|
|
$ ?; l n4 e$ S- 2008-05-22,20:37:43
# E; z: S3 B$ G, G# a) c8 s- u - System Repair Engineer 2.5.16.900
% B" O- P* J! o- J* b" G. f - Smallfrogs (http://www.KZTechs.com)
0 q" ^: A, y& n- }; I p( S0 T - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能6 B7 @5 J5 C3 r* f: O- K. e
- 以下内容被选中:. V# |. m3 t& f. H
- 所有的启动项目(包括注册表、启动文件夹、服务等)
; a$ F1 D' Z- ]4 d& @# q. E - 浏览器加载项
) s; H! {% o* S5 F% o$ Y - 正在运行的进程(包括进程模块信息)
8 V5 h( F: Z1 R6 C - 文件关联
$ l7 `- N7 {' \1 C" T! z - Winsock 提供者! G- l Q- ]/ a/ B
- Autorun.inf6 h) R* Y, n8 |. Z! v3 `
- HOSTS 文件
1 L% J) e3 t# O' x5 | - 进程特权扫描
: c: d7 N3 a. @9 m, `* I
2 F. h% G7 K4 `# P3 T, {- 启动项目
/ H; v8 s) D8 _% z' g - 注册表
- s$ n& A% c1 C+ ]0 h. S, L - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
2 O) v, U5 B7 Q7 m, S - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
( _- H+ P! p5 {# F8 |" o - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
- m- Q" i( Q* N' q - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
& Y2 y q0 y8 u- G, p9 z( g- w - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]7 q: T2 j3 T) u) q) W& u# u9 s ]
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]. d2 q5 Q5 K; d) f! W. a& S
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
5 \* s% d" m6 ]! Y& M6 r( Q0 o: | - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
' |0 U" N1 u& s# _6 z) i - <PHIME2002A><; > [N/A]# ]. f g& B+ e- Q" `
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
1 R. c) h( |5 L; s0 t2 B8 I - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]# x5 H# L5 p a
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]9 j0 h7 @- W. h
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]* {, A2 s8 \; H, c& q% F8 L+ H
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]. E1 I4 M7 Q% A6 R
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
& I: D% G, T# c x- V' j - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
: T d! @- V0 u. j3 q1 j* `7 |) E - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
; u9 d8 m M1 d3 { - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]' h. K/ g& O* q* f) p6 n5 y- ?" O
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]; C6 f% ~+ z7 J& N
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
" z1 l& A" S8 f& m! e6 Y1 f - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
$ u4 B+ c. `1 b! J3 Z - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
! Q6 A e' }; l - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
1 X. Q/ O5 e# z/ q; _& i* B7 q - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]( `% J: V" @8 \) C" O3 ^$ O4 b: \
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
. k/ `3 C- u/ ]. m7 g S - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
1 k) }) v3 _8 u# x1 X* {' a- V - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]; T% ]- J0 A7 I& Y7 O4 z$ V
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]; m) G% z8 q2 W( y7 l4 E5 B) v/ a
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
3 c( B! w! y8 N - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
1 r2 I$ p2 b# y+ W* p( v. ` - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
. ~" W) V) V2 ~( z$ Q3 ^) w - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
_6 b( z4 Q& Y8 u! N/ x9 c' x d4 a - ==================================
/ |* ]6 T/ G i/ o9 \ - 启动文件夹2 [4 A% s& Z3 R7 V' L7 x1 B O. v
- N/A
; s2 L( p4 u8 J8 G, ] - ==================================
, B6 y/ [/ Y4 p% C - 服务
( a- o D9 L, m( ]5 C+ i - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
; c5 j% p: ^& F: D% ` - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
3 g- T U0 ~$ D' c - [Google Updater Service / gusvc][Stopped/Manual Start]
* Y+ m% @( F5 ?" c5 ~/ u u: }3 z - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
7 n& p, w# R: J - [Help and Support / helpsvc][Stopped/Disabled]) n$ Q+ _! e" X3 \
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
* s g. x; h8 I' N1 b4 ~# g - [Human Interface Device Access / HidServ][Stopped/Boot Start]' `, P ^; l; e0 |3 l- P
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>9 m j9 W& ]# }) v
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]- f; S5 g- n" }' Q, l9 e: {
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
7 F# b6 {' Y/ h7 K; n* c - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start] G7 F4 h6 m# \
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
5 T! c# B2 p7 Y+ Z: x+ l - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
- B& \7 E2 ^' S& u1 y - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
1 x! q% J7 V1 \% z$ G9 r - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
7 u( N4 s* I0 N* _- } - <><N/A>: Z+ J* w& e) t! u4 c/ p* X! r* Z
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
+ I( s; m H6 g1 j6 B7 m - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
7 `9 Q/ D- r6 O3 L; X' l3 D+ d2 ` - ==================================
* G7 o5 m4 z( L' J4 b; G3 _ - 驱动程序
4 I Y7 R( e& ~. E$ G2 c - [22j / 22jn][Stopped/Boot Start]" _2 l5 j ~% p; O
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
0 S' }5 s* s( p- b6 b3 v/ Y - [360AntiArp / 360AntiArp][Running/System Start]
$ l; D0 U; q2 L - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
& h: v6 Y, ^/ d/ L7 J - [43ec / 43ecu][Stopped/Boot Start] T& S; A* r* s3 z
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
' f* ]0 G; `( u4 l Y) b - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
) y5 j: f r! {8 @5 y+ p. X - <system32\drivers\ac97intc.sys><Intel Corporation>
4 m& M( k% w m: I6 w, c - [Promise driver accelerator / bb-run][Running/Boot Start]! c( `2 c& Q a/ ?3 ~+ u
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>% x0 x6 [2 B3 ^1 L
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
9 U+ E+ [& b9 A7 L' k1 i. r - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>3 d- ^- t, a0 D" ?2 {; |
- [KAVBase / KAVBase][Running/Auto Start]! l$ d" \& d& s9 R
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
% K! }2 q) t( A; a* a+ N - [KAVBootC / KAVBootC][Running/Boot Start]
1 D# y+ O8 Y+ o) ` - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
2 t* v6 q9 y- A$ ? - [KAVSafe / KAVSafe][Running/Auto Start]+ B7 m& `6 R2 U; \$ o
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
5 a* V& t6 c. u* F$ O0 ], k - [KNetWch / KNetWch][Running/System Start]
. X5 P1 i [6 h3 I- w/ y - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
' E! S3 f) g! u; P - [KWatch3 / KWatch3][Running/Auto Start]
8 J% n' ]$ v) Y8 y2 o - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
/ E, Q. u( C. a$ l: `. A2 r - [ntptdb / ntptdb][Stopped/Auto Start]
% N/ w, L4 T2 B; K/ m - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
3 l5 U7 Y0 {! O( P7 |3 ` - [nv / nv][Running/Manual Start]
# {6 {2 O6 y2 C# A - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>1 l* K% Z" k1 R+ i" d8 w3 _6 z+ x5 d9 J
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
6 N# |# g# d' R. p: F- h - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>3 t! `. C! l6 N
- [DDK PACKET Protocol / Packet][Running/Manual Start]: k q0 J# |, N3 \1 q$ v2 l
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>$ p' Z9 q% w) K
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start], J% y8 m- k7 l8 w/ ^1 o$ s( P6 U% J
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>1 t, R0 e, z8 R8 k6 ^5 m* z. C$ G6 J" w
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]' [) E6 G f& {( |, q3 F: ~
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
' h, G7 B2 P1 q; _4 Q" t/ v" {. \ - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
, T8 Q5 c5 b5 Z1 ?9 t% y6 s5 b$ f - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>; h- v4 R8 G: A* b- L3 ]) @
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
* F1 { {$ m- \! s' v# H - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>3 E" h! D! |, `3 q- o' h
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]) d1 T1 }& E; N" A4 o
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
! j0 N: W% Q3 f* Q - [Secdrv / Secdrv][Stopped/Manual Start]8 e1 z9 ~3 X" i u. f
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
% c O" U: d R; Q& q - [SATALink External Device Filter / SiRemFil][Running/Boot Start]7 c) C, M3 t: h' q5 a5 O) R
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>) Y, U5 f- l2 t2 ~) C1 S
- [System Restore Filter Driver / sr][Stopped/Disabled]
7 M/ w- v6 u" m! ]& C - <system32\DRIVERS\sr.sys><N/A>
C0 d# D6 k7 d, E, s" _ - [TesSafe / TesSafe][Stopped/Manual Start]
2 q t9 ~/ h, ?: z - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
( X# `/ T& M: `, }0 Q - [System Services / unzxzsrs][Stopped/Boot Start]
$ \5 \+ q/ v7 R. W! K6 T - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>' N" m/ f1 X5 x, ^8 X
- [ViBus / ViBus][Stopped/Boot Start]
# D6 Q; m. T% q- m Z; d! a - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A> ~$ B3 Y3 }; \- m/ v
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]; ?! p X, I5 J; f7 D0 g3 T7 B
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
3 J1 i" |6 L$ G' k2 j - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
- @, c% K3 d+ U4 _, D N0 b - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
; L+ _# K' G; X. b0 W% t - [ATI Extend / zhibmaso][Stopped/Boot Start]2 O; v" S8 {, T
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>: o$ f( W" Z9 [8 D! D6 _; d( {9 Q
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
; N+ I" k/ _0 o* ^ - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
6 c- M/ A0 |. k, C$ s2 h6 |# O* B - ==================================
+ u5 T/ y1 f+ y4 D# a9 C! z - 浏览器加载项7 `& F! t4 G* u) x; F0 |
- [Google Toolbar Helper]) g9 v1 f! F; I
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
+ b+ o) q( R9 f) F7 d - [Google Toolbar Notifier BHO]( l" L* k6 F5 _4 f- p
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>; I: S; m3 U! X }) `
- [SafeMon Class]
B5 `4 I9 j$ ]' a: Q/ o' p; | - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>6 Z5 ]3 y* L" `" x! h9 X6 f
- [kingsoft browser shield]7 U0 ] h- R2 |/ o
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>8 t5 B' d$ n$ u$ P
- [IEBuddyExtControl Class]( O8 E+ t# m! [5 C" l
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>% x( B# }" x3 w6 A$ @" {- m
- [Zcom 杂志]' p& s% I9 K/ U! q* v
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>8 _ ~# w/ L% S# \6 m7 f, J4 N& x* z
- [&Google]# f. q, [% ^: \0 p
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
& [: g$ M. y8 J' h% ? - [KooPlayer Control]
7 @5 o. t; [- p0 L/ w' o' Z - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>8 a+ r8 c9 D0 M* C
- [Shockwave Flash Object]+ u, l6 A& c1 R& s
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
: u' E( b( U+ I. _, n& I1 e+ I - [KUpdateObj2 Class]
9 l( ]1 z& P* W, S: o4 s - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>. f ~4 t* A: }! J; r! u
- [Google Script Object]' w6 q. e# v0 B, D6 U1 \
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>8 Z9 G/ h/ @& P" d: `$ n e1 n
- [EWA Control]
% Z s7 @9 L: e7 r7 g* f9 |2 b - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>7 Q- m" O* R0 }. e) k+ s7 b
- [Windows Media Player]% m- c3 y! R( [* M0 ?4 y1 {. _8 a
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
& h5 P2 P) [- n d% f) { - [&Google]
* d S3 G5 @0 _7 P W - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>! `% [) T1 {8 ^- B
- [HTML Document]
# K! r; N; N/ k* Z0 {$ } g - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
0 x0 K8 P5 h: E6 B - [DHTML Edit Control Safe for Scripting for IE5]
/ Z- v5 a4 t, g& w# J. q - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>2 D& }! X& Q6 j9 m- [! h0 N9 q+ n
- [RealPlayer RAM Download Handler]
" w& q+ W& J7 q0 @1 [" Q7 ] - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>/ ]/ P1 g# x: g5 o9 U& B0 O
- [IEBuddyExtControl Class]
9 E' }( H4 P- D k$ h F - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
9 Y( T! @1 h0 d0 t( g$ N - [XML Document]" K# {: ^/ F Z. o
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
: C+ n1 W4 \' y6 \ - [HHCtrl Object]: Z @3 J! s# m4 U' `. \* a2 L
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
$ ^0 C4 R- V1 o: o - [Windows Media Player]
6 w- K& n& A/ h7 R! F - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation># m+ Q1 Z+ Q, e4 F* b1 `3 v
- [Active Desktop Mover]
a7 H1 e1 L. a" ]# E - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
0 z1 Z7 W* j6 T7 z- z - [360SafeLive]8 l _; U$ m# f* \) d
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
! f4 V8 p0 U6 `5 d1 N( Y* K - [Microsoft Web 浏览器]
' \2 [* |; P5 C8 v - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
2 k$ P5 W# B6 d: E3 V# l - [Browser Enhanced Objects]
6 D: B; B+ ^; q5 ~# N | - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
5 L: x; [; B8 C' e" g - [Google Toolbar Helper]
7 {, s) ?+ Q4 }- v* Y; E: B( l - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>9 t4 j3 ]1 Q) j8 `8 i
- [Microsoft Scriptlet Component]
/ K* t" |8 v& ` - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
7 m d. y5 T9 B; E4 m! O0 q4 N - [Google Toolbar Notifier BHO]7 C+ y6 X9 U; j8 c
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
. ^5 {+ w+ M6 t" q0 D - [SearchAssistantOC]
* K- W% o1 z3 O/ I8 H+ K - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
$ I+ s7 m- f9 Z5 O - [SafeMon Class]
( k' u5 b9 X6 D; @6 _3 B& a - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
! q, ?) C! s' h, _! r$ ?2 Z - [RDS.DataSpace]
4 p! b/ {# z9 f/ C# v+ a$ Z - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
- @6 L7 A2 D6 Z* u+ c+ k* ~2 y - [KooPlayer Control]6 Z! S( {( I }7 B) j$ |
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
3 ~+ P, u% G2 r# G0 x }+ I - [AUDIO__MID Moniker Class]
5 F" A; ~0 `% R0 T1 v - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
+ J9 C' ]- p1 Z5 | - [AUDIO__MP3 Moniker Class]( G k2 F: d- q5 u9 O& v& Z
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
' j6 [' I3 \& X - [AUDIO__X_MS_WMA Moniker Class]2 ~) i+ I5 i: o# s! L
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>: n9 l) O2 L' J( o% u
- [VIDEO__X_MS_WMV Moniker Class]4 p+ Y2 u% k, g" X
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
( R, `+ d. E. U! e; t0 j9 a - [RealPlayer G2 Control]
% ?3 U9 N5 c& b$ K - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>9 S: T9 [5 |% w
- [Shockwave Flash Object]$ T v/ D0 H8 I$ j* p
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>" \. Q8 Z5 r" v+ N/ d$ B5 Z# {; `
- [KUpdateObj2 Class]- K3 p- m8 i* o) O- l. Q5 r
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation> [; D9 O+ M$ S; u' [# i$ J
- [kingsoft browser shield]) W) w; h: z" I
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
5 k% y, Z. M1 _. f$ E k - [PasswordEditCtrl Class]- t. J, G! ?9 T# b. v0 R
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司> p' R5 ~+ R; g
- [QvodCtrl Class]
1 m A& _: T e" D7 P1 ?6 z" x - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
& x* U1 X1 c- E8 N% v' ] - [&使用超级旋风下载]( |4 v( c2 I7 V$ K
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>6 H5 ]' l' m7 J# h: [. G5 e
- [&使用超级旋风下载全部链接]
, c. E% ^% b& _) H( | - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
& f1 D& \; U" n& D) X& @3 \ - [使用迅雷下载]$ D1 j4 P6 N; t. e, S
- <, N/A>
1 g' U$ Z" y# j3 u' P - [使用迅雷下载全部链接]
: s6 v- h# r+ v( v2 H/ p - <, N/A>
9 ]2 C" y# y, h' M5 y! _+ | - [导出到 Microsoft Office Excel(&X)]
. K x7 p- u7 [- M - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
0 q/ @2 i, U- A - [添加到QQ表情]4 o! K. U! R- P0 W
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>/ h& ~ z! u3 U: q+ [: E7 C
- ==================================! P6 e u) m0 l( c
- 正在运行的进程; H( v4 a, D6 J' w& X T9 K
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ n0 r2 ~6 p' N) o
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], [0 |# E9 x+ D% Z) N9 s
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 q2 X1 y* S4 A% s7 N8 N, W; k" K) R - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]! {1 E/ S. |- v1 @/ A
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ P# Q- t2 Z- G
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ O* ~) U& ~/ j- Q: h; ^ - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 C6 i3 U2 g4 t j: m0 t* [ - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( Y2 M: D( [; [, f
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& ?5 K3 A( b1 |% ?! K9 e: B - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 ^% A* ]( f1 v) R: |3 B - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 A( t9 B' B7 A$ X+ v; P - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]! l# A1 I( ^2 R& k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
% G V Q: Z2 W2 o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
q; e! d" W. O9 M( [ | - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
1 i/ D" N/ ~0 _6 i7 B7 p - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. W# }5 n0 e; b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
/ w, i% T( c w* _: [) @( X# a - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]/ x/ X: N$ Z" g5 `& h; T. O
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
, [8 ~) L1 q7 ?& z+ R/ T - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
. S8 k' e/ S' ~0 v7 {* }; i+ b - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]! Q( }/ m! ^* X- K
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
0 `* |$ @- o' J( a5 T; g - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
+ X/ S! c' I) u7 }8 a - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]( L$ I! ?" H! g$ c! R: S
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
$ o' J$ g: R. ?% J - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]% L. A A/ h" y0 _
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]2 q) ^* e+ X( R' C
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]5 q! e2 d& s' u9 `* X9 M5 _2 `2 T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]1 Y5 j" O3 \9 n5 J! W/ t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]7 A$ W8 W2 j1 U q/ G4 }
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]7 m* X3 V9 ?& w5 R1 z
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 U( q+ @" t+ @7 j1 i: `5 p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]! j$ v! z- Z/ c+ }, O% k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 _* t. I9 x& u5 e9 b/ |
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" \# q5 o( [" K9 g: Z& Z0 e6 Q - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
2 ^. I. C2 [9 K& Q c' W - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
) j+ m. H$ E" `; R' i, ^4 { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 E1 ]4 k2 B3 ^7 r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ b% a/ T5 ~5 V# X9 b
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
6 s3 J1 m9 {% ]; O9 n; @& i8 n - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]% _' \) L5 D7 G" e$ `
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! z" u$ { E8 V% j N
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]7 v% V. i0 j2 r3 {+ u3 D
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- D; g( R8 c2 ^
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]/ G$ p$ m5 L9 C/ b$ W
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ Q6 _) z, o- ?4 w: d: d& ?
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], Z) f3 L* s+ z2 t7 ~' d
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]. H2 V9 B) R$ c
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] U7 U6 Z" ]0 l8 H
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) j: S+ {1 }3 r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: j3 s$ I* n/ y& d& H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, T; i9 @* a# b3 @6 J+ x - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
! Y( K5 H& N( f9 n: P- e - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
: u7 ~& U3 h# J - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
, s% q. D0 @- ]+ }- H: b8 | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]( g, c. f2 B& {9 R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83] O% W! P; U! r T/ b& r6 p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
0 ?/ L$ K* ?8 n6 l* R [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
3 Q' O0 H" [( X o& b- B) d4 B5 t - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]* F, e) ]' x; k" i! c" v
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]9 D4 ~- G4 b, B, }8 t$ O' V
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
2 G' t8 g( h/ k( _2 K% y$ X - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]* v6 |+ e" @2 I
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
5 R9 ]9 u: I% Y* j% u+ \4 h - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]* h) s' I0 C! Y: ?# {5 ?8 B
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
H, F$ u/ x8 l) q3 | - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]2 `* j! D$ v- V, s
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]! D0 A8 i- }" b0 R% B; d6 g$ I
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]1 |& y g9 B( n) b& e+ F2 Z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 ^7 h$ _! B+ D; X# d' e e% H
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]9 b+ C8 D$ l5 z/ V+ Y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 v1 [, c6 e! V; H* ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
7 H3 L N ]) I8 C* ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' {- s: B+ W# U2 _7 H - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]& j- t7 f* H7 ~ H: E2 a, n) F
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201], c) w D) q* S! V6 B
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 m$ O* @+ _+ r2 w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" K0 `, ]% M8 A1 `* O5 g/ C - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]2 q7 X/ ?( C- A+ Y( X, l1 m& N
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]3 g6 H% s O+ t4 k6 i
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
( H$ g: u2 G2 X% Q C$ ?, R! \ - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
6 o9 o( S8 q1 @4 F# y. x- A - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. |4 X% l% K( o" m4 o. X3 l
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
1 F9 X* n( D; ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
7 ?. J" D* x* N: C0 ~! Q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ _+ `8 s$ X7 S
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]: g, F7 d4 ?4 X# `: S
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ u6 ^ }! `0 n" z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
- f5 N+ j0 Y+ b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# ^2 k0 e, @- k
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 s% M ~8 X* ?: H" Y0 i - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]- v: d: ?; Y; L( X" O" q
- ==================================
9 B: e/ p% ^# d2 I8 Q7 `' J) U4 { - 文件关联) W4 u. } R0 U' t( d
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
0 c1 z) w6 S7 x2 x8 @' T) o - .EXE OK. ["%1" %*]' I* m2 t: S: e, c9 N. G. I
- .COM OK. ["%1" %*]% r' A( R- j! @4 X9 k6 {" k
- .PIF OK. ["%1" %*]
* v. C [. l1 Q+ X - .REG OK. [regedit.exe "%1"]
8 s7 `" }5 \+ d7 H4 g2 F - .BAT OK. ["%1" %*]; O5 |" j" V i2 R& R
- .SCR OK. ["%1" /S]$ P, F$ |. O7 x" l- a0 j y
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
, i; B7 |3 W- C* _9 k - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
" ^7 c7 B5 F8 X: y - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]3 `; X) o, ]& U) r C( K2 `1 f" O+ \
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]% a/ Z( e. `/ z) y/ |
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]! t8 A6 a& [# e' `0 `" b
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
' a% k! I% H6 u* p" d) Q9 I - .LNK OK. [{00021401-0000-0000-C000-000000000046}]4 O1 C* B4 `$ w# K- z, V. V& u5 e
- ==================================0 t' [( b& K/ n! R) Z K) }/ X
- Winsock 提供者
p; z9 K+ J- W- d4 M. h1 Q1 r - N/A6 o" {- L8 r$ F2 q
- ==================================& m) }6 B* @. Q! C
- Autorun.inf2 G% S+ d) Y# Q8 V. d C# N
- N/A! q% K8 c2 U: f7 W8 I3 L
- ==================================
7 S9 U0 Q" a f6 }1 _2 E - HOSTS 文件
% `: `6 H0 C% [2 l$ ?1 W - N/A& w6 h H M: l1 U
- ==================================
2 D# I, `/ n/ m0 u8 T( Q. S - 进程特权扫描6 {5 K3 Y- p* @! O. f, H7 U
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
% @8 y* G0 u8 q7 [ - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]6 H8 T1 v: u+ t" U7 Z0 j
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]# K3 F) R0 `; C7 }% M* W+ |. x5 c. ], i
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]4 p5 i7 E h) y4 d
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
( F7 A0 K# s) d$ `( R, k+ e6 |2 ` - ==================================: v3 [/ A" l, o% ]: h" T; F
- API HOOK
_" T1 s! W$ s6 V; ?, [ - N/A+ d4 D/ D5 r9 | {% m( k1 A& v
- ==================================
' A( I8 I# f' h, P - 隐藏进程0 K) |4 H5 v3 H4 ]/ M: n
- N/A7 d( g9 B1 K x& }) o, m
- ==================================. t- }$ z1 p0 c; a7 c7 r
0 s( A+ L! B9 A" d; @, ~
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
