|
|
- 4 a f% O4 [. _4 x) ]8 x
- 2008-05-22,20:37:43
7 K) I1 [, o4 f) X* } - System Repair Engineer 2.5.16.900
( X" t7 g# d- t. w% D9 V8 ^! d - Smallfrogs (http://www.KZTechs.com)
3 k, s/ K* N. C& H" J( \. m3 `0 S - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能5 E9 L+ j: S/ p: X! d L1 ]
- 以下内容被选中:
/ c. a2 d0 e+ p9 \+ i - 所有的启动项目(包括注册表、启动文件夹、服务等); L" m3 w4 Y; G- t5 Z% i
- 浏览器加载项. A2 `+ y: k6 J8 k+ [! s" ~8 m5 p# n
- 正在运行的进程(包括进程模块信息)$ u2 \/ x9 S! Z' D
- 文件关联
: p5 G" p s: f - Winsock 提供者8 b. E/ z# ]+ D- L
- Autorun.inf
- I! A/ b) F+ K' ~ ~) f% C' y - HOSTS 文件
1 Z9 h, Y8 K! D `, K - 进程特权扫描$ _& a) d- a1 [' r& B5 D! }" I
- * B! N2 p' A7 U, C# X7 W# ]) x( b
- 启动项目
# B( a/ c$ Q9 Z - 注册表
" l6 k+ z! M6 J. h$ p - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
3 O/ I. M3 O# ?) ?, l - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]: l3 m0 ]. U* G ?1 I
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]1 C; K8 F. W- u# d* V1 c
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
0 i, q8 q& T( z$ Q. |- {2 H - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
) t% e) q" n; t0 l5 }/ c - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]$ {/ F% l! R- O0 z& b
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]) C0 _7 x) F I1 t
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]" `/ w% k0 X& a3 a+ v
- <PHIME2002A><; > [N/A]
" U5 w) G: _+ S- U K - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]; b4 a4 H# m9 o
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]: b5 h: q# f7 k1 @
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
2 C. y0 `% N4 D3 U6 {) H! I4 P - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]- {6 ~) `, M' ~2 O
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
r+ o9 |' r5 }8 T2 J7 A - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
9 k$ ^* F5 w0 R2 f& a8 }0 E9 y+ u - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
" ~, E2 u% B. U3 M, R8 V% d - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
) k f( V8 g% C& H4 D% P1 A( Z - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]9 ^) H5 {5 t& ^% H
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]8 y1 Y- E0 Z* I
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]8 I- g" q# x& s
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]& w* |- @/ H7 V* Y' V2 B+ @
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
7 ^! d o. Z# S - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}], N% @4 z, b. z1 \! R3 w
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]9 h4 P5 R: ^7 A1 \+ n4 P7 M' e" ~; a0 r
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]! R- V& z, F7 D; ~
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
" m. Y, o5 |. A$ B - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
. Z# k; r/ a2 |) T6 E - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
" ~7 L. c' V! j5 H0 S% l* M4 [ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
+ _1 |0 b7 R/ m+ ? n - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
# h3 B, _* O, Z0 d - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
! r& U* d3 _- v" B+ U7 T! X - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]' C7 `( \. Q1 A8 x5 ^3 L4 N
- ==================================
- Y6 W, r/ o+ Z - 启动文件夹$ p' \" f- M% q3 U7 H) [
- N/A
& M( W8 [' l" q" A# Z3 I7 H9 F4 V# R - ==================================
: d, y* O0 b9 S9 }) p4 k* s - 服务
, j" ?1 A2 d. V+ M5 X4 y/ |3 L - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]( H, l$ Z( i2 I# j" P( W9 E1 ?
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>3 s) I4 T0 [' |; {
- [Google Updater Service / gusvc][Stopped/Manual Start]$ u, q& o! _- ]5 A" F1 \+ z
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
2 T- e, [, l2 H9 M - [Help and Support / helpsvc][Stopped/Disabled]1 k8 _2 L3 H! z. r+ m; n# Q* x+ q# u
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>% E- D5 p: W7 ?7 ]1 ^2 N( i
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
9 p) E% g. a2 ~$ z5 H0 H - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
: m8 t1 P2 W, s* N# b - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
# o5 Q1 ]) \$ z$ |" ]/ L - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>/ w2 B1 l/ Z0 [" j
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
5 k* s2 w4 X1 l$ N$ m! T0 _ - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
. A# q9 J u% C* M3 W - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
; O3 @2 j# ~$ f: ?- U - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
! v. x1 [) Y/ E8 S5 I- d9 H - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
9 H* M/ W$ u( C+ a( u( L7 |' J - <><N/A> ~0 s, A/ x! L5 H) f* L6 V8 d
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
# K* N. z3 \; }$ s) h9 H2 T - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>$ ~/ ^! g. c8 R4 Y6 H$ z$ l
- ==================================
7 s6 t6 g# `$ X6 J - 驱动程序' f5 c& g4 p% {) f7 P$ b5 }
- [22j / 22jn][Stopped/Boot Start]
) n. _# q& O, b- k; E, K - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>/ ?; L0 F5 J8 T5 o3 `2 X8 F+ r
- [360AntiArp / 360AntiArp][Running/System Start]
% i. d" m) e6 Z" G. { - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>9 h& W8 q, d/ J e+ W" A
- [43ec / 43ecu][Stopped/Boot Start]. k! B `2 a' P
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
1 K1 W+ P6 J0 N2 D) g - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]* r9 f& I# z, R
- <system32\drivers\ac97intc.sys><Intel Corporation>
& x- g$ k" N" U7 g, k5 Q& a - [Promise driver accelerator / bb-run][Running/Boot Start]' I; N+ |7 v3 R% g8 i& G
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
! K$ t' I8 [$ h+ C. T - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]8 i; v. Q" @' l* N$ _0 C3 x4 f3 R
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
* \$ D5 W$ X A# P/ G - [KAVBase / KAVBase][Running/Auto Start]% W1 V- z9 m, T$ P, w& s
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
& U9 ]0 T, T5 B0 A - [KAVBootC / KAVBootC][Running/Boot Start]- s* y$ _/ ?1 [! `
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>" e3 S' E* ]) b* `; j
- [KAVSafe / KAVSafe][Running/Auto Start]* m5 x9 V- s! f6 l6 _
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>2 }( I: g: d2 P" V- U, G
- [KNetWch / KNetWch][Running/System Start]
4 {% j) e. C0 k, }1 |2 S - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>: f4 L, W7 _5 [. M
- [KWatch3 / KWatch3][Running/Auto Start]- K5 j9 \2 W4 v# a
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
5 M& Y- J" `& f' b! E* T5 V% { - [ntptdb / ntptdb][Stopped/Auto Start]) v* y3 [' [1 Q. l
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
0 G( |* }( _' g0 m - [nv / nv][Running/Manual Start]
* Q9 |* P2 g6 {. x; V& q4 V- E - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
" B8 T. z$ F0 @$ E6 p& k( n$ \# _ - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
' U4 `+ ~) i; `+ x* |$ }, U - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>+ }4 l$ d& g; g: h v& l+ x+ b" D2 T
- [DDK PACKET Protocol / Packet][Running/Manual Start]
' m8 J6 h& X7 I - <system32\DRIVERS\ProtoDrv.sys><360安全中心>+ Z0 h) A& Z8 ]1 s+ G a
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
8 U; x$ [( ~9 A5 [. j9 P - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
8 y; j. D1 n4 w, x - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
# ~+ {9 n' _- s - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
$ g- H$ A, t, _$ F) Q; Z" c) z - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]4 a1 M; e: M$ r# v
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>+ T0 I" l5 @7 B1 N7 O( \; U
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]; ?, }6 t4 w+ w
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>" d4 _5 `( z( B8 ]7 B( F _
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]/ o7 F8 j: M5 q y9 y( z$ Z
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
p0 f5 H; y: Q. R - [Secdrv / Secdrv][Stopped/Manual Start]
( q/ ]- y/ |0 l) f: h - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
* Y$ u6 w8 ~* n0 a/ k - [SATALink External Device Filter / SiRemFil][Running/Boot Start]4 M, E7 t& t$ p7 n( |8 u0 [8 U- I
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
. c& N: a! o4 l: n9 I - [System Restore Filter Driver / sr][Stopped/Disabled]" H3 X( U) S1 A0 t- |3 t- E
- <system32\DRIVERS\sr.sys><N/A>
0 N- Y( F5 `5 v6 i - [TesSafe / TesSafe][Stopped/Manual Start]3 u8 H( R2 I9 ^! N; f. }
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>0 x4 q: D7 u$ l1 Y4 H
- [System Services / unzxzsrs][Stopped/Boot Start]8 l' X( M" E9 J/ V, R# E
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
4 e3 X; N& g P0 q* y) J - [ViBus / ViBus][Stopped/Boot Start]( n. L) g# z3 O4 i/ H
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>1 `+ f$ C* o" e
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
/ n, C2 s6 J& V' J% Q# f, F, A8 A - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>4 U7 o- I6 X) J# y
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]/ a9 N r: J+ s/ o: L! z
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>1 }( u( {: z. H3 D
- [ATI Extend / zhibmaso][Stopped/Boot Start], A' W+ u8 B3 M' Z$ h
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
! s W' M! p6 I" k! o - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
8 j8 K+ b; c- s6 [ - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>9 @ r9 X8 B9 t
- ==================================& z# \4 b( I6 Q9 G( ~( h
- 浏览器加载项
3 x; B( x2 \1 {7 N( { - [Google Toolbar Helper]
9 G+ q2 D8 p3 h6 R; }* \ - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
! F1 j1 t# K" A) z- Q' u- p/ h N2 ?# m - [Google Toolbar Notifier BHO]3 A% l; t0 V! |- ^
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
# ~" o) r- U i2 V* A - [SafeMon Class]5 _4 k$ X' V& j$ y l
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>! |1 w7 c! E0 M# r% q; y/ w! ~
- [kingsoft browser shield]) |' _3 a8 I' ]9 L" B+ L
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>' a% a# ^( N4 F5 n( V
- [IEBuddyExtControl Class]) u: b$ n+ c" ^- o5 Z
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
- g% w9 i1 h @! c' q - [Zcom 杂志]
; f# Y8 p! K" P. f( T - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>: w& l+ |1 G) N Q# E) V e8 f+ W
- [&Google]7 l0 `. L! t& t
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>+ b2 C9 k7 {/ n; Y
- [KooPlayer Control]" R0 _) a- S) U, v/ U9 t3 J+ H7 `
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>0 C% ?. ^" H. N4 ]5 \) q
- [Shockwave Flash Object]
7 S! t+ I5 A' ^7 a' }7 R' x1 Z - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
+ O/ M- i# }! {! A5 _9 \7 Z - [KUpdateObj2 Class]- E: y6 h6 F8 c3 d; k9 h& T
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
( b- m% D) A" \9 ~% Z7 s - [Google Script Object]% R Z( _* G) P8 p! Y2 e
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
C9 s" ^* z! J' ? - [EWA Control]# J( X1 ~$ R& z% W
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>/ l: }; ?# X. V
- [Windows Media Player]5 L- M J$ X- t, l" [( w- J
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>! m: {7 ^9 w O9 B- `1 t5 R
- [&Google]4 _8 u" t3 T3 o. y1 H( A
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 l7 N: o9 A! I. ^2 P0 o7 C
- [HTML Document]) Z8 F o, N, B3 w3 {
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>0 f; z4 J+ L+ O
- [DHTML Edit Control Safe for Scripting for IE5]
+ U; g3 L5 q% u0 p# y4 L - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
& z! k# o2 g, u7 r1 ~9 R. g4 @6 h - [RealPlayer RAM Download Handler]
( S' U0 b, R K/ | - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
7 t" R8 B- v( u! {% @ - [IEBuddyExtControl Class]# |7 v& r3 r( P8 D
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
0 j2 ^. N/ |/ A - [XML Document]4 B* A! u+ C; Y$ i e
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
' u- e' Q8 E, F5 {; u; S' W - [HHCtrl Object]' o% Q6 M( d& O& H+ w' k
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>, i+ B- Z }- ?
- [Windows Media Player]
5 c2 Z7 N5 V* |4 q3 ` - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>5 f+ Q" ]" x/ d: h
- [Active Desktop Mover]3 j$ A, X4 N. s7 d
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
2 E" \6 n8 n- R6 E5 P - [360SafeLive]
J9 O1 m/ \. U& e* D2 E - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>: U7 R3 x7 i7 V5 O& a/ u
- [Microsoft Web 浏览器]
) D& J5 P3 Q$ A/ K0 j4 G: g - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>0 `5 g' n- Q/ w' J# g. v. A
- [Browser Enhanced Objects]
8 b/ Z9 R4 T% v b - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
' d6 H% G( R v, ~% r; p - [Google Toolbar Helper]* B$ R- Y" V* I4 R z* U8 T6 p
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
6 o# I' `3 {4 b2 N: s - [Microsoft Scriptlet Component]' e6 t9 f" M4 ^7 K0 ~5 P6 h
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation> _7 n7 \# N$ c3 p. B2 W2 G7 Y
- [Google Toolbar Notifier BHO]& Z* {6 K: o8 E" j3 F
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
+ {# \, @/ C2 d1 [& G1 w - [SearchAssistantOC]
& |! i9 p; \0 e; L I" Y - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
8 u( U- _0 A6 X2 R6 k) @ - [SafeMon Class]
3 E1 D2 G9 U8 B, y. f5 h7 w - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>6 u% I+ _! d$ @9 ^
- [RDS.DataSpace]0 _4 @) x! H* B+ C7 k
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
! z" @; B( E* w, c3 Y - [KooPlayer Control]' w7 E4 i4 P4 Z
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>( k) M5 N; X4 B" u# k
- [AUDIO__MID Moniker Class]
" N4 N( u+ b+ W/ B- q4 E5 e# R - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>1 C! R- A% n3 A
- [AUDIO__MP3 Moniker Class]
+ j5 S5 c6 w& M9 {: T' E/ W - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>. @8 ]( [9 V+ p
- [AUDIO__X_MS_WMA Moniker Class]7 V& E4 n# e, s! J
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, B% e3 P) o* ~, u5 d: U - [VIDEO__X_MS_WMV Moniker Class]8 n* f+ h/ o$ y/ z8 Z; V6 w4 Y
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>, A& _6 {/ Q6 U$ `
- [RealPlayer G2 Control]! c A I. g/ o
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
6 W/ v+ w* I6 S. K - [Shockwave Flash Object]
+ r0 A D$ Y/ }( u1 N6 o" b% Q - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
4 u+ G3 j- d: @, K( W$ V; F - [KUpdateObj2 Class]
' \ |' D, N4 A! o' J, N$ L* P/ V i - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>% m3 w2 F0 H7 n, [, V
- [kingsoft browser shield]
& K1 o9 g% a- w. c - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
* \" \2 e5 q( @) N8 g5 M - [PasswordEditCtrl Class]* w% v" J, i* V# u5 `' C
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
$ W5 @( G. w, ~& ?2 _3 Y - [QvodCtrl Class]
, n7 N9 M; m6 @# j3 p' O3 o) M; l - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>- z* d' V+ E- z$ [2 o$ W
- [&使用超级旋风下载]
3 R2 X5 N4 ~! L7 G' E7 P2 r - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
T6 d# a: l5 C7 k: i, V) S. v - [&使用超级旋风下载全部链接]
# P3 G- U) G" U$ T, i+ o/ T1 q* q8 p - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
. f4 t( ?0 _6 n$ Y+ U) w' T) L2 i - [使用迅雷下载]! K& Q; U. D. V' n( \
- <, N/A>
- \1 W6 X5 {, |( R9 g0 i; h - [使用迅雷下载全部链接]+ h8 L9 J, }3 \( C
- <, N/A>* B: T. [ C# g
- [导出到 Microsoft Office Excel(&X)]+ W8 _5 F3 p- J6 p) T
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
6 v3 q1 I4 H* P. {3 K8 ]/ C/ i5 h- X5 x - [添加到QQ表情]
/ U: C: x. i) M0 H- I7 o - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>+ Y4 D' F$ _. ~2 ?. R9 |
- ==================================
( C& |8 S! C, \- p6 J - 正在运行的进程
; U: V4 T. h; d! j3 B4 O - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. ^9 |' t9 g0 i0 o - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 g, W7 h5 C9 A3 j - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( T+ k" I j& f% p; Y) w! { - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
) `) x, V3 l0 a9 |5 T - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" q/ Y& D, _4 n I - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 V$ E1 @. D( n4 f& ^. {2 v
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: a0 i0 A% G6 u; ~/ ~3 A
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 A8 O0 }, {+ k& c/ }2 ^* R - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) i/ b' _. l1 m+ G
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- W$ e# Q5 q' z9 l" z/ } - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( r1 Q2 B3 S9 @/ Y - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]$ B& k$ B, Y! M( ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ h/ ^2 H; K$ I. V1 p' N2 y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( C) X0 v+ I9 o; } - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]7 `- v) C3 [0 O y- }) P4 Y& }0 v0 Y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% A3 N' O3 Q/ K
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]! ^) ~# E* ?; l
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]5 G, S' ?$ ?3 t: A, F( D8 b
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]% o! s, ]% Q1 r2 ~. Q
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
& m0 u" R9 h3 {: r$ t; x W4 z - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]4 x/ d" j% k: d/ c( f4 [
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# B! G0 q: ^0 N7 q
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]/ g# D5 H; K# M. Y
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]* E$ t% @: U. j+ K- {6 k
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]: ?: l3 x% ~5 n) c6 \1 \
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]; ]3 y# ]0 N/ }5 d; ]
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
9 G+ D- h" y( s - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]& _: J% B( Y* f2 h# G8 T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. X2 T& P2 S( V( K
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]2 k0 L l. ], L2 O
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ [2 w4 w& s6 d# U
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! v- |2 \6 S4 l9 M6 R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: Z- n7 ?5 R. G* k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! V9 N4 ]6 f- s - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0], T1 c. P4 d3 v- {
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]3 K/ k% |. S2 ^8 R5 r- A
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
. U: S) I7 T% y9 o4 M+ m7 L2 E: C - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]9 c {1 u+ F+ V- W1 P% ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' h8 ~8 Q- }! m1 b! y; Q" V D - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
/ ]+ F4 q, o$ Y - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]; P; c8 Q9 `; l5 b
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! v6 J: L0 C6 C4 x+ T' {; [6 _
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]1 I: \. u1 K# W4 m8 ?$ H5 Q# }& p- T
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% A5 \5 N* X: o2 D+ L$ j - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]% V# l6 N2 U. _. K
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 C3 t1 V& X5 `3 |5 T" c
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' z3 W/ m6 P$ T2 d w - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]8 c: _1 o$ Z' v
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
& M" C7 H9 V" j/ l$ U6 x5 i - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ m. v1 I5 R/ w - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" P( n& ]8 j9 [# g7 ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
6 Z7 T& Z; F' p, \ - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]2 B+ f4 }6 H7 P- b0 T. T6 u8 V9 x
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]$ m, F2 F( F' Y7 G2 ]! Z1 A* b1 N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
+ Z2 k2 C8 ^2 @$ F - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
+ |" y0 ~4 o" p3 b9 @/ P8 C+ c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]5 ~) x: d s% ^/ {& o* N3 {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
& M7 B9 O5 K' P- P8 R# c1 S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]) `, \6 @( M; W. W
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]0 U" a( ?, L) n8 k" \0 r, D3 @# `
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]2 i% @8 U* z; d( P0 G
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
1 W- B2 \! o; z% z+ r9 V$ }; J - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
% I1 ?. q2 @7 T& m, A l - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]/ M4 S8 Z3 }# E$ M
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]0 \- a7 Z5 p4 E* B- l4 @
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0] b( [$ t- Y) j1 r
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
3 {& B5 L3 Z0 x; j/ l0 M. C - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
4 Q3 n6 n$ C- i- b0 t0 } - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
# q( \ D. C+ A- T3 P: k6 h - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. Y) m! V( _1 W+ q
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
* U' ~# t w/ n5 f% x0 s - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) E3 ^3 n" R: c$ u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& E4 f- F. j' ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 y/ L+ |( }% S9 H2 } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
# X2 Q) m ?- o/ G( P+ n# b - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201], W. f, c6 I" \ r
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. L" W [. M- G: G5 e4 O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) `, J8 O9 r8 H: i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ V- @0 I, W0 A4 u
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% r, e C1 D* r; @/ e - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
) ?; p/ [8 z y0 d2 H* t! y7 j - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
" E- W# k( ?3 Y9 Q6 n) w - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. D8 M( o$ k7 y- } K" i+ Y& W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]6 w, b1 I; ~: Z8 y: x. O) [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ A4 ^2 t# R! o
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
# x6 l2 O [( F( J c1 n - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]- P- G* W7 D9 a! Z1 M _7 B5 ^
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! t( y, P3 Q* K& Y5 ~$ e" ~. X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" t C2 k% L# P5 F8 A0 p' G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
7 U T* K" N+ k2 ]* F - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 v/ N6 _% h1 V1 H: b - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]% m9 Y+ X% K( L8 j3 b
- ==================================
, E$ e+ C; x6 X - 文件关联- B' v5 p& j0 V8 O
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]2 [2 O6 u1 J6 p
- .EXE OK. ["%1" %*]. a: }. N" m* G3 I$ X! U. H, g
- .COM OK. ["%1" %*]
3 H5 M- M" C* g" }5 j+ k' Q - .PIF OK. ["%1" %*]
/ D4 }( ?. A0 H: X$ \ - .REG OK. [regedit.exe "%1"]
; K3 X5 L- n7 G2 Y O0 m/ ^: | - .BAT OK. ["%1" %*]
( \1 h l5 L# ^- P$ Z! J3 F - .SCR OK. ["%1" /S]7 o7 w, A. L6 ~& K' Y
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
9 v" E# [7 v s! ?, b. i - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
2 q0 J1 ^' Q% P3 _ - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
7 P! N. L; a9 n$ o: Y q - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
* l. M5 l7 \ P' F3 \/ P - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]7 y2 a9 f, E8 G: y1 m$ s
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
' r& f9 I. n Y: J# } - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
8 J, a u; t: f& a2 T - ==================================
; L$ x4 ]9 L% }- A6 _ - Winsock 提供者 @0 q! J4 k1 y5 F9 H
- N/A- i; i( ~" I K4 {
- ==================================" \& c) ]+ r( O( x1 ~1 q6 n9 Q/ ]
- Autorun.inf/ S1 Y" q( a4 H# F, [- O( }
- N/A
3 \6 Y9 E: O+ u N2 L3 h7 X - ==================================2 j4 N6 s+ w0 y0 H
- HOSTS 文件8 F/ |3 p3 f( v2 `- m
- N/A5 R8 H3 J. f8 A3 V5 n# M7 a
- ==================================
( c. X1 B, e( M- m R - 进程特权扫描2 U* T/ n! V2 z8 s3 {
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
' v/ z; H. E- J3 s: S' D- {7 v - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]) u! q9 N5 _; R, g9 o3 J2 O
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
4 @2 n) t: Z& m5 {7 w/ @3 ]- _ - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]' l2 d6 A! F) f: L! J
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]# F1 c$ q, W; u' Z" H
- ==================================; | F* d, }5 E! Q$ k, f3 g8 Z
- API HOOK
. |. j& @! ]$ r2 N$ P' x: v6 i$ h - N/A+ d7 m/ g" m1 W5 d+ C/ O! f, Y! w
- ==================================
. N6 o: j2 i+ A) l0 o9 Q - 隐藏进程
% j+ e5 M2 N; j, E3 G0 _7 e - N/A
- q8 t0 p+ Q8 X9 a5 Y - ==================================
5 F8 @) E3 p2 S h0 k. ] - ; Y* p7 U; r5 B; ^# N2 |7 B
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
