|
|
* K8 y. @& D% ?+ M- 2008-05-22,20:37:43% s) S8 N+ _. w6 v5 }1 A, u0 N
- System Repair Engineer 2.5.16.900
" [7 Z- y3 C( v5 J0 g) @ - Smallfrogs (http://www.KZTechs.com)+ k/ D8 j% c) ]- }$ `
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
0 B _1 B5 Z5 F5 F9 [# D6 r+ | - 以下内容被选中:
% E% N2 C& m s1 j6 I; {5 { - 所有的启动项目(包括注册表、启动文件夹、服务等)
; S4 ]3 N/ j7 @0 j2 j - 浏览器加载项
" P+ D+ k; c7 H+ o - 正在运行的进程(包括进程模块信息)
) O) {8 t i7 V! {8 {0 L - 文件关联
" S9 \% \6 ]6 g1 W, u6 c - Winsock 提供者
6 r8 {. K4 D" w' {. w/ C# J - Autorun.inf
1 V6 n- _# u* U5 g/ m3 g9 L6 _ - HOSTS 文件
- R1 J7 I' D& l7 P; X" u - 进程特权扫描
( A( Q L1 X% q P5 ^! C. s" f - - r2 D. y1 Z, q n% q1 {# Z2 @
- 启动项目
9 ^ C! f" [8 y9 z0 q3 u - 注册表% r! s7 q- |/ B/ Z$ q4 M
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
8 u6 u& Z5 q. O2 U* } - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]$ W6 ~) ~1 E9 s8 B
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]4 k: r* _; d' U O9 _
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]5 E7 Q' y P+ ]2 H- Q7 }7 v
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]; C& i, M3 F0 A. _
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]% M2 ^, _8 z( O# [9 w3 Q! z/ P- D+ G
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]9 I. k* w1 ^9 G! q# f
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
8 P6 g1 V! C; S- x! z - <PHIME2002A><; > [N/A]# R. t& G0 m8 `/ C. x- {$ U+ M, ^
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]/ P* z8 t5 C `1 b
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
2 b+ T) T7 o7 m% c - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]5 t4 q! s. r1 @0 G3 t( `4 S
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
0 Q0 o) y$ h9 ^- {. Z - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
7 V3 b% N: b! L - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
' _5 H9 f+ w# Y. k - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]6 x7 r: t+ K. X1 J* i( s
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
8 v, p0 o. u7 H1 |' h d9 K - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]; }/ \; U1 }; {; x1 P1 I
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]" \" P# V9 f8 R8 @6 f5 X
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
, ]& T# ^1 E: l - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
3 C0 N1 [/ i% q) k( p' S) J% m - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
" Y. O+ n) P6 `' N3 D - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
- a3 }! E1 a* A. v/ f# h; l - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
$ Z' r. r2 ^) A. C! l+ X; a - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]" w; m5 B; f2 w( D
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
5 K# J6 T' b1 i0 H9 G4 d - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
1 O7 q9 j2 w* J4 H/ H - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]) {0 m7 r( H5 z; p3 Z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
# q/ u, J- R/ I, m - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]) M( s$ L% h: f: H5 I3 N( d. D. S& }+ J- {
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
P: Q* j# i; b& k - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]2 O% E2 g# G$ ~( \* L: ]7 L: G/ m& V- ?
- ==================================
/ ]# M: ~- A6 A7 p6 I: M - 启动文件夹/ O) [2 z; a; S- J3 r3 X
- N/A
/ ~+ k8 T$ @- Y. \& T+ G$ X - ==================================
* `9 a) v& }* c4 F - 服务& n2 N3 v! [4 x8 T
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
3 y3 b6 w5 g& { - <C:\WINDOWS\System32\3wareSrv.exe><N/A>3 C0 c$ o0 `& y, i4 C6 m! L
- [Google Updater Service / gusvc][Stopped/Manual Start]
1 H% o* Z" e3 R' E" |7 e - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
; Q& v5 q0 v( U; _: F, k - [Help and Support / helpsvc][Stopped/Disabled]8 G1 n, `" ~/ S1 B5 ~
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
+ S4 _: G, i! Y) D. g/ D( W - [Human Interface Device Access / HidServ][Stopped/Boot Start]/ U* N: w0 z8 T$ y1 w
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A> u. v* O) Y# I, ]) U3 }/ L
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
+ W8 V* j) |. U0 e - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>- g) W% `+ m! D- l( V
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]; C6 [' K7 x" }" c$ L5 y' a9 G9 V& s
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
8 t# L" [+ i% I3 d4 t9 y% j2 h/ [ - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
9 S7 m+ z) n; W* E( g: X. j& l - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
) A6 O7 v e" S0 Q/ { - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
: s5 T) U) A7 M" M - <><N/A>- T& S# B$ s8 m0 X% A, s
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
* L* I, X' q$ F: n9 Q4 w - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
4 |# J* I2 h0 E! r - ==================================$ k7 r4 f5 m: {6 _
- 驱动程序
# R. h1 x2 I9 F1 J- }& |$ { - [22j / 22jn][Stopped/Boot Start]
4 V6 b! l* o/ L) L - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>! l% ~0 H! a0 ~* Q
- [360AntiArp / 360AntiArp][Running/System Start]
- k2 \ k! |8 G - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心> \& j" a. f/ r6 J$ M: @% h2 S
- [43ec / 43ecu][Stopped/Boot Start]
# f( [+ f, E( z5 e - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>0 _; \. [0 t/ x
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]% ]" {+ T) H& R# s5 t/ o( q/ h0 U
- <system32\drivers\ac97intc.sys><Intel Corporation>2 u) B3 e9 j- R* Z/ q# B) }
- [Promise driver accelerator / bb-run][Running/Boot Start]
; S' M& o! a+ d T& h4 i - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>/ \1 I; E2 H0 u) |# Z+ d
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]/ Y. d# q6 u1 D! ]9 D- A
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>& q2 J. [6 l; M# o5 O6 f1 B
- [KAVBase / KAVBase][Running/Auto Start]0 U* I, a7 \- s8 M
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>4 |4 Q! s$ @9 B- [9 ]
- [KAVBootC / KAVBootC][Running/Boot Start]7 I7 _) n( ~5 T6 a3 D6 ^
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
+ M0 o$ r7 a+ w$ W7 v- w: U - [KAVSafe / KAVSafe][Running/Auto Start]
# P g, Z) M% u4 r9 r# z( m - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
! J. T6 X* {* Q# o - [KNetWch / KNetWch][Running/System Start]
- ]; h7 [* R9 q - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
" s5 L) _; F7 m: A/ R- @8 R - [KWatch3 / KWatch3][Running/Auto Start]% x0 ]' q* x* I2 h' Y( D3 q, h
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
' J$ a9 x& v N2 k1 T9 p% ]7 A+ p - [ntptdb / ntptdb][Stopped/Auto Start]# I$ G& B/ R+ O W6 c
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
6 V% `/ Z; F+ H - [nv / nv][Running/Manual Start]
2 `3 [& J+ ~, X3 g; l8 ?% ]8 J& s - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
; h+ }9 j& k6 r1 O* ]! K8 m b; W. `3 X - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]; X. X: @3 V0 d f
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>9 a6 F% O' q3 K
- [DDK PACKET Protocol / Packet][Running/Manual Start]
5 r; F0 @) m9 o, ? - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
; K q3 m7 d. M. j - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]' s6 P% e% `5 ^
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>: L3 ~0 }* E" O6 Z7 O5 \ n2 a
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]% x% {! z" K3 Y6 H) A$ S
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
* U& Y( z. g4 ^( H8 ]; v - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
' f( d4 q+ q+ \ - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
+ p. ]. C# @% S - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
1 v, V3 n) b) |/ K* d- I - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>9 @; t! R* d+ Y7 k) l4 Q; F& p* C: N! E
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
2 g( K* M/ E" w9 B* j2 S/ M% f - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>* Q0 b; O. b/ Z! l8 i
- [Secdrv / Secdrv][Stopped/Manual Start]" q% x, ]7 e1 `- J) J" Q; V
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>4 n" m! t4 N+ z* z5 }' q K' X
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
( ?' A1 U- ]; F3 I6 y2 S3 L - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
( U" A8 U0 K9 L1 S' o - [System Restore Filter Driver / sr][Stopped/Disabled]& r9 _' \; x& I' d+ F5 ^( U
- <system32\DRIVERS\sr.sys><N/A>
+ H( T0 w. g% y" ]/ U& r - [TesSafe / TesSafe][Stopped/Manual Start]5 |2 p3 s# d. n2 B
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
' X8 o/ O; i, I - [System Services / unzxzsrs][Stopped/Boot Start]0 E2 v" Q% X I4 G
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>7 J* [4 K9 Z* n" v' p% w
- [ViBus / ViBus][Stopped/Boot Start]2 y7 V$ K+ t) c8 C4 S" ~, m
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
+ P$ Q. l8 T* _) d z' L - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
# C/ x8 F- X; h3 H2 v2 c - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>- |- t' Z4 {9 s4 O+ y
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]% u; F6 m& Y1 i5 M+ z9 ~' w
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>3 f, y' _5 A3 e% r/ L
- [ATI Extend / zhibmaso][Stopped/Boot Start]/ O4 F9 S# d6 U. N% v6 ?
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
! S2 L; x9 R. {& K7 Q, c+ Z - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
, r' P& ?: D5 L) V0 ^ - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>- d4 f) {4 a r8 o6 ?* j4 F
- ==================================* t1 `3 a: z! T: ^
- 浏览器加载项+ y' r& t6 ]) ^5 \7 {
- [Google Toolbar Helper]
2 @5 l" M3 q6 @; b7 p - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>6 A" H- ]: { E
- [Google Toolbar Notifier BHO]( V b2 d. m& a* E5 |& G, r
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>: t. a9 `) z- `
- [SafeMon Class]
' U. ^7 S) B2 K& o2 h - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>& {: V" n- O7 d9 {1 E' q
- [kingsoft browser shield]. y7 A4 Q' y1 Q
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
/ ^8 u& @3 v- e& d. M, {" r - [IEBuddyExtControl Class]' T8 _4 B% a g. k* w
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>* W7 d9 R, `) [8 `
- [Zcom 杂志]
2 v3 X5 C9 j% V: O# [5 W8 I% i - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>2 O K! b9 `) Y& }1 B% @- u0 Y
- [&Google]
! p$ J5 h2 {+ ^! F7 D - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
" R( T" }! ]+ k+ D - [KooPlayer Control]
; \: X9 J- Z2 D - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
! q/ q+ f8 R# y - [Shockwave Flash Object]
( W- R# L+ U! u& T" @- J - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
X% v' p: k1 U8 N6 b7 v0 U - [KUpdateObj2 Class]- {3 n# d% W7 z z% ~
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
" o. j/ s8 b7 h- ? - [Google Script Object]# L/ Y% D. p3 K. i3 v9 C; V5 P
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
7 X% ?- P( C2 u- i5 w0 \( | - [EWA Control]3 n8 d, s! r' s& @- R
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>. ?9 U: B7 i5 S- b) p1 O& e9 s: |3 L
- [Windows Media Player]+ O8 z4 y: t% G1 @$ B8 l. H5 h9 I
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
4 O- Y. L5 |) h5 e3 z5 I - [&Google]
* `: P: `5 U6 D - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
) e5 l" q0 |4 O* z6 ? - [HTML Document]
/ l* I- P7 w; H+ U7 ] - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
# a* @& \ z8 V' v, ?' r - [DHTML Edit Control Safe for Scripting for IE5]9 n1 m9 ], W8 J0 J
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
- l3 a, t: a! s7 ]) N& W& T6 b- Q - [RealPlayer RAM Download Handler]
% o1 x9 j# p) K8 D0 `4 j( { - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>3 H! v# A% Z$ k2 E/ [) }" ^2 H/ v
- [IEBuddyExtControl Class]
; M( \( v6 B8 t, K3 m5 l. y! t - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
! y1 R! C! g; K$ W9 S8 t/ N5 s - [XML Document]
3 x7 ~9 m% s- D8 h - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>( y2 E& t" _, N" h
- [HHCtrl Object]
1 ]/ F- d3 w/ p# ?$ Y - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>3 v2 v4 F6 }% @% S, L2 ]0 r$ D( G
- [Windows Media Player]1 c* t2 Q3 P5 z1 Y+ V$ } b2 C) r
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>6 N7 z! c" C$ P/ z( C
- [Active Desktop Mover]6 X7 {0 r% v* J: d0 t
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>& O ]0 N, `$ ]- U
- [360SafeLive]
. D: [ F9 D) [5 h" S+ |# K - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
4 r6 ?8 _$ p6 O: U - [Microsoft Web 浏览器]* ^! b2 O e: |7 B; e! i# l, b' V9 B7 W
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>+ v6 Z. z) t( ~
- [Browser Enhanced Objects]7 S8 q, h) N$ B- \+ X
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
; `" k7 _1 w8 S& v, g+ h4 V! Q" P) o - [Google Toolbar Helper]4 U; u6 C) U: I! U
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 u* v! z8 J& Q! |
- [Microsoft Scriptlet Component]# _- R: t {+ f! T- F
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
% [5 X0 q% E) ?3 d$ p* G - [Google Toolbar Notifier BHO]0 N8 R4 r6 j- W# W8 M
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>2 U* ~& S" l: ^9 R0 h
- [SearchAssistantOC]
; a( t+ \' q0 T% L* | - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>, R0 E' ?( d0 B" D
- [SafeMon Class]
2 b( f- c5 z4 k) S! M K" Y - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
6 \4 P \0 f4 X! V" i0 ^+ ~; B& K8 t - [RDS.DataSpace]. X$ b5 I0 Z' h1 w# @0 }+ k
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>/ g+ ?5 [ `0 F6 _) r+ P
- [KooPlayer Control]. X& S$ `% j8 m9 R) P |
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
2 E% t2 `9 v, N f# N0 d" w2 T2 k - [AUDIO__MID Moniker Class]
; }! n; t, N, Z1 a' S/ Z" C0 k/ t* i - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
! f- L2 x* o- H0 m - [AUDIO__MP3 Moniker Class]
6 h& |, v8 d4 s' s c# s; G! O - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>) b( Y% D, X. r: T& a& T) O
- [AUDIO__X_MS_WMA Moniker Class]
. O M6 b2 C' \ - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>* w1 o1 U" H' ~) x2 b) [
- [VIDEO__X_MS_WMV Moniker Class]
, P1 O6 l9 P8 a - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
0 n8 T6 g3 T0 k& L& i: ` - [RealPlayer G2 Control]: L( [$ H7 j. E/ o m
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
( ]5 Y, ?% v6 V) I4 e2 b! u - [Shockwave Flash Object]5 B* Q0 `' E# A0 Q! q
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>" H( n0 i/ m6 d
- [KUpdateObj2 Class]
$ I5 c, M/ _' F" ^6 x - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>- F @. v3 Q/ O1 h; ?
- [kingsoft browser shield]/ u, G+ P( {% ?; o; x) {2 U
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
/ o* A5 m6 i) I# }" D. \ - [PasswordEditCtrl Class]" Y. A. w/ i: D! c
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
) Q x8 }$ [8 |; @6 E - [QvodCtrl Class]
9 Q# P$ M# t1 V7 o7 D6 X - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
% Q: F. T, b7 j- r, A - [&使用超级旋风下载]
x9 K0 `3 @- J - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
$ k* J/ K+ }# t/ S8 v' } - [&使用超级旋风下载全部链接]
# ~9 F& r# ]9 i) i - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>/ f3 e5 c$ {* ?5 U, t, J
- [使用迅雷下载]& c$ G0 i9 R- R9 o; x [
- <, N/A>
7 J: \, R$ U8 L" a w" Z+ V' H - [使用迅雷下载全部链接]
* a1 u2 _2 o1 W( o8 |6 g0 [ - <, N/A>
) X1 H; {- G" {. O Q1 Y' p - [导出到 Microsoft Office Excel(&X)]
( d5 i% W: Q" a9 W - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>* T' h$ z& M' q/ ?
- [添加到QQ表情]( h7 A2 h7 {, B2 c5 p
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>' [! b) w, T3 j* V2 l4 \7 {! S" H
- ==================================& G# v2 ?, W/ l* Z; g- b
- 正在运行的进程
. {' W6 J, M- ] - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 p' T, U) j! N9 t7 G3 P - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# D0 j4 f1 d! ?( _. i# \
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 u: Q! I7 ~: I6 b2 c - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]" k1 k7 \ p7 _9 x+ G0 g1 M/ o% {8 h
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] T4 G# F7 V) y. V
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 C0 B) b3 d/ w" R" i3 X - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 r/ U& I) r: R4 m! J/ _
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! D/ G- W( S% M$ l& ?7 m% o1 t6 F
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% j7 E$ b- k/ }/ U; n' r; Q5 l8 t - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" T* {1 p4 v0 n2 A - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 Y( \$ G* ~7 `5 O4 v - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]: Z4 `1 P8 m# d# x) H+ l& Z% h" i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ w0 \$ Z f$ P" \* i! t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! |, W, J3 V7 n% Q% @3 b6 i
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]* t0 c9 g8 G3 q0 e! Y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. i" U, q) X' ~! v" T/ Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]# T' ~2 C5 X" M3 Z$ Q8 \* B
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
/ Q8 H4 T7 W$ V! w6 Y- O - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
; J' S0 y; Q: |9 e4 d9 h% E+ H9 H - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]- S! M2 K% o# X
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
: b8 q7 E) c% N, W - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
; j6 \' M4 g, Q7 S8 V7 @ - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]! w8 N$ i3 z0 S
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
- S- E/ t7 K7 B - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
& y6 ~( D6 E% c - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]) x5 o" S* `8 c* R0 G/ U( g' N, }- H
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]$ s8 u1 W+ f# ~8 z0 c
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 X3 A ]+ }( ^ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: c8 Z. L+ Q5 @+ v- ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( z& N) m" ^5 z" ~# | - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 u# u$ X* F/ U/ |# E; q( s, k
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 L& n1 l, ]& n: E2 }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( j5 m' y7 r- D* V: }6 M& v1 Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* y; P6 z: X5 v" t' z' X - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- z# h2 A" c, x |* V5 b2 Y
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
d, m5 d. I( G9 K. G5 B - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
5 H' W' ~ D0 P( c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
' M5 K* w' X: Z9 o( c" i( x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 Q0 r, \5 D- P' ~
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
. M- e \0 s. F5 H2 d' M, @ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]4 r, t6 Z9 }: Z
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]' X P9 S* Y1 m* f E: H
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
7 {/ e! E6 O/ r8 d* `+ Z - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- t/ m" {7 A& A* {
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53] O$ A7 ~, E' Q
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( u% a1 q* A- I9 q3 `
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 K" ~8 f" h U8 {$ X - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
% D' `4 L. j3 D3 i( U - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
: G+ i" e8 W% Y$ h2 \+ M - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 \: ^' ^" Y- D- Q8 \* D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) Y: O5 _. ~" C4 B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 S: u/ m) J. E1 U8 `& m
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
1 Q7 e) o# k a6 C7 s - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
4 u% P! F/ a+ v - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]: K( T3 j. }. m' R2 [ c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]: w7 v2 |; \; f& R7 ?2 f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
# O0 [7 h+ B6 l0 Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]! r, P: w- r. u6 F, ]/ o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]! B% p, P7 l5 ?. p! |
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
, x3 T& X# y) h" G" P3 q C - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
3 W% D$ D; i; h - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]7 c! f2 U% |7 v" G
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
9 h& Q0 \2 l5 q! i3 Z - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]: _ }. C! v. P8 ^+ \# \. ^
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]/ X0 E, v, n4 T! v
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]2 b7 k6 Y$ u3 P& D/ A
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]1 V3 |' w, o+ Q: n7 F' K& T
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]) a8 Z( a# P3 x+ b
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]! M8 _, F( a' L2 ?
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" y3 x- @; m4 L - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
# O# t8 y$ b' Y2 h - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. B9 ?& l0 @) [' g& ?8 n- T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
U/ H, |7 ^1 V# ]" ?; w G( m6 R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% c; Z; W, H5 }9 k2 X - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
! l6 S \ y" B0 H) p - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
" j) k- Z$ H/ D' T - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
0 e4 x* v% j. u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 b( D% ?. G9 T* r$ B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 u* T4 r$ W, ^8 A
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
1 @$ ?: ` l* x6 C9 F% e. X2 A - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
0 C# _5 ^ x! q2 D# z - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]) P' G/ W8 z# o, n2 z
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]( d+ c* G) P+ U6 Q! Z6 f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 V7 n( }* ^! d. q4 W& y; s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]7 E! m8 P; |/ R, ?
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]% d, G" ]$ R, D0 T# J4 i
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]$ E" V9 g, C0 w8 O
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]: E* t7 y8 B7 @# m! c% K
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ `* x5 W2 R& D8 W
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 Z' {* H) _& b7 z( N7 l( e - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 ^8 w) A% S# K( {1 i& O( x
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]! Z3 c$ S2 h8 \; r# C. @
- ==================================4 m5 h; }4 O. i
- 文件关联
' ^0 `+ Z& m4 W; C9 a7 c; s; z - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]& ~/ n7 T% t4 g# |6 c4 N( L$ [
- .EXE OK. ["%1" %*]) S2 [3 `* |% ?8 ~) a
- .COM OK. ["%1" %*]
" D0 f+ Q! T7 Q5 P% f4 f6 w - .PIF OK. ["%1" %*]
W' M- o/ l" C - .REG OK. [regedit.exe "%1"]
3 x* W7 R' r: V% X - .BAT OK. ["%1" %*] {2 `: H( I+ c3 w7 h2 S+ f
- .SCR OK. ["%1" /S]
# u6 v5 |) c7 l- d7 @ - .CHM OK. ["C:\WINDOWS\hh.exe" %1]' e: y N' D) g2 g/ x
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]5 m" r( |' Y7 c; `! s
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
S3 H* {: _9 E - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]. n4 A! g" c7 ~ `' Z
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]2 _# |& W) B: c7 X; N [( Z3 S
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
; t" q7 d1 r4 d9 a - .LNK OK. [{00021401-0000-0000-C000-000000000046}]# N5 f/ o# I2 \' k7 X
- ==================================
, V% P; U$ w4 b! W* \ - Winsock 提供者2 N g3 g: ]: L: j% b
- N/A, _- Q$ o6 g7 o- V) P/ K
- ==================================
- q0 O9 D( O- a0 y7 Y& |2 q - Autorun.inf
/ o' r- G$ c5 r3 A5 p - N/A
' h3 J {. R( h: j - ==================================+ a# _ s* a$ z. e6 y
- HOSTS 文件 x4 k# K; d, w2 ?7 V8 l; u
- N/A2 I( d2 ]9 Y) T6 G) x+ N- ]! m
- ==================================3 \0 r$ Q |4 i7 o E1 ]# y
- 进程特权扫描
* {) a8 l2 [% `2 R' z& B- E - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
[6 m' J& r4 G - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]6 o# e. }; b$ W6 B) u( w
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]0 n2 p" l6 d$ ]3 ]+ e$ S* \# `: ?
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]8 D% X, @8 d4 `' f* Q7 {
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]9 }' z: _0 ]& A1 ?7 ~6 J
- ==================================
$ c2 ~5 \. i( o1 s - API HOOK7 X9 o; Y" v2 i+ J. [/ V
- N/A9 i M3 m$ a1 b& h, Q
- ==================================% ^! E: b7 P3 @% ^
- 隐藏进程. f' v' e2 r3 J
- N/A
# |1 D0 r* r/ M, W- X: Q0 e- H - ==================================7 ?! U3 P9 [4 N
7 o4 _. h7 I0 E) l0 F( L
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
