|
|
- / _! j3 ^/ u1 g1 j" K) t
- 2008-05-22,20:37:43
3 B X3 ]' M# ?$ S - System Repair Engineer 2.5.16.900
5 H; v% w# U6 M1 h1 G* s9 ?! \* V - Smallfrogs (http://www.KZTechs.com)
5 { d$ S M, q2 n! z, F, e - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
% R; {( ]$ p* n6 J, B& u: G9 | - 以下内容被选中:
" o& Q# Q% R2 O3 z w( _ - 所有的启动项目(包括注册表、启动文件夹、服务等); `0 Z4 _- l3 C6 [
- 浏览器加载项3 Y0 V2 f$ \+ F% D! T( {
- 正在运行的进程(包括进程模块信息)
* I/ U$ y4 v N |. w' @ - 文件关联- z" I' h4 f$ `8 C! T
- Winsock 提供者; M" }2 }. l" n# c0 G
- Autorun.inf
& @; r1 v! ?9 z( d+ z - HOSTS 文件" i* O* f0 u+ s$ k% g- U- d, g U3 a
- 进程特权扫描
, s' S" s) Z6 W) t
1 J) }4 U2 @3 I. g- 启动项目6 f* u, h0 R8 v' w6 a4 i) m" L, _
- 注册表
' S8 o% f) h5 t) N4 n - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
1 }& w$ ^0 H# ~2 r" R - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
4 v. ?2 u% _9 l, r1 Z - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]: ]7 ~& \, f. U
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
* Q( b4 F" [5 V! @" j$ A - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]) W/ a& W9 ^2 s3 S
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
/ w' p, d, J. Z* U# e" F/ ? - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
1 K% X* i% a+ x5 `+ }4 n0 L! ^ - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
% A7 f4 c. y. i1 S `/ O6 E - <PHIME2002A><; > [N/A]
! l$ a5 h' v" A1 R6 y# w - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
9 e% c0 K' T- E9 r - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]8 B L) {" |3 I0 Y5 }! b
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
& S0 F2 C- {, K7 i - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
! e8 T1 ?" C% u- ^) _$ d - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
( W+ _6 e, z) F - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]! i; O$ q/ P; }9 G
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]. z& g& Y0 i$ H+ S+ d) o( ^6 X
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]! o: _, q" n$ s: Z$ u
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
9 `& \# L' M! C - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
0 ~2 b/ y6 B R ^ - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
6 L, g ?8 T1 P4 V - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
) G2 f1 s8 t* ~ - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]9 N4 i, l' |1 m3 W0 g
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
" N9 W" A- [/ }( X- V# X% j - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
7 d( S# z& N. d3 h2 Q0 | - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
: a& A+ S3 D% z6 }: M5 _ - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]6 Y2 b6 M9 m' y# K! B; i
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
: U% a6 `! t; z4 x8 @ [ |: K4 |: v - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]5 e) f' x9 q$ R# y4 r- p0 B2 z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
7 M3 z t R1 B( p/ P! z3 |) M* B - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]. {* y" a% t9 F% t5 V
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]5 \; A& I! i- G( C6 c) o
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
9 K0 t6 Y) S) s- w5 d; N - ==================================
" U) U) p$ J g - 启动文件夹4 |& y E2 g" N- {% c/ k
- N/A
9 R7 O3 Q3 `" ^8 j - ==================================% _' a; @$ Q* ]4 T/ ^! r) L, r
- 服务! Z& a+ L; G7 x7 T7 A7 g+ y+ y: {
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]# e$ Z% {- D; a) Y% m" [
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
# K, \5 ]) E' k! o - [Google Updater Service / gusvc][Stopped/Manual Start]0 w) G# A% e4 v a! E) p
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
* q, H, [2 S. \7 T" \ - [Help and Support / helpsvc][Stopped/Disabled]) ]# m* \* s4 ^* t) R* d
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
2 H# F7 V2 R8 S* E1 l1 _ - [Human Interface Device Access / HidServ][Stopped/Boot Start]: j) @- C( u2 l, B5 w/ Z4 i: y
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
- \, ~: |) R3 {. d# G; a - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
1 R7 n4 M$ q% x: _# C+ S- x - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
: N: d; k% b3 l, ^7 }1 e - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]; H* S* O, M: I( f" R
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>, E5 f4 b1 `+ ?/ a. Z
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]8 w) G7 x# M/ v
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
4 g. |4 i* X2 G% S) W3 b% G; u - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
3 U9 ~! N$ J% V: q) E2 O9 ` - <><N/A>6 S7 L, _9 }8 K8 G& L
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
4 h4 S0 _& z7 r: Z7 K) [- E - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>1 K8 G6 R4 g; [- u& ]( k t5 _, O$ u
- ==================================7 Q( e, a& ~; O8 X: C- X1 N$ @2 I
- 驱动程序4 w# x* D3 f$ y; k
- [22j / 22jn][Stopped/Boot Start]/ t# @) S. v, @( e! I- N% C. i
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>1 n0 w; F* `" B) F* z) v, w* v
- [360AntiArp / 360AntiArp][Running/System Start]
7 o; s; o9 E5 B' m$ Q - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
I! g+ F9 d/ h0 }" D+ i - [43ec / 43ecu][Stopped/Boot Start]& K1 g7 O' E* S7 [# L2 |
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
0 ~! w8 z& w& m2 @4 | - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]7 d! m& |* l, T5 B1 X6 j
- <system32\drivers\ac97intc.sys><Intel Corporation>
2 x# x% t; h. d7 Y0 F, [6 F3 k - [Promise driver accelerator / bb-run][Running/Boot Start]- ?. Y: T( j. A8 }7 E( \
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>: p3 w7 J, q" o( r) Y8 A7 C" n/ F
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
2 _& ~5 ~5 F. l - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
9 A8 ?, ?! c& u8 I - [KAVBase / KAVBase][Running/Auto Start]# r& a. E: s1 W
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
$ I' p! O W; J* B. l - [KAVBootC / KAVBootC][Running/Boot Start]
/ X0 p7 S8 E9 F8 }3 ]& X3 p - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>2 L- h( D `% l5 R/ ` r; [
- [KAVSafe / KAVSafe][Running/Auto Start]7 ?1 a* A3 ]8 }8 [( v: y
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
0 W0 _+ ^# K* C7 d3 W - [KNetWch / KNetWch][Running/System Start]9 o# x3 X& F4 ?; X& y8 L
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
4 y1 V8 C3 `* j1 y ?2 X/ H - [KWatch3 / KWatch3][Running/Auto Start]
. Y+ K" h# x4 I' h S- S# l6 h1 y, ^ - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>9 u# B/ D, s7 g+ ~% x/ h
- [ntptdb / ntptdb][Stopped/Auto Start]
4 {! C: v* W s - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
4 C& z2 p6 q0 R* F5 g; n - [nv / nv][Running/Manual Start]
% m7 a+ c4 ` `' o- z | - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>! W5 j$ w, U; x
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
9 R) _3 X0 W* g) m2 m4 P& H# P$ E - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>$ ~! k- |; `5 U. W/ }. ?
- [DDK PACKET Protocol / Packet][Running/Manual Start]
1 D" x1 Y- C# {3 {( [6 R - <system32\DRIVERS\ProtoDrv.sys><360安全中心>$ q K ^* |2 m
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
! t4 B F( C8 \4 n1 q9 P, r - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>) r# h4 x6 o9 y8 v3 H# L) }
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]+ }; w' m2 ?) N, q$ g5 r5 x
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
/ `8 x3 x" w% \0 B+ Q' P M - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
. o; P, U M* c# N; D0 C! R - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
1 }) d, F4 j1 C7 F - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]" o& F# n+ L4 V/ H" O
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
1 m% y( F! N- s8 j - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
$ b: r' f& d# y% M; x# x4 x - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
9 z( z4 z s$ l6 S! z5 | - [Secdrv / Secdrv][Stopped/Manual Start]
& c: e h8 O5 g - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
0 _% Y0 w/ `; O - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
6 v. r/ o: Z4 t; z. T3 g$ l8 Q - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
# \0 z% x0 T Q8 L% g - [System Restore Filter Driver / sr][Stopped/Disabled]
; o' M7 d" h0 M - <system32\DRIVERS\sr.sys><N/A>
5 r& P1 q* u; a4 S7 ?& W - [TesSafe / TesSafe][Stopped/Manual Start]
. g% L+ A) Z9 A( n0 C - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>$ g# c) p! z. a$ l
- [System Services / unzxzsrs][Stopped/Boot Start]
% c0 I [# k+ _5 _ - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>2 x2 T! ^9 R8 w) `+ u$ z+ c1 G
- [ViBus / ViBus][Stopped/Boot Start]+ P3 J# w1 [1 j
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
% I0 b$ Y2 A1 n( l- \1 H- Q - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
2 u& W# D3 m3 H% E6 O - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>9 D' r) W1 w, z0 U7 S; c0 f
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
) o+ Y. @8 o* B, Q2 v# v - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc> g. K+ ], n, I; e$ ^! `4 O5 G
- [ATI Extend / zhibmaso][Stopped/Boot Start]/ @0 s$ r& y# M8 V
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
9 z) b$ |5 ~2 |$ ~( V - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
7 s' U U. ^/ k; D4 ^ - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>4 j* W/ A3 Q: W- {
- ==================================" ^' H3 k7 @$ @4 @0 \$ R) w3 P5 u
- 浏览器加载项0 d5 k+ u& e# G% b' n( X
- [Google Toolbar Helper]
2 t' K# O4 s! n1 c9 s# j* m - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
0 l8 ?/ c7 F7 ]. e- }+ l! Q9 h - [Google Toolbar Notifier BHO]$ O: g( y" B) F3 d8 N
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
& @0 b# L9 j$ I, Y - [SafeMon Class], i! e9 [' x/ h
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>3 a4 W& f7 s; V) E) }0 x5 @8 d. m' [
- [kingsoft browser shield]- H6 b. I' ^' r4 b B" U K
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>8 d v2 D" W5 X% ]4 z) r4 t
- [IEBuddyExtControl Class]0 E0 M) P) m# c. q+ o
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>: O. Z2 {. ]* h! m" o7 h
- [Zcom 杂志]
$ d5 } T. r5 D0 Y( {* B. @- h, A - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
, q: ?. \2 z5 v; v, H% a - [&Google]/ `0 [; o5 l5 G" E3 P
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
8 N& u; i+ h M0 A - [KooPlayer Control]& b4 R5 R: C8 \, {/ n6 i7 H0 t
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>6 p' f) f2 H3 M! T" _
- [Shockwave Flash Object]7 d1 R9 }- R' @. ] ^. c, s" z
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.> m9 s5 d+ i' R/ @
- [KUpdateObj2 Class]& [' ~5 D+ m1 N9 o! A
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
9 j, S# E) c- {' w+ G - [Google Script Object]! R' \1 W9 C5 b( \8 ]( o) D
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
: I: x# A6 Z z+ W, N - [EWA Control]
" K. j7 n( |7 h) ^' U! Q% b - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>, K* r' e& p) u2 I9 f
- [Windows Media Player]
Q0 \" J) J/ Q - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
' K# K: v" v; r - [&Google]
0 ~) h7 f$ h. P9 J; S2 n! h - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>7 j7 p o, w4 Z+ j% q5 S' v
- [HTML Document]
' J" h1 m0 d2 a8 `$ L7 ] - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>8 c6 ^( o$ ?. Z" D* k, `
- [DHTML Edit Control Safe for Scripting for IE5]6 H' T2 i( @+ \9 Y' H3 v. H
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
7 I# S/ x. h* L, |3 c - [RealPlayer RAM Download Handler]; o* v; |. K" ]: F. n* T; \
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>3 z4 \9 @* E; J" K! A
- [IEBuddyExtControl Class]
! ?3 J }3 A7 ?% G+ w - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
% g# ] N6 r% ?0 y - [XML Document]
# d$ x, G7 S: {' l7 z3 N( v - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>+ A+ ^3 X1 W2 W2 c( D& d
- [HHCtrl Object]
' w2 M- C4 J) D _. P- c - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
6 M& [) ^+ M0 G# k. Q; d% n- _ - [Windows Media Player]
3 u; m6 T) a( d4 b d3 d - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
3 F4 k+ X/ Z$ p - [Active Desktop Mover]
* S1 b: l- `# O8 q - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>' J' }) O" n0 ?# w
- [360SafeLive]& S3 R6 s: l4 s2 t+ Z+ B
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
; q! G+ p( d* O! u2 q% Z# q - [Microsoft Web 浏览器] m5 B+ Q& o- a# Q. s" s) _
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>/ |7 E2 e; C! N/ u
- [Browser Enhanced Objects]: K' }" Y3 g/ t6 J$ V
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>* n: v3 R: o+ J' g
- [Google Toolbar Helper]4 e- B- _3 l5 L; _+ n
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
4 |! o H% p* b R5 p - [Microsoft Scriptlet Component] i( `) H* R5 V+ h! B
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
* f/ R* v$ s a3 }% K2 g( z - [Google Toolbar Notifier BHO]" c c7 l, m1 g6 \) X
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
% I2 Q9 r( V$ s z4 S# K/ x8 R% ` - [SearchAssistantOC]
. t) b% Q3 I0 H& r - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
, {1 m( V1 V; ?" \( N - [SafeMon Class], ^0 I) |8 o) J/ M. F6 X& d
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
9 N5 C' {9 [! t+ _; F7 s! q - [RDS.DataSpace]3 y J. l" p/ A% V
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
! b; J3 a( T$ S6 T) g8 y8 f! u - [KooPlayer Control]/ w: v; e6 k$ ?4 g' Q3 u
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
5 ^" k# ~) q$ b" F - [AUDIO__MID Moniker Class]1 \2 Z5 A# W O
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>+ o, N4 T; j0 }3 j
- [AUDIO__MP3 Moniker Class]0 w2 O- m) w# w. I* `
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
* ~! v! k2 O$ J# J& o - [AUDIO__X_MS_WMA Moniker Class]
" g1 B: c4 p2 N& H+ M- q - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>; Y9 A) S9 i5 {
- [VIDEO__X_MS_WMV Moniker Class]5 d; h# W8 ]7 d2 d& \# @
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>/ F. f. q; Q2 Y: n& G" C) I
- [RealPlayer G2 Control], B, D1 G# B. H. [4 S1 c N
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
2 R Q a; E( \( R0 p I - [Shockwave Flash Object]+ i$ K! o; N, o2 w$ b9 J% n
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
" T9 v+ y7 C) \% p: X! ]5 m - [KUpdateObj2 Class]
$ l! [8 U, m1 i5 o6 E; L1 x; C - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
# s# x3 L4 M- Q, v. \5 Z s - [kingsoft browser shield]
( _, d/ O+ n* a: r/ P( x9 {1 ^7 w - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>. ^4 R1 T7 a) U
- [PasswordEditCtrl Class]9 O+ r5 x! l& [6 M5 R
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
5 ?: X+ T( h$ @ X - [QvodCtrl Class]2 l- \* C C' M4 r7 O& @. M
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>8 ~' V& Z4 E/ c1 P) ]
- [&使用超级旋风下载]
- o6 k. c d T) a+ g. ] - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
) |5 D& _: u* j: E# y - [&使用超级旋风下载全部链接]
3 |, ~' r9 o+ e) \) j - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>% A; ]3 t: U3 I# b
- [使用迅雷下载]
2 b' f3 A: W7 @" q1 p, }7 l, x - <, N/A>2 V$ P8 L4 F. R ^- h% z1 n
- [使用迅雷下载全部链接]8 K: d+ E6 A4 R l5 C O( @/ ]
- <, N/A># M$ g! t1 a3 ]) F9 H
- [导出到 Microsoft Office Excel(&X)] W: B8 |$ o5 ?5 ]7 B$ A1 q
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
& c5 K. Y' G) V- G) B - [添加到QQ表情]( t: X/ V0 g* D2 C% g5 a0 ~$ j
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>) y" j' U: S" {& [8 w
- ==================================$ p" ^& s( E0 {' Z) z& f- ]$ {! l. U
- 正在运行的进程
7 ]$ q2 P1 q' v% e7 n, e - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], W- s& O" N: G+ W$ S7 Y
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 f9 U3 l, d8 w. f4 i4 A& L
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) r9 `* {0 a* M" l% q/ e* e) {) L" N - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]5 w! R% N4 X2 Y& n# x2 M- \
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ i" T T! h* \8 w0 F( X! O
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* y# I0 d* d) U$ k& A. b8 A5 P) I9 C
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. _5 m m9 B9 @$ n- C5 c" `8 A h
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; G4 m$ C p* d7 z6 y3 x4 ? - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 G" `! D7 f; w
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ x: }) i. i1 b; ]/ p6 p
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& \! _. d+ u- C - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]$ v3 @' D/ l# @. A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( [" u- L, v4 O; J - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% {; o1 `/ E* Y - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]8 t N4 `- c+ ]
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
5 i# m4 h$ D8 Q, `# Z' j& d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]. }- m' G. f, ~/ x7 }+ f! p
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
3 Q8 L0 _/ b5 ]8 {3 s. \ - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]6 b. {7 _. u9 r- d
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
% h h+ q& K& T9 j' p - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
. `0 p9 [( N6 P: A; L3 k* }$ s: E, B - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 R2 d& W7 u4 P0 G" \0 g W
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]& f8 C/ R5 t0 F. ^5 P
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]4 m4 T! w2 w. [
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]: G( T, J C; c5 |/ ^* @) O2 [
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]2 a) C5 j F7 p: b4 u
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
/ J$ [) }- w+ J7 W7 N% h( Q - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 R/ l y o/ ?6 H% h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]' [+ Q0 M m8 F8 }2 H6 `- C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ V* m$ i2 {8 W, |$ A1 S
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 m8 F! W; L' I6 C9 \4 L. C# } - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! T- ?* S' ] C2 y+ L* h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( E' p' k) i/ t4 S& p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' y$ z$ p5 F7 G& y: t! } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]3 X1 d0 g' Z2 r; f- A
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]+ k2 W- Z$ y. N; ^5 Z1 J0 V
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
/ [8 U' |" |8 ]0 H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
3 a2 t8 l4 u9 @) G$ Z% I: p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ L& t. d u1 M2 _ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]& ^. d7 J7 y; T. n) l
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
q. M0 w) Q8 M* l6 j1 e" b; s - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. I3 F2 d: Y% w+ v
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
: j: n$ _/ A% D. R$ Y - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 X( @2 z+ u5 H, X - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]2 K1 t, m$ d4 c9 p9 n; ~! A
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ ?) w: c& [& Q t0 t& Q* E3 `$ d - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ o3 B# I$ y6 r8 G1 F# c
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
1 e" X5 C, i8 p - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
6 S4 ]! N$ H. N - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
1 e) N6 e& M8 B* h$ G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) u2 P* M3 p3 s# Y' l) ~1 e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* ^. E2 J3 B# W1 e* _' F2 c( G1 G8 U - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]) L) a+ d9 h* k2 n d0 u$ W2 J
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]- b) C. v4 ^, M2 ~1 K
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
2 y! `% a/ M, a7 o ~9 m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]' i8 z! l4 q* i @& J3 F/ `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83] `% i$ t. d2 F9 E7 o6 U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]1 {- |" U+ f- i. I8 e7 y1 H) `1 d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
/ f; V9 l* S* h9 N - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]' e" j* a! k. q& v4 s+ y
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
1 T& `* {) T# B* V0 L: E - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
, I8 a6 _% H: e5 x! Z% t, `3 R; N - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
( A6 ]7 a% R7 d- @8 D. ^1 B9 J7 Y+ U - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]" q7 X- Q: @6 `- e
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]! V9 l* T7 s( w F3 r
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]$ \! u8 u! D9 p8 ?, M7 o7 i) O+ R3 [8 Z
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]" J- h& |) W, P/ }2 V2 n
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]) _% D8 Q s, v* u% p* c
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]2 i0 K1 o3 V" E2 P, D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 O+ }" k4 X" K0 p0 p- Q - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
- ^5 F# M9 l2 \5 `+ n0 @ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 g2 L) Z) K. m& v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ F9 Y4 K6 F/ m$ a: E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
3 ~+ M) H0 d7 `. D5 n+ A - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( X% l: {3 R t5 \5 Y3 q- i2 a - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]0 V; u3 E6 @1 s8 B, {/ z
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
U9 z6 g$ q0 r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]9 r. {6 H& r6 D [5 ~* b- z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 R `# g+ D# Y9 @: `8 V! B- i
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]: S3 o# N2 n9 g" s2 }7 e
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
# i4 \3 @0 V4 @ n - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]$ w O X1 [6 b0 Q2 T
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 A/ Y ~ o7 O! q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( N7 o! w5 b; r: g" t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% g% P5 o. u( M" m+ F! j+ ~7 W - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' G% c+ s0 q5 G - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900], i: d* u3 `: b4 Y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( `$ C% y8 t% i% O; x) [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) c; p6 z# i; f5 J# H" [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 a# }( E" C4 @( Y2 j - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0] u) m% U w* S7 A5 f( F4 S
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]. T" J' b1 \. D: g# `
- ==================================
5 X' {# R+ c; J - 文件关联
6 z J7 O G! X - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]' z8 U3 b- @0 W/ \. ^
- .EXE OK. ["%1" %*]7 l/ P4 n4 c8 H
- .COM OK. ["%1" %*]
4 @, ^# h% g( [/ _6 O - .PIF OK. ["%1" %*]
. t( `9 @* g* L- P+ Q - .REG OK. [regedit.exe "%1"]
0 a0 X& |" H! j$ S# p' y% M - .BAT OK. ["%1" %*]
L; \; w9 m4 B/ @( c: n - .SCR OK. ["%1" /S]
+ d5 b' z3 \5 N _5 H3 a7 W - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
8 V1 G+ C, T4 N3 v! o( F - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]! ]$ p' H F1 @$ a
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]. [; N" j. `% Y+ s: ?5 J9 T q9 B
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]) h: x& c( L6 C) u+ }5 p$ P
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]6 H. Y1 E$ |7 T& c1 o9 ^2 c
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
: w) B# a, S; F! m% `) \3 `+ X - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
/ z8 ^4 H8 [" W+ ~# z3 p - ==================================
$ B" @* J t& J - Winsock 提供者+ E- {$ n% L- V1 M6 n! U
- N/A
r4 d/ y: ~$ v! x' f$ b: r - ==================================
* ^5 E) {6 w. V- W - Autorun.inf
# s. P* Q9 j% B0 D - N/A
* c( j7 H, g8 j$ V: q! b* Y3 l - ==================================
( l% A1 F2 J( g3 f& ]/ q$ D9 F - HOSTS 文件( x- l8 U. J( z/ }( E' L- t
- N/A
- l& c# ]2 H# q* a. W! j, K! v - ==================================0 M& G8 P! d: t5 M0 l A3 d
- 进程特权扫描
; j H" C* Q# _ `: ^$ E - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]/ `6 `1 O5 {9 g* M
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]+ p. r1 d! s [4 ?
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]. l) Q+ R/ d s3 C4 \
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
0 ~( _3 W4 [! h2 c - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
8 W: ^/ g5 [5 [5 A3 e" s6 r) b0 U - ==================================- g2 U! @) T% ]3 o+ i( P9 z
- API HOOK* W* m/ J. N9 e5 O
- N/A( {' \0 I. u# }0 `$ i$ x# _
- ==================================5 W* o. t. X. R2 q' X4 M! L
- 隐藏进程' ^4 w: S* l0 h/ n5 K
- N/A
0 y( g8 ]! _$ W! a8 i8 y - ==================================3 v7 Q6 G2 n& s9 |7 v/ ?! ~1 H- K
+ h" l/ R5 A5 Z7 W0 @$ ?
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
