|
|
- / U- R! E3 k7 j5 B7 V
- 2008-05-22,20:37:43
+ i: y S5 p" i2 P+ Q - System Repair Engineer 2.5.16.900
/ `) V e/ D& q2 Q - Smallfrogs (http://www.KZTechs.com)
% `3 [* Y, ]# e9 U: L& D+ G8 D - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能0 a) f: w& s- R) l' F; W3 z: p: `
- 以下内容被选中:
& _ U$ b2 j& h/ L$ E - 所有的启动项目(包括注册表、启动文件夹、服务等): q$ b, \; \6 S' b; u8 b
- 浏览器加载项; w2 s# C6 L' C( q" Z' |
- 正在运行的进程(包括进程模块信息)
* h1 Q8 N3 \, q5 K6 y; R1 j0 ]/ q - 文件关联
d' g) s/ E3 `+ }+ {6 J" e2 {0 v3 B - Winsock 提供者
) L" v$ k3 b7 T9 h; `! L2 d - Autorun.inf
$ z# E6 K* f3 T; d - HOSTS 文件) x8 c- p9 U3 ~/ w' G; C X( H' N
- 进程特权扫描
* }3 n5 |1 Q) d) K4 G - ; p, P; s1 o) `. B# {
- 启动项目
0 u) t' X. Q* i( ~2 | - 注册表9 l& q) J* v2 Y& u$ R
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
6 `5 f9 ~& ^2 v - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
9 }( ~1 d; ~; L5 K# |5 x - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
& q Z7 B4 K& s' {2 o4 P- i+ k0 Q. s - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
2 ^5 o. k6 q- x$ k/ D - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]" L9 B$ W" i3 U% ?6 |& R% K- w8 i X
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
$ t( I: l! b6 a/ p0 g - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
. {+ r* i( `( C+ I' V - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]2 T2 B5 q; h2 k6 R4 J/ ~+ R
- <PHIME2002A><; > [N/A]
1 l8 T. `/ O* H+ N4 J& P3 V - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
% c- U7 _4 Q4 w* [ - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]/ m e4 L* ^. f% o6 _
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]/ }4 l, C# O# v4 L8 O
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]; f4 H, M9 v4 i) M% ?! i4 m. r1 R
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]- A; o! K0 B% Q- [/ S$ d6 |9 P. |
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
+ {* \6 e7 T) b2 W0 H! R8 p" @* o" ~4 \ - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]: e5 Q9 U' ~. d" \4 S8 H7 `
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]2 J& ?% w- c4 F9 z
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
# B1 H4 W& X" w" W! B- m - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]- U6 r& N6 o" l5 ~6 R* p
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
0 d! _2 v f8 Q8 @8 ]' e: { - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]% W ~6 O: f4 h6 ~, j0 W
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A], ?1 I, E" k- ^" U2 c0 w& H+ K
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
7 h# T! D2 N, z" m - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
3 @" D: ~$ _( {' c+ L - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
% r. u* u/ T7 f - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]" C `% R0 A. U' Z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
) i! M% q% }8 B! \1 N - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
( m4 C8 w/ t* G5 l9 i# J3 r - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]* a! U( Z G9 C/ f+ ^
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]$ t, B* E# Q2 F) g
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
, y. R" O5 I+ }3 t% a5 M8 y! e - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]* {7 m& l4 h# {
- ==================================
' I- u, u* j- s6 c/ |" Q4 I - 启动文件夹
. U3 Q, o. ^4 Y& u, I# F( d. \+ B - N/A) u3 q6 \! R9 Q; N8 |
- ================================== p! |6 D9 U9 K* d: b
- 服务
3 C) t3 |9 c% L, G8 D - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
6 z8 l, d* P9 A; V/ h8 L8 Z - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
6 V; d! h9 w0 K) n% }" U - [Google Updater Service / gusvc][Stopped/Manual Start]
4 {4 J3 _5 F- @4 T. P! S! ^- V - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
' d& q- E4 O, E5 v: C8 y2 X - [Help and Support / helpsvc][Stopped/Disabled]! T0 D/ V, h9 p, A: J
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
d' s* [4 i# p; s- T! h - [Human Interface Device Access / HidServ][Stopped/Boot Start]
4 B! M5 C! H2 d2 U. K3 e% f - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
: e. @+ L% b1 o& D - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
+ }, D/ z; x/ m - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
5 i, @/ C' o* v! P; o3 e - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]! Y4 w& R! k, a H# S5 @' t% m
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>2 }2 C3 P9 ~$ j8 w2 m. b
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
) {2 h0 z/ g. i$ n - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>: \/ L9 u- O) ~$ N7 i2 T
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
k2 B% \; q) U! l+ K/ G - <><N/A>( P0 I6 ~! G! q# e( z3 k
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
; E# i% L. A3 F# x% d! {; g - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>" w. Y7 h1 v# d- L4 P. c
- ==================================
1 F y& h: u% D, ] - 驱动程序
0 u+ S! @; L3 {9 ] - [22j / 22jn][Stopped/Boot Start]
- Z$ {/ P8 S5 }4 P( v - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>+ h) Z) F. n7 j- S
- [360AntiArp / 360AntiArp][Running/System Start]8 f/ E( A: a/ S7 r! s
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心># p! |: P; J7 h1 l% h0 ]) u
- [43ec / 43ecu][Stopped/Boot Start]+ i2 d2 \" I0 E& }5 m
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>' r7 x2 q* I, L: t: H' H/ V2 ~
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
( P) p# H) c4 M- J3 `4 G5 t7 _ - <system32\drivers\ac97intc.sys><Intel Corporation>* j, V& k+ E$ t# L, `
- [Promise driver accelerator / bb-run][Running/Boot Start]1 `# ~0 t5 B/ e! i( W' u7 Q/ P
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
b8 d: N! U( W9 W! v% v3 O - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
( d. |. h" I/ o - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
! u( M* A2 \* i M8 ?$ c+ `! [9 s - [KAVBase / KAVBase][Running/Auto Start]
: K/ }) j9 G6 ^; m - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
6 d. q" w" `3 o: d" ?* R - [KAVBootC / KAVBootC][Running/Boot Start], I& t& V7 Q! Q+ c7 a! N9 B
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>% P1 E1 n: d$ F
- [KAVSafe / KAVSafe][Running/Auto Start]
) q0 K: [; y1 F4 r! D1 o - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
1 J0 R h( j5 G* q - [KNetWch / KNetWch][Running/System Start] ]+ I) N3 M$ D4 W, s0 m# W
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>) r, E. c" G$ i) x8 G7 F# Z" x/ ?
- [KWatch3 / KWatch3][Running/Auto Start]5 e7 |" k' ?" B$ ~! s) Q: C
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>/ o& O: K; U- g
- [ntptdb / ntptdb][Stopped/Auto Start]7 R. W7 l4 [) `) P3 ^
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
" r) g/ b0 ]+ _ - [nv / nv][Running/Manual Start]/ x3 k1 s0 l4 c+ E* k# l
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>- I5 G/ E. n# { [( I. M, l3 C
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]( j. d, s# K0 O& z d2 |; q
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
6 j2 U5 F J/ L+ x3 F5 I: m - [DDK PACKET Protocol / Packet][Running/Manual Start]
, {: A) S+ \* C( w- P8 A - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
) {' Q& N# K4 R/ m3 a& b7 b1 g) @+ B - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
$ n' k* G* I3 T3 m" a- } - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>2 s) ]7 ]; G1 q) p: k, A
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]: P0 M: P- a- i( r. V: F
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>& F" U; g. v0 f
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
: `+ i, V" t( o - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
% n {$ @+ S1 h* o - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
' g4 A, x) X3 Q - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>2 R5 x; m4 ^3 c2 D1 O4 @& u
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
8 _" p( ^. R9 y+ n - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
+ }/ T' @7 G. B - [Secdrv / Secdrv][Stopped/Manual Start]6 t. P' g) l" V. k8 S! X5 |# @! h
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
5 I4 h5 s9 U7 ^3 [$ G D6 z. @ - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
, [! ]: V* O! T- l - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>& \; f6 f' T/ U5 G2 g; u
- [System Restore Filter Driver / sr][Stopped/Disabled]
; v& ]1 x8 |1 U4 f% y: i; A# e3 k - <system32\DRIVERS\sr.sys><N/A>
8 z/ p- a2 n9 i4 H! @/ G3 u4 k - [TesSafe / TesSafe][Stopped/Manual Start]
: Q8 E) q$ M. c# E$ H0 {: F% q$ N4 r - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>3 L; \2 T1 M' V; w4 H% \ m& ~
- [System Services / unzxzsrs][Stopped/Boot Start]5 ~5 B. q' P, n5 e6 E& }
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>- i1 c P7 k: {3 }, H/ w
- [ViBus / ViBus][Stopped/Boot Start]# M1 t: G7 G) ?+ z6 y( }
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>: ~& m$ j0 L7 [* u# H3 ^
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
5 w3 W" K: O$ C8 g: I - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
& ?' u; s! J6 t! _- I* ?' T - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]6 e R: b& B# e# ~
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
( b8 N0 q% E6 X& n R- @! d - [ATI Extend / zhibmaso][Stopped/Boot Start]
2 q& G! Q. i; k% N; j O$ C& k - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
6 {$ s6 |7 L, j b* Z - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
5 D7 M! X$ a* {! Y - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>' M- @3 a8 c6 ^
- ==================================
! A6 f# l9 `+ d/ s - 浏览器加载项
8 \9 Q5 v4 u" v - [Google Toolbar Helper]3 }; W- {' q. E! d' z5 [7 B5 ]
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
" Z" e( _; V. W2 y5 W - [Google Toolbar Notifier BHO]. i1 C$ R" p3 f7 v8 o6 J1 S
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>$ v1 ^" C9 @0 V& n# s- L/ I* K
- [SafeMon Class]# l4 Y- \( F3 M1 ^" G: E
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>2 Z; }. u' k* ^5 l4 i( Y% t, Y
- [kingsoft browser shield]1 C: n0 g# T, B; W
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
/ j! a* i g. r1 J - [IEBuddyExtControl Class]
5 ?& a @5 N8 g" U* ^2 R- e% z - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>) Q2 I, P3 Q; J3 _5 d! b
- [Zcom 杂志]
5 X8 R- k7 L% S0 n3 c/ K: L - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
4 l# ?- u b! I8 v: c' h - [&Google]
0 y# k* Z% `( I% M; @* x% X2 A2 a - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>0 a% H- {# }+ b
- [KooPlayer Control]' z N7 ]: f. u6 N
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
4 Z3 [( [, L+ f, b. O6 T- D - [Shockwave Flash Object]
4 p) X# J: u' H( A; \; l- S |5 [4 A" S - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>, \ l7 K* @0 Z
- [KUpdateObj2 Class]
/ v. M. _' t8 q" U - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
1 p; N. ^/ t1 L$ f2 d0 J& a; e - [Google Script Object]8 a8 e. O. y- l
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>, C4 Y2 O2 H! u$ S0 w b+ o
- [EWA Control]6 z& j6 O" v- r+ c
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>& e& c1 v$ `5 O
- [Windows Media Player]1 l, b8 z0 n2 p, O
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
! u8 C4 u' F% S3 ]( b* K2 a( ]6 N - [&Google]& B" p. p" |1 N& @4 o9 v
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>/ B0 X! U j* K4 K& K
- [HTML Document]6 a! m i: `5 P4 n
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
/ w' N1 p+ c$ Z& P# b$ }; P - [DHTML Edit Control Safe for Scripting for IE5]% J2 Z" e* i; k) k
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
6 [1 l: ^! X. |, Q) ?' r# u% e - [RealPlayer RAM Download Handler]8 z5 d: r: U& Z+ e' Y
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
7 o* t1 w8 \$ t9 V* N2 @* i - [IEBuddyExtControl Class], b: e7 u5 h" N6 l$ d& o
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>$ H8 M) b( s' n& W0 V; s& n
- [XML Document]
7 f0 R- b; p2 T4 C2 x4 R" N - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
% Y8 j4 n) S+ T+ s& p; ~- | - [HHCtrl Object]) B K; Z7 \6 Y! F/ q6 j" ]
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>* z% M: E2 U1 ~* s1 U. U
- [Windows Media Player]+ I' \% t2 ? K/ j; x1 x
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>, Y0 G8 ^2 E' T9 b9 M% Q" B( c
- [Active Desktop Mover]
: m7 ^' x; M5 X - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
2 M5 J3 H" b8 Q/ T6 H1 N! i - [360SafeLive]: _; _7 b% l- q7 u, ?
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>1 j, G! Q1 h4 c1 A. C' W ~2 b
- [Microsoft Web 浏览器]5 {8 @% S' g/ U: _
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
5 O4 ^/ C& @/ v - [Browser Enhanced Objects]
+ q/ x$ y, \4 A# |+ x j" ` - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
( i3 {: ? @$ u* c- w - [Google Toolbar Helper]$ ^* m, u/ K. z( D1 _2 R B- n# }
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>) v! x: X, h6 w% k& B2 i
- [Microsoft Scriptlet Component]; ~ r7 ^' U6 O) [" u" I: u
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
. ?: ^" n, [( [1 @) y - [Google Toolbar Notifier BHO]
5 y+ e0 ?. a/ _" j - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
% T) V k$ L, U' s! y8 } - [SearchAssistantOC]
0 }4 V! P. ?1 Y9 ]! X# k# v1 { - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
: a% w5 Y9 r! H6 _ - [SafeMon Class]
1 u( Y8 X: v* t+ y - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>& j$ e5 k+ B$ L& s+ u/ ]& R$ S
- [RDS.DataSpace]* X _) g3 A9 _
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
' ]4 Y/ [! `1 [* i1 S" K& V: o - [KooPlayer Control]
6 f8 V0 U( p# |- y8 d. d3 K& P - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>3 |+ L4 b+ B, ~/ O) I, I: m
- [AUDIO__MID Moniker Class]
7 U$ l! x% g2 }1 ? - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
5 z& d% f) J; A% S7 h5 I& W& ? - [AUDIO__MP3 Moniker Class]; I8 \3 C9 N+ x, H3 {
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>7 {* f) X2 G. U# t B2 ~
- [AUDIO__X_MS_WMA Moniker Class]* H$ ^# G4 Y! Q) Y+ q2 O4 `7 n: c
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
6 v5 y, r' g! ?( t4 [) U - [VIDEO__X_MS_WMV Moniker Class]/ R+ Y, V! |5 }* Z9 q0 q4 u
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
" c5 c1 Y, @. m5 b9 I; D" Y - [RealPlayer G2 Control]
6 o9 C) S0 j6 B+ R - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
$ F8 N i5 X# J; {% ~ - [Shockwave Flash Object]# \. m- H- i. z1 \" I# C6 S1 z
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
% z, {9 c4 S9 R. F - [KUpdateObj2 Class]9 R1 I% K q, }
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>" l& F+ V0 G+ _/ O1 K
- [kingsoft browser shield]7 v2 S% \/ g& I
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>, b, t. M6 I" K9 p; o
- [PasswordEditCtrl Class]
: t9 ~& D2 o% k/ P( r) D* y - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
' M) V6 n ~( ^* S - [QvodCtrl Class]
$ X. W4 [& G0 y2 C5 @ - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
2 o' K" K: D' H2 A" J - [&使用超级旋风下载]
4 {4 W/ a! g5 t( f% v$ \( d$ A - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
& w y3 R% e. `- t- h; {# O - [&使用超级旋风下载全部链接]
/ ?) {: `% t, |, F9 B5 f - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
6 y0 t$ D' u1 p( P - [使用迅雷下载]$ w b& E) b. d( P9 ~! e
- <, N/A>
$ T& s+ q/ P8 p7 L4 O. ?% e4 { - [使用迅雷下载全部链接]4 S! K. \+ q$ j$ T! v" ], J
- <, N/A>6 ~* ~) D% D' g* C% ~4 f
- [导出到 Microsoft Office Excel(&X)]
5 U5 w. b+ x) ]* ?6 R) ^2 D - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
* U# y& v4 O4 f/ |0 c# k - [添加到QQ表情]
$ S, W" v+ K. P/ N" a+ K" f - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>' p5 _/ X( N, x
- ==================================
. Z) f% l- D; ]- Q# c& @ - 正在运行的进程
* s: a/ l+ s5 S" x) { - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: H6 v( k4 l# a - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 v% j; J1 \% v2 V; E# q - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 s& c2 H0 A5 z# {) |, G$ ^ _ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]6 f0 q# G2 v y3 T! `0 d
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 ~0 @! H4 z! w
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 v, ?& p. { S% r+ d* b8 V - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* i/ ^, a5 @8 K8 V) I* O, j
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) K- w# n- H4 }/ I( c) K - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ f3 C+ N6 X' z' y% i5 N5 \; e
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ X5 G" I- g' _. w& O2 _9 ?$ I K5 P - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 V% ~. G; K, u7 u) M - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
- m; g0 @8 L$ s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) A/ j/ V8 p3 i9 V, S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]& K: O, I7 d' x1 w. ^, |- ?9 c
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
$ o( h& `/ D) W) d! {# c5 s - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]7 O; x: ~9 E1 Z- k. K5 h- u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]% S/ z- W* r; d+ X
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
* o L" l2 e1 T+ m - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]3 T0 s F4 `, a7 n/ K
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
, Z2 O2 p K! S' J, Z7 k - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]5 l1 j! S0 X5 @) K( a4 B5 _9 |
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 K& s @" b/ o - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
5 o/ h3 r) S. y. X - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
, c/ L( X) B$ f - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
( K( n* z5 ^. x - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]! E4 n8 J2 d8 T4 y0 v
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]5 I1 Q. q% S) P2 p! |
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]' T( r4 {- P( v! v* R5 f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
3 a* Y4 S4 w7 G& ^. z4 s+ A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
3 \, ]5 d2 v2 b9 z2 u2 s1 e% v+ s - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
8 \3 k0 r, {! c. y) y - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- |$ ?8 `7 D; H5 Q6 R+ } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. m1 R! m7 }. F# p. B
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
- o- e/ c3 J! E3 ?" ] - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]9 L: d0 c7 U8 ?/ S: c# _
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
- q9 Y7 a% {# V- _" n* ] - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]# s# y I' h' T6 f4 ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
v$ Q8 e3 @. d( U0 H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]& j0 ^# p7 R' V$ s8 t: x
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]9 ], j. ^) n- h! o5 e! d" t, |: Z
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
* o1 K0 y/ E$ b* ]( ]3 |$ P0 k) i - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
8 q* X6 w3 J% _8 q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
8 [8 R- Q4 E& y/ E. e/ R - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! d( r! V4 F3 k( `1 H' X' D/ d! C
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
/ p7 j/ I2 a+ K" V7 E: A" E1 `1 I1 ^ - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( q0 X$ L9 J3 G' K' m; d6 T- z - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 K1 E7 G- G. ~+ h3 Y, `- n% u - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
3 V" ~; v8 B( `/ C8 g- k# L - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
# }) a. {2 @+ D9 ], G% f - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]$ A$ R- a$ @ M- U% w5 @0 q! u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; T0 j; m* u2 V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 M6 |9 K% [- ^& {- p2 |; g
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
# a3 a2 N" ]9 c) c - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
! @* A5 f$ B* {" H0 u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]2 H' ^ ^8 A' `5 j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
) Z7 f4 I+ i4 W( ^' e; @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
% I! T, g' z6 C) q& c6 e; B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
, s, L# {9 K! i" o( f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
8 J5 P% k) C* f" R0 p - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]3 j0 E" ]+ s4 g4 L
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
" l. i( S7 h6 T9 ~ f% Q* B" r$ ? - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]% ^$ n! `2 u+ S7 \) p& q
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]2 y& r `7 s0 O* F2 w. s
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
3 k, H- ^, w! Q3 d - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]) o& T, N( @7 a# C" f
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]0 R7 ?$ b6 y7 O" K# B2 N4 G
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
* @& q+ |% c \9 H - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]' O. L) `9 e/ x0 E
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
% X, q, O+ s7 X1 m2 `3 ~ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
/ Q7 A% X5 K9 q - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]4 J3 i7 v; f+ X
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
k. A4 Y; b9 X2 U3 Y: X( r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
- ]! o4 ?% M5 \5 L; }# ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 g/ {/ F. f2 g$ w! K0 r7 K
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ @. u" o, A- U2 t1 n8 Q - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]4 b( \7 p8 V+ k, ~! d! o
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 q7 Y ^7 p( ]* p, W/ z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ S7 n7 L" o" T& c D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 I; f0 v# K( n- H1 v6 ~ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' I0 v" T# p9 D4 [8 I# C* w% Y
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
; T8 J+ l w ] - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
9 N* e0 m( l, t; c. z8 V8 @8 A - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
/ d" j. r4 B$ r( W. v/ |3 y6 D4 y* n6 b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
6 k e9 |# L" j7 R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 g) m# g% f% U4 g7 O, f9 }
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" r% V) t% x, A9 K' }% X2 s2 Y - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
: J! }- o5 S& v - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* a0 B! [& Q T5 ?$ V) X6 V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
. e6 h: n% J% p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! K" E8 v) s5 V# c( r - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0] j$ V+ [' u4 W. a' r% |0 q! ~
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
7 E% Z$ e) M/ Z; k - ==================================
2 g) T& n0 k' q, s8 R. W9 G - 文件关联
6 d9 ?0 {0 v6 E- \# _1 b/ G - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
+ i" j" e% @! r6 H6 c1 y$ ? - .EXE OK. ["%1" %*]2 J. y- U5 G& B+ k! r8 ~
- .COM OK. ["%1" %*]+ K0 i8 C. V, @
- .PIF OK. ["%1" %*]
; c, W# w1 p$ ~3 P% I - .REG OK. [regedit.exe "%1"]2 J0 f7 X$ e! Y% H( u& E
- .BAT OK. ["%1" %*]1 P# z+ T* X6 `( @5 L/ g9 m: {2 S
- .SCR OK. ["%1" /S]9 T% C# {+ W" b6 f
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
3 e+ U7 M$ t( J) d3 H# v' c( v - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
/ r" e; i, K. [ - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]7 L4 h* m- ^' r& ^8 ] P, ?3 e
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
3 K$ v8 O. c. y! ~ - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]% @2 c! U/ U9 e0 } d# u
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]% t! N) J4 s3 \
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]2 {/ N9 X# _3 p9 M7 f2 J
- ==================================
/ y( f6 n# Q' n4 r/ J" t - Winsock 提供者- s+ L3 R J5 O+ ? N" O+ U3 B
- N/A- a1 l. z& z+ i4 D7 Q, ^0 k
- ==================================
1 r8 }8 D4 V# t0 d5 a - Autorun.inf/ b0 I. _8 s9 N' S* A5 J7 L
- N/A% V. N: z1 |8 O7 y+ p
- ==================================
5 v& s4 ~! p. ~9 R$ s% f' i* }# ~ - HOSTS 文件
+ ?/ ~" |" {% G5 a% L6 S6 W( R# O% I - N/A
, q4 {; `# F. K% J% L' x3 |% S - ==================================
0 H1 I- n! q% G( @4 Y - 进程特权扫描
, j; J7 N7 z% ^" }* F- p - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]/ N* Z' j9 p4 s( n* f
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
/ Y4 ^" v7 I2 a' e3 ?% q" w - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]! H( ]9 F1 {+ Q; l
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
0 v* r# z* h- P. n- ]" r - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]& P, F6 {. m' S
- ==================================
3 y; b7 v% D2 Y: C" u - API HOOK$ s' F! ?" P' S
- N/A$ y5 P& M! c4 w# b) E% a
- ==================================- L4 w: q3 {0 p# y; ?& N. Y
- 隐藏进程
- ]* W: M& S8 f& S% ]7 P - N/A( |+ E2 ?3 q3 e
- ==================================; c$ G" ~! T' s" ?% @
- % E; r/ O' l8 x0 L, A
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
