|
|
- 4 k* N' B0 c G1 I# P0 ~, S# `
- 2008-05-22,20:37:43
' }1 L6 G5 T8 I* A0 E - System Repair Engineer 2.5.16.900" F z7 v$ p% p; z
- Smallfrogs (http://www.KZTechs.com)* ^6 \ L4 H' d
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能7 l: A/ X2 [2 {, G
- 以下内容被选中:, H" o( O# r( ~ v
- 所有的启动项目(包括注册表、启动文件夹、服务等)' F& g# u0 I1 v0 h X; ~8 A5 g
- 浏览器加载项
H6 r6 R. X/ Z+ ]" I - 正在运行的进程(包括进程模块信息)' O7 F. u9 M3 n' X6 J- j% [7 L
- 文件关联* }0 c2 `- N+ |9 {; C
- Winsock 提供者1 ]$ o, [& ~% R; [1 l& v
- Autorun.inf
: O3 M4 I+ I$ P- z5 M5 p- l9 f4 [9 } - HOSTS 文件
, k7 f* ?( P8 e# H# x4 r7 h0 b - 进程特权扫描
0 ~6 v$ W# W1 f) V: \3 { - 6 F. {2 R% f7 t! C0 v* a0 \2 c) E
- 启动项目- Z+ @4 u+ W% [1 ^* ^
- 注册表
3 s* X/ o. V; r { - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]& k( L1 ? n+ z4 H$ N8 T/ u
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
! U1 m4 o7 {* v! U0 P/ L - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]+ E2 e6 i, v; O* i/ Y
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
- U3 ~, h' U5 Q - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
$ |8 i `. ?; s- S: ^% p' b9 o - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
# i; t1 R9 {' Y% K - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]7 M) D5 L) l4 @1 G" M# O
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]; [ d$ o+ I# g S$ l9 k
- <PHIME2002A><; > [N/A], `8 G/ {+ u6 h* U
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]) L* ]" N7 g% S) q
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]$ w4 J5 w0 O) A1 v
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher] D3 o3 b4 W1 [' K% m/ h7 g' }$ a
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
0 Z9 Z0 L, e& L+ O - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
+ o6 k2 p9 I$ Q1 m& P- }7 r - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
& z- R9 o2 Y% T9 e2 t - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
! j* B7 M! v7 M4 T: u1 C# B$ k - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
: h. H! A1 b" s. Z! l - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
! J5 S) ?8 l5 L- @, _* q* d - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
! {8 Q9 k b7 ?& W. t, @ - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]& P& Y- j' @ I! l
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
# Z. I% i' [0 f - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
9 z1 ]6 F4 s4 |+ }2 L - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
" S2 g' U- F5 w* p8 Y - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]5 ^4 D5 q4 H- v. u8 |
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]2 I0 b. R: k* Q& h0 }+ D; f9 Q
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]: }7 r) r5 R4 L3 ~" ^! p
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
' L* S4 O: R" x$ E. l" o+ {$ q - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]2 n) m3 E$ i$ G4 Y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]5 J4 e8 n) I: K/ @# o
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]. [( N% ?9 l# \& K% c+ j0 Q
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
5 r" K1 G2 E5 ? p/ X n3 o - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
3 J' S5 W$ u- P2 ~, o - ==================================: ~3 B- M3 J' ]. _
- 启动文件夹
: ?/ Z, L. Y9 s: n - N/A
; S4 J1 ?7 l5 H3 o1 v, g - ==================================: _; i- @4 X" Y6 ^' y
- 服务6 k& ?9 o! s* d2 ]4 G
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
6 x( e2 u+ Q, B* a9 \" \$ L9 C - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
, V! @# g0 l4 k" k6 W" ?6 I - [Google Updater Service / gusvc][Stopped/Manual Start]# z1 ]6 X+ k" H* u$ `( S" O) [2 U
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
4 S @ X' p) | - [Help and Support / helpsvc][Stopped/Disabled]: E% H' c5 E7 k4 c6 E
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>; b2 V. b* R% u! m' l1 G! N
- [Human Interface Device Access / HidServ][Stopped/Boot Start]8 R- B x! l6 K d
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>+ i# n- B1 j6 o- C
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
0 W6 {6 Q, _) Z( U - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>: q2 X- U' O' ]- R* f
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]% h7 [% Q$ P% N. W9 n- q: S
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
6 m% C, @2 I4 M; M; A - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
5 y2 Y) [( ^+ H5 G8 b - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
& r2 U# D0 }" @+ C1 @/ r* i9 y - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
3 ~ ?+ d& `3 J - <><N/A>8 x, v0 ]4 r$ c. a J3 x5 y
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
& ?- R& y6 n6 `, e9 r - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>/ c, t4 v5 |/ }" H: P6 H
- ==================================
/ b9 F3 N" Q2 ~ - 驱动程序1 a- R. e: V8 \
- [22j / 22jn][Stopped/Boot Start]4 p m8 `: q9 ]( Z$ X3 v+ k; P- v
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>5 H& M: O$ L* C/ I8 m4 `- }
- [360AntiArp / 360AntiArp][Running/System Start]" K( j! K* x8 y* f! B) O8 N
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
k) K3 T! S) O# ] - [43ec / 43ecu][Stopped/Boot Start]
1 O1 H- o9 e4 T1 E" B* a8 } - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>( F5 s! r/ s% Q# G m2 R6 p9 a. g
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]" w8 c/ `8 @* o# S
- <system32\drivers\ac97intc.sys><Intel Corporation>9 Z6 C* T6 p" _
- [Promise driver accelerator / bb-run][Running/Boot Start]
$ p* [4 ? }" {! Z4 j! _, k. W( \2 G - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>+ g3 k9 J. s6 ]; U) @6 G5 w
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]! o/ `( c1 j& h- _) Z" N+ L- i
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
; m; D5 I) E) A1 s4 X - [KAVBase / KAVBase][Running/Auto Start]5 s2 f2 c0 X6 k! E* F
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>, Y0 o) |4 S% I9 {, X" b
- [KAVBootC / KAVBootC][Running/Boot Start]8 m/ x2 F& X9 ^6 o
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
& c) T, A. ^& U8 W! x! D" Z: b( V - [KAVSafe / KAVSafe][Running/Auto Start]8 y0 B# S6 x. g' F. A9 g
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>' c; x/ @( a# Q
- [KNetWch / KNetWch][Running/System Start]
, a+ ?( t2 A0 i( c' y$ I - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>7 `1 Q' d3 P! s
- [KWatch3 / KWatch3][Running/Auto Start]
( q4 c$ e! d) u2 n: S* |( i" h/ T - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
; V M0 s+ t9 Q - [ntptdb / ntptdb][Stopped/Auto Start]4 n9 D6 z( M) Z& k2 H9 |
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>$ n$ Z( ?* w6 p7 H0 k! y7 R& a
- [nv / nv][Running/Manual Start]3 Y( r7 m( J O$ r8 j7 ?6 E6 V
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>! ~2 @+ |7 U; r5 V1 S
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
* A/ c, l/ ?$ V# c* g - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
8 s8 ?) z5 |# X( U - [DDK PACKET Protocol / Packet][Running/Manual Start]6 _( \5 s/ Q) f2 S
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>4 a! ~2 Y$ g' x4 a# f
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
+ W- j% Q9 V; _6 a8 r' Z" J' [' s - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
6 P' [. Y: l, X- Y. W" D9 F - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]9 K2 ], J1 ?9 K1 [9 Y3 U
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
, R5 }& R, }' O - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]$ g' U6 a6 i" z0 I" S
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>5 H3 D! N+ A. t- b
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
) D5 G% S0 v2 e) { - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
6 C6 o$ r4 S6 [9 d - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]' O2 D( I, W% g
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
& L% M+ V# |5 L7 _6 x; r8 w - [Secdrv / Secdrv][Stopped/Manual Start]8 L# |5 @: n$ T; _9 |: g* [
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
8 @% E) Y& m: B! x - [SATALink External Device Filter / SiRemFil][Running/Boot Start]" S6 `3 u4 \/ {/ H/ |. t
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.># B7 e3 P" ^- P$ O: r9 A
- [System Restore Filter Driver / sr][Stopped/Disabled]- p: Q+ g* P/ Q+ Z0 \- D. b
- <system32\DRIVERS\sr.sys><N/A>, h. H/ b: i0 w! @* _
- [TesSafe / TesSafe][Stopped/Manual Start]$ G" i. o- X2 M K1 Y1 ~- c
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
9 i+ M+ i" d) O, U% K" a - [System Services / unzxzsrs][Stopped/Boot Start]5 ~! F6 n' l$ x4 ?. ^* p* K
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
; I# H- l% Z; p' O - [ViBus / ViBus][Stopped/Boot Start]
* L; I, h1 Q3 n$ r/ T$ P - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>7 V: d+ p8 B7 \! e
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
; H( t+ |8 H `7 a4 c - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
! v; _$ k( j+ x9 U* t - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]: s7 s4 ?% R% }( t
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>* E/ c. a( N" a5 N
- [ATI Extend / zhibmaso][Stopped/Boot Start]
9 w5 M c, o" K$ l* ~! X - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
7 V: \% ~+ E: ?8 p - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
' d! ~7 ~% x5 C$ W - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>% m, I: f7 D8 L& v1 ^: M& T3 O
- ==================================
* b+ z4 e; f/ [5 X+ p) V: p3 L h - 浏览器加载项 w+ Y8 g2 ~9 T9 H
- [Google Toolbar Helper]
: I! w& o5 T7 W' p( F4 y - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
% j7 E6 a# e2 C- d* @ - [Google Toolbar Notifier BHO]
2 E, L* F# h' s0 Z+ L; Z - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
2 f+ L; M/ M l7 N3 l$ Y* o - [SafeMon Class]/ a- {/ y3 w8 @$ F* j
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
# J. a c3 Q: ]0 }7 `8 p! E - [kingsoft browser shield]
( V0 U# C7 ` X1 o, U - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation># b4 t4 E8 b$ }7 }5 N
- [IEBuddyExtControl Class]
V1 u+ E7 ?* m8 T4 J - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation># T; e% v4 T) ], k* H
- [Zcom 杂志]* v* z+ M% ?1 Z2 { ]
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>; I) P5 a( w% Z; H9 o3 W+ o; e
- [&Google]) b; `. t% @2 T- G1 _0 S. U5 E
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>8 ]7 P \: H& n- ], P% @: M' m
- [KooPlayer Control], J0 V5 {( s2 i) c" V
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
( a5 U& ^" |2 ~' U - [Shockwave Flash Object]; f; s* }! C9 _$ {& \2 d+ t, Q
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>$ h0 T- N/ f& V
- [KUpdateObj2 Class]
, \9 Z6 h8 f" @) L - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>4 y! L; L& m$ X8 p6 V
- [Google Script Object]$ @ ]6 @; r5 P5 O4 l# U2 D
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
& J0 l2 k7 p9 f1 p4 E - [EWA Control]
K' \: ]5 }' s" O+ M: z - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
% \+ k% g3 K( l - [Windows Media Player]9 [' z+ W7 `6 [/ Y$ i
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>' x6 P& H+ J& v( y G
- [&Google]2 F0 a' i4 f! |
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
% c# d/ G; `. G - [HTML Document]
9 e' q; ~( Q, f- e+ `. h/ \$ D. I - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>7 y' Q z) P8 V+ H
- [DHTML Edit Control Safe for Scripting for IE5]
, A# d6 q" z" H8 e - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
3 X6 j9 r* O; o" L) n$ |2 q0 J6 t1 Z - [RealPlayer RAM Download Handler]
- Z$ \9 t7 R5 E W+ o - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
3 {/ ~; d4 g4 \$ z+ |5 \. w - [IEBuddyExtControl Class]8 L$ M) e7 y1 V4 I2 B
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
1 x1 p/ Q% {2 G - [XML Document]
6 ? w' x2 j7 C4 k5 [# I - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
& [0 q2 z2 T+ Z8 r! b: J" } - [HHCtrl Object]
1 o1 n. b& g3 J' \& Y8 E - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>0 p4 s7 {! n% j# N
- [Windows Media Player]# u$ }9 q4 k- _- k
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
) y0 ]4 M5 P O& G! L - [Active Desktop Mover]
" Y2 B. T9 f$ v+ v% w. [ - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>) z1 |8 C. T5 |+ l3 f
- [360SafeLive]
g: Y5 w0 K% d& v. T" J/ N - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>- S# l& {! |( D
- [Microsoft Web 浏览器]" [" \4 h3 ~% h6 B9 q
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
6 ^+ C3 w2 T- |" C+ x - [Browser Enhanced Objects]/ u: Z1 W: T3 [+ }3 n' w0 E
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>% s0 ]+ T: m- B
- [Google Toolbar Helper]$ m2 S _* E* G
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
) {, x% c8 B9 H2 E8 t( o - [Microsoft Scriptlet Component]
: U7 u( X8 z- Q/ o% v - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>- c* V/ S/ F$ r) J0 w/ ~6 U
- [Google Toolbar Notifier BHO]- B8 p+ ]# j0 B, M; }
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
, R J' i( V3 |4 f! J - [SearchAssistantOC]4 N/ J) X5 V% x- a- i p
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
, l ~ t# \ j3 i2 t9 |# F/ s( k - [SafeMon Class]3 H' [- c6 I. c, N# b
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN> |# a$ L- Q/ R* K$ S7 H" h
- [RDS.DataSpace]6 |$ ^6 u" n( a4 U% i, n
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
+ O# q/ E5 Z9 N& \: ]; B - [KooPlayer Control]* `" u% l1 ^1 p9 l$ {8 d4 D7 `
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>/ |' h/ @2 y4 |( r) t1 Z4 I* G
- [AUDIO__MID Moniker Class]
3 v" C* ^ \: g- r1 R7 a - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
: |: \0 ~: u0 p& b, n6 L" L - [AUDIO__MP3 Moniker Class]; R' v% v. {0 ~1 @0 \
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>2 S4 U! C0 Z/ p& A5 ?1 z. j2 S
- [AUDIO__X_MS_WMA Moniker Class]
; c! e/ Y+ h; J) w - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
( L- f$ u# o# ]( m* Z3 `8 ? - [VIDEO__X_MS_WMV Moniker Class]6 L- z6 ?1 q: Y9 V# j! I
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
3 B- o9 m' X/ _; \# |) k0 O - [RealPlayer G2 Control]) n1 H. N6 S+ j! P: e3 S+ t
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
8 G+ m7 l# B! {/ a% A8 @ - [Shockwave Flash Object]
g9 l/ ?5 [% f% j' ~8 ~ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>. m: H% A8 n/ S% ?0 d. X4 }6 V
- [KUpdateObj2 Class]
- m6 K9 `0 _, n, ^ X! l- E - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation> [ x+ f4 j3 [, T
- [kingsoft browser shield]; K, T, G/ X& q. X# b
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>$ z8 W# Z1 P1 P8 J& X: n
- [PasswordEditCtrl Class]% ?' b$ C3 p R9 b8 M
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>1 G2 o+ P3 ?- \
- [QvodCtrl Class]9 I5 T/ T0 }) j+ S& R
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>- T: t5 } \+ s
- [&使用超级旋风下载]
2 j. {) q) `' q) \# h - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A> {% ~0 E: E" c0 S b' |, x
- [&使用超级旋风下载全部链接]
+ o: v: l/ m7 Y2 y% [: r2 ~ - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
7 Q! ?2 a! n# c. J# L - [使用迅雷下载]9 ^) q2 w3 y# N/ T+ S' z
- <, N/A>8 q* O0 Q. u+ D, o
- [使用迅雷下载全部链接]( l) { a- j+ O; x- U2 D
- <, N/A>
9 H" a0 }8 l' l' G c( h1 f' O - [导出到 Microsoft Office Excel(&X)], @" b3 P7 m' n, ~4 o
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>" _( S8 V% b6 ]& P: a4 k% Z6 N) o+ v0 k3 G
- [添加到QQ表情]$ P* Y% N/ V. y
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
# T* H& W5 a+ Q, f9 o" I' `- z7 C - ==================================
! X4 O( n. ^! z, l - 正在运行的进程5 r& k( I: J H
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ x4 V: o2 b. x$ E% g7 C' C - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 b- B6 P6 u+ J7 |
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 W+ P7 G1 A$ p. m# I/ x+ t6 X
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
" e' h# l, I$ ^/ e - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 b0 z' p0 M9 | p( W
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) L5 U* ?' ^' J4 j* r
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 X* D& y( h" a) u - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( \( V/ v8 q% A# H8 P% f) a
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! m. j& y; D7 { - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) s) t9 }& a/ O4 K5 G
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], R: o) D) J5 D. ]. s/ U; @2 ^; f
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
5 x a3 Y. V: N7 m6 M9 \* u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 i+ F) s3 J F - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ l% H6 c: a( M: S
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
( \4 E) u! R) I. {% A* v3 W1 ^" z - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]0 X7 B# N$ K- C) X! }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
1 G6 C/ ?: C* {, G" d - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]$ U8 N5 |" ^' K! K# F: w4 A& u
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]! v. j4 M, I/ d# S$ q& \: j% Q
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]) V8 [! I1 v- P. R% D/ G0 [$ W9 M
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]4 K. H5 D( \0 B% u' |8 E% N
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; {1 _5 Y7 O/ \9 y" r8 M
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]1 H4 I0 W& Z7 _# u: N8 d' c0 ?
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
3 U3 E- Q; V1 G9 r' b$ ?" z - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]2 ^- P4 c6 s7 ~5 ^2 @# R6 j
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
$ U$ I/ r$ h; K - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
; t _- B9 J+ m - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]5 w2 a! H3 U* _1 ~8 \" S! {/ T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ N* c1 b& y! Z4 a+ |7 c8 Q" m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 [' v1 V% h+ d1 J0 X+ P
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ F' x) I2 M: A1 ?
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* j5 ~$ l, e4 c) {; ?
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( B( _' g# {8 M7 I& b9 B, t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; Y% {, w1 e- ?+ L: p8 I! ? - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 j( {1 h& c: b1 u- ] - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]; D* M: q0 [+ p& X& }9 A$ u$ y/ l- ~
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
$ h! c2 E4 ^0 D: {( I T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]% z7 v6 x$ o& O. M/ I; W
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; ^6 c* Q" S/ X! r9 | - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]0 @! b) {* L" y& E4 f0 y
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]9 O; Z. Z+ A9 y" l/ k% S
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 U; M% D1 O) I" A# E+ {
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0], B) h. t/ j+ d1 j8 u1 n
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- s; {3 ~) Q# O* B4 a+ G
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]: b3 K* M# _4 \1 i$ p; u
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ P0 b9 j" `4 v$ P a4 ]
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ u# G3 J, s, y( n% ?5 N# L6 X2 K
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]0 Z# b ?2 B4 u- z u" a1 u- b( n
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
3 |0 v7 b* s7 K& U" W6 M; a: V% A ] - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* y! N- |8 r9 D2 w( H( ~" X/ h$ i; y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( S5 R! K' }' X; z$ _; [# r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 S D1 r) ~) g5 L0 m - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
( P4 ?5 Z" V, `4 c& m& v3 O) V, n - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]* N5 w8 M/ c# A# p. {9 N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]0 Q# k% O V. y. h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
8 M( F6 Y g6 d4 ]# U7 j" V! W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]6 O' h. F: `' D/ i. N' x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]3 _2 U9 U. H6 B7 d, {6 V0 m: O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
2 w0 ?) L1 w) H! P - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
, _+ u' |7 I3 L* u7 F& _ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
. V) `9 B O( m' | a - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
0 L( A: P1 j& K - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
* Z& x! w7 f& Y% t" K8 ` - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]) h4 q) w4 J1 O
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]. y5 c1 T* H" b% ]' Y. u3 I
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
# o' u" D$ U! \ ?% Z- p& x3 t - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]7 a% ~7 f$ _, Z. Q
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
$ l" W! ]6 n& z5 K8 t! j$ F - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]0 F9 M5 y* Z3 P' _" F5 s
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
- r' Y9 O/ \6 [) X9 w2 d r - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]& o! o2 c' g4 B4 Q
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]6 t8 R! S' x" H! n8 V/ k) E2 c$ _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 O9 O$ G- R& y1 y$ y- X& O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]* S+ v3 H" `1 N
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' g1 }0 f0 t% F) U6 n0 [; T6 m - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]) @3 |/ Y' G) S. j3 \
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]$ c( M h, n3 _# b, ~4 }5 u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
% p7 w0 w, G% Z# y- N$ r- F - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 [" @0 f: i% S- w9 V+ m
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 S4 o+ F1 \% c, w/ B8 R2 _9 B
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
1 H! b0 |* a$ z" |9 O$ @/ z - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
7 O! {! f, |! }) O1 j - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* [! Y v% B! [ b5 n# s$ |; g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]7 l6 V+ r2 V: m2 p& }( s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 X9 H! i8 N5 S
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' z( N& r; K& `$ u8 H0 Q& e
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]7 m0 g) U" g. a8 L
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! t3 g% \' o3 y; x8 y% T. q0 Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. R$ u6 l8 s: Q! Y: ^0 o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ _9 l& `7 J* }) F1 e
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 x$ I/ i7 o8 y: y$ V" S/ v
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]) n F- p) } f! N8 u
- ==================================2 y& V& W8 a" \$ T
- 文件关联
" S7 X$ {' Z" H( P! ~ - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]% S" i1 i1 O8 t1 O! M" U
- .EXE OK. ["%1" %*]
& {/ C. G# l3 X - .COM OK. ["%1" %*]# V! X( T: W+ N
- .PIF OK. ["%1" %*]. C b; }4 e$ E8 h! U+ }
- .REG OK. [regedit.exe "%1"] u9 I5 l% L& r+ [0 ]& U" [
- .BAT OK. ["%1" %*]
1 Q) ^7 s* ]( Z0 ^$ b) v - .SCR OK. ["%1" /S]* x5 N m4 d A
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]( ]0 d. K4 i# R% P( L& q, t9 e: \
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
' x, ?) l1 o+ N - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]1 G) s) _3 L5 [$ b( X, J
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]* ^; P0 J( L& G) `
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]! u( x Y7 Y# L5 |
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
) M$ f( s6 [: y2 h: C2 f - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
* }1 D, C: O% h* g* M) H; d - ==================================. ~0 v+ T4 q6 v' g/ `% ]: {
- Winsock 提供者, ^! { Y3 D) e$ h5 O X, b, T
- N/A
. f0 [0 S1 V5 u, ?2 O) } - ==================================
" x! K/ Q; x9 c. w - Autorun.inf7 a H4 T2 e5 S0 H& s
- N/A+ S3 L9 c' _3 V2 m% }3 b! f7 u
- ==================================
6 e$ J# }( Y. B% V7 y - HOSTS 文件
0 `& F, {0 k# n1 l9 d7 n2 l3 g - N/A+ a' i9 \# X$ E/ ?4 e
- ==================================
9 G4 R- r& c+ Q% A0 {* z - 进程特权扫描$ M/ b1 \* {( s2 L$ L# e
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]- E' Z- w; B& E H) ~
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
) ?. r+ M' E( B1 r! u - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
7 X, K, N/ ]- Z; r - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]1 A1 P: x6 Q f, A0 x
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
2 K# A' ?3 d4 Y6 y2 a/ I" L - ==================================
$ \8 ]! O# l" \) P - API HOOK7 X7 t y2 Q# }. m9 i+ }
- N/A# n2 i) P8 r u0 s% R1 G& Y
- ==================================* e0 a7 K& b5 p+ r6 {) A& P
- 隐藏进程
# H+ S7 D7 B5 k4 O) f6 a ^ A, ~( A - N/A7 R9 a7 Q# Z" c0 G
- ==================================
" T" q, |( y, _4 }/ N1 m1 K - # J7 N4 t; i$ p; t" B
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
