|
|
- 7 N& Y8 s& b2 h; T
- 2008-05-22,20:37:43* z- e, M* Y" C8 |5 j
- System Repair Engineer 2.5.16.900. k6 ~1 s- c2 J* {: i" c1 z' t
- Smallfrogs (http://www.KZTechs.com)
6 H5 u. s% @- |& L - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
T% k. Z3 m/ W, l - 以下内容被选中:
/ d! m; p5 q6 E) F5 I - 所有的启动项目(包括注册表、启动文件夹、服务等)
) s. ?" v+ I& E6 Z* O, r. K - 浏览器加载项' v8 I: a L( l$ X i, g- Q
- 正在运行的进程(包括进程模块信息)$ D% F# {* J/ X: W
- 文件关联
3 G$ S3 b1 k" l1 ]" V0 Y5 m - Winsock 提供者
4 y. o( r4 [+ ?# o" g% ]3 C3 C - Autorun.inf- I6 D t5 A P v a
- HOSTS 文件
! o5 Q: b; X( a, E, M - 进程特权扫描# }& v2 m9 [* ^
1 O* H% q A7 H( }) \5 w6 q j0 M5 w- 启动项目
- d0 {% b; w1 M9 i - 注册表+ J# N2 t- v& y4 H0 G9 E5 I9 f
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]/ K" d) ^" l) S0 O
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
7 j, F% s/ x# `; _ - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]: G3 w0 s/ I* k$ O$ U
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]/ O0 Q* b! L6 v# Y7 @0 H
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
7 D/ g. G+ q! { - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
1 ^; W' Y0 F7 E/ v - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]' j# u! G& A" z4 h" X" U+ Z
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
$ l$ y' h* r4 f ~! R4 R - <PHIME2002A><; > [N/A]% b, F& P' e% H8 S8 l
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
8 }! e- t4 i" g, l" f - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]7 s- g, ~7 v4 g9 i: z) D# c
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]4 @# q. [; G, @3 P# N
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]( A* D, K$ t8 N9 b
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher] N; O2 R5 J; u9 t8 |4 n
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]9 t& X2 b0 _( R6 A8 \! @
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.], d3 E% {* b( V; {8 {
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]* h4 }* H# C2 y
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]( M4 w5 @' w; _! G, Z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
! k& Q/ k8 P' o. ~ - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]2 d; T7 a- ^/ i' [6 w8 k1 D
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
. X$ j# V e, ?, h - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]9 q# X! b9 H8 p. f
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]! M/ z" ^) f" L- @
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
/ N. @7 y$ g' [/ m; @' ` - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
9 Y7 a' o0 x7 h$ T; v - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
7 M! \; p2 ]7 ?3 p - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
& Z# o$ Q' ~- ]5 N/ a' R; u - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
2 e2 u" S% Y; N0 z# q5 t1 W' J# j - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
" j2 R6 _5 m. T$ E- v) @ - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]1 U$ E4 @1 C2 t
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}], l, }8 f# ^2 \3 G3 O
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]% u P% m; V+ M$ `' ~
- ==================================2 h: q2 n+ A& F1 S! `" L) [! S
- 启动文件夹
e2 `- P5 D4 h" q+ v6 _5 o - N/A
" Z" P; J' T% ]% W+ e0 E& j4 U - ==================================
' o, N) Y' I1 [( t) z* P - 服务
; {3 ^5 G. q5 F$ H0 R+ d( Z - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]1 L" \/ z/ b0 \. N
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
0 o( L0 y- E1 P# A2 S j" G' v - [Google Updater Service / gusvc][Stopped/Manual Start]" B ~9 N& i1 ]/ f9 c; F
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
R% ]! m+ h) ?4 } - [Help and Support / helpsvc][Stopped/Disabled]
7 }, V9 A5 v3 C1 S6 ^2 q% { - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>: l- ~6 Z7 y/ P) z U
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
: L* k7 ~: v" @2 s9 _. Z9 P: ] - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
& F% o" f: p7 o& J7 P - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]( C: a0 L9 \5 O; D! X6 T: @, S C
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>" I: Q( Z6 `3 C2 V2 [. [
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]$ S% _$ K. B* K1 E
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>& {* `% {& G$ c2 W/ x: w- [, p
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
7 h: {1 O, \1 n5 M! G+ r# { - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>- n8 W8 {/ Y, N% R
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
/ Z* P9 T# E1 _ - <><N/A>
3 C8 q1 W8 _6 t% Z% x3 m - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
# c- n8 T+ C3 \4 z3 _: x: t! H - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>: p! ]# D# T( N, U- u# G1 J6 s0 X
- ==================================
) r; x( D4 _! I1 j" u0 t* v4 v - 驱动程序
1 U- V' W/ i# B/ b0 J }# M d - [22j / 22jn][Stopped/Boot Start]
/ D( Y) X; D% z9 K& a - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>) A1 {7 L% \6 R
- [360AntiArp / 360AntiArp][Running/System Start]
# ^0 r( ?% Z$ G4 t - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
4 [# T1 [- Y0 b4 e - [43ec / 43ecu][Stopped/Boot Start]
" m D2 W5 a+ I1 M' U - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
# p* j1 g/ U$ r5 f - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
9 L/ {6 r! y8 q4 U; X - <system32\drivers\ac97intc.sys><Intel Corporation>
- K* z+ X' c7 ?/ Y/ }- q - [Promise driver accelerator / bb-run][Running/Boot Start] u# x, j6 { W- x" R/ x5 }, d( F
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>( l' }/ L4 O3 [
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]/ y4 A: x1 K) P* _9 |# _
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>3 {) \: \1 \9 [' x* B( y7 r
- [KAVBase / KAVBase][Running/Auto Start]
/ i+ t; i" n$ v5 ~) b& R% p - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
& g n3 @5 u4 g7 ]# n - [KAVBootC / KAVBootC][Running/Boot Start]5 b( ~ t$ V1 m( ^& B" Z, V/ m$ v
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation># q4 @& m- J3 z( T
- [KAVSafe / KAVSafe][Running/Auto Start]
' [7 h R/ p1 l - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
+ ~% n) B' e2 S7 a" J: m. Q$ i. u - [KNetWch / KNetWch][Running/System Start]% O1 m. A7 @! z: d3 r
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>$ n- b( g& N8 V: p8 y9 @. S
- [KWatch3 / KWatch3][Running/Auto Start]
/ @/ ~' ~7 c, h5 t* ^ - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
& O* ~. K* }' |. V - [ntptdb / ntptdb][Stopped/Auto Start]4 a$ B- H" z- q$ U* C
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
& A4 ?$ Q2 E: F4 m* [8 Q S) ? - [nv / nv][Running/Manual Start]
3 X" `$ P* s. O3 N( h5 V* } b9 r8 j - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>. b# E! i( p: s; \2 v
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
: Q; l) j n: b+ X* J - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>/ I' e e" Y' j4 R$ `
- [DDK PACKET Protocol / Packet][Running/Manual Start]* w3 y8 p5 r3 d$ G
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
9 s l- W3 o+ N& _+ }* ` - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
0 t* D5 {# d. t9 [ - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
! V/ x! n' l& F% D$ d7 E - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]* R. ^) ] u6 ?2 c, s4 C
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>* w R0 I. P) h; z# O
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
; d, ?7 w6 q( [8 d8 V$ P - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
5 K3 h7 M0 m& h7 f - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start] ^5 T/ C7 p" D* a1 C( K2 ?6 e
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
7 C2 [: F$ [+ P7 c# Z - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
, x0 E3 o8 W8 u+ n, x - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
* s) N& h1 f3 n - [Secdrv / Secdrv][Stopped/Manual Start]- a7 ]: O3 _( V2 Y; P# I* a( `
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>+ ]1 k1 `6 `% L9 C! _$ ?" u7 n
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]; b+ S4 e. d2 }, P5 G& Y
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>' g9 K$ ^8 P& G. _* ~# E p
- [System Restore Filter Driver / sr][Stopped/Disabled]& ]! f+ D n; v" k1 m! x
- <system32\DRIVERS\sr.sys><N/A>
& u0 b ~! U5 c - [TesSafe / TesSafe][Stopped/Manual Start]
& K* V6 M, Z' A7 x/ ]$ ^- w - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
4 R1 U. B9 j* L - [System Services / unzxzsrs][Stopped/Boot Start]
: L# Y. I7 L/ ~. C5 \! T% z - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
$ l2 k. e8 O2 Y4 C u( c ? - [ViBus / ViBus][Stopped/Boot Start]( x6 V; k# J. L+ U5 G3 N
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>7 e% C8 n1 m+ e, ~ w9 ~
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
* q- K& N/ b3 ?& { - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>, `" U" N; V, `0 J
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start], ^7 T! Q* O+ r7 J! _0 H) Q" b
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
* ?- z0 W( Z, U" a6 b4 S0 _) V - [ATI Extend / zhibmaso][Stopped/Boot Start]
9 o( H$ j2 p; `3 y7 E3 ~, \9 B - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
, |: y" R/ z/ ^, B" c - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]$ X7 N# A- ~+ }% Y% b
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>3 V# b6 A# c# s$ k
- ==================================
: T3 M- D% @; d. P% Y5 | - 浏览器加载项
$ n) o C [# E4 B - [Google Toolbar Helper]
9 j% r* E7 C% i5 j: f+ ^3 \! g8 [ - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
8 i+ R) D/ s% r1 _ - [Google Toolbar Notifier BHO]
3 {2 V7 ?# r1 }. K& ~, J- { - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.># a/ `2 D. [9 R: L7 U0 q. r
- [SafeMon Class]
- b) X" m- W+ g; F8 o5 S - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
8 \ m! i& X! _' a* k - [kingsoft browser shield]
: a* K, s* L* h$ \; r3 F" s; s - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>4 l+ \/ l# L: R/ K4 T
- [IEBuddyExtControl Class]
. r1 ~2 f. n9 c( @( p - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
3 m r8 h) [% D$ T - [Zcom 杂志]
6 y* L. ?3 @; l- J( B, A$ m9 ~8 X - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>+ C( O4 G, `, r: H+ O3 p
- [&Google]
. C+ _3 j4 j' b - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
" k5 I l7 Z0 O1 F& l1 l& H. t5 [ - [KooPlayer Control]1 I2 I6 |, R, R. Z! P6 b
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
, n, C% B' v7 a# n - [Shockwave Flash Object]
! M) V- W$ U( |6 X; ~! ^& L - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>4 o! }1 U/ ?" J
- [KUpdateObj2 Class]
) R$ Y$ s& b- w" i. v - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
1 k& n8 @3 m; y- r' p& d' V4 M s - [Google Script Object]
7 P: u9 g$ F9 G - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
7 X) E, r* \% ]2 w7 c+ I - [EWA Control]
9 ]" C) y* M0 f. Q+ B& Y5 w* O2 C# K - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
& e$ ~ f& X7 H- n - [Windows Media Player]
$ t- p5 D% |3 b. A' Q$ z1 H [# r1 Z - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
; k! \5 n1 C8 x) m7 n: s - [&Google]6 K# _" W0 n$ z$ j* P1 L
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>! [2 ]+ F$ B" ~' e" |
- [HTML Document]
8 h1 n6 [& E0 @ - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
3 E2 [% e. M# d% h' s& v - [DHTML Edit Control Safe for Scripting for IE5]
3 ]& q) j g# q- L/ Q - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
6 \5 c' h" w3 s& K - [RealPlayer RAM Download Handler]
, M5 ^& C' F0 {# {- \ - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
( w* K+ J7 h5 B) s' x, ^, h - [IEBuddyExtControl Class]. [& M2 U9 r6 w
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
}3 c V1 D8 {: w3 L6 o - [XML Document]3 U. R' i2 S0 Q3 `0 q- B- }8 o
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>( Y. G. |$ w" n0 Z! c% e! D: S. W
- [HHCtrl Object]
) f0 ^* S+ V+ e, j+ ?! Q* a - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
8 ~( d' y8 m l4 Q9 Y' h - [Windows Media Player]
" U1 u4 @0 i: j9 T/ o- g - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
& E" Y# ]8 O% a" ]! C& ^ - [Active Desktop Mover]
4 X7 l/ C! }6 @5 J$ m) x( D, F - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A> h4 Y1 L0 C( b, D) D8 u3 W
- [360SafeLive]9 ~5 T" E3 x% h9 f
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
) c4 A, o( s! K5 G* V4 V$ I% ^ - [Microsoft Web 浏览器]
! L1 R& S1 D" [( o/ n - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
% T. k5 f$ Z$ c0 z - [Browser Enhanced Objects]7 C: a+ G4 o! z0 F
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>' y9 S3 @/ @' l+ y
- [Google Toolbar Helper]2 `1 s ?1 ^2 W6 f
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
) W( [& X! l2 n! l5 L( z5 I/ r9 K* r - [Microsoft Scriptlet Component]5 @" n# l/ C( P' z
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
: `. M! L% {3 a- ~! ^2 S+ F4 I - [Google Toolbar Notifier BHO]
# e0 l+ E- m- G7 I+ O - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>5 U0 d; P, g$ G3 q2 j# R+ l9 B# M
- [SearchAssistantOC], f6 u; f) r, B) N! l X! Q4 U
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
: q3 ^! g% U y) L0 P - [SafeMon Class]
5 j1 g, W! v2 A8 G* M - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>- Y$ k' b" l/ v) X+ w: f9 w
- [RDS.DataSpace]
. T0 J! }5 [& s! \2 F | - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
% F' j; X9 h0 T7 O! A4 d" @ - [KooPlayer Control]
* {/ L L- O0 Z, r0 l- r - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>) P% j3 U! l' \5 I% O0 m/ _ m& G) P
- [AUDIO__MID Moniker Class]
/ b1 c" o/ k( z' ^! J - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
) T8 {/ K1 E5 t - [AUDIO__MP3 Moniker Class]/ R& T' l* ~8 O! g9 m
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
) f4 q" m1 L$ k' r. D- V+ D - [AUDIO__X_MS_WMA Moniker Class]) E# B( a7 l- }( k9 T5 @
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>' [2 u% R) C2 i4 w' n; S6 w( N( [
- [VIDEO__X_MS_WMV Moniker Class]) P) U) v: {8 ?+ L; {& u- t
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>' R6 l; g) R" w1 m
- [RealPlayer G2 Control]5 ^1 _, h. f. M$ Z1 a
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
, r) j% u4 N( m7 C0 a, L4 h. j - [Shockwave Flash Object]
3 t6 y, v1 o. ?. v$ B - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>5 m- P, u' g- h1 a- R, ?- {' _
- [KUpdateObj2 Class]/ Q5 j1 u, x4 D6 D% f. o. x0 w
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>5 e$ ]: e" d) s3 j6 `- ^7 X
- [kingsoft browser shield]
) m5 _& i+ E: z1 z/ [1 s" V - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>+ g4 H! R6 c; m" L' _9 t; N
- [PasswordEditCtrl Class]- l- X, _5 G+ k( B: h
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>4 _9 O& R4 N% H+ C9 c s6 v! Z
- [QvodCtrl Class]
* X4 P- K* J) p+ E5 S5 m* x - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>+ Y( l* N) d/ \( R
- [&使用超级旋风下载]
/ N7 r, g0 ^" S' `- @ - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>; e5 e; `1 Q2 _$ ]) `& m
- [&使用超级旋风下载全部链接]
* }* u, \2 Q2 c5 G) Z - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>$ N& ]- U5 B/ O
- [使用迅雷下载]( q3 [( v2 E! q# ?; V: W6 T' _
- <, N/A>7 l. a% J7 d4 ~" p* G- k9 r! V; u* c4 b
- [使用迅雷下载全部链接] w3 K& j0 x0 y, W
- <, N/A>( I9 j: n. d$ h* D
- [导出到 Microsoft Office Excel(&X)]3 G' M5 w" b( q7 k+ y$ K
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
4 b8 t( J4 v7 p5 N" z9 i$ P - [添加到QQ表情]
5 c f1 u" \% Q - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
( g1 G2 h6 C3 m( {/ F, S - ==================================
' R2 \* V9 n% @: g4 J: P$ H5 o - 正在运行的进程
- k, S5 M" i. x3 P% } - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 a$ P1 h l) q' B+ A* a
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ m, {3 M6 {% |" e. X4 V
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% e" U- g% k0 t, C - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]3 s/ N+ u! k& Y5 E
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& `6 h& q( U1 Z: Q+ U
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 }% X, }4 C ^ - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 Q4 ]( C$ T7 b - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
b- W2 R/ y, v; b" j - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- q$ j Q: T4 u5 o5 l; z
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 n0 B6 ]; s; w- X; _/ A! U7 m8 T0 d+ W - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ D3 p" i8 C" ^) _ v$ [
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
) _; A6 M7 i$ }" h$ g% u$ o; c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 I# l* F9 l) o1 {& `; _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! }8 X" T* ^( a - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]: B8 Q6 K! z' k" a9 p
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! d& K+ a2 m* K1 K) ]6 P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
. X5 f7 q2 W/ `1 k7 A5 [ - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]3 n# l. g# j4 K8 d V
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]- B& j L' Q: [9 ?$ ]4 U
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]4 s# C" }# Z0 r- e
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
8 v# e# Z+ l! S7 C: R! r8 f - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
& r$ C; l( p+ I' C - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
: Z& x5 ^3 I F; } - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]. I& q) `" p1 q& _- \7 j D% A
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]% e4 M0 }: o) q4 _( B; B5 @/ }, D/ O
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
: ]4 K5 }9 l* D$ c% w) V - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]2 M3 D- n1 _$ p
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
" t! d) L+ q% o0 Q9 v: p5 o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
j' I' v3 t- k, } Q' \; V V3 g7 Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ {# r# k( ^2 A2 o9 e; z* L8 T
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
: _' z" E, F4 L$ W - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 o& x9 D8 U8 v" f' R4 H1 M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" [; p% b& H2 K, J1 H; I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! a, ~7 _7 ^8 u
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' `4 ~3 E. ~3 Q, e$ Z4 a. e0 @* d- B
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
- F5 N4 ~% \% l3 A/ G, G& g - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]% a; t. i8 J* P6 q- {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; G0 {% x9 B0 K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
- Q! I1 T& y1 w) @ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]% B6 V# N, V& K! \
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]% r+ P4 f! V# I: ^- S3 r
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! h# d! F7 P, }4 O - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 J3 } X5 j% J5 M/ S) [ - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) y, h v M! a4 w/ ?
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]" H5 t% J8 _" {% K4 E1 M
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 C. O2 ]( _9 _+ p
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ C! c0 Q+ H+ N; n - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
9 J3 c) ^! T6 J - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]' @% `) B* H1 l+ n5 H; F/ g4 V
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; U1 Y9 P: w6 M' |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" n5 l, B* q" _' z$ x6 ]; y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
# Y0 U; g6 @* C% M A* ^ - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
. F$ E; B6 c9 a+ q( q& G - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]" O9 P4 v/ a8 o* s& h- A4 Q; s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]+ ^# P. ?1 P* S6 w1 n$ U0 X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2] t; W/ J3 s6 n, z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
0 y" g* a! I5 Q7 n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
2 q: I. y2 [0 A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]9 _$ @. h( {6 W: D" d+ S/ ]) t; U
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
: r! o! Q/ m4 F6 [5 s0 p - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
( h/ M! W& P3 Z! h - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
& t. S; O+ @' ?% i! t - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]' O' C+ j7 N# @ U T
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]. z( r6 f4 F* H: n8 {
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
( Y. I, N& g3 [' |3 Y - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
; E u# |5 d- D+ E1 L2 T6 i - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]0 Z( l Y7 |+ L
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
5 @* V6 p6 G+ ] V' d9 h/ B7 s& h - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]- b) X3 q/ ~8 z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 [' j; { j6 \: @; q7 E' ?5 z2 b
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]( d7 l1 C3 T# [
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
9 i: g) X# Y' f+ H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]% {0 [2 ~" s+ l7 U# X/ {0 C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% S4 q! S. M- c! ]* k, Y: s - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 f( X. O2 f# G* g# V% H9 ] - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
% t! G$ H* d2 B% R( H# { - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. t) Z1 k* _& ^: e) f3 y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 l% w4 d; o3 @1 ?. V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]2 a9 R4 G: H; J- D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
; p2 a) F7 u f - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
8 O3 c4 d4 |" j! n+ T - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
7 q4 G7 n$ j( w" M - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]+ y3 t( h* Z$ G: b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 m8 G$ `& } q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# s) Q% u( i( W/ n1 K" {
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ \# M/ s1 H# v% i
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]7 s" ` P2 `+ A, Q, J: X% ^% Z
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 A; N. \: j7 \4 A$ q, x" R+ c# @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
- g/ p# |- V4 d& } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: Y; X1 v+ I, K* P" Z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
! S/ c8 t I+ l' r) f0 A - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]# D) F/ c3 j0 u% @ r
- ==================================
( w& v9 M# M' k; K" J. s - 文件关联* M$ h, e1 I) x# u v
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]1 I" @& \8 j6 h3 Y U( E1 k* ^2 @
- .EXE OK. ["%1" %*]4 r9 W& K$ x8 X6 {. d5 j
- .COM OK. ["%1" %*]% S; }3 z; C8 f4 S. y: C0 D
- .PIF OK. ["%1" %*]) b2 Z; s( Z6 x7 ~
- .REG OK. [regedit.exe "%1"]) T: I! Y$ H, r- Q6 [, r8 [) Z
- .BAT OK. ["%1" %*]
7 Y7 R, A6 e- C4 ~1 ^4 s - .SCR OK. ["%1" /S]" @+ J+ x* l5 B/ A/ ~3 L2 ?
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
+ o0 |" Q+ V! [9 L - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]# r+ G# V- Z$ I) a+ y7 V8 B
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
: O1 g) }: |3 U/ e5 X( H1 C - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]5 q. b2 R! I; ~
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
' x5 K1 C: P) Q: H$ d - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]6 V- U; E8 r9 M
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
. f! k0 n2 i0 ~+ a6 u0 }8 } - ==================================
: ]: r- [: ?5 E: m' Z9 P- i* Y - Winsock 提供者! b; R+ U' h, Y, Y2 _
- N/A
; `3 {2 g( n0 N8 V$ B - ==================================* V5 k/ o# _$ x- i# U+ w4 j
- Autorun.inf ^; s7 ^: C5 ~: o2 W
- N/A7 @& O" R% [9 O
- ==================================" `( F8 J6 O7 j9 Y: V
- HOSTS 文件5 Y8 K" a" p- _* N8 V
- N/A: f6 [: ?* G* w& `
- ==================================3 f- }: ]( d' _ d
- 进程特权扫描
, @" Z$ g& Z, [' C) I d9 W6 G/ M6 r - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]2 G& P" e* N% b/ @) x; b& _
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]+ N/ v+ M- q: F+ m/ h8 G
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
E/ d# O! R* z; F, i - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
4 {$ Y# z9 K$ j/ N S! R4 X: U - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
9 U0 W) E; W0 G" e - ==================================6 ]* Q# M, v$ _ E: A _
- API HOOK) q5 O& ?# y" n; ^+ V# d4 g1 g
- N/A$ j% _. U9 Y, k ^1 j
- ==================================
+ @. u/ {' y8 a5 ]; R6 i - 隐藏进程9 x% R) [2 _* j0 _' r8 Q4 X
- N/A' r9 T6 R$ E& h/ y; Y
- ==================================: h1 j0 B0 i( |5 H) ]7 ^) Z ]; L: ]
& b$ C% N6 s4 ~/ e1 G8 |: C
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
