|
|
- 3 W+ C- W8 ^0 X5 u/ X
- 2008-05-22,20:37:43
' t( E4 {; ]$ J+ G0 I; W - System Repair Engineer 2.5.16.9001 v% O3 N0 K3 Q x4 J
- Smallfrogs (http://www.KZTechs.com)& G+ v5 Q* A8 O- g9 Y* Q, z1 Y
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
9 K6 _" y3 s4 Q% Z( v3 s - 以下内容被选中:
% E; q& i7 z& l6 q( A - 所有的启动项目(包括注册表、启动文件夹、服务等)
. ^! [. u, h% O! C - 浏览器加载项, K" Z7 H% b; k5 i0 v. I
- 正在运行的进程(包括进程模块信息)
6 I+ Q# ]6 m: j4 p - 文件关联. U0 Z' f4 P7 J9 z
- Winsock 提供者$ d0 H7 {7 m9 u
- Autorun.inf
7 L" x2 K- Q7 A4 I" I3 X5 N0 ]0 o9 ? - HOSTS 文件4 e9 R ]4 \3 ]- f& S6 H0 |
- 进程特权扫描
9 F5 K# _ b: c. E0 c, W - 6 L- w# v2 Y, l( U4 U. m7 |
- 启动项目
0 I6 J9 p; A# ?# f ^5 G - 注册表
- j, i; X4 i0 X: r - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]1 g7 W& B M" }" F& `/ }! E K/ O
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
" w# q6 e9 M1 f9 I3 a1 l4 E1 F$ X& w) ~ - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]) G. `, H' j' {9 Z- F7 R! s1 T
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]. r z% _+ Y# T5 K7 d9 C
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]: E0 r" W3 \7 T! P
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]4 [4 B9 s/ h: l/ {
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]1 g# V& K) b* P9 _
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]9 [4 x/ V1 V r. R
- <PHIME2002A><; > [N/A]
; j" \8 V! Y- l- h% W6 {+ O0 g - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
9 Z1 P |( h2 v0 q - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
: Z/ H9 w" n6 G M! Y - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
: `. X, q" N$ q0 I( ]1 t - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
+ @0 l) V |% l - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]& ?3 D) J+ y: f+ X# n) b4 v) ~7 v
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]# C+ l. K1 r0 S5 Y+ R/ x6 \1 C
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]! o# ]. }* u( I+ q2 ?. n
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]6 B0 r% v9 I0 r' N
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]8 v7 `/ j! U R/ Y) Z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]: ] U ?- D2 h, c2 g
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]* O+ I' i$ N# ? \" s/ F
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]1 z- v1 s2 M' Q0 |
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]$ J! e0 N) @: {+ l7 @3 o
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]1 X# N# q3 D) W; ?; S9 A
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
* j) ~% Y5 s6 Q% K( @( Y7 C - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
- T$ |" y3 a1 C6 H& ]4 j - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]/ W# I% R0 D7 E: Y9 B$ l6 R ]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]+ Y* f. R. f4 ]3 K! h/ N1 n
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]3 U' x7 o& G1 C2 J# M/ E0 q, B
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
* u; J4 [9 O/ |0 g5 J - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
, W: k" M1 L! J# \ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
5 {6 k; H L' B6 j3 P. w. c' I0 m - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
+ Z+ T x' l" J5 H- e7 @( j - ==================================$ H% G; S6 v. T5 [* H2 M; ]; @
- 启动文件夹, y0 A- p0 {; D
- N/A
g4 x) _/ W" L$ q& F6 ]# i8 ] - ==================================" y$ [1 p2 z" j6 n5 R$ C$ L
- 服务" h6 p6 [2 D6 h M
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
+ K/ L; o9 ?$ B' \9 q* q U7 k - <C:\WINDOWS\System32\3wareSrv.exe><N/A>$ E" N% k( L, U+ G2 U
- [Google Updater Service / gusvc][Stopped/Manual Start]
# Y) w, s" E) t - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
1 |! T/ e, L A+ s5 D& \9 x - [Help and Support / helpsvc][Stopped/Disabled]
+ b4 I: t$ P2 k - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
: q+ l9 J9 I( h/ ?, x4 ` - [Human Interface Device Access / HidServ][Stopped/Boot Start]4 T* f8 `4 { m- T
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
( h: G; _/ Z. V& J% D5 o - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
8 E3 h+ |( G$ W0 ~+ _ - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>, t/ S6 A1 |1 \7 Z4 f8 S9 {
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]1 V: N) M! B6 C% }& r
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
4 K5 A) U0 D; \ - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start] ?. s j3 ]3 r3 M8 M$ t
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
/ o$ U# T, V- p* I7 O8 d - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]) z( J B3 _: w
- <><N/A>5 S. i m3 ^! M. A: Q
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
( p2 k X9 b2 ]5 `- W - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>$ v9 M) v8 B7 M0 O
- ==================================7 ]% _ v' L% A0 D( V; q
- 驱动程序
. u) R- N8 T$ n8 d0 V1 C2 e - [22j / 22jn][Stopped/Boot Start]1 s" F3 }. Y' E/ \# `& l
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>- H3 C+ B( T% V2 j1 U
- [360AntiArp / 360AntiArp][Running/System Start]) Q" k% b. |$ e, H" f
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
+ A7 t1 L- D) j1 N8 @1 a - [43ec / 43ecu][Stopped/Boot Start]. S# `2 h1 v9 a+ \ l
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>( o: d# U4 N1 |( d8 @( z- L
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
6 D$ |* s$ M# _, K - <system32\drivers\ac97intc.sys><Intel Corporation>
( U3 i7 C; m0 j Y* Y1 \ - [Promise driver accelerator / bb-run][Running/Boot Start]
% h+ w! d' d+ q2 B% _+ t - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
/ l- ~1 W3 p& M - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]/ I$ J( X- j9 H# ]6 _$ n/ h
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>! V3 P# s, @) m p
- [KAVBase / KAVBase][Running/Auto Start]
" s6 l0 C: Y E$ B# L/ o - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
1 i! U7 ], o! }: o9 E) u, P: O - [KAVBootC / KAVBootC][Running/Boot Start]8 y( c- J9 z5 j8 @8 g7 M
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>1 i4 Q# s) N$ G* p+ t5 q
- [KAVSafe / KAVSafe][Running/Auto Start]1 U3 d+ f) ?1 k/ y1 J, X# U
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>) @) n* v: a+ h' ^
- [KNetWch / KNetWch][Running/System Start]7 Y: |; z7 {; u0 ?' V1 N
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>: b9 p4 I, S% N8 e$ M
- [KWatch3 / KWatch3][Running/Auto Start], i5 ]9 E8 c5 V
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
* H$ Z5 l9 M& j2 b' C - [ntptdb / ntptdb][Stopped/Auto Start]: z8 J% a; E+ Z
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
& V% _+ I/ [1 g+ z U - [nv / nv][Running/Manual Start]* E& d3 u7 Z6 [7 `8 {( `* n+ y7 B
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
( @. S% z8 E0 @& F - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
# ~; E2 m& V1 W2 t$ M( b' c - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
3 m, {" x5 V5 a - [DDK PACKET Protocol / Packet][Running/Manual Start]
}, | ?* D" w- B - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
1 \4 B0 {8 c' @1 b) l - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]% U4 I5 [+ f/ ? B* G
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
& k1 s: L! @' w - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]( ?+ b7 `4 P8 F: A5 O
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>9 Y1 |7 I# n, d+ ~+ m0 J& ?! k3 M
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]: L' ]( P* u+ O7 r
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
% O; t+ R* V" Y. f8 s - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]5 a3 }) E8 Y ?$ Q5 O- c
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
$ d( k% |# L& c8 T: |/ @8 `) B - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
2 b+ P; S2 |% U( H# i - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
& }/ c+ g+ I1 E1 M3 L, f3 O* a; Q - [Secdrv / Secdrv][Stopped/Manual Start]8 d+ f. K4 R5 q7 F* x! a
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>% w. i6 G+ e/ o% c3 X# B) E
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]1 {5 e3 g& x( d' O( H) b6 I
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>; g) J% x$ r: X4 \$ H: v
- [System Restore Filter Driver / sr][Stopped/Disabled]
! l" u; M; ]$ A: R* D F& e - <system32\DRIVERS\sr.sys><N/A>
8 Z9 N9 f4 L0 b9 T1 W# R - [TesSafe / TesSafe][Stopped/Manual Start]! C8 ]( ^2 x" q* j% X
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
) Q2 u4 |9 V% D; z/ b0 U4 V - [System Services / unzxzsrs][Stopped/Boot Start]
* u. a: X: j0 a/ f! s ~; Y - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>" C' f& M: X9 c6 M$ D
- [ViBus / ViBus][Stopped/Boot Start]
# u6 l& e9 ^) g2 t! T - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
6 p! S0 L8 J& u+ g# p( m - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]2 z s$ j) k9 _9 D( J; Q, F- o
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>; T9 r/ Y* T4 w! v
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
- W5 N1 H, i+ j* ?/ K& `: p - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
& f+ g; Y! ]! {+ N - [ATI Extend / zhibmaso][Stopped/Boot Start]! x; s* k1 r" ]2 A% T2 `$ U1 f
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
+ r `4 l6 z, o1 V, B: S - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]3 V- _3 |" }5 c8 Y! S
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>; A L; d u4 m8 a. E
- ==================================9 K4 d* a% f1 w7 i. ]. `. P
- 浏览器加载项
. _& F; e* W$ j1 w; R3 _- I - [Google Toolbar Helper]
8 c8 \* ~; ~5 b1 S* q - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>2 t( i7 m" O% t: S
- [Google Toolbar Notifier BHO]
v) g T1 ~! x - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.># C% ?1 |3 Y; u: z
- [SafeMon Class]1 o, ?, r& `7 x/ J9 o Q
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>& C. F* B$ K' }- @9 l$ a6 F
- [kingsoft browser shield]
9 z( M" m0 P2 ? - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
% y7 g! Q' j- X1 \( y& | - [IEBuddyExtControl Class] u# z. \6 X- V2 v" `; R6 f
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>, l" C& z' y' e: }, R& E0 B
- [Zcom 杂志]
; S0 Q, n' j3 r - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
1 f* }2 }: x2 |; D' t - [&Google]
6 n" O8 c/ T! R9 \* F/ I" f H6 Z" [ - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>6 o: T2 a9 O+ @7 z e' \. c
- [KooPlayer Control]
& ~& ?! |" c/ j8 B( [ - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>' Y4 K: J" J0 {# n
- [Shockwave Flash Object]
1 [0 K" e* H! {: f# i8 d! n) { - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
3 {: o) \& \8 R' V7 ] - [KUpdateObj2 Class] F) w6 }% x) w9 D( `: `3 V
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
2 h3 \( Z) V( M5 D4 m; w7 R - [Google Script Object]
2 i1 a, g! G3 @, l U1 f - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
" r0 F5 @7 D$ I# H: v - [EWA Control]' [- O' M8 n) q9 M
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
0 s! y* b6 ^, D! S* B! X8 g - [Windows Media Player]/ B0 n0 M4 [ L5 u: A
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>; ?8 c# J9 F$ f2 r& J& ?
- [&Google]
1 f; a5 c+ t o7 d - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
. `% G) ^ K! j# x2 n - [HTML Document]
9 j% K2 u' n& U9 \ - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
3 M/ o. b" v5 l1 n$ R - [DHTML Edit Control Safe for Scripting for IE5]
& i# g$ g7 n8 S - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
* e& u5 Q# R9 M - [RealPlayer RAM Download Handler]/ j9 m( N( l1 L1 R5 ]% Q
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>* i) @5 ?' H5 j2 X' \1 L# N
- [IEBuddyExtControl Class]
8 D) z+ k: \0 T E) Z - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>0 }: o+ _" n0 G3 y7 y
- [XML Document]
, G* P9 f: K& p% Q0 r- z& |% B - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
; q3 G$ F# Q# n$ @5 d q4 z - [HHCtrl Object]
6 @, w' T8 _' V! c" p3 W - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
3 ~4 X5 _; \ C0 d2 D, o9 Y; K - [Windows Media Player]
8 C* _6 I: d! ^. d7 V - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>9 V6 t# y) w; ^* C c
- [Active Desktop Mover]
2 b, T) s# K" b - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>" q5 q0 m: J) G0 q
- [360SafeLive]2 i! K- p* p8 N% i
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
. d$ y! Z! d# t& E+ [4 G - [Microsoft Web 浏览器]
# I/ B# O5 _. E( [/ U - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
, V8 T3 m1 U' \# o - [Browser Enhanced Objects]1 K4 R. j" v( k, u) G" W" Y
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>4 N! h( |2 h/ j2 Q
- [Google Toolbar Helper]9 m( j8 Y# q" ]2 |, V; X
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
+ D2 G" A- X3 ?" N( j - [Microsoft Scriptlet Component]% C8 [' t6 c1 |$ H/ P6 e% H
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
?3 |9 U3 D9 J6 D - [Google Toolbar Notifier BHO]; f+ l- t* {. @# A' ~+ W
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
# d( m: D y, O9 k2 F. J9 }. j - [SearchAssistantOC]
6 j% W) m7 i% K' w' p, a4 d - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>9 Z/ {5 V& V! L1 p/ @
- [SafeMon Class] P3 o$ O) Q. V! {7 H
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>/ P6 b+ _3 s& ?( I3 c8 Z1 [
- [RDS.DataSpace]
. s$ l" h* D* H' j: ] - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>. |$ f3 H, Q k+ a/ [# n
- [KooPlayer Control]! k- z5 f7 Y2 L
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
5 E; ~. s2 a8 f0 d$ m O - [AUDIO__MID Moniker Class]; u6 C" ?/ M( L! H0 E0 l$ R3 y3 j
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation># R, U1 V/ r% x) X n
- [AUDIO__MP3 Moniker Class]0 Y! K% P; Y4 N! j' V
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>% c" i' I& ^5 r+ F/ {7 t
- [AUDIO__X_MS_WMA Moniker Class]
7 |3 v* |' T, b. b) O - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>5 o e. S4 {+ m$ a
- [VIDEO__X_MS_WMV Moniker Class]
, {; U6 X6 Q" D/ O6 ? - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
9 ~$ W- f# S& @2 p$ \( B8 V, U6 X - [RealPlayer G2 Control]
$ o' i E( H1 s. t( l - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>( z$ k' @- q6 X& s m" e9 }) [" w
- [Shockwave Flash Object]0 X4 K. [1 B0 _; J( x y
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.># v4 }: v- U2 b) w T ^
- [KUpdateObj2 Class]
8 h' U: k6 v9 b; E, h4 u+ S - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>! B4 F1 _. ?, k: _8 ?. l4 P6 m4 F
- [kingsoft browser shield]
$ j7 D4 a0 Z; p* J3 ?: j( S: Z" r+ l - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
* P. ]6 b/ b% K4 L* D) d1 m+ k4 _+ a - [PasswordEditCtrl Class], | ?7 v' N1 @4 @4 l# Y
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>1 J' v) n& P; J+ N
- [QvodCtrl Class]4 b7 \3 E: i4 J, J; p: P6 u
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
) {% U2 G3 c3 @; s - [&使用超级旋风下载]
. D8 W! d: L9 f$ Y9 p - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
2 q7 B6 ], W; U' p6 W4 @! s ^' T% q - [&使用超级旋风下载全部链接]1 K& l$ ~' y* U5 _% X: m$ W
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>9 ]; e8 ] }: X7 n
- [使用迅雷下载]5 _& g( [5 K3 H( H# n3 P( i
- <, N/A>
) R3 H* U$ h6 Y2 Q/ y - [使用迅雷下载全部链接]: f9 ]8 Q9 b2 p) }1 g9 |; q' ]- f
- <, N/A>
. i. d1 h8 f, x0 c" s - [导出到 Microsoft Office Excel(&X)]
* a* W: ?+ d8 L9 ]5 r9 i - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>7 a: s5 w0 D1 _* D3 I+ \" f
- [添加到QQ表情]; _: }7 b3 r7 F) F: i
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>* ^' Z6 K3 E$ R0 F) W4 b" V
- ==================================. B2 K4 y+ ]# M
- 正在运行的进程, g5 U# ~- A" Y8 t! d/ G
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# X2 q& @+ A* F) o& }3 P
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 b3 e; ?9 G5 e! D - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 A, Z4 n: P8 M+ \! b8 R2 L - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]" H+ _- x7 r" d# s t& H
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 \( s; @- [! D! G
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 S+ ?( ^% t% p4 ]/ p3 ? s
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 C; J; J7 O4 `9 Y- X - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 z- l" @5 \2 s( A; h6 b/ }3 [* r
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# Y9 s! r7 s$ P& h! Q" b$ ^
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ a6 ^3 \1 {7 N- H8 }( @4 A
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( |$ K: m, @: P1 S1 u6 k6 H8 |7 e
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]1 F9 B0 o" K) N/ k' T: k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( }$ L8 L# b. K8 f) U - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 j' u, n" O+ g - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
9 U( }2 O# j7 G# C9 |) {1 h - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 z: r2 r! \6 `' _ \1 U9 v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]. e! E6 Q+ c7 Q: `9 a; B) n
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]- E6 M. ]7 A7 i) I$ X: F' L9 y
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
5 m+ ^- M. U# d9 b: {3 N - [C:\Program Files\WinRAR\rarext.dll] [N/A, ] ^& q, Y; N# I/ L* l
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
. S3 h ^# N4 q8 u0 ~. }* }# r - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 ]5 a' _9 U8 D L6 B; o - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
: T1 V4 ^, ?. j - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
% W4 `+ }- K4 y9 `$ o9 q - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]3 O, k2 X2 {; i- ^0 j2 C3 T5 F
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
8 E% [9 Q, t7 C( l$ h% E - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
& a/ s% p0 J+ {7 ^8 A - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) X9 E9 C, }2 g; Y$ n+ y+ a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 |" I8 b5 D; A( s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* z ]. A# [. ]1 M- s - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% p, a# z% p' B3 a, q& B - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 y* d6 c; F/ Y$ d9 R" g, x: J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ {' t$ P* \* n& }! Q/ O+ y! i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% m! `7 F" I: B i \+ D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
, t2 K2 \' t! z7 d6 ?' b2 _9 q- u- ~: x - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]; x& {% ^: E! ]8 N/ \
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]7 U- H( r' X" }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( S8 g$ L4 f2 q8 h$ T8 x0 z) l$ c" u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' }& \1 b) L9 K6 l, X - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
9 G- G0 D5 j# N6 V, v" |7 B - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
. G5 g* f$ Z+ _/ }( R, g" ]/ A* Z5 @ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 a* ~' g# e2 F6 P* j6 q8 B - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]4 z, r! v: R! K: C0 z* k' l/ r
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 p' Q' q M+ Q' W - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]4 d7 d( M8 L( J; L
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 L; k M* A7 ]6 C4 W
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% W, N1 _6 F3 f: E. D% A
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
( f) W0 J# J! K( Y' Q) N+ n - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
2 y* o, _$ @! E - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
* p6 C6 c/ t/ _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" |4 D b! q$ J# c1 ?4 B$ X1 }7 }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# x# [4 E7 K ~1 o$ [
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]& Y% B3 o; D( u
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
c$ D! B* ^8 a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
; L+ M% d% s5 f2 N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]& z3 y' U& q0 h8 A. ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
5 o9 `/ U% I+ _6 g8 B% q1 J6 T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]7 ?* ? O7 ?! p' D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
3 q, W q: W$ |4 Y - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]7 R% \# d# C" Y/ V) `! q9 d9 g( [9 m
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]5 A' A5 u5 U9 z6 Z) z& v
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
, G6 b. a- L. M& t - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
1 K% @. E( O* H& M% B - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]8 u4 E. w7 [! `& D R( y% O
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]3 E$ Z6 E7 _ n* i
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]) m3 R( p9 u* p/ l4 ?0 b) F
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
- }" m; w8 T# O0 i4 Y - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]0 K) }, ^# d0 o5 _& g7 k4 }
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
6 f& S5 I) ~1 J ]9 [ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; e# `: ]5 o: y0 p2 L# F: k, N
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
5 c1 [4 x7 N' s5 B) @0 c - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 s1 B2 y9 x* y6 Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ X- O5 G' Y7 p, [) f+ G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ C6 b7 L& G3 a' g+ \
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# `/ T: p6 C, N! Q+ |, j5 |
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
+ q+ Q L$ ~3 P1 { - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) ] [7 j% s) h; Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ K9 L8 s- W" W% o& [6 T/ j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]6 [, h+ g( n# G# m8 e7 D: Q$ }
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( }% E9 J8 R5 S } L2 v2 r
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94], T3 l/ e0 X! {( d. h4 A$ P
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
3 i8 H/ S! s+ O/ R1 F# v+ F7 d( ^! L% D - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
- O0 F( B% s) Y0 c0 T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 _3 r3 y: C( g! M) @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], t6 Z/ C8 [0 t" p J; v1 |" q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 Q- H9 [, V) f& o1 ?! @ - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
+ O# a) Y1 A3 B - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ P6 S) O" J, S' a" U! q+ z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]% }% k, K! u% C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; ?# m$ q, O8 F6 m9 `7 r1 p
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) m+ J b" H9 t; I9 p
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
. ~5 w }, b1 U, F* b4 u - ==================================
0 @* s i! T, k; N1 p$ p) P - 文件关联7 t* Z7 r/ h! j. b r" |
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]+ v2 D; |! G' `$ a
- .EXE OK. ["%1" %*]
+ B0 ]1 N7 ^- r. A: w3 t3 H - .COM OK. ["%1" %*]2 G/ z8 {5 Z f* Y: y5 I' b
- .PIF OK. ["%1" %*]
& F5 {: B& Z: E* N! D - .REG OK. [regedit.exe "%1"]
8 l' Y- U# y- q3 g8 d2 K: ^7 G - .BAT OK. ["%1" %*]; O$ Y% u0 \" w/ U Q
- .SCR OK. ["%1" /S]
: ` v/ j( C1 [( S4 p" j( F - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
4 q* \; U+ Z/ ]7 c& J2 o - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]5 p: L4 K4 M H" K2 o
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]. v8 p* f6 |$ A0 a/ s- k( z5 F, O
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
. Q+ b* s8 c8 I6 f0 d4 A - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
$ ] [! x+ R5 n - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
8 a% a) M+ ~& V; g1 ^# B - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
( @- z! S) L9 T1 q# ~/ j% V - ==================================
4 j+ j2 e; w. q* L, p0 I - Winsock 提供者
' p- S' z" Y& e G& d" b - N/A1 Q( r4 R1 C3 P- g2 R% G
- ==================================- ] G" T5 [5 b1 O
- Autorun.inf
& b# _$ N) l9 n$ E, t4 } - N/A' u5 ~% ]/ O5 m8 v* p! [
- ==================================
0 I0 r3 P4 i) }2 W' {" g$ F. R - HOSTS 文件9 t7 F. ?+ J! q
- N/A
& B$ O4 u2 ^( ^- c8 w9 d - ==================================) e* F4 H( N+ |5 x; j" a) Y" O
- 进程特权扫描
# E! o: E0 `. ]7 z" M8 L; t - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
3 [0 _7 m4 M8 o! a: d, c6 B& G - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]" @6 l( K/ Q; u! n8 y& K" d
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]* E# S: k0 A% y8 E& ~) A
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
[' {4 J( l& l* |3 ~ - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]+ Z! ?! V# @* v* ]) o3 V
- ==================================0 [1 o, L! g& |& i, j; \9 J
- API HOOK
& F7 J7 U- i+ p$ z' N. W- G# v3 z - N/A% M3 r- E# a9 Y0 X0 R
- ==================================1 D* x7 ~% x5 z9 {* K% |, w
- 隐藏进程
, W2 z3 F1 }! _+ K( L - N/A
- t0 D0 k9 U! m: G; X - ==================================
0 L3 k( ^8 M; w M - / B" `, ^1 S& f0 i9 v9 g
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
