|
|
- % z1 c' v6 f% M: d" ~5 v3 R
- 2008-05-22,20:37:438 Z3 _0 g. W) I T2 k, ?* f2 Y. ?
- System Repair Engineer 2.5.16.9006 }6 S% Q2 V R
- Smallfrogs (http://www.KZTechs.com)
( m/ ?' F) B# M5 G2 Y- @ - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
~6 Q: |1 h' ?; |' X" d0 Q - 以下内容被选中:& g1 _7 H2 S" h L8 L% J8 J- _! A
- 所有的启动项目(包括注册表、启动文件夹、服务等)
$ e* B9 P: D k: y8 O! H - 浏览器加载项
* f. T9 d0 j& t/ i4 z+ u - 正在运行的进程(包括进程模块信息)
: \" e6 b$ ?0 h1 Y8 d: x# ~ - 文件关联
8 E0 [: v5 ]' @( K+ \3 u5 R - Winsock 提供者
, L8 C" U n' T7 ^ - Autorun.inf
) q2 d Q/ u/ T - HOSTS 文件( a! ^: C7 h- d, X
- 进程特权扫描
4 {" t! q7 M5 z' [( r
) l% [6 M- E8 D) L% G W- 启动项目
! ?6 Q- @& s J7 t# ~; ] - 注册表- g$ w. z: b% [( u0 n! [1 Z; t
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]9 s( l% T( O$ H- d D4 S6 E) [
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]: C1 R: E* V9 T% _+ v
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
8 M! X5 ^% v: w: Q - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]# k5 d- Y( c# v9 V9 N, m4 l
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
+ G! z+ X; H4 P, ` - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]8 |. a) I2 x4 ~% J% R. I
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
5 i1 C. Y3 q4 [' ^/ E! v - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
& d) `9 u; V: i: W& [ - <PHIME2002A><; > [N/A]
0 m$ E( q4 ~) I5 ~/ C/ E - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]. _7 W8 p' t9 } C- I. U6 S0 I- t* ?
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]5 G7 s+ f2 M6 J* i# M4 Z
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]9 V# ^. v, E1 n! X: A: _( q2 o! E& n
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
/ g1 _8 f- F% h - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]/ a; x# I: w) n, w, E3 l: v/ ]8 s
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
0 c; l! k/ [, ~0 i2 p+ [$ G& F - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
, a: E3 ^* n/ A, l) T, W - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]# V3 J9 V( h2 U- r
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
) J# q) K* _; }' V; E - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
4 V: n v& l2 s7 H! m9 A1 b - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
) m6 D* O% K( L0 S4 H - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]# }+ B7 C! q# X) x z8 X* E
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]5 `4 p6 |9 ~, V8 V5 `& `
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]! C4 a& U% }& \9 P6 \5 {: k, y' ]
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]% j# F. n; t( d9 a8 {0 b% }; B' O
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
$ Z a0 i* N2 H* C+ b# e1 R" `: z - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]5 }( z- h" l% [( j0 s* C
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
% L! A$ Y" k+ Z* L4 Y - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
2 r, ?/ A1 n3 @9 K/ G$ u - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]2 r" H- b8 G2 Q5 B+ s x) r. J
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]. l8 s" }" f4 {& T0 n# l3 E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]( |! {* ~3 ?5 ~7 Z& C1 W: t
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]+ H: H4 {; K' ~2 \& [+ Q
- ==================================, \4 a: h& A# u8 q: {! d/ X1 D! M6 `
- 启动文件夹
# l. D, {* P& E% b - N/A/ Y( w: X9 U! K
- ==================================, o" m6 j5 z }* a3 h; {0 C6 a
- 服务
. ?. w- R. ?! I( X8 a - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
p! v- E4 E% G - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
7 O) Y8 K( n4 O. l4 {6 C( c - [Google Updater Service / gusvc][Stopped/Manual Start]
k8 H% v8 }$ h2 p4 s$ {4 f - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>) n# g( P+ n4 ]: \( R! @* X5 U
- [Help and Support / helpsvc][Stopped/Disabled]
# d5 ~" t3 o0 [" Z3 R' k+ B, F$ r - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>' F6 D7 ~' Y6 i4 V+ e- l" @3 S K
- [Human Interface Device Access / HidServ][Stopped/Boot Start]) y8 X- v) f- f7 G6 C7 e
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
/ Z$ b8 Y; L+ P - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]( l5 @7 _$ l& U- y, U/ z
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
: V( C# f% d! _& i. E' A- w - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]& ~1 t, O/ l- d& v6 y5 k
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>) x( O3 D1 N/ ]1 s7 n& i+ M( m* K
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
! g" s. M$ o' u/ Q" T; R - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
9 E% O8 i) R$ X# D# n4 e# F - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]) V7 L/ U( E) d. L Z
- <><N/A>
; _; r' w5 s) j, ?/ Q! e4 W9 u4 [ - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
. s( M2 R8 A& p- m# h( j3 s: q% r - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>. o9 n1 L1 T, y: W& \2 c; a' {
- ==================================
+ Y, V; ]( t7 ^( ^ E" F - 驱动程序 o, |& U0 x8 K9 E
- [22j / 22jn][Stopped/Boot Start]3 I. [8 i" |" @4 I4 I- U4 n
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>. m" W; U" ^& V1 ~4 K0 @8 W
- [360AntiArp / 360AntiArp][Running/System Start]
' Q6 @3 ]1 V1 L% ] F5 V, _ - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>) s; N; x) I5 l
- [43ec / 43ecu][Stopped/Boot Start]
2 e4 L/ F0 y& q5 |: P( W; X - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>' L3 O2 E# Y7 }# E7 ^) S
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
9 ?$ ?( T9 J, ]0 }5 z - <system32\drivers\ac97intc.sys><Intel Corporation>$ H' w- u+ w5 X ]* l# v
- [Promise driver accelerator / bb-run][Running/Boot Start]
) j9 ~, k# N6 w - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
, a4 c' I3 g; A! V+ w5 T/ H - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]: y. P+ X. X& m$ ?" x9 `( [. H- {
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
# K! |& w; i# T! [7 E* j - [KAVBase / KAVBase][Running/Auto Start]
9 t/ c8 Z$ h1 Z6 h: K! D - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>/ A* q: v. V- j. r, H) A
- [KAVBootC / KAVBootC][Running/Boot Start]# q) @1 I& x& F
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>, ?, ]- o( l& t7 E1 u V. k
- [KAVSafe / KAVSafe][Running/Auto Start]% F& s6 a, s! S7 A& X
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
W6 ]$ X" [* m8 @3 z5 | - [KNetWch / KNetWch][Running/System Start]# e @; e* K' G* \$ c K
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
7 z6 V+ m( x0 ?5 g - [KWatch3 / KWatch3][Running/Auto Start]' J( a+ ~: l$ E/ j- J
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
" `1 i" E3 ~; k3 a8 w9 P. e* Q - [ntptdb / ntptdb][Stopped/Auto Start]
x9 C% k$ ~# P - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>) F- S- o; E. K; G2 O$ ]
- [nv / nv][Running/Manual Start]
}9 X9 H J& Q+ Z5 I - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
" _+ S' L# ^$ M6 o8 \ - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]0 {, K8 i3 {7 }* y1 ~
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>1 K+ L* |; G; M% V) I8 v0 Y
- [DDK PACKET Protocol / Packet][Running/Manual Start]* r1 |% S" @8 n# @% V
- <system32\DRIVERS\ProtoDrv.sys><360安全中心> K$ D% B9 T. q o. X
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
; n5 n: i6 ^+ o - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>- ^* }0 T; u% x4 y
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]' {: a2 g$ X* y1 f, h3 N
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.># }5 ?+ B* | u( S
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
# U+ x. x1 A- D" C J' h ? - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>; C2 t/ V9 F3 u X2 K& ~. l$ ?) F
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
( M/ ^+ _9 K- X! T! k* h* j - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
' u* R0 Q9 z. Y- m/ M" ` - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]3 u0 o& { P0 L
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心># Y2 u9 m* |# `2 v4 O
- [Secdrv / Secdrv][Stopped/Manual Start]) w0 `' L% j, C" A: G9 C0 m+ a j2 i
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>9 `1 D# ]8 p' I6 V' t
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
$ n& T: D8 a! x - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>" o- n8 i8 X9 r8 ^* [* V7 t
- [System Restore Filter Driver / sr][Stopped/Disabled]
3 Y$ n6 f+ y. M/ v - <system32\DRIVERS\sr.sys><N/A>
5 w0 s0 L2 B- |6 ^" a: i - [TesSafe / TesSafe][Stopped/Manual Start]
; K3 q! p7 N7 s/ n: K1 ^" _ - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>8 J. ]; @# ^ f; y6 G; _
- [System Services / unzxzsrs][Stopped/Boot Start]
8 Y, m% [; Z5 g5 D, ^- R - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
9 U$ R/ \7 f+ q, V - [ViBus / ViBus][Stopped/Boot Start]8 U2 e [# R* Z* s( ?
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>; j& x8 P6 u4 L
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
" R6 D6 L* `& ]* o - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
, F- c/ ?8 o/ S* @( m4 V$ H - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
5 q+ h2 b1 O5 \; w; _5 d8 V6 o - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>0 g3 X2 H) P/ V5 }0 G. I
- [ATI Extend / zhibmaso][Stopped/Boot Start]/ W E; R- o0 T8 i7 ^. P
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>% J; e7 n: g, \: k1 _
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
. {( H; Z: r' @1 r - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
' q# l3 [1 a: Y - ================================== A" f3 N1 c5 B8 f
- 浏览器加载项& `( q* {+ E6 V" r
- [Google Toolbar Helper]
3 T' K# ~! z- f+ P# W - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
. A( h$ z3 L/ H$ L+ ] - [Google Toolbar Notifier BHO]
1 u9 z% Z$ ^# X* z - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>8 |/ U+ x; N. R& T+ F
- [SafeMon Class]
2 H1 l" c5 E# v* c8 b! X) W$ U' G - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
8 t& t! Y- i. \4 v8 m - [kingsoft browser shield]9 U+ t/ A8 D J! ]- |; F
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>1 R/ n% C% v5 {- t8 b" C- z
- [IEBuddyExtControl Class]
8 ^" I8 w- P" G - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>/ T( V8 n/ q5 Z, d9 ]! `( u' ~
- [Zcom 杂志]; m& j- Z, s( O& B% t" c" t
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>, ^( h- C7 n$ Z
- [&Google]4 O, z4 z6 ?* O" V. m
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>! r% F( `+ `7 t- T) k
- [KooPlayer Control]- W2 d m& a: N C* y
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
6 M( I$ J5 d* o$ u: | - [Shockwave Flash Object]
7 s3 J1 W9 |" M/ |% A7 Y - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>+ F' [! E, d5 J: l2 Q
- [KUpdateObj2 Class]
* @/ R$ b1 L% \% w3 Z% O - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>- d% N+ J* I4 }& G
- [Google Script Object]9 E; f a% z% j6 y. R( Z
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>' S* {, h! r: Q3 m/ t
- [EWA Control]
) J1 u: z( K& F: B - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>+ C3 e& e$ j. r" Y# ^6 ^& n9 B
- [Windows Media Player]5 X9 b3 u [/ p V6 i9 y
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>' V s8 L& C" u5 O7 d: i) ~
- [&Google]3 L, Z( ~* S6 \) l" w
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
}2 [' R/ f# L# e) H" v - [HTML Document]
, }7 O1 a7 p& I4 Y - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>! w' G+ p B# v9 p# ?, a/ [2 e4 a
- [DHTML Edit Control Safe for Scripting for IE5]8 Y. Z- r/ g& k+ {, S
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
1 d# r$ P f! r9 [) G5 s - [RealPlayer RAM Download Handler]4 h& G# k7 I1 g( a- p2 i9 d
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
" [- u, o( W0 a) A - [IEBuddyExtControl Class]+ l: F/ o% R( Z2 M9 K
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>& V" I( p( H* _9 _) ~' N G
- [XML Document]
* q0 j2 n# R) ? - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>& a$ H! e, M( d- p& j. K
- [HHCtrl Object]
8 \) b; T$ y/ p" A# n - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>. P- k, ?* n3 ~% _* n3 a
- [Windows Media Player]
% n& J7 \) |% X! G/ F - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
0 B: r1 E |$ N; d - [Active Desktop Mover]
: I8 m5 W& n8 K( A6 ~+ d+ S - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
; h: v( }6 k4 H" r: P - [360SafeLive]+ \- {) X0 X8 ?# ^" [! F
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>$ t4 \+ `, P' e$ x: ^+ U
- [Microsoft Web 浏览器]
% b' k+ h: T6 J) i - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
$ t f4 U) S: C: d, ], E& I - [Browser Enhanced Objects]
" J, I; ~2 P4 W4 p9 b6 ` - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>' o( E) H& v5 |, e w; N3 s/ m
- [Google Toolbar Helper]# R$ A+ O% H, _. @
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.># s% A& U e+ p" q- Q4 a# Z4 M
- [Microsoft Scriptlet Component]
4 m0 @9 @" Q7 W3 Z5 Z5 d - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
% I, M/ @; I2 j) T$ E0 N5 { - [Google Toolbar Notifier BHO]
8 T( f3 J; N5 ?5 {! z8 h2 H4 z - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>+ p! `7 w8 X% D
- [SearchAssistantOC]+ X0 b+ ?( U! `- }, ^0 ]" G
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>' a, N: U: r: w( Y% Y
- [SafeMon Class]
* n2 {" b8 A B- V1 g# W4 O4 k/ A- p1 i - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
$ F) x' l% U' O' l# Y1 M6 a6 ]8 A* E - [RDS.DataSpace]
- H7 V+ I4 f: C2 c# B8 e. r% G - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>$ a/ `. X. ]3 v/ E
- [KooPlayer Control]6 y8 ?. Z2 m# j# n% x7 o, o
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>. k4 n2 j, Q5 V, E4 y+ |! e
- [AUDIO__MID Moniker Class]1 {) O7 M# ?: V- I$ \: e9 z; x% g8 i
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>1 e6 ^' ?& }8 J& g" H
- [AUDIO__MP3 Moniker Class]
! K$ f- ^" u5 ~ - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
^7 n* F: d8 z* c; S - [AUDIO__X_MS_WMA Moniker Class]1 j" S" W f* Y
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>, o9 k# Q h: E: ^0 a- a
- [VIDEO__X_MS_WMV Moniker Class]
" |+ y, H0 F' f4 o - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
; J$ D9 y1 q/ e! x - [RealPlayer G2 Control]: N% Z |8 t7 \1 u( A
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.># O! F1 l' T6 e4 M
- [Shockwave Flash Object]
& P+ u! V) o B - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
3 s/ r$ x8 O( A6 D - [KUpdateObj2 Class]& r) `7 \' L. X* |4 W- n, t, M
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
' T+ [2 d, B9 I, V' ~' x; t0 N9 d - [kingsoft browser shield]8 O c' d+ o. k
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>2 R1 z( o+ R |% ]+ m$ x
- [PasswordEditCtrl Class]
O: a: `4 q+ D. z0 s - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>0 `* }4 }! D; z* O& ?5 Z, r! T/ l
- [QvodCtrl Class]
9 C9 j2 H& ~/ J- Q/ n+ M, r - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
8 g7 M0 S- H) {9 V4 Y - [&使用超级旋风下载]& A) i+ D% t. l/ s" F' i/ {
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>( H, G& T( I4 Z. j, {* w
- [&使用超级旋风下载全部链接]
5 A9 y4 y" l9 m! F - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>2 C( H! |# X9 C; f5 J% h; ^
- [使用迅雷下载]
% `) T# N* S4 Q - <, N/A>8 M) k3 @+ R+ a" S. u
- [使用迅雷下载全部链接]$ G7 x0 b8 M: ]
- <, N/A>( ?9 i: X& v+ A6 V1 v. B
- [导出到 Microsoft Office Excel(&X)]
! U4 d+ e/ l* A4 u- L - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
( I/ c6 G+ ?& y4 h5 N: O. { l - [添加到QQ表情]
8 d4 B( x4 i: P7 P - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
. E9 ^7 T9 u+ P5 s5 X - ==================================
4 j! j4 U0 N8 Z - 正在运行的进程
, B! g1 ]9 r2 u& G j - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- O/ D% Y9 A3 [& r8 x( X - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 |6 |/ _2 R. E; E
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] W: Z& K) k- N- Q# k8 `5 c
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
& g4 C P/ q, L9 U, T - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 Q+ ?- D0 v; z5 \ B f6 I% X- r1 ? - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- X' G& n* Q5 P - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 E& M- U, R6 J3 S* G7 h% G - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 x, d7 X p* O$ o5 v
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 f% Z }) R& q
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
, P* R3 e) \$ x# v - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; `/ M- r8 q5 S) P% E
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
. n# M: a7 h8 Q3 ]7 N3 n* p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
* e5 o) C% E4 i% N% B0 V* E1 I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# w+ q) K5 o% D8 w. D f7 G; F
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]8 C; r' h9 K, P, j
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 S. M; H3 A+ A3 c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373], V; s% ?/ J8 M9 v: h1 T- S# t0 b
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]+ P8 _% y8 p* _7 w; p
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
3 K* o( K) C- I9 V4 _ - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]( Z3 T2 P2 o. p6 Q, X/ q, `5 b; T
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]+ k# S% |8 P' e. k7 x5 G' G/ g
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* \6 g3 S B9 o. a
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
3 N! H* a; d# S+ b3 y3 T - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
9 {8 \" e6 [) ]; [ g - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
+ G, ^7 ^ J' o - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
! o) _) ]$ a: c/ G6 a - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]; |9 ?: U8 P+ E5 `! o
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]0 K5 ^, K5 {. T9 x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
. N2 T' X$ C8 x; A. k - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]2 w- b8 t/ D( S B% S- C
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# P9 `6 ~! a! F5 ]* v% m
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 g; o& t8 z9 }0 R# [, ]4 p% p5 X3 l - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
% i7 g& Q' v+ i& M# V; a' g. W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ c ]9 T8 M w( U) Q: z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* J) H5 ?! p b, C9 D, I/ z( G
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
: y; C- J4 G, u" y3 _ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]3 u H; b6 @' R" G( b) }1 v9 @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
& L& o X5 z6 Z) a# X1 B: r" m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]8 m6 G, S# C) U) E
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
9 T1 T$ |3 t( n6 n7 }7 P - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]9 j5 I+ x4 L- r/ r7 q' i
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 K" z s* L8 r! |! [$ g - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) P7 |0 `4 Z7 \: X. Q
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 l! C, Z: Z: a - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]; W1 S' ~4 x$ v& `! k
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 \) g9 g m/ F; v; e0 { - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% R+ Q# X4 f$ l/ c* W: ?3 [/ j0 g - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
8 H$ @# y. O: P% _ - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]0 s4 b4 H7 z/ X* o2 u
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. p7 P/ X3 l. ?4 k d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& w3 N9 C8 I* Z o. C9 R1 M9 g+ A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
3 E- V5 E7 E" X8 q M' h; X+ \$ z/ p4 ? - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
% j! ]8 E9 I. E e; c9 {& N - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
9 c, {5 v$ L" N1 b$ x5 d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]& F& g0 w# ~6 m. L. n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
7 E% M" P" V' m, h1 L - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]: p% n; t6 {! w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
/ j# W, x2 M5 G1 J& [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
' R5 d( ~; v, J H6 O$ j) U - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]3 ^: Y' B+ D6 ^: x I
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
8 V4 ?8 A6 Y0 _6 v - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]% u$ I1 \7 p* p ~
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
0 o/ s( E8 W: ]5 \ I6 T - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
L3 q$ K. w4 G. T0 a% Y6 f6 c - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
0 K! q, e, C9 B ?$ v# X - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
( p3 ~# }. H" r, B: L" W" D2 G - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]( C/ E3 \5 t# o2 J5 \, C1 C+ @( E
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]* B, ~# v6 ~" E" \( D% [
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
+ V9 `: K7 e: a) w. u9 l$ j/ Q4 ~ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]1 V+ U4 J/ q( }- r' D! m
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]' m: A' O& z1 N1 X, e( x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 g4 s r6 H# g. N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
. F7 a" Z) X: [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
2 N" [% F L' I4 E; A9 Y - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]6 Q% h3 t8 T- h0 p# I3 A# m
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
4 X4 { |9 r1 n7 n7 E/ } - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
" P$ i. s2 n0 Q/ w% u; ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
2 r$ S. }# O1 @& f1 p. M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]- y6 A& _; k" ^1 T/ E
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 w5 S7 I8 I5 D$ z, w - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]) e) ]* ]; x( f" g: S
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
3 M2 ?# I( _6 e' |; R9 c% L - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! r9 x/ B! A" g! _ \2 p+ z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
& O" t) H* }. y2 n+ u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]' O5 W3 O; \6 S6 q% A8 J5 J* O5 g+ h
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
+ \) a4 Q. \5 Y: `4 }! F5 C - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
& g2 L# K( \, S8 z" Y/ P0 g - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
/ A3 l: E8 I# j% F$ {0 J2 a+ } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: {4 B; i% u+ H' C - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]8 J5 l( K2 e- @. F, `) ?# l0 g
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% R4 h2 E3 m4 y- h8 U6 _" l, X - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] L ^; {8 n, |' x0 K ~6 J
- ================================== m' s/ }+ o& ]; {9 x
- 文件关联/ j' H" @9 S) {
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]% t; u9 G7 G5 g( A( b
- .EXE OK. ["%1" %*]
5 W! u- r9 D3 B7 e5 ?- B - .COM OK. ["%1" %*]
7 C' D' k6 x# h$ I& ~9 A$ S. [ - .PIF OK. ["%1" %*]; d9 V3 p( {( s5 c' u
- .REG OK. [regedit.exe "%1"]; n! L s0 ~& k! w' e- _) {* a
- .BAT OK. ["%1" %*]4 F6 a0 l5 z% b
- .SCR OK. ["%1" /S]
4 y% u4 Q3 N, @3 o+ r - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
+ N( A: p* H9 j - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]4 ?1 ]( S' A" U- u
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]. a) w y/ H" v. K6 u8 M( n7 X
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
6 j# H# X; Z( h8 ` - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]% g& `; }' ]- p; a! n
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
4 P8 z2 k8 M4 \- y - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
, B8 j( p O; s' @ - ==================================
z/ h* T+ H; o6 J3 z( b - Winsock 提供者
0 _4 B; H! Z& @1 F" A0 q - N/A
* |- a9 |; @9 |8 n* @6 M - ==================================
J% S/ J; L( Q+ Y( U' G - Autorun.inf
( }9 S1 h: r# i2 D" v# V- t - N/A
) `8 |* I' }; Q - ==================================( U9 S+ C3 `+ o; i6 f1 [# W. Z; u- z6 i
- HOSTS 文件% b3 p1 ?1 m4 b7 o9 ?
- N/A8 h, K0 | G2 q& S+ K
- ==================================
X' o! ~" l2 ` - 进程特权扫描
, K1 f1 j" `4 s& f6 c' r - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
2 K5 ]' v0 m% r# M5 o, T - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
# g! L3 R% X; ]1 { D - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]# j9 w2 P# Y. W
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
1 s1 W ?4 w1 H$ Z1 X - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
4 B/ m% f+ t8 N; r - ==================================
5 J/ y6 T" M# { - API HOOK
2 e% ~1 y. A; F; F, i7 k* r. D - N/A# y0 u# G4 {4 M
- ==================================' k; h' ~' s# M1 [( [
- 隐藏进程8 V9 _8 O/ m% j0 T" J6 \
- N/A
! ^6 I5 g5 W6 [: ? - ==================================
3 Y" l0 w6 v7 O- b* X- {" N - # R9 U w& b0 Z& r' U
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
