|
|
- , d4 Z) M9 b, T k& N( B6 x
- 2008-05-22,20:37:43+ i% p3 G$ n1 [% a; e+ V/ C
- System Repair Engineer 2.5.16.900: s F7 }/ |/ P, ?( I2 V
- Smallfrogs (http://www.KZTechs.com)& D2 A8 A7 }- F
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
6 n: x1 z F# j+ Y x/ r* Z - 以下内容被选中:
8 ^5 f! r* v8 _ - 所有的启动项目(包括注册表、启动文件夹、服务等)9 p! w4 U2 D& M' I4 _, J& i: H
- 浏览器加载项; Y6 f9 u+ v5 O# ?
- 正在运行的进程(包括进程模块信息)
3 Z% \) S- a" o" r* ] - 文件关联
Z3 ~# {3 ^( s& y7 f/ n - Winsock 提供者5 E: D" G+ A& D
- Autorun.inf
! J8 X8 r0 d D5 g - HOSTS 文件/ c' g7 ~- K/ Y6 I, [! q% _. u
- 进程特权扫描$ \& [3 j' G" k) u/ }0 b
- / e2 Y" d& F: w1 R% X
- 启动项目; W+ p- v3 }6 X6 L1 b+ W$ ~5 F3 m
- 注册表2 o+ T% v5 U' N2 ]( t0 g' C( ]
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]7 l( E5 y; u& r! |
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
1 c* W! h. |. v" J8 Z2 c0 R - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]* h! `; ^; H& ^7 O- X& I. a* b D
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
& D; h, z. d0 K6 H% _" B# y - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
$ [+ Y0 j5 w: }7 D0 Y& f% S q - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
' H1 E7 Q [" T. E) a& [ - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]1 U7 A. ~( p& C1 u6 }
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]5 |: l9 F' @& H- q) X- g
- <PHIME2002A><; > [N/A]" h9 x' ]6 H4 N+ m9 I/ t h
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]. H+ I0 k. X. E7 a! i" ?
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
7 X* z3 b& \) U$ P4 U7 M* P2 ^" x. S - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
9 n' M/ r3 u( s& D5 `$ e - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
" W- C2 X/ `0 Y4 Z; [# G - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
" ?' d% A5 j- N' T - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
+ ?- z5 d/ ?. C3 X H* p - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]- Y/ c1 |& \) A) A' {" W
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
2 R! m9 j$ t y7 c - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
4 n4 ?3 y9 Y/ y& J9 E# p' p - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]/ L+ z# s$ x8 b* T' o
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]* {9 k3 ?4 ~3 W2 k2 T( }$ V
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
2 U+ j; a5 y. ]$ d# Z - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
5 d. z. P0 P, z0 } - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]5 m l" V; _% }+ B
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]5 z& Z& T: _- {: s
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
1 C% T/ e5 ]5 h. c1 Z0 u+ P - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
) n) D% Q+ G Z G% G# o% I - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
" g' n$ f! Y/ |+ l5 t+ }% v1 [ - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
9 w: C8 \& Q2 r3 `7 z3 j - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
. L# Q9 C$ f+ m4 r8 V, _ - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
& x3 Z& G5 E" X1 { - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
% `) z! ?" I: l* w - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
: P" z; G4 m! k# D - ==================================4 I* ~! {7 i G: c& ^, z5 ]3 y& \, l
- 启动文件夹
& K8 a7 o& o- B - N/A
) c# v$ J) k1 O! g: J4 s - ==================================/ {5 F3 D: c3 ^
- 服务
; G8 v# Q; @) I. G) o8 l - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
) M O: S- y( y - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
% E' K1 Z8 p' K" `4 Z, E& w6 E9 N - [Google Updater Service / gusvc][Stopped/Manual Start], J% m3 S' S' i, E4 K
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>7 x6 \, B. D& U: t7 H
- [Help and Support / helpsvc][Stopped/Disabled]+ I' }0 U$ B" c9 e$ \7 ?3 n
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
% V' v4 ]( m; o- f H- \8 E - [Human Interface Device Access / HidServ][Stopped/Boot Start]5 D) A# I8 _# V) ?0 D6 w
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>7 J. o( p: s- C k
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
" X9 C- ?* Z& |; K; R - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>( z3 @% F* P! M* V
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start] u6 o V* {7 H; P9 r
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>* Y7 `! l" z/ Y5 W; m
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]; E+ p: A* z2 {+ r- E7 |
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>$ C3 r' z; E! Z* c h0 S
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
+ S3 p$ H( `! D6 [: K0 e - <><N/A>9 e$ j- Q; u& ?1 y
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]9 C$ H2 c- _: J: f7 @' ?2 Y
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>( i4 y/ }. `+ B% X* Q, F
- ==================================
1 g p+ B2 S4 [" }7 v0 g1 D - 驱动程序- h, t5 a: W; L1 s5 E7 b. m+ S- O
- [22j / 22jn][Stopped/Boot Start]2 x" W7 e Q, [* Z" p
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>7 h/ \6 f* v4 m: z6 U' w
- [360AntiArp / 360AntiArp][Running/System Start]# C/ V: s1 G' e; I- C
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>; `1 S3 h6 [( p* ?7 S
- [43ec / 43ecu][Stopped/Boot Start]- m t) _- D1 Y3 k
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>$ N4 \. `9 a; n
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
0 ?: n, D, M, M/ ]( @3 G" ]$ o* Z - <system32\drivers\ac97intc.sys><Intel Corporation>
K$ F' k, ]' Q; J - [Promise driver accelerator / bb-run][Running/Boot Start]
/ ?2 ]( G6 J9 a( X. t - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>( N5 p8 g( ?# F4 X2 R' y& I3 G
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]0 G& f2 e: c* ?: X- _
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
2 J. P4 T& c, U - [KAVBase / KAVBase][Running/Auto Start]
/ Q! G; g6 W: n+ u' R& m - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
+ r) N+ b) h8 d - [KAVBootC / KAVBootC][Running/Boot Start]& c! o' O4 Z; j5 d
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
) Y7 e3 I) f N - [KAVSafe / KAVSafe][Running/Auto Start]
$ ~6 X7 F& P4 G: T, R5 |/ o, c - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
7 Q) i$ U3 o. L( d" C+ ]& n0 W& t - [KNetWch / KNetWch][Running/System Start]+ l: q3 I0 S4 f' w
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>( s, i; `! A$ T8 x' L4 \
- [KWatch3 / KWatch3][Running/Auto Start]( g9 R9 J* c1 C
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>: q/ L" {2 B& D G+ B
- [ntptdb / ntptdb][Stopped/Auto Start]
* y5 q( s- E; B: Q# o! ~ - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
2 W; P% U% H) g* g - [nv / nv][Running/Manual Start]
2 |9 j6 M8 a. M; } - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
z7 P; B5 O. `! Q! l' `' s! P+ o - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
9 J4 D# ]/ L2 o3 t - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>, d, l5 y) E$ D8 v
- [DDK PACKET Protocol / Packet][Running/Manual Start]" ]$ ]. C; P/ l1 }" K
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>1 G6 H: H0 g/ M* J) ?
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]/ ], U/ f; l4 }9 q/ B
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>% x2 j$ J0 h# ] j( B
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]3 R9 ]2 M, ~; w D3 H7 N% \( ?
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>$ o1 L0 E0 N7 T) T( G
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
6 _ c$ p& @8 m' c/ J6 H+ ]" { - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>8 M! k0 B d+ q8 t
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
0 j9 T8 m" g% ~8 q - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
8 f. Y! g9 R) H: |% c - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
; E% [- }$ c% Z5 I" s( } - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
* D0 K3 ^+ n. O/ h- \ - [Secdrv / Secdrv][Stopped/Manual Start], \$ ?/ F1 U, ^: O" O, v) [1 g
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>" O1 O! p# Q9 i c# D4 l
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]5 N: S: y2 e" h% T% Z
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>+ z! K, Q- A: ]8 K
- [System Restore Filter Driver / sr][Stopped/Disabled]
1 K2 [) [- q. D0 J+ f, r - <system32\DRIVERS\sr.sys><N/A>( O% w2 S2 l# b5 N# `$ ^5 F" S
- [TesSafe / TesSafe][Stopped/Manual Start]7 L5 D% d+ L8 r h: P& h; l
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
" u+ n+ R, J; h# f/ y2 |0 T/ [ - [System Services / unzxzsrs][Stopped/Boot Start]* ]& ?. R, T: @* e0 S
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>( Z7 A& k- z# {1 F
- [ViBus / ViBus][Stopped/Boot Start]
8 h2 K& _' W3 Z: ?; x& H& ]: | V' A* @ - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>+ |7 p0 i1 ~- ^: r7 e, ~9 f
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
& Y7 y% F) K5 e" U$ K! b( [5 n - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation> e* @6 m. ?9 [3 s4 ]
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]2 }& T$ N3 Z' K) k) l/ _
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc> Y5 Z& I$ x+ g/ X; Y- a8 e' K
- [ATI Extend / zhibmaso][Stopped/Boot Start]
' c! D( j6 i" L. W - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>7 \8 ^% a2 Y! Z t* e% ]8 V' Q; G
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
8 j) \& h4 f8 ^* G$ b - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
) ?! U1 X4 `. s& y# B( k8 L7 i - ==================================
# s# C2 u2 @9 e# a, l3 K - 浏览器加载项( o7 W% j6 t4 i! g |9 t4 w# f
- [Google Toolbar Helper]
; r% s- c# Q# J; W' |. V - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>/ w0 ]( T4 l8 f( K1 w6 i2 y; {* J
- [Google Toolbar Notifier BHO], K$ t! o- q- J# m; O1 Z
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
7 f( a4 d7 ~3 r2 h - [SafeMon Class]
( F* i. }7 ? h5 o8 c - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>! p5 _3 y; Q) b6 v
- [kingsoft browser shield]* D; ?1 V- [' o6 |
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
`: P2 g) P4 C+ L - [IEBuddyExtControl Class]
2 [ G( Z' r" |. X; D4 M - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
' V" W5 A0 A% S8 _+ J - [Zcom 杂志]( }# G- ]6 ^0 L& h2 l) `/ l; C" ?
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>- A& v6 n5 V% s' t4 G5 R9 K6 ?
- [&Google]& K7 F F0 s o- O
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>/ o1 S: V, V4 G( V& X9 Y
- [KooPlayer Control]
% J& a( l; B3 ~' {7 Q( A - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
8 S3 \( `0 q# X+ M( ]' Z1 ` - [Shockwave Flash Object]) k: k7 z% v/ d* x
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>3 y$ q* Y5 ^& L4 O" R: g6 b" b, Q# c
- [KUpdateObj2 Class]) l' x1 X! ~' {5 n% z- F
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>! N7 ?, B& ]. R, c7 q8 c( @
- [Google Script Object]
% V" L0 {" E9 k K- w6 w |; y+ o - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 ^2 c1 `& ] _0 z1 @
- [EWA Control]
4 K: q( m+ c+ ^/ b- E - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>: C7 v, z4 T- R
- [Windows Media Player]5 E! d5 ?6 ?/ g
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
0 Z/ I/ _! M2 l: t8 E+ f - [&Google]; }2 T. ^3 e4 Q% F6 d& u
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>' ^+ z+ _' ^0 r: C
- [HTML Document]
# T! I7 ?& R, w) A; z# Y5 E2 D. N - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>- [' a- W# v1 p1 p% ~( [. d5 A
- [DHTML Edit Control Safe for Scripting for IE5]7 L6 R _) M) H8 `" _1 z
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
5 i. z% ^$ y7 d7 F0 x4 w - [RealPlayer RAM Download Handler]- H+ \+ ~5 v7 ~- P: v" h& b) t
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
& G2 P4 l* b6 w- \# i5 T - [IEBuddyExtControl Class]
8 x" Z7 Z% D }2 {6 e, K9 } - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>: @2 c1 B7 n5 C/ H( H1 c- l# F* b
- [XML Document]
7 e: a8 J" Q" T! C4 q - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
. y h" m' E% R - [HHCtrl Object]& ~3 X: W! C5 `: \& z$ }5 t
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>9 e) D/ g( A4 U* P
- [Windows Media Player]
4 t( `: i) I! z9 [6 f1 A - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
+ D1 K9 K4 ^% X5 w8 O# I# X - [Active Desktop Mover]
7 o# {4 Z" s! r& b - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
' n# N& K, `* Z( Y3 @/ I - [360SafeLive]
/ v/ u! U; |3 a- J1 ^ - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
1 C# G# B! r- o r - [Microsoft Web 浏览器]
8 V5 S+ Y5 E' z6 v - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
1 X! o: d1 G0 @" J7 x - [Browser Enhanced Objects]
& a3 r# a: t! G4 p! l9 x' l- F" N - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
1 Q) y* ^. n; {. @+ l! O - [Google Toolbar Helper]0 l- V; `: p3 u7 m3 a5 h5 F
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
1 a5 G/ e" ]7 U L8 [1 ? - [Microsoft Scriptlet Component]- M; c, G+ U* ^7 W* M
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
' H; A; z$ }2 Z0 f+ C8 V& M - [Google Toolbar Notifier BHO]# p9 i* K/ b( x, h, w( d' \, r, g
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
: K% V# A/ V( o( h/ y - [SearchAssistantOC]/ Z- m6 G: d+ _) R; [/ Q
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>- \0 z2 s. Z7 P
- [SafeMon Class]
1 Y, |; A; B( o5 i ~ - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
$ M' Q- `* a% R# N - [RDS.DataSpace]
& m% [* {4 ]+ v; F9 u* u - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>! i3 A" q% l# F l* u
- [KooPlayer Control] h$ Y- H& g' Z1 r/ s. R# x4 i& E8 M5 w
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>; j* K' S6 M- x0 O7 j6 j J/ K
- [AUDIO__MID Moniker Class]+ {5 c* W" z5 k: P3 M0 i+ H8 o2 q
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>, F' b) E8 ^6 U. [# _4 N
- [AUDIO__MP3 Moniker Class]
5 a, E- I- a2 G' `$ `$ d" Q - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
' \4 _. x* ]) }5 p* v - [AUDIO__X_MS_WMA Moniker Class]
* ]2 M- D" ]; t4 B - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>, _3 T1 k8 }3 r8 u6 D3 A0 L
- [VIDEO__X_MS_WMV Moniker Class]
( R: F2 m) o; g( ? - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
5 }1 n/ _ F8 O6 |9 Y2 I4 A - [RealPlayer G2 Control]2 V4 W7 ], a, I3 f! f5 [
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
5 c) U2 M+ i; e/ t: y - [Shockwave Flash Object]
: i) ~3 D7 Z3 y" ], ^ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
. N$ t9 O- c9 A5 R - [KUpdateObj2 Class]
. A" b7 _ e4 F" t+ X: C8 I% i. O - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
3 p5 O& Z' J2 Z9 v( w# ?7 C - [kingsoft browser shield]
7 n! I/ O. }) H$ m! t. _. q - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
4 D: |* \3 v8 n. [ z - [PasswordEditCtrl Class]
- M$ h/ w B; ^- J i" Q - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
8 w0 y9 C3 l. g: T - [QvodCtrl Class]
# ?7 J) |* x9 l* F$ G0 \3 t - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
, k5 E4 ~( T- C - [&使用超级旋风下载]
; o4 E. g) f# e4 d- X5 }2 Z; C - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>2 B4 Z* ~: M* H' D# _
- [&使用超级旋风下载全部链接]+ Z3 [; z( ~6 T& Z
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
) c/ ]: O! O* l% w - [使用迅雷下载]
$ p7 s: E% w1 ` - <, N/A>
# V/ M8 t. x- W) k- U - [使用迅雷下载全部链接]$ s2 S- u( g4 S/ ~4 C
- <, N/A>
* H( ~: V: x7 f7 U0 {, I1 Y - [导出到 Microsoft Office Excel(&X)]8 f$ u8 \! J2 b. D4 P% y
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>- e% i% p) Y( K
- [添加到QQ表情]1 F, I/ u3 v# P- D
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
# N$ O4 O3 ]# `% Z8 z - ==================================
5 l6 T1 D& Y! }- M' f) R8 A! I - 正在运行的进程
8 s: }) y7 J( L: I - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ z$ V5 Y/ o' ?- F7 o5 r& w! D' \
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 B# i- K5 V+ g$ U T: P% |
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. o6 S( _; V9 y" ^1 H) P( i/ m& P% v - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
w l- J3 H) x4 L3 g% o - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 Z; a) y/ h) ]
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- {7 ?3 p |, G6 y - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" W7 P( D' w, I$ \
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ ?7 t" }% M. F, O% X" a - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
( x5 }8 L9 g( y - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 K1 G, V- p# L2 o4 I a- }3 ] - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 L- O: ?6 J7 O t( r& @ - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
' ]' H" N* p |/ F U' E - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. c9 u6 Q( K8 \+ \% T5 X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]- P, ? H& E' ~
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
" d- V9 u+ W4 x- ~9 C - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( n: e0 y$ n/ {' \- Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
$ O4 F. h4 u0 \0 t - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]% x( q* T3 s9 l$ A4 {! J
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
9 P! b- X9 X1 n& L. s/ p8 g% m) ?- T - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]7 k& l& ~2 Q; M' s C# L; l2 K, B
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]6 F7 P; D3 [: D% E
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
+ S1 U0 N! x( X: _$ y8 p. N - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
; m$ S! }# J, i. v/ G4 z2 W4 } - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)], v2 l; I- y. |" S
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
1 C% d; w2 r* R4 Z( q( Z - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]; u" U0 B- P6 c: ?5 V0 c7 W
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
9 E* j i* [* I, q& m+ j - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]2 K1 j6 L- k' |! J5 d/ `' G3 k( N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]2 y0 g) W8 A V( P! ]0 `& K& J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]5 C6 R6 p4 f; i/ `9 g
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
1 @( _. w7 O7 \8 X - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' @ n4 z) q$ L - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]7 s: G; t( C0 W U3 T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ C7 v" @3 t B) z+ J# Q4 p* P - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" r: N6 i% A, x; c, v; _ - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
7 q5 T5 }2 D# ^ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]% ^! e% `( M6 {/ Q% X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: n) N# j+ T/ _2 ^" R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]( G) I4 r/ k& P) S
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
6 L$ z! e! A- M9 Q/ T - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]2 B- m1 |4 O" W& Z- A7 n
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
, [/ \6 C" s. v - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
; y8 v6 h& E- s+ @8 L& Z# M2 |% ~ - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' k1 G6 z* A1 h1 b$ I+ b- o# ^5 u! c- P
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]: Y+ u. @8 H }7 E. ?
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 K; k6 h6 F- C ~' E
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; U9 A+ Q* j7 U( ~0 g - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
' A& g! ~9 N8 P/ ~ - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)], @. {7 Z" g$ a/ y6 F# d
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) @3 I* b+ E' b$ o4 q! F5 { c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 D2 K0 v* v" k/ P* U& h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! J) u2 m; U7 ?$ t q; b9 s6 S
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
7 c' {# P( q- i/ u9 L - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
8 r8 I% W5 U5 @ O4 b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]% d' u& y( s# H( z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]8 l/ U2 T6 e! Q9 Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]; Q( I* O& y3 H( P8 O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]0 D2 ~9 p; h) T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
5 |1 q6 M- g1 z, a - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
2 M+ ^! C: F1 y9 A$ _/ ` - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]; s* A5 g. C2 }
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]8 p; T$ K; Y8 ^2 j. A" H" i [
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
" C4 K. M/ o( s7 q( q/ v - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
8 S1 E% A- u% t) H+ T - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
0 q1 H" T% e. V& d; B- E7 R0 t - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]" c. ?' q) k7 P/ J3 i
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]4 W7 c' _# _+ `# _) v# c% L, W' e
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]/ x. M4 A0 W$ ~* O8 ?
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
' o, v+ ~5 l+ X% u6 g. m# l - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. d* J; A- X. ^( D3 v - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
: p1 B4 z) t: o" l - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% j, I: h2 ]; _4 d3 q8 [6 n
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
6 K- g+ S* z8 w4 Q$ `7 {7 O$ s. U( o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
9 R) ?, x D' t$ p @4 n% ^! V - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 Z9 ]' n9 r3 q- A. ~
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]7 h. J* Q/ y! o4 U$ }& l( H* h
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) ~' ~3 Y) m4 Z7 r) Q+ y# I/ c4 v
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] y" ]) B& ~- {' [
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. n% U" C! A! Z# V$ h3 o; M a - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
0 M% O3 t' u9 ?9 f; f - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]* x+ `4 T$ H4 v4 J& h
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]2 D" p2 ?* T( k8 V, `0 s# W8 a6 h
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 X( s+ v, N) d7 A" a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
T9 D. f% [. \6 k* j* M$ ~/ y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 f8 M6 C' U8 u4 r5 S5 \
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]4 P$ ]& z. d9 i" y, d5 j
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
0 [( @( D5 b$ L - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 R' v# V( Z5 o: S$ z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: [& V: [. ^% e* q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]' G5 f. ~- F. u z. y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]3 }/ t ~! ~" [ u
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
8 g9 m* f/ J! d' k5 R' o8 u7 `2 W, h - ==================================
/ M+ P, t9 O' L5 W: ]0 \0 ^ - 文件关联# r& x( G7 C- c8 u: d) w6 J
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
5 s3 v" l! f/ H! K d# e. x - .EXE OK. ["%1" %*]
4 H( @% T' `0 M$ R - .COM OK. ["%1" %*]3 ^' C3 F0 j# N' U
- .PIF OK. ["%1" %*]
' r. n$ T, E9 a/ R3 a$ O - .REG OK. [regedit.exe "%1"]4 B' c+ n4 C0 e4 b) t. _
- .BAT OK. ["%1" %*]9 P! G" q( P. E' c8 R! d+ ]( d
- .SCR OK. ["%1" /S]8 [0 d: Q# v7 ?" o
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]' e9 A7 w8 i0 O- t
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
. h ?+ C( U! O7 }- v: q. z/ u - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]( N+ r9 F2 o5 E! r/ l6 f& o
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
) i5 O) q, X8 Y - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]. \7 h) [) i. l# D, O$ X5 d1 ]
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
$ S: R6 P+ @9 u+ Y - .LNK OK. [{00021401-0000-0000-C000-000000000046}]5 S- x! C1 L* `
- ==================================
1 R4 S. |% S0 W3 W1 h8 ^ - Winsock 提供者
! I! O9 T, O# I# X - N/A% w8 y% j5 p( \; Z: s
- ==================================$ Q I. A ]6 X8 N ?: e$ o
- Autorun.inf/ J3 c* o# s3 p* q5 O
- N/A$ b9 o, t+ V) Q6 k) k& ?8 N
- ==================================3 K* h! Z5 s( p( h8 Q0 O: d9 i2 q6 H
- HOSTS 文件% i3 z" p9 W4 N+ N6 Z& j" a: ~! K! V
- N/A4 H. @) l5 H7 ]; m+ { k- s
- ==================================
( {: T* f) l5 q3 R1 p - 进程特权扫描8 `" z G1 Y7 X% M6 R
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
+ f# A) j2 f! |+ Q - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
# U' r. w" A# X$ b - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
9 P) t& [7 Z U7 v5 l7 d - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
, B0 X# _2 i4 r - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]8 j! X$ s% s# A1 r; I
- ==================================
0 X1 P0 a W8 N - API HOOK
; s& l' Y G; a& X( ~8 |* [4 I2 \# r - N/A! o7 U' u: w, u: C- J
- ==================================2 {- h2 v6 d0 K
- 隐藏进程
. D5 o3 E! @/ I# _" C9 j - N/A
4 H( C, ?0 \5 B0 X8 M9 i" T y - ==================================
& n% \6 o9 ]+ m3 y9 {
4 O& }; }. W' J$ a$ c; i
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
