|
|
0 g/ F A4 Z3 Q! H- 2008-05-22,20:37:43
8 d. x+ V4 [9 i. j- N7 S - System Repair Engineer 2.5.16.900
. Z! M* b) g4 o4 H. S+ J - Smallfrogs (http://www.KZTechs.com)
% ^% c! b- I- v8 U" f/ x Q& Q - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
* ~$ y" o0 O Y - 以下内容被选中:8 ~8 f3 ~) T8 }5 Z
- 所有的启动项目(包括注册表、启动文件夹、服务等)
; L9 X: A2 x0 W, ]! R9 T- e3 W - 浏览器加载项
; J% h0 @$ p- B9 d" c3 U- L( ?" U - 正在运行的进程(包括进程模块信息)
# z& U' n" S+ o" ] - 文件关联
4 u& ?+ H4 M8 A/ w& k - Winsock 提供者: \4 Z @' G" v
- Autorun.inf
7 i; z7 W% E! L+ j# U P+ a) W0 W - HOSTS 文件
% q' x- l N' a. g0 _ - 进程特权扫描
# {4 { P: I0 J$ R# I7 o
x/ e( ~0 t/ Z/ ^" `4 ]- 启动项目
, m# R6 s9 s2 o5 F) Q - 注册表
7 u+ ~9 @; V) P" c; ~: I' s4 x( |( j - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
4 [ N/ r; e$ @6 y4 ] - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
4 w. ^! H9 a9 n6 ?$ J& e; r7 @) i - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]6 E2 e& V1 N: @
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
# i1 p8 A; z+ p) V. g" X6 W9 J - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]: U) e) z" V$ f) |$ P. |) I
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
1 O- d' c! ~3 ?0 C% E: c4 f/ a - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]4 V% O( ^, J! L5 w
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]) {$ @. F% u8 V8 ?: R
- <PHIME2002A><; > [N/A]. a. K* i. k' I& q1 O
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]1 u( N& d8 `0 C4 {8 I" o
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
+ f: x4 G# `: s- b* i! y1 G$ W/ X. g6 T - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
- a2 R- M8 s/ {3 K R" V/ F - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
+ G( l7 c5 Q7 m% L% ?6 l - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
% _+ z/ P) J0 A1 v1 | - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]% ?0 r5 Z0 ^) c# l
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]( \ U: y# Y9 n7 F
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
1 A# c$ ?7 Y% \* L0 @4 j2 c - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
+ {. @3 k! h5 W! V1 [* J7 p - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]! [+ A1 a. p/ w! y
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]9 o D+ R' B. S" ^$ {# H* b: Y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
5 w5 @7 {; M4 H$ |- z8 a - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]. _- \' ]( A) K( k
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
2 A6 P8 f) R! Y5 f - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
9 n1 d+ }0 [: \# R0 f - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
( W+ u! |; x5 j/ _% X - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
% X3 t8 M: M5 X' e9 k - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]8 x2 m! C5 k' u( a- v% N9 X
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]3 R1 L( q, s0 U1 N2 Z% g; x
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]$ n- h5 G0 t0 }
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]( ]( L, K; J: Z: e% ~( n
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]+ {" `9 \& w! K0 W
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
% B% j7 C7 H; n( ]( `' | - ==================================- n$ D! R9 Y% J% ^, k: v
- 启动文件夹
9 @* E9 P% z1 ` - N/A
( R& v* v4 y5 v& b - ==================================
7 W; _- t3 n- v! ]' Q r, ^ - 服务
7 [! Z/ `3 w0 D" p3 Q! c" i6 L, @9 G - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]3 d' U" [9 M4 f7 }7 S% J, c/ M
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
2 g# E) q" o% `' |' O - [Google Updater Service / gusvc][Stopped/Manual Start]
: m& H3 P8 Z( Y3 M - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>% f7 ]. m7 J' s( J1 T" `8 {+ t- ~
- [Help and Support / helpsvc][Stopped/Disabled]& M# C# `2 ^; D q" k- W, @3 [
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>: h* Y7 Z9 H4 ]" {7 t$ A
- [Human Interface Device Access / HidServ][Stopped/Boot Start]- d3 U" C, S7 E) @+ o( n
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
7 Y6 Q8 B0 O& t. M- Y+ b - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
" n1 ?, q: O$ O6 V" u, B+ m - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>9 R% O! ^8 L- A: M
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
w: U9 W* J9 i( L8 T8 z - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
8 x" h1 R5 l4 H& ~0 u3 y - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
- C c: W5 A! F; W3 I* l3 G. N8 @ - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
, u" c1 @, \( O: `8 H: N5 ]- s - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]- S9 E( S, }, M8 E+ f
- <><N/A>% _3 W# |2 T/ E& k) t
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]1 e, X/ E3 P+ f9 x @
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>, R9 S1 g5 e6 ~* @
- ==================================- ^' X9 [8 @) |( @1 b) x4 |
- 驱动程序, |+ p; l' n6 S" p3 g% B! G
- [22j / 22jn][Stopped/Boot Start]6 b6 k% _- d, z* v* e0 K! `
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>" [3 i* z/ o3 A( F/ ?
- [360AntiArp / 360AntiArp][Running/System Start]! E) }6 n. C6 Y' P( t+ W
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>, f( V$ ?4 o/ h0 G' W/ H" Q
- [43ec / 43ecu][Stopped/Boot Start]4 D* y% F; q0 @; I$ a
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
; D. H% M; h0 y: ?0 g, u/ z, G - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
4 W( A# x: E" C7 S - <system32\drivers\ac97intc.sys><Intel Corporation>" p5 Y. l0 J4 U1 n. u6 p6 _* I
- [Promise driver accelerator / bb-run][Running/Boot Start]
+ o% T. p! p# }5 z - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>; W- M. u) L5 a) \5 ?
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
/ j( A; M) F. P3 z3 ?5 ~) U: i - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
$ c& c) j5 A1 V' I - [KAVBase / KAVBase][Running/Auto Start]0 V( N% Z) b2 `' h6 f5 ?, Q' {
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>" Z9 O7 X+ z0 M; g
- [KAVBootC / KAVBootC][Running/Boot Start]
+ u4 b7 n' S- @& m$ k- U$ N: d& q - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
+ }: N. l& N1 z" K% K' W" I3 x - [KAVSafe / KAVSafe][Running/Auto Start]
/ x0 Q0 y$ q3 ]- F* O - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
3 e# T4 P E! \1 q7 R - [KNetWch / KNetWch][Running/System Start]
9 b+ o9 T! ]3 G: J1 j, w+ u% T( u0 y - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>+ m; ]6 Y5 x/ y; ]
- [KWatch3 / KWatch3][Running/Auto Start]2 b, P# N$ I4 M( d; N/ M
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
: E0 @# Z$ g/ t7 a) l2 _ - [ntptdb / ntptdb][Stopped/Auto Start]( Q& M9 H. ?+ W" V" q w+ M! K
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
; u3 \2 u/ C! y2 @+ e4 j, c - [nv / nv][Running/Manual Start]
^7 r: J f" ^( u - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
/ ~0 T% r' W$ P* i- R - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
" r5 T8 r/ E) P% r: G: a: ? - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>4 `# z1 F# s2 q" E
- [DDK PACKET Protocol / Packet][Running/Manual Start]
- x( ^4 U7 z4 ^3 J0 V - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
+ F# k" N I9 ~/ K - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]1 u7 d! \: a0 F( u, o2 z
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
& W+ u$ J0 |2 j: {& N7 D - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
9 `2 K) n3 n X: ^+ X - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
5 \. B m) z a( U* ^ I4 C5 S - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]7 F# d4 ^, d% P x S. H
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A> d! \( c* d! h+ _( D
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]) M( s. Q2 g8 |
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
/ M2 y, R5 ]# X3 H+ r - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
8 o9 f. ~& e& [& o - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
# u" ~5 n2 H: G' g3 V% ? - [Secdrv / Secdrv][Stopped/Manual Start]
+ M$ Q+ K: ^6 {, }8 Y; m9 x, K - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>1 j+ X# @; O1 ]- q- f
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
! r. G& C* E+ u5 X - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
& S0 \; p+ U, [+ Z) G8 W6 u) G - [System Restore Filter Driver / sr][Stopped/Disabled]
; x/ W3 J4 A: n$ u: f" X - <system32\DRIVERS\sr.sys><N/A>
# { W$ g9 j r% D - [TesSafe / TesSafe][Stopped/Manual Start]
7 x8 b/ A% ~# d2 l! W - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
9 W) g K6 r+ C! D1 _5 J - [System Services / unzxzsrs][Stopped/Boot Start]
. X, P3 u; g* C; I/ v% D5 p7 ^' a* e - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>, G6 S. X+ z n
- [ViBus / ViBus][Stopped/Boot Start]) Y% I L& E& W2 p
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
3 G- R/ t# |& [, U - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]& m" {/ v% e) i# D8 U
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>6 Y# z x! `* \2 F
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
4 j$ c. o4 ]) V; b5 S* @1 a3 H - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
* ~6 L ]/ F n( S0 E l b - [ATI Extend / zhibmaso][Stopped/Boot Start]
7 a0 s5 t/ j1 x5 D0 `9 y - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>8 i# E" ?& m* }# y+ p! y& E
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
6 O1 _" l' _+ M% N- i - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>! |3 ^) {3 ]3 u( A( a6 a
- ==================================
6 N L& @- b. c' C1 p! a/ B - 浏览器加载项! }0 C; T( C. l6 f; |, K
- [Google Toolbar Helper]
+ \* I* Y" m, z4 N - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
, k9 ?1 P9 R: j) D5 h2 W - [Google Toolbar Notifier BHO]6 L$ R7 x5 t/ Y+ L! K$ v z
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
* I" V2 A2 B" J* u) r l - [SafeMon Class]
u6 J6 l, Z7 q+ B6 x2 s( D$ Z - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
/ X( S* M' M9 Q - [kingsoft browser shield]
: c2 F; b1 F, H+ ^ - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
+ u, X F7 p+ S+ x - [IEBuddyExtControl Class]
5 t" U: N, Z; u: ?. l5 L - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
, P8 Y* ]2 F- E9 a7 i h1 h" W- r0 G - [Zcom 杂志]
7 [+ P0 ^6 B9 ~0 P t+ m - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>! s( F& F/ v: J5 q1 N* V, d
- [&Google]
' L& a: Y8 l8 K, B' C - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
5 t ?7 N% {0 m* `& w W - [KooPlayer Control]
& ^4 F/ T$ k8 U5 F/ q& ~ d - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
3 k* v4 r3 r1 o w M; H. E - [Shockwave Flash Object]
2 P" A4 ^+ G) W7 P3 F - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>! B3 U( v% l$ h* N" M6 b& o
- [KUpdateObj2 Class]
+ M+ e1 T) g( k, L/ i - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>6 v7 `4 q, Q- [- ?( \
- [Google Script Object]
0 Q$ Z- l4 W7 p) J: k; |) [ - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>. Q" l, V" Q7 c% ~
- [EWA Control]
P( J' A% C) d9 u5 U; E - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast> X6 i6 ~; D$ ^, d& a
- [Windows Media Player]1 }6 E8 M* Y" ~( p" X/ Y2 x
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
: N# m0 J2 i( v* t, G% d2 j- i/ J - [&Google]
3 `' B: o/ e3 i! K - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>: m) ], _5 |7 v8 y; X" X% F# o0 L3 Q1 `
- [HTML Document]
: Y% @, H3 V0 T0 N( G' M - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
E/ [* I2 {. u - [DHTML Edit Control Safe for Scripting for IE5]
* S8 ^) d& n! N( }* ] - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>0 Y( g) ?. {% J" I( G
- [RealPlayer RAM Download Handler]( I0 d" J; H/ ~* v8 B
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>* J, Y8 ?/ G, L% u9 R$ Y
- [IEBuddyExtControl Class]
8 n( K3 N. e9 `: m) L# n4 ? - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>8 a! M. ]$ q1 V! w8 ~
- [XML Document]& ?$ y3 @5 l/ ?2 g) ]$ t$ h
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>+ W* r! R. m2 y! q
- [HHCtrl Object]
6 r! W9 i5 } x0 K - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
8 ^# c1 M; f+ o& {) Q& N$ q - [Windows Media Player]
1 l' k) d% `( w# b9 b - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>1 c3 s- A$ ?% u7 ^! M% D c
- [Active Desktop Mover]' k& P# L1 P% y+ X
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
' ]2 p4 j3 y# V. ~; `" B - [360SafeLive]. T5 w& D i3 z7 j( R1 k5 p8 S
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
# O% @' G$ C. N: u - [Microsoft Web 浏览器]
) Q( _6 |: k" C$ J8 [( h - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>$ H# M& a( ~% w
- [Browser Enhanced Objects]6 Y$ C7 E2 Z7 ?7 r, h. j2 I
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>( t$ g- P' E; I( U' {
- [Google Toolbar Helper]4 ~8 F/ A3 D! M7 C6 ~
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>. ]9 s {4 f/ U, I6 u7 e
- [Microsoft Scriptlet Component]
; R$ f7 h+ \+ f) I' B4 O - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
) g9 h2 X& S* I" h. p3 D - [Google Toolbar Notifier BHO]
6 e0 E, n: T' `* r3 g1 {7 u - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>7 j# o( ?; Z+ O! i' W( }
- [SearchAssistantOC]
0 i1 [3 b5 e5 M. f2 U5 M - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
$ ^5 E" i" J1 U" g" N' z - [SafeMon Class]
+ k1 W" s' k1 W& X! o8 d0 \. Z - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>% ]" w" I0 U( E0 P; P1 X
- [RDS.DataSpace]
2 J' U/ r2 w0 R2 s) W) s8 [) p - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
+ {) [ f% P- e8 `' ]# {2 B - [KooPlayer Control]
" Z) H' j" b+ [) \0 l- s - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
. Q1 {7 }! {: r5 ] - [AUDIO__MID Moniker Class]! e( Z+ A/ r/ p( w l3 x
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
$ o+ r) v$ Z. i2 }% ^ - [AUDIO__MP3 Moniker Class]
; \1 ~. k! Z+ @& k" m' ] - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>+ y* O/ u! z, K- |9 P! c% ~) {: c( n, ?% X
- [AUDIO__X_MS_WMA Moniker Class]- M8 f& E y s5 \3 k
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
% d7 x! `, b# _1 @ - [VIDEO__X_MS_WMV Moniker Class]
* f! b: q. s ?, F - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>" u( n( x6 w5 U9 ?1 v4 P
- [RealPlayer G2 Control]: V0 `& Q' B0 `% `9 y x+ w
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.> \" G; ]7 {( Y* x- j+ G
- [Shockwave Flash Object]
( j. x3 D7 x$ f - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
; p1 w, |0 a/ _4 c& j9 u - [KUpdateObj2 Class], N7 @- U) n: x' X
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
1 j5 i" I7 W; x, [/ v - [kingsoft browser shield]
/ ?2 l- |& D$ _9 s/ x h6 h - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
6 G" C) R+ k/ a+ R - [PasswordEditCtrl Class]
( I9 a$ ]; L$ z - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
3 l6 y1 L+ Y9 H9 M r5 k - [QvodCtrl Class]9 L1 q) i) K; o! v
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
; A4 T. i; A: j+ |* ? - [&使用超级旋风下载]8 ~0 s% ~7 b( b1 a0 M
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>& _) }) C9 g1 d% v+ O$ \
- [&使用超级旋风下载全部链接]
- ^- H% n) K q% \ - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
7 O* z4 k" |! P- s7 z# X - [使用迅雷下载]
1 m0 O( l& E7 v# }2 w* D' ? - <, N/A>
8 [" u* J' S* c" B - [使用迅雷下载全部链接]
: M/ N- ]$ X& O9 o y4 q! K - <, N/A>; u6 U! F9 _* v n* B
- [导出到 Microsoft Office Excel(&X)]
1 k' L8 P+ Y1 `% N/ P# b, E0 a - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
: T8 H/ P( k* _6 k1 ?( f- Y% b - [添加到QQ表情]2 L0 G5 f, H6 n2 M% X6 T1 \
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
0 g+ e( t8 i1 L) z P5 h8 D7 n - ==================================
: t- `6 f m7 X; g" [8 X/ E! I - 正在运行的进程
% M9 n% L2 U+ H/ F, I - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- G2 C$ w6 l6 ^6 F6 Z9 z; ], j
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], S6 q. P$ r2 Y
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ L; [8 R, r- F) m# Q9 Q$ M
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]) D4 t0 M* p+ H5 _9 V
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' [8 t) M6 B, g# O - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 r9 d" A( w- C; {* o5 g p! Z - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]5 k. K" ~. |0 }9 y8 b
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) H- S3 U! W* F" k/ V4 C - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 u/ F( y7 N8 l& o- n# a J - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) }' T7 k; y7 F' k' n
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) v, f3 [2 ?2 c
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]5 e" h# B, H) ~* \
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ `- q" b1 Q; B7 F6 o8 X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ p2 h% L% T0 ]$ ]0 U - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
' s T1 E3 A( m5 N" ^ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) g+ G) z) M' `2 p; y& o. G" B# H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
( X M1 c1 ~( z2 o' u - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]9 Y, W( @' {3 g1 z
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]6 Q6 x* S. c( b3 i; T2 s& x
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
/ L$ c3 l- y' [! g - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]0 o% s5 T9 T, i m2 U- q5 J
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. q6 _& ~# N8 i E% K& v1 l) T - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
/ @8 s. W* f0 e7 g - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
1 H @7 |7 i2 P; J/ u' p" n9 Q& C7 D - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
* O; Z- Y$ |4 Y$ w4 J. P - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
& ?: I7 m" ^2 t b$ T9 H - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]( L, K- h6 D* n/ D
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 d- E/ L, f) Q- k7 @, ?5 \
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]6 Z7 S( |( X0 l4 j* Z1 r4 E0 ~% c3 b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% {* s* S* X! p6 U0 a7 R - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. J* g8 O# g/ q7 h8 F; j) B
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 Y% l$ D- G6 o! L9 X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 F1 f7 ]1 G$ {( G+ G% M }+ _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
" j/ s8 _2 W4 {' i! H5 a( f X3 F - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ w8 f6 ]& Z# K
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]: G7 R4 `% a' [
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]% @8 z, ^% {, t6 T3 g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]- |0 S) J- s/ ~6 C2 a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 {5 j- V4 I. _1 B) ^* t - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]1 S# e: _# N1 G3 Q4 _/ S
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
0 t4 E" P) V5 G( F, e4 Z' p' L- c" B - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
" n& r1 y0 Y1 G! g9 Z: l - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# G7 {0 t# ]$ z% Z
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' [/ F8 X. A3 e - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]5 C( B: N8 V. q& u# F
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# y2 z& f' L# y: @ V0 j$ K - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# Q6 s; ~1 G* d: Y+ {
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]% d! v( f4 [0 S9 J6 v/ d
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]5 c3 u. o9 x }$ x$ |
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]$ W% h3 L7 J5 C& ]0 W; v/ G" M' K C% ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, o1 Y1 ^7 ~- M( ~, ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; C0 a) p2 ]7 F. S. ^9 B& ~ - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
; \1 }2 w3 N; @' I1 o6 c - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]* z7 K! Y+ w: ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]/ ]8 k1 L1 _! S" H' Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
; B" W1 q% a. } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
# C5 u& X6 O4 b6 b; ~+ a9 u0 } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2] `0 R2 t8 J; J& v. [( U& s1 B
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]3 o9 ~8 l9 N9 x9 r {
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]- X6 G4 x; P% E( Q
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]% N6 O0 r/ \& ^
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]" B1 i; p$ C& g" q2 i: Z1 D3 \' c
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
4 }, _# L, Z. p! K0 q - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
/ P( {" x: y; G! i3 u - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]. Y" E+ x* l" u {
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
$ i, P( O) x: A6 V( ?* ` - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]- P# f* p3 L0 X) }5 y% T+ m- b O5 S
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]9 N8 \) G: j- |8 I' _- ?5 \5 t
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]' w2 J2 K" y+ ~. G
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. Y, \( T# Z7 u) S' t - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]7 ~& Y- ~/ z7 u, y1 u
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. ]9 o4 ?. i9 f8 F8 }, ?1 ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( i& a7 Q" D" B" } e9 G* }; s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]) K! `. G) ^ I2 ?9 Q3 h A. ]' |% y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ x) O% |5 y9 p. @. i/ V) v
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]. ?& q: o# p- Q9 c; H+ d/ g
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]1 _- _7 y( t5 T j7 [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
' x: n- ?/ I$ v8 w - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. M- D4 T8 ?" F6 t$ W$ t! _ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]! X% O+ [3 }: F, f; Y
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
) P( e& D0 ]) |, |7 D - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]9 V, p; b1 G3 I! p
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 {; P9 M5 q, W& f1 p" Z! _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
& O7 [2 u( T h- h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ [" H' Y' C- [! V - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ N/ M- ^7 M4 J6 Z, \5 L
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]+ m# W' o6 }% W a6 M+ P( j- |
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
& d; b5 W- \7 i. D2 E+ n" l+ M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; T# M* I. o) C8 t6 s7 X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]' A) z; X) }) D4 f0 B
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 L% O: z; O* ]5 Z$ `/ P
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
$ a# o' L- M6 W* y0 Z9 ^% C* o - ==================================
( D. U2 W0 x7 i' t$ r5 H% T& [ - 文件关联% |2 ~# T# G6 P" i+ H' s
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
; B3 g, ]6 C$ { h - .EXE OK. ["%1" %*] s+ F: d5 v$ _* |5 F, c8 x* V
- .COM OK. ["%1" %*]
* U, P9 }# o1 s2 @* R - .PIF OK. ["%1" %*]: i: b; Z8 c# m+ C- ^4 y, w0 W
- .REG OK. [regedit.exe "%1"]; i5 B! X7 L6 O* F4 m
- .BAT OK. ["%1" %*]
" k( Z6 d( }4 V) j* D- R - .SCR OK. ["%1" /S]8 n9 w1 n; d- Q, o) {* l
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
6 W0 U5 g+ g- H$ C- M+ R - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]0 i5 _ p) k; l1 U
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]* w/ @: W5 P# C1 _! Y
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]. l# V' T: ?; F
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]* x O$ i7 A" T. w4 \* U2 v Y
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]. j9 Z3 T1 c7 l+ _$ h
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]2 `# V/ }# k$ v
- ==================================
7 ]3 I" {. j9 [3 i/ ~4 ~ - Winsock 提供者
0 w0 h! H& i) c - N/A' U* |0 r/ o9 a/ I8 k! U5 d
- ==================================
# T: d: r n1 y- Y9 L( b - Autorun.inf# U( _; o) j. Z- V( y
- N/A5 V5 f2 J" k. O3 C% U1 F' q
- ==================================
' D) e# ~$ o0 }, G - HOSTS 文件
0 q* ]8 z% {, E. R: U; Y* [ - N/A
% U. X% ~: E, M# b1 v6 r - ==================================
% ^% d" @* ?% Y% e - 进程特权扫描5 b( `9 g j& E& g+ Q- l% U+ W
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
, O7 V8 K) ?6 U2 ?0 P. V& B - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]! z" U! h$ B7 M; k+ J: o. i6 u
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]8 d; y2 Y9 e$ S9 d6 }) }
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE] C- C$ ]2 }/ C" r7 X3 w/ `
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]; u( U6 z3 Q. V% G; |% A+ n
- ==================================. M( V% X$ h2 x* [1 r9 K$ y4 k/ v, o
- API HOOK0 P" N0 a" b+ i- v; T% t& T
- N/A
$ b. ~$ u9 [9 u- L- ` - ==================================! z' L h/ v K3 |, {, D) F4 c" B
- 隐藏进程& z& M5 _8 Q2 E' G* q0 |7 u, y
- N/A
6 B- X3 g/ T2 i5 x6 J8 ]6 H" j1 T - ==================================# l/ E# n5 `3 ?$ d. \& ~' g* }7 W2 W9 X
2 L! N# o6 B- k2 J8 [
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
