|
|
- , z: v$ C7 o# C, o# r+ I N# n5 F4 I
- 2008-05-22,20:37:43
' b( h! {* R9 |: x p4 [ - System Repair Engineer 2.5.16.900
5 O6 I. t2 |2 `! y4 G- h - Smallfrogs (http://www.KZTechs.com)
- D% s; M+ Y5 v; w# M7 u - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
3 Q& Y% K" p g" ?8 p - 以下内容被选中:( [3 e B( P+ h7 ^
- 所有的启动项目(包括注册表、启动文件夹、服务等)+ ^" I& Z- W6 E: A4 {
- 浏览器加载项
; d1 }1 M* I4 Q" W0 m - 正在运行的进程(包括进程模块信息)
o/ e1 B( ?0 g4 T3 N5 Z( q - 文件关联9 u ?6 W. Q8 W" Z, E
- Winsock 提供者
% L7 D8 N. ]( N, [$ ~1 C- _ - Autorun.inf: \4 ~+ t8 ]$ L0 ?
- HOSTS 文件% e: }1 c8 Z' v6 G7 ?( H3 H' p
- 进程特权扫描9 I! s$ C0 o1 m3 P4 F0 I1 n
- " j( K" [. c" G+ b& c8 c" F
- 启动项目- @! N+ Y% D2 Q* S o
- 注册表/ @9 ^" c& ]' ^# Y9 f7 L/ J. J# b6 g* _
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]3 B+ f+ J0 V0 I
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
3 k Y7 p( R$ s% \& z4 A0 A! e - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]; t* u! f. G2 v H( W! q) g- l
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
+ F, n9 x' j6 @, P$ T! H - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
, W. K# T( \. a - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
% r6 K, C' \4 x: j* L - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
5 I# w% w$ v* @" R - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]: |3 s/ | U6 l9 r
- <PHIME2002A><; > [N/A]2 }5 X9 r* q! H, S# x
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]7 T0 ?5 u: N) l! h
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]- m+ U# V: `! E
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
! D1 m& L8 B$ \, r - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]6 O. R- r& Z+ i) V
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]7 p5 b; N& x* w5 M k3 n8 @ ? D2 u
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]' }: F0 p& E7 `, U
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]6 F8 g: `& E' e# ~% ?7 |# z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]- z- Q; C5 N/ f) F0 M S2 a
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
) m0 E* ]& \! _$ n+ W( b+ i - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]& q# v9 m5 n7 h3 M0 A( V
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]* T! o& ^% s7 H% _9 {& Y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}], p) Z7 W7 D) g( W! d
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]0 c; w$ d) f; \. v6 |
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]) ^5 ^ x# ]2 e8 c* g
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]: X: v: ~* e. S8 j h
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
- Z) G0 c) t9 N/ y7 e3 t - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
" \" C7 s4 `9 I( r: [ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]) E9 y K L( |! b: M; g0 u% [7 m
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
1 p, s* q q, Y1 j9 J6 R - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
4 G' m D9 u, r( ]- g - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
7 i* N" S; y$ Y( Y& z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]7 |" J' E( _' ?$ t
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]5 J. W# Z9 y3 S9 n
- ================================== F6 B8 g6 a6 u6 S8 v+ {
- 启动文件夹
# d9 d& H, Y! P/ @3 P - N/A
8 v; v5 n* k$ p8 i Q - ==================================
9 D/ u. c: V1 [' e! z# j - 服务
8 K' S h2 i* i- I( t - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
5 D. A7 V) P( j2 e& z) v- Z, C - <C:\WINDOWS\System32\3wareSrv.exe><N/A>0 j+ r+ W; h" D
- [Google Updater Service / gusvc][Stopped/Manual Start]
0 O& a7 C1 c% M m5 h - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
' L4 R" x9 U) e' d3 z: T% Y7 R - [Help and Support / helpsvc][Stopped/Disabled]
u* [; x5 } m( k& ` - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>- A9 N; b8 h! B4 t8 N
- [Human Interface Device Access / HidServ][Stopped/Boot Start]# K0 E7 V% h' `6 O
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A># |; E$ U3 p% B' r
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
" F; V/ \/ g; {+ [2 _& v } - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>) S) o: I& W* L0 @" H
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
. c W; a q& {! g1 i9 p - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
$ U( e* O! } v2 u% D+ C: N& h; L - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
" H& | W, P% ]0 y, S - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
6 F, j9 k8 R. ~3 Y7 E$ _, C - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
' j, d" Y$ c; \* |& Q6 Q - <><N/A>
- g; F( w# j+ C2 S/ \3 P! h - [Qvod Terminal / Qvod Terminal][Running/Auto Start]- R4 H) M; Q0 Z8 y0 @, b: M# q
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
! L+ F5 @) w/ a* A/ k! @# T - ==================================
, ^) { m% |0 q% |0 t - 驱动程序
; c' Z1 f* k2 l - [22j / 22jn][Stopped/Boot Start]& P1 m& v1 P% z4 F# U
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
7 C* h4 h" m. m" b5 ?( } - [360AntiArp / 360AntiArp][Running/System Start]
3 A. e) U" c0 d% G# j2 n+ w - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>, ?# x6 x* @% N# I4 l
- [43ec / 43ecu][Stopped/Boot Start]9 g0 ^7 Y1 F7 R, I. a: X
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>) E w6 A/ G+ u+ D3 C6 p
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
# J/ h" f7 h8 }' w# T7 x - <system32\drivers\ac97intc.sys><Intel Corporation>
) c _5 D* u8 [* T+ i, F! ]% h - [Promise driver accelerator / bb-run][Running/Boot Start]0 L3 R8 U6 S- N# }+ t: x8 v! t2 V7 Z
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>- z) @& T( s8 t i1 O: b* s, }
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
1 y+ S& L( {: Y# {' P - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>8 B7 p- \5 X4 [# x
- [KAVBase / KAVBase][Running/Auto Start]
5 {. l3 K, y' q; T" J - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>2 {. k2 v, T6 k# S: u: Q8 l
- [KAVBootC / KAVBootC][Running/Boot Start]- `6 u6 z( U4 W& N0 ~9 \
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
; i9 ]+ |( @" B' u0 _/ e - [KAVSafe / KAVSafe][Running/Auto Start]
$ I- G- v _+ D: _7 l( a - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>7 L* U% o) R- F5 {( L5 a0 b' P
- [KNetWch / KNetWch][Running/System Start]
% I" M6 W4 k) ~* ^/ R - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
: t* k: z5 { o: H. H$ V2 t - [KWatch3 / KWatch3][Running/Auto Start]
U3 J8 H. D3 k: u7 G3 M1 ]2 z - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>9 {2 m- M5 \8 ]+ f! L
- [ntptdb / ntptdb][Stopped/Auto Start]1 S3 k5 A5 j3 O/ s+ K
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
/ A' q* N( I2 [( A7 H! ~ - [nv / nv][Running/Manual Start] g, Y/ |; J5 P I8 d
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>0 i# Y2 ]; h y( R' P/ p% d
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]* e' s' ?- w" D' g* T
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>6 t& G- E t+ B2 R" Y$ ^( N' z4 J
- [DDK PACKET Protocol / Packet][Running/Manual Start]2 W o5 f8 j2 t* {
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
2 U' i; M; L A* ~4 O% e" X - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
8 {5 z. B- d" `- i# T; [3 ? - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
& t! T K) f2 a! a1 \ - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
) g+ j4 Z/ \: v - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>6 z; z; I. @1 a7 C6 D- i; h
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]# H" r! G* y9 Z* _* _/ i/ w
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>9 U, F3 e1 v& Y+ Q$ }
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]7 F0 d. Y9 {& V& g& e
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>' ]5 [0 e3 A* W) ]
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
2 N8 y; {- d/ C0 Z - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>, S- ~. T' }. E) T7 Q7 G: s1 C
- [Secdrv / Secdrv][Stopped/Manual Start]
) `" w3 f) U& N) r2 W0 e - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
. x) t( v+ [" h* c( } - [SATALink External Device Filter / SiRemFil][Running/Boot Start]; j9 S: Q* l+ b7 F9 `
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>3 T Z M A. D! R$ T9 \0 l+ L
- [System Restore Filter Driver / sr][Stopped/Disabled]
7 q, Q1 n6 k# m - <system32\DRIVERS\sr.sys><N/A>
# Z9 N4 u0 v( J$ ?5 e W1 S - [TesSafe / TesSafe][Stopped/Manual Start]
# I/ a) z! b6 K& W0 Z. _4 r - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>; y- C' G( X6 G+ @$ }! c
- [System Services / unzxzsrs][Stopped/Boot Start]* ^$ y, B: {+ l% ]3 C
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>% X; C: U, u2 Q% W9 J0 D. W, ^7 @
- [ViBus / ViBus][Stopped/Boot Start]% |( `& i0 D, G: o9 l' N& |
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>7 j. K' T6 i D5 l
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
( J) f5 `4 K. E: S - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>+ y6 V2 r X, k7 N5 ~- r5 r! F4 l
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]( ]7 V9 y( n# y1 S
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>1 N E5 Z- Y7 q- o, e& {
- [ATI Extend / zhibmaso][Stopped/Boot Start]
: [. b) _% z) P* R) O - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>5 q% A9 w5 F6 \* B
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]* V( |4 n% D! }: @2 h, b
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
, w9 k5 b' U" o* [8 m: [/ `$ K' t - ==================================
# ? z' [( A- D6 u - 浏览器加载项
2 O; s3 W4 K/ Y. ^+ W$ U0 ? - [Google Toolbar Helper]
6 b. T: |! Y: @ - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
$ d) w' I% U1 o! {1 c3 n. H - [Google Toolbar Notifier BHO]( w4 q( }. w* r0 k
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
2 |' I- z. u7 Q3 g0 S - [SafeMon Class]/ \: V7 Y; F" w' R2 h& ^$ y4 I8 ]
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>6 R: V1 v8 S; T6 l% C4 Y/ V7 a
- [kingsoft browser shield]
( u; p: S9 o6 i+ k$ {' T( Y- h - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
2 c9 s) x5 d' m" V8 f: o, m) \9 c* \+ s" K - [IEBuddyExtControl Class] `1 E6 _6 a6 m/ Q
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>3 N4 w( U0 [$ e- m4 y
- [Zcom 杂志]3 d+ V$ A; K* _! r
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>+ H. H( V( x4 D" G, z3 [6 Q
- [&Google]
; n7 O6 Z% P: @4 b+ ^, m - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>( W' W! S' E; Z0 H. |! S2 R
- [KooPlayer Control]
) f' D7 I* m: Q: Y/ W - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
8 Y' e2 g3 X; `, J/ a4 `$ ^: h+ }2 ?" G - [Shockwave Flash Object]
. s" X* q0 q+ u3 Q. T9 b - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
1 [3 P3 H4 s$ g - [KUpdateObj2 Class]
% r) A- v" d5 B9 k) T' X - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>9 D/ c- ]6 h" h0 ~9 r @
- [Google Script Object]
4 S9 i9 V7 \4 R, I5 [7 f" | - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>0 j# a$ v" V' I: U' ?/ v
- [EWA Control]
: i# Y2 u' t$ D9 ] - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
k" O& v; J, u - [Windows Media Player]
M# ^3 f) J; [! X4 t - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
f6 k1 i4 e! U- L - [&Google]
* g5 |* l6 D8 P3 }5 B - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
5 J/ f% [( ~" @( z6 M - [HTML Document]' `8 i; q3 [/ A- U" X5 E! E
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
) B% f# n8 ]/ w# v; K+ T - [DHTML Edit Control Safe for Scripting for IE5]- p N5 F) t' L& g
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
1 l7 L1 m) ~4 z- o5 C - [RealPlayer RAM Download Handler]
# P" F' U0 D: x1 ]8 b0 l - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>3 f( \1 |+ f2 p4 y) W
- [IEBuddyExtControl Class]
' X3 \" U0 Z0 Z4 J! i - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
: P" [" H& z! f) o- M8 m( {% o - [XML Document]
) ]1 f8 x% |) g+ G - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>; B$ p: Q8 N2 D; M
- [HHCtrl Object]$ I9 G" B f% i
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
5 l) G5 g7 s7 W/ h$ S' \6 i! V& p& w - [Windows Media Player]
x) Z5 h7 _+ r+ M - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>7 n( j5 c0 o5 P6 ~5 ?
- [Active Desktop Mover]
* L) d& ~$ Z0 g1 ^9 t - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
; z# g+ z. P2 T- f$ c. n& `2 C* c - [360SafeLive]
! U7 O3 v' ?2 l) j" z - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
9 u, _5 E" h" B: o& ] Q - [Microsoft Web 浏览器]
- O# i& E8 ]/ Z d5 u! }: Q - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>7 I2 \! I7 ]3 Q0 F2 C3 ?
- [Browser Enhanced Objects]- z5 ^" n: G+ c
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
, d7 ?* O; t, j& c: ]( [ - [Google Toolbar Helper]
8 v0 o5 [) @! V0 q9 X - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
1 G, t& o" F6 U - [Microsoft Scriptlet Component]' u: e: N! e, p! E
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>5 x6 I5 m3 Z7 r# q
- [Google Toolbar Notifier BHO], X7 @8 m# Y3 s6 C1 q
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.># P6 }. u0 {; i+ B
- [SearchAssistantOC]
4 z- ?5 f/ k; Z/ M% c& p - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>4 [! x$ h2 \! Q' Y
- [SafeMon Class]
' P8 L g& C. k+ h! P - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>: t% O4 m$ C4 r) H6 x( i8 g
- [RDS.DataSpace]) K7 J: [$ D. {* n+ @
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
9 I/ ] S# |2 o, x9 N. b - [KooPlayer Control]" O& E- p: ~( d( {! t+ `+ R
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>7 n V, g0 o. {1 ?2 B
- [AUDIO__MID Moniker Class]: V1 j+ k' J0 r. l, Q
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>4 E) } B) t e7 J1 e" X" E/ R6 U
- [AUDIO__MP3 Moniker Class]
! b0 F( ?9 L* y3 q9 j7 X( w- r' |3 H - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>' v+ h" V* p* _+ f4 ~
- [AUDIO__X_MS_WMA Moniker Class]
8 p% B! K2 K4 t: b - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>1 S# F/ z" B' Y" J+ m: S" B
- [VIDEO__X_MS_WMV Moniker Class]3 L; l, h, R4 z" H
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>: V1 H6 U0 L2 k0 _1 H
- [RealPlayer G2 Control]8 D6 J( D! J. P! l. ~
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>' A' q$ `8 T5 g
- [Shockwave Flash Object]8 O' M8 R( F) a
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
9 ~% A; `+ W# i( n; }4 a/ [ - [KUpdateObj2 Class]; J% W5 T) y: I' O5 ^3 b
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
- W+ {/ `! ` ?4 ~' U - [kingsoft browser shield]4 M; Q% j3 j0 g* c. {
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>/ _2 D: ^7 \. v1 |
- [PasswordEditCtrl Class]
! t, N/ J9 I. d* _4 V - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>; e! ?+ R: r5 X: A- Q! i1 Q
- [QvodCtrl Class]' R5 c* ~4 I2 A4 m0 J% h) K& Z$ k; D
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
( [+ M+ N* C, d+ r. { - [&使用超级旋风下载]
5 j7 @0 e. P/ X( k! J - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>4 \$ Q6 R, { c+ G# p
- [&使用超级旋风下载全部链接]( X6 B8 p% b+ O
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>/ Q" Y+ ?& } H- a, L) A8 |$ P
- [使用迅雷下载]
* s9 Z% G( o, g, W - <, N/A>
9 t6 N5 c+ N' v# Q4 w - [使用迅雷下载全部链接]& d& p3 c- w2 O
- <, N/A>8 ?; N, o1 G" V' G- l
- [导出到 Microsoft Office Excel(&X)]
0 V' {' S& y4 ? - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
3 F/ Y: h% C6 |/ `% S1 T - [添加到QQ表情]1 }4 A7 P8 }4 M& p. u1 \, S
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>8 ~$ a$ m' r B' ^$ ?& _
- ==================================
9 _/ z" |+ V% g- I# {/ V - 正在运行的进程
; a! f5 L3 \* r! s. u - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' q& e ~: V: `1 l3 M5 n. [9 Q
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" a5 G ^) h7 V, w4 f$ I) H& m( r- E# {) \
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 f0 W) k2 [3 B; ?6 [% \ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
4 N9 T+ B3 P) r+ i! B - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 c% c* l' e; d: T/ l
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 G- Z e7 P% `7 C1 L - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], a1 F2 z( V# r4 t
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 u! U y. B8 l8 X6 V3 Q
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 D3 S$ W3 ?. j6 Y - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" v/ s! p+ k6 i6 r - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# T# ?1 }/ q* s' p0 t9 ]
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]0 z0 B: ~7 X1 \3 q( v9 T7 D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
& S' i6 K: E) b& U% j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 _0 u, I e' l/ U! [$ d+ F( L - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)], D, ?7 Z, y2 G9 x2 ^
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! K2 M0 k2 Q$ e% E7 O6 H/ r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
- T) p! R, f o - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]+ K) c# }% L$ @1 h1 A' u) W
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
! a8 W: h8 t% \& T. e6 q6 I) T - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]7 N- D6 ^9 W# f* W; B
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
6 T1 h7 G$ i3 p' u8 l - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
b" K$ \& |+ R$ @0 V - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]5 M0 \; u) x4 |+ g7 C6 r
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]; U) n5 R7 e7 B' z9 ^; z0 m
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
2 W4 O/ {1 j& B% q" I - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]( ^) }- g# t. a- ?! D/ |& l
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]7 l6 v% l0 Q, S/ J# k( o9 R
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 p& R" S& P+ F- B7 S8 W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( r2 H; \- j+ a( |8 p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 j" h" S7 {4 N+ K% b0 o
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 m& q7 `7 x9 @! Q8 Q - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ K$ L; g+ D2 |0 [& z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& I- I5 V. t) E3 Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 N" U" o; k1 w. s' m - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) U9 l& ]6 h k6 C+ R* O. }7 U - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]. J9 ?9 f' D7 o% u9 Y3 E6 q; m
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
6 X/ @, S+ L* k! { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& c+ C& j7 Q7 Z: P& g9 i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
: i* Q$ @5 S7 v8 U* V, j$ V - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]- |4 C! S6 _: p8 q2 d
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
. |+ z) O- f& h8 j7 U B6 B4 M - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]( C I8 D- ]. m, {" T5 L
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
& n$ m* ]* W) `/ y1 E7 S - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 b Y- V1 n! _
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]# \$ B2 M) U5 G: X
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 O( \/ G' }, X: m6 U1 b! Y - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 N8 q p4 r' Y9 Q
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
' j: L/ j& S4 B1 ~2 e* t- Y( w - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]7 s5 T+ F7 g2 v% d2 Z6 {
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]# i( D. G5 b# q; C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 c7 u( _5 ^1 [( O) g1 H: F - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; M6 D, ~4 g5 q3 F) W: j) g - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]9 p0 R' l: I1 C6 [* R: @! `
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]* S! Q% g! S' o6 M" h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
( v7 ^' Y) k* R( Z3 k# Y2 W/ q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
; F7 @5 b- {, x. v( q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
4 a1 l- E3 p$ N+ r8 b0 g9 P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
( J5 x& }& i4 d& ~4 d1 q) E+ q& w - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
w. E+ p6 M) Z- Y0 @, a - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]4 v8 \0 d" @6 I! L3 g
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
: k" |% Y8 z1 O2 W, }5 U - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
; D# O1 j$ p& ]* [ - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]" S$ Z9 r$ n P; ?
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
- F- u& V$ z# N1 C+ ~ - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]8 T& T/ u' o+ L6 r# E- ~
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
Z8 J; J, M) Q! W4 J - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
/ M* @0 o4 B) p' k5 k: @ - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]( \: M7 F9 O4 q2 J) T& i
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
7 B @$ L Z: s/ m: B7 i* j9 r: R' O - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
, M' b0 B' P3 ^# E; T4 t - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
. ^! i6 R" [1 R n8 ]5 P2 s - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 ]" E8 U6 _* N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: Q/ j$ l/ e0 b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: {1 J- d. G% k- [8 n. ^
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( e$ G: M+ W) L+ O# Z
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]5 n$ |! b" g5 R. A' Z' {
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; }% @4 F4 z0 T0 J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]% m& f7 K4 E1 y/ H% _! h6 _. a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 ~% |5 @) c- h; i7 k5 z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" O/ C" @: Q& ~% S - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
" x/ ^9 r% R' z& {. K2 j- x - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
! Z% J4 F4 d2 C1 t* U5 v3 j* M - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
; q2 b0 A0 ~$ L( W) R/ c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] e: _0 D& B. B+ P. L% |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], P7 \# p2 W; O; n
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]6 z9 y8 k& T) C9 v9 l
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]( }* `9 }* r) Z$ d, T, B9 Y% M
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
, z0 @; U# ?% k - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]8 k" ~3 e7 X' u# B3 Z) U- V# O. l3 S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 G7 }- s7 e- |- O- `4 A( u - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 ~( I+ Z$ w( I& m1 |6 R
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
2 O w+ M& V9 i1 j - ==================================
0 N9 i% V) A& W) L1 H3 J% b - 文件关联
: C+ e' |4 S- H- E0 I" |# N: R. r - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]( g& J* q- L3 c; @/ t1 `9 |8 h
- .EXE OK. ["%1" %*]2 I$ r3 H+ Z+ C R
- .COM OK. ["%1" %*]
1 Y* C4 V% _2 B - .PIF OK. ["%1" %*]
2 l' {. D; v2 ?$ Y% q5 a! B - .REG OK. [regedit.exe "%1"]
% P, ]; X$ P3 {- h" c - .BAT OK. ["%1" %*]
) t5 r, O+ m7 M - .SCR OK. ["%1" /S]/ \3 j* o {/ Q' g. V6 ^
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
+ G, s8 [9 b/ C, v" W3 I - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]' E. Y& [% T3 x
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] D9 J9 |6 S% r! w
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
c, h& m q+ V - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
1 g1 L' Q9 @& J* w1 p( X - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
2 w. V0 _9 L! W- e+ Y3 a8 Z - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
) z3 e( n* y$ g9 R8 }9 l: m9 j - ==================================
. b$ T( D# T7 @# }4 u1 m2 D, } - Winsock 提供者
* B+ ?3 M* F) t: @ - N/A2 \# y7 T1 t! f( Q
- ==================================( ^ p0 ]8 \: m- u1 n/ w( W$ s; f
- Autorun.inf+ ~3 l. p2 h& z. `$ X4 d
- N/A
/ S& ~! T$ Q4 S4 P; u, F& a, { - ==================================
" ~7 b4 f+ g/ |, z0 [ - HOSTS 文件/ K; B% h) x$ P
- N/A0 {; t6 T! E/ A8 g- U) I. ~7 @
- ==================================
: r* U! H0 {) H' ]- e! I - 进程特权扫描
" u4 D' q( |* p* a' a5 l+ F - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]& X3 g0 X1 c e E, r& `; L
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
' w/ E) F# t2 F' p - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]: }& Y" Z. r! d
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
4 I5 w# D* j) B! m: ]/ o5 s8 s. N - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
5 E3 K$ j' V, ~% i3 ?+ p3 W5 U" E6 v - ==================================
! s: b" y7 u* p$ U' x5 J7 X - API HOOK w* B* g# ]. \1 y9 r
- N/A
. `( D1 s' C8 Q3 ` - ==================================
( t% O9 O4 p6 u u! i8 H - 隐藏进程; s/ v/ S$ ^# C: ?3 f% q7 _" c
- N/A5 }! o8 z/ B% A$ p" x
- ==================================
% c$ l3 j" e- t5 f. y
) k, r1 q" T$ a6 s1 X
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
