|
|
7 a& v0 C, J, T: N; x1 S- 2008-05-22,20:37:43
1 J/ z4 x4 @( \1 | - System Repair Engineer 2.5.16.900
; U0 E+ i$ g1 p; I - Smallfrogs (http://www.KZTechs.com), j6 k0 \$ s% ~
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
) z; u' S3 Z3 w- Z* x. L - 以下内容被选中:
" r! V3 {2 ~- Q( I - 所有的启动项目(包括注册表、启动文件夹、服务等)! _$ R, P- _7 W# m
- 浏览器加载项
* B) |. g2 }7 j - 正在运行的进程(包括进程模块信息)
; o/ v+ ]: E; e' p9 Z; E5 m: \ - 文件关联
1 o/ S7 ?3 ~2 @$ ^" @6 L' ^9 H6 c - Winsock 提供者% q! O7 Y6 ]- R) z, q
- Autorun.inf0 R J' w+ t/ b# d! H" X0 F i2 d1 G
- HOSTS 文件# y! ]" K1 n' `2 @; |) i
- 进程特权扫描
6 K( G4 X( u" a! p4 D" Q$ | - 3 a# L! L/ O) G- y
- 启动项目
+ P( T4 L1 B% X8 S' [9 ? - 注册表
: A! V! D. u% Y - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]- J8 b/ b& b) v0 k$ |$ w. f- l9 M
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]5 w9 }3 I4 j/ C
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run], c' e: T+ E! T6 p4 L, E
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]" K M" S0 P1 _; Y4 |7 z
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]% h9 `9 J2 H, [$ m
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]$ y/ m! p7 {& n$ t7 [7 j" d" @
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
! Y% g9 O& V8 L - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
" _9 X( [! C" A$ e2 F - <PHIME2002A><; > [N/A]
; f+ M5 e& ]; u. Z* g! z( ^% U - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
* ^1 C, @7 F/ Y4 Y2 j! Q - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]6 N+ m j7 [9 \8 R, b3 I! Z
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]3 }; X* j2 c, b4 [0 g( c
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]7 N' f9 k% ^" @6 a y9 n& b
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
! e/ C# `4 I# Y9 [2 Q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]5 f6 A9 Y, w* K; M" A9 y- G
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
- z1 N7 a- A: w0 R) T" N8 n+ C - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
' T0 C. T. w! ^5 e& q1 H - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
. G; y/ Y8 c! j0 y/ w) s - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
2 x( g. \2 r7 f( v - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
% q5 n# g, N/ O/ R - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]: t U( D6 e0 J
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
/ M! q- i+ ^. b0 ^, z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]- U0 P8 E! X. o! W
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]8 v e; L8 O8 E! D% m
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
) M5 ?: Z6 r+ T; s- f" ~3 c/ R# ] - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
+ a. ` J" u. G6 O- m/ Q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
3 w0 w; Q) h9 e8 e - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]* B; O- E/ _# j$ K' B! S0 G
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]6 {/ c7 B0 v+ X
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
+ X6 D _' ~: P! F - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
' O3 T$ V( f& x' N- X9 M - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]) z& c* ~' L+ K1 M6 _; _$ F
- ==================================
7 K1 v# r& Y9 Y$ n* y3 M - 启动文件夹
6 w u# L5 Q. a) {& d - N/A
/ c) Q* c. ]) m# E/ D; c - ==================================
3 k& L& w! `: {1 ` - 服务( U. ]6 G/ h' C* ]% D/ e5 v8 X
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
. P" u" D/ k$ \& I2 S - <C:\WINDOWS\System32\3wareSrv.exe><N/A>9 h8 Q3 M: m; _8 a) }9 T% Y, |
- [Google Updater Service / gusvc][Stopped/Manual Start]9 r9 N# Y/ \9 o5 ^1 L' ~& `9 E p; ?0 X
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
# L7 ~! S, e( A - [Help and Support / helpsvc][Stopped/Disabled]+ T! |/ R# m: `3 i/ P# n9 w# f' [
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>* p" O: v# [! _- G
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
5 c) u: t( t8 ]5 W8 a: G u - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>; h$ h" ~' t; A; @6 E; [( W$ B
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
7 I8 |+ N5 E N - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>+ Y" z- @1 U6 ? [3 b
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
+ I0 j, D% T. E) c7 Q- k - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
" ]' q; K# Q& o8 t) O - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
; R' X3 q6 r1 r$ W8 | - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>1 @6 R5 e/ X" r9 D8 G4 N5 ^# F
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
& m" {1 O6 N7 g. ^4 t6 x6 s - <><N/A>" t7 S( q5 D& Q6 l6 W
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]1 _6 e p9 ~0 y
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>! K. [ J" \2 J2 l" E/ q
- ==================================! C3 Q; R6 W. _" ]$ s
- 驱动程序& x; {1 r( R9 U9 b# i
- [22j / 22jn][Stopped/Boot Start]+ t) }, D1 ~, ~+ D% a! u
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
, j2 K& u* X4 ]# }. Z! ? - [360AntiArp / 360AntiArp][Running/System Start]/ M B* H) G8 r4 p3 P7 @% o1 B3 |
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
0 M! \) A0 @+ k$ K8 ?: W - [43ec / 43ecu][Stopped/Boot Start]
6 D, U8 j* A p8 Q0 F- X3 j - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>$ t7 }8 C$ t6 b% g- s# R+ ~# u
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
) V/ v6 {+ l: E$ n/ X, \% }9 b - <system32\drivers\ac97intc.sys><Intel Corporation>
( |/ Q% M5 U$ W E- F - [Promise driver accelerator / bb-run][Running/Boot Start]
: w7 Q1 I% ^1 ]# v& r - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
4 e. l; B: I( k1 ? - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]8 x$ M- A7 |2 P: c# V
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
- c3 s' g2 L' D; n# A7 c+ t! j - [KAVBase / KAVBase][Running/Auto Start]
0 F/ y- f0 f8 W1 p - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>$ `, ^3 ~% T9 K" F
- [KAVBootC / KAVBootC][Running/Boot Start]5 z) X/ N7 J; p
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation> i9 M& Q& c, E( ]
- [KAVSafe / KAVSafe][Running/Auto Start]
1 L( }0 G9 ^: G: o- Z - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
# v+ V8 \2 A {) _# G - [KNetWch / KNetWch][Running/System Start]8 x6 R: k* Q3 L5 B8 W
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>, P- @+ {3 \: X5 E6 _. y3 s
- [KWatch3 / KWatch3][Running/Auto Start]# q+ M5 [9 Y. s, Y: k: A
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
& B3 b: \1 b3 [/ i! } - [ntptdb / ntptdb][Stopped/Auto Start]
# K" x5 t! I2 r: J - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>( r5 |0 y5 m- x2 q2 L
- [nv / nv][Running/Manual Start]
9 m/ Z$ y6 g( J - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
$ K. B; @/ _/ c! M* a+ ] - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]* Z1 j1 g4 Y; f, r4 q$ N) k6 v+ B/ W
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>6 f9 p: b; P: \3 h. i; x1 ~, J3 j
- [DDK PACKET Protocol / Packet][Running/Manual Start]
9 K! ]# H+ T/ F. W - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
( R1 q2 i% q( t1 ? v% r% @ - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
2 h- e2 Y% Y+ w8 t, G* _) C - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>* u: ]% ]# r: f+ v' @
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]4 q [4 Q+ K$ m9 _8 G
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>4 P1 k+ Q$ F$ l( A: [
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]- l7 Q# S' ]+ ~+ q
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
" }( D6 @8 x7 x3 \ - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
9 O- b9 v) x4 _8 u* F1 a, H - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>0 |0 L" S% O. C( y& g0 N. a
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]( e6 `8 ?8 G3 L9 [
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心># [; K9 [$ |& m( U/ K" K" z
- [Secdrv / Secdrv][Stopped/Manual Start]0 ?1 G% e* M9 ]! e
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
$ H5 c- _; c7 R6 R% h- ~ - [SATALink External Device Filter / SiRemFil][Running/Boot Start]7 i# }; t# A; E4 E. @5 y- M8 K$ N
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>. o2 H! ~5 a' q) r4 E* ]5 T
- [System Restore Filter Driver / sr][Stopped/Disabled]6 Q; F3 B8 h8 M" P# p+ w9 A
- <system32\DRIVERS\sr.sys><N/A>
& K' R) X# R) V7 c; [# u" e$ r - [TesSafe / TesSafe][Stopped/Manual Start]
X* f# s, a: q! u - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>1 S$ e& h4 L" w9 _
- [System Services / unzxzsrs][Stopped/Boot Start]
" X- [' }5 | Q. g - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>4 h1 e; V3 a9 k, I
- [ViBus / ViBus][Stopped/Boot Start]
2 w) L/ D* b4 A- L! K& R U - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
% ?# i$ X7 {8 t9 G2 r7 i' M - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
+ `5 [- s& F6 l' y9 b5 g& V% F: x - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation># a1 N& H7 \1 L' d# F" O$ ^3 G
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
1 U# v" e3 X" k# V- l& P - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
# R% S# Q* p4 ^/ D0 M# F* Q) z - [ATI Extend / zhibmaso][Stopped/Boot Start]! o" E4 s, i5 d$ Z0 Y0 i: x
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
? H8 S$ ~! z3 X2 V( a7 W - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
: d' y' g+ x, @0 H! T - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>5 f- N7 y( b+ B4 C) T' Q
- ==================================; ?& z+ q8 b7 }: p
- 浏览器加载项
" a/ I; I6 t* \; ^( ] - [Google Toolbar Helper]6 D1 V' H# n: c- ?- W. K$ ^- `3 G
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
% y; q' n5 M6 |) i& L2 J - [Google Toolbar Notifier BHO]
5 V# J3 g$ J* y% h0 } - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
& e6 h( Z9 J" R2 B6 k, M - [SafeMon Class]
/ a) H* q) z X" Q3 `* I( t% c - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>' D4 ?8 n7 g2 E T9 V
- [kingsoft browser shield]4 b& r8 F, u1 J+ I" y
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>) r2 L5 g! T$ f( W4 ~
- [IEBuddyExtControl Class]5 i+ J! ?; ^6 `2 l8 K( a
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
+ K, ^$ P O/ |4 |" P; g4 X - [Zcom 杂志]" s" E0 L0 a# N! `
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
) l9 u. R- O! c7 k1 n8 w - [&Google]6 y7 B/ q+ n" P
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
/ y9 l8 a" d! b - [KooPlayer Control]
- ?: `8 b0 V8 o' P) W! d7 t: I* V - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos># L- A& N1 f' a
- [Shockwave Flash Object]
9 C- w# {% v& y3 F5 H: N - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>0 K1 @# k0 d) `: p- @1 A
- [KUpdateObj2 Class]
* {0 J: F1 x2 o8 L% l - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>, g* B$ e8 M5 ], h7 }; R# ~$ t; L
- [Google Script Object]
5 z# k# `1 i+ P. ?% ]: t- H7 U- ? - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>% @4 u. k! `7 B1 g8 D, ?8 b
- [EWA Control]
n* Z3 x( G; [( l- N+ D0 t+ W - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
: x0 g9 z/ g5 u2 N4 u8 o9 t3 C - [Windows Media Player]
" L/ m' ~& E- G8 t7 P. Q - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
4 |% z) j6 i* ]/ ]. }) S8 o - [&Google]
% X4 R9 }/ a7 w3 C- y9 M: x0 V - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
/ Y8 w6 p1 `; a0 G1 L( Q - [HTML Document]( s. B! Z1 k7 V9 C. j: ` V
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>* X" u& A; h! Q1 W8 a
- [DHTML Edit Control Safe for Scripting for IE5]
: _- u' Z8 Z# j# d6 R) b - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
. K+ T& F; v3 ~4 R, z% T - [RealPlayer RAM Download Handler]
$ V% o; P1 x# E$ v: {$ f% V - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>6 J& ~5 ^6 K: I# ]+ q
- [IEBuddyExtControl Class]
+ D# O! c' _5 E4 D- v - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
5 k" Y8 x W3 w$ l5 L% ` - [XML Document]. W8 ^* [5 F* E
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
4 b: |& c! q* O+ w Q - [HHCtrl Object]
. f: G" |" ^- n, V" ~! V( r - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>: l" t' O, h' `+ W: @. o2 ^
- [Windows Media Player]0 C! s. a1 T; @1 t% t7 f) T
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>+ z6 k" a# {$ {5 H. k
- [Active Desktop Mover]0 c- ~4 |& L, B$ b& _
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>8 _% p. x: R* Y/ q$ l
- [360SafeLive]
) I8 L) y, X+ h d1 @ - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
0 D8 G7 g/ f" ^7 I0 j1 P3 d/ ^ - [Microsoft Web 浏览器]
7 m+ H5 i7 h" j) z% b* d - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
4 f2 z' w; L2 r1 Q- e! k, W - [Browser Enhanced Objects]
8 E) W- a. K8 D5 g - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>7 \: _/ g6 ~( M5 V9 m4 v Y
- [Google Toolbar Helper]
5 q; a+ v+ t% N - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
) ]8 A8 f2 S" c8 {( K - [Microsoft Scriptlet Component] D6 k4 v2 |! ~' J" P' `1 @2 ~; ?
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
) K9 D; V) M- W. {1 b) @0 { - [Google Toolbar Notifier BHO]
/ \4 \; m t0 v3 }- _6 @0 y - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
& ~/ d% [/ C4 ?1 [4 h - [SearchAssistantOC]; g# p# W8 h7 }$ T
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>& ]# z3 M$ N% m! Q& X
- [SafeMon Class]# o2 U1 V4 H$ H7 J* C/ b
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>4 e( ]+ X% C, s& A% E6 a
- [RDS.DataSpace]) X6 Y5 t3 X* t7 u
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>& y) X L8 h; m0 t# j( a; u- r
- [KooPlayer Control]4 Q x7 |, L& o% s
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
% B" Y5 v4 S, j5 H' f4 J - [AUDIO__MID Moniker Class]: k" {+ U- [4 x' p% u' {0 S: ^
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
: i+ i L; J. t. m8 y - [AUDIO__MP3 Moniker Class]/ `! n, m7 q0 i8 a& Z
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>' m% d. m( y5 z4 C
- [AUDIO__X_MS_WMA Moniker Class]4 D! u }5 D2 J, |7 x0 N9 p/ U
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
' u' f" {, q! n8 M - [VIDEO__X_MS_WMV Moniker Class]
/ V* {, h. f( I, W - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
' c" Z% W$ O8 c( s - [RealPlayer G2 Control]4 e$ Z6 M% D/ B+ h! P
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
r$ C; H$ P* \+ q - [Shockwave Flash Object]
/ \& |8 R8 C. u- T% b5 \ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
/ I; s3 ]$ c Q& K; l - [KUpdateObj2 Class]7 K' [+ ]- c1 i2 z, S
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
: H) ^! F3 a1 o. Z5 | - [kingsoft browser shield]
" `2 r2 a* F/ ^0 m( Y" K - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>2 d* ]! I. Y ` b% k
- [PasswordEditCtrl Class]
1 C h5 \9 }. h( R6 g - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>6 [ ^- g ~5 Y1 Y2 p; |+ f$ U
- [QvodCtrl Class]1 Y7 F3 I9 P! H' o* z
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>8 R8 z% ^+ K" f9 l7 ~
- [&使用超级旋风下载]
+ y l9 U2 G. H; s, _ - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>: G" C# S% K* f/ k
- [&使用超级旋风下载全部链接]$ H" w' d& b0 W" e3 x: k$ c) W
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>2 P( @3 F; ?& E3 M4 S
- [使用迅雷下载]
# P- I1 c$ P ~ - <, N/A>
0 y: X# W, r3 b4 [7 D; u4 i - [使用迅雷下载全部链接]
& V- k$ p; E; @2 t0 f% f - <, N/A>
' g) R8 u5 \- e% |# K - [导出到 Microsoft Office Excel(&X)]/ g g/ r0 Q6 g. W
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>+ b, g9 ~4 z5 [
- [添加到QQ表情] K* L1 a9 j2 W4 _* f& O
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
S! X+ V# X, p2 }; Y - ==================================
" r! s2 b j6 T - 正在运行的进程
p" f" Y' ]5 m$ _. k8 N# L - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 w5 L' [( ?# H* L4 {; b5 X6 ? - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 V% O4 t/ T$ J2 U! e - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' N/ R5 N3 Q ]9 C
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
( t+ Y# A' i* o5 S6 M9 T - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. ^! u) V) M1 V# Y0 L- J
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( F" K3 O( D U! y% l- y" p3 |3 X
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ Y; v% @( ^" k - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 D: q0 p( g7 u( g. r4 J - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], ~9 m5 W' t; k" U5 m) d% c! O
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& R6 C w$ k# {- z* w - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ [8 P: i4 L/ c8 ~& \ - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
$ A* T. m1 Z+ j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& c4 G$ I: ~/ U) A/ H, u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
# c$ r% ?1 T& t+ \7 q( R3 }6 X - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
f& z# [' t% o - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! J: m7 y, b( V! l. F8 [: k. s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]* ~7 g0 T' m) K' c2 y, H$ O7 Z
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
. }) M+ o/ ]! j, m- V - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]: | H2 G' Z* Z: o$ b. k/ ~7 Y
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]* @, u0 N6 y" w, X. m0 O0 ]
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
2 l% @7 U* k- x" D+ h$ l( k - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
1 W( C6 O8 K" T - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]: t' i9 [8 b, r2 c8 C+ r7 L6 L- e
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
& O8 U/ t6 ]3 r5 I4 L2 Y - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
3 O- t: o9 D0 W6 q3 d - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2], `; J! j1 E7 _
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]; G$ o( Z# t& A, p
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 L" D0 O( `5 |6 c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
6 l5 B$ g) A6 H( j/ X+ I$ G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
8 N, f* B- T3 G7 O! j$ ^ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- u$ _) i/ T& s: G2 i8 e; i. H; l0 z
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 `) q, X: v: N - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: h( q$ H9 A# `. e' |+ q7 ?; }2 Z4 ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, \) q2 ^7 x3 ]1 F9 ?1 O - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]4 t* T! ^6 q9 ?& B( i/ ~6 p( h
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
6 u& k/ D" a# B* `* E0 {- s/ G b - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]5 C5 j& p9 g" D9 L" o4 x! M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] G/ z. p4 k! i/ c p7 v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]) e; D1 Y! o5 F6 o0 I
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
: k7 G. [% a- { - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]+ u/ S( y, b i5 p+ F) o, s# p
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- f* m; \1 ~3 x7 ^2 F* Z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ {6 z7 j |) c. `% J: `
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% o: B' X" l: G1 T ]; ?$ B+ @ - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]3 x4 W5 O9 a( S3 x+ j9 K
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], X. E4 _) P! m3 ^
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 J. ]$ [; j6 J' [" P* ` j H' p
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
$ r# I" m: \ j - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
! {& x. K. ^: {3 ]9 O - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. c/ z6 X* ]) M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 T' h* i5 W% Z. l5 Y4 n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 A" q- L: ^- H3 X - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
6 O( T7 Q9 i- e7 \% g% R% I& m - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
* v# X, a* R1 v6 k2 G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]$ n9 n8 \* \. [5 @; r6 N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
. M' i$ F9 o3 H! Z5 f) J' N" }( e0 y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
# @. h* b4 a$ ~" D3 C& Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]( n9 K; A0 ~: A2 b& `7 e" I! [6 z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]3 S6 W$ C1 O4 T& Y4 W# r6 L7 e) c
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
) A- r2 f8 l$ X* M G; h, j2 M2 k - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
2 G, p1 R, \2 Q - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]3 I; }; z3 ]3 z$ x, R5 [. v3 l( A! Z
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]3 v2 Q- m# d7 Q2 s0 F
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]7 V$ m3 \* a) ^, K/ _2 F1 o% `4 {+ U
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
5 n z+ t T$ W - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]8 I# e% c# H- i$ W+ T' B5 q
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
2 Z B. Z; y$ A+ u9 `" |1 e - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
6 j" Y. u, L* Y8 g# }0 u - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]8 ]% Y* I- h: Z2 |, X
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 K9 C2 X6 |! h& b! W4 v# W
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
. S! M v$ n [* D& |) _ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]" s/ E7 b; X9 w& t4 L: x: J& k- d6 {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
/ i1 j( h+ K- f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) a. @! k2 B4 @ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
' b8 G, U' i$ P/ Q7 C; v - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
0 J6 o+ d" g l8 K% b - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]: V5 o% f7 L1 Y0 L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
1 c3 }5 j' E6 J9 b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, ?- }$ a; P. `" E - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]4 h! h9 a3 X/ F7 k) H
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
9 ]( b) ^1 K3 b, b - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
+ c8 ]+ b5 S, M: W" u+ s - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 B. W" O8 A" N) j; `7 V: U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ F# t7 r, `5 k N( X$ x; C - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 s6 i& b: p5 B - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 a; p2 N$ r4 s9 B - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
8 i) S" F7 |9 z - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 E/ k4 B- m% _3 h4 D' E - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
6 q6 a5 B! b# d4 f6 m( D b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
{& P) t# U0 [4 J/ i$ k Y8 z# k - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* q$ v5 [% a2 z7 I8 e7 i - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
' P" ^3 E+ e+ r7 l - ==================================
$ X6 A& h' l1 v8 r, Z; p+ k - 文件关联( L" `. z* l% v8 [# [
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]8 F- u: n" P+ e" F/ o$ E7 q* t. I+ X
- .EXE OK. ["%1" %*]
3 A, D/ k L/ Y) F% b - .COM OK. ["%1" %*]0 j9 z* H- p. E- n+ P
- .PIF OK. ["%1" %*]# e* G8 b0 ]1 U1 h5 R
- .REG OK. [regedit.exe "%1"]
, h+ |$ V9 O, L+ i* l! u7 [ - .BAT OK. ["%1" %*]
8 h- t7 _" G" F j4 q# \/ E - .SCR OK. ["%1" /S]0 f3 o; L( `" \1 P+ N' W3 n
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]6 }5 q! q8 S! G4 o
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
# m H! B- N6 v! r8 u+ S - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
2 D b4 |) t5 u' N0 d9 w$ [ - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]9 e; ]' V- [% h
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
: a7 e; A. x* m4 f* ? U" v( C) j - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
0 j0 r4 A: I: D; U2 t2 a' g( T% ^ - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
, p. F9 [* w/ ]. t r - ==================================! Y* [1 m' C2 x: W" N+ v/ L
- Winsock 提供者9 D& ?" r, f2 O5 M7 |
- N/A! Y+ q& Q4 E" \! `' P/ ^- x1 {
- ==================================! F- K0 c5 K3 W" c
- Autorun.inf" d8 q7 J8 S/ I- \: ~
- N/A1 r' \5 R) v$ H9 i! o5 K" H j
- ==================================- M; A0 ~* I$ k2 }
- HOSTS 文件" G, }& K0 {! r) o" n, f$ z
- N/A
) d1 m- Y' ~# F! {, A# e - ==================================; ?" w, S4 u9 p9 q5 ?5 v$ d
- 进程特权扫描7 k. Q' @- J: G6 \, G
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]& U9 R8 I. M) N- o
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]$ t4 d) L _% U1 U
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
) S& l4 Q. @+ ?. G2 L( Y - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]+ |, ^( s+ Y% t* i5 J4 A' E+ U: ]
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
0 o- l4 J" k/ M/ l/ Y+ E - ==================================
, k# Y0 M$ _# P$ T) S4 |1 ^/ C$ e - API HOOK7 x) q9 ]- [, v2 y0 I
- N/A5 e; }7 u/ z. q
- ==================================
& h/ C. D g1 c3 ? - 隐藏进程
+ [7 V- J) b, Z- T( P- P5 v - N/A- g. p0 a- {8 r" i7 _) k
- ==================================
0 B# ?/ O7 g+ d6 {6 q! c - $ H9 u( b4 c7 n; I- ~
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
