|
|
2 x" ], V% G" h4 D- 2008-05-22,20:37:43$ R% o+ H# x' ^$ k
- System Repair Engineer 2.5.16.900/ @3 ^$ v9 k9 [, @
- Smallfrogs (http://www.KZTechs.com)4 [% a6 u5 r: K/ H! H1 V
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能9 I+ N/ v' c/ f/ w+ d2 g0 O6 W: j
- 以下内容被选中:, b. S- u8 {& I( ~2 ?1 Y
- 所有的启动项目(包括注册表、启动文件夹、服务等)
( h- y( ~* u5 K8 t - 浏览器加载项' h) _3 v5 e2 u
- 正在运行的进程(包括进程模块信息)
& I$ B- C( H7 m* I" ]8 h - 文件关联( N$ U2 }' w6 ~4 Y) T9 T
- Winsock 提供者
" e3 x% C+ T# V% k - Autorun.inf$ f+ H2 _. P% P
- HOSTS 文件& x( A1 S/ }; x' R1 P( \1 |
- 进程特权扫描7 h# g$ y6 Y/ Y2 G0 u
& S& n) x) `! Q5 d6 Y- 启动项目' I: _: F. s( h: e) }+ w3 \
- 注册表
! L/ N. r: }1 Q - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]& G% t0 h Z. u' X% v |8 d
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
& F: q& c. U6 @$ p7 F - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
0 Z/ ~/ M) w3 _ m8 Z$ | - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]3 n$ B. e6 @! R- j* [! G3 F5 [- p
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
, v; b f+ c8 G$ \5 |$ s+ c& ? - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
; V& s n! M3 C6 e: D2 j - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
5 y7 H" @2 o. P# @ - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
* h' J" {6 E) J* Q$ t; ^: m - <PHIME2002A><; > [N/A]7 P8 a0 D {# @9 N# M2 Q/ R. T" L
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
) }: _1 Q, e2 m2 [! m8 h; Y - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]" w( S2 |: E; v# Y
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]) I+ Y2 o: ~4 w7 H( v: c1 r
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
) n9 b: ^8 E [% D1 r4 j8 s - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher], R! D. ^, {, L, Y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
4 ^; M) J2 S& s2 Y3 T" |# X, ~( O - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
" K. x. o, n! N% m4 H- I - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
% j5 L8 i' E) o5 m - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]" E3 ~4 p6 z) X: R2 c" U2 f
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
q7 j0 k( n6 f4 V& d - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]$ L: S% D8 V0 o5 d! a3 q1 q; B' ^$ K
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
& p* |& t$ X& e9 t - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]" s8 H* X# \1 ~! j
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
( D) ]0 _( L2 D2 N+ z - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]& H [# A6 B8 n; g) |3 y8 _( }
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
# C5 @/ i- K' E; ~ - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]" t k" A) l. O
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
$ [: [. L" h* @4 q A1 z. A, ] - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]' c( D; n9 b; ]1 n
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}], ~4 M. s, X+ d; M9 o( m7 m9 M* U# E
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]4 ^ t% |3 _5 [1 g
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
- {% d% |! Q; W - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
4 A, c+ \* @/ D8 V. r1 r - ==================================; d7 \2 |+ }* |: o3 e0 g9 U
- 启动文件夹
# H: N: E- q* _8 Z- e; H - N/A
& @& X6 r& M& ~" `% z - ==================================# a2 |2 b$ N7 L. ^6 X, J
- 服务9 D5 |5 ]* a( |; ~& g
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]$ M F3 L5 ^" k! D8 g" ]
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
: n" t( ?6 m$ L& b& O - [Google Updater Service / gusvc][Stopped/Manual Start]
. J o/ h/ s. D3 g" J+ B3 i - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
4 m" W8 Q; B" B, r6 Q6 V' k - [Help and Support / helpsvc][Stopped/Disabled]
5 d& V8 m- V! g- {7 _ - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>: O. b% y! x- |, I, F
- [Human Interface Device Access / HidServ][Stopped/Boot Start]2 T2 ]$ i: `! l$ C
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
: }: _ R+ L* C; J - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]" {7 o" `% t1 i. O1 J. |2 N2 n3 v
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>! s4 Z" m4 ]" M4 J0 z* |, N4 W
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
" ~. k: q) M# Z1 h - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
9 i* i# ?" K3 w7 {2 ] - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]% @: V( P* r) A: {$ z
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>( Q' o- X7 o6 B+ {; v. _2 d* j
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
& K3 l. ]( p+ p Q% y9 e - <><N/A>
0 ~! l2 X, p: z& b' `/ M9 N* t' M - [Qvod Terminal / Qvod Terminal][Running/Auto Start]* D+ c3 T7 j1 t5 ]4 V2 n: K
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
$ a0 t, H1 U$ s N* S D r - ==================================: R5 G4 } ^6 Q# g: |
- 驱动程序
8 _% ~9 g1 j7 {: w" p - [22j / 22jn][Stopped/Boot Start]
& X( b! \3 w$ {/ J1 j' ^/ Z: S. m4 @ - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>8 I. C/ j5 m) L% s6 m% Q- T
- [360AntiArp / 360AntiArp][Running/System Start]% |) K' \8 z4 m. v& w
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>1 K4 k3 B1 r# L# Z% l7 {: a @
- [43ec / 43ecu][Stopped/Boot Start]
: ?. I, q+ Q/ u G# M1 U6 y i. l - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
. ?8 C: d+ b- ]( y n' s - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
- Q: @0 O& L2 {- p - <system32\drivers\ac97intc.sys><Intel Corporation>6 Q9 Q5 t3 m. b0 z9 X) a
- [Promise driver accelerator / bb-run][Running/Boot Start]
6 X# \- D0 p- s7 D P c8 N1 \ - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>7 o6 h$ w# G+ F! n) X& C) r
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
3 e7 J9 \0 T. g0 r% Q7 O - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>% _' V4 a) x m7 o/ y
- [KAVBase / KAVBase][Running/Auto Start]
9 j4 g/ ^" w1 X+ o' M" h# W9 |9 Y - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
( g! W6 V6 X9 J* N! l - [KAVBootC / KAVBootC][Running/Boot Start]
/ E9 T) S, p+ G - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
" [7 y( w" F' i; V# H2 N - [KAVSafe / KAVSafe][Running/Auto Start]
" p8 B6 Q& w5 S7 p0 n: }3 T% {* O- e - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>. N! T' Z* H' L( Z
- [KNetWch / KNetWch][Running/System Start]
3 \. j* w+ @6 B/ k0 @ - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation># \/ }" T3 C9 H
- [KWatch3 / KWatch3][Running/Auto Start]
+ u/ I5 I+ s+ T8 |# I - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>1 K3 V l. Y% |1 J2 s
- [ntptdb / ntptdb][Stopped/Auto Start]+ U" w/ w; g- |5 V \
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
/ k$ m S2 V/ W3 r% W% K) x' F - [nv / nv][Running/Manual Start]: Z2 l# Y1 v- _4 w4 `, x
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>- |4 I* X( p+ Q. q$ ]
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
- _' b2 M; J1 _% ?4 f - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>8 v& w# C" _ L& O! R. p
- [DDK PACKET Protocol / Packet][Running/Manual Start]
/ B* y9 x/ r0 P3 W5 G8 p) q2 Q+ f - <system32\DRIVERS\ProtoDrv.sys><360安全中心>! Z0 L g1 d$ K
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
$ K" w5 g$ T C5 u - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>* d# a; Z% s8 e* q' {
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
2 E% l9 R. z) s- q* { - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
( }$ @& y# ~5 s" L9 p1 w: @0 h - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
% l7 ]! w' F. [: |1 j - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
( P* L% i0 d; R% a+ h# f! w - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
, p9 v! l* N8 z0 C! Z1 I - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
4 R( I( A* Q/ q& J$ \+ Y - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
8 ]$ p3 i7 r0 Y; c2 I { - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
/ `% m+ n3 S" v+ X - [Secdrv / Secdrv][Stopped/Manual Start]
) M& [/ l* u' r0 r; r4 k - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>7 T5 w" v( S+ g! O, f+ y2 N
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
+ M1 @$ p; L9 ` - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>9 R( V% X% h6 e' @8 g+ ?* D
- [System Restore Filter Driver / sr][Stopped/Disabled]
( E; ~ I& B3 Z1 g - <system32\DRIVERS\sr.sys><N/A>* b/ ?# E p5 t
- [TesSafe / TesSafe][Stopped/Manual Start]
& }: q. V. s3 x w5 P - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>- O/ }( e8 B0 c! `0 r) y* K% ^
- [System Services / unzxzsrs][Stopped/Boot Start]8 k. U5 ~+ F" y
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
* O8 {( k3 G3 G/ X9 L+ T; T - [ViBus / ViBus][Stopped/Boot Start]
6 w/ V; x/ e. K" o. { - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>2 [; `7 X- I. |. J! J1 W8 \$ F
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]& O& m; c# U1 j7 @
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>8 b. j, Z4 ]& r% V2 n z
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
( z) H3 L( f+ A - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>- [ {0 g! j0 _9 @ B: l3 n r: {& g3 f
- [ATI Extend / zhibmaso][Stopped/Boot Start]
5 S6 Q/ Z4 i' _8 a - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>8 w& H2 q7 b6 t' ?7 K9 T
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
$ F8 [ k$ o( k& c - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
" B, s2 I Q- ] y& L& o - ==================================1 i, h4 q4 `% x" u- q% J, O' l
- 浏览器加载项. D m5 v# s( v0 z' D" L
- [Google Toolbar Helper]3 r% ~9 L/ G- ], [- `. `
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>4 J* t4 c8 p1 \ w0 P I
- [Google Toolbar Notifier BHO]
" s; }1 Z- _' z - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>7 t& e5 t, ~9 w u+ r
- [SafeMon Class]
0 {$ E5 A. ~! Q; ~4 F* n' Y - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
! w% p3 t# R2 U' g0 u, D, H - [kingsoft browser shield]# A6 j4 r( i$ } n
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
5 |: Q/ z9 B, s+ \9 ` - [IEBuddyExtControl Class]
$ s3 P. y+ ^. V- s - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>3 { ]7 n$ t: {/ M, z
- [Zcom 杂志]3 k6 V1 `0 S8 v& x9 K& X% U
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
4 H, R# i$ l/ e8 t - [&Google]7 J0 \2 B: W2 s+ x8 F3 R( ^8 F$ p
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>. h2 m Z" T" c; x' d: ~* ^
- [KooPlayer Control]
4 Q( i) z% Q B0 B( l - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
' n. l1 f, i7 `7 w, n9 D - [Shockwave Flash Object]
; A4 c3 R, X$ n5 q - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
; }4 ]9 R; q) t" c! L0 E - [KUpdateObj2 Class]
. ? z0 D F9 a6 g9 } - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
5 j% V* l4 @: N5 O, C - [Google Script Object]
" y( D0 b" W$ U. d - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
$ P* k% k/ h) W3 @; I. @& i( @8 u3 @ - [EWA Control]4 a- I* f% f& i* `
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>$ K y8 [. A7 c# D4 K* L, r
- [Windows Media Player]' n/ y) e$ c1 g* Y0 c* P/ s: I
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
y- r+ [/ H8 H# L. Y - [&Google]
# j* z7 _0 Y/ o. \2 F) G - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>& Z5 h. a/ X% J. M2 e
- [HTML Document]8 W" u* c A& T5 o3 e" w! Y) w; `3 a; v; L
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>1 t W9 a$ z1 A T
- [DHTML Edit Control Safe for Scripting for IE5]# j: u; T1 C) Y
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>0 K7 E6 a9 G# d6 _" w: `8 o5 T
- [RealPlayer RAM Download Handler]
- K2 g0 G: M& A; J; P# n2 f; ` - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
* g0 h* d) j# z/ o: L - [IEBuddyExtControl Class]. m! b: F, u: M8 |) s f
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>; _, S6 y7 w7 c- ]7 P' T! G
- [XML Document]
! i+ e* D8 `- w - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
3 K3 V* m0 Y$ g$ {* t8 T4 M - [HHCtrl Object]
: {) W; D3 P7 C8 w# n- J7 Q1 K - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
6 b! l2 W2 s9 `6 g - [Windows Media Player]
/ Y1 @; L( B/ _7 N - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
' z. D1 U V+ h4 p) z" X/ Y) A - [Active Desktop Mover]: Q0 g. n, _" x
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
$ m9 I7 }3 w( A7 t& H - [360SafeLive]* Q" k* a% m0 \
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn># Z8 K8 p( w- X2 q
- [Microsoft Web 浏览器]" N7 P& d# t9 U2 n0 W
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
( f& @7 ]7 E0 r9 q& X5 A" w9 ? - [Browser Enhanced Objects]
4 L: R( c) Y6 W* f - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>/ f, D# T( y: G
- [Google Toolbar Helper]9 K) i8 o& y z; U* B$ p
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>( T% a% h5 r$ P0 {% Q
- [Microsoft Scriptlet Component], R/ `( n' J$ m$ |/ q# I
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>, Q; T- J3 O+ M6 n
- [Google Toolbar Notifier BHO]# R" i3 y6 ^0 `& x! V
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
* U7 F7 f! c3 f$ _$ n - [SearchAssistantOC]
, p4 w7 r5 U& o% L Q% M - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>) U+ ~/ |" m4 i) \
- [SafeMon Class]2 s9 Z$ _2 d0 @% h, U/ h' I
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
; N1 d- B2 E! v9 s* N$ t) k, h - [RDS.DataSpace]# b4 _) ]5 X- H: S/ g& B5 k
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>. b! O) [7 ^5 `& V
- [KooPlayer Control], x8 C4 ?- s) h# }' C1 [
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
% I0 h( O4 T- @( |0 U' ? - [AUDIO__MID Moniker Class]& Z& Y$ G/ e( P# g+ T
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
3 F$ ]7 x( k9 g3 Z - [AUDIO__MP3 Moniker Class]9 y" v1 s+ q. u& ^
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>+ ]2 I% q* \; J3 T& K9 E B
- [AUDIO__X_MS_WMA Moniker Class]6 G5 w$ ?, ]6 L% [. ?3 v5 j8 l
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
! y& y2 _6 o9 v: }5 q3 | D - [VIDEO__X_MS_WMV Moniker Class]' ~& [1 @+ E$ j! x
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
5 d) O( i& z4 v& N" z - [RealPlayer G2 Control]( \) j4 I4 z2 }
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>) I: H! O! g! j
- [Shockwave Flash Object]
, m: U9 e2 V* G c: P - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>8 g: D; ~2 b9 i1 c8 N
- [KUpdateObj2 Class]
$ f- Y, Q( v7 T$ q7 U8 W - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>) R% e% ~( X+ @. o4 x2 K8 X4 M
- [kingsoft browser shield]
, f6 V+ R0 ?6 k) X - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>. F" S' h" E$ V; k: }0 w
- [PasswordEditCtrl Class]
% ~0 u6 k: Q1 c$ y$ E - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
; n8 P& ?3 X4 I5 a& Y) f - [QvodCtrl Class]/ Q$ l: b# X r- [5 _
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>, u4 \) d5 c! j2 Y" I
- [&使用超级旋风下载]
& U2 P; p# d( p+ J0 y; s# d - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
# ^6 _& O7 X4 ]3 q, w - [&使用超级旋风下载全部链接]# }+ s5 _; ?3 e, h, e; {3 X
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
7 i: C# I7 @) n, p - [使用迅雷下载]- p0 s' T+ O6 l1 Z; e1 X! P5 w) O7 g
- <, N/A>
9 @: f$ B5 o( n9 x5 X0 K - [使用迅雷下载全部链接]
! v r0 p8 q! \/ @! m2 ]- B0 U - <, N/A>, N) j% c! W. C' q) y$ h2 h
- [导出到 Microsoft Office Excel(&X)]
' r/ v6 A; K$ z( e - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>& [# ~. T: a/ C# L7 V( z
- [添加到QQ表情]
# e/ J0 m0 H& A1 u' W3 T8 A - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
! I! b0 b' g& N% Z# v, b1 \4 P - ==================================$ i4 `: @/ x u X) e! a. L' s
- 正在运行的进程9 s& X* V0 z( e9 _5 K. [7 a
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ l6 I- n; Y) ~' z+ W- u) x/ k - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 c0 @$ B7 V, {0 a, l* p" e
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( w+ Y* R* @6 [1 C$ p - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
; p0 @- _( S& }4 P( z8 D8 }" X( B - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 M: j' ~4 W4 J) v - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 `1 i5 j+ k2 G @* ^
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ @) L, K9 C# k( I+ Y! H - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 l O6 D8 J7 Y9 x# W2 t- R2 z - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& y$ ~- v3 U% ^# q, s - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 L2 _, q: |( l, f( ^7 |' T
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( M- r4 A, u, E" w. t
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]8 y. P) v0 f$ ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, B: {- ~1 x2 h+ R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 b7 f. ?/ h9 @: A; N - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
' b% X( Q- a7 K& J$ h a - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
' X0 Q! p( f) |4 f3 c6 B' r8 t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]+ u9 \: m$ o) g2 [
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]; M4 v. i S1 K- R4 `4 ^
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
2 a9 H& E) K. U0 a7 k# ` - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]2 `( q: ]; g' h: E
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
6 S4 W: Z4 k1 J' ~3 s - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
+ J1 u- W ^8 L6 m - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]2 y& @/ a6 ~0 p4 E: _
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
$ f( Y" \( F6 V7 x - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
! h! d% _: W+ a/ u7 U - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
9 N3 \% H. X4 {! f) ~; t/ } - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]& @0 A' \$ N! u0 G6 D7 q7 r
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
, C! L" j( o, s% y; s+ p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]6 O) u2 Y- e: k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
& c9 o) p5 |6 }0 A- R - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ ?! v1 t T( U9 E& n" Q# U - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 i1 k) [2 n) k ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) ]+ A! t+ T9 `( q6 P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
: x8 S: y& n" }% d - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# G+ p }3 \% t( m+ J
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
! S& K2 ?& k3 l8 j/ t4 o7 B1 U - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164], G& [$ F8 e- ~8 d1 k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 l2 f( x2 m) N. b& m" x. d8 | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]' r1 s6 y" K0 L" V
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
% u, c# ^4 L& G! o6 A! ^1 K - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]3 F% d* V6 W0 l0 o' ~) u! c( I' a
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
1 {9 W5 L/ p$ y/ E# `) v* h - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
; V# c2 r8 `/ K# ~' |/ |0 Z& ` - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ S) N: I+ k2 B# j) s7 f5 a- I
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
' y) f9 V4 } U( ~4 Q% l5 R - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" p6 t6 E- o) R& S2 g/ Z, e7 W9 q1 A
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( u4 U6 U9 b' U0 \: ]& V
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
4 [0 R u& }" k) G2 R- U+ q5 v7 }. R: F - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
0 ~$ F/ V$ ]* I8 | - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* b# S; H- D8 h7 d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
# O h. D7 |7 ]9 B% h; V. ^2 N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 u4 U+ |; S" a0 q" F; g/ K
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]7 O1 ]5 ?: M/ J2 _! u5 z
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
+ m: i' R2 r) G0 ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]3 m, y+ A% I- d4 b% } V+ Q- p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]" Y" S" u( t3 c7 f& X# r: N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]8 Q8 k9 P6 E2 z0 x! }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]( H5 ~. x* y0 m8 ^! @1 M6 P# t$ J" X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
8 i( |8 T3 n8 W# U. D$ n - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]1 Q8 _! u3 P4 \+ V+ v& F; M
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]0 T. {- G7 {/ u: y6 d$ ^* x
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
8 z+ }5 R- T/ {: C; G7 a& m0 v; O - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
4 x; d' T- B% |" P) F( y - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
9 T" g* L+ Y5 p2 I3 u - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
: K( L7 p: ?# s; d - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
- I; P2 t& t4 W( v% M' S - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]- Y7 A, t. n+ d i# N8 X" _+ V9 t! z, {
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
$ M6 {! f" s% \. U1 r - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
7 x1 v: { G) [$ G - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% d$ }: l# u( n4 W2 {) S' C5 r - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]* P( _) V! P2 l: K: u/ H: p: ~! I
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 a2 ?% i7 c, U3 c0 U" M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 Y! k( X& @' \. G4 X$ U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], z# S8 J& a; P4 B! J' d( N8 B8 Y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
1 b6 m5 X" h: Y# Y5 g: M - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
' B! |) ]+ K- p" R: u - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! [" }" f4 B6 H6 D. U0 C- Y$ [$ W( \3 P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
6 K0 ?! B1 N+ N% l; {( N" p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]& f1 K7 e+ |/ Y, v7 l
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# }1 i0 }# ` S# C* c
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]5 b3 q0 h Y7 q: `* `
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201], n5 B$ T ~5 ]4 o/ o* H
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
' W& D% _$ \5 K+ H) L$ [# Z( X$ s$ O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: P( N! b( q W R3 H4 |/ R% g: [0 I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 C/ D r6 r5 e; d5 v - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( U* y4 j' x: F. {+ H3 p
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
: g. G( k/ ]8 X' g' R - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ q. n3 K; ~7 q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]! p6 Y! R0 a/ x3 `0 J6 I3 a: t- f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* I$ B1 x/ |' Y& `
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]: M* V" @2 C- c$ h% G/ m, u1 |
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
2 d' T2 k+ P; e. q2 U# T - ==================================
+ `6 C# z* J3 T% [ - 文件关联2 i( x) Q+ M: T- |, Q
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]; r( S+ S% V# f F
- .EXE OK. ["%1" %*]
3 }* x1 B8 ^0 O - .COM OK. ["%1" %*]* S5 U$ g+ \0 H. W
- .PIF OK. ["%1" %*]1 F- P a! l: `
- .REG OK. [regedit.exe "%1"]
7 `& V+ o1 w4 G C - .BAT OK. ["%1" %*]
& ?' B* K0 w% M5 q - .SCR OK. ["%1" /S]
! r. j& e! @; V - .CHM OK. ["C:\WINDOWS\hh.exe" %1]/ R" M+ r4 U, N9 q( s% s
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
! @% L& u6 ^6 h4 F1 c* y( | ~9 a8 z7 Q - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
: T& d) G2 P+ k0 a O& i1 i& Y - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
3 a# l' G! m& \# c& A, C: h - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*], R' y3 p7 y' S: T. C
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
/ v# S6 O$ X$ @7 R0 D - .LNK OK. [{00021401-0000-0000-C000-000000000046}]9 G6 X0 O: |8 k; I8 F; w4 z
- ==================================
' G) g) R- @# k$ ] - Winsock 提供者
1 U3 l- T. }7 k1 w - N/A
1 s6 q, k( r- M - ==================================
! {' \/ f/ [/ p5 x& u: l/ u - Autorun.inf+ M( T4 l$ `" Q$ |2 I) V
- N/A6 z7 t' j; j# [9 ~1 n
- ==================================
- I6 y+ S# K+ E- c6 E# { - HOSTS 文件
( \' \3 J x# I% k( O) l3 R8 X - N/A
, X" L5 E. s) Y - ==================================
# F7 T4 f# Z9 H6 { - 进程特权扫描
4 a- Z9 @% h8 i3 u! B - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]2 w, H; Z8 I5 r, T
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
4 `# B( E3 P8 j* f @ - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]5 t& H' l0 \4 d) ^. {
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
' a2 E* T1 Q# X# b - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
0 j+ j$ m7 }$ c: o; q - ==================================
/ K# ]: T* j, F( }! k - API HOOK/ R( t/ f- D R8 L
- N/A3 w0 P7 ~3 o! N4 _2 c
- ==================================5 B/ X1 j. }/ R+ h, w3 u: V
- 隐藏进程7 G/ t3 H9 |: I5 y- O1 U' f, x* {1 d+ r
- N/A4 v- f- r( p8 l9 ?* s3 b7 i
- ==================================7 P3 B8 _& G7 P
1 `. Y9 ?7 i8 u2 Q% m
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
