|
|
$ M9 k0 }. G1 A' C M% e5 _! i- 2008-05-22,20:37:43/ i' M9 m3 U' M- Y' | C
- System Repair Engineer 2.5.16.9002 }; x, V8 n9 o# k# g
- Smallfrogs (http://www.KZTechs.com)) b( S- o# x. p, B' S
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能% g/ h: U4 b$ ?* i% W5 b) s
- 以下内容被选中:
* d- m) s& i* W e - 所有的启动项目(包括注册表、启动文件夹、服务等)9 S: H3 ~; T$ I
- 浏览器加载项
: A$ j( s" Q( f - 正在运行的进程(包括进程模块信息)
; [: ` q/ j/ u1 Z9 ?# D, y - 文件关联/ G$ D9 M# p: Z+ ~' R% d- n. c
- Winsock 提供者, J( ~ R O9 z$ S5 d1 A; h# U
- Autorun.inf- M& u6 ?3 n5 g
- HOSTS 文件
3 _, X W0 f5 P. H, a# Q. s - 进程特权扫描8 r* [; G, Z4 Y3 I0 O: w8 ~% r
7 g2 s: B0 g9 A3 u( }5 p- 启动项目* l* _6 b6 ~6 H
- 注册表
- {; ~8 R6 I3 j E5 b - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]/ d# G4 {$ n( V o0 N* B; u% g
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]& F6 H7 I6 _6 M
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
' x2 q% m3 _: R1 U& V2 m - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
7 E- S5 N1 i: h( ]1 S/ k% \ - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
( O: ?$ V; I( t$ P - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]" v4 Z0 ]7 a, M6 N1 c
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
$ Q& g6 e3 y/ M5 ]6 ^. I - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]/ g7 @$ \, q, K J" O
- <PHIME2002A><; > [N/A]; e- u6 ~+ {( t C% k y0 R7 K
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
" g% ^$ f, U/ j - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
, v2 l" T+ h, D5 [. R8 m - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]* Y8 |$ q/ |' @* ]) J9 J3 p3 O
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
7 t, J- R m: H* W X" r. p( O - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]/ j( f6 ?; g1 |! w
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
. M) x0 J" b! U' s9 R! U; g4 h/ h' J - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]1 V; i: V6 C- ]# a
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
& U$ O4 x) I* R7 [- W+ u; s$ P - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]0 Q& j4 Y0 d' @3 y) E! E
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
6 |4 c$ b' n$ h - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
! v4 Q$ l7 h' U0 ]% r8 F - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
& H, F& T6 I; a# v8 X8 }; E - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
0 q% U1 b2 ]# m4 X8 H - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
( @' S* _9 A( I% c; d - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]. V' |) \5 x; K4 ?8 Y; o2 `
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
) i% m3 y- f. ~9 ^ - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]- b0 \5 }% o6 t. U; {% B( n T
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]8 x; V1 z7 F, s: Z! z7 k2 w& k
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]: g( f3 u" y I4 ]+ |/ X: z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]# t, X6 E' R/ }
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]/ ?: _% G- ]; e, q
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]. u0 {0 Y3 A+ a0 O$ E5 v; g! M
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
) q) ]" f( P% Y) u2 H( c, [ - ==================================3 I9 F9 U* J( F- d" _9 w
- 启动文件夹
9 x: @- G; r7 r4 h5 f - N/A
: r3 N' Q- n. S4 m. f& o( \ - ==================================
) `; Y8 f( q& d) S - 服务
$ f* i6 A! r0 w( x# m5 n - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
. Q. H3 u$ j) L - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
( y, D/ |1 p$ h) p - [Google Updater Service / gusvc][Stopped/Manual Start]
7 S9 b3 T" u; N. X: C K# ~' l7 o - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>) v( ^0 z9 z( q" ^- M
- [Help and Support / helpsvc][Stopped/Disabled]
8 T; H* i, Z5 k3 X, z - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>' H; z- m& s' a9 t1 u3 }
- [Human Interface Device Access / HidServ][Stopped/Boot Start]: i1 K# W2 _4 I5 E1 W3 P9 t( S
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
' ]' A, D$ ]7 F/ m0 R5 s - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
6 A) k1 s( o% H+ } - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>6 _; H2 v7 A, H, `) h1 n
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
8 S2 e0 t$ Z% R3 @ - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
' z+ d6 _: ~* u3 q - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]2 u8 j8 h3 N( R3 E
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation> b6 q/ d# O% L6 }( u- F+ Y9 [# S' S! P
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]! Z' N9 X' a8 o7 Z8 z) J, T( h& \
- <><N/A>3 }! T+ K) o. A
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]/ O) L T' k2 a, E- l: _
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
2 _* |7 B' t7 `; s, S2 q% W - ==================================! z5 n O" Z- p/ e, J7 k3 b* j
- 驱动程序3 h( W: S9 p( i* H7 E. y5 `) s
- [22j / 22jn][Stopped/Boot Start]% |6 b3 `$ f/ s- {! @: h: U# m
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
* V1 O) V8 A5 _$ i* T, x2 c9 i - [360AntiArp / 360AntiArp][Running/System Start]# b4 N1 ?1 P8 ?% x
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>/ g7 ^1 _& c1 w4 j+ f' G d
- [43ec / 43ecu][Stopped/Boot Start], u1 D5 R" w2 G' G0 H7 p* X
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
7 Y* y1 K% X( E, o0 R5 _ - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
- S3 E4 B! u# Y& h5 O0 j }" c - <system32\drivers\ac97intc.sys><Intel Corporation>7 Z5 Q Z# x: j5 i
- [Promise driver accelerator / bb-run][Running/Boot Start]2 l6 d6 v: U r- B: |
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>+ P9 X2 W0 s' ]8 O9 H6 ?$ R* K
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]2 S( B2 }. C/ z2 Q
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
$ l7 b# b5 w! i9 g) J1 A9 ]8 ^8 e, {9 ` - [KAVBase / KAVBase][Running/Auto Start]
# D$ M) L3 X8 Q8 R - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>: g: E6 w5 o" v2 V4 @
- [KAVBootC / KAVBootC][Running/Boot Start], n& m; F& N6 G6 H, C- Y% @7 x
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
" [. I3 Y F- n - [KAVSafe / KAVSafe][Running/Auto Start]
# Y( c# Q9 e, S - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>2 Q! A3 Z# q$ C- L1 B4 V! C
- [KNetWch / KNetWch][Running/System Start]' R/ u1 s5 ^8 o7 B$ K" b
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
7 e* v9 j1 a) R - [KWatch3 / KWatch3][Running/Auto Start]0 E2 Y h6 E/ V% N, n' r
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
3 h8 M' q" {* K - [ntptdb / ntptdb][Stopped/Auto Start]+ A8 g) `0 X& d$ t
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
. L H0 U: v/ H! C7 S - [nv / nv][Running/Manual Start]
, ~% e0 K+ D) X4 ^! d, w - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>- e6 s! l3 o1 j; b" H: O, }4 y
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
4 ]( ^# b. A6 s# z% `' b, s4 h - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation> x ~6 C! Z2 [6 d1 l! I, i
- [DDK PACKET Protocol / Packet][Running/Manual Start]
/ A2 u8 p4 e2 w D! v, l" }+ l - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
5 ^& d7 r- L1 ^# A6 U4 e6 A - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]7 k6 ]5 ], f }5 Q) f, N) Y. _
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>) E! x0 S! \4 o: ^) j
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
2 @, k7 x( I; C; k. d6 U) | L: ~ - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
. ~8 h+ R, B9 D - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]9 A2 ]# b$ k! o8 d3 F/ `
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>* H7 O* K& s X* j: L' ]" Y
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
, z9 D8 N* c0 q& j, r' a" j - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>) S# r g7 W0 w$ I# W. D
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]- o! S: }4 N1 i. o; D# d/ B
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>" X' |9 Z c% L! f, N* Z2 I
- [Secdrv / Secdrv][Stopped/Manual Start]
' g' M8 t H C7 R - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
: _: r, I7 H9 U8 g5 o6 o - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
2 ?' R0 ]& j* w" e; W: C - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
* G( G8 ]: b6 Y, V - [System Restore Filter Driver / sr][Stopped/Disabled]
: m0 m0 h8 v5 r& w" w# o& E9 ]! n - <system32\DRIVERS\sr.sys><N/A>
' N% h3 w5 f4 n* |: ?6 c - [TesSafe / TesSafe][Stopped/Manual Start]$ j1 j; `8 `3 K1 o- ~+ R6 M; x- s
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>( T5 G2 {) K; n* L. W) i
- [System Services / unzxzsrs][Stopped/Boot Start]0 o3 _$ }$ l5 ?4 z0 ~
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>& e( L) `1 U3 a2 G$ m
- [ViBus / ViBus][Stopped/Boot Start], O# U9 E) n; @" B
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
- i6 f' P" Y5 K% t2 Y - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]0 S2 |+ @4 Z9 M, B4 P
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
) K" C7 {7 Y; G - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
; z o) X" n( _3 ?1 R; D - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
( ] q# m7 L; f, D* H; J, b - [ATI Extend / zhibmaso][Stopped/Boot Start]
. }5 j% h, [5 d( k; S# \ - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
+ H! Z0 l2 R7 I$ u* X H - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]; n( x% \6 l0 ?$ m+ C7 N% X9 [
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
0 i& a5 R( W) L3 e - ==================================) H% A6 m! E: X% c$ G7 q
- 浏览器加载项
! F- J* U, d& k8 C" C; n' w - [Google Toolbar Helper]& p4 o( k" p# d+ y
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>$ b' D) ^1 h, }7 ], W3 N! H
- [Google Toolbar Notifier BHO]% ~2 T5 a3 w9 K4 \( q
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
3 s9 u& K# W/ {1 y p$ A4 G - [SafeMon Class]: o0 M) M3 Q. V4 Q3 S. `
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
* r5 l+ j9 j t1 q - [kingsoft browser shield]* ~: p) X9 X3 t, i% S
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation> _: F/ O" G* v6 z
- [IEBuddyExtControl Class]2 w' g- {9 g3 d- c
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
9 r+ j: c, k% v6 N - [Zcom 杂志]5 t8 y' M1 ^, L8 `3 Q U$ e
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>7 E h8 y4 F: d. Y
- [&Google]$ ?9 V+ _# @. ~1 d
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>3 s& Q" r. c4 s5 g8 d4 `
- [KooPlayer Control]1 J$ y2 _3 l! H9 Y- W/ |$ R
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
* `& z# h0 L- ^4 w - [Shockwave Flash Object]
4 H) U* M0 N t q - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
9 N# l& }% u* B# E - [KUpdateObj2 Class]
- j$ G5 p# d) C. D - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
, P1 u4 v4 a. |* ], B6 @ - [Google Script Object]; s: V- c x* ]3 G5 C7 Q* M r
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 `+ J1 d' U3 U
- [EWA Control]- E i" R% v3 Y
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
0 j) {' w$ I4 k- _! s$ h - [Windows Media Player]( n' R1 f1 r0 O
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>3 k+ @5 P" J& R) W. Q4 D7 t
- [&Google]4 y/ l5 w: X# s X. }
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>4 E' Q5 w6 P) A, ?2 b6 J* r
- [HTML Document]2 a8 g p6 e5 d, A2 [1 h" k* [
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>; v% z6 u* P1 ^- E
- [DHTML Edit Control Safe for Scripting for IE5]+ |' n5 `9 p5 l. M9 N. d* l# l
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>- P& m! j' M- F, J1 C( g
- [RealPlayer RAM Download Handler]1 v- T$ H$ i( u1 d
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.># Z) C+ o3 Q3 H) _: U& V% }- h
- [IEBuddyExtControl Class]
, G# Z0 b/ m% F. h6 o3 t - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>3 g( a s* Y+ ~+ w4 l, W- V7 H4 O
- [XML Document]4 @' ]3 `' O6 r ^
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
- ]2 k* U9 p, Q2 v4 W/ x - [HHCtrl Object]
9 Z( f7 k4 |( C6 o( R9 m - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>: b- G T3 E# W+ ]$ r8 K$ |
- [Windows Media Player]' ^* |- j9 [/ j# r8 X% F# @
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
. }% G2 o- h0 J. K' d. N2 F2 \ - [Active Desktop Mover]! Q( `7 ]+ m9 `4 C- L
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>3 U% V3 Y1 ~- b9 x0 s9 U
- [360SafeLive]. R5 O7 y6 Q, B$ ^) L
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn># N- D4 N; R) n% E7 ?+ t
- [Microsoft Web 浏览器]4 {5 b0 e5 Y6 W" | A$ V
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
; H* k* e# p3 z - [Browser Enhanced Objects]# M& ^, S, t: t1 ?3 A- d0 T0 v! B
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>( W# R; c2 |4 C# m; `" k, F; D! R% M
- [Google Toolbar Helper]
% J0 `( b0 c4 q% R1 w; \0 z; _1 x+ L- F8 P - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.> F) T9 k% [* s& E
- [Microsoft Scriptlet Component]) I1 u8 A4 Z z: t5 M
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
9 R' c- E) `# z& g/ U" v# f - [Google Toolbar Notifier BHO]' W( W2 v X5 ^; e) ]8 h& l
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
+ B4 R, w$ X4 ?0 g4 G! t- J; i - [SearchAssistantOC]
8 I% _1 N9 `% @2 X1 O% c - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>; e3 I3 d" o0 p2 b
- [SafeMon Class]7 V. m3 ]' X1 m5 L( u
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
& {( \* _6 l2 N$ f) L$ v; S - [RDS.DataSpace]! _# G4 @9 x/ H1 B+ {# n" n+ {' g9 l
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>3 E8 K- N2 f4 e5 G4 t! x* ~ Y
- [KooPlayer Control]
) J% g9 Q* e% Y! B' h& j3 c - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>! m, A. @: z$ M8 x* p8 U& V9 f6 U0 b- ^
- [AUDIO__MID Moniker Class]
7 ~9 d O& b% t - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
! D- {& t0 Z0 X - [AUDIO__MP3 Moniker Class]" k0 G+ b* j+ n4 T3 o
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
6 s& ^+ R+ p5 _5 F: E4 A5 { - [AUDIO__X_MS_WMA Moniker Class]; n# J7 X! R0 S+ }. c l1 F
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, @7 c$ j) z1 [" [9 ~: n - [VIDEO__X_MS_WMV Moniker Class]
2 Q1 e* e/ a" G5 n( u5 o/ t& D - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>4 b) E7 t" Y& ]1 l
- [RealPlayer G2 Control]: g$ e% l/ ]' M& V* ?9 k: l
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>1 J2 x2 l2 f, e6 ?* w! C
- [Shockwave Flash Object]" i; v3 N. \7 m/ i# Q2 p9 l" K
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
( L* L+ i, {2 o6 ~6 H+ K3 H- h( V - [KUpdateObj2 Class]( R- g& {5 E6 l( w# f0 _
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
3 z1 @- x: K4 n; Q - [kingsoft browser shield]$ f& e/ N0 F7 b7 e
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
& R5 u4 ~- k, i7 J6 r0 H4 C& d) V - [PasswordEditCtrl Class]
$ k5 N$ b# G0 r- K% S" p% k - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
9 c. s3 a) c( c$ G$ q$ V - [QvodCtrl Class]- F* k* I- o8 T% S
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
3 V% U" M5 R5 g, t Q - [&使用超级旋风下载]9 G* Q# R( R1 F2 v f
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
" s9 B) b9 j. k1 h- C! l - [&使用超级旋风下载全部链接]
C% }6 Q4 M. O( }. n% n" y - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
/ ?) ] t8 @& O, r. D - [使用迅雷下载]
: g. ^) E+ V8 ^$ w - <, N/A>9 s7 t6 ]6 x$ w) i, M# X
- [使用迅雷下载全部链接]
4 v% t6 N. V$ a3 }& k - <, N/A>
8 l5 r1 D9 K* @. Q$ a2 T - [导出到 Microsoft Office Excel(&X)]
3 { _! d5 F% T' H# I - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
N2 B' T: h* i5 D - [添加到QQ表情]
' w# [% B" w# l* v; E6 h7 d+ H - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
* @0 W. d7 w* |" \ - ==================================! g( X, C1 e$ L1 Q9 a! ]5 L* O: u
- 正在运行的进程$ c. @1 {3 u/ j7 H
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" E6 d8 b% O: Z1 F- }; q% N
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) B% [, f0 _4 a - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! V B0 G7 R$ } D5 @! U - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]4 K% m l3 j9 D6 E
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 J: l: @/ ?$ }$ U
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 S% h9 s E0 f
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
C4 g- D( p# q2 y - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 G& X+ g( [* B6 L g$ Q- w - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. L7 L6 h% m8 k; r/ S# [ - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 F O) E3 c- L& L6 P e% A: n
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& g4 e/ @* N( g
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
; v0 \. o J4 z# U - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] U9 E$ f- ^, d" F4 c" Z1 K" I; L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 x; I4 @4 N* }9 U5 f5 K: X - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
6 ?9 D! z, ? |# F" W; @ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
9 a6 E% _& x8 h6 c% _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]4 J+ a4 \0 e0 e; Q6 i
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]' O+ l" H8 {% w) l! Z9 I
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
8 |: \' O h: g7 K( G9 o8 j - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
- [+ e: S5 \) n7 ^7 d; c) |6 A" K - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
2 P" {5 p! V4 g7 \% y$ H - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; h/ J, q0 s$ F" Z1 D [, \* j
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]) w( h7 d4 l& z9 G! s0 b) Z
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] {; M" N; `: `, a% C
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
5 {+ y0 E: m0 c - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]* ?. x: B' y2 p2 A
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]& n( E: P5 g0 S6 ^1 N2 X2 g
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! d7 _4 z" p1 i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
% u! O9 f4 w. A8 G0 ~ Y$ ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
2 ?5 l2 y* \6 u9 w, g - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
+ P3 V7 w1 ^" v5 c( g! @* i9 \2 w4 { - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ s6 g$ j3 U8 }" h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
6 H! r4 W( p8 k8 ~$ B0 W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 @3 G4 `, a. f1 Z8 c- Y7 i
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]" M6 d! X! b3 q* l6 R
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
1 ^0 j# r2 I. S9 V3 r6 B) I( I - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
5 D1 W7 B; m+ D8 X5 {6 c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
6 @7 g! t6 u" E# D! O) |4 G* _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
$ m4 c0 g8 d; U ^7 u6 e0 J' |4 f+ V7 v - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
( c; s* X6 t9 x0 ] - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]( i: L8 |- ^: o
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 X: e# E$ ^4 G4 Z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% \7 R" H" X* s5 ?" z4 [3 D - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 t0 O( R- Q |1 I
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
: a( o/ a, d4 h$ N; W7 |+ ? - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 k" u2 h" g8 g' m+ f k4 T
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 I/ j0 }; }* Z( G7 q
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
/ m# c; m+ j0 x' j9 y - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
. x3 C" F% l* o+ F8 j5 v - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 |% P8 q5 D8 _# r' W `
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
* u! A) e0 p% `+ ~. M/ l - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* `9 z6 E3 H" s! @! n9 y - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
; m5 r. s! Q6 C+ S1 X0 S0 Z - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
: d- T7 }! k8 {- g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
$ {, m- v0 f) o! p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]% }, |# I3 i. O y8 d# H' i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
e: l+ {6 ^; x* q* ^) F) G1 d/ w - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]- D! u T+ E5 U) L# l0 R- m: E7 L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
! h. i% j: {" r( u) o - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
n: i n* X. k5 e( a - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
# o" _+ A& w6 ~) C8 b0 p/ y - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
: x3 H5 s( i1 n( N6 N, C( } - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]7 R8 c7 A) H8 l; q8 H3 z# U
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
9 i1 n3 a/ V( L5 @8 V' n' o - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
3 |( ]" G1 I. R. w - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]- P, I; `' X' m2 i6 L. B! J3 u1 O" |; j
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]; i3 L9 n9 d( L* q% H
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
% h1 a& K# R( N: C- N - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
3 c; d8 [4 @5 V" t9 } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 Y8 ^* e v2 ?$ a
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]6 H, u+ e; ?- _) T5 y# ]: T t2 O$ H
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]6 {7 f6 @7 c5 E5 t2 F& Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- P" e* F+ q' H! @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* c! Y& h" l b0 o( g9 Q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" P6 ]2 [+ k8 [1 T - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
8 _& I: W2 t$ t2 ^: b% k) b - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
/ {, _1 g, M ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 [' L0 v) ]4 n( `0 f* p8 d' b V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], o6 ~: r- }( n! b4 w5 a& O( C
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
7 n9 N* ]4 @2 C$ m# {% J: ]% i# ` - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]. J* e9 U: m& L9 F2 S
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]" u L) J2 @8 O; Q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- y" i9 \3 l4 X2 _+ K1 }( ]' t1 v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) d5 k2 q& | u( `% V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ } R% W/ B2 [ {1 i
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 J; V+ {* V+ _, R/ }5 ?
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]+ h9 N1 ]+ B0 B" `' p" W' D
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]" r- O( B$ B& d) a6 ~. L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) a8 x" x+ ?# q$ i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 ] P0 K3 _9 P/ s/ Y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
Z, }1 Q! R/ b; A; h$ Q - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
! v; P% ~( n' r0 V) V - ==================================
/ H6 B3 M, R9 Y - 文件关联5 {' X- ~# ]# a1 k7 J; |8 f
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
0 a; Q, j, d1 ]3 c1 @$ p5 a6 j - .EXE OK. ["%1" %*]% ?! y) R( l v0 Z; P' G- D8 |
- .COM OK. ["%1" %*]
: c% k6 o" b" n$ O( E9 g# j5 Y - .PIF OK. ["%1" %*]
) ^6 F; {/ n7 X) @5 [2 J6 p - .REG OK. [regedit.exe "%1"]2 ]" L8 O! v" w, d- Q! h: m
- .BAT OK. ["%1" %*]
" T8 [, Q( B- ]% u: d - .SCR OK. ["%1" /S]
, u6 Q* B$ R! E: P, u - .CHM OK. ["C:\WINDOWS\hh.exe" %1]5 K( I% O! Y) V0 A7 }2 x5 I1 P$ O
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]# o: G& t6 y' o
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
: v- n9 h- ?7 z# _: }2 ^ - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]: m+ L7 T. r0 i% }2 R* N3 V
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
' S% N4 Y: S+ ]5 E8 | - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
( }; p) C; Q5 v7 C2 {9 x - .LNK OK. [{00021401-0000-0000-C000-000000000046}]# B0 Z) i! P' T& [
- ==================================
2 e5 p, u/ H* y* N" R: o - Winsock 提供者7 n& P4 b. H# z; m) a
- N/A
' U4 M2 s, g+ P) e. U) |7 w6 \+ ^ - ================================== v2 D. s4 V- C% l2 j8 ?: h
- Autorun.inf
+ K0 m+ Q/ U* w) u( }( C - N/A3 |& {! ^' e$ T% V6 Y8 V: ?
- ================================== _) X' ^% ]7 R2 ]$ Z
- HOSTS 文件
0 h0 b# t- D! w, [ - N/A
1 Y6 C' L! n8 }/ z2 u5 s( X - ==================================
9 D& m% v1 v, ^( F2 u8 \# J - 进程特权扫描
8 m$ t; h- y6 j4 s0 t7 G - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]. z. W, U- m+ C. Q& f/ J
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]% u2 N7 E! D! F4 S' Y5 p8 K' Q9 b
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
* l9 G' c" M$ Y2 W - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]; n! v6 Q' L N5 j& s: s, l; W
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]7 p" N5 S1 |4 u% b& G) P7 q. g- i9 S
- ==================================
3 b/ j( C# H8 U+ [- y - API HOOK7 S# e0 I2 t5 ~ K: Q* s. h, x
- N/A" {2 x# u$ H3 _* E
- ==================================# H3 H9 F* G4 Q" i
- 隐藏进程
% |( w; {( i# N/ w - N/A$ L5 x1 x! M5 v4 a N1 f
- ==================================' g' H: E+ c" t: [9 v
/ p6 f4 ?1 |" K
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
