|
|
- + P$ P- z2 y# [$ g: m0 ]/ d
- 2008-05-22,20:37:43
& ?. y t4 f9 g! ~7 y6 P3 P - System Repair Engineer 2.5.16.900
+ M; z7 u ^2 ?' Z1 P' k! p - Smallfrogs (http://www.KZTechs.com)
: J) C% [0 m }1 i( Q0 R4 p U - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
$ m T, S, k+ p% o - 以下内容被选中:
' Z/ d7 S7 s) ~, u7 m - 所有的启动项目(包括注册表、启动文件夹、服务等)2 n7 J3 v9 V: q' S
- 浏览器加载项
$ u) d! O( _ h( ?1 _) U - 正在运行的进程(包括进程模块信息)
! \5 U' }& Z# S$ a- ~ - 文件关联
) R& |* K R e9 q- K% B4 K) {3 f6 A( D - Winsock 提供者+ L, d. U- s, V, u0 K: Q' r& h% z
- Autorun.inf
7 w5 Z9 R2 T1 \6 k, _) e - HOSTS 文件 I8 P3 _1 F& e! g4 s
- 进程特权扫描- l9 S2 R0 ~0 t4 L
7 p2 a1 R& e7 B( Y) B- 启动项目
2 e* N4 b1 j# p* U/ c - 注册表. o, l" p j. c5 T
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
# t) w+ M$ a2 w1 o, t1 q - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
" }' D* v! ~0 B3 d- S3 j% \$ \ - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]* k# K3 e U5 R8 e& }/ p" @2 R
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]; P$ P4 H, N( u6 v
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
# n2 d* K0 Y* y( |9 L$ r7 s0 n - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]# B# a/ _$ C* U4 O: f1 ]* q$ X: C
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
# f& f, L1 C5 Y* A0 r" ]# B$ ` - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
* z2 Y5 z% s/ ~3 i6 D, x U. h - <PHIME2002A><; > [N/A]
, a0 E( k F+ H2 \! S" { - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
) c( \% n+ j3 {( q+ [, Y - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
9 f* E4 O! \' N% S3 K5 h( [ - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
, y0 p5 P( G/ L# |7 R! ~% o( j - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
- b( w3 Y! X- H; Z8 \ z - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]% ~) K: c6 @9 D8 T$ Q
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
- ^5 x R6 N& Z, f( D; M! } - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
3 j( b4 C2 I! Q; @ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
/ ?, P5 r( ~6 W' G - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
: A" j) |7 Z5 `; o - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]( d# o7 y) g; R4 v8 C( [/ q0 R
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
3 ]! U0 E3 ~! m! b - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]* T" e" E+ s. w- l0 ^
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
; j4 ]; E3 H6 ], P& r& L' a - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}], L! X$ i$ D. m; h+ u% m) c
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]+ W1 U0 |& D6 i! t* E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]4 E" O9 K) @( w O
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
" N/ h& C% G- q( r! n! W5 E - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
9 t r9 O, t* @4 t - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher] k4 I5 Y0 d" ?3 e5 U
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]$ Z& |5 I' m! \8 R/ V( X! c& _0 t2 t
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
6 M2 Q* J- h3 l2 z2 G9 A - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
; E% C5 T! `5 Y+ @ V - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]# S- Z! k, z$ b6 s
- ==================================) g8 a* D Q6 c, R! }
- 启动文件夹" G' F! r" c' R7 M$ V
- N/A
2 B, m3 F4 c0 A0 N2 g+ r) |, B - ==================================# `% r, L! `; C0 F; s" d9 `" l- e
- 服务) M6 x5 a8 c/ j$ o- ~8 m
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
( s" i3 }3 p( p- X3 W9 l - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
& ?1 G6 N5 l' Y Q9 b - [Google Updater Service / gusvc][Stopped/Manual Start]
, M2 p# j8 r2 `. l - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
7 h" O: }# t" B8 P+ N - [Help and Support / helpsvc][Stopped/Disabled]! D" j0 x( o' c' \
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>& s r) S, c; B8 {
- [Human Interface Device Access / HidServ][Stopped/Boot Start], Z' m5 S0 k/ x H7 t) I* ]$ X
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
* h# d8 u5 L" a. y - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]* y& o7 T/ R- d
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>& _2 J) O$ k* @1 g$ J
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]/ @8 [) G4 V5 O0 Z% u8 V
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>8 U8 o( c6 U: w
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]" D, G: P* t/ u( Y; d5 u2 a# J6 ]
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>: K5 `+ [% ^6 m- L' L
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]+ N3 |( [! d/ s- E
- <><N/A>9 B% ?' W2 F; {: o5 o2 U
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
, I8 G/ ^: h- p' y6 P, l - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>! ?- a4 H: v) o, l! O+ ~ Y. L
- ==================================
4 F: A4 D) |4 y - 驱动程序
' c4 y7 k: O! J* h - [22j / 22jn][Stopped/Boot Start]
/ ]( k) Y8 N- g/ E2 j( N! E h4 C - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
8 s/ o4 V, b0 \% g - [360AntiArp / 360AntiArp][Running/System Start]: C9 h% O" t; N( V. p9 }* m! P/ b
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>1 J6 O/ r) Y; q$ ]# \- [- G
- [43ec / 43ecu][Stopped/Boot Start]
9 {# K2 x, z7 u/ N7 Q, ]( B - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>5 l( A2 G) d& W9 m; W
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
, D2 m4 T) J, R6 G+ M - <system32\drivers\ac97intc.sys><Intel Corporation>
& _0 v! C' f9 i0 [ - [Promise driver accelerator / bb-run][Running/Boot Start]
7 ^3 X: M7 w7 {$ h3 R f: } - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
- V" \8 S, `# s3 u( F0 w - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]' O# c/ O7 _1 ^4 f' }
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
7 _7 w. B2 @$ S1 @; ^9 T& b; t - [KAVBase / KAVBase][Running/Auto Start]' g6 {8 J8 e" |) n
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
1 F: ]" Y! ?4 Q+ R" G0 {/ m - [KAVBootC / KAVBootC][Running/Boot Start]
0 P6 y5 Z+ M6 c. _, h - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation># O/ d' b2 w' Z% U: Q
- [KAVSafe / KAVSafe][Running/Auto Start]
A& {- J+ ?9 ?( _& Q - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
: Q' X Z+ F8 s3 Z - [KNetWch / KNetWch][Running/System Start]
& u, G# Y/ k/ d8 M( D$ X( D, L - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
$ Z2 C* b+ f" E& }" d - [KWatch3 / KWatch3][Running/Auto Start]
) ?; X+ o+ ]. Q- A1 d - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>3 N% G# L9 u6 h2 W9 ?2 b& [$ m
- [ntptdb / ntptdb][Stopped/Auto Start]
6 ?" \$ ~ C s( e5 j' m - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>5 m2 l% A/ ]2 i$ y5 n$ i4 X+ n
- [nv / nv][Running/Manual Start]
8 b- `; Q1 x d - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
: d! e7 w5 S( }8 z6 t: h - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
# r8 s2 ~, Q( W) Q9 Q5 }( y - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation> h4 i( m. o* e$ N$ c* c1 `' J0 X0 R
- [DDK PACKET Protocol / Packet][Running/Manual Start]
- e* k7 ~) [; V" Q - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
0 \$ Y& A5 I$ m5 d - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
) B3 e/ ? h. d" x$ U - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A> g- g- D8 b' w" G) e' L4 U
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
1 O- F7 b3 z. R8 d, T6 Q. v - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.> P' _" d F% O3 l9 f1 o* U
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]& g C3 b- s) s/ P) Q: U
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
! d# ^; w1 C$ O! s4 ` - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
, `% i4 y/ a$ e7 t7 L# q. J( {) ` - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
7 c4 |/ r. s" ~: p2 @, ~% z - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
6 v0 G0 S' W1 S! w - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
6 e" A3 R$ }/ @9 t2 P - [Secdrv / Secdrv][Stopped/Manual Start]
/ g/ q8 Q) O* V$ j7 o1 k0 i, g5 z& ] - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
( M" t& K4 d z* I# z, A - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
$ @( H6 J* ]* q - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>& d& l$ L, ~0 S( Q7 A
- [System Restore Filter Driver / sr][Stopped/Disabled]
) p& C8 r z, ` P - <system32\DRIVERS\sr.sys><N/A>% J) T" `4 c8 ?2 ^ h) E
- [TesSafe / TesSafe][Stopped/Manual Start]3 K( E1 U5 y/ D% R+ }& ]4 `# P
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
# V' F7 d; r1 w" s+ M6 t - [System Services / unzxzsrs][Stopped/Boot Start]# Y6 i( ]$ x" w D* O: D+ l+ _
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
5 f3 i9 I+ c1 A/ o) { - [ViBus / ViBus][Stopped/Boot Start]
$ m {( f1 v3 a9 w5 t3 J! a* I - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A># S+ E1 @: h2 U7 K8 k0 s( n j' X
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
; V" D2 t, v+ B( k - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>( k+ R! T# p$ S7 ^8 d$ X7 j
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
/ `+ T7 N! u8 V - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
& X r7 A& l) Y8 y5 s - [ATI Extend / zhibmaso][Stopped/Boot Start]
) J! R5 _9 N& }# I! ]% @' w - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>7 ^- A. _: @3 b
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
8 U1 v8 h! G5 r5 o2 m+ E [4 p - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>1 A, S/ _" s! U4 h# B
- ==================================3 P2 M5 h! x( G( A5 z) L
- 浏览器加载项
8 j7 e9 g I% R3 x8 g2 r - [Google Toolbar Helper]
( |8 e/ ?% ]) x+ N! V+ i - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>% d) n* P0 G$ v0 e
- [Google Toolbar Notifier BHO]
n: ]: \! d% J( Z - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>- W# N3 Y8 N4 ^ L" I( O @7 [; v
- [SafeMon Class]; w& b K1 w+ |( t) C: L9 K
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
: i3 i! h; D6 i# O - [kingsoft browser shield]0 o V! Z8 ~- D. {, E
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>! }, X o$ `- x9 o) p$ G/ p+ D) U2 U
- [IEBuddyExtControl Class]6 b2 ~9 f( f: s: I
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
' F- `- i' I# r1 v0 _ - [Zcom 杂志]
9 C0 A" U0 j2 K% e6 u) p4 t - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
. p( u8 s+ K) s! i3 H0 B i; \ - [&Google]5 K) \& w6 i! i' \: s' G% p
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>- `8 x8 h2 O: z. B& }7 I4 J
- [KooPlayer Control]
& |! J+ p9 F4 r6 ]' S! x - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
" Y: T7 p7 P, P9 O - [Shockwave Flash Object]9 H# t' q% g0 N
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>1 d+ h( p- x {! s- G
- [KUpdateObj2 Class]
! l5 [9 e" S" N! r' _9 C) u- n - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>8 h4 Q, V9 ]8 `, B }' s! G' ?2 Z2 e
- [Google Script Object]
' _! R F( \- ~ - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
+ M+ f! A( [" H( O - [EWA Control]
. e: p. g2 L$ _# z! I4 t+ `. Y - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
8 l: T$ v& o7 X$ j - [Windows Media Player]
/ E* l/ u, g( B0 { W: h - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>+ ~; ~& n* P" o; |, d( z
- [&Google]7 B! f4 u$ T% P) Y
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
8 P' F6 N5 U0 m* b1 }: A5 D; R c - [HTML Document], X7 W3 m* Z8 N7 ^3 B; O
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
" [. ~$ M5 Y* q8 k! j5 W - [DHTML Edit Control Safe for Scripting for IE5]
- Y% ~5 L( y0 ~5 m% J0 B1 O5 \ - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>0 J& f2 y7 t8 E/ d6 N
- [RealPlayer RAM Download Handler]
' @% \. M% X7 Y! v' x - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
) `- ?# F/ h3 ~ `4 R9 O) Q - [IEBuddyExtControl Class]8 b$ z6 g6 z! Z! o
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
2 `8 a! u# `8 A, K - [XML Document]
' s D! }! F3 T7 N8 H; ^ - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
3 }- {0 d, r ~7 C3 A5 @4 ^ - [HHCtrl Object]
) u1 T8 F, A2 s6 n+ l - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
$ X. B1 J' n/ ^# H - [Windows Media Player]
: C$ u4 v! x$ T: H U( X" |4 N2 C - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, t/ O) t1 d3 e+ b" A - [Active Desktop Mover]7 c* {; l6 f. T2 d
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>% _, f( T) D5 L, a8 {7 V
- [360SafeLive]
, C* o. }5 K- F$ V' c. D - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>6 |/ J8 _ r% B* K! u
- [Microsoft Web 浏览器] B/ U, A7 \" a) g5 D
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
0 j0 q- L! o* b1 s% E9 Y" C - [Browser Enhanced Objects]. \) ?$ }: z, T
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
0 f+ x% z% b9 M0 P: X - [Google Toolbar Helper]
/ |( s: C) S4 I2 r1 Z - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>7 @9 {$ F+ E9 [( g/ H% D
- [Microsoft Scriptlet Component]
% @2 v* z2 C0 C* C4 |( Z - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>6 V* M4 k; q. \! A$ Z
- [Google Toolbar Notifier BHO]
! z* z* ?8 U- A3 a - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>6 m9 P: q2 Y2 b2 p' i
- [SearchAssistantOC]
, [, ^5 T! ^. p. S5 l/ p5 f" q - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>7 [" P; h* J2 g6 G- o0 f
- [SafeMon Class]: N) o L) I/ Q% {) @5 u
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
2 O1 M; }6 A# S+ b9 Q - [RDS.DataSpace]2 {/ I m8 T( i0 Y1 ~
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>! S# `( X* ]4 L3 r/ X) g
- [KooPlayer Control]
+ t' }( l0 ]) d$ c% ~6 L ~4 D" E5 x- g - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
/ i) S! X$ P& C3 N - [AUDIO__MID Moniker Class]
2 e8 U5 V. Y% b7 d I v. _1 l - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>/ w, a! h3 Y% n. [/ M
- [AUDIO__MP3 Moniker Class]6 @; a( K! \9 x! m- _; m% `
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>- X2 R/ Q3 O; a) M- W6 u' ^
- [AUDIO__X_MS_WMA Moniker Class]
' w+ A- Q0 x7 _1 I# v, n; c. U - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
+ m! k$ ]; e; j$ W/ R9 ?+ m - [VIDEO__X_MS_WMV Moniker Class]
[6 y8 \8 M; z$ ` - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
r; `& m" u6 v - [RealPlayer G2 Control]
% ?4 b; Y$ }5 T* c - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>6 j# q7 U- ^, U) G# a
- [Shockwave Flash Object]. c9 s; p+ {# B/ i1 D
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
$ S0 q+ H% z. n( ~0 h" \2 k - [KUpdateObj2 Class]
% G" G, }6 N6 i$ g1 M R( I5 \ - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>) U; R( w) r4 ?; J0 E9 l
- [kingsoft browser shield], x$ K& f' |! \, i9 l" I# E
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>8 a; E( y: O6 k
- [PasswordEditCtrl Class]& ^0 @( V e* v: y8 h
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>6 A! z( N, r% f+ x
- [QvodCtrl Class]9 c3 w7 x! d; x: S
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
1 G( M; _7 \3 j% K# e+ I. [* I( ]2 f - [&使用超级旋风下载]+ x$ c, O# z) S9 l# o/ L5 @6 g
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
5 i' h, ^2 ]$ l E - [&使用超级旋风下载全部链接]2 O' i5 g N6 i7 h
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>0 p! z6 I H" z: @9 }
- [使用迅雷下载]3 U/ d0 l+ l* k
- <, N/A>
9 S1 l5 t% q" l1 G, |3 o7 [) p$ o& e - [使用迅雷下载全部链接]
( Q% c: j# [" V3 ~% i8 ~ - <, N/A>2 S% x7 r% ~" M1 }8 R( {) E2 H
- [导出到 Microsoft Office Excel(&X)]$ h7 W* L% y, n+ Z' @
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>) O1 f, \, t0 O7 K& j
- [添加到QQ表情]
) v& ]. P8 C6 w6 w3 B0 t2 ?0 l - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>" ^; `* C+ Q& a: V" k
- ==================================
( a( v5 K; y4 a6 q# M r3 C7 j - 正在运行的进程) x& H( ?. M, o
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: F! u3 r# j1 a6 ~ I - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 n/ B9 V+ P! }: f/ @ M
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], e" w9 N$ A2 w# L) j* K
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
# R, e# P9 M: R( L* m) a1 D$ U - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
|, a" l0 X; s. A% a - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
, O/ m" X* n8 y1 P2 |8 m1 ~: ~ - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; Y/ F4 K( h6 e - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 V7 f/ d9 Q+ Q4 ?' f! u, `
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 G" a# [( A/ A) H2 k - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 m. l8 @! i: \2 i. I - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[! Z) w" m' i" A) o4 ] - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]" P- L6 \8 x. k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
7 P7 G. Z2 b" p) p! K# F" m; I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( t+ N- `1 h; }/ o1 U - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
' w' x7 q, |. A! u* d+ K# Q - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
W* x5 }, q$ T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
7 \4 {! }% X6 S/ [& k' j* S3 L. B - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
& u8 o6 p* f' h* a - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
. B1 \; l) T; h3 S: {4 d' S - [C:\Program Files\WinRAR\rarext.dll] [N/A, ], S- a/ i. U3 q
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
, h! P( n! h7 ~# ] - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' L+ ^+ q7 e; ]5 l - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]. J: w- t7 Z: T# S! p" v5 _
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
* p2 [6 `4 |; V# D) M. s( s - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]& i8 W7 {7 H: ^" S8 @7 C
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]" d C3 C. [* y$ Q4 Y, Y
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]2 s) Z% G/ O( w+ K
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001], i2 @: U7 Y) r- I$ Q9 n0 L e d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 G* p0 G/ M! B9 d, S& H! a; ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ V3 w1 _9 n. z6 S! s2 a9 t9 x - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" I b% L! W, b7 a% S; Z* w; _ J - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ f, Q% q0 h9 e2 V' w. M- e6 _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]1 {/ N$ D, Q5 M) l+ n5 a/ N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
" s% m$ ^* s h0 k2 {! z% T5 i - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]" D2 b3 r7 u. y
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
& z4 d, }7 H/ n8 v3 t$ u - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
! A, j4 Z5 l3 D& E! C) z4 Q. n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; x: D) b v5 Z8 h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364] V( d0 [, b2 C- b) B' h
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
2 L/ |; g* l$ ~& s5 X - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]+ T. Y* z. X8 x% W. s
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
S* l/ U+ l% k, R4 f* W! J' V - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 [2 z$ x& s' [+ x n
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 K8 T7 f2 Q# ]/ k
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]% g* I6 r7 B$ C4 |8 S6 X2 H
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
J2 l6 _& {2 I4 Y- R2 |: T" P - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ u, P+ g% @7 r, d
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
) e0 A' m9 ]' L2 K0 v1 N - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
: G$ E+ R$ b( U1 M$ k/ \ Y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 f2 Z' d3 u+ q4 Z) n2 o2 S& s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; X9 _1 N$ b2 S K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ S/ `- u9 D5 n( Y) q
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]# w3 ^8 k! a2 X9 D
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]$ a# i" E, D1 b) M5 s* z [, `4 o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]$ o9 f; j6 S' w" E {3 b3 n* F+ [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
. d5 T5 z5 X; y) i9 T- f" H( h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]0 `# i/ W" t, l: \ ~0 w: z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
9 P, [" V p- e/ n. r) S) g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]9 H) y+ G9 `* d6 C# ?
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]* [$ ^- L! @3 t& J
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]! j9 y) V' Y8 p1 j' Y# p
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]" u, `: j0 U/ Q2 [
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
) I9 h& z( X! y/ {: o) Q - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
+ }& _7 j3 E& a$ A6 v, [( j: b - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]4 w4 F+ T) [* q. X* n! F
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]& q) s; X: q/ i& K9 w
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
, n: _+ O$ T9 } - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
; o6 t9 Q* s& e* Q: v( I ~: A( A - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
% @. W' |( ]. F9 E: G" r; d - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) l- e) B+ ], k; ? - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
, w0 l. c- Z( C: _; f - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001], t# h; {: [( C2 |8 Z, V% S) o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]' n6 [5 G$ X% ?" Q- Y* x8 I' h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 D' z3 z8 Y) p! d- @
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
+ A3 x* w* z; P. z0 v - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]3 l# G* i: b' |8 ~$ v, U' |/ s
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
/ s) C7 ?) e9 [9 X0 x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 O5 h4 F5 o( J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ l0 m! k* ]8 m- [ n, t- k
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) X) S9 h+ d6 _4 R( T
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]' \5 O0 v1 ~: S
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
% f: v: h3 [: S6 V/ L+ [ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 w3 E* `6 P& |! O) T1 p; ^. a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]' R! y# s5 R! z' C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 U! K7 e2 a# l0 z( u8 D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) ]! b' y$ J1 D( [& P9 t0 P% ] - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]" n) L5 W; J& |+ o
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) N4 o/ l- Y7 G+ l- u. [, ?/ { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- t) M; `3 ]( v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# c) l+ R5 o) T
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- X& Y- @, \0 [+ T4 `
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
& ~4 E/ U9 g9 {, C, A - ==================================
4 m9 I- k3 k/ d/ f - 文件关联1 e8 @0 t& s; C- J e
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]( r7 m) L3 s/ a) U* I J( f
- .EXE OK. ["%1" %*]% I9 r# N& {1 V* w9 M
- .COM OK. ["%1" %*], Q- ]$ `- v( N6 H8 n
- .PIF OK. ["%1" %*]3 j$ {" M# M6 a$ O. q
- .REG OK. [regedit.exe "%1"]8 b% F% m* x: N/ B% O" ^
- .BAT OK. ["%1" %*]
3 x. W, M) U, Z4 [$ e - .SCR OK. ["%1" /S]
: e; ^. |2 E+ t' I# i( r+ W, P - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
1 b: F" Y! b! Y o) ?0 ` - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
- [. S) D; H/ p& q - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
2 o7 f% {% O1 y- K - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]. K: F( r' N1 ^/ j2 n' y
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]1 N7 c& M* v. b% ?2 A! N. ^0 Q2 n
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
+ S4 W1 o* U" x4 m+ [/ V - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
! p, o. z3 R/ o7 X0 t6 p: a - ==================================6 c j, H+ I' a/ i# n4 A0 N
- Winsock 提供者5 x% s: | w+ M5 J2 h Y1 p5 M
- N/A
& ] D# o* @- r% X. v* E - ==================================
6 }2 L% m8 `2 g; d9 g( y - Autorun.inf$ v/ {8 D5 Q$ g" J, G. } I
- N/A( J |6 Z+ f' D. x
- ==================================
+ n0 n8 m5 l/ \7 i" _ - HOSTS 文件
% x& \0 q; R1 k: J# o - N/A- {/ x! Q/ T# f
- ==================================8 X" k- L# R- u7 z$ g
- 进程特权扫描
1 C, Z+ \ A/ y8 L0 H - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
+ L2 j/ K% ~7 o0 [ - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]6 M& Y4 i' a* f' \ w: k' d
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]3 b; j5 N3 ?- L* C
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]2 O9 G% ?/ v& h @8 E1 `* f, C3 ^
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
9 E5 u2 w4 B0 l h! u; s1 D - ==================================
" S7 p% L2 h3 |" v - API HOOK- T( k; \; F. M! a* [" `. j
- N/A5 w# _4 D5 d6 e' f& u) t7 a7 f
- ==================================% ~+ s# W- T( c( N
- 隐藏进程: X1 }$ z; ?! `7 k2 N- Y9 F2 K
- N/A# G1 v0 d# A, m+ }: Y) R
- ==================================
4 e# C2 ^5 K' c \3 K - , f) _; Z8 ~' d7 V
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
