|
|
$ O+ Q8 q/ e7 t, Q& O6 N/ C- 2008-05-22,20:37:43% D" ~/ [3 V5 X6 M' G, U. \
- System Repair Engineer 2.5.16.900
! r) v7 L' y" G( w, n& @, i' E - Smallfrogs (http://www.KZTechs.com)
) X, F0 E/ `7 w/ n \+ U! p5 | - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能, O/ L0 L9 N7 X0 `. F
- 以下内容被选中:
: c* @9 s% s2 s. E6 ?; R - 所有的启动项目(包括注册表、启动文件夹、服务等)' Z' t" B- d* C1 Q* a
- 浏览器加载项
) R$ j% T G6 i3 I" O - 正在运行的进程(包括进程模块信息)$ ^6 i% a* N9 C1 d
- 文件关联* ~; E; m/ v' Z# a. J% Q& ?. h0 S
- Winsock 提供者7 J4 {) B* R9 }
- Autorun.inf
8 i" x9 d/ B) w: S/ } - HOSTS 文件3 n3 ~% X$ h' l, }
- 进程特权扫描3 C' B) G7 A N4 ^5 P
- 7 \, A) v0 i# I- [' j
- 启动项目
" j% t+ x4 v, n4 G8 H - 注册表* ~+ q, ^3 g! t* N+ }
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
" J4 U0 z; p1 \" ]* H1 h - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]' v" Y1 O5 A/ D! {2 F* X$ X
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]; O! _% v* c) [. A; D
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
1 E6 Q$ T1 {$ J - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
) b: ` X" g% x, t& u - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]9 J) l9 C/ w8 H3 X
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]. Z* x b3 T/ a! s: A$ {+ C9 e
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]" C' c* r8 J. h z
- <PHIME2002A><; > [N/A]! g4 d" o [& ^1 y
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]. t9 c, \2 j4 L: q1 t4 ?
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]% [3 h4 z, E, z# Y% [+ c
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]4 s9 h. Q4 f+ v9 [# a
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
" O% }7 K( U j- a- A - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]* I0 Z, T2 w, c
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
( }/ N2 C. |; @7 h - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
4 K0 U! w& r2 ^: h- \. L - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]; O( A7 v- S1 O5 b- Z" Y8 ]
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
( n4 c# P* s' E& _: U o- C) s* { - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]7 D/ i4 \/ I9 N. v
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]; w; o% x9 A& p8 ]3 S# w0 \( H
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] v/ S* _% [/ A; F- x3 c
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]: s3 r4 |4 n$ k. c9 W
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]( Q t9 y: H, w
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]5 i9 g$ s, y" t' Y% K5 h, d V
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
+ P: A; N/ c/ S L - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
9 l+ `9 p! _$ b6 W: _ [* v) l - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
& Z4 H- W' Q' [+ j - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
$ u& n4 g: _+ p/ D( H+ n - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}], t. Z8 M6 `) i& k+ U9 ]
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]. D1 U' _- I: T0 m7 f5 S
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]1 e- T! A7 C( h1 d. H$ p2 T
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
7 d4 X' D+ D2 R6 L" @8 A. S - ==================================) \- C5 ~/ l1 k2 V& g
- 启动文件夹/ }2 `5 f3 i1 b3 q4 l
- N/A8 K, C* h' j( n; `
- ==================================
c8 u4 Q- ]8 V! q9 G - 服务. C3 u$ r" W" \+ ?& R4 u, e4 B
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]0 I5 _; f) Z( j# i2 R2 V$ x2 U. N9 S, Q
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>9 ?% K/ ^6 p$ V, W
- [Google Updater Service / gusvc][Stopped/Manual Start]
; D' m F! A: h - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>8 H$ z9 N3 |, v- B$ r# w( n
- [Help and Support / helpsvc][Stopped/Disabled]
! n9 e: @# ~8 |% O5 W - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>8 B. W/ `. R" [/ G* f
- [Human Interface Device Access / HidServ][Stopped/Boot Start] ?, @+ g" j7 G, v/ A4 B& T
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
# m( c+ I9 k. x$ u- F; w - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
/ H0 c1 Y6 Q- i" C$ Q - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
8 f. h2 R2 j5 m- o1 f" r - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
" ^. \: ]1 D+ M& g2 Q# D$ _ - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
$ i" D: i1 F- E& Y5 ~ - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
4 L" |# i( O5 O4 t' @" q - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
/ @2 `3 c" V/ K7 X/ l - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
' E z# [0 a$ X) n' Y" H - <><N/A>
6 z c" G8 d- V8 a2 k - [Qvod Terminal / Qvod Terminal][Running/Auto Start]- a- l5 q( ?; ^9 I" _3 U
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
$ G! F2 |7 a2 ?, ~" L3 [* f( q - ==================================
. M7 g4 p+ e6 _. x - 驱动程序
" ~4 w3 W1 I" W - [22j / 22jn][Stopped/Boot Start]/ H* J. |. @, d- B( n* r# R
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
6 s4 \6 T2 ~; e) W$ L) B" G - [360AntiArp / 360AntiArp][Running/System Start]
, f& H2 W: v/ G - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
: D$ i8 S+ }7 \5 X7 a - [43ec / 43ecu][Stopped/Boot Start]
2 y( U; T' V8 M( v6 E' R - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>3 o. @, ?8 \( h1 c l" P
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]: \% ^" A2 b! K; e6 R: K
- <system32\drivers\ac97intc.sys><Intel Corporation>
! L. r) D3 ]0 t7 F, K - [Promise driver accelerator / bb-run][Running/Boot Start]
1 @! x/ ~1 _/ w9 l$ ?5 {. k' X - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
" E( |& L1 _6 q7 O* @ - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
- O; n( o# g) f9 F( F - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>3 c* j- k" k/ x* J# c
- [KAVBase / KAVBase][Running/Auto Start]% B' K! m0 B/ n: o' K+ u
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
' u5 h, z& R7 Y) f - [KAVBootC / KAVBootC][Running/Boot Start]7 v( b6 P# `0 L! H4 G0 g
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
; q+ D. |' g8 J% [8 i/ c, N - [KAVSafe / KAVSafe][Running/Auto Start]1 X( W, O1 t2 B q
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>7 P8 V1 M9 a. h8 ]7 P: J1 g
- [KNetWch / KNetWch][Running/System Start]5 {1 M) d6 i" {% F( r
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
0 c2 C" F: o a1 e - [KWatch3 / KWatch3][Running/Auto Start]
1 X& X! ^' h9 f- a/ r2 t - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>9 R. j1 `; e2 F2 ~0 h! E: v
- [ntptdb / ntptdb][Stopped/Auto Start]: R; M* G# q7 U# }
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
' l4 h) g7 y5 h4 Q$ J) T: B - [nv / nv][Running/Manual Start]
( [3 x0 q5 O, D* D* Q - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>& I% ?2 M7 c1 {7 W
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]: @% L% Y% H/ n, W8 {2 e1 r6 f
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>( t0 F' k) q2 Y3 `# }9 l
- [DDK PACKET Protocol / Packet][Running/Manual Start]6 d. ^7 I2 ]( o2 S) J& h$ c
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>$ y, t- x% q2 p6 B8 G) L
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
4 X. } v# U$ x6 ^. M: R - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>* N' E1 Z$ G0 ~/ V) g6 c8 b
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]5 L# { v4 _5 ~( o
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>! b' v0 n+ u6 @ ]' [9 P: p. p9 T
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
- u( B$ A) j+ V+ E5 w - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>5 {/ R/ ]- p0 Z4 ~, M' H
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
5 c3 v; v! N0 W/ b9 `9 I - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
) o) {* J9 v* U7 W - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
3 \- @( H) @7 d! ` - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
/ v5 R0 w v- J# _6 w - [Secdrv / Secdrv][Stopped/Manual Start]
9 M) c' _* z+ q9 e7 m - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
* h; \& }6 j. |3 D - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
" s; g, N' D: v: w8 \ - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
/ u# g' r4 P3 M+ n - [System Restore Filter Driver / sr][Stopped/Disabled]2 m' z0 n4 h" C. w) d7 `/ z6 x
- <system32\DRIVERS\sr.sys><N/A>
( y U ^; Z7 C, n' V$ ^ - [TesSafe / TesSafe][Stopped/Manual Start]6 m2 V& Q' p. a- A
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
/ ]# ?& I8 _# Q& M4 c; W5 R - [System Services / unzxzsrs][Stopped/Boot Start]
7 W* Q1 U* [1 G1 E. U0 n - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
& i- u& V$ ~, H4 ~9 h3 `5 s - [ViBus / ViBus][Stopped/Boot Start]
/ ]6 m$ V: r# @7 H. u; w3 q - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>7 }9 g" e+ I( q* `
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
]# o- b- C3 e! k9 f! ? - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
5 ?; b/ M1 ]) r - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
4 `# ~) m& K' k; V, k - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
7 m! \ T/ l0 z& d7 Z4 e - [ATI Extend / zhibmaso][Stopped/Boot Start]7 N6 Z5 j5 Y; x
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>' a) R9 ?! V" w" x8 `
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
, X1 s/ t* |4 k( }6 ^ - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>1 R* Q! |# u( ~
- ==================================
! F9 T I; t% S( C7 \ - 浏览器加载项
! }; [/ q% h4 h% F$ ~, B& a* H - [Google Toolbar Helper]5 j5 y$ a& @" D" `
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>- E Q& X: L( a7 J1 m
- [Google Toolbar Notifier BHO]
, K5 z" Z/ U6 @( F( ]" H6 t - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
( _, \; k) `5 E+ b - [SafeMon Class]5 t% m$ x* j3 x3 ^7 T
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
! h; {( q1 v O7 b! J+ s - [kingsoft browser shield]
& T4 {3 `6 S8 b; q - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
$ r0 |, o) b! n( u - [IEBuddyExtControl Class]
4 u- A* @0 I+ U' U/ d ]. a - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>) _7 D( ]' w/ F9 c2 P7 K
- [Zcom 杂志]
1 @/ d8 s/ h/ P - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>+ q2 v5 B7 X3 F8 I% b
- [&Google]
" h% r. D5 z: U - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
" S0 J/ b2 b, x9 X$ G - [KooPlayer Control]4 G# e# |& r& d% M
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>3 _' v- x: F" A r% ]' i# ?& c, d$ F
- [Shockwave Flash Object]& P+ C: T9 ^7 Q& i- l+ \8 O' H" s
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>4 f( w* O: T5 Y$ ~, f
- [KUpdateObj2 Class]
) ~! @8 @- a o3 V# t# I - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
$ D% L. j7 a% u2 n8 X. n7 ~. t - [Google Script Object]
7 V( `6 \! Z ] - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
! |- h1 X$ v2 m+ i3 x7 Y* T - [EWA Control]. `; p( C7 g: n( @7 i( C3 s" g- N3 r
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>/ ~+ \8 H9 B! e, a2 u
- [Windows Media Player]' j0 v) z+ e7 a% l4 x4 q- s2 h
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
2 R# ~% S; i* L. Z! r - [&Google]
1 z) v8 w! x* P( o( y4 J4 K - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>4 |" o( l9 @/ T5 y, I+ u& i
- [HTML Document]
+ s; I$ u- h1 v - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>6 q+ s: g& |1 K; {/ `
- [DHTML Edit Control Safe for Scripting for IE5]
2 ^" G% Y$ ?& w, t$ S7 x- m9 E - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>5 G. m' m$ y: K* _6 D8 N0 ?0 ~
- [RealPlayer RAM Download Handler]
2 G% C4 n; i7 V - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.># s7 x$ k- [- q+ W u1 z/ J
- [IEBuddyExtControl Class]
2 k2 I1 A+ R2 G! M3 u' ?7 I - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>& k, Y: i9 V- v2 V9 H, A' G
- [XML Document]
$ Z* y8 a# m8 m. [0 d9 A - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>$ R$ Q6 ?1 m/ C# g$ U
- [HHCtrl Object]. m; g# x1 f4 u- M9 L0 m! S
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
6 g' T+ d3 o" k& U; L" x - [Windows Media Player]
" R) [$ x+ f9 u1 i1 p - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
" E5 {0 V. m# \1 d+ l - [Active Desktop Mover]0 Y8 p1 W V6 l4 W1 u! m
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>* s; \5 L9 U; R
- [360SafeLive]% U! w' i& p6 J$ e$ H: C9 U, e
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn> C. Z! M% p7 g. H3 G
- [Microsoft Web 浏览器]
6 X$ I; {$ m1 \ - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>+ X" f3 p* U& q! ]
- [Browser Enhanced Objects]
2 [5 t5 w4 d+ W% T7 u7 F - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>7 [* H) y, \2 M( ?! X' ]
- [Google Toolbar Helper]' r: k c; n* q1 n5 a* m- }" _+ c
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
. q& V+ W' H) V# J% _/ f$ } t - [Microsoft Scriptlet Component]# K0 A- L) ?4 S$ U) O: z
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>5 i- d6 f# m% q, ?( f
- [Google Toolbar Notifier BHO]
f& P; G4 \# B" F! _8 t3 r - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
. L3 X4 q* p4 \: O! N1 Y - [SearchAssistantOC]
6 U1 K/ U% p6 e' Y8 j - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
) w5 \) M$ b9 F$ C$ i - [SafeMon Class]
% |6 i& U( u3 U o w( x% B - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>' C, c6 x+ L) k
- [RDS.DataSpace]
% a/ y1 R- w+ E - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
( e/ @$ l( S) `) D - [KooPlayer Control]$ @- q6 Z+ M5 R8 H4 \* ]: ` p
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>" n0 R2 Z6 e* E0 M$ [
- [AUDIO__MID Moniker Class]3 J6 a8 x- W D4 `( e$ H8 w; g
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>; j n8 Y0 z5 Z. L) Q4 D
- [AUDIO__MP3 Moniker Class]
( T7 K' ~. j% O" r; ^* D - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
n# w3 h5 t% K# B; }' R" R - [AUDIO__X_MS_WMA Moniker Class]
% |4 {% O# f/ _" S - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>' C+ R! g w* L$ }" ~
- [VIDEO__X_MS_WMV Moniker Class]
$ U/ ~. T% K3 R$ L3 L$ W% { A6 o6 h0 v - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>" a; {( M* ^( L5 h4 y! G" I
- [RealPlayer G2 Control]
% y; e3 W9 \0 c1 S7 T4 h - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
2 P2 H& [+ G' R: ~( |; e1 \ - [Shockwave Flash Object]6 h9 H4 K& X1 O+ M7 d& t
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>9 [, I2 J; Q0 F5 h# H' `
- [KUpdateObj2 Class]& f; ]8 E" y `# ?
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
( K0 E K2 \$ z$ G& g* X - [kingsoft browser shield]
4 w( A) w6 A; y; F8 @/ S1 M( F1 m - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>3 F1 ?4 r; T' m; G( }
- [PasswordEditCtrl Class]/ [$ O2 w$ s) R
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
. u+ p% K$ {+ p& ^% z% ]" F$ o - [QvodCtrl Class]
( l* I c" D, H8 H - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>+ |% r* L4 R0 H$ V& o5 e
- [&使用超级旋风下载]7 \# U1 q; I% y" U. O
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>( ^2 g o- B$ N3 b+ v, X
- [&使用超级旋风下载全部链接]
1 T ^% n% Z5 |: T - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
! ]$ ^6 Z' T; _- F - [使用迅雷下载], O+ W$ [6 g, t' V9 X1 t5 j8 u
- <, N/A>" Z2 P* h( n, j# j+ M2 r1 ^5 o3 _7 ^+ }
- [使用迅雷下载全部链接]
) c) W1 ^' D. k1 r0 i" L; } - <, N/A>4 c/ @' h$ s; b5 q# V
- [导出到 Microsoft Office Excel(&X)]8 b6 [6 e) R% T- s
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A># i6 R& M6 H, y. y, f* q
- [添加到QQ表情]
6 A' C6 O" f+ v% ?& N5 O% r! c; { - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
1 B6 Q" L b: y2 ^2 y; n. d' l - ==================================
+ b" T& ^, B. o1 w+ a0 w - 正在运行的进程
1 @4 w& I% O8 _* Z - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ d: Q5 z$ x# {' } - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' W& E0 u. a X
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: f( k$ U, y5 |' j+ ~* g
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]: A9 c' ]6 Q3 Y0 n, i0 L4 p. e
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 v- J* n5 l9 t9 @5 G9 j' z) A+ E0 L
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 G7 o1 i! ?6 I& Y+ A. E - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' }: e# E* \' {; _/ g+ f9 P! [
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 @9 V( y& Y1 e0 J - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 p" q6 ]( |. z6 b0 \4 T& _ - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 K& d, R+ Q9 i! ~# B, N; N
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) k7 D- R( ^ B0 U6 R. S/ n& t - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
- f& t+ q! u5 H2 b a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 T& j4 q e# R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
" b9 N( c w, {7 Z1 P - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
* _' C! ?6 [9 \! ] - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( |1 k1 H! O! ^7 S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]2 k/ }3 r! m, |% e7 ]- H& Q) K
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
# W8 M& ^; S4 L9 F( E, Y$ Q - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
R( q5 z; Q+ x3 M4 u - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
" C9 o3 ?8 ]( x" i7 u - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
+ {- z! A& H8 G9 R. r0 Z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* ^$ @, Z/ Q9 z/ h
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
1 j/ B$ ]! u8 `, ? - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]/ C/ p& ?' z* C1 s" p
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]. E1 V2 |# v6 x1 ^( D+ ?
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]1 J- e/ W0 j- O! R. D; x! ? _+ o, l
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]& Y( |1 V% l, O2 I% x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 L! O1 C6 N; b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 ~3 S( S/ Q! N" n& U0 m0 n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 k/ _; B3 E+ A' m7 A - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
0 U. Q4 e" f5 @" f: [9 b - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 \) B# V' z n, U' P( U' q: ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]1 F9 K5 p' I: Z1 O y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# Z9 F+ }2 T! D& d
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
+ T* C& p; h0 V) |, J - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]& _4 h9 h5 [# r# H% w: I6 x1 C
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]0 `2 N3 j. [. X T! Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: ]* u- V: G) x' _- g* F - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ @. d; F- ]5 }. E - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
+ w3 K2 T/ L, N j. }0 F - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
1 F2 G' @# S m \ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 p" @9 P' p3 b/ q G
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 { p3 m: q. a- D M
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; L) q9 }- U v4 U( G - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
2 F9 L# H; w/ a - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 {) Z4 {3 m! f9 w6 K9 Z* Q
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) J4 Z2 k; R b r- s - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
) ~% j, X2 Y" j! U5 Q - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]5 M) R3 r! y1 {) e6 a8 O
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
: \% c/ ?! y" D6 x1 }& S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" F8 W, m/ L! x9 g" e - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]6 T# ^9 Z! H( u2 k- P
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
# _/ i# C0 M, z0 @6 ~; o+ [ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
6 k; H% I6 ^) t) y3 e$ ]2 w - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]) H4 t; ]$ k$ K1 q% Z' O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]! B4 `: ~' z/ O5 c, w5 J, @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]4 i+ U" `. R! H; d8 G/ e I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]9 Z; Y- s+ A8 {7 Y2 j- A2 V% f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]4 W7 F/ I7 _. T9 j5 z5 W
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510], p+ }! O% u$ }
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
. ? q* O5 w" I2 z5 s/ _8 g- g - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]4 l5 F+ N# D! R) ?6 q$ _
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
3 g2 J: q* q3 Z) k f) O, [" b x6 o - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
7 b) t5 v; L! J2 p/ d - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]" Y+ A+ G. }' v4 g
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]) j; {6 J9 Y9 t8 c5 K& } {5 O" w
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
b+ e! u- o; k, B; L - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]5 O9 Y9 c; E, Z3 Z) ]
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]2 e1 f" y' J( Y4 \/ ~" s4 K
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% |/ X8 v: _* E$ w" b! T. F" U) { - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
4 d2 v5 y" E/ Q/ ^& g( e# ?1 E - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 @. i" r% `& m( b: u7 K' p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" s0 y7 R) X3 D( }; i A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]) j" ^, Q6 e7 n2 e
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
- A! E3 F% |/ p, y - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]) b! B+ F j. K+ o/ \: Q y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
' E0 g# v7 z& `2 Z+ @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& u+ `* d! d/ ?2 e. E4 h: L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ y0 V, n% U' Y8 ~, h1 i
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 R8 v" p) I. F4 d, s% d - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]) `: T I' X Z1 } j6 K! p
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
9 Q. V" t2 M, e+ f, I - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
; l7 Y! z9 R4 d0 f* w - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ M2 m! Q3 P; `' O7 O9 U+ ^. j* J. P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" E5 S% Y r; D% P6 l, f
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
x; r7 j2 h4 o5 @2 w - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
6 c) D( D( V" v- X - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
/ q6 P2 l7 K; T: n) t/ O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
3 Q, G* G( V' c7 `! x4 e - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]. y# d/ b- |# E! ]6 u0 v
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' X* h- f% L0 `! [( a8 E! } - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]8 O* D8 W T" C
- ==================================
" X! H" u5 c7 [. O0 S& [ - 文件关联% ~) E2 l4 _/ R$ L4 V7 N# J
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]4 a* H( x4 Y* N/ H
- .EXE OK. ["%1" %*]6 h/ j; {" j0 r, h
- .COM OK. ["%1" %*]! w$ W# j* N- {! P' S' X! K$ R
- .PIF OK. ["%1" %*] g3 g2 `7 H! x
- .REG OK. [regedit.exe "%1"]( T+ m% b7 r% O- O
- .BAT OK. ["%1" %*]. L6 e& _$ t8 V2 U
- .SCR OK. ["%1" /S]5 r3 j# A4 r- _' D6 t( N( O. f3 Y
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
9 h! ]# t* `$ `* i' x4 V& R - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]/ w1 u# p$ C$ P0 Y% I
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]2 d$ N' l* V1 }; C: O( m$ ]6 g
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]3 f6 N2 n# w. }+ [, g7 ~2 f
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]& E9 u. Z/ U; v! l! T) }/ c' S' K
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
: Q) Q* c! c P1 k1 [7 W - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
' K# Y" o% K1 H* h9 T7 R+ A4 T0 P - ==================================
9 o4 r' A+ U0 {4 y - Winsock 提供者
$ T/ J% s7 u2 d0 o. V- J* o - N/A8 [* v4 u$ E+ R0 D3 N/ I L7 C0 K
- ==================================8 J% k' v( F" q7 Q# f: ?3 v
- Autorun.inf- h$ i1 C1 N; `. ^2 l5 J* Z
- N/A& C( f! {" q$ T+ W; B: A. }4 u
- ==================================) R- B% S4 Y" Q0 [" k8 g& I# F N
- HOSTS 文件$ P1 M, }% C* b u f7 z& v
- N/A1 u( C. `, Z8 {0 T
- ==================================8 u/ ], {8 \7 |
- 进程特权扫描, B6 d) v7 g5 z% x6 `
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]4 A. Y; B: S, Y6 z7 H. \
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
- I Y: m" ^1 |9 P7 @9 Z; H - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
' g& ?: a( v( z0 {! R: \. F/ N - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]. D& {% p4 A ?. A6 ^8 z
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]" m% C/ M' V# O! o
- ==================================
$ F! g( K# {! E, T+ w3 \: [# { - API HOOK( B5 ]6 r$ C0 k1 r# r; S- t
- N/A# @ ?5 X" J9 _( y8 q- B
- ==================================
0 r4 A) U9 C+ @ - 隐藏进程' L* a7 H5 h! m- m
- N/A* j9 Y% B# C% D6 I
- ==================================1 e7 w/ E+ V2 ?( Y" ^
+ `/ j6 ?" d) [% n7 t$ E r2 R3 y
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
