|
|
" Y, {. J6 x Z6 q' L- 2008-05-22,20:37:43
4 k) ?" |9 Y8 ? - System Repair Engineer 2.5.16.900
& h( ]2 ]0 [7 H q - Smallfrogs (http://www.KZTechs.com)
: X* Y, B" z5 a! P. [7 i9 ` - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
6 C! }" |" w( W2 T! H7 \2 ^ - 以下内容被选中:
, m( k* o5 n% O3 q' ^ - 所有的启动项目(包括注册表、启动文件夹、服务等)
, j! J ?3 I3 M g - 浏览器加载项. G1 G; x4 e m7 x0 `) a
- 正在运行的进程(包括进程模块信息)6 f- _8 @, l# K# b8 M2 O
- 文件关联
& Q, M7 I1 |4 x6 s6 G# b- T- }, S R - Winsock 提供者+ I6 A# w* q$ |( E) Q
- Autorun.inf
, M; w S+ d9 {# q) w - HOSTS 文件
! [2 ~1 r3 T; o, n - 进程特权扫描
& w R2 O% T# W - $ d& G) N, q1 q3 Q+ G
- 启动项目
! v' q$ s" y6 Q( w& f - 注册表) U }. `. N: m5 h: b
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
/ o& i8 W5 h! B" r - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
b! m" N1 F* h9 m' N7 F - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]2 Y) _ ~8 G+ a5 n1 j
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]2 ^* J& S4 H2 E- T
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
! Z2 _! W1 q y' f5 p1 m - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]. q8 G6 f8 Q* q% d' ^2 e$ C" J- O
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]$ O- T$ X: N8 n
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
3 Z% P% x0 b5 U6 d9 W5 p - <PHIME2002A><; > [N/A]
) d% ~; Y1 E c# l' A( i - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]/ D+ `& f; [. V- D
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
, f" {1 D& G5 C" I: v4 c3 y - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]8 Z+ y9 I5 U( }" J/ E
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
* f& c6 Q: u$ h& @( A* V: D( b7 t' e - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]4 g/ e+ x! x( b0 O+ k
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
, m1 `5 ^! t1 N - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
# H- y) k9 N4 g! b# H! N( d - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
' u/ N7 ?" |% f. ]$ ^! X3 t - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]4 M* U6 k) L) l; ]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]6 Y$ t0 X' S8 [6 T
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
' Q: k- M. {' _: P+ a2 q9 ~" F, T - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
# z! @- P0 ~( t' ?. B - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]" `$ F6 u$ C% z3 U
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]' s# g+ J0 ]7 D( t$ k( v, u, e
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]$ C# _1 R, q# J7 Y0 L
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]1 l$ z6 z$ w& G/ e! T9 V
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
M2 z! z5 z* [ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]7 ~+ k4 G* L% A" C2 {
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]! v& I) Y% o& d6 _; i
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]$ u' a- o. a4 H; b! _& X a2 d
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
! b) X$ {1 K! t- Z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]5 N9 g) c! c* v' S$ @9 [ o' b
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
# d' }. o! _( d# v* [- _% g# k - ==================================3 c* {7 ~' W- c; | X$ Q$ {
- 启动文件夹 i/ j$ ~. \ @2 D' a, w4 K6 q
- N/A
0 u* l- B, C2 G2 W - ==================================
& n4 o# L6 o8 C8 V) v9 s3 }4 ? - 服务$ X- j1 n4 M! j$ O' t( T0 O1 c& \
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]6 E; l- N5 r r/ w
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
6 m, R" S* L1 H7 q5 ^ - [Google Updater Service / gusvc][Stopped/Manual Start]- I: c4 e4 M2 Z5 I m+ A4 c
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>. h6 o5 k6 |2 j" r' ^
- [Help and Support / helpsvc][Stopped/Disabled]
+ l3 G8 h3 e1 u+ r7 H; T - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>: T3 o6 V' d, T& Q8 K, d; u3 S5 P
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
. D( `& N& K: Q3 v& [ - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
7 \+ _- ~9 w# { F& _4 x, R$ ` - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
- e# g/ H1 J1 s- W7 U7 s2 H - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>% a1 n8 m; d0 C6 T8 Z3 O( t. ~' B ~+ g
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]( U/ p6 U/ D( j- q0 m
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>$ t* n* F$ e& Q) ?
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
" q6 `1 }: v; K - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
8 r& @; d# y# d: x4 o( F7 [ - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]2 p/ ^! M8 e9 L0 P! \
- <><N/A>+ M% V' D- N' \
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
: d4 l+ r7 s4 D; e5 e9 t" d - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>3 f" r4 Q4 b) q
- ==================================
3 X' q* L% g8 d% h2 t( g! w - 驱动程序/ Y) n7 l9 K* H! X. R# I8 Y
- [22j / 22jn][Stopped/Boot Start]
5 Q, X4 X0 i% _) g/ @ - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
# g. r8 U1 \- W- f) \6 N4 x, D9 f. n - [360AntiArp / 360AntiArp][Running/System Start]3 E. }0 t6 V/ c/ r1 ~9 B
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
: T% r# a, h- x6 }; B - [43ec / 43ecu][Stopped/Boot Start]# ?* w6 A' w5 `2 v4 |
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>% q+ P* ]. W' v8 e0 B; J. ?
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]% N' C! N, H0 v4 ?; w$ ~
- <system32\drivers\ac97intc.sys><Intel Corporation>2 R. h" E/ v( i( I, n" \# u
- [Promise driver accelerator / bb-run][Running/Boot Start]: N* V& c) P' ]
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
) a& p! F& n5 ^8 f1 S* n7 Q - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
4 h7 R( h$ V2 b+ n8 b - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
1 o9 ^1 m0 @+ Z; b" N* h - [KAVBase / KAVBase][Running/Auto Start]
* q. f! `6 n" z% q1 v' M/ o - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
2 h: F0 W1 l& |! R" [0 y0 c - [KAVBootC / KAVBootC][Running/Boot Start]
6 A. {/ _7 \; z2 @% p9 \ - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
' ~& G0 ~. ^; k" ?6 W3 S! ~ - [KAVSafe / KAVSafe][Running/Auto Start]) q# f6 B& O& \; j1 X3 @
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
( e1 R) M/ z: Z7 O - [KNetWch / KNetWch][Running/System Start]8 G% h, E- J) q0 n& C
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
/ V4 a% A8 z0 j7 B0 b5 y4 t - [KWatch3 / KWatch3][Running/Auto Start]
8 f6 W0 J& q0 l) q* |# Y- t* t - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
* g# X6 P6 g J0 B, d - [ntptdb / ntptdb][Stopped/Auto Start]1 i* B! E2 x4 s+ H) n7 P/ M; _
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>* z2 T9 Z' A$ Q7 p
- [nv / nv][Running/Manual Start]# \& ?9 O! W& J
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>4 Z3 t5 S8 U4 U3 m* O
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]9 K) b. W+ Q4 x! c5 |9 T
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>: ]; J" l. ~* ^% j3 O* y
- [DDK PACKET Protocol / Packet][Running/Manual Start]9 C2 V; |% j0 K) M4 O
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
, ~8 v) }# D/ X6 j# v0 x; c" z& n - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]. l: Y/ Q; ~. ? f4 g2 ^" c# r
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>. S; h, H5 R; v0 g
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
& z. h( j0 Q ?* ?; v; p - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>" b+ Y5 b: p0 Z# ^. o: B
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]) n ?6 \& D2 Z8 B
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
7 l8 A# ~9 l1 k1 p; `0 j - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]2 _- x0 P5 e' `3 ?: I0 f4 U
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>! e) m4 D: p O v3 ~) P1 \. ]4 v
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
, h% R6 B1 M! n6 l - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
& m% Y4 ]( y+ p" _- D - [Secdrv / Secdrv][Stopped/Manual Start]
) S6 K& Y# L5 L& d; ]5 X% O- | - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
2 Q0 X* p3 l G5 ` r0 g: T7 a" B - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
4 F {, `" J) d. V G+ R - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
" M/ ?! t' F7 U/ ?! [& {6 U& | - [System Restore Filter Driver / sr][Stopped/Disabled]" b) q: d4 M1 @
- <system32\DRIVERS\sr.sys><N/A>
3 J) ^# [& @/ c: a" I# ~ - [TesSafe / TesSafe][Stopped/Manual Start]/ k, W) O7 o& E/ C4 ^1 W' d- @
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>* p0 A9 V& E5 l( \6 r1 c5 p
- [System Services / unzxzsrs][Stopped/Boot Start], m& F, \$ y* |: q
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
2 b! S* t% v$ j O* Z* C- u - [ViBus / ViBus][Stopped/Boot Start]
' a" N" ?; m0 y; Q/ E; C' | - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>( \/ V( H' N. e" Z5 l6 F
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]% A: }% v) e! _; \
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
: q+ ~: W: W; s - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]4 b8 ~9 W* [8 ?( E1 g( v0 N% |
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
6 N$ k$ `& s% d+ T6 U - [ATI Extend / zhibmaso][Stopped/Boot Start]
9 Z: \5 P8 R# n2 y( U# F3 O' j. k) D& C - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
: ~2 d7 b! A u- i! O R - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]) m# Q% _6 }0 c) Y
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
5 j& f8 i) T2 g - ==================================2 p( X( F; M( t1 j& F
- 浏览器加载项
% b1 n7 T9 Z1 Q: h3 {6 N - [Google Toolbar Helper]
! C$ ^9 o4 f: T! _ - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>8 v8 B& w/ n+ t) w4 X) u: E! Y
- [Google Toolbar Notifier BHO]0 {6 \' r% V! X: S" g
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>9 a P6 A! @: `) N
- [SafeMon Class]
) j; |) f8 {2 @ - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>, ]7 Y. Y/ H6 I6 G; _- _
- [kingsoft browser shield]
0 \+ r6 {! g0 T- [0 ~% b! ] - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
) _8 ]9 m4 x6 L/ w8 _/ R - [IEBuddyExtControl Class]
* N7 N1 q9 n* X - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>: O( n" i5 ^' p8 ^6 q9 `3 R
- [Zcom 杂志]
) q5 M4 U$ I6 p& ~ - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>/ T$ Z# W5 U l
- [&Google]
/ a1 C1 N/ V% {: r; J+ U: ^ - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
: B3 E9 E: e; _ - [KooPlayer Control]$ l, y9 F5 Y$ L' o/ }# c
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>6 ]: v% G0 m, A* M+ n
- [Shockwave Flash Object]
, I8 d1 X( H1 O7 I+ w9 a7 q1 Z - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
: J' J4 Z8 y, M, P9 u3 } - [KUpdateObj2 Class]2 m9 ]" i6 Z; G
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
# P+ Z; ]; L( |# x - [Google Script Object]) `; [/ M' j/ b6 b. M. Y' u7 P
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
7 l2 x) v* D {3 }/ r - [EWA Control]/ ^4 b9 }/ ]; _- s2 ?( T
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>- \* {: N& L4 z3 J& n% T' a7 }. D
- [Windows Media Player]
- G9 \0 @1 o; E0 N; B1 G - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>7 L2 D. q! r8 X5 j7 L' ^
- [&Google]
2 p9 ^$ N2 F, | - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>" \- E8 z7 j/ n% h
- [HTML Document]
$ V9 A( X2 X ]( ` - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>& ~+ C F% A) o# \8 V' G) ^8 g; v
- [DHTML Edit Control Safe for Scripting for IE5]. P0 z; l0 ~4 a% \
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
; @8 @ {5 q: {( } - [RealPlayer RAM Download Handler]
+ v. T1 P# W9 V; P& R! L - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
$ k% I* d; E* W6 v7 a- k- a/ J& e - [IEBuddyExtControl Class]! O0 q. B+ \: y, Q8 C
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
1 b6 A; P! s2 n/ e2 F# F( p! r - [XML Document], t: w8 F y7 Z U' u
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
* J% n9 S% v9 m3 S - [HHCtrl Object]
1 ^6 w$ H) W0 @ - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>9 R1 k( p* @# J1 H
- [Windows Media Player]* T0 h% a! I) R" c! ?; A
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
) X! ~( M1 v7 s0 l" a) I7 F - [Active Desktop Mover]
+ {' r: P) ]% _- h - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
4 |9 a% Q' Z, J* P - [360SafeLive]
. K8 a8 @) ?% M$ d - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
7 \$ t) F4 q3 S& v! Y1 T - [Microsoft Web 浏览器]
. J' i# }* k) }" q0 I. C- r% g- {5 o$ M l - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>1 R& I7 P& o6 p3 y& S3 r
- [Browser Enhanced Objects]
5 {) }; k* C& W; \# l; a9 U - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
+ V' ]5 ~; {( d$ A - [Google Toolbar Helper]
1 W _+ }2 U/ U+ d) c - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>! y+ @; r5 H0 t0 x4 i8 p5 S0 p( }6 w
- [Microsoft Scriptlet Component]% M" y2 S' n, s8 g9 @
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
+ N0 \$ Z! W$ I% k0 E+ a - [Google Toolbar Notifier BHO]1 Y+ n/ p: @+ ?
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
& N# v7 \. c: I0 F& m' @/ k - [SearchAssistantOC]
3 @) U% W# Q) z& ]' s" q - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>! @; s. k" o8 N# I
- [SafeMon Class]0 L- e8 F& @% q& ? _: c" t
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
& O3 h, D! m, u - [RDS.DataSpace]
3 V+ y% ]' [* c& S) I3 L - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>5 K3 s$ y/ B7 a
- [KooPlayer Control]
1 V* s2 I! _: t, P8 X* R5 w - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
( m5 z. ~( s5 w - [AUDIO__MID Moniker Class]
' M4 z8 F1 L- X3 j; d I - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>9 @; C2 X7 U' G* m$ E' y8 T) o* x
- [AUDIO__MP3 Moniker Class]
# I9 _9 Y w: k* R - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>' d# r2 A* n0 m) N+ F: T
- [AUDIO__X_MS_WMA Moniker Class]
# S" Q# [; ^1 O, c h$ k - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
0 Q4 v; o+ j& q) S( A - [VIDEO__X_MS_WMV Moniker Class]$ a+ K5 H: y! F' t0 o3 j
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
2 q5 ]- K5 [0 G+ ~. x6 j- n! v - [RealPlayer G2 Control]
( {# [ V, u; C# P6 N( A( H - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
+ y' o% n- T% q, d8 l - [Shockwave Flash Object]6 G. ]5 w0 K( D9 s& b
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
* G: t# n% t {. r% L - [KUpdateObj2 Class]7 l7 H- u$ E/ J
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>! ]4 z- ?5 M1 t: L( N Y9 h
- [kingsoft browser shield]
6 J; {) }4 O. Y& H2 G. M% Q - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>4 I% H9 Y1 t5 ]
- [PasswordEditCtrl Class]3 U" A1 S7 v; ]. N$ F7 ]9 [" j
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
! v7 g& V' h0 v+ a/ l1 F - [QvodCtrl Class]
" Y; E& J+ c. S0 c( ~ - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
u# U: T4 g% B0 F2 H1 h& r - [&使用超级旋风下载]$ Y/ y% U- t, r9 f. f4 g8 F
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
9 ]+ n- k! k# q+ s, l - [&使用超级旋风下载全部链接]
L$ M) K$ l& b9 q; K/ C - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
0 ]6 e6 \) G, Z7 \, [$ @ - [使用迅雷下载]! w, ?; b4 R" j5 I4 y6 k) I
- <, N/A>
+ x. Z/ ?" n4 j# [: S1 {% s - [使用迅雷下载全部链接]/ z* g' f" B( Z4 {! N( f
- <, N/A>% R2 c* k! a0 Q* H, F9 q
- [导出到 Microsoft Office Excel(&X)]. j6 r* `4 c$ P. P
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
5 H6 T. h; [/ s1 z) c9 G" {( ^ - [添加到QQ表情]/ m& G0 D1 M0 ]% z9 U, @& R1 a
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
3 d& W( i% |! C& N# {& } - ==================================# `( h! t! z/ o5 u3 g Q0 \
- 正在运行的进程
# u/ t9 X$ ~' o, |% {+ H+ Z - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! ^& U. k# m9 e8 c, Q. i
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 i% E# `7 X1 d3 R |% {7 ] - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 V3 b' S4 r* K - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
- @% S4 u$ `% |+ l2 V5 z - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) d& A% g, O7 ~, D* i# D8 w - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' b; Y# w. d0 [
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; q# }4 x" B- O+ _, p, q
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; V7 G' V: j: _ M - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; T) Z& N* C1 q* [* ]. n
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 ~+ H. u+ J$ G5 ]0 }( X: T7 n - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* d. E! ]/ |' `% L3 Q! e' E7 I - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
7 ]" a. b% N3 i+ d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# x# v9 N% o( l a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
7 C v9 w- h+ m. F) t& { - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
3 c7 ~- s6 j, n. X: \3 I0 F - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* q0 h; b8 |4 L7 i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
% G/ Z, X6 S& b) W6 ^ - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]0 O- d) ~* v7 o- f6 F3 F
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
: {7 y( x" i0 c - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]" L/ S' v+ D+ }. \, B
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
6 _. f" Y) e `* U: G1 U1 w5 ^' z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 y% y7 ` [: H- U - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
2 o( f. J- ^ O' X8 `' _. H- C - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
5 i) q7 R: Z' v4 P# ] - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
$ \6 ~6 k" u% i0 w - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
& o) h+ _! h D$ } - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
( m: e" L9 N9 M# x6 d7 w; A/ B - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
- F; |) n" O4 ?9 l" c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 j1 [, X& R7 e; E7 m @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% \( I5 W! W' T5 |& v - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. a T. s0 I5 J9 w" ]# I
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ s( g' G s4 P# K; a% V6 ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
s! x( } K; D7 U - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 _" t3 T) w0 o: q* U' c - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
: L% e; B [7 ~; V" t- D - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]* t# p4 e/ ~+ V
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]/ n2 ?6 i5 G/ q6 Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]7 I9 B' K+ i$ D6 v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]& p: e6 h" o m2 _) e) `4 n& J
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
}5 j: r; W4 u- K- y: x - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]5 Y3 \. S1 n) e2 L0 e3 }5 P
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 e8 Q7 z% V& Q; U
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]7 s3 E5 B$ ~& I
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ C) I- a+ G E - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]3 n9 U/ R, R8 \- [6 r- L
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) F* Z) t9 n7 z4 k. K# ` - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" y: O1 w! s8 v5 w& w- _
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]8 R1 _4 J6 W) \" D
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]* B+ O- t: y+ E7 o# [& C& H& l: \
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]& H( S( m$ C! q. `' y$ b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]% X2 U: e* Y$ L0 P8 a6 ?! D' m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]- i) {4 C) i& \) L) L7 u' u9 b
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
" X, G0 e+ p) v; D6 k - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
5 b7 N3 N9 E7 u+ k - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
2 ~! Z; }/ r+ ]& D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
) ]( f: P( _( s: v7 m& q- k - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]0 R4 V( B. L. K, ^ E# K$ {5 j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]: U( ~3 R4 N ? f# o [+ e5 f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
5 x* n, ?1 z! o, o - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]! n; M# C1 M$ l& w- R. R& ?, i
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]$ X4 L Y* V' R6 A$ Y, Y4 B. v
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]% _& l2 L8 N! o1 w' L& [
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]2 Q" X- l, ^$ M* t1 E
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]$ R; [# p+ A, m. L4 D- H* H
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
5 y1 `; w0 d$ x0 U t9 ^1 q$ x - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]- h3 i+ g! \: j/ D" g
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]5 K$ y7 d* E+ [8 \, p! Z
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
; x0 r9 B& R& }2 X% l1 c% x9 H - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]* P' d2 [; U6 e: \5 J& k
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 j$ F$ ~: o) A2 N* M+ Q) X
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]! Q, z7 y- d, w2 j8 t# j5 h
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ h# ~5 }3 X+ r7 p6 s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ R. d/ ^! g% w! S" J; v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]. j- Z2 o E; M. M6 {
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ k1 U# _4 ` _
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
1 n1 B( ] a; O8 m5 d/ l. m - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]$ Y1 E5 }. \1 D% H E" g l
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) X- f8 L; x7 h7 t; O2 } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]8 e( G2 `- f6 h- T o
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]6 l/ c% E- }. Q W9 x; D! C& w
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
) z1 H2 \- g# g - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]. E+ V2 \4 g' w6 D9 e0 ~
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]: Z9 `# R' g. G. e1 o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 X* j0 I. z& O& y& E% P& e - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 |- W J" B. G; u* Q$ d; F f q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
/ j- j- ~7 x6 e2 \( O - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
3 e0 s G/ q4 D) j; X/ R% X - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
0 G/ Y( F4 x4 Z. C; ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 D1 z: A' }/ M9 y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ y) ?8 m4 L' T7 b
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) j& {- }5 x1 m
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
6 P, b7 m% z8 v: |5 x t. f - ==================================
* J5 O% Y- ?" h% M( [. A; i/ [2 t - 文件关联7 \* \- u, D; j6 G
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
2 `0 {! t3 k0 w - .EXE OK. ["%1" %*]
# L9 r& C4 M8 y - .COM OK. ["%1" %*]
1 J* q1 i3 d* m9 L% x - .PIF OK. ["%1" %*]
8 {4 S% @9 s) j - .REG OK. [regedit.exe "%1"]
/ y1 _; g% u! m, O1 V% A U4 y - .BAT OK. ["%1" %*]( V7 d6 x; A9 Z
- .SCR OK. ["%1" /S]
- \7 y5 v, B* j' x- D+ T7 u0 D - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
! L V' K; {) O+ \. x - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
- ^$ @ h: F2 M5 N' G - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]( T5 ^ {( V$ l( I% W1 o1 k
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]4 \6 { ^# D! [: L+ o% z6 X
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]/ z4 j" P/ |/ q' m% F5 C
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]/ w/ b6 l3 L* n" J
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]+ y$ P- `! p# z: s# K
- ==================================
: V/ Q$ b1 _8 d: K$ ~ - Winsock 提供者2 K5 ?6 x- k8 Q2 {# q
- N/A% z, M" w! a+ @+ U6 j. m
- ==================================; H J. f$ d( F: Y( |+ W
- Autorun.inf' q) B& |' ]" V; G
- N/A
8 E. r7 b: v( o$ c4 o7 N0 y - ==================================
! z$ G% j3 C/ ]( O0 F - HOSTS 文件! ~! \; \3 E* z/ A) N" ~$ Q- a/ J
- N/A1 h0 W1 ^* E3 Z1 I: k; Q) \
- ================================== T" ` O1 v! j
- 进程特权扫描 x) M. `- {$ p! J1 f2 N9 S
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
0 n8 y3 m z# A' O+ d9 ~ - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
# c1 ]9 e, e6 H% w - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]6 `3 i+ O/ I q8 a+ G
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]5 I: L* ?8 u& o9 w2 e
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]4 b! G a1 w" w: [: e {& r
- ==================================
9 O( r* x( H5 i6 Z% n - API HOOK+ _1 Q# h- L/ k9 Q
- N/A
$ l) I, t0 Z! R( G4 N - ==================================
6 e" L; W3 D6 j" s% t! g9 k - 隐藏进程
; N" H9 v8 i( b% Z% L' y- c - N/A% P( \# k; V7 U* R$ _- o8 ?. V" r4 o5 C1 k
- ==================================
' \2 _" f- P3 V" w& n - 1 I9 {2 Z! M0 o: M3 `
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
