|
|
6 L) Y3 u$ m1 n5 z+ t/ D$ a- 2008-05-22,20:37:43
! t8 J; Z+ j" ^" V" B - System Repair Engineer 2.5.16.900- L* ]1 F% j; ^* f; s7 N$ v
- Smallfrogs (http://www.KZTechs.com)
- J3 X! k4 Y* X0 g; y, d - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能: g: V8 }# f$ k5 P
- 以下内容被选中:& v8 E6 x* j* d- [* n( S
- 所有的启动项目(包括注册表、启动文件夹、服务等)
$ Z1 d- j R+ ?# O* | - 浏览器加载项
0 [: E, S0 N& j - 正在运行的进程(包括进程模块信息)- j3 ]6 l( }! t+ X6 P
- 文件关联
) D* C& G" X o7 Z/ W, j8 q1 M - Winsock 提供者
0 d. p; m( q4 w9 q1 h. P4 R - Autorun.inf
5 ?4 o; C9 ` i( s* Y. u - HOSTS 文件- O0 L; q8 | T
- 进程特权扫描
0 j% t/ }, P2 s" o1 R( |% i, E0 j8 K
. |1 w/ O- ~! B7 y n% f- 启动项目
( O7 z- L g/ i8 |5 Q1 Z8 U - 注册表# e1 B8 _. F) C% e E C K; ^
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]6 J( N" V% f4 B( l
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]+ @- Y- p% {7 F# @* j. ^
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
7 ^$ ^/ c, ?1 I/ O6 q- R! S - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
# s {/ s1 N" ^) j0 o J0 x% Y - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]! l+ @1 f. q+ ?2 _, H
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
0 h6 M% `# X: R+ ? R - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]! b& S z& y7 A7 O3 G3 s& F/ B, z
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
' Y8 u: ]/ {" U8 v) t y - <PHIME2002A><; > [N/A]3 A$ r0 _! x4 R; k9 o
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
" \* V. h2 T- n- _9 o9 B/ e - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]6 ` B8 s' _5 t% i
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
4 d4 h7 J2 f) w8 K - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]# I u* N( k9 l% Q/ y
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]( C1 d: R/ T: {3 N( Z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]$ F: @! y2 Z6 l" w# \9 J u7 ~4 a
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]' h8 S5 q# ]/ e4 v: i
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]5 w# V- J9 D& x% g
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]* B& u3 E: m) M8 M. H4 |
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]4 ]: Q L) \1 F& b
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]; a, h$ W/ r% U& F3 L2 l: V$ M5 l* j
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
/ T' f2 q* A% X$ H+ T - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
+ {3 g! A+ u! y$ f r - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]1 Z/ H. s: D& ?% s& a# E; ^
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]: M0 j \0 z Z) x8 V. D& n. g; i
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
8 E8 O* V0 o j2 C" [6 i) `0 Z7 y; x - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
8 Y' `( g1 P7 @ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]- a- ~1 j- G2 N: M$ h3 A9 ]9 i3 k0 ]
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
" u# e9 f2 x3 O9 g) z. t: [2 k - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
, z& _& w4 k: B2 J" b - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
* D3 K5 S% w4 T; V: v( h3 G - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] E/ F S8 T6 \, T3 A/ x
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
3 m. X; b0 i+ P+ O - ==================================+ ]& l5 s5 F& E0 ~0 v7 Q1 N
- 启动文件夹
; E5 e* p, F/ B% j - N/A) |8 ^& [" x( W. ^( Q
- ==================================8 H/ ~1 ^3 R1 O' f& w- N# w
- 服务 D: w' V+ G% k* w( Z
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start], ~0 j& _7 k: h: y( y# t [$ f& @- f9 l
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
, o$ f. ^' Y( Q) i; F& _ - [Google Updater Service / gusvc][Stopped/Manual Start]
5 Y* P) E) D; c# r, g4 K; z - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
, x6 _. k5 ?) W6 ]' _5 z - [Help and Support / helpsvc][Stopped/Disabled]
p$ T( s4 D3 T4 m) X. P$ T& \. C - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>' s+ E) @. t, Q
- [Human Interface Device Access / HidServ][Stopped/Boot Start]4 s, J' X0 S. [- O) ^/ V7 A2 v+ ]
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>! k$ p# F8 }/ m+ m" @* }( U
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
* x% _+ e- W* S% w, h - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
; c/ s- ?7 W5 ` - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]6 M, G* W$ }7 d0 k" g7 P
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>$ t( o6 n2 X% m
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]+ a W! O2 Y' V1 q% I g. K6 R/ C
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
" f1 `8 X/ c5 f' b6 b, G5 z - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
* n& r3 u1 y+ d }% j* M; [7 x - <><N/A>
& |' S3 \ ^5 q6 A3 E - [Qvod Terminal / Qvod Terminal][Running/Auto Start]% T! P" d% D8 q0 n/ V% d& Z. N* ^
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>8 g# w0 b& Q' Z9 k6 X1 V- r
- ==================================
; h# {3 j5 |, v - 驱动程序
# q2 S: |4 u- z" t( f* c - [22j / 22jn][Stopped/Boot Start]
2 s+ r0 n: e) R4 L7 {! D - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
6 ^; n: S6 N6 }$ l) r8 B. B8 L - [360AntiArp / 360AntiArp][Running/System Start]
% I) _3 L5 b* o( e( p4 T) k - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>) K/ ]# f( }, M' }# m0 J4 O
- [43ec / 43ecu][Stopped/Boot Start]
) n: }- R* D2 x$ g( I3 @ - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>6 Y2 M7 h0 H; D4 D6 G
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]. a' [/ _* I6 z9 c% _% R
- <system32\drivers\ac97intc.sys><Intel Corporation>
/ S9 q6 g# [! b y& e8 j! ] - [Promise driver accelerator / bb-run][Running/Boot Start]
& ]* n1 i$ J( i' L% P; w) ~ - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>; Y! Y* `5 o z7 X
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]% d) Q! J5 E* \ C
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
0 F2 M) o( j7 v4 I - [KAVBase / KAVBase][Running/Auto Start]% H. p+ @8 i. t& {5 \$ A I
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>- Y( e* k9 }( F. j
- [KAVBootC / KAVBootC][Running/Boot Start]6 V+ d( R1 j+ Z' `
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
. B, G) F: k! M6 Z8 E4 N- S- b: | - [KAVSafe / KAVSafe][Running/Auto Start]0 I( b" N( N* P$ v$ C
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
' J1 y" W' c- i+ G - [KNetWch / KNetWch][Running/System Start]
& m" {7 f6 f- x( [9 c( h' a2 } - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
c9 U/ H9 g$ A0 G - [KWatch3 / KWatch3][Running/Auto Start]
z3 W' h* H( \( Y - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>8 b/ p; F t p
- [ntptdb / ntptdb][Stopped/Auto Start]
5 Z0 C1 T" J$ G1 Y7 U; f - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>+ w; |7 p) J! R
- [nv / nv][Running/Manual Start]
6 O) }: J1 Y1 D0 J& ^ - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>& }6 }! W5 C2 u2 Y7 @
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]3 k: ?+ @" J: ], u
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
0 {: C2 A# o3 v3 o4 R* D+ R$ w& g - [DDK PACKET Protocol / Packet][Running/Manual Start]! t; K$ e6 H3 |& S# e/ i
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
* H: l$ z3 h$ c# L - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
# i+ D" q4 s4 v# I5 y- ? - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>; G% Q/ J- e i8 q* l" n$ m1 D
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start], s4 C! L* W" b
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>. N+ Q# E; t& o) Z3 w! }: _
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
% S: V; W# h4 a# q+ U' F - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
) K6 @( R) q# L - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]4 G% E# X2 c3 P. e f1 L
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
: ?2 c! Q" o3 \3 ~ - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]0 y* d$ `9 J Q+ l
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
i3 u+ p K% S7 r( s; `* Y, t - [Secdrv / Secdrv][Stopped/Manual Start]8 o M3 u. k' E. \" o* A
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
- b9 S$ g1 A) ~ - [SATALink External Device Filter / SiRemFil][Running/Boot Start]4 [- G3 E' B! L0 O2 E+ u8 ?' z! h
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
" c9 u+ k; j# Q( y0 P - [System Restore Filter Driver / sr][Stopped/Disabled]
7 _+ P0 J& G$ [1 m* T/ x' l6 I - <system32\DRIVERS\sr.sys><N/A>
1 E: {* \6 l2 j4 T" V - [TesSafe / TesSafe][Stopped/Manual Start]
3 W* ^5 h# {, s* l2 Q# H& |9 R) F - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>* ?' b8 q0 o6 x+ Q
- [System Services / unzxzsrs][Stopped/Boot Start]2 l+ s7 M! ~7 ~6 ]# w
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
. L6 T" L- r% } - [ViBus / ViBus][Stopped/Boot Start]/ R1 Q8 x3 D% {1 F8 `7 Q
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
* U( w% X, @( R( N" c - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
) \: d; J+ a2 i% r% W$ W - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>' D2 n! C# O* _
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
/ M: W W, ^0 Y3 g3 c- X: i* r; H - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
! T& O6 i3 t6 ~ - [ATI Extend / zhibmaso][Stopped/Boot Start]
; X5 X8 z D( `- q3 v& W7 W - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
* p; y2 g8 z- M M) w - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
& c7 V- _8 V. S: P - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>7 { Q5 C8 v5 l8 G, j, W. P
- ==================================
# T0 {* N0 z) D' d6 D# ]$ v$ R - 浏览器加载项4 G1 Y: a' i7 @" }8 Y9 z: ?% V& H1 D
- [Google Toolbar Helper] i' |5 y$ A! G( X7 H3 O8 Y
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
# o- [7 P# K7 l/ @& \5 y* q' I - [Google Toolbar Notifier BHO]( L9 ]' l" P: L w
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
C6 o3 A0 v" L/ \: \* i" [! U - [SafeMon Class]. y, r$ F5 K* R* [( `5 Q! y- F, c
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
& u2 D U& ], r- H - [kingsoft browser shield]- c' S- L: w5 T6 J2 O) Z) r
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>. k% U# ~7 m6 D1 T$ Y
- [IEBuddyExtControl Class]# r$ H* z" T3 j' `# n ~ Y$ w5 F
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
a. z0 M) x1 D Z- O - [Zcom 杂志]
: E0 c: Z* \2 X5 }$ w+ o7 i8 s* I( o - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
7 s# p6 {! a# F6 x8 G' Y, s8 z - [&Google]! h- n3 P# l w
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
* z5 X' J$ K1 y( N - [KooPlayer Control]
0 X1 ]$ N$ `+ H+ g5 S! f% x# G0 A - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
: ~3 K& T: G$ p) \/ j! Y' n3 ]7 \ - [Shockwave Flash Object]
& e+ m3 k& x( a; n - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>: N# k! F% L8 s4 c1 Q1 ?
- [KUpdateObj2 Class]7 q. a; P8 g! L9 C3 N/ H
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>* j4 H* W( z) X+ I! r8 e
- [Google Script Object]
7 n: U# s# b O% Z& O* r/ G - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 x0 m4 m6 n0 w' ?/ Y7 g- G
- [EWA Control]3 c2 Q4 H" a2 Z7 |9 p* C4 q
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>& u7 X% W) L" ^+ a \
- [Windows Media Player]' V$ p' I9 e5 m
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
1 d- x: r# e& W1 n - [&Google]/ ]) ]4 q- Z6 L- Y( n" F0 y
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
& T4 @1 y* o3 R - [HTML Document]
" I* I5 ]1 T5 X+ z2 g - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>; S$ y' G2 e' U9 b3 L) D
- [DHTML Edit Control Safe for Scripting for IE5]4 Y" [3 p8 W7 @* H5 g
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
! g8 g. d: I3 B1 O - [RealPlayer RAM Download Handler]
* K8 L+ I9 S: L" K( J" o - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
' {' _* H0 z/ ]( O& k& A/ B- o - [IEBuddyExtControl Class]8 {1 U9 |+ O/ d; z9 }3 x- o
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
4 J# o, Q9 n8 c. l( l0 L5 A% X9 ? - [XML Document]; @" `' f) `7 u( z9 O5 h
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>1 F1 I3 v& I2 Z# F
- [HHCtrl Object]
, r6 v8 v& D9 C6 x( y - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>7 m5 X R1 A, Z1 P
- [Windows Media Player]
( |. q3 ^" o' S4 ~! U8 b) o# k) h - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
- U5 K7 P& k8 G6 w - [Active Desktop Mover]
& E0 g+ P6 h; q3 e( \3 E8 ` - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
( J! W& R P7 k; a) | - [360SafeLive]( j" l. _' y- I% q3 w) ~
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>9 }$ a" z" E0 x5 o
- [Microsoft Web 浏览器]4 |: w& e0 `; V7 b7 k& `+ U: ]
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
1 \4 [' v$ r' O' O* F - [Browser Enhanced Objects]
& L: n: T# \) U0 }- j* C - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
/ }. d* Y1 v# C% J6 I6 g0 y) ? - [Google Toolbar Helper]
4 r8 l8 X# Y1 p - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
8 T( t0 u: } M" K8 M+ k3 u - [Microsoft Scriptlet Component] p) m9 I3 [/ q. D6 G
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>! z, Z! X7 s/ R
- [Google Toolbar Notifier BHO]4 M B. K. e& q {; ` G$ @
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
& h% d* h, y* y8 P- a6 d - [SearchAssistantOC]
- W* C4 d7 |/ S0 d2 s. t - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>! i6 F5 n3 y: ?' W4 W* Z
- [SafeMon Class]# ]$ C2 ]5 }( m4 I3 A& \/ E7 p
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
% `) \& N0 r3 ]& [+ n - [RDS.DataSpace]
4 d/ Q3 C" @% j/ d' F! @8 f - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
0 n8 C% G. T1 p+ @: ?3 ^" a - [KooPlayer Control]- a/ I" }- A# l
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
; f& X' V; C0 P( o6 i - [AUDIO__MID Moniker Class]( v! Q. J# ~7 ^
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>' J( U8 W/ F( e4 m$ _/ ?4 g
- [AUDIO__MP3 Moniker Class]
/ j7 }! I% e' _ - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
- N# k3 g/ `' ~$ I - [AUDIO__X_MS_WMA Moniker Class]
. o% T' D: }3 C8 K" S$ L: f - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>9 Y8 U1 H( a3 d) g
- [VIDEO__X_MS_WMV Moniker Class]
7 U( D6 @4 I4 [' V - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>" O1 r% s' b& a& ]5 e
- [RealPlayer G2 Control]
2 e4 a0 [" \& h5 M* }; P$ X- n - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>6 l% _- Y* Y- l! S
- [Shockwave Flash Object]5 B5 f& O C: i+ N5 Z) c
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>$ V3 @& t. J4 G! G$ A. K% w. o2 ]
- [KUpdateObj2 Class]% h' P0 V' Q% X! ~) i
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>$ d% \! ]: G5 r5 D1 x0 A' C) J# g. b
- [kingsoft browser shield] B, S( Y* Q- d# I' g1 r( Q
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>- U# h" p9 v$ N1 ^' s
- [PasswordEditCtrl Class]
0 B; I; G( \0 ~ - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>9 @' y" ^5 @, _4 P
- [QvodCtrl Class]
4 d3 n# N. X! W* [4 c$ e; B - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
) V6 k- D6 [3 P9 N* J# M - [&使用超级旋风下载]
- \ f) N+ E' @, z) y% B# j5 a - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
7 D. Z. m& k4 p5 J - [&使用超级旋风下载全部链接]1 H# X9 T, T3 c+ \9 n& w7 u
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
/ Z6 F$ p$ s/ {4 g# U+ t* A) r8 z" @ - [使用迅雷下载]
5 V$ o. A: t' c0 I$ _+ b+ H - <, N/A>2 g9 W& b3 i) F4 H! d
- [使用迅雷下载全部链接]
" r5 Q2 ^9 y y1 Z. e - <, N/A>
3 G" c- ]9 n1 e - [导出到 Microsoft Office Excel(&X)] B( [- L8 a) y8 H9 W
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>. t4 y: @: R: q
- [添加到QQ表情]
, m% D. ^) z4 F0 ^# G - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>- N* X2 q' w' o$ |1 g2 G, ~5 q
- ==================================
3 d. ^; p' X' W( i3 ^0 g" r9 b" R4 M - 正在运行的进程1 v" u; _; n+ \& C
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ G, i+ ^- ]9 p, K
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ e4 \8 a% ^. p4 J$ d. h0 B9 t! P
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; Y' T+ G6 K5 i. V+ t
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
6 `& T1 m( a, L5 z% h - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. r( }9 H; m7 T% [2 ^) O4 E( e
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ v E) `7 r9 ]% {+ U- z; Y
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. X( a3 q, E% f - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( f/ y( j) s4 a - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 ?/ P% k. Y6 K! s& ]- n, U
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 D8 |- b5 D6 N - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% `" i$ {$ w _" s; `) r - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
2 l; y8 c9 Y" m( e% [4 y7 x0 u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
* Z* E2 R& X4 i5 ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. i& }0 ]) {6 f: ~ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]' B; i& m m# u0 O5 W
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 j1 X' a, e9 X4 H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
7 n u; e" S1 d% S - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
. ^% f6 K. P. l% c7 t3 } - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]9 ?( G8 e7 C( z2 W* r
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
, g" ]4 l& n) }* X% d - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
; b* m$ x, Z4 L' e1 ~" Z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]% @7 ~' s' P! R: _3 w
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]8 {9 u. `9 A: {) B+ B7 |, k
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]* i, q i, ^7 i' s
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
; i8 m% @: ?' V/ @: Y2 S1 q$ g - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]8 o n* o6 B$ N0 E
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]$ \- g/ x7 U- ?$ X+ `: K
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]+ D$ v3 R) z# G' j7 Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& p" H: ]% U; H- h4 I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! P- _; [* `: R - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
/ C( E0 Q" [* j; w& V - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 n% h$ S% R8 ]& ~, [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], c$ L, K7 _/ B5 }. {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], A0 R+ i2 g+ _6 P4 g' |
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]6 a+ X7 N3 ?% o; e Y# y' t
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]/ x' H3 B. u; e) o
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
' D( Y4 Q [+ @; R5 Y j+ I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# q2 N4 u, \7 R/ H9 j7 ?# d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* ~- y/ x) p. C7 C' @" m# E1 H$ }' Y
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
9 B8 y' W2 t! o/ p - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]/ d* v. q) _* Y. k8 v
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]/ p4 p( L& B1 o1 B' w) C
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 W$ X2 [& U" U! [# D0 ?6 [5 m - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* i- w0 Q& A4 g! h7 A
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
- H( U- X4 J) E+ c - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 g/ G+ e/ c: b - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. M4 {7 ~$ [8 B y
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
3 M& a# h1 q K" u - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]7 l8 h5 Z" g9 G |
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; o3 J6 r" Y6 J2 G2 u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
}$ A/ s4 y/ O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: J. J) x+ U+ a6 T9 A2 F4 F
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
5 K5 u1 w# ]3 {1 {8 q9 Q4 N - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]" N( ?5 x" R- e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]# Z- O8 ~% I z. I% M: f( C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
2 {5 c1 W& T, Y$ V4 Q& ?( S% U - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]" W- e( K1 M" Q$ j [0 ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]' v1 @7 `4 S: g; B# |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]/ E- J4 C! b. o
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]- Z6 b: b3 v1 L% d1 l. f' _' m
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]0 m( `0 F1 L& G: A
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]( L4 O4 v, z: l
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
) t, ]6 y( A* g+ Z - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
2 w7 b9 O& D. [/ I4 K u$ H1 U - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
4 v3 W/ G3 i9 b& r7 L - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
; ?1 C4 t- f/ j - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
5 F8 \6 H/ k: j - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
5 p/ ~0 e# [- G$ j8 }0 T5 n - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]8 y4 d( Q1 |1 Z$ V1 r! q+ j
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
+ a" ^6 @8 g! a# n - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
$ m& K/ A0 Z' l4 r - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
5 d$ @- N( I0 F1 ]; v8 Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
% y: {- v0 g* |( g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 {: Z- w$ [- M9 j1 a
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' f0 K% ^; \/ j) c5 |+ p
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]( [2 S4 D, \. Q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]$ _9 p9 g* R) ^ [" u( ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) w: ?0 W0 D1 ]# U, h+ T+ P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! Q2 ^, Z' a! h1 b$ N) M7 | - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]& K4 g) D: E; a) s H+ `( _0 `
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]# G$ K/ O5 i( O* ?5 ?
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
: M" C) Y2 x7 v& H - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 Q' Q. q& c+ U( B1 D) d- R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: L7 z4 Q1 |6 N0 a& Q' V. L% P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
9 \% \" b2 W: U0 O7 a9 a - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]7 `5 B# f2 G6 {5 s' L
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]& @. Q0 A: w7 e- ?! d# }6 T
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ C N9 M m) P2 q2 [% O$ u0 K- u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ e3 ?5 `4 p h# a9 Q$ D1 D' k' i. _" ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ D3 y& K" g0 [ o+ i - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0] \8 w+ W/ _; A7 p- I: \0 z# P
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]. n) {3 G6 Q; v
- ==================================
- L3 F. S$ X) |$ v* r - 文件关联
& p1 A, e2 u8 R7 [& J) N - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
, K3 F" r4 }8 \ - .EXE OK. ["%1" %*]9 T' N; }- O& i/ x
- .COM OK. ["%1" %*]
A' l# T+ j* B4 A - .PIF OK. ["%1" %*]
' [7 ]: l; g3 d% | - .REG OK. [regedit.exe "%1"]
: b: U3 }- v8 m8 E9 z - .BAT OK. ["%1" %*]" B1 L" M% x8 O" ?
- .SCR OK. ["%1" /S]$ T; P5 T2 M; C6 J3 v$ i
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
* Z; l: V' c$ t1 ^8 x) V, O - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
7 S) R3 y' |# X8 e( u, T - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
1 h: _$ y, ?! ] - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]0 m% F ^8 ~8 f& v, T" N
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
. o9 T ]: U: k6 y8 U* w - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
: h3 m0 Z* I) S* c# f3 E% ~ - .LNK OK. [{00021401-0000-0000-C000-000000000046}]3 X( k3 o) J0 h/ }# g
- ==================================
! S& v# Z5 `* r0 G2 X- F0 Y - Winsock 提供者 w, F0 t% V' @$ M2 e1 U
- N/A
) \2 W8 U9 I* b1 ?8 U - ==================================
6 L/ Q7 X" x% Q3 D4 Q( ]# ~ - Autorun.inf/ I3 g, ~' m8 @8 w
- N/A
1 H! `$ p [7 ]$ l2 _ - ==================================1 s$ d2 b, `( o* d
- HOSTS 文件6 R2 O" T" l9 d) _( {# c1 l0 H+ m
- N/A
% |# H' V( k8 R4 j D - ================================== [: s/ h" w! P& D3 m0 q# h" Q$ u
- 进程特权扫描& c: L( \2 L; a
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
) u0 }4 x$ |# \3 U$ q5 `0 U - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
7 g# D$ U1 {- P! D4 N9 ? - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
$ B9 _: ^2 U0 ? X3 C - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
4 {+ D7 Y& D3 }; K- P% O1 e' A/ T - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]: w1 [2 k% L/ F
- ==================================
3 f, ~4 w, h; h7 m) K+ ~' P - API HOOK
2 e6 j- ]! E4 q4 z - N/A
: o7 X4 Z' |0 t7 z3 s1 j - ==================================
# j/ ^2 {- @2 r9 o+ _" |' f; u - 隐藏进程/ @8 _/ _' Q( j$ _: f- B/ h
- N/A, [0 ~4 r/ i3 _# {1 G; q1 u
- ==================================
+ g3 h3 S# B5 G9 j; v3 ?
; w# Q' {3 W4 T- X% \
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
