|
|
! `$ V4 F9 [0 W2 b$ {( x- 2008-05-22,20:37:43
; v# k: N2 R' {8 W$ d - System Repair Engineer 2.5.16.900
- W6 G. R: q% F5 {+ X$ h; ` - Smallfrogs (http://www.KZTechs.com), c( o& k+ _' _4 u, l# F4 j% V5 ?
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
8 ?' e4 ^! j5 p' }/ \ - 以下内容被选中:
) ?: u4 d3 i( J( f6 {/ ~ - 所有的启动项目(包括注册表、启动文件夹、服务等)
$ L, y. T0 i/ i' q - 浏览器加载项+ x/ P9 ^; g, Z/ g" N
- 正在运行的进程(包括进程模块信息)
3 u# L3 j+ v2 t1 P" [8 ?# I - 文件关联* t6 B. }7 q9 U/ g
- Winsock 提供者+ T( ]! c" X2 P! `5 p' b
- Autorun.inf a% U$ X8 {1 {
- HOSTS 文件' R6 h: k1 w' S1 I+ A4 J
- 进程特权扫描
7 F4 x0 B7 V" ~
0 G8 l1 ^: h& o y$ a# F- 启动项目$ s# r$ T+ V% x3 {3 L6 ^* |
- 注册表
- |; }- L3 ^5 h: s. v# I1 P - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
8 l' w6 d1 T8 {: `7 z% V - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]# b& _2 j$ B9 [ s/ H4 ^: u
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
& O5 p3 @# J f3 b% x: ? - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
0 c: ^7 V% u3 _; A* Y; q9 t - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
3 ~* c$ i- w8 ~; `. O - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]0 E1 Y+ q: P8 H' X
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]' l! ?# ]4 S' ^0 R
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
6 }1 C! b. i( ]) c& Q" f6 Z - <PHIME2002A><; > [N/A]
& }0 c' {" `2 n - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
4 V' ` o0 y' x+ E3 O - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
, T/ ]. `+ W3 ~# m) l - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
( L9 g6 K9 m/ E" J4 Y, n$ X$ A7 Y - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]6 [' j! O6 p9 i8 p6 P5 E# T
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]* B& m; Y& M3 C/ {9 k
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
2 i$ a* ^- ^6 o: E, M( @/ D( u - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
& y; e: {& a, x* j% F% Z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]4 D7 W, h! E% C) }2 j- ~# k
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
3 B. z6 i4 a* ]% b5 D2 r+ P( M - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
6 s/ J/ e7 z) V; f9 D: u: P( E - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
* Y9 f; N. D( W - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
( N/ @9 |$ m' D! a/ a$ ` - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
+ A& }. H* B( \/ ~4 R* q$ k - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
, A9 W3 L1 L! |( ~( V - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]: n3 j6 b0 p; {5 g: K+ [8 m' @
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
* ]6 \% M# J2 U' A- N$ R4 \3 ` - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]: L$ B& u) e; i% c: h7 c
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]3 J& T; \& }4 F1 ~* C- \0 M; Y, E0 A
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
- k$ E1 c# _2 K3 o; f. d4 D8 ]& { - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
% _# A# i3 {. } F+ u( v) M: _! q - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]/ M( S$ o9 m/ g9 t( `
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
. y- u, p+ W/ k8 k* ~2 q - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]' F: K8 \ k5 C# M1 ]9 l
- ==================================
# i& E" T1 [7 ^ - 启动文件夹4 u+ v( Y Q! B$ t% X0 z, P
- N/A
( ^* b$ H' l e) ^ - ==================================
: K9 V8 y" E) W; Q! w/ [0 p3 e$ K - 服务
* `, f1 u* t( c) r - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]: f/ j, e6 m5 Z$ i
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
' \, y9 X+ x( w, {6 g/ A1 ` - [Google Updater Service / gusvc][Stopped/Manual Start]* o1 ?, |0 g/ T& ^' D9 K. T0 d* ]
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>! H" {' A W9 n8 A$ x
- [Help and Support / helpsvc][Stopped/Disabled]
$ H3 R5 {7 s! k" J - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>9 ^7 [$ P# t( S9 F0 q7 A; _
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
, }7 Q) u: J) b5 m - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
) z, I* a, r* N* H. v& `9 | - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]2 _( u5 `8 N, q+ W: F9 U2 h6 b
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
, l! K7 A+ | I. f7 I, g - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
0 E' a% E/ a! G6 o) p# d( e - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>5 O- x& Z- n8 p. p4 w$ @
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]% J2 P' o2 o3 ~2 I& d, |3 b7 P
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
$ a% f/ v% ]) a4 f- L% [ - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]/ [/ F( Z8 b) Q+ m, {
- <><N/A>
: L; P; |) l% } - [Qvod Terminal / Qvod Terminal][Running/Auto Start]4 y* V4 P3 R* |/ W/ s. Y. A: E$ x! `
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
% i9 @9 Q; Q+ s! J9 }8 s0 {( e1 D8 ` - ==================================! @8 [ o% }' h0 E7 o9 ^& R
- 驱动程序
; `; H9 P& ]# c& j5 i A7 q v - [22j / 22jn][Stopped/Boot Start]
4 T: i3 v* S' g [0 i# `, @ - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
( M/ E0 u/ L1 \0 a' Q - [360AntiArp / 360AntiArp][Running/System Start]+ ]. A6 x! l, L Q6 r# Y$ w8 O
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
* ~' T! }. P/ n' j! L - [43ec / 43ecu][Stopped/Boot Start]) h' k3 X7 F+ k6 ]7 p: z7 F( o
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>! a, L+ L9 n. Z3 E+ Y
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
8 X6 P8 c" V4 M, m: N - <system32\drivers\ac97intc.sys><Intel Corporation>
3 r8 S! w2 E' v - [Promise driver accelerator / bb-run][Running/Boot Start]% z4 i$ j6 m6 r& L
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
+ u0 c, ~( J# k - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start], ? B/ X& U! W$ l' Z
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
& }5 ^+ a& p' g+ I. [( z - [KAVBase / KAVBase][Running/Auto Start]
' D4 I2 }6 I/ ]" P+ J - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
( j% |0 M7 ~% f. t" B* \" s& @ - [KAVBootC / KAVBootC][Running/Boot Start]
+ q9 f" k/ W& L7 s- N* `* C - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
5 F' e3 E5 X" t& N ?6 H4 e( M# o$ m - [KAVSafe / KAVSafe][Running/Auto Start]
% s# N5 l3 A! _4 }/ N* S - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
* p- H6 ~& @3 z6 O4 [1 m - [KNetWch / KNetWch][Running/System Start]! @: p3 |7 w# y$ @6 B7 P; D
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>% O$ E! W# y1 b1 y
- [KWatch3 / KWatch3][Running/Auto Start]$ ~5 g/ [+ D$ _2 h
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation># V+ J }; y8 A ]5 x z& V" [" @
- [ntptdb / ntptdb][Stopped/Auto Start]
* ~2 V" O5 h, o+ y4 G X - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A> z {2 K1 @9 b% p
- [nv / nv][Running/Manual Start]) l6 c* v1 z# a7 U9 N$ F! f. g
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
# e+ i2 _4 H- u - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
3 V4 i2 `( p& A% t4 P - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
$ d2 o; O: p; [2 I - [DDK PACKET Protocol / Packet][Running/Manual Start]
, I+ P: p3 ^9 p - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
& h. q8 ~0 |$ p7 c - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start], w) {7 w2 ?! k/ ]$ @
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
3 j/ O; ~9 W7 ?1 R1 e - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]" c5 B" f) T2 T" L6 x) l* e) G
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
! `9 o8 K1 E8 B- c7 Q - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
/ W3 {, W% _# A! }/ r/ r) t - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>: p0 W4 b1 f3 l8 c" C
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
1 w1 Z: j: P b, j - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
R8 O4 s8 w3 Y) e - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]. O6 C' |4 d& J& \1 g
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>) @5 K# }' x2 }/ ~' H; g2 H& l! P
- [Secdrv / Secdrv][Stopped/Manual Start]
, |$ W" i3 l; f - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>) Y! ]! z. L$ t9 Z$ d* w
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]0 O3 h, P* P$ T+ a: C" W$ S
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>1 u8 z4 [* l* j
- [System Restore Filter Driver / sr][Stopped/Disabled]
- t$ |) R! e0 _0 e0 p - <system32\DRIVERS\sr.sys><N/A>
6 y' F, {! W2 J. d - [TesSafe / TesSafe][Stopped/Manual Start]
9 F6 s. }( Y) W; x4 T" | - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
) [2 @7 b- z1 _% j( E" o - [System Services / unzxzsrs][Stopped/Boot Start]
4 l: g! {! I4 r) K - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
7 M: I( x) X& S5 t - [ViBus / ViBus][Stopped/Boot Start]% o% H! |$ |6 d5 y- C O
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
3 Y4 H. _6 ~' f# R - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
, j1 b0 q( \4 F# L/ C8 f5 v7 @ - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>6 g7 @0 r1 b: W( J
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]- N8 J @& z% g0 e1 Q! c: D
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>" p( {7 m. k5 x3 u& o- m
- [ATI Extend / zhibmaso][Stopped/Boot Start]1 u) Q. V) z w
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>1 d9 Q9 a3 O3 V2 `. D1 }
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]6 m$ n" O" G2 c4 `
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
9 V8 Y3 w) v0 _" D* l7 F5 ]: l - ==================================
7 t; |$ M; C6 V, F6 P7 N& ]2 c - 浏览器加载项
) M- u( f) h7 I5 E! ?* J - [Google Toolbar Helper]
4 o: w. c1 g: I2 ?( f4 V1 G - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>! B7 U1 {8 ]! i3 o4 T! V
- [Google Toolbar Notifier BHO]0 }/ f3 j7 k; h6 p1 q* F8 P; Z
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
3 J l! w4 I+ \. [ - [SafeMon Class]
& W/ l6 ]) B( d: @ - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
# H7 G( i; s" M% ] - [kingsoft browser shield]7 S3 z a% m! c9 j0 W
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>5 F" c9 `- m0 Z" ~2 y1 i
- [IEBuddyExtControl Class]
5 f* w7 V H' p+ J& T) X; X7 I: K - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
3 x2 i2 |$ U _% n - [Zcom 杂志], c: s* p3 e* {) j) f8 A* p9 q+ f
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>. P% Z4 L* Z7 t. v* Z. `2 J+ O9 K) U
- [&Google]
7 S: t) D1 N% w# E! x6 g7 g) u+ B2 I - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>/ @+ J7 C- A$ d- h
- [KooPlayer Control]
+ |$ l2 E7 E3 e% { - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>5 f7 V7 c H+ V
- [Shockwave Flash Object], j! l- h5 c+ g' D# G
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>% L& x; Y. H) h9 \0 s: f. y
- [KUpdateObj2 Class]+ ]6 H' y4 N7 `! j8 ]
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
/ z" U6 d& p. C3 C - [Google Script Object]
9 s, H; A: j' o( G- e - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 C$ i% G7 I; u. [9 `
- [EWA Control]: \, }7 z" g( w
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>: z* w+ Q7 ]! Y% r9 n* J- `) y0 y# F
- [Windows Media Player], x3 V' S u- ]- O- ~) l( R8 y
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
; Y- e" }+ v9 j4 L - [&Google]
, S; l# }" y/ p# }& u) w - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>8 o5 k* I; u9 D+ O
- [HTML Document] }1 ]: F/ g! v f6 _8 `
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
]; a# |' A# F0 k" E - [DHTML Edit Control Safe for Scripting for IE5]6 x& B3 e6 V- N/ d& l; j8 V
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
, G* q6 o& C( U" L- o8 p: J - [RealPlayer RAM Download Handler]: Q- h$ \9 H* m5 U- N4 r/ h
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>- M1 Q2 G/ _ X" [
- [IEBuddyExtControl Class]
, o; {% N( W+ d5 W+ K& M Y - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>5 o, }# @6 E! R2 g, q
- [XML Document]
7 W% ?, m( z3 l! a1 Y5 K+ f - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
! z( C8 m A( N* q+ s# P - [HHCtrl Object]* g: Y" l' y( W* C
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
0 V0 d/ L; _5 D4 y2 L D - [Windows Media Player]" S- ^3 S6 v+ ^
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
% N7 l) C- ~6 g8 G - [Active Desktop Mover]8 l+ M( f' z0 S. i8 E5 U. y
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
3 a& _7 E2 M% f) k+ D - [360SafeLive], x! p& ^$ |7 ~) ~
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>, o3 {; }9 J P
- [Microsoft Web 浏览器]
2 p- G7 y$ m/ Z2 ?/ d - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
, v" }; R$ M8 S( m ] - [Browser Enhanced Objects]
/ Q' C; g* w6 F) S5 { - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>& N- }! z: i, d
- [Google Toolbar Helper]! L4 r! a2 P9 Q& E5 m
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
. F/ T% v' m& H6 X7 t - [Microsoft Scriptlet Component]
/ \ u# e! A. P) } - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
* { l& q( b1 ?- V5 B - [Google Toolbar Notifier BHO]$ j6 |9 h0 T; N0 [- I
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>& r! \4 _" @0 L+ Q! U- [
- [SearchAssistantOC]
) c( x$ M6 p* h0 F* h( d6 M - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
% u' |% U6 Q" Z* k3 j' R - [SafeMon Class]9 C! ]& \8 y ]! Z& o: ^7 x |
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>- }3 x( N. H$ j6 E: E: \$ \) k
- [RDS.DataSpace]
9 @3 T7 k# n5 A F7 f - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
1 n. q3 Y6 I% {4 r$ {5 C - [KooPlayer Control]
! x% F) e1 T0 B - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>" H. A# G* X, f. K7 K# v
- [AUDIO__MID Moniker Class]: b. y( G7 V. @
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>$ x' o, G$ ? h3 l/ Q! e% E
- [AUDIO__MP3 Moniker Class]* O& B9 P$ n! x( K" ?# h1 I3 x4 R9 L+ n0 T
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
9 U2 _% ?# T+ E2 [, k( C - [AUDIO__X_MS_WMA Moniker Class]
& s2 W3 [% ?5 w' G6 N! h; |) G - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
* E$ b& L5 J& {' V - [VIDEO__X_MS_WMV Moniker Class]3 a1 p) n: C0 ?( q' q/ n- a* X% F
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
" M3 }8 A$ h: R9 [: D - [RealPlayer G2 Control]
( i' j3 z; P7 q: Y/ }4 l, X- D - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
6 K+ [ J% n: M+ v, A1 L - [Shockwave Flash Object]8 L1 q2 [3 l# T+ K6 I7 J7 E
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
7 x" \" Z, r) x" R$ G0 l% j c - [KUpdateObj2 Class]
; E. g2 M9 c2 Y - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
& | r. F2 Z# }% r" _. M' G - [kingsoft browser shield]
+ e" f' Q; N" J! e, K - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
/ y. }! M4 J! [# x: h. J1 ~0 f+ @ - [PasswordEditCtrl Class]
8 A* p8 l1 e, @5 r - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>3 @& @: ?+ L) p- u- \
- [QvodCtrl Class]+ k: j& f: u1 a. ]$ u+ T5 k1 ?
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
. ~3 y1 r+ D3 r5 F* }& C - [&使用超级旋风下载]" M! T& Y7 y8 Q x
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
, e) n4 A$ _' X! \' {0 D! D6 X+ M - [&使用超级旋风下载全部链接]. Z2 M; W1 g$ |- U$ x& U
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>3 |7 [1 {- |4 w2 M1 W, s" l9 P
- [使用迅雷下载]
; N, x& T: U! X9 I$ n8 G: |* L B - <, N/A>
0 ^4 Z: C6 I7 Y; z - [使用迅雷下载全部链接]
0 h* \2 K8 t( h) E - <, N/A> {7 g( B% t, c+ C
- [导出到 Microsoft Office Excel(&X)]9 |2 l# e3 I. \& K7 ?
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
' N% N4 ?0 [0 \# e - [添加到QQ表情]* J+ R% P5 O* z' i0 I
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
! m8 U3 w- n1 {. { - ==================================
$ q' F' I, q( Q" y& x" A - 正在运行的进程" J# {3 _( Z T
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& O8 T X* _8 i5 ]' X1 Y& ^
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ Z3 w# F! M4 n4 i( F. j - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
- O* x. U+ ], @. |; a0 D - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
) }7 h# S S( O4 \$ E% F2 ^ - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! h. i% S" m/ s2 P2 _
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% G/ K! I; H8 p: @
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) @8 W- {" s5 ?2 Y& O6 q+ t/ ^
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% J% I: F- z6 F' T( j% \5 s
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 p1 _6 ]( {$ G6 L) k4 D9 ^ - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. {# g9 s" y! q8 X
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 L7 E$ C4 {" e, [0 w
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
1 R8 g& b% e+ @ n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; `. Z, w7 f' k# S/ n, T. q) m. {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 C) N, E: a6 ?6 W# U - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
) r3 e1 |: p6 O/ F+ | - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
5 i, e% [ l7 {' f# U2 _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
/ a) h# b; Q( h - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]8 ?2 _& [7 e: ~& U: g' |5 p, {/ w1 E
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
; A$ m6 ~3 e" E R& w( w# I - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
) |/ V. h" k" J, T- V- L2 G' E - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]; W O" T$ M7 ]8 c& g2 ]7 I
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" m% s' j+ o2 l* u5 _, |# z - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
; V$ l! i3 I6 T; U - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
6 i- K4 ~3 F6 ^- f. f& v - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
6 N; Z. e' ?, G( v - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]3 p5 r. t5 z( f; Q3 V
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]; O/ q7 j1 C+ r& A+ N
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
0 r& }4 s7 B7 b5 G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
5 c9 u2 E% }( L, V) j! d6 }+ m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]2 v* a4 t4 t; I" Z- J; t% b9 j
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]& N& X4 C) l7 R
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. `9 c2 p8 S9 v( X0 r6 l - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
' o0 ~$ Q' I5 C4 }; K% j# |( ? - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]# a5 |6 E& b2 s5 C& {9 ?5 @
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
|$ \) R7 {1 g6 N% w5 L! Y - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]+ B' j4 B5 ?6 Z" w6 t X
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164], f R9 v7 J& k7 ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]7 }/ Y4 C# ^9 I# c4 p
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, o" \/ G9 I% c: B& C# N4 v8 a0 e - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
5 W1 S2 a" y1 ], h8 t6 S1 w/ u - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
. K% h6 ?+ P8 r3 _/ H( L# w - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
% M( B8 I9 J( ?" ]6 y - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ d! S7 `$ X/ M* y& x+ k$ D. D
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ W) U, K. D i
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
) e8 l' @' u1 d) n% M+ f - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% T# O6 x0 \7 H - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 ]8 Z) T9 R _6 d% r1 @$ C1 B - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
% \7 T2 Y5 V' P+ C - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]; `6 o; i) j+ |5 `+ o5 A* O
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- {2 n7 R8 k7 m3 q a4 j p9 H% d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. F( r# ^0 `: @+ r
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" h7 W: M4 y: o3 r: C; r
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
0 y' r1 r% |2 Z - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]% X2 s m; r1 J" l, k4 }" x; ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
a0 W% l* z5 i1 H0 X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
0 e" D1 c0 \! s' E3 w3 x; f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
: a' V. R4 y, [, b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
6 i4 J# n0 s' o2 X! D5 R4 K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]: N1 n1 s9 O, X! k, i
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]7 s9 K8 k2 S) s; m; g* q
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]( X2 z* z' H7 O8 T' e
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
+ P! K/ f! u4 j4 P2 K! a" i - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
/ ^# q$ `: L" Q) `2 g& f. U, v - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]5 e# ~4 N/ n0 f2 T2 ?- n
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]& n) u1 i& t2 T* L
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]# i9 B+ P( c: n$ G! Z* b5 @
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
9 o5 k1 F- M% y1 Z - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
- p; P* k; d: M* k - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
) q: }$ J8 M* G+ E& J - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]8 t2 L4 b6 B8 w9 z
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
2 ]3 T+ B1 Q6 \6 A - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 `" {4 Q) g& x - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
! E/ v; _- g' b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 u/ n% H. Y8 g: u5 P - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 h( H# _+ N1 p/ d. K$ b - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]+ Q F: Y) o6 ]: w: l% m
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
& w# x" X9 W+ h* P! [& A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) L; _# R4 \5 l. {9 ^) @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; M" @2 ^1 [8 R: _$ G: _5 m- j - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' z% Q r6 Y, W" A: h
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
) k% u/ m: b* j7 L! c1 ^9 H - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
( [; {* ] R4 I, F( Y' P - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
) a3 ], V$ t& _/ |& S+ |3 E - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]2 A0 U9 s0 r) w7 w& z0 [( _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! X) q2 U5 L; {0 Q. v% A. Z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 ?/ r9 v* O- G0 O - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]# ]8 R6 u4 O P) [& h, i) x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
- u; i, R- l/ j1 t. [- L2 ~4 G3 _- z3 R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]' z* L9 e" M; _' b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ J, V2 [, w7 ^
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ F8 k2 i0 a4 [. J! d( c
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
* g" t2 v% d; t3 f* s - ==================================. V: U: A: X" L4 C
- 文件关联
" u1 g/ N* Y# n/ n" r- o4 a6 f - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
$ |4 o, W- L& B6 x, ^$ [0 U - .EXE OK. ["%1" %*]; Z9 Y$ Z0 s" C" j7 w; f, V
- .COM OK. ["%1" %*]
+ s& n0 q- D- z6 U8 E1 G; g- q - .PIF OK. ["%1" %*]
8 z8 u- F; W ?/ k- ] - .REG OK. [regedit.exe "%1"]
+ W( E% E* ]) x3 C6 p: O - .BAT OK. ["%1" %*]9 ^1 P; s! \/ O5 x" [) b$ O7 e
- .SCR OK. ["%1" /S]% Q- [& O( |8 l% n) o
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
4 d2 A( e; l( ?. @9 ?& p - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]+ L5 j4 A8 }9 u! r$ x
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
) t* ]8 m7 Q! k" ]& {& A8 l& v7 s% x - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
+ c- j6 X; l' c: @ - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]: H: h* V* }5 u* ]
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]3 y @' w2 H2 }9 A y. s
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
+ Q6 `" Q3 Q1 W2 L) N! Y) } - ==================================
6 j! W7 a, j; w+ z' F/ u - Winsock 提供者
. U. O8 d1 [, O: o6 j. {- k - N/A
+ Z: h; u4 R; n' ~2 a% Y - ==================================# i. n' H$ k& t/ X2 X# ~" k
- Autorun.inf* a4 ]8 P& c* l I/ x; {; n
- N/A7 a d% B& r" u! s6 y
- ==================================5 x1 H. A( X3 _# c: }# T, N; U9 o
- HOSTS 文件
# x6 B8 J& d' L; X - N/A! V$ a9 @+ `2 |) A9 K
- ==================================$ S% ^! G3 J9 y* B( Y( X# ?+ d
- 进程特权扫描
$ m3 m0 Y! {0 T9 { - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
f& L8 D$ k9 [& [/ V, T - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
& P/ e; l8 a* I) q3 ]2 x( J2 l - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
( t: a( A& h; y4 A/ b9 \% Z - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
6 q- V# h( ~) y3 E4 i - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]% j8 |/ ~$ o/ G
- ==================================6 p1 F' r. ?6 Z2 j) |* u8 ]& M5 i; z
- API HOOK: z2 s: ^; l( d6 p
- N/A# }: B6 B4 a3 Z3 Q8 w% G! F
- ==================================
, J1 Q5 F4 T2 j) d - 隐藏进程0 S+ o, |9 `$ c8 e7 ?6 q
- N/A" J) W7 `' o$ @: ^& g3 |" G3 Q
- ==================================
3 Y: R% Z' ^% A W4 N8 U - . d1 O! I) A" l# |
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
