|
|
- # l* w+ ?# \( l2 q* j2 |8 ~* E
- 2008-05-22,20:37:43
3 d: M5 b7 L- {7 k5 j8 X1 O: d - System Repair Engineer 2.5.16.900
5 ~/ A- \, g/ \ - Smallfrogs (http://www.KZTechs.com)
$ i; f7 b# w; L: Q2 q5 ? - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
& }4 p8 o X0 q3 H* i9 A - 以下内容被选中:7 r) c/ G& i! b, a, N4 q
- 所有的启动项目(包括注册表、启动文件夹、服务等): G/ [* D. C) W" Y1 h& s$ w
- 浏览器加载项4 ~8 G; Y9 b: h( G
- 正在运行的进程(包括进程模块信息)9 K6 n9 n8 P* ]; [. H) W
- 文件关联: M k; j5 q; W! G, n) R x
- Winsock 提供者3 \0 u. l1 N6 t' X. B$ |* g$ ]$ s
- Autorun.inf; L) }5 \) q6 B6 o/ e
- HOSTS 文件
! S3 b# [7 o# M# R9 w! X" F+ J - 进程特权扫描
/ Y. Z. B W# r6 u
8 R" c! ?4 H7 E- 启动项目, V, f. `* Q' F, s5 Q, z+ f8 C
- 注册表
. ]9 t: B2 s* B& q5 e - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] w8 G" \" P( S4 W% D; F
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
; A3 l' D3 e; V$ w- M+ Z - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
7 \' ^# @0 A3 S, ? - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]% z6 \* J) J9 Q- l: Z
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
% N5 U2 N4 Y$ n4 B& R8 M - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
$ m! j o7 X3 g - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]9 {" ~* }! s; C" C+ Y
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
8 a) t( r9 R' Q+ h% s0 k4 ? - <PHIME2002A><; > [N/A] q, q4 v+ R/ T2 m1 _
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
* Z% F' m9 y9 L! s* ] - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
$ J$ M, L3 V% g: r - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]2 d# e6 _! d: G2 y7 A6 w& W, ~
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
) X. x+ a$ Q7 f5 h9 [; C& Z1 i - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
" @" P1 `! \. n8 C3 m3 |. E' Q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]' F5 T6 Q0 u. H* S% X
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]" d$ h/ a( q3 B7 {5 r0 ]1 l) i
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]. w6 b7 e5 D8 V0 m) F8 j
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
' ] N6 H& h& v* O5 w+ D, b* q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
3 K5 j7 [9 n8 e A- h3 A* u& h6 | u - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]* O) V i6 C: b9 s: j
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
6 y. r: a/ k$ s - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
5 S3 J$ f, R" L" A - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]9 H' {: x# x) g5 r* ^( S9 M# u, r
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
' [& b9 E: h# y, B4 I0 P - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]& {6 ^, ]; @5 }" s$ y
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]4 e/ Y6 q# X! `
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]5 A: I) M* X1 {7 W( L z
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]" p# P/ S+ X; l% D" k4 V* ~, H4 g
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]; o8 m, s8 F) a! k0 t$ X: p6 d
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]4 K! U7 T0 [" Y9 t, C% o+ M3 ^
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]! ~, H3 ^6 q6 v: N
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
% K5 X7 M: o6 |3 q! i$ K - ==================================
1 c7 z- V7 |8 P - 启动文件夹+ Y' z! m& B* P8 V+ \8 q
- N/A, D0 T3 P7 Y' O4 k
- ==================================
8 ~ x, a' m* l+ o& x4 H - 服务$ e6 J7 B$ m" c( Z' }
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
5 ~; B; D4 O# D, h$ n9 C' e - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
" c- P2 c0 |9 u - [Google Updater Service / gusvc][Stopped/Manual Start]
0 x6 b4 B% T2 g - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>0 K5 P; j* L! @& {2 g
- [Help and Support / helpsvc][Stopped/Disabled]+ L* {0 W! w' E; e" b( \* A
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>4 E1 c0 M d- y1 C; P% O8 l `$ b
- [Human Interface Device Access / HidServ][Stopped/Boot Start]3 S7 p- C) V3 ~- W6 L
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
8 g9 Z2 W ^8 i; a0 f( r - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
! }9 c, V+ k& W7 p - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
& l# `& p0 |! @5 f- y( Y - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]2 g9 Z' c) a+ R: I5 e4 |
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
% }; m% O# c3 k- \/ l$ h% A - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
n$ i. Q- x5 ? - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>( `# B1 f" T/ B! t* Q4 X
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]$ x4 n& P4 W* X; o
- <><N/A>. m" G; _5 \0 T0 O) G2 Q2 k
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
/ D8 T7 c, W* {3 ^8 c( V; w - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>; `$ H9 e8 T- K" m/ F' m" }" _
- ==================================6 _: t" `0 n1 c. L
- 驱动程序" p+ F7 f2 V+ X& d6 c1 J2 f5 i
- [22j / 22jn][Stopped/Boot Start]
; {9 v7 y- N- T: _ - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
' D4 s" ?. i1 F, @; i - [360AntiArp / 360AntiArp][Running/System Start]; T7 v8 t5 @. v8 v1 d# _" P3 u
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
1 _: ]" W5 [( m3 k1 ^1 ] - [43ec / 43ecu][Stopped/Boot Start]3 s# ?5 ^ t% K* v# `' w! R2 z0 i: L
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
5 e `: F* n0 p) @ {0 r - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
# n/ g! H+ |' t% l# Z - <system32\drivers\ac97intc.sys><Intel Corporation>
' `0 ~# b+ X" ?. D- A - [Promise driver accelerator / bb-run][Running/Boot Start]
9 R2 `1 w9 D7 t) Q. [6 r7 ^( l - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>; q4 l$ V# N/ B p( P O; L
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
( j, F# j7 D$ x1 A3 C - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>& e7 W! r0 B' W5 y" Y7 O( M1 r
- [KAVBase / KAVBase][Running/Auto Start]
% b+ ~7 x# I# H' f, n- d - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>% J' F% @8 O. T' I$ |: S( y
- [KAVBootC / KAVBootC][Running/Boot Start]
- L0 p% E/ O Y% A- k - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
' R1 K- H" @) s - [KAVSafe / KAVSafe][Running/Auto Start]
+ _1 A6 R3 ^3 T) ?5 \9 s9 ^ - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>7 H( r6 c" t4 m7 k
- [KNetWch / KNetWch][Running/System Start]
9 B0 Q$ s6 A/ n - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
, l! C/ i, C) _, l8 r - [KWatch3 / KWatch3][Running/Auto Start]
; E7 t& F+ G; |3 v2 W5 T7 s; s - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
, ?3 u, Y, h$ H - [ntptdb / ntptdb][Stopped/Auto Start]
4 x' \ ?3 `; z* ]. F- ?; S - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
- U6 I4 H- F- V1 l - [nv / nv][Running/Manual Start]
2 V* X. A% l# x - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
8 @( u! j' V% |8 g- f0 U - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]7 K% F( s# n+ Q5 P3 \7 _
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
9 f" o* a9 Q$ A; }- [( C `. r - [DDK PACKET Protocol / Packet][Running/Manual Start]
! s! L v0 e6 ~0 M* {; V - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
9 z9 W% C, D, ~- i% V6 M- W - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
( k2 C+ d$ E4 ~ K8 P - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>6 B$ H9 L! S% d
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
* V: U9 M7 @4 Z0 h! G - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>1 ^) Q( }5 {. h% A2 [3 Q8 D
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
8 G# Q0 V5 b1 a: \' r5 {" y0 F( T - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
- e5 }/ B; f. o( r/ ? - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start] X/ D! J' B. L. w% s
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
! T/ [- F4 z' ^8 Z$ Y - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]4 S5 P2 r1 p" ^/ Z" {$ j1 Q
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>$ U3 P/ P. C6 g3 U z; O3 \7 g
- [Secdrv / Secdrv][Stopped/Manual Start]3 U; ]2 s! y" f. P1 w0 d" C
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
, ]- x+ U! A& G' o - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
6 o$ a3 e6 I* U - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>' c* v/ r/ U3 \/ ^
- [System Restore Filter Driver / sr][Stopped/Disabled]9 y+ V- m' s: \9 y
- <system32\DRIVERS\sr.sys><N/A>5 M) `9 j1 V9 x5 h S: {
- [TesSafe / TesSafe][Stopped/Manual Start]' m. z' {/ v6 n" u
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
0 B3 H9 v4 Y: m2 { - [System Services / unzxzsrs][Stopped/Boot Start]0 o6 f' Q7 V- _
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>2 U1 t7 R/ _0 x! `& f$ s( Y/ J
- [ViBus / ViBus][Stopped/Boot Start]' D" _: N2 I1 ^0 t D# M7 C. @
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>1 E4 o0 i8 I! |% g0 d
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
. D) k0 @; |7 ] - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>7 n4 n0 K' k8 T/ B* ?
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
$ m* W$ F' }0 }$ @# F - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>6 Q6 n. Z- C' h4 `
- [ATI Extend / zhibmaso][Stopped/Boot Start]1 H* C! [( H( J4 l/ `
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>% s" X: O/ m- R4 s& T2 b
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
1 s4 W. V4 @3 `/ e8 ]; B - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
) ] E5 o# u! z `; C7 r/ i+ P - ==================================
. x7 q; j! A9 c% h& V - 浏览器加载项
" y f* f0 m, q2 ~6 e x/ J( e& K - [Google Toolbar Helper]
% Q& j3 P" S3 b8 D - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
/ L! c5 ?! i8 C" R( y - [Google Toolbar Notifier BHO]
2 G* M2 `4 ]: }7 V- h - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>5 [( l9 F" v5 T. D
- [SafeMon Class]
) E. |/ Q) q4 }& H& B4 i2 ^ - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
& B5 V [0 J0 `5 A: `/ y - [kingsoft browser shield]: k: {2 e) N: s( S7 y$ w& I
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
" P* ~* T9 ~" a# }4 Y/ D X2 C - [IEBuddyExtControl Class]2 ]8 e) L- k) P2 W* X
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
' X0 z9 |& r, Q# W/ ~4 x8 h* l" a - [Zcom 杂志]
9 G. _+ E. |9 I% D6 F, m - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
. M' H) F1 K- e0 _% j K1 q - [&Google]
+ \% k& b1 m$ c2 h7 h - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>' r2 U' T+ p4 F. w9 f
- [KooPlayer Control]
) a; Z9 g/ G6 N7 j8 Y9 u - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
( {% j* B9 S' F8 o# N - [Shockwave Flash Object] J! @& Y: q6 O& i7 }
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>% P7 C" ]* e+ {- z# G% O6 u" ~
- [KUpdateObj2 Class]
( I/ Z& P# p: R& {6 B. S; q - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
9 J" z" j- E& u# r - [Google Script Object]4 G* t0 f3 E/ }( a7 q, z2 L
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>( O* u0 H$ g1 ]! a
- [EWA Control]
: Q" Y, [' z0 ]& ?& |4 J - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>4 w% l! ~5 b( O0 p/ ?* n8 }
- [Windows Media Player]
8 |( J0 K4 n* m, | - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>& }* k2 s# \7 [% u, S
- [&Google]' q" m! E! K, E- E
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>9 J5 r% ?/ z5 K. S1 \; E; ?
- [HTML Document]. c$ q6 O/ X5 B8 |
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
' m0 ]0 K% G, H9 J3 t& u - [DHTML Edit Control Safe for Scripting for IE5]
/ }% c9 y* t) \ - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
, C' C/ D0 I. Y8 i) u. S - [RealPlayer RAM Download Handler]
U$ f% i! ?2 c; h* A - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
- B1 Z$ M% K- v+ y* p/ c d - [IEBuddyExtControl Class]0 D3 l+ V& A% B) k& J2 \
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
1 {- _, B* ]# c - [XML Document]
3 E! v) O; x1 I! S2 O* H9 o! X- B) t - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>' Q* p1 @2 O( P% ?8 ?/ P
- [HHCtrl Object]/ |3 ~! Q+ k* K% ?
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
; j- }1 V: `2 A, e/ j6 g& r - [Windows Media Player]
/ Z9 w5 _7 |9 U* i4 A$ A: t- z - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
# s9 M0 S0 C$ W, {# j - [Active Desktop Mover]
L$ |4 }) A' }2 n - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>6 U5 c4 u, Q$ L, U
- [360SafeLive]7 I& J9 J1 C3 r: m" c" ^
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>5 W; h6 m7 C8 M& q" f9 U
- [Microsoft Web 浏览器]
r( u* T" \4 c( P, k- q - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
4 G4 o; k/ n7 C% a1 v9 W - [Browser Enhanced Objects]+ I5 `; C+ J8 q3 o( I3 ~+ ~/ [
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
. A A. W! w; R/ a2 d - [Google Toolbar Helper]4 c2 V# l4 N, U4 e2 f
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
/ j4 g+ m( K/ ~* k - [Microsoft Scriptlet Component]
, B$ r$ C' ?- X; L( m+ n - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
- R. {$ c' o, ] - [Google Toolbar Notifier BHO]
8 M; x4 R6 h% V7 X1 a. v, y; \2 l - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
$ _: O! b1 K' j! d2 F& d5 l* i - [SearchAssistantOC]
3 E+ w* I& b8 C( c7 k - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>9 a9 V- u0 |! _, ]3 j! P
- [SafeMon Class]
# e! E7 H6 g& ]! p) f8 ]$ ~% G, F - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
1 J, o6 J# @. c% {, ~ - [RDS.DataSpace]
2 r: M4 N m$ L: N/ i% G" ] - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
; i! M) r2 h2 w6 f! O/ M - [KooPlayer Control]% x# S& a2 Q' K O" {9 i
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>" x. x3 O) B5 l$ z1 I/ ~: z
- [AUDIO__MID Moniker Class]2 c7 B( m3 A$ ?+ y
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
/ K4 M- @6 v f9 d, |/ D* {) Q2 V - [AUDIO__MP3 Moniker Class]
' t) d3 c, Z4 g. x& U5 f - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>: e( B+ K0 O4 Z7 \& }
- [AUDIO__X_MS_WMA Moniker Class]( U3 u: ]8 Q% ~8 o9 K2 p& z
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>3 v* F2 {, S- p6 C& a
- [VIDEO__X_MS_WMV Moniker Class]8 S) ]: c* @/ {. S" T
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>: Z: E# V2 X0 d% L5 z. I% l7 b
- [RealPlayer G2 Control]0 V7 A* n7 G' _( h; U) X
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
5 t+ _. Y7 S7 [; `* ^1 N* b2 C' t - [Shockwave Flash Object]2 B2 l* S; s* N& Y$ ?6 S Z
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
- y: K" ?: C0 r* ?. d$ S: B - [KUpdateObj2 Class]
" L$ B9 l8 z4 L+ L! l( x( B - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
" ?* P5 m2 x) }9 t& X - [kingsoft browser shield]
$ H* I9 n: M! q7 E& K - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
! i; d2 H) W- A# r - [PasswordEditCtrl Class]
# i) E* J$ W2 Z! Y - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
( N; |7 k+ m, [. ], B7 l - [QvodCtrl Class]
s0 a2 _0 V! k7 m" k; q - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>9 {$ i0 e/ e- T c9 a: h+ d9 R$ o9 z
- [&使用超级旋风下载]
9 o& M( j$ r2 y- d6 a0 l - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
a) k6 a& T: ]( b1 B8 w3 V; u y - [&使用超级旋风下载全部链接]" O1 q( O- O0 L& ^. q. x' J! t
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
5 Q" g E/ }! y3 Z6 v - [使用迅雷下载]5 Z C$ s9 e: G6 S- q: |
- <, N/A>
1 j7 A/ ~8 b. g/ _6 ~ - [使用迅雷下载全部链接]
0 m7 @$ e3 O5 g: w4 H - <, N/A>
2 o7 u2 Q# R- V8 Q' K) w) O/ E* d( ? - [导出到 Microsoft Office Excel(&X)]
: ]; y- t$ o& K! {2 `' C - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
( {: Q( G7 ?7 U0 \$ k - [添加到QQ表情]
3 ?+ s$ s/ n4 V. D% |) p5 ~ - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>5 [+ k% N6 Z) Y
- ==================================
2 x' E6 U, G. @' Z - 正在运行的进程
; }+ o% V' N( u9 s/ r4 @0 c! j4 ^, R3 z - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- x* x' h4 e" x5 Q9 {& R* T - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. `1 x9 A# E% R: Q# d+ } - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& l9 i% j& M1 t* N) C/ F - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
: A! u% m. I. L. p# ~ - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 w2 x. T' j& p: {5 E/ k8 y! p7 [
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 D) V* `+ i4 U" d - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# \1 ]) \3 n# r: \" ]3 v7 Q - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% m4 j4 Z2 ]( q. @2 |3 ~ - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 j: N! W4 n7 ]' t
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' H1 ?. k: W! V- D# L9 o - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 M% J( j9 G6 O+ X; ?) E) P3 @, F) f* J - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]; Y6 e7 p& L9 F7 B4 B
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 G/ ^4 E: A! Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 N( L4 \6 t! b5 {0 Q4 z# P - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]$ h! X0 E, h5 ?$ n6 s7 U1 W$ K
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 q) z! e3 H4 T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
9 k0 h, {0 @. G; F6 m - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
7 n! D1 N1 w( J# r5 S" p3 \ - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
/ d" w9 e( j8 A& W - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]+ _' P2 y3 f2 ^ W
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
) p6 i1 M) e) @ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( s* W( |$ h4 ?; B) b# n
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
% G" f. W$ K' K6 A7 ^1 e( P - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
4 Q5 o& j3 o( F- N8 ? - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]% L" I. g) D* X& S. X! r' i0 a0 J
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
+ M6 ?; P; p; V- t - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
: L/ X% t Y9 a. X" |/ _& g - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
8 l- r; w- i0 ~: Z3 c+ h j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* n2 f( l' c. @3 Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]0 E5 I6 o; Q7 o O0 M; ^
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* e8 z: m" I; W: J
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 R9 U! r+ U0 {9 j Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* G5 ?. N3 K0 S p4 [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' t1 g1 V7 J2 M/ V! Z - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) ?: K1 M" F9 `8 J - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654], k3 a0 c) a1 Z" S9 H$ T
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]9 ?% i4 X% |3 a! ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]1 ~- p4 D# e* ]9 @+ @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
j: H4 {3 y0 w# `1 b - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
: p& y1 y0 S3 L5 ]- Q& ? - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]8 V" _9 v: w7 J& j f+ ?+ b* h
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
* Q1 [1 c! a7 O$ W/ t% w - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( |1 D& u* z! O9 X- \
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 N2 W% o% P6 t# j/ f6 y - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
) g% s( E' W) r2 J' r0 O$ ]% z8 E - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. Y* w. s9 I( Y8 N) a1 G" e9 w; w
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ t2 m( ~/ l1 \0 I; @2 Z - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]3 y2 b, B' l0 a# a- `/ B
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]8 l9 m( e9 T4 z1 M, S1 Z
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ U" E/ C5 ]9 E0 a, U0 T1 l - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( I$ y* h6 w% I* y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% b& l/ O1 r) }& ], F o - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]1 q8 A4 S- r3 ~( @) I
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
; w+ J. u- B1 l$ F" z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
" a, C5 L5 y9 h9 O" ?% i# y& f. r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]0 @2 D9 i, U, f! s0 L! n2 Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
' W" _+ \/ h8 \& i, A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]( |0 F& Q# ]' T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]6 h0 [+ F# T* W' m6 Z" T0 Y
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510], K. r& L5 m" y4 q8 F, H
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
2 B# I6 k' o( e4 l - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]5 S+ G9 a7 @$ Y
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
0 k* J" p3 Z7 x' z7 j; P1 ]4 @ - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
7 ]. `; N2 W7 T) ? - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
% W0 w% F& a1 }5 o' o4 u - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
8 ^8 e* g$ e4 s+ i - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]1 A& R1 x, _! m+ H7 y" G! l! `
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]' Y2 ?/ E& R4 y N; v; x
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
% y1 r5 u4 ^; G% w" {/ n - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
# t- I' {- G) G" j) [ - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
+ E; b/ w1 Z# u! f$ r - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- n" W X- T% f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]& R" g4 l9 r/ F2 Q# I9 R
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* v5 R4 B% \4 i. j; E+ j% }/ h - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0], \/ X: I. ^6 _9 ?! r- y) y
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
% A- s. h8 D' G9 w - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]' K/ g4 r$ L) I7 ^, j! c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. I! ^- I9 N% g% P ~7 Z) q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. G# J* q6 D2 B) S8 l - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( f* W' I6 |+ r4 Y
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]+ ], w& ?9 I, `4 t, f9 K E
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
6 h+ t1 U) a2 H( N: z - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]& Q" S- T1 ~$ N$ s; f/ c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: ~2 d) |: h( @- g7 ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 d8 S7 M) z+ h4 O9 [ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]% ^3 Z0 J8 }8 r5 b+ r
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
6 ?, \( }- _: p. w" a2 y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 t$ u. x2 `1 g* v" M g' J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]0 a/ z5 D9 ^2 [; A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
6 i# l; A1 @& z8 q3 S8 W2 w - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]) o* L9 Z: Q# t; N/ T- q- p
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]3 r. E: \2 B& c3 O4 h" S! \
- ==================================
9 m) d' Y) `, Q8 V - 文件关联9 Z/ }0 d K! b) `" n; ?
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
+ I0 E5 x( s# Y( Q- H+ m( X - .EXE OK. ["%1" %*]% p5 I. `+ W6 w9 a+ l
- .COM OK. ["%1" %*]9 n6 L2 j8 B9 _% g# g3 N: c, w
- .PIF OK. ["%1" %*]! w0 `4 G& k3 ~
- .REG OK. [regedit.exe "%1"]. V* M5 i Q* |/ r! T
- .BAT OK. ["%1" %*]
5 h: u( \1 N |. q" J' f - .SCR OK. ["%1" /S]
0 w. A/ I4 k, o! I- j& B7 d - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
% c9 a7 }- d) z/ r- u" {% l - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
, y$ t% t* b# m$ A$ N) Q' | - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]! @3 J7 {% e: g/ f" v9 o
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
6 g8 T3 K6 O9 R2 Y( g - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]' P3 R) W5 k6 C' N/ @3 q
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
# y( \- f, }* d, N - .LNK OK. [{00021401-0000-0000-C000-000000000046}]
u) T0 c0 S! R% c: F2 r! U - ==================================
& b( ~$ C8 M# E9 Y/ s+ w/ E - Winsock 提供者6 P- G, _% ]8 \7 K9 A
- N/A7 U4 _ D( ~" H6 @( p: U( {. G
- ==================================7 S6 _/ U( X: I M" h' C: @' E
- Autorun.inf1 ~0 x! P, K* }
- N/A* ?+ y% Z6 o( t0 T x
- ==================================( i& U3 z+ J. |- M6 b6 _, s0 R* P
- HOSTS 文件
; a0 t- U1 `9 t' Y - N/A5 t: {; F0 J% A: G M
- ==================================
. I% v' ^/ T s* T. y* q3 U: Q - 进程特权扫描
4 B9 G) A" }# T; m; s2 R) d2 A5 O3 l+ e - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
. m6 E9 _8 F5 N! ]" ~" L - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
! A4 U* a4 y- A( j& F - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
" _/ M, ~/ S- Y/ R" D4 R - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]7 b. p$ `7 y: F7 ?
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE], d/ F$ c+ K; R# n8 M
- ==================================
9 c: f0 D; |; v - API HOOK
! s/ ]1 Z1 f! n5 F7 |1 \2 Z% g - N/A
! q4 ~% X) D+ w" { - ==================================% v; f5 r7 C" Y; L- U0 f
- 隐藏进程* U2 b% H- r, Y
- N/A
! \7 h( M0 {; h - ==================================. Y) u# E5 |/ V% F
- e; ` l0 V) ^# i. _% S
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
