|
|
5 @. ~6 D* K3 @2 G- 2008-05-22,20:37:437 R& H1 U* {9 T/ X3 ~
- System Repair Engineer 2.5.16.9006 f% H" B& |' d6 e/ ^3 i% `& f
- Smallfrogs (http://www.KZTechs.com) ~. K$ K8 b: r0 n" i
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能: [. Y, H1 h8 s# F8 u
- 以下内容被选中:" Z q6 W% e3 n$ }
- 所有的启动项目(包括注册表、启动文件夹、服务等)1 N: [- H5 ~% |/ ?# ]
- 浏览器加载项
; Q* P; ]( Q0 s" \) ?" w5 X( ~ - 正在运行的进程(包括进程模块信息)& ^* R- t! H- H! m( l- D' i X0 P
- 文件关联. r/ L/ d3 J( ?* _' b; c
- Winsock 提供者* B/ k6 H8 F7 u
- Autorun.inf
+ ?4 d9 u* O6 _! `% M q& n/ } - HOSTS 文件+ `5 {* E3 }% K1 T% e
- 进程特权扫描2 @" n1 U: z5 G+ y" c
- # g, G+ t O- V6 A$ {, {' I* `
- 启动项目) N+ d+ ~' S% e! |' y$ ?% O
- 注册表
" R' K# }2 T, |* L - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]: q" ]3 {$ \. m% B
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]# M# i# _0 i+ q( f/ ^5 \4 Y
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
: k3 B8 J1 m% V, [3 x3 l3 K( R - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]2 a; j4 ^5 J5 v& E/ a" ^
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]; ?1 F5 ]- U7 l6 X5 I# N
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
7 x# Y B H/ X+ b6 p2 C0 t, D/ P - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]4 W/ O$ h: \$ L& u
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
( R" p6 t8 O8 n2 K$ M; s - <PHIME2002A><; > [N/A]3 I5 f- @ E7 l9 E) c; L
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
. g: {5 V5 J! o+ C3 o* f% [2 ?- N6 g } - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
% h+ S+ V+ j( t - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]% B" B6 m. z) G2 {$ H: |
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
6 ?+ g# ?8 R9 R/ |; d; g1 n - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher] l6 V6 K6 G3 I3 l2 a
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]1 h1 k0 }* }& P" A, E- V
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]& A% |- b8 C7 b8 I. Z+ k2 m
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
' N3 v1 ]0 _* z" Y7 F1 _0 K - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
( u: v- n- r% @5 p5 t - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
. f' c1 j8 b- R: Q - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
1 d# T) j( H$ C, M+ G - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
0 R1 k$ h. d% N0 ` - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
' l2 m& D+ j5 d( _8 H& N - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]" B! N; h; C; k, B
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]) C3 F5 l* o# F/ G7 K; y/ H
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]: d& [6 v8 p7 C( [$ C$ |5 f
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
, r9 M) ^) s1 Q0 s - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]9 R1 d9 a) F6 L. b) L6 Y
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]& Y- e8 V: [, t1 ]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]8 k: _5 E0 L$ [: ^9 W6 O4 Z
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]( ? O x. G8 e8 Q
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
* R* n$ d% D; r, O# [ - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
7 M5 U& g7 |! a/ h5 @" { - ==================================
0 `# u i7 |" Z% O5 i- r) N. ^3 } - 启动文件夹
, f6 `( Z* n: q7 s( ` - N/A
5 t4 U) d$ C8 X - ==================================) y3 E8 S$ b/ S9 m
- 服务. V# k1 r& R2 Z8 N7 _
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
; f- Y! u6 m/ ]" r# a. N - <C:\WINDOWS\System32\3wareSrv.exe><N/A>8 K) }5 p; T2 i3 N
- [Google Updater Service / gusvc][Stopped/Manual Start]
8 B- ]5 C1 ? E% ^% [2 | - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
3 H( _6 d9 Z8 H! d - [Help and Support / helpsvc][Stopped/Disabled] D7 X5 h8 M' g
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>% d8 g2 z7 H+ |# ?
- [Human Interface Device Access / HidServ][Stopped/Boot Start]7 D) u" m D5 H+ o/ R& i3 c
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>/ J1 ~' C; }6 V
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
. P$ i+ g2 g- a+ p% e+ U+ }8 N - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>! S; N& k' ~3 D* l
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]& k& k" K: \- u+ ]
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>4 ]6 z7 P% I0 Q1 b, k& c
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
0 f9 U1 V: c+ N G# P$ o - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>* r/ g8 R( Q5 `. p& i, R- T& k' h! m& u
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
$ S3 b; c9 g" Q5 H - <><N/A>, L9 m, R+ T$ x! L" b/ \# K
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]9 [/ p0 P* j7 Q3 d
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
. t0 \) ~, T* L# U2 \ - ==================================9 [: @8 p3 \. H, B/ D% n* ?8 j
- 驱动程序
9 {/ u) u) ~7 K7 Z% D% } - [22j / 22jn][Stopped/Boot Start]
/ A6 y8 ] d3 T* D& M2 d9 q - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
) u# n; @# l) [) |7 U, ~ - [360AntiArp / 360AntiArp][Running/System Start]+ B! T0 r( ^' {; \: @, Y
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>, S( s& _/ v2 d+ K% v
- [43ec / 43ecu][Stopped/Boot Start]; z& k% @' }" f7 F
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
! u8 f& i* x1 F* f1 r% U - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]1 X& V) w1 |5 ?' h# h. c
- <system32\drivers\ac97intc.sys><Intel Corporation>
' I2 Y+ H: i+ a+ h+ R - [Promise driver accelerator / bb-run][Running/Boot Start]$ j5 p$ d! o1 I5 X- X( K
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>- f& z6 L: @1 ?0 G' K( C# R
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
, ?7 I0 J+ |( V- X6 X6 d. B& J - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
5 M! T5 ~/ d/ Q! {; L - [KAVBase / KAVBase][Running/Auto Start]
% F8 ~4 [9 \7 n$ k, |$ K/ D - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
. A( ~' P' {) ]7 p" k( f) V - [KAVBootC / KAVBootC][Running/Boot Start]
% J7 Z* ]2 L; a0 a/ Y - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
9 M1 w1 ?3 k0 E# L - [KAVSafe / KAVSafe][Running/Auto Start]& S% g: P) a2 Q: {' W* B( b
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
& C7 |3 y% r3 E/ d2 O% s - [KNetWch / KNetWch][Running/System Start]: c6 B R3 s7 b: m
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>8 G) [* h- u3 |3 U8 w
- [KWatch3 / KWatch3][Running/Auto Start]
! G7 u' T3 B' ~4 p* d" h - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
& q) M5 m& D7 r, q - [ntptdb / ntptdb][Stopped/Auto Start]
, L2 H" T& q8 c3 S! e# N. d. i- V3 i - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
% O% h/ r8 U/ n7 Z7 n - [nv / nv][Running/Manual Start]* U7 B( R0 O- z) m1 ?$ }4 R
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
3 {) @* p$ \: W) P$ [: ^$ S - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]! m) E3 i" I2 p
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
6 G- U- G! z' m# F3 b! B - [DDK PACKET Protocol / Packet][Running/Manual Start]% y9 k( w6 m5 F+ p7 ^- C, y- G
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>2 _; h3 h- `( e% K
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]8 N6 x4 K& r2 P- e: t6 Y
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
! }5 {/ G4 R- l - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]* j7 k3 r+ S8 \ k1 C* k
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
3 N( X& M4 N, e. q2 Z* x/ | - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]2 w9 o3 M" F: q _
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>! L+ q( W7 ]; ?( Y" a" e; v& K
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
$ F# i0 L, W: u. {# p, C - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
- W; Q/ R0 O) Y. `: b0 w7 O - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]% h3 w6 M [7 `& q x M' m
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
. _* L W; J; w9 @ - [Secdrv / Secdrv][Stopped/Manual Start]$ w0 y' ^& }! z- ?+ S
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
+ K% n- e+ B. Z6 J1 C- R* C9 c$ H( [ - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
- z! Z X7 W: p - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>8 V9 v5 u1 B+ O+ v- v
- [System Restore Filter Driver / sr][Stopped/Disabled]/ k2 E% q" j. Y! G+ R
- <system32\DRIVERS\sr.sys><N/A>
6 N7 i# F" z- a - [TesSafe / TesSafe][Stopped/Manual Start]& \! Y! c @1 M. i1 V8 V% J2 a
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
3 n4 B% b2 M2 F: n! ]' s - [System Services / unzxzsrs][Stopped/Boot Start]0 t$ E. _, `' f2 Q! E- ^+ W! L3 W
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
8 W) `* \/ T1 d8 q- x - [ViBus / ViBus][Stopped/Boot Start]8 S! v5 x4 f8 s& g+ b( E1 Y
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>& e9 S7 z& i" f
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]: w4 R: {+ T2 h2 F
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
. c- U* Z8 Q) U/ R$ S+ \, n# N$ t) V - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]. ?0 w! u* }1 G; D
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>, d; q7 W, b% e8 ]6 ?9 s2 t# y3 c) j
- [ATI Extend / zhibmaso][Stopped/Boot Start]
) J2 H+ _7 H* J# F - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
3 ^8 [' Z- Z! o% H' M& d - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
' {# l- O% p& o - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
4 D: h w1 y$ V$ Y - ==================================3 k, ?: T o! S* L9 Q2 h# v& V) b
- 浏览器加载项
' d+ `; Q8 u; F# I - [Google Toolbar Helper]. N; S3 \: F# B- g+ S# Y% ~
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>8 V+ i4 J0 c" M( y+ y* e
- [Google Toolbar Notifier BHO]- n' \9 y2 z# Z" r
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>; [2 O% X0 P7 s% N6 y: y& X! s
- [SafeMon Class]
4 K. w2 c) F w( A5 x - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
( v3 P$ `! ~0 p7 G# p( G - [kingsoft browser shield], d0 }- R& a9 j
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>4 B2 v6 t1 p( b/ g1 K) z4 X7 d% G
- [IEBuddyExtControl Class]$ g( ^1 S; x: M& s8 i& r& k, D
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
6 I1 u8 J- f: A; t* Y% b- V - [Zcom 杂志]
! }8 l5 ]3 N8 A* u5 n' A6 Y: g - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
0 H6 d3 w# X7 Y4 ? - [&Google]
+ a/ a- |- z" e3 a! C7 r - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>4 S5 `7 i5 C+ b: u+ u9 ~0 e: W, j
- [KooPlayer Control]
% B! U& e; J$ P- E# \ - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
. H1 g7 H% h3 D1 U# `' Z- R; w - [Shockwave Flash Object]
" \( V0 M E. e$ k# H `' b' V - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
; G* o& @; I' ]; i - [KUpdateObj2 Class]
) z- [2 C: f8 c$ J9 g) j - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>% p N1 Z3 i! Q
- [Google Script Object]7 K- a$ X; ~2 u0 ^1 Y& D, G, p% Z
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
: M+ `) T9 T) o- \8 l% { - [EWA Control]7 u3 s5 y' b1 K- g) R" c
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
! e: ~% g+ |' M - [Windows Media Player]
4 y" \6 X A- ~+ V' ?$ f$ x - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
I$ n# U3 c2 X' F8 ? - [&Google], ^* Q1 _3 \4 M: C3 e( f
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
6 |2 v" i% N" v* |9 b - [HTML Document]( @3 v! o& s) A5 M% ^/ W" a/ P
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
9 e7 @; ]5 Z& m3 L* w% Y9 W8 ~ N6 B& g1 ? - [DHTML Edit Control Safe for Scripting for IE5]
1 c8 h! q# o* i/ C5 f7 A - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
: U. W. D6 d* w- K - [RealPlayer RAM Download Handler]
* D {% W B v0 R5 a" y: c2 ^ - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>& `- U0 T x7 O9 N
- [IEBuddyExtControl Class]
2 S6 h2 Z' I$ v - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
( V2 J( \, q* X7 b/ l - [XML Document]
- J2 _ E( g8 }9 q( e8 O - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
% ?6 r$ X- ]3 t5 E - [HHCtrl Object]8 T7 N9 E9 n( I, ^% U5 u
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>2 i; a/ P; s6 q' _
- [Windows Media Player]! s. g& p, R# M/ w1 C+ g$ K) c$ o
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>( d* A/ ]4 N; i! b& Y" P
- [Active Desktop Mover]
' b" g% A+ s' T - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
( W F7 t( l1 t8 F6 ? - [360SafeLive]
, V% m# k( [' Y% h4 a" @& i. }8 @2 W - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>' X; s6 ^ e6 t5 v
- [Microsoft Web 浏览器]6 D& `8 a& p7 \5 N! B' U
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>7 {0 `! e A5 l& R
- [Browser Enhanced Objects]
, A+ ?. K5 E! v - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
( W- v/ O! l& y9 w( ?- u% @: O/ ^ - [Google Toolbar Helper]
$ `2 R. r8 G" t/ k$ {7 d - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
2 t+ ?. u! s0 m! ]" J5 ?8 C - [Microsoft Scriptlet Component]
) l3 j C8 c3 F+ i - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>8 D; W# X# C' W$ T
- [Google Toolbar Notifier BHO]
2 o5 i* _) S# j! t. t- e - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>0 Q. M$ r, r6 v1 A. y) z$ a9 F
- [SearchAssistantOC]
* i* N: n9 ]3 G5 l2 g - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>. C7 R. M: V" ~) Y) D* J
- [SafeMon Class]
' H; V0 M B5 d1 W& L - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
# ^- w9 N+ w6 [ - [RDS.DataSpace]! _" Z$ y* I, S H! w
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
# }" I3 `$ @% @7 l+ O; J) `6 o - [KooPlayer Control]7 S% ^ C- G2 b8 i1 _0 F- k% W
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
0 J' w8 @' l) S - [AUDIO__MID Moniker Class]
. L( n Y8 P+ u' E% x - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> K4 K% R* r7 R/ ]% W7 r* }4 Y
- [AUDIO__MP3 Moniker Class]
" y" w0 e) U) b! D - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
! h& T6 F5 c; U" B - [AUDIO__X_MS_WMA Moniker Class]
3 C6 ]; ~* r! {& g9 k6 x+ B - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>0 T1 F' a% h( b5 [: M) O% t; {
- [VIDEO__X_MS_WMV Moniker Class]9 x1 `. F7 ^, e# P
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>9 Q% n2 n1 y! A1 S% P# `5 e
- [RealPlayer G2 Control]
3 R1 g, P6 m* {. P- ~8 r - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
$ s0 L* }; K' i) m" N1 V& \0 n - [Shockwave Flash Object]
% K* S9 ^: N7 ?! b3 Z& h8 _4 h& n" \5 \ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>) Q9 b* ~: p2 S6 K
- [KUpdateObj2 Class]
. l! U9 v0 K9 O- M$ F1 D7 @- ? - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>% d `' `9 n! {) T; B% y
- [kingsoft browser shield] e+ G3 h$ ~& }1 o7 f( e
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
. @5 J1 u, @. s% \7 D - [PasswordEditCtrl Class]% o5 F% n6 ~+ {
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
) f K1 j+ T9 O+ U* L' f( W9 h - [QvodCtrl Class]( @- ]% i; d0 ~, g y5 P& k2 h
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>7 y6 @$ D, q, P, x9 z4 ?
- [&使用超级旋风下载]
% Z( h" I" p" {$ @$ f& ?% g$ Y - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
3 f! U% s8 k# {+ f4 R9 n- c) V - [&使用超级旋风下载全部链接]
. v: g& l- F4 d" _+ j - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>' y1 R8 _ D' Z% J& M
- [使用迅雷下载]
+ [5 z s# X, }! [0 I - <, N/A>
5 m( f' r/ C8 Z% }* b( W - [使用迅雷下载全部链接]
8 u$ a( ?& M e - <, N/A>
! M3 J+ `% j% c; V - [导出到 Microsoft Office Excel(&X)]
2 J; Q! ]4 @! Y* I' N1 u# R - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>* H5 ?# H7 A, ^% z2 _3 V! p
- [添加到QQ表情]
1 h/ L9 e7 `# _ [* ^, @* ]2 K - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
6 u0 D5 ^ J2 {5 o0 z; _; e3 f) \' | - ==================================
D- u/ \3 K2 l8 A - 正在运行的进程1 _. x8 i, E& j/ Y* X) Q. M ]( d
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 k2 e: o1 Y8 ]9 N - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], Q C3 P* T1 a6 n# [3 a4 f
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 m) p& w! P+ i {" L
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]- U. C1 u/ }" E
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: F8 m( g2 S4 W/ T- v& Z7 Y! K- P7 M
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& Y4 {! D$ z, ^# U) G3 F - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] s) P+ v) E: `( F
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% [. E6 `$ |& ~# H/ R k- _ - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" o& P# x8 P& u) J+ i; l) _ - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* E% X! I, X" `0 ]; ]
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! `/ x. H# ^ S0 z - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]9 l! F. _, t- k4 q" f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& a- y% s) W5 }7 w( y4 n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( ~. x$ r3 n$ w* s8 F4 R1 t - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]3 M* L& R! s$ P9 J# g1 D
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001] t4 l+ S; Y5 F. L' r" ~) S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
3 a; r6 G: X0 c; P - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]) u2 N. w5 q+ L5 c1 C* V" j" x
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]# |* E2 h4 i# ^0 e G. x) O0 M
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
) f0 h; [# }9 n: g. K# x4 y - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
" f( B8 c; {; @ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
# B5 X O+ y2 h0 c% l - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
8 G) ]$ P3 y3 X: P4 Y( t - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]% R: L: @+ |4 b) ^; W/ @4 U! k
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]7 j0 F! T/ H- }/ n1 y
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]9 D- ~" v5 G# ^* A
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
/ R/ O' i# z: {/ w# T7 V( e( j" v - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001], j) ^1 D7 H4 `( }8 q* J& R2 A% y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
1 Q- m/ a" A; \% M# d" c3 g0 Y8 D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. z, @3 B0 Q: F, t: Z* `' c - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ F! N5 E- R& r) g" v - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* p0 |$ L# O( X# W" ^; \5 e8 s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: h2 A. l( S2 y7 d7 T/ m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 s( p' K4 E, W* q, c+ `$ O
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
& y! g0 v! M& `9 D9 I( K* Y - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654], B* u, Y* C$ R1 i: F. j; o
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]- Z. s7 X% C2 C. B9 D4 O7 p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]6 S) O' u u4 J1 h: W/ v/ s5 A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]. `) }" L( ~# V4 ]* {7 s
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
0 H) [$ ] U! }4 v" D, V. ] - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]. E: M8 l9 {; h2 |4 ^7 g2 C1 |
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 [2 C1 J) T* S5 v
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
# @0 X7 C$ H( J e" C% d - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 N& D6 t3 O9 k( R; M - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]- X: J; ?. ^. ~) w( h4 M
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 H8 B" i1 a; y& O5 Q+ r3 v) d
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( ?7 Y# @3 ]* u4 v6 t- M
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
9 m* B5 \4 C, K - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]+ x/ w" y. @0 y; B0 P# {
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001] k" j; p/ W* u% P7 V) R5 S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
. N) t% }3 C) o% o2 l3 Y3 ^ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( f# f ^/ c7 h/ \* f9 ` - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]; ~) G7 a+ M, K# l) `
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]4 [9 ^4 J8 A1 h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]3 M% M% ?) ^4 ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]8 r) W) ?4 F- E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]; L( Q$ {# |. _' ]
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
0 |8 F* j3 j3 p' a1 _4 s: A6 M6 D - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
# d) i! _+ t4 D3 g, N. s - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
6 @0 W# L% `5 F2 B. n: h - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]" _, o* \( V/ S
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]4 C( ?5 X( {) `* {; g2 Z+ }" z% W. L
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]6 a+ m) P7 ]2 z( p3 ]" n
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
" @* J/ G1 g1 Q& Q6 y3 C - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]! u7 S3 n6 x, n- q, M# t: H, W
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]. \& c/ Q7 P9 p3 t, r9 D% q3 \4 b
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]" h& X, w# T; m( b8 M# ?4 B+ o
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
( {7 K; J+ A" F: j, q+ M - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]+ {# s4 h! H5 a" y0 O* V3 Q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. b% C& Q4 S1 Y4 h* z: E
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]$ l1 i0 C# u, O0 O- W+ p0 S
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
X8 Q5 n! Y& H2 B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ D0 [, u6 o* A% x9 d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 \# x! c8 \, T
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]1 B3 h2 ], U. o$ X0 ~* B; z
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]# _2 e& A H2 [& z
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
" J: |& x, R; m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]8 |' ]8 H: @- c) K& R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ S( P% e1 n7 J' [! N1 ]& V6 I' W; L
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]4 A+ w& |8 l3 J# P/ \3 _
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
1 `( @! K# n/ W s - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]! l: i& k; u' A" j/ R* u/ d
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 M1 J' {' F, Y y* O+ o; p0 ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 T: y( v* s. o- S8 V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% o* | G- }% v- q5 @. D2 [5 \) m% i
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* C# k- |% g& _" f5 }( v - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
3 U2 ~; u5 v: S/ i1 [! p8 Y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 p% v. m. s. Y0 r: e - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
' {& |, g9 o1 A+ f8 {! @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ t# ~ j2 z7 @1 C% v5 j9 F: @
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
+ g- E- g$ V( I- S- g' m; g8 O - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
. o) |, t0 o- y) n+ d3 Z - ==================================
* p J' F+ p5 [' e# r8 ^ - 文件关联/ u- r9 ?! J, P$ D! C
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
{. u O* Z: p2 \) k6 L E( Z6 ]4 F - .EXE OK. ["%1" %*]
/ v$ ^( Z8 F1 r k# f( Q. @: v3 U3 L - .COM OK. ["%1" %*]( P- R9 w& F: B3 _ `6 A2 s, i
- .PIF OK. ["%1" %*]' I; O7 }/ z9 A+ L
- .REG OK. [regedit.exe "%1"]
. o7 c+ |. }! k2 u! Z0 q - .BAT OK. ["%1" %*]
$ }& t8 e& j" k+ w1 `" p. ` - .SCR OK. ["%1" /S]
/ k A- \2 I! l4 J% w1 N - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
3 v- ]+ Z6 I5 Z- F0 i - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
5 _# X, b: n* p4 f- e - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
3 z+ W1 a$ E, g( V& _ - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]2 k- P* [/ T Z* ~6 E- K3 R2 J2 u
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]: b$ c0 P% K+ i; A& S% @6 @' V
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
) g; }# m5 P3 O, [# U/ w a - .LNK OK. [{00021401-0000-0000-C000-000000000046}]" J$ T q0 G! z- Q. @. [
- ==================================/ ^/ E# H: i, S
- Winsock 提供者+ k6 O+ s0 g8 X+ p
- N/A
I- r I) m7 A1 E - ==================================% \- ? g0 z" h, a0 O0 L
- Autorun.inf+ q' M% o/ b* R8 m3 ]: U& \
- N/A7 c4 j3 `- b" l
- ==================================
1 |: `6 ^' [( |0 q) [( h2 w5 B, H - HOSTS 文件; L% W& r* f( R
- N/A+ ^% J* N s7 \* [
- ==================================
4 O; r- x8 i9 S/ x, b2 ] - 进程特权扫描
6 a/ g' u( y- A% L$ ?& l" }+ w - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
+ ?& p0 V4 B) _/ A8 |- F d K ? - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
& u& F5 @2 @* l# B4 ?4 j - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
, z7 I; N& K7 D - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
8 m6 L2 g( X6 ] - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]4 u6 E1 y- O# I
- ==================================7 |9 b' J/ E4 E1 f1 K; U' V
- API HOOK0 ~2 ?) W" D9 b' g) q: S3 a
- N/A H' ?" {$ ^" W, o9 ]& \# i$ D
- ==================================$ p: l u- ^' t' U) H( J
- 隐藏进程3 M+ k v' C2 ]+ @# M
- N/A
2 S% ]$ | ]$ Q+ S9 H - ==================================
( U- A9 Y- }8 M8 f4 Y3 [
- w7 L! S; K: G! E. `. T! F
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
