|
|
- 5 X' d3 ]7 D0 {, b) K
- 2008-05-22,20:37:434 Z, e/ s/ E2 Z8 D# Z+ J
- System Repair Engineer 2.5.16.900/ x" ]. d4 s' [+ \% N4 Y
- Smallfrogs (http://www.KZTechs.com)
+ W9 ?% ]% Y7 l5 V& ] - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能$ I& Q2 N* l( k
- 以下内容被选中:
$ \+ B& w! U6 u8 _7 ~% B9 M( e - 所有的启动项目(包括注册表、启动文件夹、服务等): |0 T8 x2 }) y- y* s
- 浏览器加载项# ^9 a1 Q3 y. _6 f7 b
- 正在运行的进程(包括进程模块信息)
7 o5 B) i. M2 P6 e8 O& Z- i0 T - 文件关联& w% f* y# k( \! f* p2 q3 a0 D* M
- Winsock 提供者
9 f! |& N( h9 p+ _4 o; Q& w - Autorun.inf
4 ~, C& Q: C# P V4 s: h& P - HOSTS 文件- S3 n+ G2 R g5 I. B% [3 [$ R
- 进程特权扫描 m4 Y& U) `9 q/ k0 m9 c- R7 r9 m
4 t! V$ j5 B7 Z$ p6 k1 @% f- 启动项目* X; b. n2 P- b3 ~( k- T O _
- 注册表
- S& F9 o+ |& b* L5 m - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]5 P! z; R8 }, g
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]5 ]% N# B5 v) c3 N* ~* M
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]1 P, W# v+ }, _
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
% O$ }! f' S9 X8 O( s- _& t - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
( K0 l* U m# I8 ] M - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]& l$ f" [1 H& t# @ u, ^/ b! O
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]4 q- V+ W4 d. a8 H! q, l% M
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]5 _' x! h; ^: n9 f
- <PHIME2002A><; > [N/A]" | L, s) M" }, o# `2 W
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
7 n- N. r1 L: f! [! U! `0 Z - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
+ |" |! T/ T* U& O8 T - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]* V& D( ]0 Q3 S# Z2 g( U O
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
, Q3 |$ w* p6 Q. b - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
$ x2 b( p: r- e: d - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]4 D1 L* V+ p* q
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]( P2 f R: n; K8 f% f2 X5 ]6 f
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
: l0 X2 h O$ V: t" v y! q8 b/ a - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]+ h8 k; Y9 {3 p8 |$ q/ D9 p
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
6 f1 Y" Y8 g* F - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
# A9 X6 O, o s - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]& O* P6 i# ^6 h! _
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
% u0 ?- s$ [" j7 Z& T% { - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
/ ~0 g& G ?* e7 l0 V& h - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
0 r% z4 j9 q. Y5 w. _0 @ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
+ M: M& k5 j0 c; z+ k1 [ - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
C. ~+ {& i* \$ R4 d1 d9 q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
9 _2 p3 c9 Q+ ~" _- n" y2 S - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]$ L& U3 C' S; O7 k/ _. Q5 e
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
3 J& c3 i8 B; \3 I5 ^9 d, J - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
% q1 L% B G% ` - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
4 F9 l& F4 q% g# g' a/ x* l% L; w - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]2 ` y* D( e9 C% Y1 Y
- ==================================
, [* [1 _- a7 K6 O; b; A( o/ i - 启动文件夹3 g: D8 L7 a8 [% O0 ?6 `* N
- N/A
, E" z7 ~8 L8 ?' m5 U - ==================================
, }9 n1 I5 b3 J% I2 L - 服务+ m2 M/ l. @4 u- n7 W
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
& x) q1 ^7 a6 E - <C:\WINDOWS\System32\3wareSrv.exe><N/A>6 [2 h6 s; h$ q& R7 S3 M2 i! _* _
- [Google Updater Service / gusvc][Stopped/Manual Start]
$ F+ P1 H3 e/ n3 f - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>3 O0 @) U' M, a" n6 I2 q
- [Help and Support / helpsvc][Stopped/Disabled]; T3 |9 O! i9 v
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>" i7 Q1 D' u, w* d0 X3 }% |
- [Human Interface Device Access / HidServ][Stopped/Boot Start]1 b4 ]; [3 |( ?5 c. I- f$ q
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>/ v ]3 N+ G u3 t2 K
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]( d. R! m4 B9 j" L, @( n
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
2 O3 v" Q, K0 { g m - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]# T, v5 _2 }' b$ z! F
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
8 m, f$ I, ?2 |7 f7 y - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]8 X9 g- O3 d- ]( a8 Q# e
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>& ?; w2 c+ t0 A% k
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]/ {9 F1 I* T$ Q: J( W
- <><N/A>
6 X& x# i& q& I, O" ~3 ] - [Qvod Terminal / Qvod Terminal][Running/Auto Start] e- R: s$ H) t) O- @0 C
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
6 _ U' Y7 H7 ]% F5 g - ================================== o, O. e9 ]$ f% m4 L; v
- 驱动程序: T) u5 t9 p5 \; n. _7 g. W \
- [22j / 22jn][Stopped/Boot Start]
) M6 _ L" C5 P5 F( {* l - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>- c5 z; s" b i$ I, i8 {) S& A4 B u
- [360AntiArp / 360AntiArp][Running/System Start]
; D# O9 Q: ~0 W) I! S - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>8 }! e9 @$ W C- d6 a. ~+ b4 B
- [43ec / 43ecu][Stopped/Boot Start]
% w" M" ?* K) a6 w% z8 I: B - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
' t5 u4 a# J: C5 \1 A. M; Y& @ - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
: k6 k! \8 x7 v' N. l, x8 Y0 B - <system32\drivers\ac97intc.sys><Intel Corporation>
4 n/ i+ Q& E3 z8 P2 g - [Promise driver accelerator / bb-run][Running/Boot Start]4 Y) s- ^$ v1 ?2 l
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
) T' F" P" U: n8 }! @! n; ? - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start] Q( f) ~' c* k
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>% J" R, L0 k7 A+ p/ j
- [KAVBase / KAVBase][Running/Auto Start]
" J, R+ o2 V# @. m. ^( V - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>7 R H4 U+ U0 ~# I% W
- [KAVBootC / KAVBootC][Running/Boot Start]9 k/ ]7 E" J6 }: {: P* I
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>" i! J/ U+ `) s5 P
- [KAVSafe / KAVSafe][Running/Auto Start]
" y' Z5 s% Y1 O% C x5 d - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>4 k( ^! [$ F1 y6 H i
- [KNetWch / KNetWch][Running/System Start]$ D$ l$ J7 L* q' t, h
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
2 g4 x$ A4 r- n* ~ - [KWatch3 / KWatch3][Running/Auto Start]
" i2 B$ v# |& T+ a - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>3 O" y2 T0 |! `: S$ @
- [ntptdb / ntptdb][Stopped/Auto Start]8 s# }5 f. m/ h* h3 Z8 l. l
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
7 O+ z+ Y! q% Z4 k2 \( m - [nv / nv][Running/Manual Start]9 e8 Z0 g0 V$ X3 Y- X) b: n. ~
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>; i# G, ?, S, @. f$ p/ s/ k
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]$ O5 \1 |1 F0 H; |; ?
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation># X/ r ~. ~) ^7 {3 _# a J
- [DDK PACKET Protocol / Packet][Running/Manual Start]
( r/ G4 e9 O2 `1 R) @2 H' B - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
0 y) l" O H. C: H% x - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
$ j" D1 Z* a3 V/ ^! l% M" V - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>3 G1 i5 k3 x4 g9 D) E
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
0 f7 \% b% a5 F9 B$ _ - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
, [# }! v, r; i H - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]7 F8 |4 v: H7 E4 {$ m( `
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
" I# c6 q" w* }0 D) i6 o/ M8 z/ q - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
/ b4 Z2 o/ ]0 G+ l, E/ A# O7 y% t - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
0 X/ X, x/ [% [" Z l0 A1 [ - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
/ L) o7 V9 q0 f4 w - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>4 v; H9 `' C0 _ ^, X- T+ h- X) Z
- [Secdrv / Secdrv][Stopped/Manual Start]" z3 V' f1 s/ {6 v% Z
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
0 C$ T/ a& B! l7 U- g; D; m( D - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
9 R. `( X+ ?% V3 W" W& q - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>& A: k. {5 F6 X p. F6 J
- [System Restore Filter Driver / sr][Stopped/Disabled]: {+ _' k- G, m5 \8 `+ U R
- <system32\DRIVERS\sr.sys><N/A>8 H |; o$ {! W" R4 o
- [TesSafe / TesSafe][Stopped/Manual Start]1 e' w1 A: F7 G* C) [+ L
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
. Y4 A; L9 }# B6 R6 m( X8 e |7 U - [System Services / unzxzsrs][Stopped/Boot Start]
( o- F' n& B1 a0 H - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
7 u3 }4 g" Z9 R5 u1 z( Q - [ViBus / ViBus][Stopped/Boot Start]
$ @! }1 T4 I: C( k5 r - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>6 W$ \) B' n! e( V# O' Q
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
: \+ o$ @3 _. _; e - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
- `8 Q( W+ H' G: @ - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]2 c. z+ O; E3 O' J3 `. n+ u; U
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc># h! _& g; H; G- ~( {$ A
- [ATI Extend / zhibmaso][Stopped/Boot Start] \" E0 N1 ~0 h
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>& w, M# n. ^% e+ k3 B
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]+ x# D9 n8 [4 P, z2 L; o, @2 g
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation># e* ]1 U0 p& c! @; ~& p$ m) K& p
- ==================================
7 q9 j, B; d7 l* Z8 m - 浏览器加载项' d! N! R# H7 m' |) I- D- T
- [Google Toolbar Helper]
% Z+ }" T! ~4 _$ C% U* o - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 G8 E+ X5 Z: [7 M- D; C
- [Google Toolbar Notifier BHO]; F) g2 D7 X7 | ]1 b9 N
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>5 N5 V% w! V: r' y; o# ?, x
- [SafeMon Class]
4 b6 w$ Y. j s& ?6 j# E$ n3 | - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
4 v+ B; s) B8 x - [kingsoft browser shield]
" H* _! Z5 G; o' H; w9 S - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
* W1 ]4 `$ c a- y4 y5 Q4 ` - [IEBuddyExtControl Class]
4 b1 ]3 M7 C. e( a+ [ - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>+ Z3 y7 q3 n4 C+ t3 G* H5 \
- [Zcom 杂志]9 E2 N: U4 `$ {: a9 f T0 w
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>/ U" A. J) r$ r" k ~, t
- [&Google]% N* F/ F3 d# ^
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 q% s0 Q2 f# Y( L# Y/ H
- [KooPlayer Control]/ z% f# s0 `+ V a ]
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
, M% l2 Y4 Z2 X3 }0 z0 k- e$ ] - [Shockwave Flash Object]
" b& x4 Y' }0 @ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
{; d' v/ g( J; I2 j - [KUpdateObj2 Class]$ z( [# P) v( h3 W( T
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
% |1 j" |# T9 Z. k - [Google Script Object]
* h) t* R8 r: p/ r; o, J/ I - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 S6 w/ q8 [7 u5 F/ P Z
- [EWA Control]& F9 n/ D2 p8 m
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
3 ]4 H, w9 }$ G$ X, g - [Windows Media Player]
, Z2 w X2 ]7 |9 Q* _$ [0 ]6 Z - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
. ]; w) n ? B9 M7 {5 _ - [&Google]. l/ z( y8 A9 I' U0 b
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 [& @& w0 n. D) ?% {8 I2 x) f3 ^# O* ^
- [HTML Document]
! {/ e% s: W1 o! F( e0 \! ` - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
; m/ c* _( c# {7 N& t' W; T - [DHTML Edit Control Safe for Scripting for IE5]# Z. Y6 h& s6 V: ^& A2 j& {
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>0 q! d4 f/ `8 v/ s1 K$ h) _9 @
- [RealPlayer RAM Download Handler]
/ C6 j/ j6 Y- ?9 L3 M - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>$ ?0 p( T1 L! S1 }- L8 s
- [IEBuddyExtControl Class]5 C4 W v/ H) s
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>' u5 k8 K& C+ ?; D9 L. p( G
- [XML Document]7 |$ _, c" |6 X( n( L/ ^
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
/ G& p" j. [& Q( B - [HHCtrl Object]3 b2 O8 U8 e0 W
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
" Y6 n6 \, T i, i8 q& ^ - [Windows Media Player]
3 M9 i: R9 ]; X7 C" O+ `3 M - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
& b) t2 t8 k6 _. H" F% R' t - [Active Desktop Mover]
0 L% M0 z8 L$ l# v - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>) V5 I+ i8 V u- h7 c
- [360SafeLive]8 M' u/ X/ R6 \$ e: Q/ V
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
9 ^) h# Z$ {1 \. d3 | - [Microsoft Web 浏览器]0 K# d6 c5 F# o
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>+ N+ r; Y& d! D& z8 N
- [Browser Enhanced Objects]+ g4 G7 X! U+ ~
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
% C9 c& [& Z, Q% I+ F; F- g+ n - [Google Toolbar Helper]9 e: _. X; y" s R% _
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>; T B: I2 H& a
- [Microsoft Scriptlet Component]
2 N* v& m6 x2 {5 x5 i: Q$ F - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>+ r& p {' N0 t
- [Google Toolbar Notifier BHO]
9 H$ |; T' R/ `, W+ P - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
& x& j3 Z% J% v/ O( U( R [+ y - [SearchAssistantOC]
' O# C3 J$ i6 @% n# {; S" { - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>) P* C% Z) t& y% R! Y
- [SafeMon Class]
. Y+ d- ]8 L5 K! x7 v - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
' ~% z8 }( F7 E' _ - [RDS.DataSpace]) H) D; e: g6 _! X: V
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>- r+ g: Q, ~' ^3 O6 d& F
- [KooPlayer Control]
! [) M6 ~' e! P& w& o4 s# a - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>. {$ S" Z2 n/ `2 Q! K& O
- [AUDIO__MID Moniker Class]/ B4 u# r3 `( H" J
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
* N8 s/ T# k9 }0 l$ b2 B - [AUDIO__MP3 Moniker Class]
5 k/ d0 Y) `& l% C. a# N F - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>- r- U) _* O* j% l" V" C6 [
- [AUDIO__X_MS_WMA Moniker Class]
) @& T6 Q2 j& P; S, o( B1 s - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>- P' A4 V/ f( c( r' e
- [VIDEO__X_MS_WMV Moniker Class]7 M& z4 Q3 B! A5 u) v+ j
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
5 e( } e; Y8 T! F" u: ~* }) V6 a ? - [RealPlayer G2 Control]) b* P8 o @6 f
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>% j1 o9 P3 P9 W6 o1 r {$ m1 \+ x
- [Shockwave Flash Object]9 q7 V4 [4 \: X0 T- r
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
- f8 ^% Y% a8 C1 D/ Q# G9 Q N - [KUpdateObj2 Class]
[: J4 y' R+ } - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
- w I5 _& o+ }. Q6 c8 w& V - [kingsoft browser shield]
; k( F5 k, L/ b! y0 }$ [ - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>1 y$ Z. R2 L( Z, D
- [PasswordEditCtrl Class]
' J' U8 j& S" O Z - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>6 m3 l* p/ L# b9 E: u
- [QvodCtrl Class]& u2 Y; F; i) ~* h+ f- w, r" P- h* `
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd> k) Q$ M$ e# I; L' c
- [&使用超级旋风下载]
( E6 W3 I1 I0 Q# U" c) {3 Z - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>- ^: G4 J' w9 V8 @1 ]
- [&使用超级旋风下载全部链接]
, s: [# @. c% s( O - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>) l% G3 W: e: f9 w* H: J8 @ Z7 X
- [使用迅雷下载]
5 u1 I: K7 g/ }8 \9 e' }* z, Y/ P' l. [ - <, N/A>9 f* U, l: [- v( E$ v
- [使用迅雷下载全部链接]
" |+ N1 N$ {+ y, Q" ?- { t - <, N/A>
5 {5 ^8 ]$ K$ o, H* @# Z3 c - [导出到 Microsoft Office Excel(&X)]
. ~! v( s3 ?$ X9 H9 M8 H+ c - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>) `6 I0 Q2 O/ S0 P, c! z
- [添加到QQ表情]" D( T! @% P$ H4 o1 m3 }
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
, t$ }! C" o2 b1 L' e/ A: W - ==================================- T/ G. r/ h2 h7 l; }
- 正在运行的进程
* i9 u' h) a) I5 z# _2 N - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 n" J. b* p( R N N: @ - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" h+ W$ z& v, M. |4 `) C
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* v7 O. a, t2 V$ |7 p4 W0 I4 S1 K - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
# M; G- k' B2 F0 W: n8 U - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# S& y: z" t! L& K; d$ p - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; c/ D) R% h' L6 O: }6 K - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% _/ h- T6 G8 _' J3 | - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], l# K) k. i/ I1 A; n& q( K- r
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& i8 D4 P: y- C" ? W; Y$ ^6 {
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! a2 K9 Q+ m* D' r: Y* C" V
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* i" l5 a* n+ u- R; W) ^( u
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
/ _( k. w D. L3 P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
% z, Z6 e4 i. w$ l( b2 F; { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' z9 f, {2 Y) c7 I - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]4 H- H; c. k! C' k# w. [
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% A7 {1 N1 `& u6 F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]1 o Y1 W$ q- j$ h
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]3 a) }6 X. a! Q" x+ Q$ s
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
* ^0 A X% R3 Q5 k - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
1 b* o8 L) n) C3 Y - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
$ P9 N2 G9 a, k& b0 ]1 s. m - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 }, J: @$ q3 b0 c8 O* c; X
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]$ X, N1 c) q5 ]% ^0 y4 ~
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)], I/ m1 j7 d+ x6 I6 o& r( D
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
6 z6 \1 s" b! w8 ?3 I& f& V - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]* k) Q' d7 D4 P
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
% @$ _( w$ E! r. }$ K/ b, |0 d9 F - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ l( [* M1 M m3 D( Z: J' a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ ~7 _1 @$ c$ m9 a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 O7 Y0 K! \9 e7 j
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 Q. e8 L; Z4 W8 f- w
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* t* P/ ]: n# a) t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# ?- g+ [, r' N+ S. |! n+ f! { ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ g4 {1 R/ o' M9 I5 X
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) D! }0 }8 p; `8 X
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
. p, A0 K. V7 a' W4 M9 R; v - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
1 |. F/ X; @) R, U) Y' \, H4 N" s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ y1 a4 y4 u; ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
& D5 f( R9 ^2 |4 B - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
: x4 Y: r$ U4 R- {( H - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]: J: y0 s& p( O; A3 x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
& ? ?2 L ^4 u* c. q7 a - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
0 R8 ^( L7 N8 r - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' _' d& o: U k: l9 \; p
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
/ | n# D6 r& } b! @ - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 k, r! F* V$ u; Q# S) u& ` - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- e8 D B) y [. |! c
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]! |! N3 J% V, a& @, r
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]" Q6 d* c2 g; s. V; D1 I
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 [$ e T! c% A3 O) V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ l$ _( J2 Z& a. a2 G" t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, N0 _! W* Q" w4 ]- I) _2 f - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
% J( s$ R" `0 c1 W$ ^ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
" H- t4 W2 E3 n# U - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
) y! V+ [5 _% |( @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
2 v" m) A0 M7 g& |6 d7 j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
; I6 O! ^! T/ y- z% _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]9 O, @ R8 {& K' @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
4 B4 V1 A$ b6 c+ h0 m8 `+ \ - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
. K ]( w% f) k; W - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
! ]% d+ I3 Y4 C( G+ S - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
7 P! n) O" h; D" k. P. ]9 i - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
* M! g& G% u8 l g1 P' P. O - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
. \5 D! u" J7 s! o - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]8 d4 |7 o$ B0 c' s# i8 B* P! T
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
9 I( @0 i( {, B- C, Y1 `) U - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]4 p, M; |# h/ g# M6 T0 Z c- K) X
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
3 V2 s# w% v4 I+ B - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]- P' m! D; h8 r+ t$ N" \$ M
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 H4 K! a# Q" `3 d9 W; W - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]( f- M* `$ o/ j* y( t4 U5 u
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
5 h& u: `, p: D; N0 U - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: o1 f# H& w5 @( i0 y; P# @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( I5 P4 u/ ~3 K7 W8 i+ v4 P0 x - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( l4 \. D2 o) q8 \% V! F5 ]
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]! r6 e4 z; D& X+ q" C
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]+ P: z) Y- c1 k& X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) G5 m# O$ S& U4 o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ ^' c+ D; f: ~4 w5 j; s& W
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
0 x- S- g% n, X4 N8 w6 f - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]+ [, j! D$ L9 g7 L& v' ^6 t
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
" I& X6 e' K, ] - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]& R: e3 r, c2 W( r
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- T( {" ]1 G% p3 B S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ _! b* O5 X+ n- k$ ]( O
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* u7 `3 F' X- F w \ - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]0 x1 U! j; _& R& ?" @2 p4 a
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]0 c( V# i9 B* b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# b- X3 t9 z, o& h2 K" ?( O4 z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 A! y: B. I* v( Y9 m- }/ _ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 P/ J: w( M* i1 k; o8 \$ B8 p
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
6 |5 r# ^0 E7 v& L - ==================================
- O( q9 y$ [! }1 k4 L - 文件关联
/ k/ E; {4 o' }- b! Q! j' f - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]5 l# L& _: N7 q2 C
- .EXE OK. ["%1" %*]/ F7 Z, d: N2 W: Y# q0 T! F- z! r
- .COM OK. ["%1" %*]" @# {* |( I* ]; S! a5 ?2 q8 W8 v
- .PIF OK. ["%1" %*]( f4 m: D I4 q! o' p( @, ]
- .REG OK. [regedit.exe "%1"]% {! S& g) G4 m
- .BAT OK. ["%1" %*]. \' d2 D1 q% g. r. X
- .SCR OK. ["%1" /S]
w) M* c7 D5 n$ n2 V8 K - .CHM OK. ["C:\WINDOWS\hh.exe" %1]+ t* j* g) y; m( s, V( Y
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
! j, P0 g( L: I3 R - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]* E2 f; A9 |! a
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
0 p, B; C( v/ E - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
$ v! z0 V \1 Y6 N - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] k' ~9 X& w2 ~1 x% }" J+ Z
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]0 o6 ~ v5 ]2 K& T% o
- ==================================/ r+ y5 _ Q; \1 X/ n: }, g
- Winsock 提供者( u/ U0 D! x; c7 B* X
- N/A
7 {! U3 d2 E; P+ k3 y - ==================================
2 D: P$ R4 g" z- d: Y - Autorun.inf) [" [. j! A/ j" B1 \( D) D( c
- N/A2 Z0 a) J5 K$ k! T1 B, x
- ==================================$ {5 i( N# f' A8 `( D
- HOSTS 文件, [1 Q# N/ r- f9 z6 p/ F
- N/A
# {, G+ O9 o" q {/ n - ==================================8 o6 n M# x" F) Y. R& y/ }! p
- 进程特权扫描% L' V a/ A4 {. C' V* z2 l: [
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE], [; H6 v6 P$ d o1 B* p
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]2 O- j# x8 V& k; o: o
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
, Q) c9 e5 p" M0 Q - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]* Z0 Y& ~5 [' A5 o' P9 e2 [4 O
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE], x% H+ O; z% ^, |$ J! ^
- ==================================
! i) p* M& r; g* K8 j8 y9 c) L: m - API HOOK& p: s$ R3 e$ o( Z [
- N/A+ L; g- V6 t# \7 u d0 G! R
- ==================================& b* ~) a0 n/ @
- 隐藏进程. Z& C# ~) |0 t/ I- T0 b; y
- N/A
3 w( Z% {# ]6 ~+ X: ~1 _ - ==================================! g6 A# J B' i7 j; M% J
- 2 ]2 w7 m1 Z, K7 \& h
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
