|
|
( Q: R5 {# n& j: z k1 T" ~% O- f- 2008-05-22,20:37:43
2 X9 B# I o& S4 S4 g! ~, Q6 V - System Repair Engineer 2.5.16.900
: E: O" \6 B6 v% X5 I7 R7 G - Smallfrogs (http://www.KZTechs.com)
& k; U1 D6 u- e$ W7 S - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
! ?) S& d/ }0 P" H$ b- @ - 以下内容被选中:
4 P5 U0 ]! O; p/ }/ C1 R2 d F - 所有的启动项目(包括注册表、启动文件夹、服务等)' L& T1 ^+ F5 y. ~9 q
- 浏览器加载项
4 i- D6 Q' ?. D+ _ - 正在运行的进程(包括进程模块信息)
! ?: T9 Y0 @/ Y: v5 i - 文件关联
; \1 R. e9 o- ^7 V0 I! g - Winsock 提供者
1 @+ X% D# [. ^3 o1 G - Autorun.inf7 I- w) a3 {: ]9 K* U b8 R0 j
- HOSTS 文件
! x- Y& t% R) j$ ], D7 ~, | - 进程特权扫描
. }) v5 e) V) ^6 D. [! w
) l; V6 [5 u1 N% ~3 H, z. ?/ Q- 启动项目
5 ^) C8 m$ R9 n) M - 注册表
- d W# @, O0 m; P$ _* d - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run], H: I' b0 e+ B1 O3 B# A) R: u
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]9 {0 N7 j- _8 }, ^
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
6 E/ K% h C2 @6 h/ P - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]3 | `. U W$ g a0 @" C- ` B
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
: B' [9 C7 ^3 w4 j3 z - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
2 k' y! t3 {; a3 R5 \ - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
* k2 V6 k5 r1 V/ s( L, ^! f* k - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]( D! O* s0 j5 S% @) m W n) j; N
- <PHIME2002A><; > [N/A], x6 u! J2 T2 u; O7 k5 J% t
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]' m( U# {: N3 v5 E- Y7 z( Y0 ?) a T
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]+ z- ]+ x( L, X4 ]5 V6 s
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher] a* f2 W1 U: n+ t
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
" X& A- }4 n! v# x/ b6 a - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]7 n8 l* J* R' a
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks], j+ H; x; b$ ]1 h" L/ \; a6 [
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.] W+ O, q4 V4 A) |) `
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]: ?* [1 \$ `- ], Y' v# l- t
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]9 t K' _- K& T0 m3 ~2 x |
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]) s! E, R% ~- e9 d/ _
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
( K( n/ s4 F$ I7 J - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]3 ?5 V1 K6 z4 p- d
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
% W' ]5 `( v) i* n - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
6 E, w# C+ b, ?9 v% X7 y+ y7 e - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
: W. f) E) s6 L! j; B& Q4 S - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
) B3 D6 J f3 ?( m) {" M - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]% w1 l0 J1 R8 s
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]; p+ l- }2 g4 P0 K& i* l
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]4 t" d8 j2 I) X, n
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]+ ~ I9 {- U( t; W, M4 m
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
- b. b4 N9 D% O4 y2 O; j - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]( P O. M9 E* D/ a, I! ? B. R
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]% X, L5 S6 w. e. j+ |
- ==================================
& k0 ~# m% \" F3 u, T2 B) p# w5 m - 启动文件夹3 K) r- ^5 e* X$ s: c
- N/A
6 {( E7 |& E# T5 W - ==================================8 L5 }0 j0 W* b
- 服务4 c8 ~& i! Y" e6 h, x: J
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]9 m' V2 g8 A- ?" B3 i. z# }, s2 F
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
4 ]; _# l _* I7 r: E' N+ r - [Google Updater Service / gusvc][Stopped/Manual Start]' c: ^' W. _3 S8 p0 ]
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>, L, i+ i+ |- v& n4 W
- [Help and Support / helpsvc][Stopped/Disabled]' S) e. g$ b* q
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>9 |3 y+ L. w( }5 C* p
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
$ @1 e3 z: v; N! n/ ~ - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>1 S8 X0 I5 U& }, ?$ b0 F1 q7 j3 \
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]2 Y8 J2 G: e( {# a" K* P8 b. ^' g
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>. E& e% `5 E$ F+ C8 _
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
5 V) I1 L5 @6 }$ |( V - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>" h2 Y+ k$ F: Y& O# g l
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]+ Y- a$ Z& k( a' Z v' H4 M
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
5 p- M% H3 q9 b& h0 w+ m' [3 t - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]& C) K5 b: l+ c% y& t$ A, E
- <><N/A>
) ]- h/ K" N4 V t6 K/ |$ n9 Z/ e - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
: K; X; g4 T1 c, E' m; n( g, d - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>7 _- V* G' n, `- ^! k
- ==================================3 [) E& o% {* c
- 驱动程序 B3 c# p; j3 r' I; Q
- [22j / 22jn][Stopped/Boot Start]7 {6 I; w: R1 U( Y
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>" E' Y7 B5 W, e/ I, }+ y2 P, u
- [360AntiArp / 360AntiArp][Running/System Start]% j, p p, F( C/ k7 w L
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>4 p) q q- t8 h
- [43ec / 43ecu][Stopped/Boot Start]6 U$ u' }; l- M' i U$ R( F
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>- u) N! A" P3 d2 Y& i( ^
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]" ?" W/ g, }: C7 ]" |
- <system32\drivers\ac97intc.sys><Intel Corporation>
$ i2 N, e5 `2 s% x5 g2 v1 S - [Promise driver accelerator / bb-run][Running/Boot Start]% ?6 F) e, g3 o& |- W3 P o3 y P$ r6 j
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
# V5 D6 Q6 d- W1 V1 r, m - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]) Y, g% r5 v, H# l3 T2 [8 ~' H! J/ T
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>* x( r& C Q6 h( h( r! z7 x
- [KAVBase / KAVBase][Running/Auto Start]
2 ~/ J6 c7 m+ L" q- ` - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>' F) f; c4 `8 M4 U8 w2 \' C
- [KAVBootC / KAVBootC][Running/Boot Start]& S! H# k* x6 @6 T) u( Z- Z1 l
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>5 l: R# J3 w- t' F. d6 i2 z8 n
- [KAVSafe / KAVSafe][Running/Auto Start]
% w: Z3 k$ m6 q3 H% z) r - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
6 w3 X7 B, U }! x$ M2 x5 V - [KNetWch / KNetWch][Running/System Start]6 f# n& |$ Q }
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
3 l8 L# }, \: O# D - [KWatch3 / KWatch3][Running/Auto Start]; l( C" }' Q. L
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
6 P- U+ }4 K* [8 e* N( [ - [ntptdb / ntptdb][Stopped/Auto Start]3 n* o; H: K F7 s
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>4 T6 p8 ^3 _# U$ g0 n
- [nv / nv][Running/Manual Start]# N" v. ^$ V/ U' @
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
; f0 S/ G# x2 u2 w) g" ] - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
& i. E) L% w* S9 s2 A) c - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>+ B: W# B% d7 U/ e- I; w
- [DDK PACKET Protocol / Packet][Running/Manual Start]
/ \8 I1 w1 A& A- @. s/ _ - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
# c. q' i4 b* O9 \" O3 f2 q - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
1 n' W; k% ]3 Z0 y& n - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A># F! U) p; k0 |
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]3 _# N# h( t! y/ o$ B, U& x
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>- m0 P( e- C: L2 R& u
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]" r9 D& [$ {7 c. S
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
6 o; f0 T/ t5 w - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
% `" H( w( _5 l) B) a9 J9 s - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>% A, C' E! o; H: ?* j
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
9 }8 s3 B- P) \4 e. M5 S9 W' Y - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>8 ]8 n$ ~2 ^5 R( T. ?
- [Secdrv / Secdrv][Stopped/Manual Start]! X1 U3 F! k3 V+ X7 |
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
9 X: i" O) r' O2 U6 o. y - [SATALink External Device Filter / SiRemFil][Running/Boot Start]8 k2 j0 q9 E0 Y: P; S. u- H
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>' Z/ u, I: f# y
- [System Restore Filter Driver / sr][Stopped/Disabled]
: v/ |& Q( f- k* |% Y4 _ - <system32\DRIVERS\sr.sys><N/A>
! Y# v8 K5 O- O( B" {2 t - [TesSafe / TesSafe][Stopped/Manual Start]
6 g' i* L! ]! T0 q - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
0 h# M6 y5 o/ M7 \7 p - [System Services / unzxzsrs][Stopped/Boot Start]: U! L8 n" H; E) H5 d2 Z9 z
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>! s8 c' p1 Z V$ D
- [ViBus / ViBus][Stopped/Boot Start]. S, W: ?! s5 o
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
8 l& \* b; Y2 D - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start], e! b$ K1 \& H& \
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
% f; U; s( `! X" R2 S$ d - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
5 g1 e' d$ Q+ m( U/ v3 E - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
/ Z- e% o7 x, P' i - [ATI Extend / zhibmaso][Stopped/Boot Start]
! }) ~9 v$ f. S - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
. A( r) h8 W2 I - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
6 r& R% E9 C5 g5 Y7 A - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>; A4 S8 z2 m+ ?" R! z" {2 v+ [/ V v
- ==================================
' o- x: ]; {5 ]' w V) C9 n - 浏览器加载项& p8 ]9 ~2 B4 Q q
- [Google Toolbar Helper]
. R1 n0 {# G, O - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
! S+ J( N [# j9 a" ^8 I' Y - [Google Toolbar Notifier BHO]3 j6 F+ h+ p/ V& J( L. J0 B
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
6 u- ~) F! D+ B# P2 ]8 T5 M - [SafeMon Class]" j9 o/ q3 N, `% s6 X
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
" {6 ?" a- Y# ]/ L - [kingsoft browser shield]1 l: A) w% I. O8 @
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
# |* G+ f W4 N7 D( ? - [IEBuddyExtControl Class]
0 f/ ]9 ?6 {* \# e- F7 x6 | - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
, D$ F- N% I. F; s0 c- O8 e/ v& G - [Zcom 杂志]
( u* G# }/ n4 }9 J J# N) ~ q( n/ g - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>, a% H+ y! c+ z. v! \5 g* l( _# ~; p' E
- [&Google]
+ x5 T9 {8 N% C8 o5 m - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
1 \! K) X; ?, N7 x6 r - [KooPlayer Control]
; C1 `" {( ^% e5 L& u1 j - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
! Y9 k. r9 _6 D( D" q6 x - [Shockwave Flash Object]* J+ f. p/ `1 F) b0 J" z T
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
% \2 Y0 j4 J- o; Q; j - [KUpdateObj2 Class]
4 ~* g) D# ?" x - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>" l% j9 M g! q8 y8 p1 o1 H
- [Google Script Object]
, h2 _5 x% u% P. b1 a, k6 r( } - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>& G: U" w; r: x3 E( k, @; g
- [EWA Control]- _* E1 o( Z" \
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
2 h4 e* e' t: k5 _ - [Windows Media Player]$ p4 a: g! I/ w6 D+ _ j1 `6 j
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>/ a; {9 D9 Y! J6 g% u. k
- [&Google]8 C' Z! l% M4 w+ b4 ]4 Z* Z% g
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
$ _0 `7 ~( @) M _. w( B4 h( n+ ? - [HTML Document]# s7 L# Y4 t$ z- Y0 y0 n' ?
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
% \1 G7 \6 y* ^% [$ z - [DHTML Edit Control Safe for Scripting for IE5]' b% W- o( V+ T+ g! r% p0 r
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
- J2 a7 k, Y- M1 _ E - [RealPlayer RAM Download Handler]
' ~8 c# k; t5 u- N8 e - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>1 u% K+ Y! T( m" @2 J
- [IEBuddyExtControl Class]2 A- A8 @1 K W+ G. @, ?, Y
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
2 i8 H R4 d2 g- V' ^* J' [! f - [XML Document]8 y/ s$ I5 u! _+ w
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>2 r' `, C& U3 m. ?( f$ a4 ^5 E" t
- [HHCtrl Object]
7 c3 u! g2 g0 z7 P4 i7 J: ^ - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
- P: ?3 i$ G0 @' |3 o% m# [2 J% _ - [Windows Media Player]
. E5 E. U- U1 m - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>% K X- W7 ?9 p2 A4 J+ S
- [Active Desktop Mover]4 }( H. [) M0 P$ O' n, }7 O# I
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>8 ^; K: i/ G" I5 V8 ~
- [360SafeLive]
a3 ]- {# a/ ?! p9 E - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
; a" o! a9 ~ f. V - [Microsoft Web 浏览器]
) ]$ r- Y0 r: K. j - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
7 Y8 j8 N, J- e4 _% m2 U - [Browser Enhanced Objects]
; `5 d9 w+ ~+ s3 L) G0 C - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A># U I# P1 B- ^2 l: m0 q
- [Google Toolbar Helper]4 I3 J5 L, p j5 ?, O8 _
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
! e$ }; @3 _5 D; |, y! ?2 ` - [Microsoft Scriptlet Component]
; P, m9 G$ U. r4 C - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation># t5 t6 h& I+ Q1 \% w9 g
- [Google Toolbar Notifier BHO]. Q! q S: z. R0 ~; F
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
$ g+ P! [- g ] - [SearchAssistantOC]
' s; w" s5 ^8 V$ c, ~; S/ r - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
* p4 T" B6 i( L" x - [SafeMon Class]8 v0 w( I5 d% h8 }& j
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>) S& w# s0 q0 c0 @6 G" X$ o$ e
- [RDS.DataSpace]
$ J% Y# n' V: A8 r- n8 x - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>- J4 M+ p% g8 ]7 F& a/ `5 L6 V
- [KooPlayer Control]; g a, _3 T" K: `) }. X6 ~
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>" d: A. T9 }9 |, g3 u: t9 |
- [AUDIO__MID Moniker Class]
2 f) U. L0 g: u* f1 ^2 G7 z: U5 K# M# V - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>& R7 \. k& o' }8 b2 N
- [AUDIO__MP3 Moniker Class]
7 e: z& V, O4 G: I - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>/ ~) z$ i( C( }, o
- [AUDIO__X_MS_WMA Moniker Class]) b/ i- s: v) G) B- q
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, c6 X; p. L% d! e7 s K; P3 W1 ^ - [VIDEO__X_MS_WMV Moniker Class]9 o5 m6 c. R$ C. w# m+ Q9 N4 a
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
/ G, @5 Y( E! e& D( } - [RealPlayer G2 Control]
# b% S6 b# G& Q% t - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
! F1 D2 b8 E0 }7 c3 R! X; i. T - [Shockwave Flash Object]
+ Q& T$ L+ F. |' y# y# e4 A6 m - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>4 K6 H; z9 ?- D* D" D
- [KUpdateObj2 Class], N9 }1 Q" U# k4 A0 h. Z
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>1 \+ H8 X: N5 V
- [kingsoft browser shield]
5 K' @& N* _' _" i) @5 M2 V. M8 Z - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>, I% ^" l7 R5 I" f" G7 K/ J
- [PasswordEditCtrl Class]
$ n* B) x0 V4 w7 L. ~; k - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
& |) h& y9 V+ z+ L1 G( Y# k - [QvodCtrl Class]
) d- {$ q# B- g, d - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
7 C7 }3 X/ W* c! p5 u9 y - [&使用超级旋风下载]
, L. M: j9 E9 q1 B8 U - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>4 g! M7 P; Y! x2 m# M
- [&使用超级旋风下载全部链接]
# [- t: v2 N. H8 e, q4 a6 @& H - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>, e4 T1 p: D# d S' C
- [使用迅雷下载]
3 l' w" }/ Q. o2 ?2 ?: m - <, N/A>- L! A$ f+ ^1 X8 b" E7 v
- [使用迅雷下载全部链接]
: n; Q* }( B! |4 Z3 ? - <, N/A>0 R7 |7 p0 r4 P4 X
- [导出到 Microsoft Office Excel(&X)]
J! Y& F( p7 X - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>9 I' ]3 z, B% g
- [添加到QQ表情]
, u. F" k8 O; }# ]/ R! Z - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
+ s, o4 E* a; l7 y* h - ==================================
/ @) P* y8 z+ ^& ^ - 正在运行的进程8 \& O* n# @- K8 m
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- j& F' ~3 P) U: Y/ ^. L - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: z8 X) m O/ ?. B3 i
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 T# ?+ Y0 r0 V' A, A- V% J - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]9 v) n r* ~6 k8 z( |6 E0 K
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
a) a0 K6 g! w0 t - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' c3 }2 t* n; F" B( o" l - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% m8 Q5 r0 ]8 z6 ~1 c, @2 _+ o
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. A7 T$ g2 f4 M0 x - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# k/ R) ^2 h/ W/ B, N' I1 L9 I
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' c6 J+ K6 _4 n - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) i ?( F' p# r2 D7 A* W4 ^, R9 |
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
9 Y0 l( d! Z3 C; E/ R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" F2 ]$ y- u# C% m+ u" `" B$ b9 D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; Q, z' H% K& j& t
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]# b: I3 `2 I% s4 [* ~- \
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
- U; R9 q5 G9 X4 E - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
9 p- ~9 w- G' L" S8 h - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]+ i* [6 @: c1 Q$ C ?" T
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]8 F4 U; P3 P% d+ Y# m( Q
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
+ z+ O( n0 b/ J, e# I# i6 G* W - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
, J! R) ]4 k: O% Q) z, g7 K - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. j/ C+ ?* g4 g+ L% M, \( Z/ _
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]+ W1 J6 o' P4 i j' S) k0 i/ _( q
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
b9 g& z/ c/ _9 G3 S2 i/ }, f - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
" P# X8 M% o* Z% O- @# v3 f - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]- U6 G! n" u) Q+ ?
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]9 D& F4 }& ]$ g. N' o2 `( n8 ]
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]/ }* b0 j4 s, V) e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* ^6 t) h6 H% s0 x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* ]9 t1 x0 V7 X- O - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 G9 |3 J# G8 V- Q. i- { - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 T0 Y. M" _& N+ Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* |7 E$ D5 d& a- `5 O) D9 S$ Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ A4 c l' r8 |" I) d% C( k x W, x
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]3 }' l" J, C1 u7 Q4 `/ a/ _- L
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]$ {' c" N7 `, Z z6 V+ k
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
/ J$ e: l2 {7 o- a; Y# |1 \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ w2 _9 |2 W% K+ s- S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; R2 e9 B9 _) G
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
) |& Y$ y$ c0 b/ t - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]5 y- e2 D G/ N0 A
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001] Q: j9 y5 W# `5 \/ Y4 w% D' A
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; i8 G; I' U3 @) i* B9 U
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; u l- W' B! t2 a0 V
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
. Y* P( Y' B4 T* g+ I6 C - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: f' W" E9 q" ? q! @( F7 Z: v - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" }+ j$ H+ @, B6 y' O) p% \ - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]/ Y! x' V8 d" l* j) ]* G
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
" ?4 V* k6 x. C A F: \$ A; R& v - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
3 D/ Q# e4 V" N2 a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 u1 z* l) r1 ?( R1 {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; t2 I) _, X: Z - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690] l& U% b6 c6 Z3 S
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]' ^! u7 V/ u( X7 t/ y- x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
8 P& v3 l5 F0 P0 H4 \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]: N2 X+ P0 V3 C* e, U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
/ j& l: w- d: t7 t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]5 D; L' g8 F+ H7 c2 ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
9 j+ e6 q* G5 d - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]& U2 A3 [& _5 r3 ^; _& X
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
( G* ^' l! o, u/ S, B - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
$ _2 X8 _* G. v9 C% `: d+ W - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]' j( z1 H+ c$ U3 I+ j
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]* W+ u/ W; A6 _- q8 u. l
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
6 E Z1 O0 V; l9 f - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]' |1 X* m8 l, J# T# g4 H
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
* [8 O4 ~* B c* a& ^8 p6 i0 K4 w) R - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]+ m, f2 b0 b+ G! e# F u d
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
s. ^- ^/ r) M7 v7 B1 R - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 t5 P0 c1 W' C" E1 Z3 W
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]0 p7 v' c' e$ y" h
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]1 A- s7 v6 _' ]: _$ a, W2 ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
! q# O ]+ @, o6 {" k6 K2 S$ f6 Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ C9 D; M2 B3 a0 [. t% C+ L
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
+ A' y4 I/ ?7 g3 h/ t' M - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]4 X4 s T9 k) h2 n- [: Q3 k
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 \$ s+ N9 U4 k( t+ n$ \ `5 \/ J5 p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]7 M( w0 h7 O; B. T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! e G1 l; I$ N. }/ D( b
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0] n w' K2 S! U9 N
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
' ^ a1 F# u* Z' `& _ - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
; Q9 h5 P; R+ K) e& B6 A( y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
/ {# V! g: ?( U3 O/ R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ o& o6 y$ f2 K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* I8 K7 |8 t' y, P- \$ C - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0] s* z9 N& q6 t# p
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
. H8 g4 l/ u6 s/ F( u3 n! u - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* I6 A! x/ h% f+ U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; [+ r. v+ I( i; z+ y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) L6 B* G( w. D: U/ @ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* Z. }7 o5 I) |" K2 n5 x% e0 s - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]: ^9 N+ X9 m7 d4 q0 O' m
- ==================================5 u8 W. ^( z1 }
- 文件关联
2 {1 ~3 |9 O8 I5 w; o4 a* Y - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]' ]. S3 s; I; h
- .EXE OK. ["%1" %*]6 l' T- v9 K, P, z+ W
- .COM OK. ["%1" %*]
y9 D$ w8 ~+ s1 a- C4 N - .PIF OK. ["%1" %*]# o$ p+ l2 u# e7 O
- .REG OK. [regedit.exe "%1"]
0 ^. [& H5 I# D7 ]/ A8 x - .BAT OK. ["%1" %*]
1 k8 T+ U2 s& [! s% q' H+ s - .SCR OK. ["%1" /S]) h/ K- `$ y4 [+ M
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]" {! c# _0 Q X7 C4 Y, [
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]6 S! }# j9 y7 Y9 ?6 c+ t) x
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]$ ?+ A6 f4 d+ d' Y* M
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
; k2 e/ o. f T1 N - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
7 m3 Q- P/ r0 w; k9 u - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
3 {% c$ x2 z& n, |. N* R - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
4 Q; g/ {5 Z! u4 p, u - ==================================
8 c t2 {6 m& z! q - Winsock 提供者
8 E& ~* d( X4 w( [( Z - N/A+ ~/ i0 \4 U% [8 Q
- ==================================4 S/ u/ p' _' u/ h3 K5 u% \
- Autorun.inf
+ [% M& \, X. r2 z( x - N/A
5 M; E! L! v9 }# i- R+ K0 j c - ==================================
- O4 F: d2 O3 ^; C; N' c - HOSTS 文件6 d6 |0 h+ P; w8 a) J: W
- N/A
( y$ g( z, L# x4 ?+ g" J - ==================================
* s# V8 z+ o' S2 A+ e2 | - 进程特权扫描& B) E9 J* p( M
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
' l0 D/ A# K# l/ [' V& R3 s - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
$ X$ V; G' \, \9 y - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]3 ^: t4 S- D) ^) ^( ]. H
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]0 m( W' p" S2 o9 Z1 O1 R' Q/ V
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
2 `) x# o' v# @3 _( D( K - ==================================" S5 y! X# }3 F, A7 z
- API HOOK, l$ ^- u" x- W) T6 Y
- N/A/ `2 r( @% _. \6 u- y
- ==================================: ` O0 u; R% ~
- 隐藏进程
6 T4 _# `6 y* J( Q5 S - N/A
& ?- \- Z5 C! R0 o3 L - ==================================
0 ]* e' G% W2 a2 v1 p; ]$ D
6 \8 o* Z1 g1 }* }) e
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
