|
|
9 v$ c. ~: Q6 r, b! U3 t% b& m- 2008-05-22,20:37:430 s7 L) p; M# M' H) c5 Z
- System Repair Engineer 2.5.16.900
! l6 s K7 d4 j1 K$ o9 D- D) I8 p - Smallfrogs (http://www.KZTechs.com)- x% r. H9 v# m- s4 |3 P
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能/ O. H/ C4 {+ ^% g* g0 C8 y1 O
- 以下内容被选中:
8 Q3 C1 x9 l7 b: D - 所有的启动项目(包括注册表、启动文件夹、服务等)" [) `, ~* [, Y% `
- 浏览器加载项
8 @. R/ ]7 z7 Q) U4 i% s1 J - 正在运行的进程(包括进程模块信息)
0 Z) G1 }7 ]4 [! o3 Q) t% l. Z - 文件关联
" D7 Q6 N# V0 ?% B- w3 a: w - Winsock 提供者 \4 n2 s4 l P; x3 |
- Autorun.inf- m3 `" ^8 E' v2 l* }$ A
- HOSTS 文件* c( H, K$ Y2 E- l
- 进程特权扫描: M0 k9 }: m( o$ Y3 e
- 6 B6 H! X' `: V, ^& X% W/ ]
- 启动项目
8 ~" m+ `3 b* s+ }0 d - 注册表0 B/ c2 [+ T4 F3 \/ u6 q R
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]' a* E8 \" |1 y; |6 P, N
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]6 N, y, b" I" z& p. h
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]2 p2 {( U; z+ G7 {
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
8 U' w, W& h' a7 ?4 S4 r - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]# u% K: a, M! K! a
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]" y/ Q9 C' p/ K& _$ d; a$ {3 O
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]; d% |3 o k" q
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
' ^# B; C: Z, d5 ?- B9 n% E" k - <PHIME2002A><; > [N/A]
: H% G! \- O0 `, D, q. d; v/ r - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]! P6 o; @4 ^$ p& u$ Y6 y
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]0 L! y4 I/ `* ?+ q' ?% d9 a
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
, L3 C) }7 W( Z; K! ]- ~0 c0 d - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
* d4 o6 j0 S9 D3 d3 ]4 a5 ]9 ~( { - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
2 J8 N; V- x9 a8 j7 k- T - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]- ~, N: \" t: u x& [) _0 Q
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]: m( }2 `7 T' @" j
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]9 u: G" n: G6 X
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
) h6 q0 e6 r% D; e U0 u. C - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
) e; x& Q6 r5 X9 s - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]+ e6 k0 S2 q4 H: I. h/ N" a
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
1 c% F2 |+ C0 }. t0 o - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
4 u; h0 k2 c4 o7 }" U - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
6 b! |- f! {. w5 Q$ E! K6 Y& x. t - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]$ `8 Z5 F" r5 w" G
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
- G0 e# z) p, r6 q) V - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
7 c/ ]3 M* o) y% l" L E2 s - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
. l2 o8 X2 `' t6 e- g3 E" I2 z! R - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]5 \- S2 m, R. ]7 X" q% `! B5 `; {, n
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
V7 q/ G# G8 { - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
5 t; g1 d" z! i( W1 i6 K+ b - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]% @: N4 |+ k: F, ?
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]/ R3 B C8 m& J8 E- u, V
- ==================================
4 [0 L$ D8 g5 ~9 ^ - 启动文件夹3 [/ ]# G2 Y! P' n5 R
- N/A1 W# n& r6 _* u1 n: F; V7 v* L
- ==================================
$ K0 w; Y4 F: } - 服务+ p% O: q# _* K9 v
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
% j! G3 w- k4 Z' L - <C:\WINDOWS\System32\3wareSrv.exe><N/A> L/ g V) f5 z; I) Z/ A* R- c
- [Google Updater Service / gusvc][Stopped/Manual Start]+ \$ K2 I% [6 K- ^8 e+ l
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
1 g; m, l+ E/ t* R6 Q1 g - [Help and Support / helpsvc][Stopped/Disabled]9 T1 D. |4 K [
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
, T9 x0 u1 u1 I+ m7 ~; _ - [Human Interface Device Access / HidServ][Stopped/Boot Start]$ L9 F. ]' U7 D0 k2 y, Z5 A" ~
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
/ m0 {* c+ ~8 s5 F" n8 } - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
6 h* A( U- E+ Q5 y3 [. x$ d+ N - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>1 }, X, m- e3 n" l; h; z2 D
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]* Q1 d P3 ~/ S/ U5 D( T+ c
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
; S5 [5 W( \' V5 O - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
0 A9 \+ y' h( g4 f - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>3 n& D& \4 D; x* n2 d
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]* N$ T; @# O( G& e$ a
- <><N/A>6 |2 }+ _7 d' @/ Q; a5 R, @
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]* o! s" L) M. v
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
5 {( v7 n9 L1 u - ==================================4 \9 {7 |# C& M
- 驱动程序
( v2 C: \1 u4 j. |0 g - [22j / 22jn][Stopped/Boot Start]3 e( H2 S$ v9 x
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>2 G4 Z9 h. l, B
- [360AntiArp / 360AntiArp][Running/System Start]
7 F6 H( @; C$ D, U - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
; z- {+ L- D! {% P. N - [43ec / 43ecu][Stopped/Boot Start]& K. u z0 `; q* o7 W' B
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>, J' y2 g3 U4 n$ `
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
- w1 G9 X6 g# {6 e- f - <system32\drivers\ac97intc.sys><Intel Corporation>+ c- M4 q/ H2 J# L
- [Promise driver accelerator / bb-run][Running/Boot Start]
/ M. T6 I4 T, Q - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
6 \" M7 g! s+ H& C* f - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
% t9 _* M. e( @& O% b5 {5 i L - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
- k" B+ O$ `( F. I9 m. { - [KAVBase / KAVBase][Running/Auto Start]
% d9 f) c5 r3 }9 H: T; ?6 _ - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>- p4 D4 s$ \5 e6 u. N1 L# ~; Z' O
- [KAVBootC / KAVBootC][Running/Boot Start]- a* l0 i, y# [, g( Z
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>! C' H8 T) `4 Z3 T e
- [KAVSafe / KAVSafe][Running/Auto Start]. J! w! w! J: `" D
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>7 Y+ @2 g+ ~9 Q8 V7 R |
- [KNetWch / KNetWch][Running/System Start]4 N9 z6 q! P$ j' @9 u; n
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
& O( B4 }. m4 q4 X: y | - [KWatch3 / KWatch3][Running/Auto Start]; c) b7 |2 y( b( ~. | e- Z7 a
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
$ m" Z' L" t3 G9 d - [ntptdb / ntptdb][Stopped/Auto Start]3 f! G3 G v7 L, o
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>6 H, d0 L/ c2 R2 r1 I
- [nv / nv][Running/Manual Start]1 N% K1 f, p5 Q& C. G
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>! l3 O8 d% E; ^
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]2 \5 F9 t5 B; h$ Q i" Q/ h5 e8 n
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>: n5 X3 s* S1 V* `5 S+ x& Z/ |
- [DDK PACKET Protocol / Packet][Running/Manual Start]7 B2 R7 I2 h, u( u, A$ ]1 |# V. g' M% e
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>3 b& A) y+ g/ v( r% v
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
: |5 w1 z/ e+ C t( Q; D* ]) e - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
) T, Y' a% J' ^ H5 u3 u, M - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
4 R% @4 \) U4 V - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>& ~( {( z. `" n
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
7 y; e1 U* o3 i0 m - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>7 E1 `- D8 D; _+ d8 z6 k! s8 w4 A& `6 W
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]) s: w8 A( t3 c/ y" @4 [
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>9 U* a4 G }, C# W0 w! T& W+ Q% x
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
1 k5 \/ @9 B6 X4 `& \+ o - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>' {+ T% w5 N: z+ A* t
- [Secdrv / Secdrv][Stopped/Manual Start] n2 F7 j, T4 ~( K
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
- w% v5 H2 V) E* M" _: ? - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
! V% h" A( h8 g- S - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>0 R- w. I' y: n: ^- w1 N, p* N4 y1 {
- [System Restore Filter Driver / sr][Stopped/Disabled]
" h" [3 ~5 C! P3 d2 h( V" ? - <system32\DRIVERS\sr.sys><N/A>& b8 B }! W3 C$ ^9 j$ E
- [TesSafe / TesSafe][Stopped/Manual Start]
8 L3 N) E- f9 O4 u' I! v, i - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
, ?! f. T4 M& E' O6 u9 x, P6 x - [System Services / unzxzsrs][Stopped/Boot Start]2 r; S) n4 U* m/ F* B1 o
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
! W. o9 ]9 l) v' |2 M - [ViBus / ViBus][Stopped/Boot Start]
+ H! _9 X# z. w; f& T4 ^' a9 I - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>* F0 \; D0 N1 j
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
/ Z4 d" q& _* b - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
5 b/ h' Y6 n) K: D7 h! @ - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]0 e ?# u( W/ T0 b! t
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
3 f/ A1 k/ V, Z3 q3 k3 F - [ATI Extend / zhibmaso][Stopped/Boot Start]0 s8 G4 \( `' ^' x1 n4 j
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
, V1 d' w% b" w/ u3 R/ B: m* S - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
5 G" O Y" Z# q y# m! Z - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>7 r' t: B, g4 \' ]( I
- ==================================
- R: z4 w8 q+ K; p; c# A- r - 浏览器加载项
4 y; N' l* {! X1 I4 ^# V1 l* c - [Google Toolbar Helper]6 D7 X! n8 W) v" v* ]) S$ V
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>! @4 B. O7 o- {3 u( c: T. L- r
- [Google Toolbar Notifier BHO]
+ M1 c- n Z& k+ Z5 c2 m - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>. e% d4 N- s# t7 {
- [SafeMon Class]+ q4 ?/ d3 ^" }0 b( n! p
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN> L6 ^/ }* q2 Q3 s
- [kingsoft browser shield]
7 x% S& D% U7 y1 N9 ]0 T - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>. N+ Q( j" K, F* H
- [IEBuddyExtControl Class]
+ u8 W! ~' m; ~1 N; Z1 ~ - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
2 j: O5 ]/ x; z' b - [Zcom 杂志]1 \' e9 f% Q: X2 W, s M2 {( m# F
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>: \) @! m1 ]* ~, U9 ]' s3 e4 D) u
- [&Google]$ s, e" L4 h7 Z* C) N; H: t
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 T% Q0 E. t5 l6 b) W! N
- [KooPlayer Control]8 }4 ~* X0 x5 D z3 Y' B
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
% [# f8 i! p2 X3 o7 }) r$ Q* V3 n - [Shockwave Flash Object]4 D0 ]) M M( _' x l- |
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>% K, T. L; Z g
- [KUpdateObj2 Class]) S$ ~! l9 t+ O- m
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
/ R5 i7 r7 C- @ - [Google Script Object]; ]% R6 k. `7 T: ~2 X
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>0 G' {. ?6 E- k% G. ?
- [EWA Control]3 l+ @- u* G6 o6 D1 x* f5 a1 o$ L
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
! L5 k3 a4 ~0 ~9 s$ i - [Windows Media Player]
1 o0 O3 v `) g0 H4 s - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>( r% T* _9 [$ I1 D( k E
- [&Google]
$ x6 X, \* W7 l `% P - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>$ U! _, R4 i1 F1 P, V
- [HTML Document]
" _) a( i F' f' a# E8 s - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>- {* m: _) d7 n: p$ [
- [DHTML Edit Control Safe for Scripting for IE5]
: V& M+ \6 _* T! A# w0 J! L% q0 ^$ N - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>6 K4 n0 o, e2 _* |2 ?* i* N# ~
- [RealPlayer RAM Download Handler]
1 b" G. m& v- ]& }$ B - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>/ y8 l& v+ Y7 ]) j5 b
- [IEBuddyExtControl Class]' k7 G/ z. p! M. W E6 [1 { E
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
: I1 Z; ^7 r8 ~- I) W% k, N - [XML Document]
4 ^% W3 \3 @1 I; o - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
" b/ l) n8 I# v1 h& ^ - [HHCtrl Object]
3 }( Q7 W) d$ r, o! p9 s9 F - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>0 V% L* Q! W9 i$ l4 \
- [Windows Media Player]
4 k* r) C5 P3 E- ~ - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
9 U0 T& w' D) J1 b( A - [Active Desktop Mover]1 f3 ~; u/ g7 r* `. r. Q
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>& }, ?5 o. G) s! `" P A
- [360SafeLive]
/ R# T* R' N( G& Y% x" q- X - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
* C; D+ W2 g4 |. `0 E3 F) ?4 _/ L - [Microsoft Web 浏览器]7 r2 N$ j1 G! ?+ @1 U
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
- A n) v) o# o - [Browser Enhanced Objects]
9 E2 B/ T' w: k: z - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A> _# h* o- O$ ]% [
- [Google Toolbar Helper]+ ? u: L7 ?5 t6 W4 Z, b c
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>* |5 ]+ ?5 i/ Y, ?) C; t4 z
- [Microsoft Scriptlet Component]# i0 T7 d+ ?% ?. p* K
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>" H3 L6 t1 ?$ B9 k
- [Google Toolbar Notifier BHO]/ P: \1 s; }% i' u9 }
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
, |, e3 f; E5 b) ^4 [ C4 E4 z# m - [SearchAssistantOC]# O1 S5 {/ Y+ M% Q
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
6 S- } A, T& g& E - [SafeMon Class]& u# o; r2 T$ y- K- w- f8 ^
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>/ o. s$ D& @ m/ r/ u9 d4 _
- [RDS.DataSpace]$ q2 i) ]: E5 S1 I9 r
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
5 n& f) N# i, C- Y9 g" e' w0 e - [KooPlayer Control]& @* l j, i4 [, }7 Z h+ a
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>+ Z6 Z/ g$ q3 f- h! }; z9 r
- [AUDIO__MID Moniker Class]
4 t( E+ ?; d2 k- Y' n6 ` - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>. Q$ u e( J W- u) K5 A
- [AUDIO__MP3 Moniker Class]
7 K& [4 U) e+ D# Y7 k5 [4 q - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
. \2 K# s" N% y) l0 X - [AUDIO__X_MS_WMA Moniker Class]
& c ^' [6 ?* V8 g1 D; W - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
3 t$ j x# s! x' F - [VIDEO__X_MS_WMV Moniker Class]5 H" g: Q% e0 ?/ T0 F
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>3 S3 \ ?8 E: O3 C3 y4 Y
- [RealPlayer G2 Control]
6 N; X+ k |; O0 l* ^* d - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>: Z% v; M7 {- }. Y0 o2 X
- [Shockwave Flash Object]
' q) s0 H, ?8 @, w7 a9 c - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
4 R9 _7 z, _2 r D3 P( c0 I4 `' F/ A - [KUpdateObj2 Class]0 X7 G8 P' t; M+ g; G+ L: x+ X. V
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
+ C( L" d5 D; \/ C - [kingsoft browser shield]5 J) \1 {7 f& D; L7 ]
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
% ]" X* f. ~1 u% S' C - [PasswordEditCtrl Class]3 Q$ n, R% U+ _( p
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
/ V0 O' b( q' { K$ O - [QvodCtrl Class]
9 i( a2 S$ [! }" |: r/ d4 k - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
! q2 b' b3 q: g5 l$ P7 N - [&使用超级旋风下载]
0 s4 R0 v2 [6 P6 K% B4 t2 ]1 p - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
5 x. m9 }6 m" N/ h, R2 Y - [&使用超级旋风下载全部链接]
, A! Y- T3 A& D - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>2 l9 C2 [" f2 G8 M) t
- [使用迅雷下载]
$ f1 m) B- O2 u, B+ F* ~4 u9 y - <, N/A>) d4 r( a1 h2 f3 s8 ~
- [使用迅雷下载全部链接]
6 z( k1 H ^! I& X0 v - <, N/A>4 x/ u$ z+ @$ ?1 ]
- [导出到 Microsoft Office Excel(&X)]6 c$ T/ w: m$ w6 w T) D
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>2 s8 ~6 S2 E' L& t4 ~
- [添加到QQ表情]# d# a# E; a& o2 k6 w3 ]; E
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
9 W9 w# a! V; Y1 U3 |9 ?( Z - ==================================8 H2 A) d- x/ y; Q5 @( Y
- 正在运行的进程, n% Y' z; D/ Y4 n
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 h. Y- k6 ~' n& B9 v4 m
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C. B" S1 V6 p, D d* X( Q
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 | W1 F7 ~0 k) ]; Z' }
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)], _$ Q, S7 h" R: j; b
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 a8 e% O) p+ x% Q) w
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ v( O7 ~( x# ~" ^ R6 M+ F' H! |
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ i6 w, w4 x5 n4 P- L
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 M$ W* }) W" t* _+ ~2 ]& V6 _' D
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 Q9 ?4 U+ w" X( Q7 w: s - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* L* S/ y! u9 ^) _, [
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ _$ W) w- k5 p! s3 r! R
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]8 [ G" t5 ~' `3 T2 i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 {/ {6 y* D: b7 N2 ?1 I3 h0 l# t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 e' m5 j: F( ]7 e: q
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
; q- P" m: i) r2 l {) ?# F - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! l7 I- U1 H+ F! H, z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]3 r: U6 I2 }% X1 [6 A9 H
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]7 H: \7 c/ v! S7 d( V+ `
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
& h& g; V+ i5 Z& }* n, z - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
6 c& t4 @: G: L% u T) Q& l - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]2 a8 y7 m4 h( C) Z* R9 e% A/ a
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) B8 z; V. z- ?5 e7 o' `; p: S - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
. `, c' \/ w% O- M: e4 X - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]6 C9 v* T" z8 g% \& ^
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]% b/ T) T0 v, P! v3 `. n R4 b# X
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2], U* O1 V K1 f. m+ G3 F- z+ P
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
$ W; l' f" I: p - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]# ^2 e5 Z$ p7 |4 Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]' y& H4 {+ ], u: K8 r) N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 K/ n$ j$ G2 Y; Q. O - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]1 {/ d: V) Y: x
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* o+ D9 z; l% j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
2 g! z, m( i% `) e; ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364] \& @) y& c% d1 x# C
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
T) h! U# ]$ S* A - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
# k: \+ j7 q: E7 } - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]$ ]; ~7 }0 A0 I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], |1 x0 ~" ^3 t4 g, q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 W. E4 N5 m6 [$ q/ X+ E7 f! a7 R - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
% t. V- p+ s( J5 ]7 e- M( Q - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]: g/ E3 P- K, ]
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]5 T, P8 K" D3 p4 t& q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
7 _1 {( f% d! O+ H8 i' Z - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 J4 M$ K+ Z1 @. m* o n - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]0 S$ X* Q9 R' |. s; S; r, O+ d3 a
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 k! P5 D9 G4 E, O* H - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" F I6 r, Z- C! e4 R7 c - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]. b C6 n6 m; x& S0 m
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]$ h a3 K/ C- Q+ {3 L4 j+ T
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 d! ^ g5 l; K* R& K+ C a0 V' f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( [1 |7 ]9 \. V& i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! I( z! a @+ Z* T" O - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]+ T0 _7 I& U# t- U
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
0 ~6 B+ F3 P3 l/ F5 G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
' S! z# p% d7 ?6 T: q' R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]2 L: K* U* h* Z& I0 _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]& ~* H/ V* L" J' z" i9 a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
0 _ B1 i9 F2 p5 {) Y' H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
9 y( R- H7 g) |& V+ T, e4 m! a5 ^ - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]) m! j( A: w1 E- k4 n
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
( l5 W- F3 H) t5 {# l" A - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]* |5 \* o- v' e2 q$ ^7 E( l
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
& `5 W# O) g) P, ^: C - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]8 y0 @- d# @) n" h* G4 \' w
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]$ A6 v7 O; P& }7 k2 ]
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]7 R& I* O# v M; }3 k* H. e2 p' P
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
7 I& m: X0 Q6 B7 r - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]5 @+ t0 v, ~7 k' a. Z
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]1 a; ^4 Z2 E& R4 U/ U! y9 f
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 T' y- S; c9 |+ W3 Q - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
0 z8 q; o, z" Y6 z6 b; d5 v - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]" p O% F. ]6 o5 |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 x9 m2 x$ C9 F - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; U- N: V/ W5 z# G
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]: P: |- M; @5 y3 Y+ r
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]4 |3 ^/ ~, J1 U- H3 S
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
~" ^( a e Z& U - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; ]" s6 Z* x$ ^ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364] O( B# z3 |) M Y; S+ K/ B0 G
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ I( p! ]: {1 @* o0 M/ ^
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
! M' B, M5 E4 e# I - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
& j7 _; v& z8 g0 g6 k - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( x+ h; y0 `5 j4 F$ i0 B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]6 X) R0 _' a9 r, F. D- r) d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ E7 v/ b1 T. K. c5 T1 `8 p9 a1 t - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ e7 O6 h: V: Z% {
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]+ `* Z1 E# s8 M' W
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) s6 M. r3 B- U3 ^2 h' _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( T: r* ?! R. g5 _# C" ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
: F* @3 T+ k; V9 t, y+ l - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( J) f# L6 |: n% l" Z) [, n1 x9 Q - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]3 {: W7 d/ W/ Y4 ~" q6 C! T/ x
- ==================================
2 H9 f& n i5 _7 A' U* r - 文件关联0 ^) y* ^8 t. {3 y. w8 u. \( z
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]% o" {; Z6 f1 M4 |$ A- V; z) f+ C
- .EXE OK. ["%1" %*]" e) x- m c( D* C! w! [
- .COM OK. ["%1" %*]# L' O$ \. v# w9 m2 M
- .PIF OK. ["%1" %*]
1 H8 h; w. K0 l' \3 a - .REG OK. [regedit.exe "%1"]9 |( u6 w& x( {6 Y4 a) d. k8 ^+ t' x( c
- .BAT OK. ["%1" %*]1 U# O s! a/ t( |! W
- .SCR OK. ["%1" /S]. ^6 q1 `/ c) `. _9 O
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]5 ?% Y U6 V$ P3 @$ L8 t. x
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
0 q* G+ \* J$ w - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
' c* }& Z1 d" Z - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]+ {* l$ g4 c) K+ i" ]8 a
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]# A2 y( t0 {% L" {
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
% J/ @* G$ T/ q% W0 f# U - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
* m" z- t9 n H" Q6 i - ==================================1 w' }4 }, z& U1 f# ?' v- F
- Winsock 提供者
! a; p3 p% o! `- x$ O( A4 W - N/A' _: M6 |6 S O& l! K/ K5 E9 Y
- ==================================
) h" U; A9 m: f5 X( ?9 O$ @4 p - Autorun.inf& V/ V# Z, G1 T' U' r
- N/A
$ e1 R. ]) ~0 |- e6 P# b - ==================================- \/ A4 L% M! O/ u& g/ a
- HOSTS 文件
# b2 o) O, c3 f: l1 @: [2 J! s8 e - N/A2 O0 x9 y- H7 ~; s" P6 W
- ==================================$ v- C+ I& |5 t: i2 r1 U, f- |
- 进程特权扫描: a+ m* o/ |7 M' r, O7 \ B
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]8 s6 v# C$ F) ~
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
3 s- Z; r" ~' V0 |5 N3 D - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]: N) ?" w0 ~7 R" n
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
: D/ _3 i# |; o - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
" r- R, K+ g& G- m# Y8 Z( O - ==================================% w' N/ l- x( e9 f$ r
- API HOOK" y$ `) t; A2 }5 f+ u
- N/A
: ]: P+ Z. a! G i4 v - ==================================
" L$ G! S4 H8 O/ U5 E+ W0 f' S - 隐藏进程
N7 [9 H7 `1 S- z5 q4 U - N/A* p; c; Y0 w8 u3 \, A
- ==================================5 q, W% X/ w. v. x' Y/ G
% x3 a4 }; v( B) c: w
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
