|
|
6 E# z; E9 Z$ K- 2008-05-22,20:37:43
! X2 b" H0 n# H ? - System Repair Engineer 2.5.16.900! v0 G2 W! P" D% l. S7 i5 \1 z+ M
- Smallfrogs (http://www.KZTechs.com)2 B. v3 D0 Q8 I( A/ g3 \
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
. |! A9 b9 ^& G& @ - 以下内容被选中:3 \% I: x7 B' g; L/ w6 ?4 `9 k
- 所有的启动项目(包括注册表、启动文件夹、服务等)1 H+ B! l, {6 h4 v. |
- 浏览器加载项
& g8 h; E @* M, Q' y- B* q - 正在运行的进程(包括进程模块信息)
, `0 `! L; I3 v, i' D2 g6 C - 文件关联
" `1 z4 ~% u* a - Winsock 提供者9 L9 x0 J" o1 _$ T' n
- Autorun.inf
* L* S& v1 V4 _, s" f1 [ - HOSTS 文件
% T2 l$ A+ I. _, Y4 { - 进程特权扫描. [$ t0 V. _9 G: N6 _2 W! j
% y0 ~5 Z. E J3 G3 G7 m# Z- 启动项目6 j, [! j- S4 u4 V
- 注册表$ h* C( I7 _9 v! l
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
, r! {- ~2 D8 k; @- N' [# S5 D: f - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]/ g8 c5 M/ n) d, D( S6 L
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
7 J s- ]) V! | T' d8 D - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
/ _# a- Q+ W% `# \9 S) T$ [ - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
, S i4 [- i; A: h& E4 r, S: D( T - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]6 e# O1 Z5 X. j
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION], T, ]& E( _8 u# T
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]3 \6 G/ G# M# R/ q6 |
- <PHIME2002A><; > [N/A]
3 i) ^$ u0 a2 R! J4 k6 x& L) \2 U+ j - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]% V5 w" @/ z8 }1 m2 |
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]8 U: P- E9 ?! {" o9 Q' ~
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
^/ P( V1 V! w, |$ K2 R - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]! @' q! S# w8 N8 L8 t
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
/ B( T5 ~6 C/ O3 F2 u - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]; {1 q) c: P* n+ ]
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
4 y/ s6 \5 ]0 V; x) m+ f - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
: f5 p7 A8 J' H4 W8 ~, b - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
o& b8 e0 o8 Y - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
% k: ~! K' G* h/ L - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
+ j& h) S2 x# ?5 s# f- s" e; m - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
( Z: _; ]+ G4 |8 a5 n4 a - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
, U5 [( m6 N& Y, K8 d - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
/ Y: X" C- E: |: ^/ o: w - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
/ [6 \: W1 }/ w0 V4 Z8 E3 z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]( h& m/ N I+ I/ Y; y. H
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
2 z2 k) a8 n' v: W+ b& q; [; |8 v - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]( {/ J) Q, e/ r9 _2 q v
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
5 `/ O1 `1 I3 C - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
- X1 b! P$ U. q1 L4 k4 U% c5 D - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]( R* J! r! \, m; t u
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
5 ]( Q6 g: b _ - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]% ]/ R0 F# p0 V! h, M+ K9 K" r& ~
- ==================================: h, r5 B' D% G0 L: Y
- 启动文件夹( K& @2 f: Y8 c& d! Q. {( P/ c5 f
- N/A. B7 Y6 p* x$ ~( K9 O: H( p
- ==================================
' g, H* ^. W/ j3 f- r* I - 服务. S/ q4 Q8 b/ \. T
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]- x, h& k+ e4 Y- ?( H3 Y+ p
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
) V+ W- b. |4 z) w: C" f" _5 [ - [Google Updater Service / gusvc][Stopped/Manual Start]7 w1 m. P' ?8 W% ?6 }5 s& U9 ]
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
U `3 g" e% m - [Help and Support / helpsvc][Stopped/Disabled]
: ~; C( ]5 G, H& W% `8 f - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
- [! W+ \/ C, b# q' u i. u - [Human Interface Device Access / HidServ][Stopped/Boot Start]# q: ^7 p/ C; A! h/ L C' J5 T
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>6 Y& P* D9 ^- U1 R" J, U
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
8 f' f! v+ E* _. q7 M# Q# I2 M - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>7 s0 @0 O6 G: l) ]5 a
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]. Z$ e+ q" B) Q, u1 u2 [
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>; K6 ?: T& u! e2 b4 I8 m
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
4 g' h* n# t4 g - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>; {1 d8 x/ g8 N; @; s3 F( k
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
* R0 k+ S6 V+ T1 } - <><N/A>* K/ q6 j# V& p) L6 r9 |$ J
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
4 n3 l' q8 g# c9 P$ g9 y- _ - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>! c. I$ M1 [& p8 M
- ==================================
7 R5 {5 i: z3 w( D. B5 H5 c% Q - 驱动程序
9 f7 E, _- U M" i( D - [22j / 22jn][Stopped/Boot Start]
8 M; w0 t0 I# N5 G+ k7 Q - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
8 J6 F$ E( K% x O+ h - [360AntiArp / 360AntiArp][Running/System Start]5 y* \! F2 r) H
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
( {6 u4 L, x0 d, m( D) k7 a5 J7 U - [43ec / 43ecu][Stopped/Boot Start]4 e; T2 R# ~' r# T! i
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
, A7 G8 a0 A/ Z- W2 G. Y" D - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
. ], i9 E0 w6 E- p3 t - <system32\drivers\ac97intc.sys><Intel Corporation>) _6 K" ^. f1 C* |- G! A1 z
- [Promise driver accelerator / bb-run][Running/Boot Start]
# N2 z \$ P& k, F7 a0 a" X - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>& [3 e8 g* V2 W5 ~% }7 ?
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]# q/ y: s$ a; {( Q$ C
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>3 P) Q4 f2 X1 Y
- [KAVBase / KAVBase][Running/Auto Start]/ L' L# R3 _8 L$ X7 C
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>. k9 @3 I: A8 }! i3 D
- [KAVBootC / KAVBootC][Running/Boot Start]
1 L+ Z+ U( x$ s/ Q/ v) q - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
/ `: Q8 a: J% U: D" c& D( f' d; G - [KAVSafe / KAVSafe][Running/Auto Start] q3 N7 Y3 [8 ]
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>- k$ v$ e* j) v- z& P) q5 N6 p# `+ V6 U
- [KNetWch / KNetWch][Running/System Start]! C5 o% Y5 N( n1 [' B, H
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
8 v2 B1 R9 _/ p& v& [- Y. t/ z/ ] - [KWatch3 / KWatch3][Running/Auto Start]1 c8 X2 J% v2 s g1 @& j2 l
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
6 B0 c' n U% j8 Q3 u& q2 i - [ntptdb / ntptdb][Stopped/Auto Start]7 T9 B) ] w3 t" p! l
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
* ~. A) Z7 b- n, y) o) n6 b - [nv / nv][Running/Manual Start]0 D2 A5 I5 Z/ t/ i- t$ y$ ?# A
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
1 }: T- M" D& } - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
1 J! W. r/ w, T - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
7 e0 c3 X+ o% ?( u( F& W - [DDK PACKET Protocol / Packet][Running/Manual Start]3 T8 a* H8 Y; Y
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
' V5 B4 x. W$ u U# R+ }9 c5 b - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
, ^; l( L' D1 [5 \ - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
: P5 ~6 s% K- h, W" i - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]1 s1 _/ z7 n( y
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
x7 E1 S/ \9 s0 S3 X - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
( v/ D) p+ A0 W' l) h - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
. w' n1 B4 S, G9 J2 x. g9 u# x2 C - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
) [) i& F3 n: g B4 X$ y7 e" J. a - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
) a. H$ R9 v. a6 R3 A* k - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
5 F# t+ L. \- D8 w2 J& _ - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
' a7 P( \' J) Q3 O1 ]) R9 x - [Secdrv / Secdrv][Stopped/Manual Start]1 q% t3 G' A1 a5 q1 V) v" F
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>6 W9 T. p: ?) `/ ^
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]7 r9 ?! w* A0 t) b! G/ ?
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>' V+ K7 s, h$ {! q4 D$ s/ V/ T
- [System Restore Filter Driver / sr][Stopped/Disabled]
! l/ H4 k! [3 y( S" Y - <system32\DRIVERS\sr.sys><N/A>: E! v5 O+ M' ^& Z
- [TesSafe / TesSafe][Stopped/Manual Start]
5 m0 k8 x m" E: @ - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>, W" n! F& c- C" K
- [System Services / unzxzsrs][Stopped/Boot Start]( i* e$ p1 v. M- R/ d
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>& w- s# ~$ Q4 ^& O; w
- [ViBus / ViBus][Stopped/Boot Start]* P+ m- Z K( w2 F& L- h+ v7 n
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>) g% i9 [) c0 S& c6 p
- [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
; V, V+ P$ Z0 `$ S p% f9 o1 m1 P& ^0 q - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>9 P d+ s9 P4 k+ e
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]% A+ D) k% X t, {
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
$ H$ j0 w6 z) C- ~5 C - [ATI Extend / zhibmaso][Stopped/Boot Start]
N0 N p+ ^1 R( G - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
) {! d3 O1 m' L9 k0 |1 f2 b" l - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
7 f) x* {- W+ J/ t; k$ H1 D, d5 E - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
, Z9 J) F) q0 C8 F& `5 t - ==================================
3 {2 o5 M t: O, @; C - 浏览器加载项/ s) K' _. Z6 F! Y: {
- [Google Toolbar Helper]/ v1 `4 m9 a7 r, D1 i0 F `
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
& ]* ~* i) c$ Q: P$ I - [Google Toolbar Notifier BHO]% Q) h, N1 I# u6 F
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>* {0 V. z7 _, V! x9 C
- [SafeMon Class]+ a: I7 N( I y% H
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>' O; T5 V: E/ a( ?
- [kingsoft browser shield]/ |, W; g5 b3 G) A% B
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
3 Q* }9 z! N# d - [IEBuddyExtControl Class]
" g7 U3 c) w6 D+ X* p - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>/ \1 A: p* r: L
- [Zcom 杂志]
5 q# l3 {" C$ l# Q; L; W3 ?) P - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
: n8 e- @' |$ O0 F; E' W% g5 a - [&Google]
2 A y$ h- h5 k0 Y& _0 W! w1 G' F) ? - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>" b/ }7 }! _; r: I9 H; c5 I
- [KooPlayer Control]
6 X K1 Z* l: Y. o) w5 {! f - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>; u- y/ P$ T9 t* [4 O, p- _
- [Shockwave Flash Object]2 }1 ]' E5 ?; n( @, ^# u- r
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
2 r4 ?; n; ^! b+ B5 v: _( y - [KUpdateObj2 Class]
9 G/ ^, o5 H5 r% ~% l# h+ k8 I- B& \, X - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>& k# [! _" I5 u
- [Google Script Object]
" ?; k5 f: }2 K5 f' o. | - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
- g0 w$ `( {2 Y - [EWA Control]
3 C5 G9 o" i$ Y - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>" h, ~ y$ O3 I! c/ K7 P
- [Windows Media Player]
: L$ a" ?( L: z - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>2 h. r: J- E/ d1 E5 J2 Y# Z
- [&Google], k4 V: y( {1 F, M" B
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
# L! j. q! W% v, X/ L - [HTML Document]% z x) b0 i- T, D+ I) c7 p# ^
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
' F2 K5 s' e2 k9 H8 w3 f! A - [DHTML Edit Control Safe for Scripting for IE5]
" t5 M3 w0 A' a( C" E - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>$ Y9 h$ X0 I1 _ I1 ]& p# M: p
- [RealPlayer RAM Download Handler]
% G: ?8 s8 j/ W0 C; L9 ]7 S - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
7 l0 W& h. n- c - [IEBuddyExtControl Class]
( G; l# N$ M( j6 @ - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
+ {4 |1 S$ a2 Q8 s# s - [XML Document]5 c( Z3 l7 b7 _% b
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
& j: x) c" j* x5 ^; H - [HHCtrl Object]
4 q6 n( V1 U8 M) I5 o - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>0 t8 |; G8 ~" Q+ t( s% A; Q
- [Windows Media Player]9 p- U, C3 _; ~# r* k) f
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
# K) i, }. n' ~- K$ x+ M) H - [Active Desktop Mover]
$ j4 m" \3 p8 x, C0 ^ - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
- i, ^& j2 u. l; [ - [360SafeLive]
1 `3 [* S) \' e, E - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
# g2 X. v: S0 v7 ?/ d/ z. B - [Microsoft Web 浏览器]
- Y! H4 H6 l+ g - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
9 j- z6 q" N! _* H - [Browser Enhanced Objects]7 I( m; P, [' B" m8 `
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
7 G3 N4 R4 a! x! F; m" l - [Google Toolbar Helper]
( ^4 i) H! ]# \, n$ W5 w3 L - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
- S4 r4 u' K7 m- w6 i% d - [Microsoft Scriptlet Component]
- L& F" Y6 ^7 P A - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>9 A# z; O3 a& n+ X4 Q- d
- [Google Toolbar Notifier BHO]6 B6 e+ D% O. L1 K' q2 L
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
5 h; v: Z6 A1 n: R" m; ?/ a - [SearchAssistantOC]' }' [, Y, N, E7 w3 a, Y
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
( U$ ~/ @& ~" Z" B - [SafeMon Class]9 ^, P: N* g* G+ \. Q" J
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN># @# R& F# x9 v6 g
- [RDS.DataSpace]5 z# U2 _7 c6 h, Q
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>, Y* V2 s7 y+ G) n, K) T
- [KooPlayer Control]
5 W$ s& {( k8 |* V: a) X - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
* L/ s' `# E" w# K. ?" O - [AUDIO__MID Moniker Class]2 I* v7 H7 i9 U" ^( S& X
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>9 b$ n J. z6 r5 E7 k! F
- [AUDIO__MP3 Moniker Class]7 r$ l+ o9 v U
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
\* S2 h; Q z' S, H9 d - [AUDIO__X_MS_WMA Moniker Class]$ W1 O& N8 e f5 `/ _4 C! I
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>7 E/ e S0 _& e1 k0 q
- [VIDEO__X_MS_WMV Moniker Class]
4 Q& F, o9 t2 k' Y# H: ]/ F - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
* s& R# M. ?* f7 y: V - [RealPlayer G2 Control]
7 H7 ^. Y/ ?8 a0 R$ { - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
4 P0 m2 d: u0 w: c _$ v$ e - [Shockwave Flash Object]
8 I$ M7 \' w3 O% ` - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>! r+ r& F/ K% [3 }0 a
- [KUpdateObj2 Class]9 T# q! ]0 L, \8 a: x
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>3 P6 g# k; |3 \1 \. _6 o7 X9 ]
- [kingsoft browser shield]
' `. I7 H' P/ a - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
, e8 b# ]/ [! p _$ F3 Z- ?8 p - [PasswordEditCtrl Class]
: H ^7 I$ j. F6 z* J - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>+ Z8 W) [' Q$ v1 W% F8 x
- [QvodCtrl Class]( t* g& F, D$ M
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>" v8 ^& J* p3 l4 b6 ]* B
- [&使用超级旋风下载] [3 j0 s% e9 @* k- M3 @9 U
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
: W1 R. X8 m( R. T7 B! F3 `, R - [&使用超级旋风下载全部链接]" a5 ]' ]$ ~8 V1 L4 `) J! J3 s& F
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
( B x2 D8 h) u1 } - [使用迅雷下载]
4 b* B+ I9 S. q; c$ I - <, N/A>" n/ R+ k8 _% D: h E+ Z
- [使用迅雷下载全部链接]
: }9 k6 _* ?0 l4 ? - <, N/A>
! R: n' k* h8 H1 k: w - [导出到 Microsoft Office Excel(&X)]' E% b7 [2 W: W( t0 l1 @. D( p
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
( b1 X# o1 C% ]& M; f, A. T2 g4 |5 f6 T - [添加到QQ表情]
8 G/ L- q7 c# l) S - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>/ p$ W- s+ O! \. b) X
- ================================== I! R6 F% T6 J/ o! G. t9 }0 y9 [- q
- 正在运行的进程, N( W3 G2 F& e
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# E, F4 W" w3 D$ I - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) |; G1 |3 U5 X - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% ? Z% @% o& A; P
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]$ L! e9 k; y2 K1 h
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. c8 d5 d& I& C: A( j, ^' h$ D1 X
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 E( d# z0 v" y9 J7 j) v3 J3 S
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( E% i, b: g! V8 V8 N7 \
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)], A) ]: n8 v* w m3 w4 d$ W8 X- Z
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# g0 m/ [& f: F8 e
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 b. ^+ e+ _: \5 C9 f* p |
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" R) a$ }# G$ z2 @0 m7 r6 Z - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
: @3 i9 R7 F2 L8 j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 F" [- F/ `% J3 s% o' }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]! r$ B# K$ R6 J% B- J6 @( c
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]- H; }. W! E: }! |5 u, Q1 S
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
N. F7 G% E6 |) {3 @4 I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]* q: X# e h7 z+ s& |% v8 a( z2 {9 u
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]7 X& M3 S- ]8 J- F" _2 n2 ~' _
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
$ W; i7 U( |6 J - [C:\Program Files\WinRAR\rarext.dll] [N/A, ] E4 w( R$ v( ?7 E1 M- V/ o( F9 a$ e
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9], b% B' k( s* t4 D1 H
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ {+ L+ ]$ x) V c% `% I
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510], c5 x6 K- y" B$ \9 N
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]# X6 N, k! A+ I2 s
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]. z6 d2 m" W& |- c
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
6 s9 a, t, p& m1 c, ~" w# [ - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008] v' A7 m/ { a( x5 m4 X# C4 @+ N* [
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]( }8 g5 b6 F: A, {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
* Z: B5 M$ x2 p2 y( E6 ^/ {8 Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
* w7 G, ~! [. u; ~$ J, @ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]% y+ C6 m) X& q$ m- @9 ?
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ W; r7 A; I$ |! ? i3 X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
1 {! U( n* t: d* i1 c! T+ I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: q9 O0 z! P6 i5 q0 _& Z
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; y3 t9 R! `1 }3 u$ c% z, T
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]& h, U& Y& ~% p- |
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
{6 K0 c. @- z# S, ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: n% y; \- s4 S; l+ S$ M% v M1 Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 ]9 o o: H: e% ], C9 M' `
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
* U' y, \ a' I+ [ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]9 R, I4 U; d- D0 p c6 A4 b% W8 I
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
/ m, X" F0 q9 }, p' W - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]# Y- `" ]3 ?- H* r
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
q+ W* P' F* U. m5 | - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
. X Q# Z& c' u+ T2 Z, V' V" l - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
* p; }+ B, F9 G" }' P( r8 {( ?$ I2 o - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ @' o; r1 H! }' a5 E
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
& W1 z- M1 Y& \' Q8 x - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]! H6 H( g4 o+ _" V) Z# H
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
1 y% Q' }8 [% T' l) H" Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
. a) k* ?# ^7 b' i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
6 h/ a/ a& G' I - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]' R i- u3 b/ E; C$ k6 A, i
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]5 I; t' X8 i. q7 t, k2 }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]5 {5 g( Z' B3 K0 l: e( V: _
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
0 f% O& k4 u: j" \) r0 c- u8 l - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]0 I% u6 w* g7 ]0 x; H' y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]3 N o# ^2 |3 `; x0 Y0 L" h3 a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
+ [- j2 P8 F* x: r' Q - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]$ P) W; y- u9 Q, r W
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
$ }9 e1 K. @. B, l" T4 Z- z - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]0 a' J! N4 j# C L
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]( |9 \; D y. B. k3 G" u% W
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]/ [: N+ i! |7 Y8 X" o
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]$ b: B, Z8 Q" b' D: N( O9 L
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]0 y+ j3 q! h& Q# i, z/ K4 A. T1 e+ I
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]' y* o4 R7 u" ? Q+ H* p9 x4 i
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]. Z/ ?; O b; H* N/ @ ~
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
; F, N, ]7 J3 O' b - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]: q4 v0 R9 V s" N9 N
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]- Y: V% ~. A, O: i6 @8 x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]/ ]+ `3 [" U8 {0 x% p6 f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 u* k" K, |: W
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364] t" }0 l! k/ S# D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
: l$ P+ V/ n4 {7 F/ g$ ] - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]; c. d; N* N/ N3 @: R9 S. h7 \
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
# U& W9 B% y \+ P! _- W4 { - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] O2 L/ t c- C! M& @9 a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364] {3 H2 w8 n3 q; p) n
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
& H( z% M( T8 L$ G5 q - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]2 C% B' P' }! n7 y9 d$ L, Q
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
$ Y* a7 q* O' ^ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]. a. A) |3 _' n" |2 P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
' e! L! }& a, `6 ]/ Z' r - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% D- l1 ~) y; ` N. ~+ H3 N. w! h - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 T" S, ?) j! p" [) K1 L
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
) L8 d+ K3 K q# A/ F - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
% d1 w( u) K/ I# i1 C; Z# j2 J0 c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" H6 E0 p/ ?% h - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 l, ?2 J# s; t. R3 `4 J7 d" Q( ?
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
- H1 j/ ^5 Q* d$ g: S5 h - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
M# r; Z. P f1 w7 [1 V. ^1 ^ - ==================================
" D) m0 r: O+ S - 文件关联5 r5 R3 h/ T9 M& m
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
, R/ o" V9 A' O; {# W0 d: \ - .EXE OK. ["%1" %*]: [" f" X0 u3 P9 s1 a/ J. D" r
- .COM OK. ["%1" %*]
+ n+ j- w" L, q* y9 q0 l - .PIF OK. ["%1" %*]/ }; G7 A, L# a/ u- d* i: q
- .REG OK. [regedit.exe "%1"]
6 h6 V: F3 n3 |" z* o: S - .BAT OK. ["%1" %*]
. N8 j( d4 u1 q% W' Q* [! w - .SCR OK. ["%1" /S]
4 k" N, z6 p; W8 q4 e+ C0 H) ]2 Y - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
( k& o6 {1 Q& p" r5 D - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
5 }8 `: U& m! d4 G - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
# L8 _/ ]7 R! f" `7 b - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]2 |+ o# Q# t7 I+ D3 {
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]- F" e9 F* u, s# V/ I* J
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]& l: a9 A8 r' J8 q* K t
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]5 [9 _" I7 i# \6 _' ]5 @
- ==================================
0 n1 @$ h7 Y# j6 L" G* K' y - Winsock 提供者( |5 Y& m8 g* M7 E
- N/A
, ^/ h8 u& R3 |9 h+ P4 C - ==================================- x0 M, ~) Z( ~0 g' d6 `; f# G8 ~* [
- Autorun.inf. o5 _ w& y6 y3 a" v( X
- N/A
9 x) G; K* w4 B - ==================================9 r# b A9 `: z0 j( I9 z6 e( d
- HOSTS 文件- K) M3 b7 I# b' C3 M% r* f& q
- N/A- D% \" ?3 {7 }& z$ C
- ==================================
2 z" K4 t) U% ^, T" @3 A - 进程特权扫描
" k# g o2 \9 O! i& ?$ R# ^/ o - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]) j6 \, C5 N/ \) ?0 |7 c. p+ M
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]; ]" N+ k* q4 A+ ^2 X" S9 a. R0 D
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]# C6 t% H# u& O1 l p) A
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
5 F) b/ k3 R# e+ x+ J - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]0 i1 p5 Y6 W- b: u+ C% y! n
- ==================================
1 a: B; a/ l/ C5 ` - API HOOK8 l5 M4 E5 D0 U& e k1 x" y
- N/A% y5 {# J( A! g9 X6 x, g
- ==================================* L+ L0 ?6 t% {6 ~/ Q
- 隐藏进程+ E! R w c, l0 E2 {
- N/A
; i$ f) e0 W( Q5 Q' \2 E - ==================================0 b* B3 x* Y9 z% o3 \
" ]. V0 v u1 A/ U. S
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
