|
|
- , s* H4 X8 d. x1 c& k
- 2008-05-22,20:37:43# L. u' [! w1 R" M9 ~% C
- System Repair Engineer 2.5.16.9009 h2 {; l0 q4 N; \5 f
- Smallfrogs (http://www.KZTechs.com)
6 U0 m. s: W4 e$ ~; ^7 E# M+ G - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
( o! `9 ^1 I. u. _7 ~& M - 以下内容被选中:& t0 a0 w e9 V* L6 J) n, ]7 k
- 所有的启动项目(包括注册表、启动文件夹、服务等)! p4 ?- F/ E1 c. Z2 t) U
- 浏览器加载项
" x, h4 P' v; ?. G, G$ t - 正在运行的进程(包括进程模块信息)" \. V V2 z$ V5 d$ U- z
- 文件关联
: ?1 E% B* p% |6 M7 A5 H1 J - Winsock 提供者
! ], y1 z3 B0 X+ i - Autorun.inf' z+ U/ t4 s8 ~- L! B
- HOSTS 文件
" B3 U: P3 g/ w2 F - 进程特权扫描
3 L- l& a( t! n0 ^2 `! o2 d) N; ] - * u* B e# e. |, E/ T1 j5 P
- 启动项目( v9 d) J+ P) G) F# O$ F W
- 注册表) n: O g5 D4 K3 c* ~ ?/ Z: J( R
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
+ Q- J4 b z% i) h - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
+ Y: o: \# t( c) Y( i5 v% \7 D - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
9 W. p. E: \. T ]8 Q9 K' J, t - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
! V; _0 r$ u3 S3 e* w( n - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
! [+ d5 C9 G. b8 ?- O* V; W0 }; A - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
7 |9 m# T9 ~7 P6 o: K i p- F - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
0 r/ a( k. Q/ @8 }3 I- } N1 W7 Y! p1 d - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
% O6 q' {; E, y+ `* ] - <PHIME2002A><; > [N/A]
& _! e- V9 w- F2 s( E! c/ y( j - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
! }: Q. b9 Y" C/ T: Y( o) g: B - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]8 u X# H6 @3 n- s
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
$ Q7 A( e% K8 J. J - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
2 }. q+ S8 ]' `2 S - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
5 a- H) y; M d/ a, l' i - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]9 e7 J0 A' ?% X) {
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]* `; h' b% H9 N$ \. Y2 E9 \
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]& ]/ |; Z+ F( l
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]2 M% V: Z. s& n+ o9 }
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]+ j4 W$ ~( P+ X) _
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]. V: g3 L0 `; v9 e' C" s0 m6 O
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]' t3 w3 ]6 W7 G' s4 m2 b# Z
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
2 N5 h$ y O: s9 J% p - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
0 s% [ z Q c# \ `: c( p' ? - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]4 `# F5 H! ?0 s, j
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
: K6 y' s8 z( B+ w - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]" V) s# {- r( Z+ p- f O' s d, k9 w
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
& l+ \, V* |! `3 J8 H - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
* g/ o( l. X' {8 B" G$ D# W9 |! k - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
& B# }( Q! V: s6 t$ A# D b- ^ u - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]0 d3 w" p g0 Z- d" _4 u. e! A7 l
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]0 X9 o1 C0 Y2 X: n/ Y( P" y6 \
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
+ }( e6 [7 x2 x - ==================================
3 w5 [$ y* e4 T6 D" S4 p4 J; ~ - 启动文件夹
; D# x" n2 H- u6 V1 k s - N/A( [* ^: P% k3 _6 v, {! y
- ==================================" @" k& \& z4 i& D
- 服务
: f, L5 e, S: Z5 W - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
' b0 X4 m/ l; v M - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
; u$ H: ~: `5 D. q - [Google Updater Service / gusvc][Stopped/Manual Start]! f, c8 u7 }# c7 }$ B% I+ r
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
# J3 u3 M5 q# T# B - [Help and Support / helpsvc][Stopped/Disabled]
# q: [0 m* P5 B% D+ Z - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
. y) U: P# ~) Q" V; } - [Human Interface Device Access / HidServ][Stopped/Boot Start]
, O/ ?+ \5 ~ ]6 O% k% t4 a - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
5 K; S& _% r- X ^" P5 N - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]3 i' j' e, ]8 e9 w( s- X; B
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
1 P( z# p5 c8 z+ V6 w - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]3 S& s3 @$ d- p% o+ s/ ?: E) f5 B
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>6 G5 e, e' _1 H5 ]& p( R( k
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]: d& B( N& r# x- l% [
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>: h3 Q' c6 b* M! Y
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]) T0 s( E) R6 d6 ^- L5 ]+ I/ E
- <><N/A>9 a/ j6 y: E) j# s9 ~4 C/ f5 d4 B2 W2 L
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]5 ~/ r4 r5 G7 V' l
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>% c/ t) W, `* ~, u
- ==================================
- i9 L9 r- z x: x3 J* H - 驱动程序% M1 e% r: {- I# B* c/ T. S
- [22j / 22jn][Stopped/Boot Start]- [8 D. U" B5 i0 e- [. D
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>9 I8 f. D7 Z* [ H, V& j
- [360AntiArp / 360AntiArp][Running/System Start]: b) w0 X ?/ h9 K8 K) h
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
% [4 H5 z' T( y2 |5 e& Q1 f - [43ec / 43ecu][Stopped/Boot Start]
- z% c7 I, m3 W: o A - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
+ U! P; U% T0 [& I7 I0 @ - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
( s) Y& g7 k: r$ v1 @4 _1 X - <system32\drivers\ac97intc.sys><Intel Corporation>1 i! R3 L7 u, F) v
- [Promise driver accelerator / bb-run][Running/Boot Start]
) g q8 ^! \7 E' V - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
X& x& d, z; p- V5 i8 K - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
+ v+ L% {3 W" y" X6 h+ C) `: W/ x0 P - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
! X* O* F* Z5 v8 H; v# B - [KAVBase / KAVBase][Running/Auto Start]3 d; t& E y8 I
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>+ j( E- d u- O5 {8 H5 ]$ j
- [KAVBootC / KAVBootC][Running/Boot Start]" Q( E8 D, G' f1 _' y2 U2 Z8 ?
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
% D# k3 U* y/ s2 j$ Y - [KAVSafe / KAVSafe][Running/Auto Start]4 O* T9 s v1 f/ d; C8 Q6 y
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>3 e! b0 j" T. ~/ n
- [KNetWch / KNetWch][Running/System Start]
( c U5 O4 t: [0 s+ q8 @ - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
0 n$ }9 r/ y1 v- I5 X! H - [KWatch3 / KWatch3][Running/Auto Start]( H( K; W9 n+ _0 M6 \& Q- X" P2 G
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
* u) K; `, Q3 f) V6 k6 C e - [ntptdb / ntptdb][Stopped/Auto Start]
+ V9 S' \5 d" W& u i - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
, c2 k$ h/ a3 J4 R) Y0 @" \ - [nv / nv][Running/Manual Start]+ D; B$ i9 L7 A
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
6 [4 H4 ]; k# d$ J/ F6 |3 X8 V6 T; G - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]2 e! N0 ^( D- X
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>6 {0 E( [9 r! A: A' y! M
- [DDK PACKET Protocol / Packet][Running/Manual Start]
$ S2 K4 G2 g, ]6 M- G& `! H$ ` - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
' x6 P7 ^( q4 U - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
8 @% @# i/ R& ~9 W+ k - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
3 l' M4 z* p* B0 F& [ - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
6 M, M7 N9 M2 u6 n4 [6 @- I - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
6 Y1 X& N0 u: { - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
6 c# F. k7 Z5 g4 m$ Y - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
' Z$ ]8 A8 z5 a: a z& }+ A! B - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]) A7 I# I6 j* m6 S7 M" G
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
2 L- F7 ?+ [! L l' d6 `* D* I - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]; @+ w0 D8 Z4 I7 ~, j
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
& k* ?7 ?6 v8 N) _ D G - [Secdrv / Secdrv][Stopped/Manual Start]
% N8 o, S+ a# I$ n* f" o9 ^) L - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>8 F1 g) q* t; ]& @: r! \
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
- u* T# d E( n) F8 T - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>9 d* r1 i5 g e7 l- N7 d8 s1 j) I
- [System Restore Filter Driver / sr][Stopped/Disabled]
5 M" ?" a: ^7 H* H- e |# _ - <system32\DRIVERS\sr.sys><N/A>% c2 T7 @- }6 V. `! [
- [TesSafe / TesSafe][Stopped/Manual Start]1 F# ]: e2 v& ~) B9 `( e
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>: k/ L/ Q7 d& c( M
- [System Services / unzxzsrs][Stopped/Boot Start]
( x" e$ Q3 B$ K8 f5 u P - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
- Q7 R4 O$ z/ E4 W - [ViBus / ViBus][Stopped/Boot Start]$ b) J* S1 q+ f
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
2 x" F; |* N% h ` - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]1 P( |+ j7 j! @4 J: M1 A& g
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>, p. S% C) ~! F3 Y
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]% q' d* T ~" B6 |. O$ b5 [) g
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>) A3 |3 V+ N9 ]& U7 z9 Y: u b$ p/ ?
- [ATI Extend / zhibmaso][Stopped/Boot Start]
, T3 U V* b2 p& {: l - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
1 @ e) Q' `6 N% f - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]0 k/ R2 ^$ R/ i# I2 f
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
7 b9 [3 z5 v" s" V: I; Z3 C2 s; O - ==================================
) _# t. u9 ]8 i: ? g* } - 浏览器加载项
# f6 ?& W+ S0 m# a" m+ ? - [Google Toolbar Helper]+ \0 |$ I! o, O# Z( T7 i
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
9 Q$ x6 M' I# e. n7 K! z* u4 O - [Google Toolbar Notifier BHO]0 |. o- s$ k6 A' l" `, \$ d- G' M
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
( k k( e! I3 y9 N4 G - [SafeMon Class]- Q: t# _; S3 r3 N
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
% S7 A( e) j( Y0 k5 _ - [kingsoft browser shield]( ~9 f3 |6 c/ O, u/ e
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>$ c! J( P C- e* `
- [IEBuddyExtControl Class]
: c$ w. e; o9 k' C$ d H( { - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>5 x) s- H8 T% t- M3 z' D
- [Zcom 杂志]
! I1 K& A- @) q% V. h/ @ - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>1 k" L. k$ ?; p: W3 p
- [&Google]
' O5 Q4 c' Y4 B$ _& K - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>* T& h s J% D0 i
- [KooPlayer Control]5 S5 `$ e! }1 r: m
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>" i1 X _/ z. W$ e( k/ r* U
- [Shockwave Flash Object]
* Y, e3 s8 W; @# T+ Z& ? - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>: S- t& K5 T [$ i
- [KUpdateObj2 Class]& r0 `5 ~% l+ @
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
) q& V) {# z% P3 w) C: q$ U - [Google Script Object]9 p8 o0 S- K: q: y* f
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>9 a8 l+ N" T; z
- [EWA Control]! T. k7 f, b+ V _6 l
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
3 R2 O. k. ?8 s" P - [Windows Media Player]1 D8 w% S8 R- _% E: K5 I# X5 r
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
$ x" @& P1 D% N - [&Google]
. ?3 Z. W7 E2 A- V8 A8 r - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
1 u1 n9 l& ?! F. z0 } - [HTML Document]) f* B# A* Q: N9 o
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>' u. M# h# G& x7 U0 j4 t
- [DHTML Edit Control Safe for Scripting for IE5]& _% `6 b" U5 z( [ Z) j
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
& Y8 _/ N* y" l) c8 N$ @1 E - [RealPlayer RAM Download Handler]
3 s3 u* i" q5 f) K: o* G - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>; P0 Y6 z( {' A
- [IEBuddyExtControl Class]
. w6 k6 q+ u7 N c* @ - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>2 p- ^2 [4 _& \5 F# }3 h/ N4 a
- [XML Document]% k: U% b4 x) u, A8 a
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>- E4 T0 k+ K7 {3 r( r! R: p% q2 E
- [HHCtrl Object]
: e% o( ?; Q$ K9 o' C - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
2 C9 M8 o! ~, ?0 Q - [Windows Media Player]
+ [" c i! K5 w5 ^0 L7 V1 E6 r6 V - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>- ]. g0 M z% o7 f+ D6 s# ]1 J
- [Active Desktop Mover]: T- P) h- X4 u9 B; W( V$ a9 D
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
1 ` L& Q* U; E: u- l - [360SafeLive]6 |: j4 `* X! E2 [' F
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>* ^% T# n8 L3 _% g
- [Microsoft Web 浏览器]
( x. [" ?( `; t) E T' K# p2 } w2 y - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>2 C0 W# j7 T; L! I8 ?
- [Browser Enhanced Objects]! Y0 V, P7 T ^3 ], L+ W
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
3 k5 S* L: o' X: G+ X4 v - [Google Toolbar Helper]
: Z/ z: r* F6 @, M, J; r - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 g! t* C0 @$ U3 G! T# T! p
- [Microsoft Scriptlet Component]6 }/ u5 q* s- o% x2 S
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>+ S" X1 x- y- f
- [Google Toolbar Notifier BHO]
- L, v5 H ]6 R. ]# S; _ - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>2 V: r7 q ?- f( W
- [SearchAssistantOC]- @, f' V" s7 d( Q0 ^; @* e
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>, V* V5 Z0 h+ s0 \
- [SafeMon Class]
: u/ j( q5 G- S) U; L) C - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>$ r& @7 A' D* f' f
- [RDS.DataSpace], Q' c5 g+ J. o( [$ E4 V3 f
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
B" H* M) |( e$ _$ E4 x - [KooPlayer Control]! [, T+ J; ^$ \" `
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>& s5 a, t' ^7 M% v: o% v
- [AUDIO__MID Moniker Class]
% N' `: m! i0 M* }' \" J; D - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
" L/ V0 g1 N) K/ W- ^! z - [AUDIO__MP3 Moniker Class]
t# e; G7 O w! K! [% \: O0 P - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>8 m0 R, ~* u7 m9 J/ P" x
- [AUDIO__X_MS_WMA Moniker Class]
9 O9 T) V# D/ f4 V8 E - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>1 J' `, p' @3 K
- [VIDEO__X_MS_WMV Moniker Class]
; k) Y: I* P$ G7 V- |% ?/ o0 Y8 ~ - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>. {- m2 O+ ?+ o. `- d* E
- [RealPlayer G2 Control]& J6 \4 N8 m2 D+ ]
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
5 Z9 K3 N/ q. E4 N - [Shockwave Flash Object]- a% ]) U7 X x+ C0 v& G
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>* {* Z" q' }8 R- t
- [KUpdateObj2 Class]) b: c0 ^3 ]: R4 K: \
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>5 z. g5 q0 A7 b7 N) q
- [kingsoft browser shield]
5 v% X/ U+ P4 R - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>8 k0 A t0 W# c1 w9 G
- [PasswordEditCtrl Class]
& M c& K3 {" K' i - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
! W- i+ L9 \% @$ N- N: w - [QvodCtrl Class]4 l! ?1 x& f7 V& {( I1 M
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
$ c! ]3 e+ h6 @+ ] m: ` - [&使用超级旋风下载]4 r# M# G/ {/ w9 T& _, h6 o
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>( x" [* {# B" n$ a
- [&使用超级旋风下载全部链接]/ c5 m+ {- k0 s7 z6 h' C- ~2 @
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
, i* R& M% N: U. X e" Q - [使用迅雷下载]* `! N) N7 j3 S5 ]
- <, N/A>: A: M) c! F9 U# }, V
- [使用迅雷下载全部链接]
2 |* h( H- T9 ~# m" J - <, N/A>. ^- v% I, u% s& _
- [导出到 Microsoft Office Excel(&X)]- d7 P0 w G: h/ X$ p1 [' C/ H
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>: ]3 X: d9 U! i/ T
- [添加到QQ表情]6 U- Q* H, N2 ]
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
* z+ s: n7 Y. R- e" t9 H& e - ==================================
& Y8 x9 C2 P: H5 [2 e - 正在运行的进程
- p9 z( G7 ?. y+ Y* \ - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. K' [, _1 n3 O1 b" S# U* w- e - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. [# f5 q. O, |: g% h$ T3 D& c - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 X* @! t4 W% O. b
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
* g) u: {( `1 ?0 D - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 C8 `: M5 W. v
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 r! h" ~9 }2 j& S3 w: S( I3 E( R - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 q; {5 F% f$ g
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ Q/ l) R- p! Y+ C, m
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* K$ \, x' V9 C; n2 ^ - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
, V' v2 o: |, O3 p' V8 P - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% J5 l V. W d
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]' q$ T- O7 \$ B( b1 }, c' n1 ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
& H( k0 y% \" @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
" j% L/ Q8 [6 R: j8 o! H; } - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
; y) s3 D; z/ M- r% {2 X$ N - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( c, ]# t N1 p! S6 N6 k) o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
8 } ^) o4 E7 R8 V - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]; f9 J9 S( v* P, M! `; o+ D- o
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]6 W4 d% O: [2 G/ }. T8 c; G2 l
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]( }. f% B x K" P* }( [) d
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
( j4 ]: {$ V/ ^2 \5 u/ n" r. \% O - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
R7 l# c. K3 [ - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
) H/ J1 z. ^# t8 }. k3 E L; q - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
' G8 H( N$ ~5 X' Y- g+ ?5 S - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]) A& p1 r8 n8 Z: @, ~
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2] [* i( x2 A F1 M
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]9 J; |8 T ]0 ?. G5 w, N0 o. N
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- C) M, }) |2 Q+ F' P' n9 }2 t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: w* g: K5 }/ I% y) |, c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
" Z2 }. D* F" m. ` - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
! v+ q( s/ g% m+ ?+ k$ l) [ - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 ` }. b6 z, z; O* _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 U2 H; ]$ r* Q2 y; i g1 z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% N" V: b1 N' c7 ^- i% Y, A6 o; Y& c - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]6 J, H2 x9 |& o+ W% V! v0 r
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
. i! d7 K R. m N6 C - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]; L0 U' y( \9 a' n2 s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]8 R: I0 b, f7 Q5 _* Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], X2 L0 D7 \7 Y7 l6 o- Y
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
4 l7 Y; @2 S9 `' y) E - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]# u9 J2 T+ i: D3 E" \
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- }% k6 y( d+ G3 h6 a
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( \3 V# A* j( ~
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' ?8 ?+ N9 m* a: W- C" J% V
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]) ^8 r! R- r1 b& \ |9 r; O
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 A( x& Y8 N* d9 I3 f
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 U' Y. V9 ]9 E5 l7 R4 Q7 b; {
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]' K U; T9 A O g$ L% f1 J
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
, V6 ^1 V0 `4 @3 n K - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]& A( r7 }; q" L) X3 ~- _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* ?! D0 y, h8 u* y) E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
" o3 G: J5 B3 d" ^" U: k - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]( q% d) o* r O0 A# K! c
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
' B7 o! P `6 c3 L4 J. C1 p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]+ o! K' }( `6 f. m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
. N5 t' T5 L3 \8 h8 _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]0 ]3 l7 m9 t$ o9 r: z$ V" P& z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
) T5 i8 `# D, U3 U3 c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
7 D6 r7 K$ s# z \7 I0 O - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
0 W- t; x; k! T) B - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
+ Q# H. u2 o: m+ J- W - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]+ z& d0 v5 x5 Q4 A
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
- Q6 X# q% i3 r; R) d, _( D - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
$ i3 K9 C$ E( C9 ~) U - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]7 M7 ]1 L$ N3 [5 w# b# A5 }
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0] R5 v" g/ p8 ^& u4 ]- }* F5 u5 n
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]" h5 k! M* g" h4 B- W* l* I$ P
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
. D- ~ V9 I" V) v - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]5 k% @% M6 Y1 Y) i2 o% `( p4 a
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]7 z, E* Y4 Q" l; n: j
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]2 o: z2 W. s" i- S" N: U, W% u' {
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]5 X) h/ ^& X$ o# G* G& d1 R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) o5 }% _% t; P% \& P! i; H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ n( a# F& M) X - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 m( T+ U. }) }: F& a( Y' ]" m - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]( ^ S+ }. w! w& O! W* U
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; j9 M% _% }, Y5 C+ U9 V% C) R. Y2 n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: s3 g4 c9 u2 y, N! {% o5 D$ P6 H& \) \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], p* s% t' B9 }3 v/ @3 O. D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( `8 W) F) q" c @, l& w
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]4 `# x/ a* u8 {' K: s
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]' j) R( c3 n/ T# i
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
, W' k/ b! x+ m# V3 F3 X, O2 Z" L - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 b. ]( ^/ ]$ c9 q* ^) M/ f$ u( W. n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
: \% C }% \# f. P8 o - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 V0 j1 H! m" M8 T$ p
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]/ t2 T9 G# [. @' G; |! m
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
% h( ^, `3 J! H" |, R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 {( \4 A7 m: ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 ~; g9 q1 E& s" v0 \4 v
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 z5 V1 ]; c! Y$ ^; `8 o E - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
2 e$ ~: U; K" m! _' L9 @% U; K - ==================================
0 ~+ o& \6 M" m* E: f0 b. J d - 文件关联
! C& ~, y7 Q& P, a - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]1 W8 J8 n9 P. [4 p& A' B2 @
- .EXE OK. ["%1" %*]
* K" j' A" H g' |5 H$ P: R8 |% N - .COM OK. ["%1" %*]; |- q) {% V- ^+ I) C, J
- .PIF OK. ["%1" %*]
Q/ W2 ~& E" H - .REG OK. [regedit.exe "%1"]$ _1 c6 K4 ^* x6 B6 \* n% F; R
- .BAT OK. ["%1" %*]
" e% D# Q7 ?6 \* ^- H - .SCR OK. ["%1" /S]
* v/ E9 g0 S- K/ j' Y3 X - .CHM OK. ["C:\WINDOWS\hh.exe" %1]# G5 `. I% j' C* I% W% ?3 U1 B
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
" m5 B/ E/ k" s! o x) G - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1], @# @/ W. n7 {$ G( J, z' a- O
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]8 n/ z0 b6 b' Q) @" B! N
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
2 V+ [* D% D) N$ i+ W: N - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]1 d ]3 |) X6 i' D* l5 b# l7 X$ A
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
4 h2 m* u- b' ]7 e. W, { - ==================================3 a' H8 N: _/ h9 x) U0 ]
- Winsock 提供者. [+ z7 R# X5 p/ \3 _, U
- N/A2 C2 I: u( ~3 ?7 _ A3 ^
- ==================================
4 H/ i/ G' \4 G' H2 \ - Autorun.inf# Y! y- P# I# S6 F$ Q! W$ z- J. \
- N/A- I0 B& x$ M5 R, k2 V1 w) Z: g* R
- ==================================0 q: Q& L; W! @
- HOSTS 文件
+ _5 Q/ z: @! \) [1 N - N/A
4 v$ l3 O% l5 o2 q - ==================================
8 n% v- A/ P$ A7 D% h- x# [3 F! E$ ]0 b - 进程特权扫描: C+ A: C# [4 K' i
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
! I7 H: ?9 d+ f - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]# b @ f( m$ j3 a f, t
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]7 B- q7 k3 |% {2 @& U; a
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
/ Q- c4 g1 n4 D! r - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
7 e3 j0 R# Z( M, J7 ]3 ` - ==================================
G- U4 U* N, M; p2 v - API HOOK
" k/ d% E4 M' P; Y& @! |1 m - N/A
; \9 [3 P+ I8 x9 n N' [ - ==================================
) b' I5 g, d( `& t; V, P% ^; K - 隐藏进程
* L: l1 F4 m8 x/ g) s# q f - N/A4 W5 _- s8 u* k3 S% M* u/ ^2 g
- ==================================
3 Z4 r8 d0 B: O" b+ W - ( F: r' H, I0 x" b1 c% y% t
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
