|
|
- 0 C% A# p" j/ N! M$ |
- 2008-05-22,20:37:43
8 z% A; A0 E7 V - System Repair Engineer 2.5.16.900
' M0 O0 f0 ?6 K/ ]# D! J - Smallfrogs (http://www.KZTechs.com)
& Y! Z( T6 [ R - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能0 o( b2 I0 R. r8 n# \0 P
- 以下内容被选中:
6 H0 H2 O# A) ?- g9 g& j - 所有的启动项目(包括注册表、启动文件夹、服务等)2 t; k0 E# \& G# j& S5 n4 F7 w
- 浏览器加载项! G& ?! k# f# _9 n, T6 g
- 正在运行的进程(包括进程模块信息)3 ~( q5 [, V: m3 t; R
- 文件关联. p7 h6 k2 a. e2 P! ]; {- r
- Winsock 提供者
2 w9 d# y3 u% f! o7 f - Autorun.inf& K. G% K' R5 _% k* b: T B' ]
- HOSTS 文件: ^+ ~0 u6 S6 d `5 B
- 进程特权扫描6 a2 I/ G& z" W2 H
$ H$ A# _4 _5 @/ T- 启动项目
, m; ^2 w8 K/ D4 D6 g Q' x4 R6 X' D; a - 注册表) |; S0 Y3 @' H* J& _
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
( b; }# B7 s1 |* [; Y - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
4 Y) {% }& C3 t& ~% G. i - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]; @6 Q& C) c) u5 @8 i
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
8 I5 k" S. w1 d/ t0 }$ T6 X% W - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
) T( i7 i9 _) x' w5 ?: f - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
3 S& x) d: p& _$ V: i - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]% o+ m8 Q! |$ s; R+ W4 Q7 S4 _
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
* r( H9 p k- O' e# u: ~ - <PHIME2002A><; > [N/A]' R6 h% j, k3 h D, r5 [
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]: [4 b9 T1 d* p8 y
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
' [4 Y- b- c) p9 c! K - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]. n& b; W( v, W, ~
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
1 d+ S9 L9 u( F - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
C. y- y7 }$ T) S r+ ] - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]: g" z2 k2 c, A) k
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]% d4 O2 s! d3 Q4 W) o) D+ R" s
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]: v% F: D8 C$ a5 h8 S$ h
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]* V. K2 \& x0 k
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
" s4 q9 f( e5 o+ r: ` - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]( g! f4 s# o( |3 D" g
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
3 m/ Q0 l* Y7 w: {" O - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]: H$ c6 k7 j0 i
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]. Z" h. B2 f; p* y4 h& y: I0 ]
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]& {7 ~7 Q' B4 [; `7 e9 s
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
5 ?0 J3 ?3 n- U+ ~ - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
9 R! y8 t. t( w1 c' v- g. J, ^+ m - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
! T' j- z# y3 n* ` - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
& |1 ]7 P* Z P$ g b$ z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
! \2 z# c7 L F9 ]8 X7 M5 ~ - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
7 X3 W, }; `( u0 i, {1 K - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
0 E- i- V4 h6 ^: H - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]; y3 N4 Z7 s# [# ~( J {1 @9 D8 u/ n+ l
- ==================================
5 N9 \( }3 I* @5 x! \ - 启动文件夹 H! Z4 O6 n1 Y; K! b9 I" p( e
- N/A
& v% \' s. Q4 y( x7 c! }% P8 @ - ==================================
" q: [" t1 t: \ - 服务
4 S& o: t# i( J% r) ^4 j - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]0 F2 x: Q" i+ J% b
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
( _; T5 V; C5 D5 K( P - [Google Updater Service / gusvc][Stopped/Manual Start]
# B( L, Q! R. N! O$ W: p) H - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>% x% Z( g; l1 |/ h; p2 u( Z- p2 m
- [Help and Support / helpsvc][Stopped/Disabled]* R% z. N7 U# s5 Q
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
* `, |8 |+ e1 V( r. q; j - [Human Interface Device Access / HidServ][Stopped/Boot Start]
+ Q+ \* t4 p. j- @1 m/ Y& f - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
3 @3 Z% v" J: h$ d$ {- k6 |) L - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]; B' H% F4 ]! x
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>" ^% K# S, K6 p; b( P0 b
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]! H8 l& T! f# ?" F* E* a0 b
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
! d( h+ J9 l7 P+ h1 K) g - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]) b% S( _9 }% y1 o- s+ p
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>% t( x* l% C) D0 E8 c" l; T8 K
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
( V, ^6 {# w, b5 U! A' y3 | - <><N/A>, o, l3 Q! G0 H Z+ I8 |/ j" y
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
; [+ q6 K, p4 M8 a7 Q7 r' S! q+ ]4 c - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
9 z2 s8 s1 {( L& p2 i! b4 v9 ~% z$ q - ==================================6 }9 H* R( ^6 V" B" g
- 驱动程序, J5 Y2 j+ T' i
- [22j / 22jn][Stopped/Boot Start]
# w1 Y3 c% }5 T" s - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>7 E( Z: k+ S1 N ?5 q
- [360AntiArp / 360AntiArp][Running/System Start]5 i- |* ~2 N$ t% u
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
7 m) l' P! ~' N" P, _ M& u9 i - [43ec / 43ecu][Stopped/Boot Start]* Q# ^& W, X3 M" e o1 p# n! w
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
. E, ^0 q& v) O) o- W8 x6 F/ X. W5 Q - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]; z7 z) N# Z) V. H
- <system32\drivers\ac97intc.sys><Intel Corporation>+ E0 u( Y% m0 `9 w+ m
- [Promise driver accelerator / bb-run][Running/Boot Start]
( _0 J+ }/ r# z* A7 J+ i) a/ K2 v% f - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>) }: F! j8 O+ U, ^: ]5 u
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]( Z: g$ \0 E( z
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
6 c2 T' u& `' s1 z! W - [KAVBase / KAVBase][Running/Auto Start]
7 x' D% q7 F2 C1 i5 ] - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
4 g+ ^# b/ L3 R1 @ - [KAVBootC / KAVBootC][Running/Boot Start]
; k" t0 t8 H( `3 q! ?6 f - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
: ?: y$ F8 R- C% \ - [KAVSafe / KAVSafe][Running/Auto Start]
' e6 ^9 o% Z0 L) g - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>0 o/ y$ u4 p7 \! n
- [KNetWch / KNetWch][Running/System Start]
Q) q3 S8 H5 f/ z3 h t8 i - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
" q0 y) z% X2 c$ {1 q - [KWatch3 / KWatch3][Running/Auto Start]5 m' ^4 |* p! ?& v* A
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
, v: `" C \) H, L( }: ? - [ntptdb / ntptdb][Stopped/Auto Start]* w5 A+ m7 F0 [0 P3 |! x
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>) G) ]$ ^% G6 I
- [nv / nv][Running/Manual Start]
: j3 |+ Y+ @1 g" ? - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
, F: \9 H0 D. g l - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]! l1 c' R% a* h; ~' U+ G& w1 ^
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
* ^. G& f4 ]! w$ U. T! V+ [ - [DDK PACKET Protocol / Packet][Running/Manual Start]; ], u9 D( w4 \7 l0 r. L3 A3 L
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
: K( L8 t" J" o5 E3 S3 H9 W - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
- ^6 \4 u4 b6 x, u, v3 M - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
l& v# D; M. w - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
, x: E2 E6 \8 `& }$ {9 n) R - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
: j' O# r6 _8 o1 h3 Q - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
9 k7 W% [% x! j - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
6 \, X# w; ~3 ~& Z5 ^ - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
, F9 b9 `) i5 X0 |) \/ J8 E. c& d - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>0 K3 C+ N( P" I( {# U
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
: d. F- w; T" K - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>% ]! P: f* u, S3 O! I/ T8 C" M9 m3 O
- [Secdrv / Secdrv][Stopped/Manual Start]$ X8 z# G7 t" K7 J4 B; m3 g0 p$ s
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
+ V0 O# N, \1 ~$ o9 T. `6 o - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
& u, [8 A. n7 O! i. E, _ - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
: D" r6 h, b7 l9 z: Q/ k! B5 O - [System Restore Filter Driver / sr][Stopped/Disabled]
3 D9 ]* z4 R& A5 a4 ^9 l2 Q - <system32\DRIVERS\sr.sys><N/A>
R: C; L% [" Y$ j& t9 k - [TesSafe / TesSafe][Stopped/Manual Start]; _$ |! p5 f) h
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>6 p& j1 z3 _( S- ?7 q$ S$ E
- [System Services / unzxzsrs][Stopped/Boot Start]; c6 W# o X. {; a0 z1 y+ G
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
' u( {+ [& q4 S - [ViBus / ViBus][Stopped/Boot Start]2 N( i% ]5 W/ Y6 {: d
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
; ?- a! e2 O8 W% P - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
. j5 N4 h, p, A: |4 E - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>8 M+ l5 m9 m8 Y' q3 @$ m
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
, a; N3 J3 d0 B6 p Q - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>& N9 H( n* d h b# z1 l
- [ATI Extend / zhibmaso][Stopped/Boot Start]6 P, M; B2 s4 M5 K& h
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A> G. Y1 b( o) ]+ J. Q2 c
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
9 M9 @4 b$ c+ l! \% J: _- V; b5 Q - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>1 _& Y' u7 ^- W
- ==================================8 B. R. }6 I: G
- 浏览器加载项$ ]' b! A6 m6 Y |+ X
- [Google Toolbar Helper]9 ]1 B8 n, X8 \# Y' y
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
+ O3 C; D* ?5 B& U. s- l - [Google Toolbar Notifier BHO], @) g ~* f: \+ p* ?* {% f+ E
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
b& ~6 C! d# G - [SafeMon Class]0 u, W# e4 c1 }$ A4 |
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>6 ?" G" c" i# ]
- [kingsoft browser shield]
9 c! I, y9 _: N; \" V, _ - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>1 R. K/ P/ H9 C: p
- [IEBuddyExtControl Class]
7 I0 i( ?* q, K! b1 m0 | - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
0 a# z# L- w0 k; Z& ^& o - [Zcom 杂志]6 a7 a# A% a! @ k$ P3 T- A
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
$ p: n# i+ }8 `5 ^5 D& b - [&Google]
, k# n; ~$ Q5 [: z }7 G - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>: D5 C* r3 c. E$ ]
- [KooPlayer Control]0 c( g5 {& ?3 L" o D
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
% N8 d! n) ~! \6 l& U4 Y - [Shockwave Flash Object]" P q0 s9 `1 \- c9 H
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>; L: X5 q: j! J2 x' _$ R% Z+ j
- [KUpdateObj2 Class]
0 N2 s/ X' @- f* ]$ O3 ~& d - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
- B: N9 o |- W; z5 G4 ]! { - [Google Script Object]
% \# M! M$ T% X. z% T6 `6 ^ - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>0 \8 ^. W) G |# D
- [EWA Control]% V2 j& w0 ~$ C4 o5 u$ b+ p a! K
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
8 n" f" Y* Z* ^0 B, [+ x - [Windows Media Player]
( s' z! G8 P" m$ B/ w - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
, q% ~3 r w4 r9 v - [&Google]
# N: Z" n$ S; z4 [$ [ - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
; N4 J5 [: U( y1 j* x7 u* k - [HTML Document]
' s$ O1 ^- j% k4 Z$ Q h - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
5 J( r1 s( E( {$ q3 h8 a8 D - [DHTML Edit Control Safe for Scripting for IE5]
& x5 \$ n3 Q' X - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
: P4 }3 u' P, `6 @ - [RealPlayer RAM Download Handler]- a T) _$ ^& M" J. \
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>& T6 W3 W" K$ X% p b& a1 O
- [IEBuddyExtControl Class]5 H0 k4 u; ]5 H% o9 C2 [/ q
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
2 M& \7 R% M3 g, C" ^ K - [XML Document]3 n* j/ n6 l+ z' B
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
' I5 @3 L' t+ ~! C; j - [HHCtrl Object]1 p2 |' C( c/ G! c- e0 W5 z
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation> {9 t( I8 m8 U0 n$ c' _
- [Windows Media Player]
$ s2 q* A/ l$ f. G. V2 o - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> h4 i9 K7 U. H
- [Active Desktop Mover]
, C0 g6 B. W: d A - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>) `1 E9 ^8 ]" _5 w* U0 R
- [360SafeLive]
/ w, y8 e, l+ z, a+ d4 p4 e' f - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>. I% w2 x2 `- j% s
- [Microsoft Web 浏览器]
- _. V( v% c: u - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
; o- y: J, w4 V s T - [Browser Enhanced Objects]2 e9 Z! ]0 f) H$ {+ F2 }
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
. l- y" ^3 v5 E6 m% o* p - [Google Toolbar Helper]- I; j0 H6 q( [ D% Z8 p
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
5 t) {" ^4 C8 Q: n9 c9 m& T - [Microsoft Scriptlet Component]
2 F) e7 D+ U* ]5 X3 [, A- W - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>3 v& @" {1 S7 F3 q
- [Google Toolbar Notifier BHO]
" v" _/ Z% h0 k! R+ o$ q% x - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
! f" r$ U [# V* d, R2 w) G - [SearchAssistantOC]
# b8 S/ N# x* x1 |6 L2 b$ L ?2 V - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
: H4 K1 o% j+ E8 ?4 ~" A6 p7 W - [SafeMon Class]/ a. N+ E/ D5 x9 t: Q6 L: a
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>. I1 u+ M9 Q3 G( Q+ t: v
- [RDS.DataSpace]1 \6 q2 y* Q' @; z3 X
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
3 ~* _( F+ o' S/ I - [KooPlayer Control]
! i5 ^2 i% H$ D& W5 l% d - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
+ z4 h; a9 k4 ^6 r0 v7 \8 Q - [AUDIO__MID Moniker Class]
+ r# O; z& ?; O( p3 S" F - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, z# N: D8 k+ X - [AUDIO__MP3 Moniker Class]
# o: |- m- f& w4 w4 L# w - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
2 G' x, `( X4 e# X+ T* L - [AUDIO__X_MS_WMA Moniker Class]* V! P- @ e- b
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
% [ n( y$ i! }: o }. l$ v5 c - [VIDEO__X_MS_WMV Moniker Class]6 Y a( m `& U% n$ f5 M: h }4 U
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
4 p7 _$ S- W4 n3 G) {' o - [RealPlayer G2 Control]7 L) \$ ^/ `7 L0 q8 j3 d
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>% D4 l* m1 t/ Q2 f# P% k
- [Shockwave Flash Object]
\4 ~/ y. G$ ~2 T, r - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>" n! j- t. \7 M) n5 q" x, `! O
- [KUpdateObj2 Class]
o% L) N+ r* f2 q2 C! k: T% p - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
" {! P' i. B' @" k7 t; e - [kingsoft browser shield]% |$ v# K: K' R# S) g
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
9 V3 i7 i0 ]! h! j' ~# m - [PasswordEditCtrl Class]
0 f6 Q' [; {' l2 B( U7 @3 x8 L4 n& e - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
& e! W4 `! E" S7 I/ }$ n# V - [QvodCtrl Class]& F* C0 w `7 Q0 Y
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
/ x9 |0 K8 I3 b8 Z) Z' M( g - [&使用超级旋风下载]
D% Z5 x9 e9 P3 D$ M! | - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>5 f9 f' _& S7 `* j/ E
- [&使用超级旋风下载全部链接]
t) g4 }* x& g7 `" B3 R! f& f* Q - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
8 k9 B, b. U# r - [使用迅雷下载]
( X" N3 e' I" H7 t: [5 L! K - <, N/A>
0 F H; @2 A) z0 d3 T+ ` - [使用迅雷下载全部链接]
( A% t# h! |' `/ d - <, N/A>" D8 E4 E9 ^! N0 K
- [导出到 Microsoft Office Excel(&X)]
+ i- H5 `; l4 p( Y+ m( { - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>0 U, C7 `. s6 ?+ Z, Q# P
- [添加到QQ表情]1 S/ [9 E3 t: g5 g8 N
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
1 w$ s0 M7 X% [( T: T8 W - ==================================
B( i, C6 @6 M. M# i7 `/ } - 正在运行的进程3 S ?( a) |6 g
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 Q8 r( A Q3 B- E9 t. q. V - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 S& u# M: f x - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], ~1 ?& Y: f' H. L A
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]% x+ ^9 U* F" W& r3 l3 O+ X3 _
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: [8 _! Y: j: N* q. L; v
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( u& @8 k$ T2 @! a( E# S$ y
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! m2 S* M0 Q/ K. [% g4 b5 U3 O- B# _
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 x. A4 w g' |* U# k$ w) Q# n
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ z% `# E- u1 \( x/ W# G
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 ~: v. u2 q" I/ i
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ w% S1 t* F6 I - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
) p7 _8 K: |$ ~! v - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ \2 [ C/ L. @( K1 n- E. a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" k! ]6 q; }+ G
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]/ q* G1 g5 {( \2 ~2 H) d. ~+ f
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. e# h9 m, P- P$ U6 ?" G9 e4 k - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]5 n6 ]% c5 |5 L7 Z( I; [
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]! {( k) X$ B2 L, J4 z' @# a
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
2 E8 n0 M1 j1 d7 T+ U% P - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
4 u+ [8 [7 C4 W& w - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
& H6 h5 k2 ~7 g7 Q; F: L* } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) J+ d5 W: A0 _" N) M - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]5 E8 w) m% [; a6 `- p
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
0 j! E: u0 q6 s% E2 h - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
$ K+ N5 G/ s7 _9 ^9 f5 s - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]) D. H& M+ ]/ I$ Z. w- O- U
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]2 p; }4 g/ O; O
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]( r8 o4 r, t* @# T0 D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* n3 }5 Y4 Z0 f& _+ c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 M) K3 F3 z$ W6 @- C+ ]
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 W' x$ {: ^- | - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 s' {3 N' S" \6 \
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) U4 q% d( e( k! h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
T+ s# a/ ]+ ~% n5 a6 D# ?" D; W- Q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
: z4 x# v3 z4 ^2 C$ Z$ ? - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]- {9 [$ v) e, }: h' K! N0 L
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
6 s, v) {* \8 N+ w3 p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 A3 q4 `1 x1 Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% k. c* U! t1 s# |; ~6 C$ j, e
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
+ Z4 B, T& y. R$ v$ S - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
2 R- U" b5 g' z2 m( { l# \ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 l" V: K1 `- N2 A6 r
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]6 R% u8 u: |9 a
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; m6 A% R, e, K! s8 | - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
4 L6 @3 Z/ ~3 L- g - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" U' I( ?0 J- H" Y: J& P: Q" \ - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ ^1 @' |5 A9 c( f& }1 b - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]4 c$ x6 G. R& @! P+ `6 A
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]4 R- l- z# v, W; o
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
; Y, f0 ]+ A6 Q: E6 D# N. x+ ]& F - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 _+ t. a4 }/ |4 h7 k: K5 L - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% M( a/ G# x1 R Q! o
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]1 _- h% N8 t% c$ g( q3 j0 l0 K
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]- Z8 ]. e* f- u. |. ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]; h% g5 e# o$ I; P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
7 S" } ^: j# g! t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
c0 O/ V& R" Y% y0 P) H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
' V! }; V6 u; L: e$ n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
) r' Z+ h3 F2 | - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]! {. j5 Z l. U3 s' ]& |
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]- s7 S. x* D) l$ p: A: T
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]5 n0 d- E9 z! v7 _! }$ k! Y
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
9 K: @$ w" B, ]5 ?' Q - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]" |0 U8 O. X4 O$ O6 B
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
" M* k [) E5 p+ `, `' b# r2 j* p - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
. _' A* T; _; g0 o+ r, U - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]) s3 h4 h8 }: N) ?* y+ |; x
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]$ m9 r, y% V8 L
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
$ f% _# o; I' V8 k$ u* c1 V* D2 q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
+ L( }" A; O! h8 W" j! [- B - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
7 p8 a' K* j$ p- ^ r9 H. g - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]6 c4 d! ^5 D t1 i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
* G! x) [( H; \: }; i+ d- b4 g! I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 a. E! E- v2 u - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 Y1 F: V" K* u; E" L* E - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]+ i/ R+ _+ D# R2 N. j0 x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]0 |, l0 w" A6 A# j: y# A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 q# j2 j, F( x) M6 L. l3 P& G
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
7 n5 E" H' u- K/ V% \6 @) B3 m8 S) L; z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 t/ i' b8 Q( z7 ^ F
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
+ Y8 D& q: f) q: K9 Y, z$ Z5 G - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]# z0 }' J. n6 L' ^4 c+ y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001] u2 f' |) r0 N" H$ }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ U Q; W! I% F8 G, V) { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], m1 O# g2 k9 c7 u: m" j0 g# J
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 [& r8 Y5 V4 O- _4 ?- r, o - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
+ s F' C5 e" Y6 g - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]6 N. x6 Y4 j4 U0 h- m# N T& z6 q6 U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 x2 \8 i+ {8 R/ w+ ?( c+ m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
6 W* D* O- W" E5 v, U& j - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. }- x! ]& a3 Y# L
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]1 ]0 ]# [+ V$ r0 B& Z
- ==================================
' M) ^$ Y# y" `6 a - 文件关联' w8 t9 @; F/ N' Z% |6 c
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]+ A# ~& d2 [& Q: r J6 f. Q; P
- .EXE OK. ["%1" %*]
! f. p5 m' [ A3 [ - .COM OK. ["%1" %*]1 R9 W3 X! F' S. A' d2 ~9 `" o' R
- .PIF OK. ["%1" %*]" Q2 \% J! i8 \; `
- .REG OK. [regedit.exe "%1"]
+ _- Z1 \' U- H. { ^5 T+ f - .BAT OK. ["%1" %*]
) A, d; B) @9 A: f7 K6 ]5 B6 l - .SCR OK. ["%1" /S]- z6 |2 r4 a9 P( i; c+ K, c! G5 U7 E
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]! Q& q1 V; g: x
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]+ l$ q- C( ]5 A3 ]/ D! ?
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
) c( r" |% ~- n6 p6 [+ i. j- O2 V7 y - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
+ m1 B0 M% ~# D+ Q - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]* M* h# Z. }, d* [. l
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
! U5 u# b2 m& n9 N O - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
3 U5 I6 J) S& g - ==================================
3 A/ c+ ^, N7 m. I - Winsock 提供者$ p" o% Z6 \8 z, [3 U: `
- N/A. H; T& W5 p! o( T. U1 u: ]
- ==================================/ b8 j! ^1 D% n; X
- Autorun.inf
' X2 Z1 P+ V! V2 e - N/A
0 W/ ]0 `( X9 A* O C+ D - ==================================* O3 [: K |$ {% T
- HOSTS 文件9 J+ T i0 E2 V J* a4 Y5 H
- N/A
8 o: x6 {+ O! u5 i/ i; u" m6 c - ==================================
, g) Z5 Y/ k2 Y9 k. k - 进程特权扫描
1 Z6 a( Y( J+ g7 ~7 n) ~ - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]' j& u* h8 f# {9 w( h, A# D9 r
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]! }! M/ Z3 b% z& `1 w- i9 n
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
! X, e2 ?9 r* w4 v1 ]$ } - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]9 C; ~$ G5 u- D: I
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
s. t1 J7 H; Z' d - ==================================1 U4 E% h, ?5 ^ a4 y
- API HOOK
- s5 f+ h5 O0 P; T6 @- `: c - N/A9 u' l- b% D1 {# S; d S. d
- ==================================; _5 n4 m% P; D6 E( o+ W
- 隐藏进程
; ~; Z- w: f4 r - N/A5 i/ v3 n: `! E3 c; }. z; h
- ==================================
# q) i4 |1 b2 {
( o$ m' o4 A* P5 g
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
