
, @/ k A' V9 t5 Z9 E- o9 w4 |+ c - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]' _9 z* r9 m. a$ P) C; w/ I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]8 K; C! @' i, i0 E- c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 G+ r) _2 D1 q; m" } X - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
. s+ X* k5 i y% F - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
4 c8 Q7 P. M2 s - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 y9 I: I. L$ ^* e' p; q/ X
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
: P; H8 r2 m7 N - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. ~' I0 ^, @$ p0 T% L# Z) {3 c
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]) K( ^4 v c+ z! |: K9 x% K
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( b2 }0 e3 D0 G9 h* p, n - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ U- P) t. Z& z$ v9 W8 ] - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
; V2 O( C) g6 Q$ d! X - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
: p( d4 v& S9 i% Z' G: E - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- [& e8 H- ]$ ?( @6 e! O! I8 F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 G- W- b% B0 N& B! i; { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# u" J3 o' [+ J. q& X1 K, A" l
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]# J/ l( U" X9 H! w
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]- p0 R$ b; i% M8 s" G$ T8 e" X0 \6 [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]4 H. \, e5 I1 ]2 T; s; t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]$ h, V$ Z4 L q4 }' W; B. V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83] |1 D& ?/ T4 n' b3 c/ r) P, B
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
6 ~% ^* |) u$ w& Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
/ v! o5 O: {2 Y! T" |! }3 m - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]( A) i) G. W; F
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]% m( s+ {+ Y% y- e+ }2 I
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]" o# f4 T/ R4 q
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
/ P. @, S) b, N W$ q% o - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]9 p. P6 C- n% a E. Q9 n
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]2 g k$ ]) O. z$ F5 t1 O/ X
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
4 Q* C n4 J B) t+ E: H) w$ ~5 V - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]$ h7 {3 O* k3 P2 F. n
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
) e& u3 J* P( r) M1 I3 D9 i$ l2 } - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
( T- w6 C- h/ e, v+ @ @8 s# l - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0], Q q9 {9 |& q! y9 p5 [0 Q
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
. D2 u d+ m$ b - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
; s( Q# N+ q8 Y3 W( J) N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]6 N/ @$ V8 M; D4 c' @9 p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 p2 l" g( ^, }( ` ~- H - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 `. V" F3 P- _2 Y* {# H3 X7 O- L" F - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]2 ]" ^* H: R% }" Z, m
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
9 j: S3 C* ~) G8 J2 W' | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; n. C$ z# h5 R& z$ G& g# o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ A4 y* b# ?& _5 {
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' o+ l( _/ W7 W: T- w/ d! | - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]/ U% ~6 J o& t' N+ Y2 z
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
3 {$ o0 ]2 O" j# i5 g - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. k( M# a B% C) C4 \$ o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ o/ o" c+ m4 V8 ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], a1 r! l" D! m7 W7 j/ a; I! Y8 t- h
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
, F! m+ @$ W7 ~( w - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
$ X) t& {! j8 G. m# z& I+ W - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
5 ]. {9 g W( M3 g# p( U, c6 G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( U1 ?. R1 S- [2 @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 b9 Y* \ T. K `* D$ u$ e& h% A# `4 h. ~
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
0 N5 X H5 F; U0 K. ?: e; v - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
8 D5 X2 P, r t# Y6 W$ t - ==================================
u$ W O Y2 C - 文件关联
8 n# ~8 k8 ^1 }' C' d5 I - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]* h5 ]1 d: _' d$ i
- .EXE OK. ["%1" %*]: t* l7 g, w: \5 _/ G
- .COM OK. ["%1" %*]
4 [6 c% y3 B. b! w/ O - .PIF OK. ["%1" %*]: x# m: o& f1 e
- .REG OK. [regedit.exe "%1"]
# u% I. ^" e: D. }4 Z - .BAT OK. ["%1" %*]
3 w. B2 H" O* Y - .SCR OK. ["%1" /S]# D' ? A7 I2 i9 w6 s
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
9 C8 T$ j3 o# }& o - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
! ` i& R, b7 z7 Z6 G0 ] - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]6 a4 u' r7 X# q) N/ P
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
, ]' s$ W( P. V/ W: [8 w5 w4 @+ p" T$ Y - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
6 M0 L" A4 T. F - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
& p3 m, O2 M9 F3 k! G; v - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
) q# V8 x. A" Y, C7 D - ==================================& P' z" K) D$ c. i+ u
- Winsock 提供者% {; P6 C- g, A9 ? X! T) F* l" Z
- N/A) |0 E7 v( T W! ]
- ==================================
( q% @$ X: m1 n: O - Autorun.inf
# _. h3 x) o7 c* z& O! S4 q! T+ _ - N/A& \6 d _6 e, z- Y, X A5 Y
- ==================================& y j( ] t/ m
- HOSTS 文件7 L+ V' N( n% N- w5 V1 s+ j2 z6 v
- N/A( l1 p+ O, Z; K6 j- d
- ==================================9 L! }1 D" Z; t8 b% f$ h
- 进程特权扫描0 z- f! U; e; N5 P( n) _
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]& h3 [& c! e& |
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]/ W' i+ t. N9 e+ I
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]3 P u* X: k/ c* H' W2 J D0 \
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
1 k1 d# a3 V) A% J: ]. o& B4 `2 Q - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
9 V) h- p1 K# a, @7 X V A+ w - ==================================+ {0 y) B/ U% s
- API HOOK$ X+ h5 I% N0 r; b C
- N/A5 V2 \# z& Q5 B( d# L |
- ==================================7 z8 B! N4 _1 @- v/ ~% {6 \
- 隐藏进程 K; i4 Q# m3 g9 ~* p
- N/A1 y, e' C5 _1 J2 q/ F9 k2 w
- ==================================& {# h; A; J+ f. O2 H5 C
- " q, H2 }- `0 s: @" f# o( O
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
