|
|
# I9 Q$ I6 S% M1 e- {- 2008-05-22,20:37:43* }) p# r' k. C( p; H$ z- T
- System Repair Engineer 2.5.16.900, @ C1 a7 q$ S/ Q. k
- Smallfrogs (http://www.KZTechs.com)
) i2 `9 B* m! x1 C - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能; K0 o1 r c& C4 ], @4 w/ |, c
- 以下内容被选中:
1 e! @6 ?- y* _3 z0 w$ d" B - 所有的启动项目(包括注册表、启动文件夹、服务等)' r0 k5 V' M& {6 G* r
- 浏览器加载项
$ d4 g. O1 w# a, ^$ E3 E( @ - 正在运行的进程(包括进程模块信息)
, G2 K3 Y/ O/ m, \6 t8 H/ C - 文件关联+ _0 y% o% j. F7 M6 i/ Z
- Winsock 提供者
6 c! T; ~6 H7 _* B F - Autorun.inf$ G2 M; c+ \0 l1 f% H B: C
- HOSTS 文件
4 I* d! ^4 ]/ { - 进程特权扫描
' b( I) S$ S# Y) R1 k
4 N) { Q% d% p+ `4 c7 w7 a: H5 {- 启动项目
2 \% r: N" j. g9 v8 I - 注册表+ V) A% f! d0 ?; M6 {
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
2 c) N8 @: P9 H1 u( M - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]8 N- G% R8 Z* C: j
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]7 ~0 E c& O+ P& O( R
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]+ v. s; m' K- w8 B
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
& Z, e7 H" d0 G: r. E G7 ? - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
' @; y3 ]$ O! D( W+ m - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]. r. @3 q, F1 d
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]" K( ~6 E7 k. Y! p; \
- <PHIME2002A><; > [N/A]& q; l. ^+ @9 P0 ]* t
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
: n7 `. K. Z5 c# b - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
" ^* B; P8 L$ o - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher], K6 q' y8 o6 l$ t; W9 g0 n
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
6 Y. T1 _2 s' @6 j' Q% L) v5 h - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]5 B+ w# K* Y5 ]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
% ~6 E# g* w& O- R0 Z - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
! b* r5 E, W$ W4 z7 }! w - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]# ?2 }( D$ Z) X& M1 w6 N1 v
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]+ @) f5 ^( C' O7 X `
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]. G4 f2 j0 n }" N& T* @2 h- w" O
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
, j% q& m2 k- W. f7 y: V; u4 ] - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
; {; y9 I8 H7 d, k - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
+ F i5 @# A1 q* l3 l - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]: i% X" o4 Q8 t3 g# A6 l4 }
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
% g+ Q' |9 i( o' ? - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]! {3 F) n ?' T% v
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]: O1 [' B- {! @$ g1 U( `
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]! w1 i! n" H/ l5 u: |2 Z" R
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher] H5 j- y8 G& c+ _8 b, t6 G
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
7 U, c: c/ d; ]6 h$ J9 A - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
; r7 d3 O d6 S% t - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
" I T1 X6 H* f' Y' b( p - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A], c' J* z' z: g( j
- ==================================
" X- o# b4 X( S6 F6 t! J' Q/ _ - 启动文件夹( _4 P. v( e# q* A3 f
- N/A! r4 B. C* [( }: Q
- ==================================" I; [4 r* q4 Y4 T. X3 y
- 服务$ y3 k `$ C' K$ V3 T, y- d D
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]/ n7 q3 h3 c4 P! ?3 {1 P
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>- Y& I) [( P1 v/ L2 x
- [Google Updater Service / gusvc][Stopped/Manual Start]
+ f& y8 H1 n4 M( c& s - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>) t I: |" w( W% ?
- [Help and Support / helpsvc][Stopped/Disabled]8 |9 r: h3 U- y; \2 o
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>4 U; d y P7 P# K
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
7 f' D1 F0 k% q* w+ Q - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>; d* F2 e! u3 u9 @& y
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
* B) u" _2 M3 f) p8 Z% q6 \# _' k - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
5 R. I5 v& z8 }7 `8 @) n$ ? - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
. E- l! i I i5 S: X% W' I - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>% x8 ?1 y1 C" e/ I# K- Z' I( U
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]1 A8 p( c- D6 T: X; C/ x
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>; h3 Q/ x7 ~5 O6 j+ F4 K
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]! N; z" b: K4 Z# B- B
- <><N/A>
) S! B7 i& J- D% g6 L1 m - [Qvod Terminal / Qvod Terminal][Running/Auto Start]8 b4 B' `$ I, d& k' A! x7 `, ?
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>8 {/ K3 |* C( u* z5 i
- ==================================
; n6 ]" s1 r# q. n7 x - 驱动程序' W7 H3 O$ ^' V
- [22j / 22jn][Stopped/Boot Start]
. L5 a. o' j+ ^/ g - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>' A# t( T3 ]0 A. C R) a
- [360AntiArp / 360AntiArp][Running/System Start]
. v: b3 l) T5 C8 A& w6 ]* S- j - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>2 C" \1 ~) D! Z" E: [& S
- [43ec / 43ecu][Stopped/Boot Start]
% r. @ c: a9 G1 T: G4 m3 r - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>! l5 _% V' e, \
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
$ C- O2 x6 ?, i9 D9 X - <system32\drivers\ac97intc.sys><Intel Corporation>
3 i, }' f& C, b* T2 l) P - [Promise driver accelerator / bb-run][Running/Boot Start]5 r7 f* @" ]% o" f& \) W
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
9 l' x0 i: z% X$ | - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start], ~* T4 | y" {& ^3 C' b7 w
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>7 }& y' U# T: `* V7 N
- [KAVBase / KAVBase][Running/Auto Start]
: A! d( K6 l) o- N - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
/ g3 o( Z; d( [" f, i - [KAVBootC / KAVBootC][Running/Boot Start]
, c: Z) x+ h( m9 d - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>8 Z/ c3 ` j8 ?' ^1 d: w2 l3 ^" f5 P
- [KAVSafe / KAVSafe][Running/Auto Start]
' W5 F8 v! Z8 V: F - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
& j2 ?9 P; [5 K+ |5 N$ Q8 s - [KNetWch / KNetWch][Running/System Start]
( D3 j. _0 Q- [0 @, [ @( I& w - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
( W# F+ H- \2 A2 f( { e( b - [KWatch3 / KWatch3][Running/Auto Start]8 F9 U% Y& }: a% {' g: j
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
. Z: j. m8 i* o& N5 M - [ntptdb / ntptdb][Stopped/Auto Start]
8 M" e" ]2 U% _: X! z% o2 z - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
& d* m4 U Q. Z# q - [nv / nv][Running/Manual Start]/ d/ l: ]' t$ D7 o H3 ~5 i
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
r% K" d4 [) ] x7 l, | - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
0 T# g' n2 `& u' D - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>. {$ ^7 `6 |% F! Q, G; X8 N; v
- [DDK PACKET Protocol / Packet][Running/Manual Start]# G" S8 E- V7 p& y j7 s+ v7 z
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
% L2 P/ o- v# M) r2 l( Z p - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]5 l' i. g( _$ q; z0 s
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
6 n- P. \, {2 y9 C' c R8 A - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
7 _3 }) Y+ ^& v" \ - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>0 b) M7 m L& S
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
, U! F- T# M$ s0 L* z2 j3 z - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
% b x+ p( f! X- E& v% O - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]) E( i( M1 }6 r% ]) V5 {
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
' V8 |7 t' J1 H [1 C; L1 Q - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
0 }9 D; V3 p0 [9 Q0 i - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
* p% n( p; N$ e5 i. ~9 R/ E - [Secdrv / Secdrv][Stopped/Manual Start]
& n3 l1 ^5 @" x1 ?8 E: X - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
# W; } j4 b3 p7 c7 C& ], ] - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
( H; ^; `5 k* z' K: {" ~- a* W - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
# s& l! y4 {9 q9 ` - [System Restore Filter Driver / sr][Stopped/Disabled]
" K' v8 s" Y% l' F - <system32\DRIVERS\sr.sys><N/A>
! L4 q* m" _3 p1 |0 E - [TesSafe / TesSafe][Stopped/Manual Start]- @) {2 F2 [' g4 J+ w# k7 j
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>! D% k) M% \/ s9 e; J. v
- [System Services / unzxzsrs][Stopped/Boot Start]
2 i3 m; M% W4 I& l) X - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>- z& c% c- T8 m% M& U+ _2 ~
- [ViBus / ViBus][Stopped/Boot Start]1 F6 {* [ b* W9 c! H8 R h8 T) @
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
8 O( N1 a6 c3 P3 h. s - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start] P1 P* F d+ t) j" ] l( _
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>1 G, [" `# q% r$ U2 V1 m1 p6 {/ C2 ~& a
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]9 ~2 ^# K" y- {
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>. |% M4 Q# T+ {5 D f7 W
- [ATI Extend / zhibmaso][Stopped/Boot Start]
& L6 ^0 |& R# Q7 w - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
# n+ z) k; E, n' H - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
* @7 r4 Q2 _/ g* d - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
( P1 n+ p- m/ F3 F: ? - ==================================0 d o4 i! \( `2 {- G% u9 s4 Q. {
- 浏览器加载项, z% w$ L x7 p& M
- [Google Toolbar Helper]
$ W' A: [& O1 y; g$ I - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>) W9 J# C/ ^' L! y1 T' Y% d) |) y
- [Google Toolbar Notifier BHO]
+ \+ X, L+ D8 a, L - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>, L) N- N( }+ Z9 g9 N* ~: O/ q3 z
- [SafeMon Class]
- X# L R- f5 T7 _ - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>9 \' T3 x- Z3 J) ]
- [kingsoft browser shield]
7 ^1 w0 i( n4 }2 \4 D - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
- v6 I6 {7 C1 |% [ - [IEBuddyExtControl Class]
1 J, ~: `( k0 H& `% U! s) C/ L - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
9 F( V% c' Z! Q; M' Z - [Zcom 杂志]
# _* O6 p( I5 Q - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
L% U5 g/ \9 z7 j8 N - [&Google]
$ j. r- B( Z3 r7 D# A5 N# u- i - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>( w; o: D( |0 L+ ?# R/ U- t' u
- [KooPlayer Control]
# @) [% O ^2 I6 {9 C5 v - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
8 I: @/ f) j k* D5 d) s$ S7 g/ M - [Shockwave Flash Object]& Y+ G. P3 Y# b* v% K5 C6 W" ?7 e" ]
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
/ m" \4 h3 m. z% x - [KUpdateObj2 Class]& s; g) D. {& R" T% A
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
' [' b6 c( A: h! i4 G - [Google Script Object]
7 \* o7 t$ b! d - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
& ~6 d1 [% y4 ? m - [EWA Control]
% V7 D% @: L3 s/ w- i3 w - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>4 T# K; q/ q& F7 ^3 h
- [Windows Media Player]
$ Z* p9 C! r( B( _# o- s; d - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
+ @: w: w$ w6 n& @! x( V - [&Google]5 w$ K% S; D2 ?3 E. i: b% a
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>8 w/ o8 W" @1 d! w2 N P
- [HTML Document]
3 L$ L; l* M# g i - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
L+ I7 J+ q, Q0 `, V1 `$ V - [DHTML Edit Control Safe for Scripting for IE5]
0 u9 M0 ` q" T& a1 ~- S - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>: e& q% P( M0 l) W. c7 I4 ?
- [RealPlayer RAM Download Handler]
: v) w. A/ \' n* V, G1 A - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
5 _) M! \$ v, ^' U3 C - [IEBuddyExtControl Class]. D5 @0 y# |% l$ U& `! m, S' p8 R. S7 l
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>8 z9 H+ S/ k$ P; l3 V# T& D) L
- [XML Document]
9 M" k$ v: z1 p - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation># v/ ]- [" ^8 Z0 G. H
- [HHCtrl Object]. I. L& u- d- \1 ~% q% Y$ d2 i
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation># E0 R2 r+ i) Z" u4 b6 v$ o% i" _$ p
- [Windows Media Player]
3 M0 M0 w, _# S. w; ^) p( I/ q+ M - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
^" ]6 U( w1 N% d2 ] - [Active Desktop Mover]5 i$ |/ O7 K/ a: J
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>% c- ]. f( L& k
- [360SafeLive]; q, t" b' H: y T
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>4 d# }- L q/ Q C* e
- [Microsoft Web 浏览器]
$ m8 n: `0 B4 p' u, s! N - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>) c% K+ T, k8 a9 K( e
- [Browser Enhanced Objects]
# F- j: O# g4 H- p* q - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
E: F- H- w9 ~ - [Google Toolbar Helper]" b7 K% [" }8 a3 s3 a Q
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>/ v' T) T6 Z: x/ ~' U2 U- F! t
- [Microsoft Scriptlet Component]
. L2 o) M9 m$ c - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
: j7 ~& X/ {; \8 o# F - [Google Toolbar Notifier BHO]* _) S7 P) b0 }2 Z. K O* H! a
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>$ V4 @5 {6 |* D; i( K6 {4 w
- [SearchAssistantOC]
4 ?+ W8 G3 b+ \% C+ D- i7 Y - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>- h+ {1 J' e/ R0 ^
- [SafeMon Class]8 s& H; N3 H& a( h& V/ O+ X
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN> d, [; l+ S9 t5 `
- [RDS.DataSpace]
$ H6 u' f' z9 P6 D2 w - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
2 R% L! F! V5 B+ {8 w, S - [KooPlayer Control]
# \( P+ f5 ?: A+ ^( H - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>3 t' ^$ g6 d5 r
- [AUDIO__MID Moniker Class]" M/ |' ?6 V* g! V; f
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>1 I$ }& \- S5 g% y, e* i
- [AUDIO__MP3 Moniker Class]0 t5 ` G0 e) r1 p3 g: |4 m1 [
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
t& {% I- X) @5 n9 w# ^' g - [AUDIO__X_MS_WMA Moniker Class]% n h: t1 v; t5 N9 E7 C
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>0 E6 V' M3 Z( K C( N+ c) F( ]- P1 y& s
- [VIDEO__X_MS_WMV Moniker Class]) G2 k! \* J, M4 z* I \# y8 ]
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>$ @- s }3 d2 |2 n
- [RealPlayer G2 Control]
4 R+ b3 Q4 ]8 c% d) u+ ] - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
& C, l; }. w* } y) i - [Shockwave Flash Object]( E g' z9 @9 a7 v
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
" g9 o; F0 k% ]3 [3 c& z - [KUpdateObj2 Class]
* {% G" K3 I( e& s - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
+ g( U$ d; b/ a; v - [kingsoft browser shield]! s) U& J1 Y4 n+ c/ g) s2 n
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>4 @ o+ {8 p8 ]) K' [
- [PasswordEditCtrl Class]
# T* r. w. v9 R" L! [/ z1 ^8 O1 M5 l - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
; K3 e, p8 L& {4 q9 R, N5 e - [QvodCtrl Class]% p( n3 p+ r& |4 Q6 T
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>( `. U0 C6 {4 t; Q/ l- C
- [&使用超级旋风下载]
8 Z2 f0 b* L8 F( E4 X/ F8 K - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>5 ?7 W+ d G' r. w
- [&使用超级旋风下载全部链接]0 X3 W6 K# F) T$ D' D$ b
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>1 R8 f6 v @( K6 X6 ` }5 r1 K
- [使用迅雷下载]
; k& e9 T6 Z* A1 k' U& G - <, N/A>/ b. R6 B1 r& ~& X- w, e1 C
- [使用迅雷下载全部链接]
" J. {/ ?" y+ i5 z5 ~: h - <, N/A>
; b- f# B) Q3 W/ ]8 u! N - [导出到 Microsoft Office Excel(&X)]
3 j& c- \, V q( t! L1 X - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
- u# g1 S* B6 d$ f. {: t0 s$ w, L - [添加到QQ表情]
- B' T+ ^7 w; }! s - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>: X- h7 D1 [+ H. @, Z
- ==================================6 H# a, d( f0 }5 U t5 s- O1 B
- 正在运行的进程+ h" s* |1 b- c9 q* I
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 B8 y# t1 W* U) g! H6 S6 I - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: a' Z& V% |# W. X; i
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; R6 I5 j% [( ]' A x% G: Z - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
1 ]" r5 i: M- r! I0 d. {6 j' `9 a - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( S! f$ h% H5 {9 } - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 V X$ K% A: Y
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* P: |' E# x" y$ f - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 _9 X& p- q4 t3 Y( ?/ ]* S3 a - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' _7 S5 r Z% Q, P; ], x9 e - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( k1 ]3 c C) Z - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. I- Z' p& v- u- \. G3 H$ s b
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]2 H4 y4 m* Z$ ?9 i$ }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 N! ^$ t& i( w- J+ C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* F# e2 @& e. b! b" D* \' w# O
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
% [ n: w$ b5 ] v - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 P; q6 u4 ^5 B
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]/ p% @# x: D5 {1 K$ ^) {% w
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
N; \/ [6 n3 v, k5 A( X4 L0 B - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
, }5 M. H+ C% X! o' d( u8 G0 F5 M% Z4 [ - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
" \5 W9 d6 X; g5 R5 F5 N' f) t' g8 ? - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
3 J9 ]. R% n! Z9 @+ D; I! P - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
1 _8 q7 n G3 H0 | - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]" V' z* ?( q- A* t
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)], J4 l' ^! G& ^% y6 S5 k8 [
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]! \7 {% p: U$ c4 h' e S5 ~8 u
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
. Z N& {" s2 u+ o1 X - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]; G! w% s+ f3 `5 s; m
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
- @# @% D: I+ y/ w0 u! g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: J0 u3 q9 V; T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# Q2 [6 e) l$ ?+ r4 o- x" s
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
# V% l1 h! K+ J3 u5 ?# n' S$ W - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' t& x' n; D2 m& K" f; R+ i, K' D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 x" g# b5 P W' Z! w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 e# ?: b9 n4 u$ j: K. k& O
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 l+ b% y5 S0 h }7 B( E. u4 I7 s
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]8 o3 W1 S, j z$ S6 A2 X
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
3 } X3 D1 ?& W( D w3 { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] G0 s( F- M- v4 w% @: }2 e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 J, a+ D( _6 @: r2 @5 s9 P( e8 f3 V" v
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]4 b" Z: G9 z. b& v
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
3 p% @ Z* S' w p - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001] c( \7 H) p/ Q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' J9 A" j3 P8 n+ }8 j1 |: ] - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 C) K+ p0 b# ~0 z" C$ L2 ~3 e
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]0 z. w# ]( x* O; g
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& u0 c' R7 i O! I( L+ i - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] Y9 ^/ Y& Q) R. G; }
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
% V0 I4 F" N' V' m$ \: h - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
# m: N% T: e2 F' A @. g - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 j ]3 H, C$ w5 \9 i4 d$ f) \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; ^& X0 S0 ]5 d9 {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 M' M8 h, ]9 y- s& |
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]5 P. |3 m9 a0 N3 ?' G8 U( J
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
/ M& `3 b5 n! W2 [! w# |5 {% \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]8 T# V1 z; S0 F" g# O+ f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
: B6 P* u7 ]$ M. G9 ~, s; N* ~9 Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
N6 B1 I! v1 d: u; w, S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]) m) p5 I; g3 q6 w" e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
- O1 @0 _* K4 O - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
+ \5 Z" @8 G/ Y* B0 f' x# t) t - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]1 a5 A/ q! a* v- g) C
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
% n5 N5 @ x$ [8 [- ?! v; I0 J - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]1 o U- k% b! @% x
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
* P. z: M. I* M0 H% s, Y - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]1 N) y, d( V" @! N! m2 k
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]* F! p8 C* @% E& p3 F
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]( y/ n$ V7 f6 c* g0 A' J
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]# y* F7 N, E- m% j, N2 f( q
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]% g& N8 O* z g' C4 |3 a
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 o' ^; h1 L$ A( Z: D+ C @
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]' m* F+ Y) M' J6 U' C
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]+ ]+ Q$ x$ V3 a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 Y3 M9 }+ O" o& f8 v, |- T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 {* L; m; ~0 H* m- j2 x - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
/ E5 f8 N6 O! ^. b6 h5 d: } - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
" u z5 Q8 q. N - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 D' ]+ m$ C" H+ t' ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 P+ m/ ~7 I! ?8 Q! ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]2 \ i T7 Q; k$ n* l) E
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]% M9 }7 n; i' Z
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]9 a/ Z) h" w- u1 Z& s& p
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]/ b/ m! T. v2 |# Y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]" f2 m9 [; D+ @2 m) D0 M0 [' E( v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. P' B" m; X& U3 s# o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: G0 K& a) V, ~. E6 Y4 g5 s' Z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. ^( w" g2 [4 f& T
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
/ D; y- z' M0 d5 B - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 P/ X5 j% l5 j# m8 Q+ ^ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: Y; R6 C, M0 ~6 r- Y& l6 m8 C - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 u( m+ x m$ K: `- ?6 b - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 ?# |8 Z& f( F( U! V$ W$ \1 n - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
: q! R1 V9 p, x9 p( V5 \0 r - ==================================9 s: p* r4 l0 x5 A6 i7 i
- 文件关联: [# z9 l( X' h9 V; K
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
5 ^6 |6 P0 P. E8 t' c$ [ - .EXE OK. ["%1" %*], k. Q1 C/ `' ^* ~ L; U5 Y
- .COM OK. ["%1" %*]0 |( X! G9 |: O
- .PIF OK. ["%1" %*]
8 o6 ?& c1 A3 _& ]( ? - .REG OK. [regedit.exe "%1"]/ ~6 s" B. v" O/ U5 Q: O6 g+ `- q4 ?
- .BAT OK. ["%1" %*]0 S! I" p: K) }; p3 M; T
- .SCR OK. ["%1" /S]
; m }6 l# H4 n' H& I4 y - .CHM OK. ["C:\WINDOWS\hh.exe" %1]/ Q- C/ l# P- W1 N/ R8 e3 ^
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]4 k$ w/ U% G% d9 H
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]4 ~2 X- n4 c7 L3 C0 E
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]7 |" A/ H/ X& D3 S. w" q8 C; J
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
1 d( P1 }- e* Y, B - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
; H( s0 E7 q6 O& H - .LNK OK. [{00021401-0000-0000-C000-000000000046}]! }* H2 J; S/ m( u% Q, a
- ==================================8 G/ u$ L ^( l. p% B; [* k# h; u
- Winsock 提供者
* @. z2 B1 j0 z+ M0 o - N/A
6 e! w! Y" \/ t4 {4 s" e$ J* c. i9 R - ==================================$ s2 a) Y7 k% v8 ~8 Y7 m! H& L
- Autorun.inf
8 G2 s% c* _! ~% k% S! r - N/A
- y* T6 e" t- e2 k, } u. K8 X - ==================================
( F/ V7 A" Q9 [" }# N - HOSTS 文件! r1 r3 A& ^# h7 t
- N/A
_: n/ d0 D9 n N4 I$ g2 C$ f) i" } - ==================================
4 E0 {' t' \$ h( Q1 ? [ - 进程特权扫描; Y. x7 ~* o$ i5 Q7 Q
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
3 u1 n& ^$ w. E% V/ ^4 @ - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]; [! i1 R6 [8 J. C* a
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
/ [7 `4 y, ?$ h, w& v6 L" z, m- ?+ k9 l - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
( ] f' J4 X) d* `. r5 m - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
9 }( A0 m0 r3 Z - ==================================
' }1 v& h$ p$ M0 T+ d - API HOOK
. l/ t c: J7 A1 } - N/A
( M4 U7 p, C% V e3 L* W/ v7 B( y - ==================================
1 |5 A0 N7 v( b2 [ - 隐藏进程4 D* |8 Q R7 T# ]" D; q2 g
- N/A- _- v) z& C# o' j
- ==================================! |; [1 F7 m# j# ]& D$ i7 q. ^
% d) H% e; h- j' L3 u; {
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
