|
|
) E( Y/ b+ E/ k+ M/ a' ?- 2008-05-22,20:37:43# J3 D* x: [, _
- System Repair Engineer 2.5.16.9005 z5 B$ j! w" y- d
- Smallfrogs (http://www.KZTechs.com)- `' ? n; a) `/ l4 A
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能) K8 C; p" K+ }& r
- 以下内容被选中:2 D7 a& y Y& O8 w% }, x
- 所有的启动项目(包括注册表、启动文件夹、服务等)! d- x5 |1 t5 g# K6 k+ F8 l
- 浏览器加载项5 ?' T! w, j5 b7 x: {" P( f# b
- 正在运行的进程(包括进程模块信息)
3 _, I |1 B, [, i$ x% ` - 文件关联! S6 Z* ?8 {2 T( |+ n
- Winsock 提供者" ^4 Z* C% h6 ~: Z
- Autorun.inf
/ P6 L) c/ x" O - HOSTS 文件
: m7 Y# X7 ?0 k+ J6 ]9 D) E - 进程特权扫描
) x& P7 v4 _* W; X - - @1 W1 C1 ~/ V5 E3 _7 y$ O
- 启动项目+ s1 {, \7 C4 U
- 注册表: j: d# Z, e; w; ^$ |# x. R* }
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
8 Q. N" X( q/ i& i" M - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
0 d B; o5 O& }# L - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]9 I7 }2 y* ~/ m* N
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
J# ]8 a( C9 T" ~7 v9 R - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]: H' F; ~( r* C
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
, u) |- N6 N; ~, I: \/ ?3 R! \2 X - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
. m G- f' ]& w - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]8 E' e7 W9 Y. m2 V' S7 [
- <PHIME2002A><; > [N/A]
3 Q' u6 \: Y: D% ^3 v - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
* ~/ H- g9 D. ]* {; R - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]! C: M& _% t* c3 h+ o, ?$ \
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]0 N7 w4 b2 P. _/ O
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
+ T# u9 C/ u. J9 F - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
- r: i/ s9 \2 K6 H - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]* M3 b# A; ?7 T6 O9 |6 [" ]2 I# f
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]. o; r& Y( f! d/ e/ c. n) l4 a, y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
4 p" X& x2 G) d% R: B - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]8 C0 k/ O* Y/ }* c; G3 }+ ?
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]7 ?1 X( t% [3 S3 c# `) ^
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
7 k/ |: n" O) U4 d - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]: h; A. q8 b" K; [$ n
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]' e, i) @8 E$ Z% v
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
! y9 z p) _7 H - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
B9 r% L. K- r' b8 R8 P* a - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
4 W6 G: E3 V. k* Q2 o3 G3 ~% [+ D - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
" E$ w7 N. \, r" `9 f7 X5 j - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
9 f" t: {" o" _2 `- O; [ a! j5 x: D - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]. {6 X4 F n4 T4 l7 ]$ V
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]8 A& J" k2 c7 Q2 @0 V: t* X: w6 A2 x
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
# `* Y: h- Y' u; i7 }( B# H - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
, T4 x" b# b0 v" n: r/ U6 \+ @& H - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
* \, C! E+ |5 o, T8 ]& z9 s - ==================================
& y$ c7 S9 h1 E6 @4 Q1 m - 启动文件夹( g) ~" B ]3 M
- N/A4 |: U$ A* l0 G
- ==================================% R2 Z, X) W! r$ k7 f. p1 k6 ?
- 服务$ O4 I) T0 I9 @7 L1 \' Q
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
" _6 Z, P4 ?2 B2 d5 }) @" {* k5 h - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
% g; Q5 L/ b) |5 Y& Z+ l. } - [Google Updater Service / gusvc][Stopped/Manual Start]
% a2 J, @% G8 r0 ` - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>0 t6 O* m$ E. p4 _2 {
- [Help and Support / helpsvc][Stopped/Disabled]" o$ U- q4 P4 D- i) s- [5 T
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>9 o- n) V. y2 a9 C% q$ O
- [Human Interface Device Access / HidServ][Stopped/Boot Start]6 k9 v) R' R4 p, y; C/ t0 c- i
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>7 x% {/ q/ Y$ F, }
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
. U8 U7 v0 p: Y5 E - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
* ], w! ^3 o! t - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
' j2 ^! ]) f" |/ V - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>2 I! m" D8 a4 W" e3 d0 [+ |
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]; L: O1 f+ l- W( M. ^
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation> g2 F- ?- c. C. I7 \2 b
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]/ ~0 O1 M0 ~2 s, W* u& H- @: ]4 {
- <><N/A>
7 [) C# V- e5 R/ e - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
8 D& f4 s# P& m, k* V. z6 _* n - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
, |) g" i, T8 v8 H" v4 l( H - ==================================- P: O. P$ b9 u7 m
- 驱动程序$ ]( \. F2 {7 h6 _2 b
- [22j / 22jn][Stopped/Boot Start]1 g" [1 b8 E: s# J- U& u
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>! Z' I! T1 S4 Q* h
- [360AntiArp / 360AntiArp][Running/System Start]
+ l! Z) W! n- Y/ k - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
) L F2 G% i( |- L: j3 q$ w - [43ec / 43ecu][Stopped/Boot Start]" w2 P1 w5 ]! t. p1 ^6 Y4 t9 {
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>+ E9 u. R. r) k u+ ?+ E
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]' U8 K- n+ v: ]7 s" U# v
- <system32\drivers\ac97intc.sys><Intel Corporation>
# k) n' K' e- q1 C+ L q) S - [Promise driver accelerator / bb-run][Running/Boot Start]0 K" a, m: ^+ ~
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
+ P) q0 K4 a5 [2 p3 H, P7 M8 k8 t - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
0 Y$ y: l7 v+ Q4 q% k# `2 K- W( ? - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
# R& i# F7 p3 n2 D# V+ B6 C - [KAVBase / KAVBase][Running/Auto Start]/ e# h* {6 R; i5 }( G& X1 L
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
, y) c0 D, k# m9 \7 N1 y/ y& Q - [KAVBootC / KAVBootC][Running/Boot Start]5 n: J6 u/ C0 E# W1 d3 K# X2 \6 D
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
# G( y0 W8 B+ s+ r; { - [KAVSafe / KAVSafe][Running/Auto Start]% E0 ~$ D2 ?# T9 K' O' X( ?# r
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>' ]0 ?# K% [% n' _) j. g6 G. W
- [KNetWch / KNetWch][Running/System Start]
4 | e# n, G( z3 H/ T8 `& W - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>8 u/ t A1 I9 j( i; q
- [KWatch3 / KWatch3][Running/Auto Start]$ i. E. b* E( A2 p: }8 `
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
. T7 [# y/ K. c. k: g3 ?! u1 O' \ - [ntptdb / ntptdb][Stopped/Auto Start]& Y* F; H1 J# [& u8 V
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>5 k$ o6 b, ~7 j7 B6 M1 f
- [nv / nv][Running/Manual Start]
. h, b5 Y2 c! L6 ? - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
+ W9 {) q. `2 _ - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]" l0 K! W) H: o. }
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
5 |$ l6 l8 G0 f P9 Z3 W; j - [DDK PACKET Protocol / Packet][Running/Manual Start]
- U/ D0 H s) U - <system32\DRIVERS\ProtoDrv.sys><360安全中心># e5 a7 _: |/ ~
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]4 a; B r, q+ N9 }9 Q
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>" X( ?. l- U7 p" l8 ^* P2 i: K
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]8 [6 ^7 e4 {. z1 o* H
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>+ s+ _& R7 P. w4 V7 @
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]- }" n9 j, H0 E8 {
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>. A. b8 F. S6 Z/ J$ B0 [
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
0 o- k; k" Q, V5 C" ^ - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
/ t L# r# C& u, ~0 B3 h' b$ {+ [1 V - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
! H( G- i' B- X% K8 M - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
/ R( C# y# g9 E7 ~- p - [Secdrv / Secdrv][Stopped/Manual Start]
7 |+ U3 P1 h5 x* j' b - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
/ u K% `% q' x' ?# s' u - [SATALink External Device Filter / SiRemFil][Running/Boot Start]5 L `/ X0 Z& x M- {/ s. `
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
. V, I6 r4 x0 x# V1 V$ Y8 P# q - [System Restore Filter Driver / sr][Stopped/Disabled]
7 r5 I0 Y) h) s5 Z - <system32\DRIVERS\sr.sys><N/A>& M, ?8 B7 v: H+ s
- [TesSafe / TesSafe][Stopped/Manual Start]
6 M$ w. V' D- O' h* B# b# z - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>2 u/ _! j2 \4 m' V8 `( |$ y7 U
- [System Services / unzxzsrs][Stopped/Boot Start]
' U& z( _ [; f. C. B1 h0 H! y - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>4 h; J8 o5 k0 d
- [ViBus / ViBus][Stopped/Boot Start] x( e5 U& p7 C7 J s7 c) A
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>; t5 v- [; A1 r' n1 ^, n) ^; q
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
: I" G' _: V: k2 H# m9 t - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>( o7 L" T3 x1 S
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]* q6 R( H. `! v! W
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
' v6 `, U) f0 B* Q8 G/ P - [ATI Extend / zhibmaso][Stopped/Boot Start]
3 m& t( `# {7 `7 Y5 S) a - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
$ i( m, c0 M: d C( a - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
% K% J9 t" E F - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>* Q: ]! w4 C: D+ w3 D( L* u# d
- ==================================
# Y k. V: Q/ w5 n6 f% r: A - 浏览器加载项5 T% @, j/ m' b8 ^1 {( i. }. }" L9 q
- [Google Toolbar Helper]" k/ X, R# r, a$ [/ z+ t% t+ V
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
& m9 a3 E8 x" y - [Google Toolbar Notifier BHO]
7 @, K; e/ ~+ P. w! ? - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.> `6 S8 g* l7 h% d" ^$ ?% e
- [SafeMon Class]/ `( }! {$ e4 r7 C' X5 V2 G9 q$ p
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>+ T8 r8 P5 _- A% |
- [kingsoft browser shield]
1 _, D- g# @' \+ d6 w- l - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
( F# E" }4 W/ ], h) P! u - [IEBuddyExtControl Class], N! y% E1 { g+ _
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>: J+ d7 c( W. s7 s
- [Zcom 杂志]) b/ ^& X' d* Z. F6 B
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
, ^3 D1 F# f0 P, f - [&Google]( o% Z' @4 F# g; ]; W* x
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>1 x8 s0 x! B/ M, _- G* Y% ^# y
- [KooPlayer Control]. B' B. t" ^/ ~( M' g7 F, Z
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
) x$ @# `% h" _( C# d7 e - [Shockwave Flash Object]
. ]& _' ?) ]5 d7 o& N$ z0 i% @ S - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
$ y# x, _8 R3 T+ k& N t - [KUpdateObj2 Class]/ r% u- u' x; @& X! \9 y
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation># e# \, e* r/ A% f
- [Google Script Object]1 E. `4 F' B6 ~: B" B3 B
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.> r, [% n2 }6 P) y
- [EWA Control]8 o/ o, d. x, ?- L3 i0 D- G
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>0 R' _: j, N& ]2 L6 V" c9 }
- [Windows Media Player]2 L# w% e) x( E0 X* D; m( X1 U
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>; a* a5 {6 \! y4 x" f: T2 B* `
- [&Google]+ X: j3 \; s( m; [ k3 N# H
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
* @2 i' y0 V& e! i - [HTML Document]
! P$ \. g ^1 M* n9 K - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
* Z* C& i6 m5 q* k" u" u5 D - [DHTML Edit Control Safe for Scripting for IE5]
" n# q/ H/ D9 |" L+ H ?7 D/ R$ Z - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
0 N' M) ^% y$ y; D2 M7 \ - [RealPlayer RAM Download Handler]0 S4 y- E4 \8 [( N
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
3 g u" D; w8 ^4 U" q - [IEBuddyExtControl Class]3 F5 [, {8 K& I6 ]
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
$ m/ m) ?+ `5 Y2 M - [XML Document]
& w" _8 M5 d) Q4 A, I - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
3 P# f4 m7 e- j5 ~0 I - [HHCtrl Object]" L& S; v2 ^$ t4 I2 B/ y% W {( z8 _
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
4 j( y( @/ H+ {# G4 u3 f - [Windows Media Player]1 t$ Z$ v+ A m' f: P
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>6 l0 ]; g1 h$ O8 I2 T
- [Active Desktop Mover], R* Z4 S, o, V- b
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
- A O" c, I2 u1 @ - [360SafeLive]# t! ?& G8 t! E- ]4 U, ]/ Z2 o W
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
, Y$ l$ E5 |4 M9 Y - [Microsoft Web 浏览器]3 R% m& ?' _1 z7 y5 B1 o% }8 q% A" h
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
$ D( g: |7 {% `3 b3 }9 d3 Y - [Browser Enhanced Objects]8 J6 y+ ^5 U7 R' F# G3 I( b
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>5 J2 D/ D+ ?9 w3 h2 [; Y& J
- [Google Toolbar Helper]8 {) Y3 N( g! z4 H2 U2 r- Y( p( T
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>) @) M$ ~% q! X
- [Microsoft Scriptlet Component]+ D9 f Q* {1 R
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>' @+ {% b% A( Q3 u8 U
- [Google Toolbar Notifier BHO]9 J; y4 G" B* n8 }6 B
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
* O. b8 |6 E2 Y8 W( J& c - [SearchAssistantOC]
; r x6 n2 h" X+ o9 M7 F - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
! f$ y) q4 y3 o$ Z* W L - [SafeMon Class]
* Q5 F1 c( M" o$ @- }! j! w0 b - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
' z: i% M9 B6 H S" ^ - [RDS.DataSpace]1 h! }# P. B, o- L& w3 q
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
! ?/ o: q7 w" m0 W1 r$ a9 \' @ - [KooPlayer Control]
0 {6 [7 z' s1 c1 | - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>! u. p$ m7 R7 M/ V1 o
- [AUDIO__MID Moniker Class]
1 B- m" k5 Z7 l6 z2 l0 ~6 D - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
/ P- {; ^( R2 D$ P" x - [AUDIO__MP3 Moniker Class]( A2 X& [7 K5 T) U
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
- C% K" x) |8 T( B5 }0 B5 ? - [AUDIO__X_MS_WMA Moniker Class]0 o( J. x( ^& H8 t7 Y1 V
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
1 E+ N6 J2 x1 Q! c& N& J# ^ - [VIDEO__X_MS_WMV Moniker Class]
5 w/ f1 i: U( X6 @$ Y; b - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>6 {# j0 ~& k* }2 ]6 G+ \
- [RealPlayer G2 Control]
- Y8 S/ X* P* b1 r, F2 P6 | - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>" v- V! R6 ~$ q0 ?. b! T- [
- [Shockwave Flash Object]# s* |# H4 N5 @& g) n
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
+ \& T( b4 x7 {# q/ [" c3 `5 ~ - [KUpdateObj2 Class]# @- [1 g7 l w2 P: V
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>/ N8 @" `0 t/ q8 h* u- i g
- [kingsoft browser shield]
2 Z6 l% j6 p, y: n' P, b! b - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
( }4 Y1 e! E3 o - [PasswordEditCtrl Class]8 W2 J: S( }' [8 _6 E3 h+ ^
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
4 N" F( q3 c- Y: j* o: j0 ?8 I - [QvodCtrl Class]1 Z4 i7 L$ R Z" ?8 h `( Y8 {" [# v
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>( j2 s5 Y: r) F0 x/ r0 `- s6 x1 |2 F6 i
- [&使用超级旋风下载]
: K3 e. a$ D4 T- k1 W+ | - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
' g6 K7 H* f- i4 y2 p - [&使用超级旋风下载全部链接] C; ~9 ~3 [" k0 o: M
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
& f+ r6 b' C. H! k6 U - [使用迅雷下载]& ? x2 u6 s( k
- <, N/A>
* E: K* } ], |7 ]/ C - [使用迅雷下载全部链接]. L1 K$ f! P! E
- <, N/A># Z U9 R/ u4 h8 a
- [导出到 Microsoft Office Excel(&X)]
; ?0 I9 W: p' t+ |( S6 k - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>6 \8 M: t( J+ @- p
- [添加到QQ表情]4 a/ D d5 O& R2 f4 t* k5 U
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>; [+ H2 p6 E+ W8 Z: ^
- ==================================+ o) v6 U O/ Z9 I, S+ w3 F
- 正在运行的进程
- z, J: h9 V! `; i - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 C/ n# I( }4 h. g/ P
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ K9 n/ p1 ], V - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; x7 S: Y. d, J- C9 F5 K8 Q
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]; Z; D$ G+ b; Y* I. l+ ~) `/ h n
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; n( e) ]) H: H( P0 Q5 h0 c - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
w" c1 x# H+ ?- t' @0 `5 a - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
2 v9 K; x+ k: t2 w6 R - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
, H6 d: b/ s+ f% l' `+ @ - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ y! X: }% M6 ~9 U - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ v+ g" ^$ G+ Y, b( j1 ^ { - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
: Z6 y6 ~; d! K( M# u0 g - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]* ?+ [& {' S1 W# F( ~8 c
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
7 h5 x( q B. K9 }( h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
) d: I' w2 {3 T* t) ^) T4 m0 F- x: z - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
r: X; [3 ]: N2 H) x: w; w - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001], x4 b2 d+ `, S% e/ d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
+ X/ Z& t! G0 W - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]* u2 k; Q* c. h4 n& [2 t t
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0], z) c5 R) F+ }$ y+ C& C
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]) H1 J- r' f4 f/ i) A; J
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9], A0 ]" C o6 e9 B1 f
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]% N( U8 i5 b9 N. ^0 \: b ^; E
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
* t4 m8 o6 K: `% [: P - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
% ]# T2 X5 H8 n5 M; \1 }8 B - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]/ r6 ^/ A+ X; Z6 O4 Q+ P
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
- {- W z9 A& P; C% x - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
& Z. u0 |# v3 g, ]* b) x% H - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]# i( A& n' F; g) |/ v/ |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
3 v( l. D! w: W# I2 j) @& i' e - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 s$ U8 c( v5 I3 P& s - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]: @2 Q7 P/ C" z9 S* t" t
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 H+ R9 s' {8 s! d2 U, o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ \) i2 l: `% i
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
1 l8 X# a6 I6 t - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ I2 y! E: W9 U6 _: D
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
& A3 }( K4 b6 G% b$ s5 m1 P - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]. v. e V: h/ E- Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: n5 c) d) U$ s0 A. o! k - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ x8 U9 j% `& }+ {# `+ x& P3 b
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
! A! T. J; p( ?1 x- v - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
6 E% }" G X0 m3 v! M1 M: W- W% Z/ x - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]" H" P7 T; f! X
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 O. d% l1 v U- s; d
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* n" ?. T- B6 V/ Z. S$ S) D - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
" L; S, _7 L+ T5 A7 Q6 W b, b - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" i# ~# z- P9 ]* m V3 D
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& S u; |5 U% @ - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
$ f" V0 J: n' P" N* [ - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]' Q2 e3 c( [8 h% k: Y
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
, b/ Q1 m* h9 \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" k6 ]( I& C' L% `8 {) D& U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; N0 w" Q" c/ O: k' g) y - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
* f3 u; x- H- K+ R" X, t - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]" r4 a7 o3 @: L8 u
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]1 M' e1 N8 I. y% |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2], J3 c4 I O0 a2 Q, t. r' Q. a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
, W/ x+ ]% g6 @2 X( B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]/ x* L8 P( V$ R8 n1 W m/ T+ ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
) I$ C/ ~0 [( A: H& A - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]8 s/ @( N% v, @# x8 U8 A! _* K
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
* n" T4 g8 `1 g+ N9 s5 p& j - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
7 W+ R1 O8 @4 q0 g2 ~ - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
% S2 l* h6 ]7 l1 H - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
) r- G, r# l) [# i - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1] R6 j, J# M Y# v3 h# U2 U
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
8 }$ H0 |! A( c* P0 `9 e/ l - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]( o5 i' f) o5 C4 w
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]1 ]' {$ k- L; B# R
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]$ U0 Z) t3 i+ r; C8 c
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]6 T, u% H; R/ N- X) B
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]* Z. D- x, ?2 g4 E
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
# _) K& k0 j9 ^: g. _ G/ o; A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ ~# Z/ Q4 F1 m) N5 G
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
" d( [" C* g" m9 ^( o' m - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- F C8 `3 r, ^+ U9 \9 q
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201] z5 P' i0 f& Q9 }9 ]
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 \; ]6 ^9 r# n( h" |' F9 R* ^6 K& p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) t% `8 S% f+ K! t: R' L7 F# e9 H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364] F% t" x" v' z& v
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]1 X$ A3 X# t; G' Y$ E t# g5 @
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
: b' v" p. X5 ^/ t Z( D- Y - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
4 F E" L% o$ |+ f4 ` - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ `" d7 O+ P. T9 s, q% d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) N- J: J/ a' H6 f G% l4 I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 `7 c# n% e, g) B
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]! d& {9 y1 ~4 l) d
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
$ e1 K m" K- C! B: `% s - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
0 Y3 H' }( [5 U" h! C# Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
2 j. t* D% C. ~2 l$ T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
3 ^5 H# ]3 [: R9 s - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]6 B. q/ B: L# l. h( z
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
9 H, k. Q9 x S - ==================================2 f" T- q7 z( K; n/ S" N( G
- 文件关联
$ T5 d! W3 E$ ^. P/ x7 S! n0 O - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
0 L6 ~6 Z7 S/ \, F- ` - .EXE OK. ["%1" %*]
6 M$ _, T9 w, {5 `! p. M# Q- [0 I# y - .COM OK. ["%1" %*]. x0 e2 l* n1 @# P; ]( _
- .PIF OK. ["%1" %*]% D6 r8 f- D/ N
- .REG OK. [regedit.exe "%1"]
+ v3 {* [) v% s - .BAT OK. ["%1" %*]; @# A$ k+ W/ u2 U, \! t
- .SCR OK. ["%1" /S]
; x0 B5 G6 V& \" a( i$ `# d, o - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
; ~# c/ ]. p/ v5 |- F - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
6 z' ^% \, T7 ? S# ? - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
6 p( S' A0 k, W* W' @& O - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]8 \; f0 e% d- i0 \! b8 M
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]0 f) X" M8 n7 p- e
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]; P6 J/ e$ x8 z( {" Q5 W1 z
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
% ~ w$ Y/ K8 D5 [! O - ==================================- `- o+ J( M; d3 O
- Winsock 提供者
5 b- m9 |9 \9 K' `. S - N/A
: ]: V, [7 o6 ]% L' k2 ` - ==================================8 F* {% T0 G- `
- Autorun.inf: [6 k6 t/ A2 H2 O5 V' G, F% k
- N/A
+ a) z9 C7 C/ F- L& u - ==================================" {6 K- `- z$ U0 h
- HOSTS 文件- }' r K" ?3 [+ X; j" I! X6 u
- N/A, x6 n3 M1 R7 S u: Y
- ==================================
/ {7 {" ?; b$ ]" Q - 进程特权扫描# @1 g, Q0 f( J/ s$ w3 d, {1 u% ?3 T$ W
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
9 j- O4 H F) e, X5 R" ?' g* O - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]8 V) b$ J; k7 Z! x3 b' c6 g0 L+ ]
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]( v+ U' P$ D8 f' s9 q
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]! g+ z# L' _9 j% v
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
! m8 _, K) ?0 s3 D3 c6 E, c' Y3 w, e; u - ==================================
}1 p2 }- p6 y- D. ? - API HOOK
# |4 O; y- z2 ^ - N/A
& |3 ?# j* c2 g: j0 I - ==================================
+ \7 N% F1 e/ a @, ~; G* S, y6 Y - 隐藏进程0 E8 P( k: G+ |1 m; i" Z" X
- N/A3 x! j* {2 i# T
- ==================================
- }: @9 W0 q# F* J! O) M$ a0 y - t0 i! X1 q' E! w }+ u
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
