|
|
( u6 @( |, n: i" i- 2008-05-22,20:37:43# T. |+ m, ~) X/ `" n) W: |8 q
- System Repair Engineer 2.5.16.9002 U) t2 c* s* `6 g7 f
- Smallfrogs (http://www.KZTechs.com)2 d4 G7 v( d5 S! x- F$ B
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能$ g! y/ }6 U/ }+ j) {" o! N/ N
- 以下内容被选中:
9 r/ n6 Z( T; C2 B3 p4 u - 所有的启动项目(包括注册表、启动文件夹、服务等)& q) f9 E/ Y% M2 ]$ v
- 浏览器加载项% V) i) e# F& P6 ]# m
- 正在运行的进程(包括进程模块信息)) y2 [5 L7 ^* v# j. v
- 文件关联* C6 R3 |" L# _2 R( c5 Q( N
- Winsock 提供者* g- B% E6 \& f
- Autorun.inf! t/ ]( z/ \4 d
- HOSTS 文件
4 F' U( _1 `" J5 O - 进程特权扫描
; c, a( V' s# Z& F$ F - f& I& J) q% Y7 _% B ^7 x, t
- 启动项目
4 d. \0 a0 U1 x Q4 \! H! t$ M. H8 Q - 注册表. [3 j. W* o# V
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]! }5 a4 ~ h" ~4 P
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]2 l) y0 J" C8 `/ k
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]% W) M# y, c( K% H" T' }
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]) ?: e! ]6 z8 H( W( D v3 Q
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
" d* Y8 X" Y2 ~: {1 ]7 N - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]8 O, Q& G4 W- S, M" y& W
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
$ Q! I! g3 c) L- F - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
4 _. l( p2 g0 j! |/ X% B+ o; @ - <PHIME2002A><; > [N/A]3 c0 J- s6 Y( V. Q
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]. K( B1 W6 r/ Q i2 Y4 f
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]: R" F/ X, r5 h
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]; {+ `5 A! X8 O1 C" t
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]7 F! B6 G1 H* l* R
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]2 {8 h) U! T H1 W) g7 G
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]. ^+ _, o2 B; |* s6 a9 a& N
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]# T7 a- M& F4 n! S5 w
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
' ]; x! ^/ A! b8 }/ \/ K M - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]5 N9 B+ f9 C( V/ G) q5 a% B C, g" \$ Z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]5 \* f' n% P8 n; z/ V/ P- B! c5 a
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]4 U( d d$ A {8 B& O; v
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]; R) N @0 K2 ~, O" b
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
: w. I) N. D, o5 S6 x - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
' y5 a! G% @6 m - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
: Y1 u3 S3 j- Z0 t# I1 J/ U - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
- R1 X3 l: O- V: w$ J {: O - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
, `# b R! g+ X( P' C - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
% p+ J/ ]9 T+ i% Z7 |+ m - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
8 s5 u" W& O! r - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]' `! y6 q; F6 F4 I
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]/ \2 m5 J7 P" E, M& J
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]4 L: [% B- T3 H$ O; x
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
& r* O) M4 i" c* x9 C) \5 f% ? - ==================================
% i$ _2 |8 G+ Q) j" y0 w - 启动文件夹
0 e4 l6 k2 W y4 G/ L- k - N/A
( \4 G0 p8 Z, G1 | - ==================================
. @8 w& ]7 K4 M+ M' _$ s - 服务, d# ?' B( W9 d `% e3 h" L
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
% T E2 G4 x4 A5 ]! H: S - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
, p$ g" }: M' Q1 i! r - [Google Updater Service / gusvc][Stopped/Manual Start]8 Y3 D* T1 ~8 L
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>2 w' Q m' N/ u( g( |* x
- [Help and Support / helpsvc][Stopped/Disabled]' T$ E3 w6 O( n3 i. w
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
8 f% |7 t# i0 H6 T5 G$ |4 o& n - [Human Interface Device Access / HidServ][Stopped/Boot Start]
. h( M, ?. h7 v# {$ C% ?) I - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>1 n# u- `5 h/ R8 m; w
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]; C2 q. t6 K0 H" c. O
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
$ ~8 ` P# ^ W6 W0 ? - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]/ M5 n6 W1 g8 h9 K- i1 ^
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
( ^( |3 M) u/ P. M - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]- |- U6 v+ \* y2 ^- Q
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
9 m: O( A7 G) G' ^5 N - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
, t. M3 s. v* d& h6 D( n- k* a - <><N/A>
4 F2 L+ M3 A( p - [Qvod Terminal / Qvod Terminal][Running/Auto Start]" t) t9 L; |, z* L8 b3 r" E
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
- c7 m$ _2 M0 S/ l# X& v' x4 k - ==================================
9 a7 {2 E y- o, i" M; [1 G - 驱动程序
+ x8 N# Z7 x [" b - [22j / 22jn][Stopped/Boot Start]
: Q7 c: b* o0 Q9 X$ L# ~ - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>" L( E' J- l) [
- [360AntiArp / 360AntiArp][Running/System Start]
! \4 G6 z, X0 f# z - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>0 m5 V7 J6 i3 c9 e5 k
- [43ec / 43ecu][Stopped/Boot Start]8 ?1 h3 v9 V, D2 D- a: g
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
% V5 \! L& j2 f! Z- e) l- R - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
9 h! O5 {( n$ L* L& T - <system32\drivers\ac97intc.sys><Intel Corporation>
9 w7 t/ C9 C. a# v - [Promise driver accelerator / bb-run][Running/Boot Start]' i7 C7 d1 b3 t# f. K
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
0 I# c) a0 }& q* a8 o5 _( S8 e - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]9 O3 \1 Q: ?9 s' g, Q
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
7 w8 s7 L! S5 k1 N' ?& K+ i - [KAVBase / KAVBase][Running/Auto Start]
/ Q! q& G+ \6 x7 D+ S - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
0 R* {2 b& H1 H" g- O0 V3 X - [KAVBootC / KAVBootC][Running/Boot Start]
. k* ~7 }, m- a3 C - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>' U$ K! G' D) _9 D# w( {1 G6 C/ Q
- [KAVSafe / KAVSafe][Running/Auto Start]
( w9 e% f7 T [( P3 n - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>5 m5 V" y3 B/ r' ]/ V; b
- [KNetWch / KNetWch][Running/System Start]: T- h" I3 a+ Q8 V
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>) `- \9 R- C4 j: S% v; H
- [KWatch3 / KWatch3][Running/Auto Start]# r/ z2 \9 S( z5 g$ J4 `
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
m0 ]: f2 {! {7 C3 ^ - [ntptdb / ntptdb][Stopped/Auto Start]
9 |- b- V5 e/ M- x! ?$ G+ Y# X - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
; l6 K2 ~ l8 x& ~% ` Q$ o) J# A - [nv / nv][Running/Manual Start]' J+ R( j# \( P1 B' r+ q
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>) S! m8 [* V5 p7 [+ B `
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]* r( Z9 b: G* E
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
" k% @4 V5 E' }: z( V9 L - [DDK PACKET Protocol / Packet][Running/Manual Start]8 S+ k: _ H4 \: k% z6 ?7 |
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
3 b1 S& v; e0 l1 U' ` - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]! @- z, J7 j1 G8 G2 W
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>" z0 `6 X% z# v+ r4 \4 Y
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
$ |) k# f8 w8 G, k - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>" `6 v) ]4 [. s9 T( |
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]7 t# d; G4 H, q, a4 [
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
3 z& m/ ?) m" a* L* ^- o - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
\3 L' c7 M7 M: { J - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>8 R' s& r- Y; _+ K2 t
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
: c2 P0 z/ @& d9 t - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
% b, B) R# K; B- ~1 k+ `. s4 T - [Secdrv / Secdrv][Stopped/Manual Start]/ r P* o* E l& J$ b9 [
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
% M) p5 U" G8 f' `+ B. _- y - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
! T+ Q" J2 C4 \! E& q* p- X: k - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
) S" n* Y! k) U) D' g. T - [System Restore Filter Driver / sr][Stopped/Disabled]; j- v. M% m3 b5 A; S+ Z! x
- <system32\DRIVERS\sr.sys><N/A>
* S; B: F6 W" I" O' z1 T8 L - [TesSafe / TesSafe][Stopped/Manual Start]7 ?4 a3 s( Y1 p. l A
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>1 w1 @$ G# o: e; S, D" z% U
- [System Services / unzxzsrs][Stopped/Boot Start]# Z9 `8 i# ], Y+ y; G6 W
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>0 m1 P- ^- ^1 a! q& f1 H
- [ViBus / ViBus][Stopped/Boot Start]
& H# V: \# v' ?" p; j - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>4 _& V2 N2 K, B( a% ^, U
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]( H6 G. W5 g; g/ r
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>8 s' {% d+ s) \' x6 s
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]3 Z( C% ?* |3 o5 b4 ]
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
$ g3 e: I$ h+ d4 i) m - [ATI Extend / zhibmaso][Stopped/Boot Start]
3 q. p' Q' x0 ]% l( X% R - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>7 H: J2 w4 I8 n% k3 g
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]' q, U# V' d/ `$ Y& E4 U% ?
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>' D6 K" t- F' c6 H. c
- ==================================
. i! S1 n! H% y" F, C" [ - 浏览器加载项
7 M( [1 a/ A8 e" b9 T" W' O - [Google Toolbar Helper]
/ G) {5 Z- j9 [* [, Q; ~+ X9 | - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>" Y/ w$ L3 \0 H7 X
- [Google Toolbar Notifier BHO]4 L, d$ s% j( J" v# H. y; f
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
! n5 r9 h4 s0 Z - [SafeMon Class]
9 U! l0 ~1 X, M; d) Z- O1 P: z - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>8 |& H0 S' @- Q7 q" t
- [kingsoft browser shield]* o4 q: c5 `. [# R4 k: B7 `; {7 t
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
8 b5 P, u; O$ p4 U+ h$ j - [IEBuddyExtControl Class]" `# F+ s2 }! A. O& ^# C/ f
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
+ }! ~) H% F! n3 S" L - [Zcom 杂志]. |0 b4 T+ ~: D: a; M3 t6 I
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
$ G( J+ S- d- o+ ]: a1 @. S - [&Google]: J+ r2 C% \6 @
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
4 O& ^# z! z6 |: ?; e3 [ - [KooPlayer Control]- K& a* m: ]/ U' t/ v
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>1 o0 G0 h Y% L+ k- d- c$ X
- [Shockwave Flash Object]1 J7 n9 _ {( x0 S+ y& G) r) d( y! s
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>7 I, Y! C- {) G" E" U, l
- [KUpdateObj2 Class] Y+ E8 x' m- Y. I, u& U* M
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>. l* w; j, U2 X0 ~( I, u. M. C
- [Google Script Object]) j8 s z8 r" B1 W6 `
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
- Z3 N0 F! K. F6 x8 \ - [EWA Control]7 N$ {8 T: u% ^8 O9 a
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
9 J4 ]' S% L* F; f1 } - [Windows Media Player] Y" i' a7 M- v8 q- {* T0 _2 q
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>7 S' z& d7 S; i7 G3 n1 r& ]
- [&Google]
3 [$ r# s% _7 W - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
$ s7 _6 L2 e9 Q9 H1 t6 m" U - [HTML Document]) i- H( }5 W( D K
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>! u5 F& T" E- L- o" t
- [DHTML Edit Control Safe for Scripting for IE5]
9 D! r* s9 V5 K2 ~ - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>4 L+ s2 j8 D2 @ O7 \8 [8 n
- [RealPlayer RAM Download Handler]
4 |4 K4 _' M0 U" k' G# p - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
- d% D4 y0 w- q8 u- C+ a+ U - [IEBuddyExtControl Class]/ S6 k, W6 h+ X
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
/ g+ j6 ]+ G) k( E - [XML Document]+ ?1 z3 g0 Q% q3 Z
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
2 j! u) `6 X! ? - [HHCtrl Object]5 {2 j1 `2 k2 h+ m7 u T4 q
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
; k g$ }$ `5 ~# l9 X& x& B$ F! M - [Windows Media Player]
. N. Z C, T# N8 V0 c - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
! e) `) y$ d+ R! H - [Active Desktop Mover]
3 D: N0 ` `0 k - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
8 d/ ~7 f8 M6 _ - [360SafeLive]
1 n1 [: v, q& y) Z - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
# T/ ], F$ @, J- }, g% e - [Microsoft Web 浏览器]% ^; M6 Q4 q a; [8 N
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
( `7 _& k. L1 }; o9 ?+ M - [Browser Enhanced Objects]8 z, f7 m3 D1 X I
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
" v4 {, [# J6 N6 |+ f - [Google Toolbar Helper]
; g5 ]* r; a# y - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 n2 Q+ j2 M- k4 q* r
- [Microsoft Scriptlet Component]2 E1 R8 H! `) L+ j: L9 m6 C9 B
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
& k4 x+ `4 z3 l# s+ p* R - [Google Toolbar Notifier BHO]
3 D0 u( a5 m9 J% L4 G7 |2 i1 C6 C6 D - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
% V/ ]( t% t* q) L; f - [SearchAssistantOC]) U- M/ R) h4 B/ @4 P
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
" A1 h' l L% Q- M0 ? f9 E - [SafeMon Class]
6 v+ E" T, Z& x - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>' {4 \3 n) a/ w$ Y7 I
- [RDS.DataSpace]
9 [* x' d0 L+ C: i; o - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
- s) J( P* D5 n4 o - [KooPlayer Control]
) o5 }0 y- g7 r1 z. J; W - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>7 D) c5 F& d0 h! A2 ?* ?. k
- [AUDIO__MID Moniker Class]2 m' Y3 p# [9 ], z5 B6 Y8 q
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
4 y$ \3 E/ R- F$ |7 u, t( ^ - [AUDIO__MP3 Moniker Class]+ {5 ?# V7 m1 ~3 r! i8 E7 |4 G3 z
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>* e' {# c, a- N; B
- [AUDIO__X_MS_WMA Moniker Class]
2 O: }/ D Y i4 M2 ] r - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>$ o# n4 D) N+ w( X8 k. m2 j$ B1 J- {
- [VIDEO__X_MS_WMV Moniker Class]1 J; ~) E' s% ?# {
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>& k# j, P* D' s9 W
- [RealPlayer G2 Control]% P* }0 s6 j# {- h. S/ N3 i
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
4 q; l; F$ f/ E+ q6 @# g' a* h - [Shockwave Flash Object]4 A+ n4 J, {+ A5 f6 g
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.># b: Z$ M. x. j8 P1 {; U3 P, C6 C) H% T
- [KUpdateObj2 Class]
5 q6 Y+ f) v- N% g W - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>, O5 w8 w9 z* Q& J
- [kingsoft browser shield]# r& {& K4 x! e( ]1 x
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
* e8 u" C( N% H' n9 O8 h - [PasswordEditCtrl Class]
, w$ R" d# g. R1 ] - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>; S) }0 Y" M7 S ]! C
- [QvodCtrl Class]
+ Y* L& q2 c$ z, C7 F - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>/ F i+ s% Z! n1 Q
- [&使用超级旋风下载]
1 `$ T+ \6 J' c3 E! O - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
7 t$ G% _% N; n; Z. q - [&使用超级旋风下载全部链接]
' S0 k) q/ V3 X$ w* A5 e - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>/ ~! g& ]/ n& `# N1 T2 z
- [使用迅雷下载]
8 Y7 ?' g! }, ? - <, N/A>
2 d* {; }( D( g - [使用迅雷下载全部链接], I2 U- O. r! i1 `
- <, N/A>
3 Z" d0 {! x8 \& R/ m - [导出到 Microsoft Office Excel(&X)]" r7 z4 e/ ]' I$ V( `- w- Q: B
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>2 u2 G$ r8 f! ?4 S
- [添加到QQ表情]7 _+ t: U: p1 V9 u) Q4 K2 w. O9 y
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>1 j1 L. u- {% c, w
- ==================================
- I6 W c& u- S$ D* e - 正在运行的进程
6 Y' O k% M9 t* A5 p - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ s6 h/ N; \1 ~: r9 t9 q
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] S6 l+ L% k" k* G, S
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 {0 m W% O, t$ U! d
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]5 k+ b# R: v' H2 ?# P
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" p, }4 H$ G6 s' h5 J
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& w3 w( w; D7 k3 ^' J0 f6 y
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 ]6 _8 f% K: W# J0 {
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: L9 q* s: V( o5 R' [& X% U - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* a! ]+ f3 s' @1 x - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- R$ ^$ _: L8 E' y+ | - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! N9 a1 I6 i8 g& `
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]3 \5 e. I7 a- g( N7 u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]6 t% b, j+ v' V+ C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
7 P) x; ^0 m7 s* d+ ^+ W" p3 [ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)], c3 ~4 b+ i" ^6 ]9 g6 ? z
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ a7 [- c1 f3 V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]* K. g. [) B: q( @+ A4 {' i# E
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
9 M, r9 [' z; V- y5 { - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]6 a5 Q0 ]# i5 \2 r! D
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]1 l( P, N. O* v8 C+ t( K
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]2 y5 d$ W/ E ]$ U4 o Q5 A. F
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; c+ H! `7 u; H* L# @* c
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
. _" k' s& I' ]; \* @ - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
- M- w. P- O$ l! V% X. v6 `7 V - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
+ z- e5 S; ~3 s: | b - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]2 o7 ?! w1 `/ f% y# [+ M6 n Y0 ?
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
. w r6 i9 c* X' y2 {( m6 @ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% {" b# [% H' F$ J; n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ K! W1 o- K9 [+ M7 ] z( o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" h% ^1 k9 b* u6 X8 g+ q# o$ M
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
, T, p, B; e9 U7 N- D3 j7 h% g - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 p7 O n$ |) k i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
& Z# W$ f% O+ A$ C4 @0 `0 Y' r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ @, u; c9 E! v$ R- z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]4 K- G" K$ o7 i* B! z9 v5 W
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
9 u" t) Z$ j: Q! }/ ?% b - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]4 x- L% t0 _* {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" ~2 j, T( n1 k- _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 r+ A; |! [3 F \5 l - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]8 [0 E( E+ Z# c9 T! H
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
" F9 x. e$ V8 D: Z. F - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* f$ H& i% \7 o3 C+ p0 `* G6 g+ Q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]& g; N! X7 O& G* a: V
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 W7 }' ?5 U+ W" F- J9 I$ |8 v
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]8 w* u n" E' T' h* X& w% m
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 ?' w1 `. A2 D1 ?
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& K; d L9 m; N' w5 R+ I; ]. y - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
* ?6 q; O+ L* ^3 u - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
- G. z- {: X. y4 ]! V% \. y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
- D9 z) ^5 y8 b4 e* ~" ~/ g# L - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( A9 W" j1 D, m( \0 F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; t' _+ B& N9 i; H - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
7 n6 i/ G0 T" ]5 R - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]9 v( F1 @7 V% P( v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]: Q# |2 H+ B+ `3 i4 [: u) h1 w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]6 l: e/ L$ O6 k4 y2 l3 Q, w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
2 @8 K5 U9 m3 a9 z# x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
0 {8 A) u( v8 ]3 O' W( h' v - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]1 B) z# }; {2 f( J4 q. Q6 c5 B" l8 s
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]; c% A! ?/ y% I4 s; R, l
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]( R2 b7 j- L# b4 l1 R2 x, W9 o0 l
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
6 i5 E7 f9 Y2 N5 ~" D7 e- m& I - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]7 M1 c* b( E0 d# ?9 L' M
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
% x! t& C4 | L1 d, S1 t5 ~- G( ` - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
. A4 R1 [; @0 t( y8 x% b% z - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
# {0 \0 w% _* w3 m$ U' {8 D/ \ - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
4 e( f. w& a/ E3 S: P$ B0 { - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]# x+ n: i- T; x) x2 u, U4 Z( c
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
5 |; v- X- m. S0 f; \/ O - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 }, x+ A1 X: P& u9 ?1 m2 a - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
2 R% d' a/ |7 \ W - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 B! z5 o# P4 R5 Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, h0 z: g! l# T: M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) F* V2 Z6 m3 h6 s - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
7 t; V& ~' D: g; m6 r+ j - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201] }8 X5 c; C& L2 X+ }
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 V9 S4 G2 }0 Q7 F- h3 n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- g7 q) g& ~+ ?, V J5 X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ Y) Y! F3 @0 o
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* p, F$ Y9 u1 `; N6 U! v - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
* |2 O0 o9 K7 l' ~; C7 c2 `" O2 P - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]1 H9 Y6 g: y1 N' \" Q4 h2 n
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) [8 _% n- b) y- y) F; w - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
3 c6 C0 Q. Z, T" z4 `$ i/ ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) q; `. r, e/ l1 J# M% q6 b1 y! ^1 w - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. D& {/ u4 H0 n# f8 r8 e: S
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]/ R3 v. y4 D# e$ g1 U* B$ x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* j( j6 p* l& V8 U1 E; u1 f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ X+ d( o- Z3 z; W, H4 T4 t2 c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364] [8 O2 K$ G( Y4 j! u6 |1 a" ?& B
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- i9 a! U+ N9 j4 R
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
9 Z0 t" c0 f* }1 t/ y - ==================================
( D' b; U4 Q! z. w4 z - 文件关联6 Z3 p" e- j0 f1 _+ t H
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
) i$ g0 T- l: ^* y4 P3 i - .EXE OK. ["%1" %*]
: m3 l+ _, i6 L8 ^" z- n$ L$ \ - .COM OK. ["%1" %*]
' z( n: O$ Y- I) d8 h - .PIF OK. ["%1" %*]$ h7 ~8 ?' V) }
- .REG OK. [regedit.exe "%1"]
2 o: X4 n* f( N - .BAT OK. ["%1" %*]
: @/ X' m2 x/ O& |2 V+ S- `& | - .SCR OK. ["%1" /S]
6 l3 \2 b' G1 A6 O - .CHM OK. ["C:\WINDOWS\hh.exe" %1], F8 d2 Q+ _/ M5 i# [4 t
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
$ d% b9 Q$ R8 ]% v) E o9 E - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]+ H T! G" U5 Z( f( Q' b- \* K1 x
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
$ ?' T% R& o/ e - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
6 ] j6 Y: G# s# `' l! P - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
! |7 l# Y$ o/ M, C1 b; r l - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
5 i- h1 E0 }, Z' B& h0 i0 P: F+ [ - ==================================; N4 t8 s& I0 v2 D4 i% o
- Winsock 提供者
( E( _) E# r7 s2 Q4 _3 Y# B3 \: Z - N/A
& a; F. t* N' @/ w t: u - ==================================
+ M% m6 f' o8 U' h - Autorun.inf0 a4 ?" y3 a) ^" ?# t# a3 I3 c
- N/A' d% `1 u" G8 r" ?0 V5 k
- ==================================
" P) `; f6 M0 i2 [" v+ U$ a - HOSTS 文件$ J. H! O' Q; ]' b+ M
- N/A6 b, P6 Z% A" b$ V8 J: I
- ==================================. M7 ~; N8 y: ^4 _& e- o0 ~
- 进程特权扫描+ w$ |9 g: {( i( J3 D( W; r L( U& n
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
' U$ }! A* C3 \ - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]5 L1 @6 h4 S. {: y
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]( ?: l; Y, f0 ^8 c1 p! i% c% P& ]
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
5 K8 y; W: d/ Q - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]* x* l- _! s! |* m5 C, G- O
- ==================================; l1 d! Y! d/ P% |$ I
- API HOOK9 V7 C- s+ |5 p* @4 X; H/ y. E
- N/A! m) o8 Q. b0 v
- ==================================/ y4 B4 \% n* K3 c% L% }3 X/ D: q$ R
- 隐藏进程: w3 j! C( [$ J( Q7 N0 A: C1 k
- N/A' J8 I* w* R/ B) S
- ==================================
" m3 ~% {& y+ _
/ {: h1 b6 b7 \/ }7 X
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
