|
|
- ! i3 x J* x0 ~: W( E
- 2008-05-22,20:37:43) U, x. m8 w7 S0 E; N" Z. R) f
- System Repair Engineer 2.5.16.900
4 F; b! Z, C$ N) b9 m1 [ - Smallfrogs (http://www.KZTechs.com)
m0 ^2 A: C- Z, t - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能; \0 c$ s* x) e$ f* E1 B W
- 以下内容被选中:& `/ b9 R+ O' M
- 所有的启动项目(包括注册表、启动文件夹、服务等)
0 y0 }' k% o% l' @ - 浏览器加载项
3 V" g( J. E- E* q$ A7 F - 正在运行的进程(包括进程模块信息)
* N9 s9 D% T! O& `% T o: [ - 文件关联
$ _) l4 N6 O) {( m - Winsock 提供者5 N6 x' ^( g, C1 Y- }
- Autorun.inf
4 p* {2 r+ {9 [1 E9 G+ Z3 F/ K- [ - HOSTS 文件' v. s% _1 C" B8 M' |- ~5 Y' k
- 进程特权扫描
4 M1 Z! }1 i, a
/ B0 c! ^* u% g! ?: Y- 启动项目
- x) y8 i# H6 k( i# J - 注册表
6 U% S; r+ K, b, v0 |7 W - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]0 T: k" ?: V. o. g
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]2 u2 _: O. G1 b+ H
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]! k2 ]$ `! A9 s7 u9 b- H
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
3 ^9 _( v! p6 C _/ A* { - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]( W2 }" Q# c" e. a" C, d9 E- H
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]) j- f" ~3 ^% |
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
4 H* ?1 K# m( B2 l - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
* z3 M/ z4 k+ l8 s, _% q+ Z - <PHIME2002A><; > [N/A]
; ?( b8 F3 D e# }9 w; y' D9 D - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A], q; v7 l; u8 b+ O$ {
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
' H# P9 y; ~4 g3 G! {, j& R- Z - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]; U8 }; H- q( c D) ]; \, u3 G4 ]
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]5 |( L; y2 ~. }9 b& j9 R6 E
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
6 _* I1 e; }( W" l' q% `9 r) b - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]. {) E& _) x, l9 y) I( m3 C, k
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]; [6 ^ `, b5 i! \# p2 i4 J
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
$ B3 O3 z: W. f. b5 h3 r/ { - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
+ O% I; `3 ^6 h, q" B - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] E% K* C2 T' y: w2 |% K
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]$ C7 B4 w8 V# p0 G' i
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
: |. n; W) L: m" z8 Q" Q! {) M) W - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]( x4 i1 x* W& n( I6 D
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
4 P' |) Y. }8 w3 \$ H1 j - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]# @/ S8 {/ u6 V3 O
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]5 n- X6 e$ v. O" G q |! `. H# T" |
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
$ P1 w+ v6 |9 e - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]* W+ Q* F3 A( h, M7 z5 p3 e/ A, s
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]/ b& h9 f6 l; Y4 | E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]& N8 ~' U+ ^& a0 a9 ]0 {8 o
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]' R! T7 K( r; I, Q: p/ r
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]. x3 \' w$ h0 \+ J0 v- i4 a
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]% o) h* A! T# l) S8 f2 l
- ==================================
! p0 A; L5 |- A7 D0 f6 L! F. j - 启动文件夹
1 Y( V( v' ]# }: ?! B/ B - N/A0 x3 T' X# G) T
- ==================================+ p, A! Y; V9 {. S2 o
- 服务5 l/ F2 `$ X6 N7 _) s% M. W1 j
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]: O- M! }& M, \0 O* \+ }& ^1 v( R
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>) [- U# T3 C+ _
- [Google Updater Service / gusvc][Stopped/Manual Start]4 L8 M+ ?# z' U' B
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>. R4 ? a/ h; [6 ]! |9 A* n
- [Help and Support / helpsvc][Stopped/Disabled] \0 h6 }4 f; t, u g) I8 V9 \
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>3 n+ b- p& M" l( O2 H1 Q2 e
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
0 m/ ? H% O: U1 k4 w) D - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>: B1 e: k+ ?- L$ v! x' X: Q
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
5 ^/ d& m' K! i2 G |. u/ d - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>! `% d! B2 s( H
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
8 R/ ~0 B- T% H% q - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
0 B( Q& z( ?8 A9 z5 ` - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]$ j0 p6 S, A6 O
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>) F4 q- l& l% L3 H3 Q. I
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]& q5 w4 {$ o$ L: u0 j, Z: T
- <><N/A>1 y# e. {% k% O, c* `" ]2 I
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
i M) F t1 @; l% j$ { - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
' K Q6 K" z7 F* M - ==================================
* [' ]/ w& r* @9 ^ - 驱动程序. f+ n$ Z d# H# T
- [22j / 22jn][Stopped/Boot Start]4 L6 |+ K4 W* w& [7 u8 {/ Q R
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A> V& n. R" t* Y! R" B+ t% O
- [360AntiArp / 360AntiArp][Running/System Start]& j3 F% c6 W( c3 e
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
/ k% C1 x% d6 a, W9 K' I, D - [43ec / 43ecu][Stopped/Boot Start]# y; r: G. [; R
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>! }4 k: K, c! a! L2 o) Q
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
6 h! n# L* [& i, z6 s% D - <system32\drivers\ac97intc.sys><Intel Corporation>) e% M1 j$ c* L: w# X
- [Promise driver accelerator / bb-run][Running/Boot Start]8 @. y% v/ e2 Y8 Q; k
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>7 j6 \8 Q7 _, ]
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]+ X1 d! | R" R; `5 b
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>$ A2 E# ~% i, ?" e/ f" r
- [KAVBase / KAVBase][Running/Auto Start]
6 |4 m; G0 E- Q) X& T# u - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>' {9 \. _6 ~ f9 X( Y
- [KAVBootC / KAVBootC][Running/Boot Start]
( B( ?2 m# W! u3 f' A4 @$ l8 a D - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>; b9 o9 \$ q: O; M
- [KAVSafe / KAVSafe][Running/Auto Start]
* [ c) w1 R4 h0 k3 O - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>) y K. y8 w9 Z
- [KNetWch / KNetWch][Running/System Start]6 G. N; x6 `' y$ U
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>: ^* V3 `3 C4 a# D
- [KWatch3 / KWatch3][Running/Auto Start]
) U9 S. a% `* [; [* v1 T: {' f - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>- q( ^6 e( l; M
- [ntptdb / ntptdb][Stopped/Auto Start]
/ ?; \& h! L' F - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
3 s7 O8 g# e+ J# s - [nv / nv][Running/Manual Start]
3 F# s2 x. g* n4 b9 i0 Y - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
0 x) P, u" U* `# x. B* `8 @( @/ q/ O4 | - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
9 r: B$ X+ \+ e5 T' q- Z1 n - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>; O5 R. D. t. v: B5 `- g4 d( v
- [DDK PACKET Protocol / Packet][Running/Manual Start]
( I& P' @3 H- R - <system32\DRIVERS\ProtoDrv.sys><360安全中心>0 @( m# A. O% P. ]8 H5 e% \
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]+ J% w4 ]$ J6 L: }
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>+ L) o) E1 B% C& ~3 d5 o5 u
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
( Y& ^9 W; Y6 T8 K7 c1 H - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.># v2 u7 m6 B6 D Z; n
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]: M- [* e7 R9 }2 Y! j& h3 ~
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>1 Q! v# f6 {+ B2 _ D3 |& t% A Y( n
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
8 r2 D8 r, b) E1 D' a/ a" a, ]! q - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
' @3 m5 v+ z1 f2 z/ [/ w8 { - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
2 _& |* b, m$ M3 I X v4 q% ` - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>/ L* p. k5 N I8 ?
- [Secdrv / Secdrv][Stopped/Manual Start]
0 [8 ^, z1 b7 W8 h. e5 G0 e - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>4 _; r% J" t, l+ z y2 y
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]! Y9 `. N7 C+ a6 o/ U
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
9 O! H2 b6 e& ]: c) C4 R* {$ V - [System Restore Filter Driver / sr][Stopped/Disabled]; o. t* ^6 z G
- <system32\DRIVERS\sr.sys><N/A>& P& i, ] M% m0 q
- [TesSafe / TesSafe][Stopped/Manual Start]" a6 a+ v; W7 r2 t
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>, }8 d0 n* ]$ O4 t9 @+ S: j
- [System Services / unzxzsrs][Stopped/Boot Start]
9 _( A4 \9 }/ S( @0 ] - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
; r9 n. a9 V; K% x" |2 r* t4 A - [ViBus / ViBus][Stopped/Boot Start]
3 ^3 Y3 F ?0 A7 P: B" L - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>4 h _) S6 @5 J& T/ e# u1 @1 |
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
9 v! l0 L3 e, P( Q- M+ }! A$ E) Y' Q - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
% i j) u* ?# m, n. E8 l - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
' x' S. L: c8 S1 z1 Q, e; D% S - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>% t L; D& }& _1 V, i0 R) m- v" I. t
- [ATI Extend / zhibmaso][Stopped/Boot Start]& x: r1 V, S' L( ~- |8 ?3 {
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>. Z3 e# p$ o0 k0 R, F1 ^8 K" W* p
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
1 o5 J) f8 W+ U' c! Q9 W \ - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
) z1 X& G/ U+ Y! B( S! t - ==================================# r! G9 I l) j% d; {, `( L: g; p
- 浏览器加载项
, q4 H2 {2 T: U/ N - [Google Toolbar Helper]
( y6 w4 m$ V# {6 z8 P! o8 a - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
2 K% d/ {0 O, i( G- N3 E. \, \$ r - [Google Toolbar Notifier BHO]
* L; P# L: G( d1 u% U; f0 Y7 D0 Y - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
, @3 \% T0 d$ z. Y - [SafeMon Class]
1 U1 [4 [+ K x! a$ q( i) v - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
2 D( ?2 N, N2 U! J( @3 K - [kingsoft browser shield]
4 o* |5 C( g/ D9 t' H - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
# }6 J1 X v5 Q5 ? - [IEBuddyExtControl Class]
; E4 o3 ]0 M8 j6 N7 D - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
/ q) x$ e: Q* B- o& o1 X7 s* X) O - [Zcom 杂志]* s7 S" Z: M z' t
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
; V) s" U& J6 a# K3 P3 r8 r; z - [&Google]
6 R4 z: L& S$ J& w - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>! ~2 p8 K \/ ~6 ?
- [KooPlayer Control]* L$ F- ~( A. ]1 Y3 y
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
( o2 T/ L, G# j; t& F - [Shockwave Flash Object]
# r+ a) H6 M' f/ K% o - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
0 \* c( J {; m% f# z# u+ X" d - [KUpdateObj2 Class]
; ^5 X% Y) x& R5 G' u* s6 [ - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
9 H6 a* l" S, X" y - [Google Script Object]
5 H5 E' P8 E% T/ h8 e' u1 x - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
+ i# ? D0 @& U" d3 c7 w" Q+ \$ [ - [EWA Control]
. J7 K3 U6 V& L. U/ r6 V3 x% M8 L( U" a% C - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>) x _9 G( w. c) [5 R
- [Windows Media Player]
6 Z, q9 b* ?! x, R7 P5 o9 L, q- c3 | - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
0 K; b- @# N2 r* L+ U. T! H1 H - [&Google]
9 W" }- P1 Y2 g# s L- R& c - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.> c$ H, V c7 b! n8 T. r
- [HTML Document]+ N7 X8 v6 e5 J3 h: N3 s1 L
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
; g$ I& V* S2 J/ [ - [DHTML Edit Control Safe for Scripting for IE5]
1 K' O9 ?! s- z5 b - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>2 d: f2 h2 L7 X3 ?; A
- [RealPlayer RAM Download Handler]! a2 e9 p+ p" m8 d1 J
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
$ @8 L* t7 z9 G! B$ p D - [IEBuddyExtControl Class]0 d, h! x- f8 q& n
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>: y8 P5 o1 S- N9 O
- [XML Document]
- N: n; J( ]4 l% d1 f+ {+ f - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>: v8 G9 o- t+ ^* l" [# O" x7 N
- [HHCtrl Object]8 u' M4 n5 ]2 j
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
4 @; p2 j1 b% e2 J - [Windows Media Player]' _7 ~+ }3 q8 C
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
) e) R0 J* K0 g - [Active Desktop Mover]
" ]8 o8 D# q) r9 |1 n# _ - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>4 A, ~( w& p/ p
- [360SafeLive]
! v( N$ t: r( i% g) z% u - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
* l, U: C9 F. {/ p3 }/ ^, g2 m9 P - [Microsoft Web 浏览器]
7 u& {, W9 I! c0 U$ H - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>6 j9 q- S- Z) A# K: s
- [Browser Enhanced Objects]
5 N! g7 E# W7 n! m2 Y ~ - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>+ M& w/ ?% @# w
- [Google Toolbar Helper]- y0 T, f9 C( V. \ ]
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
. f# e! d1 y2 ?& s0 j; }) F) ^: X4 p - [Microsoft Scriptlet Component]
; F4 a8 f9 \- ?* ^5 Z - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>9 p2 a: F9 G, |
- [Google Toolbar Notifier BHO]
. p8 Z. ]! s+ r' C( \3 n - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
8 G- K/ h7 i0 k: r B0 g - [SearchAssistantOC]3 h5 ]5 L0 r8 }- [$ c: z' C4 c
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
* ^! h8 \& a9 k - [SafeMon Class]2 Y8 t- J! m4 {/ K6 x& ?7 p
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>. M t4 ? C0 N6 W# b d2 [, B3 `
- [RDS.DataSpace]1 o e% ^. U! _' n- K! [5 q: l
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
6 V7 w2 V* J" ~: \ - [KooPlayer Control]
9 w9 `# {& D- X A - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
# q$ _, ?6 ~3 k6 V1 r. ~3 g3 s - [AUDIO__MID Moniker Class]3 V+ U1 ?7 q" \" |- {' H; ?$ h9 y
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
% M3 N& d( H# `' x( E - [AUDIO__MP3 Moniker Class]4 U& N0 e# X7 M, a, n: K
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>3 V- O( P g+ p0 r+ V* [3 f# ^
- [AUDIO__X_MS_WMA Moniker Class]0 m' M; p- Z X$ L: G4 [
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
& R4 V. G, p. ?* g; p - [VIDEO__X_MS_WMV Moniker Class]
& y8 l8 V- L0 L! ] - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>4 X9 |, y9 r; _5 _/ u! n
- [RealPlayer G2 Control]: `& h9 e' o" G, m2 [( h: [8 d$ A
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>1 ^' ^, a" M/ y! d" Z6 S1 N/ a) h
- [Shockwave Flash Object]
! {' F" m: p& b! P6 w9 b - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.># _/ `/ q. f5 i5 E2 O6 m' [
- [KUpdateObj2 Class]6 R- p7 x2 A' w L& R
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>1 y+ h- ~9 R5 W2 N
- [kingsoft browser shield]
# D. H+ O. {' S8 r) D4 o - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
7 B0 K" H o8 E( H# e- v: d - [PasswordEditCtrl Class]6 A! t/ @( E j0 g) L9 l* h
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>% }" B9 R3 S2 L: ^. V& V
- [QvodCtrl Class]
/ [ I* b% X5 \# [7 U& y" | p1 [: G - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>2 q6 q" C" _& [3 c/ V2 d
- [&使用超级旋风下载]
9 \# y0 e+ w) K* F - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>9 S' Z7 s& ]7 {$ v
- [&使用超级旋风下载全部链接]0 A9 G6 q/ \, ?; p4 z
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
, ]) [4 y, P# s - [使用迅雷下载] _' n9 M0 ]( U& {
- <, N/A>
% p2 n; J9 ?4 x' v - [使用迅雷下载全部链接]% e, A, x* Q3 t- C" |
- <, N/A>& M/ ?0 Z5 n- P% _
- [导出到 Microsoft Office Excel(&X)]
9 v: t) A$ i: \0 E( |0 C& J - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>! }' a! o! e# l- @; Q- [
- [添加到QQ表情]
D5 H! j( ~5 [ P6 G - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>, ~$ J8 x& j6 R+ ]$ ~0 D Z
- ==================================
( U7 j) K, |; m0 W - 正在运行的进程4 {% c( Z4 b# `! h9 d3 K: ^
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 H. _( d+ S3 {2 _
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], t' q3 [7 p& ^6 ~1 A! r+ g
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ Y& H$ {7 I; _ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
N4 m/ ~8 A8 H - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 @9 `+ z/ _ e! @3 |
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 d* b2 e. ?1 M+ {- L J) D+ Q - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 K# Y7 |: X$ c - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( U1 H. I h" D) P
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. B2 [9 K3 ^! `* d* A% X( R. S
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! C- _2 J4 _! J, F$ _
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 y5 g. g8 _2 E7 k
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
! B9 N8 z3 Y9 o4 } t/ @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5], |" |6 m3 Z( w) j. s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( B. H7 `- j9 B: ] - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]. T, E: ]$ g7 ]$ ^
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 L& V b6 [) y3 u3 `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
1 H: {# A1 O" |8 Q+ L - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
! C; ~ m8 D+ W4 i2 W# y8 d - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]8 d8 @4 E" U6 Q
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]: N! y+ d' B# O% f* [. m
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]. a g S- j3 i' ^) {. ` k
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
0 I* L" n, s7 x" ~0 q( D - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]* a- O$ G5 D* T- c1 s" O0 u( D
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
3 F4 z2 [8 |6 W, _% Z$ N - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]- F: y6 w2 }2 H
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]1 ~ X0 }$ l6 s. E% K& H/ B
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
8 C$ m) G+ @) k - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 S" L2 k3 e: @' K. ~% w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
& X- O5 A* Z' H9 w h8 Q1 k0 ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ r. C' O2 u, T d- i5 i - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* N6 S- u0 B4 s ~" B) n% h
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 L% o+ D& t! k- G8 L, S! Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# ~1 x) s- o7 J) i( K5 T2 f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 n' U+ [$ M9 d1 }. o
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 ?5 x6 A- ?! D
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
6 @( X4 {% S: s! `* h - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
4 ~; j. N8 R& T0 _; z/ e3 Y$ d7 { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ ]7 i" x7 B/ T' U6 n: K4 Q+ C, P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ t. V' d$ _! C) I% R, J; {! r
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
8 }/ b: q* N& e6 U, V1 p - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]- q' j* b( } I- w; M! ?" e+ C. r
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! m9 A6 F1 `0 s7 M2 Y+ S
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 h! ^4 ]" N: s: W" C' L4 J+ X. C
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; |* y$ }5 h( O: f* ^; i' B6 a& a; L
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]$ v* ?9 m% e' Q
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' a* l% ?; ]0 m
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
5 ^( D& K* B% s3 `5 Q" l" |- Y - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]4 p, g& w/ F7 ~- q
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]3 d, r) M4 B+ e' n! [2 r
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 l2 Y. s3 }' ^ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ x3 q( w; ?& {9 u' m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 X8 M4 R/ j# Q9 O- O& z# f% J. \% ^
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
( z% ^# t- W) j D3 y7 e; t/ j2 }, t - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]7 G$ D: V8 \* ?+ r
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
2 p9 y7 N" d* K* b, A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]* z0 g; D; u: Y: G
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]' q* k( X) ^" d4 j$ }9 m {1 @5 i3 U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
+ i8 }8 C9 t9 |2 m5 Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
1 \4 J. B& f5 I - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
# C+ d2 Z; Q; C' b9 [1 v: r$ t - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]7 \0 y* ]' x& z' j1 v7 l4 |! t" ^3 h
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
1 v9 R# o. x# j+ ^) W1 | - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]8 |2 \1 q5 O6 J' \& {
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]& z" c6 J# m6 e3 q, o
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]$ d# O3 \: w6 G) m8 @# @
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]/ \2 j$ u9 }* a
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
5 Y3 y- Y% W, A - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]0 `4 A* i: P; |& E
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]5 W. j/ Q, d' @; q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 H; T2 A& ~% x7 _1 B" M - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
; O0 i) I3 ` a - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) w' t. @" y6 S0 p2 X1 t. t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 X- w2 q- x) [+ O' T6 ]4 [' _/ _5 r& L - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ w% F; T( n# m4 @& }
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ ~( \; t) e1 v# D - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
* B0 h0 c" t7 W6 b4 `$ t* f7 T - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
% a7 G Y5 k. l8 B3 L. V; Y: V ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 y0 E% C4 \9 b- s5 Y# S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 Y' [3 W! |% V
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 I }: X' W( s B7 s7 Q - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
* A$ f8 U0 h1 J* X9 @- ~, R( x - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]0 S! a0 ?. `! ~$ o3 f
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]# \4 v$ c" I' k' s' P2 ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( H1 E7 J" n+ g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* F% y+ a7 _& f5 z' x7 \( [" _ C - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 j1 X& N2 r' b: [* ] u3 O - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]+ t3 l' E/ w- |6 P% C$ b- ]& ]9 q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
: L( J- s0 w# ^' L - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 ^2 ?# }1 W3 H$ s9 T: b y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ Y0 M+ j7 e8 `. E4 a, C+ _: F - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ O: g4 o, X3 V- @+ h% Y
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
3 `1 X+ P7 H9 @5 N- m - ==================================. `" {& L8 E0 Z+ k* c9 U
- 文件关联
" m" f0 _6 J% u c( Z8 i: a' M - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
k" m# s2 H2 e4 L: F+ m6 s% ^ - .EXE OK. ["%1" %*]) }/ i# t* B6 A( B. d; T
- .COM OK. ["%1" %*]
0 `/ S8 }: H/ j% t1 s( h* Q2 M - .PIF OK. ["%1" %*]9 Y( `5 O; m) v/ A, C+ }
- .REG OK. [regedit.exe "%1"]
/ z) m) @8 v# t. D! e% y, `8 I - .BAT OK. ["%1" %*]$ l4 r2 P' i# B7 N# N
- .SCR OK. ["%1" /S]
1 w+ e( h. K/ ~. d9 h - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
6 j7 |' S/ y+ f5 } _ - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
, E1 \& g p1 \2 P. Q2 @ - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
3 m" b( P3 h1 y9 V' s, o" G - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]: u3 Y1 _( y; Q$ i5 |4 f
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
* y+ {1 o' r8 B: x. w p8 ^4 E2 g - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]5 _! J9 C+ Y. m; ?- I: c
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
: c" P z3 q7 t/ E( M# [/ p - ==================================2 E' f* [ z+ w% m
- Winsock 提供者
( _+ J2 P/ t( {% w# e* l1 S6 g! _ - N/A
* S: Y* S( o, m: R - ==================================
! H* E' X Z8 k( U( } - Autorun.inf& ^5 K$ j @% O; ^* \
- N/A
% L6 t9 C. a& {& U/ R B, Z - ==================================
8 |9 ~9 o7 x1 P/ v6 a8 @% y - HOSTS 文件( h1 q! D) B3 c# z* R
- N/A+ n$ L3 \: x) @' R) p
- ==================================
; L# \# A2 o( G, z& m0 z" B# s - 进程特权扫描
2 j% I7 E, s' F. ]# D - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
- B% @9 } y' T! D9 r6 t% }' p$ M' z - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]* d9 @: A( |, n# F8 g7 l) J- ]- Z
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
; w6 ]0 k* p. k4 i! s$ _ - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]3 m0 H& d3 L' m/ ^7 \
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
: [8 [0 V8 Z) V2 X1 k! x - ==================================% i9 |9 l W/ W7 B4 C( {
- API HOOK+ o8 \9 }9 l4 u. [! U, ?
- N/A
6 g$ G6 ~$ Q7 d+ u/ ?: M; \* c7 u - ==================================
; b9 ]. N4 }: l, A3 J- o - 隐藏进程8 R5 i) C3 z& C1 c/ d) L9 ?
- N/A
- B2 z5 d M; o7 |5 ^ - ==================================$ j z' r6 o1 O8 h' r- C
- 1 K$ k$ N9 Y+ r& X! |0 B2 H
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
