|
|
: l% J# O, y2 Y% ~, |* G8 ~- 2008-05-22,20:37:43
' B& r8 A6 T% p0 M. R: O0 {* X - System Repair Engineer 2.5.16.900- r& x* i8 ~/ G3 W6 K: c5 b
- Smallfrogs (http://www.KZTechs.com)6 ^& z, b+ `4 w; d6 ]4 i9 u0 E
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能; J* j7 f0 b0 j. a9 k+ E
- 以下内容被选中:( w5 @, u$ b ]& K- ]
- 所有的启动项目(包括注册表、启动文件夹、服务等)# n# a' d1 p$ U
- 浏览器加载项
' j' @ I1 x7 R9 b9 u - 正在运行的进程(包括进程模块信息)
/ @4 J( z/ I/ n4 m - 文件关联
( Q9 H& P6 c) F7 S4 f8 m8 P - Winsock 提供者; X5 q, G* ^8 p% L( t, S5 }! Q/ R
- Autorun.inf
9 Y+ d9 ]9 F$ I" F3 m - HOSTS 文件
3 A2 y" }, @, D K7 n - 进程特权扫描" j" b* n+ t7 B* U5 G3 z: [
% x% Z% `- O! s E, W. v8 y2 N5 z- 启动项目
! T) x5 d8 z& n3 G7 z% Q - 注册表
; b( M. X5 l' |2 q3 E. E/ p- s - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
0 h3 `3 f' U7 v, B - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher] F# w* W! f w+ D
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
/ a& r+ X: d, w( v/ d+ e% e - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]! E! }" A) s! M+ U: T3 s
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
8 [$ F( d) w4 s# L0 F - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]! Y- g/ p0 Y4 p2 ~) D
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]% V& Q- C6 l0 v- H0 B
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]: W! X: r1 G+ O8 m. \) S
- <PHIME2002A><; > [N/A]
5 \/ D( r& v& \& g% G/ N( x" R - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
8 q3 ^7 {0 P- c% } - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
) k4 ~3 O6 i6 c& w% k - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]/ W" D u4 v' F+ ~6 c) o/ M
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
9 I# E# O# C! M. M" }- h, {0 O# g - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
$ r. G( V V) \4 j) a - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
3 ~2 O% a4 I1 q - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
7 P0 R( j1 W# z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]. g, Q, ]' g3 Z9 f
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
" D: p1 H: }8 ?3 y5 K0 ]* i- P - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
8 P' {2 d: |) X - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]% X' S& u9 e0 P2 X3 B2 p! `
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]& W8 g2 v- _, B0 \ P- `1 T
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
- ^7 _) ^, m2 w# y! w! [. [ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]" ]- f( A5 l1 E3 W: n
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]" n; q1 `( R7 N, h; b9 A& K
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
5 v" U* e5 N) x( t( \* T9 ?6 y. U - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]+ L2 i) b# l* [* h, @9 Y" q/ ~
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]7 K9 j& S1 x6 P" a2 F0 R
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]& Z$ G3 z3 |5 [( ^' W7 E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
j" V: @4 G2 V5 p - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher], C2 V" \0 T* a, V! K* e3 X
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]- y. \ ?$ f7 v* R2 B6 l
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
1 u2 O2 j( T4 o, [3 ^, M% C4 H - ==================================
; a. R5 W" y, ^: i0 ]. D+ W - 启动文件夹
' w& c% W! i1 y1 o2 p - N/A& L& V4 o$ Q0 m' i
- ==================================$ d$ \1 U- T" f0 _5 a# i: ?" A
- 服务" @) X U2 C5 ~; \
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]& f5 ^# N7 i; G
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
# _/ v) ?6 k& a- ^8 L- a - [Google Updater Service / gusvc][Stopped/Manual Start]5 z, r% g, a" S& W: E e
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>- \4 o6 R' Z) p. g
- [Help and Support / helpsvc][Stopped/Disabled]
" X: C" I$ N4 ?- s6 p6 V1 t - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A> ?1 @& S3 g4 ~
- [Human Interface Device Access / HidServ][Stopped/Boot Start]0 R! m J" Q9 G, D6 L
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>1 p/ z1 G* g/ p
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]2 P- q% R+ C9 U3 v0 w; U3 J3 _
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
- r( |4 ?. L. l% I - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]! F. Q3 P5 l% K! w5 n* N
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
5 y! G. t$ m0 I - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]9 Z- q* d) ?2 S q& e q
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>* o- b! K* j+ H/ Y3 I
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]) j, E, {3 P5 v
- <><N/A>
" V; c/ j( o- Z$ A! c - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
5 S* T) |: }) e: O/ t0 ^ - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
: I/ ]% k7 B L& v" z- I - ==================================
6 ]* G9 G5 q5 U) }2 y - 驱动程序
) ?0 _& o8 w7 G- A; b2 s( c% {" X - [22j / 22jn][Stopped/Boot Start]
7 R# D) L$ |5 d - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A># t/ l- i9 ]( l6 U& q6 X3 D
- [360AntiArp / 360AntiArp][Running/System Start]6 l/ Y; g" F$ {$ p8 C6 M
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>7 l3 `# O$ |3 r" C" M+ r
- [43ec / 43ecu][Stopped/Boot Start]
1 S6 f: o0 e5 G. b S - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>6 O4 m) e/ w3 z* `( ^ |7 N+ S0 J5 A
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]& O8 Q5 U) W# P9 a g" { Q7 e
- <system32\drivers\ac97intc.sys><Intel Corporation>
: M2 ?7 v, r: U+ _ - [Promise driver accelerator / bb-run][Running/Boot Start]/ q. G2 J. j& \
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
8 |1 j" ^% W, l w" f! A - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
0 B7 l9 q7 p8 Q# I - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>9 l4 X" h; p# f3 W; Z- r
- [KAVBase / KAVBase][Running/Auto Start]/ Y8 T5 Y. ~% d# R; ^) i) i/ h
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
" h2 K2 [2 _, s - [KAVBootC / KAVBootC][Running/Boot Start]# t5 b* ~4 S! u) |3 ^7 s' d
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
# ]( @3 ^! k# W2 b& a/ @- O - [KAVSafe / KAVSafe][Running/Auto Start]
$ ?) {3 D& l3 S) `3 F - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>6 s, f# G' v* d8 x! I) W1 ~
- [KNetWch / KNetWch][Running/System Start]
4 M, W# R% f5 E1 d. } k* W - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>. M5 u8 g K5 Q" A; n5 Q" [# e- ~
- [KWatch3 / KWatch3][Running/Auto Start]- Q$ U! O9 z9 g2 A0 A
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>+ K: J& w/ Q& E: t
- [ntptdb / ntptdb][Stopped/Auto Start]- l: q0 c4 ]/ G
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
" I' e8 D" f7 x - [nv / nv][Running/Manual Start]# s" \: j! Z& t! Q# J' `# Z
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
2 C$ w/ J5 @+ o - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]8 l$ `! y& a) ^% o
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
, t2 C# n) Y8 `) \% ?$ K$ k t7 K - [DDK PACKET Protocol / Packet][Running/Manual Start]6 h) f3 _7 @# |% ]1 _
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>) Q0 ~: |8 {5 J" N. C
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
, K* J, L, e7 g5 @ - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
4 d) L8 M3 _: o# {' l1 | - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
% @3 P5 N$ O8 z3 n - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
9 M$ s* a# T3 ^2 l( ] ?. A - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
9 `% J4 p$ l0 x5 V! _, r) [: h e9 L- i - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
" H1 l& i2 {+ K% p+ K - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]2 W$ r& e- x9 T0 u" i, f9 \0 p
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>( }8 Z5 ^1 x8 K" g" q! h+ Z" K& M) o
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
4 w# Y4 K* v1 C) p' F - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
5 t" i; j( i& Y: N - [Secdrv / Secdrv][Stopped/Manual Start]# E0 P- e! e- F9 F7 I* j" v
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
# `( v# |, |6 A a& T& x5 _ - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
\# v: i, t6 U" {1 |$ s - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>: t5 Y6 z! s: f
- [System Restore Filter Driver / sr][Stopped/Disabled]
: P, C- h- j) O1 j - <system32\DRIVERS\sr.sys><N/A>
1 {! q1 c+ z$ u1 l3 N9 V - [TesSafe / TesSafe][Stopped/Manual Start]2 d% F$ x) d; B0 s- k G4 j3 m
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
n2 m3 ?3 C/ p/ D6 Y! n" M - [System Services / unzxzsrs][Stopped/Boot Start]
7 m. n( N4 ]* z3 ?4 v* U( { - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
0 _* L: l, k" \8 A# [ - [ViBus / ViBus][Stopped/Boot Start]$ {$ H0 _! U6 _
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>; X& V* H! t( E0 G
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
- b- z4 g" O+ n& m. I - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation> E' T! h/ O! t
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]% Z9 |2 q! V4 k# t; |( r
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>" r" g* f/ p, s
- [ATI Extend / zhibmaso][Stopped/Boot Start]/ O- x+ w* n |) N. K
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
/ {4 ]4 G# q' c* H, J0 v5 v# v7 o - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]7 j& o! I' U/ V' }. j6 ^
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
1 R, e3 N: O- {, g - ==================================
- `5 y: {5 W ^& r, p( w( A B' P+ R - 浏览器加载项
' h. ~, F( ^$ i - [Google Toolbar Helper]$ c; e5 a1 e* l; \/ I/ {
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
: f& A) j7 h# r+ s& k - [Google Toolbar Notifier BHO]! g* n4 C5 Y' i7 N: H' {' v
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
/ L0 r9 e$ t% ` - [SafeMon Class]2 \' a: A. y: T' s% y% h
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>6 j# ^) r3 F: u
- [kingsoft browser shield]
( e/ F! y C; h' N - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
# a0 z3 w9 h @2 ^" [ - [IEBuddyExtControl Class]
4 T( F1 z7 B- d* D: w2 m7 l3 Q - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
% C6 h7 C& y) ?! j. u* r7 n - [Zcom 杂志]
9 a3 m* `2 E# u' w9 S" k - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>. ~4 \$ I* n' D
- [&Google]
! N# s( i) g7 j# a5 I/ T - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 n( h4 g, ~$ W3 T' p2 {+ X: S
- [KooPlayer Control]
. k& r& u4 F6 I2 K; c - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
1 `$ k- d4 J5 A' F - [Shockwave Flash Object]
% ?. q" F* d q$ W% x7 t3 m - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>" P% l% _& w) U, x+ l) f: `
- [KUpdateObj2 Class]+ n5 z, X0 o0 i* [5 S
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>1 l7 Q+ J% ^ [: U$ b: C% A
- [Google Script Object]
. Q0 s/ K9 m5 k9 L - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
, j: h% _) p2 C% v8 P - [EWA Control]
0 p. o' R" f) r( h7 q - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
6 k! ~/ N) [: G( K/ O+ u" g - [Windows Media Player]9 U% S" ], N* D
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
5 G8 p; m5 B6 x& s' v - [&Google]
: [* X/ x+ d! x3 p - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>% p; L) L2 ^0 i; ?& R5 b; M0 d
- [HTML Document]
~1 z7 g( B u4 h5 r6 T5 k - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
6 M r5 Z: D4 ~3 J8 b' U - [DHTML Edit Control Safe for Scripting for IE5]7 }: ^ C* `) a
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
) X# [9 M+ h4 ]8 C" c - [RealPlayer RAM Download Handler]9 n9 i2 ?, C; {% y) w/ L
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.># z" x! R5 n6 z, @' R
- [IEBuddyExtControl Class]
& s/ d* w% z' z6 m. B, k- w - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
2 T5 [) H \+ S: | - [XML Document]4 @ x4 {( {, T5 E
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
/ C0 {" k9 F) {' ? - [HHCtrl Object]4 t) `0 _/ C$ Y) c
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>/ f6 i8 C9 l& W9 G* D
- [Windows Media Player]2 `* m3 p( J8 J2 x7 f) {$ Y. T/ x
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>% I2 ^: i2 |$ ~: H0 u& J+ F
- [Active Desktop Mover]
! i, l u. Q8 c/ y; E' j7 G h - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
- U/ d4 E" ?8 m. C/ M* \ - [360SafeLive]
0 f2 Q" x8 p( R8 o9 x- v9 p - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>! M& k; \7 g" q* E; t
- [Microsoft Web 浏览器]" g U# T9 c/ P q- r, M
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>/ z/ `/ K8 p, S9 K b
- [Browser Enhanced Objects]
1 R. e2 {, B, S' S - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>5 Q1 P) i$ [" D+ Y q3 j
- [Google Toolbar Helper]
# T+ r) ^( Z5 P6 I! c( {1 m - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>, e \& X8 n6 v4 ~; H( ~
- [Microsoft Scriptlet Component]; s, w% ?- @7 w: V% E5 N
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
7 A2 A- D7 W1 o5 u2 D - [Google Toolbar Notifier BHO]
/ L$ s4 p) ?. Z5 i: v8 c4 ^ Z - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>6 a3 M# w2 g2 j8 ^. T$ C' D' V
- [SearchAssistantOC]
1 L. m9 S# C; v3 z% U - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A># U" \1 X& b5 |5 B! e( c7 R2 F
- [SafeMon Class], P" n2 b7 O0 J- }3 m3 S
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>! z$ j8 d+ S( H3 s: ?0 u
- [RDS.DataSpace]" B9 W. ~! R3 W) {
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>; W3 D7 v; u9 W1 B
- [KooPlayer Control]
3 z% Y7 [% m& O L7 { - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>4 {/ \, M; |+ F0 t5 Z- h
- [AUDIO__MID Moniker Class]
/ I# U; K4 ~; u - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>, s; X. `) y7 I; c
- [AUDIO__MP3 Moniker Class]
3 p0 L* m0 `' Z0 z$ h0 L3 O - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
- L1 p+ i6 Y2 e - [AUDIO__X_MS_WMA Moniker Class]5 V- G, R% \/ [% g& |. `
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
2 p& v3 ~) ]7 y6 r$ ? - [VIDEO__X_MS_WMV Moniker Class]
% c. g1 U! j5 I! \" ~2 | - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
$ I: c4 F& f9 f% }$ \" v - [RealPlayer G2 Control]
" v7 W( N4 S& ?2 B - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
+ B$ q' c. B, z - [Shockwave Flash Object]! _; G3 C& {1 c* p2 _: J
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
& n* k- e- b- O! O9 X& N, `7 C - [KUpdateObj2 Class]
. ^- O' g) c) N$ c, ~5 z - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
* Q: S# m$ d7 N9 D6 ^# F. R; K - [kingsoft browser shield], R! x% \4 |9 f7 d4 |
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
4 Y# c2 \1 G5 I! k# U3 w) K - [PasswordEditCtrl Class]. M& {3 X; g2 @, l% Y# i* I
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
7 F! L9 r1 M4 l; j* g: p* f - [QvodCtrl Class] y/ U# K, u* s( L/ s3 { n
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>) \2 v9 j5 E4 p5 X2 Q3 i/ Q
- [&使用超级旋风下载]
! Z1 _5 @$ f5 S9 p" R - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>' O+ u4 g0 p8 J1 z( x9 f" e
- [&使用超级旋风下载全部链接]
' m& Y5 Z+ C( }( {9 K$ i8 I - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A># M" T6 i1 W* [/ g3 I2 _
- [使用迅雷下载]
2 g: H6 q4 [8 i# W. y6 K - <, N/A>
5 A; ~( i; q3 E& R - [使用迅雷下载全部链接]$ ~' i. Z D; L u \
- <, N/A>
* ]) T+ Z' j- O# E - [导出到 Microsoft Office Excel(&X)]
! {; g$ D) N3 F7 C( r) Z' s - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>5 t2 [+ X7 a' R5 T% T6 R
- [添加到QQ表情]- k6 Z( W& m1 Y+ l( f' g4 P& W
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
1 C e; n% b4 r6 P! R. f* v - ==================================
; s4 _: k& F3 U) H - 正在运行的进程
! m }# s4 t0 d( a4 L: w - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 c( _) h( V' u+ ^. v5 t4 V ] - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ k% U. v6 u) P' p( q* ^
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
^6 d/ M; ~* p) o - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]5 m! q5 e. t; r6 B9 O9 O" A1 I. H
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 f+ y* a$ \0 d1 K; E( e - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 g2 S, Q/ c7 T5 @4 h' ? - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 E0 f# e9 X- a# I( J2 i - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ i/ u2 }& z1 U
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 G8 m* O2 S; ] - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 p9 q% J( x/ U) P8 q+ X7 J# W$ \
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 U& E, F* h' R1 M9 ~, }7 X5 L - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
" W) \) I8 e' w, ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 u9 ^' w- [* e - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364] o7 J% X2 U; J8 U2 H1 c5 f% a
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
( O' N/ H+ a7 s - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; G9 l h1 F1 f# K# X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]3 H/ K5 ]2 B) n) O e& ]4 s
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]! t$ [+ |3 `. a) M
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]0 Q7 F7 c8 [- O9 b
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
& m! r7 w: W' W - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
# c$ B( G, p Y1 j' a# t - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]1 n: {2 G5 i l0 ?
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
7 I+ D$ k9 Z1 Z) |5 V - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]: C) Z! u4 W' M( `, ~) F+ j
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
3 w4 [3 g0 E9 P- k4 U1 N8 J' r - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]2 r3 j# i# A' P/ L6 c' }
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]4 a3 r/ Z/ A0 v' e. g
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 f) J9 K+ F4 Z* w# h+ s% b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]6 f) T3 A! [8 Y3 A. z# y( f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
6 \6 G; [5 p2 H) e - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 I2 Z. |' h2 x, k) ~
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" M: d% X6 Y7 S- Y: b v* Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; \+ @: G M% e8 u9 _, Z2 t8 p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
P" G, z0 K2 B. { K - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; q0 [; t6 z! L4 ~. U' r
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
S; N6 Y" ]! @5 X k! L8 N7 w - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]% b' f- x% j \0 o. I+ @) N9 L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
2 v: D0 y& D5 t" m6 S: |$ i* W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# D2 z2 y) R4 l
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
, {( _# r }. ?( E0 r+ | - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]' F j, ]! Z3 }% d9 z8 q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( N/ E( \8 ?6 U/ C6 i9 x0 L4 _ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# y* I% A. W8 r4 s6 J+ M0 x0 U
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 v+ f! B" I2 E - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
- v; x$ s7 e( m - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! Y+ r4 F, Y' ~& p& P2 w* e5 S - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% [. Y' v: M7 o
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
3 f% y4 R0 N5 a, C% q, C - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
' c% X5 Y' i$ X! o! Q4 s - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 e3 F( X; M: \' Z: [# f( I+ `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]2 q0 ^0 [3 G8 Q1 s* Q! G6 H2 B: e$ u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 I8 }2 L1 a; [/ B- V" H* _# j( C
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690], v7 q9 p5 M2 Z; x1 y
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]; e1 [$ H, Q8 j6 e; b4 a2 q* A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
% O) _8 b+ y6 M g* f: D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]6 p& [+ h- M9 L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
; C# f" Y- j! I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
5 S: D9 T% W8 q& s# B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]3 ]5 i5 B/ g5 y) x9 `
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
' k3 P! Z6 c. z; |- R - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]" \: x/ n/ {9 G
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]1 u& x; P m) B# w
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
/ C3 q |& A) j6 ~7 [( o - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]5 z$ C- ]" x( j; P; ~$ o
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
( k! A+ [- i, _9 a* f* W - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
) O- r) h; d3 L0 k; t6 S% J- O - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
: L2 d( |3 x; y9 `9 r# G - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]/ {' i, k" r% X: E b- u
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
$ m. ]4 a3 Z: x0 [- f# j2 I9 T - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
8 y) A0 P- }; j$ _6 \& ^8 p: {8 N - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]8 E, B5 H r2 r, C+ n: z0 }
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 }# C8 j, Z- ~' |5 \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], q0 z! {* y4 Z, G9 A' j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]. j1 |/ y1 r$ K+ ]" s' \; G j
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]! k, |9 }' r4 i. S4 D2 a
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]$ n* b& B6 W6 U% L# \ J
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 i- |! `3 y. O5 A( V, t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 R5 l; Y* |; \0 f6 y; ^( r: U$ q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
- p/ X& u" K% |2 G- B+ D4 _1 a( h - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) G: H4 W& ^8 A J) ^, c ]3 j4 M - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
, `6 Q1 ^# N% Y2 U- w. P5 S - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
* J3 _6 | H: \: }* B! Q - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
5 l5 f$ x8 W+ f2 a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 V% y# s8 k2 O8 I8 f4 S% N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: g) G4 u4 l% k. P6 g0 _* F
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( i$ ?- t5 u- b* D
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
% F4 k4 x% X: a' j8 U - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ Z1 f$ N5 w' k# y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- W* G$ ~2 z4 Z5 n# n( N8 }. T) [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
6 M' B/ `. m1 K# t; a - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. v; ]2 _$ \. {' L* W- K
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
) G2 u5 s! ]+ J* k4 t - ==================================
7 i# k! t% q6 ]0 l - 文件关联, u8 V9 j# C# L0 t8 I4 F0 [ ]* e
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
; u$ @$ L* P/ _ - .EXE OK. ["%1" %*] }5 x/ [5 w# E' Z8 G8 Z
- .COM OK. ["%1" %*]
. o1 S' t/ s, s3 c& ]9 F) S x+ ]: z - .PIF OK. ["%1" %*]
/ a1 D1 Q% U- |- N9 s3 B - .REG OK. [regedit.exe "%1"]
4 [1 [3 n9 {8 B* V' V - .BAT OK. ["%1" %*]
) M/ a6 |! o3 X6 `- { - .SCR OK. ["%1" /S]
3 ~4 ~% d* P& o1 r/ ]' U - .CHM OK. ["C:\WINDOWS\hh.exe" %1], l2 ^4 \1 N/ f" a2 A. D
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]) N y! [/ m8 ]& s* }! `
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
8 }) ~4 {5 I! u2 D6 g - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
# a4 p2 Q' ]& y+ S/ Y - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]5 Q4 K5 Z; M2 P/ O8 |. A
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]6 G8 i$ F. w; s6 d# |
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
$ m$ i1 Z. c8 i& G, K2 ~& J - ==================================6 W- p% l7 H4 Q; [; J2 g
- Winsock 提供者
. E7 X% ^/ O k: e/ c) z5 M - N/A
2 V! d" U5 \. ^' R& r6 y" b - ==================================- d& d$ \" R8 L* g
- Autorun.inf: b! w7 d* t" ^
- N/A
7 U; i7 {1 b" r. \- B6 Q4 l - ==================================
4 R& `. S1 } _ - HOSTS 文件3 Q) Q4 D9 {& A1 M
- N/A6 p6 I; {7 c2 g2 s$ ?
- ==================================
* c+ p5 B$ r2 C# z# o. ^ - 进程特权扫描4 V% C) A W4 @
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]2 }' t4 w! I* Z4 {2 }: B" z
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]2 y2 h$ ?% q' K# ^
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
2 P5 @- p! H J9 f; L1 Z - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
6 [: @! N; p8 i: L' L0 L0 Q& @2 f - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
, W0 T M+ X: e - ==================================1 @& P8 I7 j- ^% j1 t; E
- API HOOK s! M2 A" s9 j8 \( r7 V
- N/A+ ]3 Y# X$ |& r1 a
- ==================================% M/ Y9 n8 q* G2 ]- k
- 隐藏进程
8 k1 M4 B6 @) C1 `2 [ - N/A5 f- x: p- J* v) _0 F
- ==================================5 f/ o! c0 h! T8 K( \
1 H- t+ Z! ^( o: D* m
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
