|
|
- 5 A$ g5 k& ~- G, q' ^
- 2008-05-22,20:37:43
7 ?+ [. H5 ]6 I$ F - System Repair Engineer 2.5.16.900; _; T6 p1 M& w2 w2 t. C1 }
- Smallfrogs (http://www.KZTechs.com)
6 e2 C1 k" B" @+ m" }( e - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
+ a( `- m; }1 [ - 以下内容被选中:& I0 J/ q: x( |7 l0 `8 {
- 所有的启动项目(包括注册表、启动文件夹、服务等); f: T/ x! p2 W$ E8 b* i' m
- 浏览器加载项: P; O2 X% G/ z+ Z4 P7 D) i
- 正在运行的进程(包括进程模块信息)) @7 q* ~1 q1 s3 u- B
- 文件关联
1 K$ u* h4 N/ ]7 T! b# j - Winsock 提供者
. D! _& n' x- _7 w - Autorun.inf
/ X% q" V/ K5 D2 b* J- [+ A) O! F - HOSTS 文件
/ b r( z' u& {3 g - 进程特权扫描+ V' e$ P9 p) M& E V% i3 t
/ e2 K. `5 R& z$ j- 启动项目 m5 g! r7 U6 D
- 注册表# V4 z/ e2 j4 I, v
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
& @6 l' j W5 l - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]" j4 p x! S- G# P" e% @" H7 m9 M
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
9 N9 X- Q3 l6 @! T. ? - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
+ R2 z9 o% p8 R5 _! x" O - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]" _% G2 \2 N0 x% D. ]
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]! z* h& E b$ Q
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
0 i6 o9 @5 {/ x0 \. G' ?& `! z$ F8 X - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
! d7 p* j. r3 m' N ]0 y. h' x& N - <PHIME2002A><; > [N/A]
( a# g* p/ F% s5 n - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
! m% g, W& T! m/ {6 J& Y+ f - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] k4 f0 t ?* \) [5 v$ w' R/ M- V+ o( o
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
. ~6 Z3 h3 B! W& G" I6 B1 K7 o6 A' E - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]0 b0 H5 p |% {4 R- Q
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
; H- t0 H+ K! [ q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]+ \3 H0 R# l: Z4 R; n0 t$ |$ {6 _
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]7 s2 J' {% @5 X2 [1 d
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]5 X2 M+ @; O# D9 y/ R
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
6 Z, }6 e( t, v9 Z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] @" i$ e! t# F, o% c* w/ o1 B# Q
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]) P+ J2 P0 z$ T3 `( i$ z! I7 P% r
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]2 _: B" A5 c' u+ o
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]7 ?4 Z9 @1 V( \$ }& C
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]" Q/ I/ @$ N* J2 ]7 @
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] ~, ~+ u! J$ c; ^
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
4 Q& \0 n& i* s/ x - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]6 U' i# o; K. V2 B. V' z0 E X
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
, h1 E3 ` @9 p# D4 |0 o( ` - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
! S% V& {* X/ d4 e) i; l& N - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]7 Y9 W& k7 ?: ^* a% b
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
" j% T9 X# ]+ w' t: L& U! H5 n - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
% ~5 K* L- f$ F l - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
0 q3 I. Z$ y' b" k' @ - ==================================
4 B3 `' m8 y' K. e% V- h* X - 启动文件夹
+ F" d+ y6 S+ F, {* g3 a$ h% A - N/A
6 S4 c* F7 t+ y" W0 P; F- `. x - ==================================
& }9 C5 I( w' |7 j' _8 a - 服务- C. s7 k7 c# B0 Q
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]9 s8 k7 e4 [9 V) w
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
2 U9 E( ~* s4 s6 n) t, K4 A! W( `( p6 y - [Google Updater Service / gusvc][Stopped/Manual Start], x5 p+ b8 m: h9 m& J1 w
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>* R; I4 c0 B0 \. c1 {/ N# M
- [Help and Support / helpsvc][Stopped/Disabled]( k0 b, d2 z4 z" F: k9 O
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>/ c2 h5 [9 p' d# b! r. {/ t
- [Human Interface Device Access / HidServ][Stopped/Boot Start]+ E5 R6 C) ^8 k( z' u6 G3 k& T. V
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
8 L8 K8 A+ p: q( @5 I - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
6 T M4 t7 @& ?* R - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
! A% A. v4 _7 W( I! { - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]9 ?' h* W& S. T) X
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
# j' | o# K! | S, t3 | - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]$ p- ?. g" x; g4 p3 f' C
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>% S Q' j) W ^# c$ @) k: h
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]( C- l# ~) p) B; ~$ `5 r5 [- o
- <><N/A>7 W, f! ^5 |2 Q2 X$ K
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]; f8 c% ~5 [; r
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
3 `0 u/ X. r1 }( w - ==================================
: a. `, u+ n. U( n7 P( ~ - 驱动程序7 {" j" q8 [2 Q, K3 ?/ ^
- [22j / 22jn][Stopped/Boot Start]& b6 X; n5 o% ~9 }+ Y$ h, h
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A> p Y; P/ G G( j% j+ O
- [360AntiArp / 360AntiArp][Running/System Start]
* P9 F, p4 F9 \/ ~ - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心> m k1 H$ p) g" h$ J( i/ F; P
- [43ec / 43ecu][Stopped/Boot Start]' b/ g1 O# m; P
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>" U9 U+ s, ~4 B( {/ \6 U. Z; v) a$ |
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start], n- O' F# u3 J7 p4 k$ s
- <system32\drivers\ac97intc.sys><Intel Corporation>
# J4 E+ {9 q* e% b s% i - [Promise driver accelerator / bb-run][Running/Boot Start]
8 w4 ^; C/ s8 ?- O( a - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
& e3 D$ E1 j, d+ @" N v0 f - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
. }" T. f, }( @9 D# y+ F; P4 C - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>, g9 |5 g. D8 E1 E2 C4 R5 g
- [KAVBase / KAVBase][Running/Auto Start]
* I4 j4 i/ \, X! O- ?1 v# Z" S - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>' _3 m, ?9 g. a! d; d# W& G
- [KAVBootC / KAVBootC][Running/Boot Start]
- E, f9 W& Y$ i3 W* G& _$ p - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
; S2 m' T" o E3 D3 z9 S7 W0 v - [KAVSafe / KAVSafe][Running/Auto Start]
$ l: C0 l! c6 j7 D1 k, O$ h7 ? - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
+ W" j5 i# O- ]& e2 t - [KNetWch / KNetWch][Running/System Start]' J& k- D7 W) {. w: S0 {
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>+ ~8 e+ c* {# n8 q3 T6 d& l
- [KWatch3 / KWatch3][Running/Auto Start]
j8 _4 C& C. c" P' h \ - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>8 |! g- O' | F! F& `9 U4 w
- [ntptdb / ntptdb][Stopped/Auto Start]
; N. V1 g' D( n x - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
4 l) [* J/ {5 d/ [, } - [nv / nv][Running/Manual Start]$ z3 |5 A- s! @8 U
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
7 x( J5 L- U0 ?' e% r - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
) Q5 f- }3 m7 w9 j: F" S: v8 N( Z - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>' x$ J% P5 s8 F ?. T3 p
- [DDK PACKET Protocol / Packet][Running/Manual Start]) Q5 s# {# @. x; H! y
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>) x; c" X( q4 H7 n8 Q. H
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
) D3 e! \& k7 P, E. z/ t( Z4 M - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
6 N9 V& V2 \/ X; W- E. Z - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]8 s% p- V" ^% t) y/ f% O4 X
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>6 P2 ]3 H( v4 _# u! {* ~8 w- P2 W
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]6 r, w, k+ Y- i2 J# m0 e: P/ x
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>. x- A7 V+ R5 V! b
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
1 S3 f7 a% _: m6 d( H% E' Q - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>9 i. y4 {3 ]' }& c( L* g
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]* Q4 C7 ?: Q+ {$ |7 u6 o* o
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
, z' }. ~# g( W9 y1 a& g! q" s - [Secdrv / Secdrv][Stopped/Manual Start]( i( y J7 @$ a7 r
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>; \' }/ s5 g9 z3 w; q
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]3 f# y7 g$ @3 R# M
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
1 {) D# [3 S, g* q r4 q2 _5 O, r$ @ - [System Restore Filter Driver / sr][Stopped/Disabled]4 S' O! q3 w" j, q
- <system32\DRIVERS\sr.sys><N/A>
5 }0 ?% V" N1 [/ z' I4 v - [TesSafe / TesSafe][Stopped/Manual Start]
0 j4 G; `4 M0 G+ j( Q - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
- H/ r( v1 `+ @1 V& @ - [System Services / unzxzsrs][Stopped/Boot Start]+ A+ `1 E' q) U( u6 J/ w; h5 t/ `
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>7 Q( k l A% c& h4 \& g( v9 U
- [ViBus / ViBus][Stopped/Boot Start]
& C* O! U8 @; S( q - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
' ?2 |, v- l% Z% z2 r - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
$ _: ?( R% L1 E6 | - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
3 M" e& h# e# E! K: l( v8 U - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]! ]4 _. n. o+ }0 \
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
6 q2 `8 P- ]5 X4 j - [ATI Extend / zhibmaso][Stopped/Boot Start]
4 g, C9 @, E$ {8 Q2 ]- j& k9 [ - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>) R. b; A% n \ j- ~
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
, ~9 N8 f" q1 v# n ?+ s - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>% m1 }, o; Y: b! Y& P$ V4 X
- ==================================
, c7 I: c6 W" m# [ - 浏览器加载项# }: ?9 X6 k, g) B% I1 d; h$ x
- [Google Toolbar Helper]& k4 p2 V- I/ {2 b- x. ^
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
: ?" c( |1 g7 \9 l - [Google Toolbar Notifier BHO], F* [; ~) w6 z# [& J. v
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
' t, }2 r( K3 X: f% T6 y u! ~ - [SafeMon Class]
s, x* d& t( ?( b& R - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
! _3 K0 g. _* t; O7 h! D9 b - [kingsoft browser shield]
* C6 ?; {( I5 s6 o) G; C: @1 L - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>; l. k$ o0 o- J
- [IEBuddyExtControl Class]
# b8 }( m) Z3 {+ Y - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
1 g5 k8 n4 K- z' F+ S - [Zcom 杂志]3 X0 w8 S9 m. C
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
) B" F2 k. T" I/ Q: [- H f, h - [&Google]
. x; o$ i& f3 }7 S- T; p/ O - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
C0 t0 M* |" F- l1 O - [KooPlayer Control]
; C$ K/ Y* Q# O$ V% {' X - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
3 ]1 ^$ T( z9 n% p9 a( m. c4 Q - [Shockwave Flash Object]" D7 g( \3 v' ?, [5 B5 v9 h1 [
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>3 [9 O) [; U/ P
- [KUpdateObj2 Class]
1 n2 p2 ^& `% m6 H - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
3 F3 R! P, ^8 i8 e* U- m - [Google Script Object]
2 b$ B c, i# g/ y* Y - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>( C! x' Q7 q! h: J. ]
- [EWA Control]
) a1 K1 h3 V" F7 c. _ - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>" X5 \2 j' q& }: \
- [Windows Media Player]
2 P! v& U1 [0 k# @9 O6 T/ V" r8 X( O - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>6 _; D+ S3 k3 G8 Y1 v6 _5 H2 p
- [&Google]
4 E5 C. F& X, @' g! f0 B - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>4 H3 u1 {3 g" ?/ V
- [HTML Document]
. Q7 I" {: u0 ` - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
% y6 Y" M; y; x: L; c - [DHTML Edit Control Safe for Scripting for IE5]
% x6 m0 k/ T/ I3 [4 |9 ]' H/ s - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
+ M$ z" ~! @" X4 @0 [6 z P/ v - [RealPlayer RAM Download Handler]
) L9 n8 S; M% h2 a) } - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
5 u( [& [4 }3 b - [IEBuddyExtControl Class]
- \; R" {' T/ ^& h( k/ w - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
; J" b2 V6 i% s8 @ - [XML Document]
: f$ I$ C$ c+ C( S. a - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
) @4 f" p, e+ B [. Z( K2 N - [HHCtrl Object]
; c2 s0 h3 i& F+ ?1 m& h - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>% S) @+ T! J* w
- [Windows Media Player]8 D7 e& X$ G2 y4 N2 n c0 v6 E
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>) m; J3 b4 j$ V) |9 c- p
- [Active Desktop Mover]: z: M5 l3 q6 a
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>. O% Q6 ]; p6 x* P5 X+ K
- [360SafeLive]5 b m$ {/ K; ], @* r0 l5 l/ t
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
) w; E! u. B7 P* U; j7 v& L - [Microsoft Web 浏览器]
+ L: K" s1 Y, n - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>1 Y" ^; K$ F; O3 b) g
- [Browser Enhanced Objects]
' G l$ \ u: L( Y - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>, }9 d$ h3 R' j5 U6 S5 C1 B. q
- [Google Toolbar Helper]
* s' \$ k+ L+ L( F& Q) f - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>0 Z+ Z% v% m' F" ]8 w, B* q) g
- [Microsoft Scriptlet Component]. z% c. {) ^1 V7 {
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation># h. V2 a. I! W5 C3 G
- [Google Toolbar Notifier BHO]
. B! \& ?( N! Y* D2 E: b4 b - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
: T7 Q6 W' q/ e8 f+ A4 V, b - [SearchAssistantOC]
9 K# A; t( U" y! @9 ], z - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
. R/ y, n& E* |; C \( \) Y9 L - [SafeMon Class]9 b' I; b1 n9 y2 y' t, Y
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
3 w% e5 a4 R2 m$ W - [RDS.DataSpace], n: a: @: w. k+ P: n4 m
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
7 j% E" j- r; j* I% y - [KooPlayer Control]
) I! E4 Z& Z1 e3 W+ r - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>; u9 q; B# f7 Z$ h: l7 o. t7 S, e
- [AUDIO__MID Moniker Class]' H) m% y) M: g3 ^
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
0 c" e7 \3 G" W0 |! o& V a - [AUDIO__MP3 Moniker Class]
: \) ]2 W; U4 t! I; V# {" Z0 e* J - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>4 \5 I$ K& k: R) v" |" Q% A0 z
- [AUDIO__X_MS_WMA Moniker Class]
, O. b" _6 s2 Y s- R# H2 s - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>9 j8 Z" |, \8 [- k, E0 }( y
- [VIDEO__X_MS_WMV Moniker Class]
9 u0 _1 E9 L4 A+ `5 j/ b4 b( y% ` - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
8 B: Q5 d! e2 S {2 k" O2 g' E - [RealPlayer G2 Control]
# ^1 D( q2 g3 b& s - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>" q6 a. ^/ ?( n- p! h0 W; _
- [Shockwave Flash Object]
0 z8 V- i! c' f9 K/ C# ?/ _% t4 _ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>6 O( o% g0 I- w) I! t
- [KUpdateObj2 Class]" b1 D; X! J' y8 Z. B n8 P
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
0 ]7 C! n, w6 E4 J9 e* m) U - [kingsoft browser shield]
: j% r' D9 o. P6 z - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
' T- b5 W. Y0 ~* L5 E( M$ v - [PasswordEditCtrl Class]
, R8 [8 q& U; {) O8 V - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
: x: W* e3 p2 D7 _1 E4 ~ - [QvodCtrl Class]" |% g9 t# ~% ?* a- b
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>+ A9 Y7 E/ r) Y. Z6 a7 R$ m: l
- [&使用超级旋风下载]1 O! V/ ?. ]* X) ~
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>: N9 n* I# i# D* F# r6 ]
- [&使用超级旋风下载全部链接]
1 O* r: ]! Q+ {; v - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
8 F1 Y" |/ e3 h- _7 X( _' T# G. T - [使用迅雷下载]
" P6 V- e/ A7 y1 {( I - <, N/A> j" t# O _' E, p) f# x( ~
- [使用迅雷下载全部链接], ^- w$ A. s( Q d7 n& W2 I
- <, N/A>
& E- i2 K7 t0 e4 }( J - [导出到 Microsoft Office Excel(&X)]5 _- h& h4 {3 }1 ^2 M0 G( c
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A> b m+ o4 g0 e! n
- [添加到QQ表情]
- d5 R- j* k# n+ w4 b6 R - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
5 v2 I) [# `9 k- R - ==================================
1 H2 z* J- U: G5 `4 I6 T - 正在运行的进程" m6 ^3 S+ Y9 d8 ?+ T
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 x2 e+ a& S& t
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. X& N' U, s6 v# z; m - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 F" P' h! _# L
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
8 `8 X; H i2 k( [ - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 ?; m9 m+ J! Q# W2 @! u
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' g. C6 D9 g) A' P
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ |4 G6 {( r4 k o- s! R
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( C) R) p8 T- J
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! M0 \0 C$ X+ ~* j# G* x C% H& ^9 g
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! Y$ c- ]9 N& H
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 P# f, l$ S) [. W0 s2 K, i. [ - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]$ S5 t* r" h# z. I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 Q- a' t( R% A3 p* i" e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]& u3 h1 H- M+ b/ f! i) J0 g- v/ r! Z
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]$ c0 n7 z. m: |$ A( m3 k
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
/ y# l- P* l& B* U5 \& O9 `; M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]5 f( j. A0 U0 }+ E5 Y1 j
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
$ A( K' x! w, O! a6 u, `& r2 c - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
1 h0 u! i9 o9 y, {) W7 z8 Z - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
* w1 `" _' E$ v E1 i; d v - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]8 g, m0 ~% `! \
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 p7 z0 ?% r4 r
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
# z" e- U V/ Q. e1 n - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] Y. p: b S: k1 D+ r
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
( h( Z& O5 x( ]+ \' a - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]' V/ p+ r# M. W: y
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
5 B5 C+ E3 s7 [- |5 E' o8 d% ~ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
& A- P. d9 o( Y# A4 h- H7 K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" Q1 I+ g6 ~9 A" A# _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( z, B5 A6 m+ m0 t7 H6 b - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 E8 U% z1 M7 G* ^6 a0 @ - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. ]/ @! m. Q& T1 E - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* F) i6 }0 { P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% }/ C& N$ A; r& D. P. w, [
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]& e; y9 R, A! u- B0 s" H8 [
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]+ W x# [% k2 A+ x
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]" L( c9 O; l2 M- ~& t! b" y& {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ G6 r3 G5 b6 b2 s# k2 f/ ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 H( F2 i' E$ Z! s: I" C! S
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]8 {5 p( U8 h3 y/ i- n& o$ } y6 }
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
+ p8 X% K! @' S0 Q; f2 o4 ]8 P - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 v9 W+ O! N1 k% J Z; n1 T - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ t8 ?' D) `# ]
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 ^( C2 {5 x% n& O - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
* z+ Q4 W H9 d - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& ^! u1 h5 {* R! w/ Y, r4 v! s
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 [& L9 r# ?% @) a! E( R" r/ ] - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)], V1 c# k0 r4 E- a
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
5 N3 k* v/ Y9 V! M - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001] {' q0 q I2 k& D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; c d. p9 s9 S; j; K1 j1 R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]& R+ x# e4 ~ W! c3 v1 j) A) P
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
3 J7 Z4 u/ z+ ?& z0 o5 P - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
/ n! Q( e" T& T; B; e - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
7 M* z& j% w# u; P% u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
( w4 z: {; }1 {- \1 D& l" q* v - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
' S& t3 N0 n) h3 w' Q9 { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
4 D: x. ^6 X$ c7 f+ G$ {3 ` n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
1 W" D7 I0 X, q1 T - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
2 c) u; W' C' _$ ?. {' S - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] B4 z* N3 D! c, R2 w( N0 q
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]( `) n% ~0 O, K& i4 j3 e, G( |- ^
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]) i: g7 r: f; D4 U8 V2 b
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
: z& {; P' U- M. \6 o/ w1 C - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
! R- C) K# U: W Z - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
3 B: [" h& p- n7 D% K+ s* V - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
9 X! i7 l. ]$ I* J6 w1 _ - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]* q( C6 ~2 _7 l
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]; H% u/ v% u% R& l# ?1 m
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 j: F6 `9 }, a8 ]
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
' B1 C% Z/ o$ `( J+ C" W" \ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
, h6 Y S2 X$ p) a+ l( U; m7 ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* ~- n& d, q$ B _& f' d( K
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; N4 r% T- x; b8 h+ y! [
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]& F6 y4 y7 j. }6 ?
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]. F7 s7 S: @4 M& q2 y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 |. V3 O" Z4 M, M+ n% W! b0 y8 D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; _' r+ `/ U# I/ g& {; d3 d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 |' Q7 k5 B6 {8 {
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
! a! o) l9 Z( ? - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]3 P; f9 W x, J) G* k' y z. e
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
8 w9 m4 M' m, |0 e. P7 O. [ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 _, Y! m2 [0 v9 A) b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], f! I) @7 J7 {2 m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 [/ L+ T& W0 Q6 p
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ [* a* R/ e& B3 W - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
( t+ b) \, o1 w& x9 X+ i( l+ s9 W - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 y, F1 H* E* x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: _! V f8 K: i1 u0 Y, a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 H2 {* x5 a/ Z5 P: @( {
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- @0 N v2 ~: }% K2 t* z0 M
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
4 t& C7 I4 ?: N5 ?: p% H - ==================================& ~, B' r5 F$ P+ I. u' g
- 文件关联$ ]2 E8 t; J; {1 J6 K
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
1 u; O9 J7 s9 z8 g. O - .EXE OK. ["%1" %*]
9 q7 T4 G1 j4 C L& b4 q% O! W8 q - .COM OK. ["%1" %*]% l1 u3 B; L: n. O1 S5 a [
- .PIF OK. ["%1" %*]
1 b4 k9 X8 L4 ] W$ a9 q! _$ r - .REG OK. [regedit.exe "%1"]
, f; P. p9 n* W" c% R6 `& O - .BAT OK. ["%1" %*]
( [$ o' R1 K! B' b, Y1 b9 \! n - .SCR OK. ["%1" /S], t! l2 ?& }5 B t ]* L0 m9 L' H- | F, g
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]; [8 o o+ g* W
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
: g1 i" _0 V( ] X1 I9 I/ G4 U3 F - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
4 V- Q3 R9 x$ @2 R5 N$ D+ S9 `/ H - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]$ Z8 J/ n& y3 p3 P
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
) J! u4 {2 F& X, A9 o: s - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] x b* e9 W/ }! m& y, y5 X7 Q- A- ^
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]8 w8 G$ F& e5 e/ r. {
- ==================================
4 `8 a* C# p" f/ y$ E - Winsock 提供者
% g9 ]) `9 h- @: F - N/A* L7 {5 @9 e1 d6 k/ x3 b* }% h
- ==================================
8 b' i$ M/ H( b$ B - Autorun.inf
; R% s8 o2 I+ }" i5 @2 k - N/A7 m! h- F+ X0 w- t+ H
- ==================================& w3 C; ]5 P4 w$ x5 x! I/ u$ X
- HOSTS 文件' ~+ y' W% y* E
- N/A
( Y) R8 a( }6 ]* V8 y( ?' s W4 @ - ==================================
3 ]% T# f/ N6 {- o: Z! e* E8 z4 L - 进程特权扫描
% S' x; j+ Z1 j# R - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]% \, f% V' ]6 y# W& U+ `$ D
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]2 s: v' n. o1 O8 b' t& \* G
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
3 |2 y- e- x# m/ l6 n - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]% K; c, v( B4 }# r5 }* _# f
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
* p. k' n' Z# I - ==================================: O5 H* y) M- o. ?% U1 K. ~( J
- API HOOK
# m3 {$ F" G4 f8 `7 C3 N - N/A! q0 n ?$ s6 y) A- }* d `, ~/ S
- ==================================' ^- m& z1 G- W
- 隐藏进程 V9 v+ p% b( B* B) `) z
- N/A
. n! \8 q" a( \6 P2 v3 ~; \ - ==================================+ F4 n3 V0 [) ]7 n3 J7 g
. ?8 D' K& r# F
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
