|
|
2 `. H ^: g+ H: p- j7 z- 2008-05-22,20:37:43: d5 }: ~5 Z; n7 H, V" l& y
- System Repair Engineer 2.5.16.9001 ~2 M% |' T- F0 H7 H' O
- Smallfrogs (http://www.KZTechs.com): D+ k# z6 a, T3 G
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
/ k3 c) f3 |9 ~5 d7 b# e2 N+ a+ ?- C - 以下内容被选中: M! Z% z5 G& ~" M* g& ]5 S- J$ g
- 所有的启动项目(包括注册表、启动文件夹、服务等)5 l1 s" J4 \: g& z) M: ~
- 浏览器加载项9 K3 h3 d9 X% C: V3 ~- ?8 z% S
- 正在运行的进程(包括进程模块信息)
6 A& R/ I! v: H - 文件关联3 ^: f$ p- D5 |9 x
- Winsock 提供者
+ m# b% |% ~5 i4 R: x$ h& |* X6 | - Autorun.inf( G4 o2 d! @5 \
- HOSTS 文件
4 Y- [0 e. q3 m2 z% Z, p3 M - 进程特权扫描
6 S$ B5 n$ }# V/ H y) ^: ?
L0 i" @; d5 [3 n+ p1 O1 A/ R- 启动项目
& R8 j/ ^# a8 q& V( t0 F - 注册表
7 T2 Q& U% ?$ i' f# x - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]( H$ S; Y$ Y. P4 e
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]% Q, p6 G- u" `' W
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]* e+ ]; s8 b% N: ? Z7 b
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
6 k- w: ~9 L, k& }2 q2 V - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
8 i: F6 T* _$ F5 ^2 M - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
* ^) _! X7 W" \) q - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]0 {( Z# D* X0 g& z* c
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]1 P* ~0 O' _: @+ r
- <PHIME2002A><; > [N/A], p- I# t# [ B) ]. ?+ z& B7 p4 s
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
0 P( W$ e$ F+ j1 @9 c( W8 G1 ] - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
8 E; T* b4 s/ h( } - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
. x' A. K; ~0 S0 b; q& W/ ? - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
5 X [" ^. A1 ]( g - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]7 O/ X) w- P% M
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
* u3 @1 {5 [/ l; R& I - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]! q5 |$ \* W, d
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]. a( O7 ?3 t* G, b/ J7 K9 c I
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
) |: m, t. ~1 Y" o! ~ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]* }/ e4 }" {0 q* O4 {: y# T
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
( F0 |2 X0 l! I4 h" ? - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
* x; U, m8 q: { - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
6 d+ y6 x; C9 i$ L3 ]+ T3 b: ^9 H7 n - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]* G8 l% K( e: P1 _1 u6 T
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]. C- I( L' {8 m7 i: ?0 ?
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]& u" Q9 X9 t: N% a
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]7 y7 ?# [$ t6 s; k. s' c
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]/ V5 d$ w/ Q' y& F$ |
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]! R* V; C& E$ J1 ~6 q, n5 N u- B
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]% w; z) q5 H4 Z E$ L1 p
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
' v; s! s$ T4 _ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
6 ?6 m/ s* p' O0 M2 ^ - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]- o; H4 L, ^5 h' K
- ==================================4 E* S% [6 f B. M' G, p# c# T
- 启动文件夹
+ _) R- u( |$ x8 b - N/A9 f. A7 } \/ o" P
- ==================================
, l1 C: H0 M, \' ], M; { \" H - 服务+ y$ [9 `7 M; ]5 @2 m8 k9 u/ o, y
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
# {( O* E6 N0 o0 O! h - <C:\WINDOWS\System32\3wareSrv.exe><N/A>) u: ]( w) f$ y/ }- z# E3 x
- [Google Updater Service / gusvc][Stopped/Manual Start]# A; g$ U9 P; {( A
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
. h$ [( \' H5 B! b8 y+ U - [Help and Support / helpsvc][Stopped/Disabled]
5 W6 `) R5 S2 W8 x9 K) u2 B- q" { - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>$ @* h$ ^* t Q3 e. _5 J2 R5 d; o, ]
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
. X( J+ @' B" k9 l- V - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>; T0 q6 u) G, }( Y- ?( ]
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
% C, W+ N; U( }- t: s9 r - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>. u8 I* f/ r) ?" G+ t1 b( A; C. O
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]; Z% u7 S& i3 L- o" b
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>* C( R! `, ]8 p$ n# m: i3 i; t- q
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
3 f* A: @9 Y1 E# j' n - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
; k% I4 H, _% [0 D( ?+ v - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]7 b! y: E3 o L% x
- <><N/A>
, }0 Y' o( Y' B: t$ d5 j% L# P+ X - [Qvod Terminal / Qvod Terminal][Running/Auto Start]/ P3 \7 J% H1 q) _" @1 ]/ p
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>2 Z [% E% n0 q; O0 t! I" S- t- M7 Z
- ==================================! ]2 |/ D3 {& j4 \/ k+ q) B, u
- 驱动程序
- s+ T" \% [' ?6 U3 y. @ - [22j / 22jn][Stopped/Boot Start]" c; y: \' F5 W) T* A* \
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>5 m9 F4 s) Q" B- L# j. M. a
- [360AntiArp / 360AntiArp][Running/System Start]% R! Z! Z1 W. B5 r1 ~) s5 e
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
" I+ x( B9 o5 L9 m* s - [43ec / 43ecu][Stopped/Boot Start]* w" E( S) A8 e
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>. F7 G% p4 x( h" n- z! h9 Y
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]' l' `' m3 V+ v" P
- <system32\drivers\ac97intc.sys><Intel Corporation>& F3 Y* `' I4 K. _9 {7 v$ R+ D3 v
- [Promise driver accelerator / bb-run][Running/Boot Start]
5 O5 w: u4 B3 i5 Y$ q) E5 n. o - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>8 g0 V) W. n& t N2 O% F1 ^
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start], z5 w; Y0 ^ v; k# W
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>$ ^5 G3 T/ U' |
- [KAVBase / KAVBase][Running/Auto Start]
K1 Q8 x6 { a( y! X" | - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>$ |7 a# b+ |9 j0 b! v
- [KAVBootC / KAVBootC][Running/Boot Start]
% H& O. k2 v9 x8 A0 c t - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
4 F/ b( L4 `" i# {, v8 n - [KAVSafe / KAVSafe][Running/Auto Start]
6 O9 m& Q' O; [0 O - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
, i5 H, S4 Y4 I - [KNetWch / KNetWch][Running/System Start]
0 u# y1 d6 `# B0 x! J1 A: c - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>4 r* u4 b+ `1 f# I6 d/ A# M. y
- [KWatch3 / KWatch3][Running/Auto Start]
1 W0 J8 p% R& B - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
+ e$ t q* Z. _ - [ntptdb / ntptdb][Stopped/Auto Start]
8 u( n0 e) H0 d9 I+ N) y' q; D; c - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
6 i' n9 O: ]7 ?0 V6 `6 _' G - [nv / nv][Running/Manual Start]: U! b+ k9 F. V" J7 D* _
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>7 Q" u+ s7 Q- M# ^0 v( f9 [4 E
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]+ R/ A% S* z* r7 J
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
- g2 p* x5 ]8 H+ z4 M6 U - [DDK PACKET Protocol / Packet][Running/Manual Start]
1 n u( J6 F: _# q7 s5 u( O7 e - <system32\DRIVERS\ProtoDrv.sys><360安全中心>: Y( |8 w0 ~. ?& v9 X( V
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]- d8 n8 G: T7 r8 f2 {
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
( ]) x3 Z- f& B* W2 C) A6 ] - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
" a2 x; s2 G: e( Z0 Z; E - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>7 {4 S Z0 j7 y# J4 F4 c( R% _
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
& }2 Z6 p) V% _0 z7 J1 X - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>; R9 @3 i" V% \6 R8 Y0 \( I( k
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]7 d4 i3 H3 a3 i2 x/ o1 M4 U
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>0 M2 N7 |* _5 G0 C! j
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
7 q5 u6 l% |. W! L) [" }) l- r - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
, \; ?+ f% i. T8 a) B7 ] - [Secdrv / Secdrv][Stopped/Manual Start]
+ l' ^7 \" |( c w7 x" b7 ]5 n3 m - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
4 l/ ], N H5 Y) S6 \) L* N* p - [SATALink External Device Filter / SiRemFil][Running/Boot Start] M/ J* y# w/ q; r# e
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
2 K$ B1 e" Z8 N - [System Restore Filter Driver / sr][Stopped/Disabled]
, ? p; j# g5 g( ]" R - <system32\DRIVERS\sr.sys><N/A># o; E/ F( e3 d5 q& g
- [TesSafe / TesSafe][Stopped/Manual Start]
" b* Q ? b: P& E2 n6 E - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
2 j5 I I2 [' x2 A - [System Services / unzxzsrs][Stopped/Boot Start]
- r3 m0 D6 i( I9 P" c - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>2 w' g# ^2 w% ?' c/ [; n
- [ViBus / ViBus][Stopped/Boot Start]/ W3 Y- Y d* `3 V$ Z! m+ x7 \
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A> i/ _' d/ T, A& e# e
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
4 L n$ r. ^! { - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
: \) a2 c- \2 C' T9 {0 K - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
& A' b* g9 a+ H* x$ K: H0 h - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
' J6 i( X( ]0 K - [ATI Extend / zhibmaso][Stopped/Boot Start]
+ d2 X) s+ d6 X. Y - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>7 D' `; ?9 ^# X* U0 W, Q
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
; L' O# t' J' G: u1 f. X+ o& j/ P - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>3 l4 ?- R1 F1 ^4 ]) e3 y8 F7 y: E2 \. G
- ==================================
, G. B p* M% w& c; O - 浏览器加载项+ V0 i$ v( W3 f/ A
- [Google Toolbar Helper]: e3 S& U' D; A( m% F# |; R9 f( I
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>! i$ h& \- f% F& h: N( g0 a
- [Google Toolbar Notifier BHO]& J* P+ U! y; f V: b
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
( o4 x2 y2 b; s+ _. f- \8 a - [SafeMon Class]
: q2 k. H' l3 p3 e# `" z6 H - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>0 x" k3 W: j- t% k( u
- [kingsoft browser shield]* d1 j! a5 P' l
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>+ t0 f2 [! D7 X: b
- [IEBuddyExtControl Class]
% a: W% j/ C. ~, q) @- u$ @& B - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>! B. R3 e1 `- e3 C ?8 c
- [Zcom 杂志]' T* X$ v5 U6 L0 x0 m
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>0 T: m( K1 O" _0 Z6 t' b
- [&Google]! n0 k) `. ~) P3 w
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.># ~9 P5 O4 o) d7 j' w
- [KooPlayer Control]
+ S1 q7 w) N _! k' Z' |- r! D - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>+ B& a: `* x# k; S3 R) c3 M+ v
- [Shockwave Flash Object]
: @9 E2 \0 j1 ~) S - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
* C3 V2 v: ?1 a& O - [KUpdateObj2 Class]! Z+ W* D: H) V p' R5 U
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>/ u, d+ s3 L8 Y( L. b
- [Google Script Object]+ p: L! n- \2 D5 X% V1 l2 Z
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>) n1 E, S: \4 b) s3 S3 U
- [EWA Control]$ m& u5 e; j. o$ J
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
; h. a) {. `9 s# {' R; v' L4 Z; F - [Windows Media Player]
$ t: A* h5 R" J$ i3 b/ [( C; C - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
* d* O8 K3 V8 n' n9 z/ b% k4 h" |/ \+ x - [&Google]( n8 J( O, [- B3 I/ k
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
9 B$ \3 ~' P2 l6 D" D - [HTML Document]
: M6 d% q: r( P# d( l; }* o - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>, G5 O6 ]4 `% g- f- p3 u
- [DHTML Edit Control Safe for Scripting for IE5]
6 \, X$ A5 ~6 C: U3 x' H6 a% j _ - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>$ n' B) ^1 K/ ^6 r7 ~# a4 H1 ^" g
- [RealPlayer RAM Download Handler]5 y9 f0 A" F" x" [& j9 Q! x
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>' B; ?; Y H: J4 b9 _3 M& c
- [IEBuddyExtControl Class]
8 s' Y5 q% ?, C1 n q1 ^8 y$ p - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
; H/ Y+ i, ^* X - [XML Document]
0 N$ o3 p5 T0 }7 j( |: D - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
# u. D4 X, F1 A* R7 L( C - [HHCtrl Object]$ A! e& b2 _6 `/ g
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
+ l% Q' w' M0 c* }. e n, K - [Windows Media Player]; ~; F/ ]+ E1 H
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>3 l( d. H: G2 Q
- [Active Desktop Mover]
) g2 p% l$ M& B - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
6 R; R! ]! ]% t+ W - [360SafeLive]6 ?# ]1 r5 {9 i& T! C1 r8 b* p% }
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>& I9 F' D3 N, J0 Q
- [Microsoft Web 浏览器]
. Z+ G9 d- K$ {- g) |- g7 E# c - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
1 C; r# V+ P5 B* H( q5 V" s - [Browser Enhanced Objects]' K) F( a2 Z6 Y4 e8 Y# }/ F% D
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>' e1 L. Z0 ^" Y' s0 `, F& M
- [Google Toolbar Helper]
L! C" ~: E5 u# o - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>- I9 y+ c" t% S! W. t9 f) Z
- [Microsoft Scriptlet Component] [( R8 Q! \- F3 |; H* h5 z
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>; r* t: T! X# u5 l( R
- [Google Toolbar Notifier BHO]" g M+ b" [; A' A& S+ Y a: ~- {
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
& v x1 e, w# y- D5 `/ G7 t# e - [SearchAssistantOC]" W, I- `, i+ x- K! \) y: M2 \8 v+ P; H
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>, m; K5 H# B% c" M
- [SafeMon Class]9 I( s: U& Y+ A! u7 N9 K
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
: g6 O! c, t* s7 h" b2 P) o6 f - [RDS.DataSpace]/ X R# S/ Q& \7 N
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
! A/ i. S1 u. y1 E; Y8 l - [KooPlayer Control]% q5 x7 T$ m q8 l$ N
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
4 x4 H6 ]9 F1 S) u - [AUDIO__MID Moniker Class]' S5 M, ?' S' N+ E( H0 _6 e$ y7 D
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>" D) R9 ?5 s. D
- [AUDIO__MP3 Moniker Class]! Z9 A# j- P/ V( A
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>0 T& m2 V' S! ]) b
- [AUDIO__X_MS_WMA Moniker Class]
2 Z' |- D3 M3 @* e - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
+ M, Y. d. C6 s& n - [VIDEO__X_MS_WMV Moniker Class]
0 x# E: r# C: w+ I/ S9 W - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
D6 W5 i/ K+ I( V& j - [RealPlayer G2 Control] P" @* P+ ]+ z0 P, ^* D
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
! i5 O4 C* c0 F/ f6 d! P8 s7 s - [Shockwave Flash Object]
P* ^- D b! s" G+ H" g; T - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>4 G- C; ~ W3 N% e6 S8 E$ V
- [KUpdateObj2 Class]
, @/ A6 V% H) D9 y- R7 W - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
5 ?: m: V# `$ q - [kingsoft browser shield]
+ e4 H/ T- D9 ]$ O5 Y - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
5 M& z n9 j1 ]4 A3 A3 T; [9 [1 n - [PasswordEditCtrl Class]* o( r( J6 @; g1 T
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>' n( A& z- ~6 [: H
- [QvodCtrl Class]
2 Q% l7 p# \3 q* o3 e6 U0 g# ? - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
8 N5 Q8 k% u; q - [&使用超级旋风下载]
0 V) P8 Q0 g- U7 B- D+ N+ J4 { - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>& x. i% J, x& D) Z
- [&使用超级旋风下载全部链接]
! a5 l" q) O/ [( [ - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>$ H( C2 C1 ~4 g8 u; G
- [使用迅雷下载]
; S6 y! H# K6 ]2 i+ r9 S - <, N/A> Y# x- k3 `1 Y3 L; u, K `
- [使用迅雷下载全部链接]
, @2 u. {+ E2 a# g5 x - <, N/A>
' _) R" X9 P: g - [导出到 Microsoft Office Excel(&X)]- s% r% s5 h! Y& e4 U. P# Y
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
# } W) e% R) G6 m# d! z- R - [添加到QQ表情]
) j6 O3 b0 g& `. X - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>' G4 p. n( l' U& A" z. \1 Y
- ==================================
& ?( n+ g6 L K: A: s. g) M! s - 正在运行的进程3 A; \; v6 B* X8 R
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 e/ r1 g) v4 d
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) o( S c7 u* ^; f5 g+ `9 ^. H( L - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" B1 ?6 {2 ^+ b
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]* v/ h6 k% X Q
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( Q# ?6 ^; t. P1 N& Z5 M" i
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], a7 }) ~' v3 i6 V
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! }# R6 C' x2 G0 H - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 L$ H! U( c y( R0 J2 i
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], r9 S7 n% P8 E( b0 d8 R/ q+ g
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 y3 H2 ]: D0 y' ~" ^3 r+ @
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# s9 [$ [) x3 Q8 `- f& ?( Y - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
2 W7 T- S8 Z' {# l X" |+ z1 o% m) f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( [) E& o! Y& G0 D% l+ F& ]% r# S# z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' [& r* o2 h! D: ] - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]7 y" p' d0 D v8 Y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]& u7 I x1 D Y$ ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]! k( q& B, ?3 J
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]/ s. e# \" ?: y3 ~8 X0 a
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]3 X+ L- `! j. {* R3 @6 V
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]3 S5 p7 [. P. N7 V) }0 a
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]; q) B: m ~ v$ i% n% ^9 e
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 J& y( j* I5 i; x, P+ R9 {1 y
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]$ h0 z* i' V. G, `9 M7 b L
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
& x2 W, P8 B! |. r0 f! O9 v% n/ F9 [+ X - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2] R+ }# M0 M8 N8 K: K: l% x- Z
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
3 Q+ ]8 C9 k( @- s/ J6 J! Z - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]' G3 {% u5 J0 V
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]: x7 r |" w% v! z( _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 L5 j) D' _* j6 k+ I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]& M9 u; \, w. F/ q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. B) H8 X, q3 A! L. @7 c
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 l( p7 Z: H2 z, b$ u6 y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 i) l) Q9 R3 _7 u" V' `0 ]% W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ w$ y0 c8 o: i; @9 l - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
k2 m# A2 \$ r) l% X - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
) m$ n, j! H9 \. C' A0 e/ a! ` - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]1 S' V7 V( P3 X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] y, U; F P {4 K1 t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( e9 }7 h7 A& f - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
4 b% d, r4 B, P9 {8 ~7 _ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
* {- H/ ?# R9 V - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
* h. R5 y! r' I9 b) U* p+ [ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) a% V. _9 I/ C( V5 A. P
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 @+ b* G" ?/ w b5 h, D - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]( s, l2 W& y/ ]8 M
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* b. D( L6 A- v' q: {) K
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
, x2 X0 W @/ B - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
; z8 Y$ o0 Q u2 L - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] Z% K7 X' ?/ }, o& n. B2 ]
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 P$ r* s' P+ J% @ `- A$ n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
c) G9 Z9 Z/ ]1 i/ c6 H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 f. T' E& ?3 E! A- ]- x
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
; u7 I& ~: A/ A/ x! y( ~3 V - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
- o/ R9 W7 Y1 F. ?0 u# w* v, ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]) b& U8 Y1 x, Q/ k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
% \" C" ^3 O4 t# V' Z; [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]& }8 B3 @2 V8 Z5 h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]) @6 D3 R- v9 p5 h6 n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78] Q1 `1 H' ?/ {: q' H7 x
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]. i& ?( |, I9 x+ H
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
$ x* D! D: }- c; h6 g - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
1 Z+ Y6 B+ j* g4 g% { - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]* t6 I+ a5 i }0 x9 T1 C
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]; @8 Z5 H$ X7 M. y: @$ Q. L
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
" p6 i# d' }- i$ v - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]! ~- {7 w! ?/ F
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]3 B. R: k1 F) Z
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
& o& @8 t1 T& y8 A1 U2 [ - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]7 \) j, C" C8 |8 }+ l; A- a" W
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 l7 h( K y" s- w1 ]
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]0 o f2 a4 J$ ]0 h
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
9 Q% o+ u, h8 ]1 i7 Q' y Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 | @; D) E* x8 j! E/ K
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* g T) q3 D) Y3 j
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. ?& i3 G }, I2 P - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
4 n$ N8 Q+ |1 R0 r2 I( N - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
0 G6 N8 w1 p$ J* P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, [" h/ ~+ t: j' D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
: R8 T; L+ @8 c# ]# p/ }" U( y - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 c$ a, N0 \- N3 b - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
7 x$ r9 Y7 {( a' y7 r4 M* }' ] - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]! ~4 B; j( x$ ~3 Z
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001] C# L! l: ]2 L4 ^ f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: ?4 G6 i: \# L* Q2 _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. A# W. H5 ], M: @ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0] s- O& u( Z) U: x! H
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
3 B P: r( {$ L, b/ ?/ _ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) z$ L9 b4 S G/ _. d d3 x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. [& d3 L1 X3 e) Q0 {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ E3 _4 p I# ^9 B$ I$ N: x
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 s/ C. Y: n9 ~8 h& c0 o - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]1 H. ?# \3 u$ q9 K; l" N
- ==================================
# [- A. V0 W" [; F) H' C - 文件关联0 g9 p2 U( w q/ I( X5 ?
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
# F2 M" I9 _; e( q - .EXE OK. ["%1" %*]
4 W6 c' U3 `) h - .COM OK. ["%1" %*]
5 J' t# I! {6 Z9 q - .PIF OK. ["%1" %*]
. i1 d9 Z) M9 [% ~- e - .REG OK. [regedit.exe "%1"]
& P! ]1 }) f1 h - .BAT OK. ["%1" %*]$ E& |4 F% }$ Y6 Z- [# A! A/ P
- .SCR OK. ["%1" /S]# J; v) O4 E1 G" C2 C
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]6 K% T% l% V2 z5 o4 G3 h. V- Y3 \
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
& }; U9 g8 r' M0 X0 ~- D - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]: b( E. v( S3 f5 U9 N3 `) n. a
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
0 k! E+ ~4 i c7 B0 Q- B5 Z3 ~ - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
6 D' _8 V( Y( _- ~) \' m( G4 K - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]- {8 C; b1 r5 ]
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]3 l# x9 \/ v r
- ==================================3 }' }- ^6 X% n& \; y! A& P4 g0 l
- Winsock 提供者
6 D0 P0 a) Y0 T2 q2 @7 T - N/A/ f7 N X" C( c5 y/ u
- ==================================
6 _# |) ?9 y; v - Autorun.inf
! H/ @( g- f/ R3 _8 I6 M - N/A
! V. f% K2 y8 c: i0 C - ==================================
( T4 t" h2 P3 A! b - HOSTS 文件: c h$ y) ?% Q3 G1 @- [8 I
- N/A
. M$ Y" n& T( u1 h; D' }% H7 [ - ==================================
' d; h) V9 z6 L! \! t1 f3 ?0 Z7 R - 进程特权扫描
# R6 J/ ~: T. {) N' R - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]2 X: y& _$ L+ f* b' R' g1 F
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]9 j$ l# L* p4 h' M, x# E
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
+ |. w3 e; e( J4 Y - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
$ ~, W2 ]2 s* s9 v) \# A0 B - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
: H' }+ r8 T, Q+ F+ d) ] - ==================================4 d0 x& r7 b5 h( s3 s% J; Y# R
- API HOOK' Y7 Z5 D4 f5 O2 K, [
- N/A
% T8 H% z( A% V1 E2 i - ==================================
?6 u3 B2 B+ [ - 隐藏进程+ ]& ?% h2 y. @/ t0 ]
- N/A
: b( K- J/ |' F+ t - ==================================
\) Y" Y; j$ i/ x. {# h: t
5 w" c/ |, _) p! b$ S3 |
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
