|
|
! W5 }/ s/ ^7 A/ B- 2008-05-22,20:37:43, C0 c2 y( N8 C7 k5 T
- System Repair Engineer 2.5.16.900
8 R* O( }% G4 V4 h* K2 b - Smallfrogs (http://www.KZTechs.com)
9 U( v/ h; e% Q; N y5 Q& Q0 B4 S - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能% V7 d! T. C% h+ P' J
- 以下内容被选中:; }0 E" L7 z( S6 M" D1 i
- 所有的启动项目(包括注册表、启动文件夹、服务等)
1 P6 [' m" q, i/ N - 浏览器加载项) c* s& L& C* k) d( x$ @
- 正在运行的进程(包括进程模块信息) s8 m% ^( O/ K. u/ O6 q
- 文件关联
8 j" ^* V# V8 o. J. C - Winsock 提供者: `( h! q3 S/ Y4 [
- Autorun.inf
4 {9 p1 K1 A6 j% }6 B; s - HOSTS 文件
$ E+ Q* e/ c: {& w" u - 进程特权扫描6 M5 [" O2 @- L: G! M
}* ], N: {$ U0 A5 P. V3 R- 启动项目
2 m4 E4 I/ Y' P - 注册表
- a5 A1 q T" P+ } - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
) T9 l2 r; T9 R6 p% j - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
! ~ S' o4 L* q( D; m - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run], y* c$ K' Z+ ^7 I! @& I
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]; U8 n7 R+ E# a0 Q6 D8 s$ \
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]) M* w" u, ]4 u0 K3 M8 K
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]0 S) a+ r3 } |4 O+ K2 b% ~* r
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]( P) x0 f3 F1 g6 ?
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
" H9 o& W& w* G* W0 \ e - <PHIME2002A><; > [N/A]
6 R/ e2 `% B: ?# ]" Y( o - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]# C6 H4 ?! s& Y! F3 }1 Y( |
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
' y6 a( B: F3 a% Y; [ - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
: V" n9 `8 s. v, D( H$ n0 I - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher] C, f( K: u- I m+ }
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
, B: b0 o/ v- i9 V& ]& Y7 H - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]5 u; A0 H+ d( C& [8 w5 S. q& |
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
+ k2 U }% |# [ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
9 I' a5 B7 b% V. p' j, t - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]; ^: h2 B3 n* T# y/ l8 E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]/ _6 g& L9 d8 q( `
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] O0 [5 R V* [8 r' e$ ]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
2 m4 d/ R9 l: f' @' P - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
% E* y$ e% k" J - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
$ w2 N9 G- [+ B* f& j/ g9 q# B - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
( ~- F. H- @4 K1 G - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]' j8 l6 y1 d' S8 R' \! U: R! K- _
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]% y; v4 |6 b9 s2 s6 S% Y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
6 m2 b+ K% R( _7 x% { - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]& H) e* U1 j1 r, Z8 n; l t, g$ @
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
! r7 t$ ~, q4 E. a - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
* w0 l- W0 S- K# ? - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
! |4 M+ `5 |, z. ]! e% B- e - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
! y0 m4 K* u/ Q. L9 C6 C# z - ==================================
- k: e0 R I. Y - 启动文件夹
8 M0 y% p4 r7 h) O" f: J% V0 B - N/A* F B0 w$ [9 V/ i! m% n; ^, a
- ==================================
( f" Q1 T: g ~" A7 E - 服务1 Q( ?$ p5 L1 f1 B6 b3 F9 a
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]8 P3 H/ D+ M! o. H
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
# t' M+ q3 `, k* w: Y- n: V - [Google Updater Service / gusvc][Stopped/Manual Start]
+ q X; u& w" {* j" c' C - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>6 u9 n3 N, n7 O- [' k! B" m9 ], |1 `
- [Help and Support / helpsvc][Stopped/Disabled]5 {% I* B7 P$ u% z/ D5 J- y
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
* ]# [0 O0 Y% j/ ~# ~, n - [Human Interface Device Access / HidServ][Stopped/Boot Start]# b9 A @5 C/ q5 [: W9 O% R7 T- Q+ n. e
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
; H, z d) t/ F W h - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]7 v/ X& d$ U8 j$ J& m
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
1 G3 v: D( N2 p% N, |7 j0 J - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
( S, e6 `& C6 }7 J5 I0 B9 @ - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>) j/ o+ o4 ^( I6 y# [' [9 ]
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]3 _2 o; I8 C4 W# {$ l' }
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
9 c w* i6 a; v( ?" b - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
% C6 W8 H3 U8 W. |* o' V - <><N/A>. o* K! |; S8 p8 `, C) s% B; B
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
4 i/ |# E d( A - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
! a$ m1 H$ W1 M* b4 P - ==================================
5 f1 ~$ [ [$ Y, i - 驱动程序/ ]& k- x! a( J
- [22j / 22jn][Stopped/Boot Start]
+ z0 q( F9 z# H$ }2 _ - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>% r# Y4 S* c) \
- [360AntiArp / 360AntiArp][Running/System Start]' O. w! w# N( M, }* \+ w
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>/ I) p6 a5 v$ q& U% ?
- [43ec / 43ecu][Stopped/Boot Start]
$ [2 A, s% p" ^# t" x - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
8 z m2 E8 a1 O: P' w - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]( F* @0 @, a2 S' t3 p( T3 p$ _! }4 o
- <system32\drivers\ac97intc.sys><Intel Corporation>
& u' @( D2 c, e1 h - [Promise driver accelerator / bb-run][Running/Boot Start]
# T; I: w& s: D+ p3 l - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
) e/ U% A* G# j Z - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]+ \3 s* m: n9 T, T ~
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
# C6 d' I) {2 f6 N0 C - [KAVBase / KAVBase][Running/Auto Start]' D9 E& x1 F8 q
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
2 L _0 R8 w1 y" W2 ] B - [KAVBootC / KAVBootC][Running/Boot Start]/ d$ p8 ^8 ?/ d E4 z0 l
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>% W$ ~8 E& t) `) v8 i) k+ P
- [KAVSafe / KAVSafe][Running/Auto Start]" B& C. Y9 A5 G2 V" V7 x) |
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>" \# j6 J# }+ {
- [KNetWch / KNetWch][Running/System Start]
+ X% ~& E; {, c0 V. @ w% ]. s - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
+ T. b" }8 k) s8 u9 s - [KWatch3 / KWatch3][Running/Auto Start]2 }; d8 V8 t* r6 C
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
2 `" b! s, z) v7 C7 \( v0 q' e+ t - [ntptdb / ntptdb][Stopped/Auto Start]6 n5 h) X- z% J- M5 a- D
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>( {7 S1 i7 F' ]+ O! T- l, f1 f/ G
- [nv / nv][Running/Manual Start]" z) a+ x9 O7 P; o, T0 M- S
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
( q/ t/ p: L0 W; z2 g - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
1 w# }- a% @: v I! \ - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>8 q) ]5 a4 m# \; B" f2 a4 n
- [DDK PACKET Protocol / Packet][Running/Manual Start]
: `7 `, F: Y0 ~8 P4 V; v) p% l0 c0 X - <system32\DRIVERS\ProtoDrv.sys><360安全中心>; ?: r. } h, m
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
; a3 F- B( ~( I! T8 E7 e U) D0 U - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>/ Y# |* R# Y8 A* Q( t
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
. A4 {9 ?6 Q" G7 H( `+ j - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>- d. S6 a: `& M+ L
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]2 H5 o3 q2 a1 }1 L: a* [5 H
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>0 L9 y0 Y1 X) ~1 v" I
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
/ F0 G5 C6 A6 Q5 }) I2 D a - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
* @) {; x8 H$ { - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
$ E+ l( x5 v- \2 m8 [ - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>$ f/ y# ~1 ~3 R. ^- S% K
- [Secdrv / Secdrv][Stopped/Manual Start], C7 n2 }0 T2 a& W
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
1 G' w! F" s( X e! f, y) B1 B - [SATALink External Device Filter / SiRemFil][Running/Boot Start], N6 s3 h/ s- K6 ^. E
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
2 r+ |$ {: a l, A. ?( { w0 o( s - [System Restore Filter Driver / sr][Stopped/Disabled]
) y/ b' J, l1 ]7 h* O; ` - <system32\DRIVERS\sr.sys><N/A>, }+ n8 `( f5 g+ f! i3 }1 Z2 w; Y
- [TesSafe / TesSafe][Stopped/Manual Start]
! o* a/ J# ^( \# Z/ d - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT># u e) g- n# c
- [System Services / unzxzsrs][Stopped/Boot Start]
+ ?/ i( k$ T, K) @ - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>0 U" X. h; e( y4 v2 q5 M ?
- [ViBus / ViBus][Stopped/Boot Start]
. ^2 E* E% d1 r - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>) {- @6 H. N7 j: T; K, b. Z9 ]; N
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
$ b6 ~. G# X% C, R& M2 H6 d) r+ b - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>0 v- F3 H9 J+ {! ^) u& U/ G2 W* E
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
" y! e4 _3 I& a$ v- T* Y - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
( k o5 n# c. N - [ATI Extend / zhibmaso][Stopped/Boot Start]; m! c1 Q. k8 {; Y* u$ O
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
& U, A# @: L! ]9 Y6 V( N - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
* e$ \' G, l) Q - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>. r/ m4 f4 |% `
- ==================================
- [+ l' c) W2 p Y! | - 浏览器加载项
7 T5 ` } ~! _( l! \$ R2 | - [Google Toolbar Helper]; I) {/ c5 M# ]/ \+ T& j
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
- H0 M0 Y0 b- |6 y7 n+ H - [Google Toolbar Notifier BHO]
) M/ D, T4 N3 b2 Q k - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
: \: n7 Z$ V# a/ p; M& L! g - [SafeMon Class]- A3 u/ R9 J' q& \/ W/ H9 O
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
" B& J( ^9 \0 i% w% | - [kingsoft browser shield]8 I( A$ e5 y4 l" F
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>+ g U: y0 {4 @/ M, D& H2 b
- [IEBuddyExtControl Class]# k9 e( K) E4 K
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
) J0 u6 \7 H$ W7 U% V& P - [Zcom 杂志]9 P! z1 U3 A; o4 u
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>) g* @+ E8 C' @
- [&Google]
6 t' z) K+ I* J0 f) K9 R' j - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
- c6 n- f" y5 \0 W - [KooPlayer Control]
7 C% p4 w( W1 l' m' O# b - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>; g; c2 D9 V& L. u
- [Shockwave Flash Object]: S3 t$ s* B& d* p( _; t, |3 m
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
9 }( V/ w- W3 Z+ S - [KUpdateObj2 Class], B- O& u' o: r6 m: S1 ~9 c* g4 c
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
% |9 p o- f3 l: E) C, x N - [Google Script Object]4 z% \, E, \) _5 ]: V9 O
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
2 g) F% m% e5 \7 e" V - [EWA Control]1 m4 ?6 Q0 Q o* E& l( |( d
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>4 G+ y4 i1 @. Q) J. K+ {
- [Windows Media Player]
* H8 p; m) o$ N/ n - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>. b/ @0 H$ M6 E4 Q
- [&Google] r# d$ I8 |! J4 p
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
' u/ Z7 q( H+ l2 u5 X F - [HTML Document]" d, w; T+ G1 H5 c' O
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
; O: l# g( G' O9 r - [DHTML Edit Control Safe for Scripting for IE5]
. h# W/ y7 k9 T - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
- `3 B# y8 A& ^6 p. W+ m - [RealPlayer RAM Download Handler]
" @+ M9 L& t/ Y1 w, `* ?/ S' e - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
: _2 ?; ]% G0 Q% @ - [IEBuddyExtControl Class]1 \7 Y& q' ~: b# _6 x& N
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
, u: Y6 X! H" Q4 J3 w8 N - [XML Document]7 d H }: ~% u3 H% Y4 @- G8 L
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>; Z3 q, x6 a9 X9 y4 J
- [HHCtrl Object]
# Q5 O/ b S: w5 M$ r - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
, c( X7 h$ P, G1 x; l9 _ - [Windows Media Player]% t7 {' h8 t2 m4 N# v7 V5 g0 x. f
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
+ z5 F6 H: Q- q5 A: r - [Active Desktop Mover]
+ y6 Z8 L5 V- H; v$ _2 T, Z - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
: s- W: o/ x* y' T4 F. ~ - [360SafeLive]
# w9 v+ J0 e4 h j }7 b - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
3 e3 j4 I+ E, y+ G- N3 d - [Microsoft Web 浏览器]6 t! e! w8 `6 F! W( d3 Z( L
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
' x3 M- `. C# L) O& g - [Browser Enhanced Objects]4 O/ W* S! h' \0 ^" z# X
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
. P8 F, x: h4 i& n" ^ - [Google Toolbar Helper]0 C, y) s V# R2 L$ q2 |+ ]
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
$ l2 G% }6 H/ O) {) Z4 C7 I - [Microsoft Scriptlet Component]0 f5 r" A5 x4 z# h8 @: q
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
/ L R# A( z c/ s( q$ ] - [Google Toolbar Notifier BHO]& s7 q: W& N5 A: B- X
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>6 D3 o" o, E: M- @) _/ L' M0 k
- [SearchAssistantOC]
8 Y( K% y% c4 s) c. L4 ? - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>9 t; [2 f4 b2 C8 |2 m- B& @; W
- [SafeMon Class]
) ?5 z- B' C4 w3 l( p+ Q - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>8 G) C5 Z2 |4 \4 ^" V& p
- [RDS.DataSpace]1 j, J, g/ R, p; E ?
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
& d/ S+ w; l0 B* X5 ~8 b6 C - [KooPlayer Control]
: W: b; x: ?: \: b2 {8 y) y0 A - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
2 F& a+ \; o0 x& Z6 y - [AUDIO__MID Moniker Class]0 h2 ^1 O0 P5 x6 Y! @$ g% `& ]
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
. d: r" _# I/ \2 a3 z - [AUDIO__MP3 Moniker Class]
/ w2 w3 G+ F( t, `/ y/ Q2 j, F - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>! e& U5 G0 m4 z: @1 Q" Z( Y
- [AUDIO__X_MS_WMA Moniker Class]
# U: _' l6 B) k1 D4 a, X7 p( I! }3 ^ - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation># r0 L& |$ C4 \: x3 i% N1 \! ]
- [VIDEO__X_MS_WMV Moniker Class]
e* a- @% T9 i3 a9 @ - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
. R( }4 c9 B- [! m- [ - [RealPlayer G2 Control]
* j5 y7 _, o( R - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>8 j) i7 {, x# q6 I8 d( s
- [Shockwave Flash Object]2 x; U& [1 \9 H% |' d2 n
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>0 T. N; W1 n9 z& G, Q
- [KUpdateObj2 Class]
/ v Z& U `1 g9 ~0 N: _ - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>1 h4 Q5 k8 x# u/ G0 z; i% K, W
- [kingsoft browser shield]
$ m- i9 g9 T) u: i - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>9 t- i5 d$ @, p0 _0 `
- [PasswordEditCtrl Class]
8 H/ F; w U% e1 `# V5 F }% g7 }8 @ - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>) U1 L4 J1 C+ c8 @
- [QvodCtrl Class]
+ u$ t2 ~5 _5 e5 H' ~! U2 O* V - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
+ k) l0 ^6 @( f) i7 z0 `0 s0 \ - [&使用超级旋风下载]
% _7 v& U% N8 b6 a6 D - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
3 K& G4 w3 w9 Y R( o6 N* ~4 x - [&使用超级旋风下载全部链接]: @, V0 F/ I# H$ u9 U
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>8 Y) O1 O) s0 x2 C" U6 k5 j3 S
- [使用迅雷下载]: q* [+ I Q x: {
- <, N/A>
$ { o# H2 P2 Q+ x8 Q3 n3 s6 u - [使用迅雷下载全部链接]- ~; Q. B5 J# L' q/ e
- <, N/A>0 h# m- J+ b- ~ r5 Y1 @1 p
- [导出到 Microsoft Office Excel(&X)]) D# B: l" m8 a: T) y
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
- o! \6 l- Y X5 j( F - [添加到QQ表情]9 r" t8 G6 k- |" o
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>) \& V) I8 F; H9 [7 G, F- a
- ==================================3 z7 k6 A; r, \2 F/ k2 d
- 正在运行的进程, S C) ^, h3 B7 W
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% ]2 C) W+ H0 l
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! W8 n0 x, p7 @( y6 [# m6 [ - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 D. U. q! M l2 X' f
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
6 |. V; i: `5 g; K6 N, E" ]2 K - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 e/ M: T2 x# o$ B; Z
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 D* s: w) |7 t% [6 z
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. S/ K) {/ ^% X - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ o6 m3 t4 n5 y! N: Y$ k9 I
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 `) p. a, g. j
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& g/ p, c5 ]! [5 _+ m& z# P) E - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. }) d. r) q% H6 K: }; } - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]% u, {* k! y9 b' K
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, T/ F! C! n$ B2 i y# p* g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ b2 N& p* Z5 A - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
+ x& x+ _6 \! O: n - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
; M1 r7 B; }; T$ u3 ~9 N( ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
' p. \; C, t# M8 |7 x O& h0 n6 e1 e: i - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
( |: K$ G/ b, V5 u1 f. ? - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]/ s" |! Z Q$ M- ~. v3 d
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]! E+ b4 q8 L) M6 o+ n6 ?9 z+ o
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
5 Q8 r. m9 _2 u8 H - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]: }3 J$ l7 ?1 O- M
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
5 }9 a9 C: ]% y% o# L - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
- B4 L9 l8 p/ Q% G+ L - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
! E& U2 J2 I& s) r* D( D3 m - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
$ U H9 w3 J _- P' x - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]" r# m# {) B) m1 L
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- B' d! F$ w2 B% P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
3 p; H2 }: A# F0 H9 O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
: [6 ?2 J) U/ d - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) y! v+ S7 R0 g( U: ~/ A. X
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 u6 W K1 N; e: r7 |. ]- M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ u2 K7 Z) L I: m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) h6 P8 Q5 \! r Q/ p! F# c - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 s# S6 F! c2 h5 }# V - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
1 V9 V! ]8 w8 w. r8 [' a - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164], Q' R- x/ W9 C: `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 Y/ K4 s/ ^$ ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" ~5 B( w% k+ j
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]4 ~" k! _3 |8 Y U1 E4 k) u
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]# ~. Z& P2 z4 |2 D, e( ?
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 n* f. ^4 b8 \5 o9 E4 J6 \ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* V. u' T5 D. n$ d E - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% W5 J0 D$ l, b+ g
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
8 h% l; }. d( j! }( [+ o& q - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" w2 p) \* z& i# d9 q7 ]2 V" z8 C* N - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 R5 @/ q& x: c2 Q+ V - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]5 |) `+ C* A/ U* ^. J( [
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
- O0 x `, F6 G8 b/ b - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) O% U" s/ q0 J* ~! h3 o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" J. ?4 ]7 K; s, |/ M3 F& j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) B1 o' `. Q; o- f' l* @, m - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]0 f0 a$ W4 j5 W# r; g: @$ A) ?
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
) I9 F5 k0 ^8 \6 Q+ b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
4 w( r, @: S) Y- G+ K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
) x% o% B* `7 q. n2 m6 [8 s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
$ Y1 A9 R% K& d6 ^! g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
3 O( X& `# T3 M* s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
" |( e& R8 \! K+ x7 k" u- O- [ - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
( N7 d) e/ S; f0 b3 i - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
2 R& S5 T ]9 j8 P/ | - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]5 A* f0 [# I$ b4 h8 n
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]. e3 T6 ^( c$ {) u
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
6 \3 ^0 @1 H- y- F- E - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
' `0 V3 N& C8 j& X' V - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]4 O$ f; k2 t) M- q1 p' U. j7 f5 c
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
3 k0 n, n! g/ `7 X0 L - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]; |2 A6 ^; n3 K, I" d5 a: @
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]4 A$ D& |8 w$ Z& N" X$ T4 y6 y+ l6 x' y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0], O" h2 u% B* D& Y9 T
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
# u: O, P$ j8 j& @+ y/ } - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]# T% s( g" U; h3 `$ @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: w0 b) G+ M- B, U - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]2 L) k0 u# V! |. ?
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ q3 c( t, ?! R4 l! H5 l! i - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]' D% _1 k* l/ g2 Y. Q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]# R. t7 a) N3 G3 h6 o: c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# Y# B& A, m1 {7 G2 m' U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" s4 m& [& G$ O
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' J& J: A! i# X3 f8 t0 h7 Q5 Z2 c: b - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]& V3 f0 w, ~# r1 A# ^
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
6 n7 h; j6 n$ H - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 ^- j, ?5 e8 G/ y' n% h9 P7 ~* P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ |# h Z" G3 V* Y9 y2 o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
9 ^6 l1 J! i2 K; e: l3 f V - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
- k3 Q! I4 H, C2 { - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
! ]! F2 s3 i2 _" Q+ M0 h% t; n - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- a8 Y' ?1 q4 o3 v1 s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ h. o, {# P5 c+ R2 e0 Z/ ^) ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ _+ W7 o' w, e3 Z5 S1 c - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ x$ D+ q: g( N/ m
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
/ E7 C2 J# n3 z" Q: P ] j - ==================================
9 Y' X. c( D b5 Q9 } U - 文件关联
1 z7 z! R9 g# j5 G - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
- B% z: V/ D- n" g: T - .EXE OK. ["%1" %*]
2 \; T. l+ D5 q, i - .COM OK. ["%1" %*]) J6 v7 P' _8 V2 K
- .PIF OK. ["%1" %*]5 h/ f) q2 A. G2 p2 f; B
- .REG OK. [regedit.exe "%1"]' t# d' N5 E0 q& B1 |! {/ }
- .BAT OK. ["%1" %*]" ^6 A8 f* ^7 x% ?& f; v
- .SCR OK. ["%1" /S]
, w3 T+ j, v9 { }& `. j Z9 g - .CHM OK. ["C:\WINDOWS\hh.exe" %1]! C" s# u' V7 g Y
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
) r) l i* Q% G( i% m - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
0 x4 V8 r/ ^- ]- Z - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
6 x6 {2 T d; ?( k - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
$ L @3 k; J* q# f! q& ?# D - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]2 X* t q2 b8 {4 i! B ?
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]4 K1 g4 I; p! w9 `, k6 [1 Z% G1 @
- ==================================
% v- k. T$ L. t1 g - Winsock 提供者/ I. k& ?1 L8 Z9 f
- N/A
9 |) V' v+ ~9 e% Q* L7 K - ==================================3 e% y# y' m6 }) L
- Autorun.inf- `' m1 h% J2 ?9 o0 u, D `& L
- N/A" d% o! R. J$ }* Q3 e( o
- ==================================
' y3 M( u, |/ P - HOSTS 文件2 q- r5 w7 T; I6 F3 X- j+ X
- N/A
* s, u c7 e5 Q1 ^/ T/ H* w - ==================================
, s* [) [# r* ]( f* O [- N - 进程特权扫描% Z, S+ n9 M- |0 z$ L9 c! \
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
2 M' _" n3 K8 F7 | o7 U0 D t4 B - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
B% h* b* ]5 f; [- j! H& q j$ x8 H: g - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]; \9 T) `6 I& U, L/ ]
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]0 Q/ F1 e$ W v' `! ~4 T
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
" j# U; ? | x) n& z3 r3 Z* Y - ==================================
_3 w0 F& }5 C/ U( P0 b& z - API HOOK
" ]% {' Y1 |+ B# Z) { - N/A! {2 a( U3 r+ H. n2 O
- ==================================- {1 y7 q* q% E4 Z% ~: ]& \1 @' Y
- 隐藏进程- l: o& u- ?) w
- N/A
9 H; j2 D7 C! h7 s1 @ - ==================================7 p3 T& y- j2 {/ A c2 ]% j. d
- 9 W' Z) u8 w4 U" j, e
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
