|
|
1 | l; f# L5 N5 @6 p: r+ W, ?( K- 2008-05-22,20:37:43
. m' ~; [6 z" n& Z) E V - System Repair Engineer 2.5.16.900
" Y/ f* l4 d1 N0 L9 I4 v! A - Smallfrogs (http://www.KZTechs.com)
! P5 P: l7 B+ @* w$ C+ R% G, y - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能3 S+ g$ B' W: s$ C% y7 ^5 U
- 以下内容被选中:5 w: }7 e- a7 L' `5 c
- 所有的启动项目(包括注册表、启动文件夹、服务等)
' ^; x+ Z* A7 C. o; X/ t - 浏览器加载项( y+ w+ I2 l( O# S/ D1 q( `/ y" |
- 正在运行的进程(包括进程模块信息)
5 Q8 Z. v8 y! p, u - 文件关联% V! ?/ z7 y6 f& `) B9 T
- Winsock 提供者
' Z! o6 i7 ?' f+ J% i6 ` - Autorun.inf
- W3 {3 i4 I/ v) Z" w - HOSTS 文件& B8 P) I" p: a& w7 b
- 进程特权扫描
+ U" b6 h% S9 h$ f* c# e - 1 C% N/ F2 i, N% P5 n7 O: e
- 启动项目
D8 F, F o" l, d% Z - 注册表
# { }% Q4 B' L8 U6 z" J" M - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
% S6 b; X& h; v7 D - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]- {: c, l% j' |' R$ B, z/ M0 q6 `$ B# E
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
* } K( ~5 \9 u* P6 m3 u - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]5 [+ F5 A" H8 m% q5 a, R- B" i
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]' F6 l$ v/ q6 W0 }7 ?
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd] \3 `8 O+ ~4 Z7 R4 ~9 K
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]) Y+ I; ~' [! W& L) ^
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
5 r: o' m2 u2 g/ I" r1 S0 V) u - <PHIME2002A><; > [N/A]
, ^! \$ J9 A+ i! l0 ^' z# X - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
' w- |. a; K8 f2 S1 @/ H( t; z - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
* G6 J1 M" P7 x9 \: \/ m9 ? - <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]* z2 U0 E2 G4 K& F6 @% G# Q8 m! _
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
2 E% M" p, F- u2 c - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]( _6 A: b& E; E/ C$ M- x8 K
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]/ `( M0 b, i* {: u6 Q5 ~+ Z9 a; O
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
7 j* z3 T* N8 g; E4 d - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]- t, |# D( ~$ K4 q6 B8 y
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
# a9 M) D7 v2 `$ O( B m$ Z0 N - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
/ w! y) W P5 d - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A], F5 a) n" W9 k ~" | X {4 F0 ]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]" L; b' \, d) R( S d
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]. a8 [; c- s, x8 ?& i& u
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
( X, V0 }% R3 Z- R }/ y9 y - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
5 ~" N4 t) F; l/ t$ I - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]4 t' W- S& M# z" o0 O( U
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]9 F9 c$ ], Y( V2 k& Z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]! m3 S+ Q( f. E4 k# S9 x
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
9 _/ r' f! u2 g( u - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
6 a3 q( X. \7 i( \5 W - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
4 U2 u8 Y! L7 Z2 X) f2 \2 S - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
. Y$ L- F8 j0 @; U. p - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]; U# `! f! y0 l; g% r
- ==================================
5 I5 f. Q/ l3 @; n; [# f3 w+ s - 启动文件夹 Y7 C& I9 H. f, f
- N/A7 m1 e) t8 F. o: H K
- ==================================7 W! S' w0 ]9 [* \* G0 M
- 服务) K& X( J& p9 f$ h" \
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
, s' b* D' e7 k- A6 b G+ b+ n - <C:\WINDOWS\System32\3wareSrv.exe><N/A># Y7 L: H$ @" A$ E
- [Google Updater Service / gusvc][Stopped/Manual Start]$ ?0 Y2 U- G0 _8 a1 A: _, O0 _
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>) P0 W3 l) Q8 |( I# B7 P
- [Help and Support / helpsvc][Stopped/Disabled]; F& N5 v8 t; o/ x
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>- N' H0 V5 i0 g+ R
- [Human Interface Device Access / HidServ][Stopped/Boot Start]% B# g& ` T0 b: z6 t: O+ b* o9 Z2 o
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
" Y( S& u% u$ |) R - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
5 I4 y" E# C* z6 y0 c6 V - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>) I; h2 r2 n7 X% `' F
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
& ?/ ~* Q V, ~/ @6 ~4 \ - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>
+ P6 B1 f- |2 [ - [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
3 E* v$ m: J# j+ A Q7 G - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>* e+ X* p* M0 ?; Z
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]% g6 U) b C# C4 S1 X
- <><N/A>
7 ` L, }5 L( [, r" J- M: Z; { - [Qvod Terminal / Qvod Terminal][Running/Auto Start]- p5 T& X: h' m* a9 s3 e6 U
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
/ D/ C/ P9 t& x/ o p8 [ - ==================================7 L( h1 N; R! @' T# y3 z
- 驱动程序
6 \0 K7 j% p% ^. r - [22j / 22jn][Stopped/Boot Start]) q; j& K8 E( x6 U3 P0 z- f
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>5 v+ O/ c% h% v i
- [360AntiArp / 360AntiArp][Running/System Start]! M. S, {7 b s6 F& m) d; z
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
. c) B' U, j/ l: k7 z - [43ec / 43ecu][Stopped/Boot Start]
) N- t: e; M1 K! E - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
0 R- C- u6 a& P - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]" K+ P# R; A3 T: q3 y5 O" [) `6 M( V
- <system32\drivers\ac97intc.sys><Intel Corporation>' T3 _) y, J; I
- [Promise driver accelerator / bb-run][Running/Boot Start]
/ V3 S; ? N" ]1 ?7 \& w - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
& P- |" T! Z |6 _5 \; B - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]+ W/ S) V1 V# W: b+ T
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
5 x! t+ O$ L, ~; ^8 x7 f4 D - [KAVBase / KAVBase][Running/Auto Start]
1 ~, `0 e8 A# O. ~6 j# ]5 N! Y3 { - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>9 |$ E- a1 J+ j. @0 R* Q
- [KAVBootC / KAVBootC][Running/Boot Start]0 G4 {: _# }2 q1 W$ h7 G
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
2 D( w! P. d2 g* Q8 F% O# x - [KAVSafe / KAVSafe][Running/Auto Start]
0 |, G3 ^6 ]5 N3 z0 N - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
* N1 f. h( X- c. P - [KNetWch / KNetWch][Running/System Start]
6 S8 h/ c2 {% ]) U* N, k' {2 r - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>! [- G% H. D8 c! k
- [KWatch3 / KWatch3][Running/Auto Start]
2 c: i9 P9 t. p0 S. n. [ - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>
/ I3 {( M- Q+ l0 ~- r; c - [ntptdb / ntptdb][Stopped/Auto Start]
* E/ N- @( N' z# j1 ^" ~ Z0 Z - <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
+ K: V1 _5 N7 f9 L( z$ k. U - [nv / nv][Running/Manual Start]+ T4 @$ f- U6 g7 d
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>; o4 E2 k9 v e
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
/ k! F- s! s; z; [' v Y% ` - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>( S) F2 }* ?8 I8 W! \+ w; U4 [
- [DDK PACKET Protocol / Packet][Running/Manual Start]
. }. X8 t h7 Y* C5 ? - <system32\DRIVERS\ProtoDrv.sys><360安全中心>; o( _! C$ L, v9 G' y
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
+ T4 ^ A, L8 @ - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>" H: P( h! b7 X2 N
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]8 m" k$ \$ j* R, F& P2 F
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
: f, Y8 y- `4 l# b# J6 ^; } - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
5 F7 j: `! c/ G2 i. t" b - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>4 b9 B/ H1 \" d1 F/ C' h
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
3 l. q: g1 S: F; m& U$ o - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
8 o) G/ \: k% N5 N. }( M - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
4 q1 `+ a: H( `5 G* _' d% M - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>2 Y: z3 s3 Q" v2 t
- [Secdrv / Secdrv][Stopped/Manual Start]. I# ]; q8 K' S D$ ~
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
" }# Q9 _- p6 X. Q - [SATALink External Device Filter / SiRemFil][Running/Boot Start]$ K5 X6 Q. Y( X; E1 n$ l d
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
3 s/ w. Y+ T4 f. m8 s* e: W- p1 O - [System Restore Filter Driver / sr][Stopped/Disabled]
; ^; f6 i7 S8 w0 V' E- L' b& S/ F5 Z - <system32\DRIVERS\sr.sys><N/A>" l8 T. `! Q3 T9 a) h% I9 s# T
- [TesSafe / TesSafe][Stopped/Manual Start]9 U& s, T2 g# O& i
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
/ z# O" j ?8 e - [System Services / unzxzsrs][Stopped/Boot Start]1 U/ G# f* `& C8 }
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>1 r( J+ a4 [ H* i) E, }
- [ViBus / ViBus][Stopped/Boot Start]" [# h5 n: F) E$ P8 s' t0 D+ e
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
# D9 i2 n; w% P- }. M, R0 z - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start] B4 ?" P5 h" ^( g1 K
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation># K8 _. m8 w* @
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
" p _$ g) f8 v) b - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>% u6 G3 \8 T* \! T
- [ATI Extend / zhibmaso][Stopped/Boot Start]
1 |! E+ u- U, d3 d% q - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
, f. r; ]3 L5 D/ w# h - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
R2 i% R) g' C$ p- _ - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>: E ?2 H: e( W& h( z7 ?+ J0 @2 y" {
- ==================================
- M4 H1 b, p& l - 浏览器加载项
5 t, A0 U: V$ K9 i! j; c' N - [Google Toolbar Helper]& l# v: [6 k/ y
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>& [+ h' d. n' \8 s) f5 @
- [Google Toolbar Notifier BHO]
/ D+ v5 L# _/ C! \ - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>) I9 m, G4 K) i7 W
- [SafeMon Class]
- f/ i. G6 b& W - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>' \& _7 A; P7 a
- [kingsoft browser shield]
8 f" I0 O/ j, P$ [* v - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
% |) U4 c4 l# @" Y; h$ F! ? - [IEBuddyExtControl Class]4 L+ e* H: Z; b9 I
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>( T# N0 [2 N" k
- [Zcom 杂志]
. g7 i6 X) g( A - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>7 U, u+ Z- K0 e$ |
- [&Google]( A- ^4 `, v! P4 `& d' u
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>. W3 }* t' r6 e7 k. f$ C
- [KooPlayer Control]# Y7 l2 T' g7 e# S- C
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>* e/ ~3 r' v) V4 q
- [Shockwave Flash Object]
, r, O9 X" g9 r+ m1 s# A' v# T, l - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>0 q5 j. v0 R5 s% Z' c9 j
- [KUpdateObj2 Class]
) m4 O# Z2 L* n% ]2 W: Z - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>: h" j# Q5 K- q0 B
- [Google Script Object]
5 B5 k% m( M8 A+ z7 W9 b - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
+ `% z+ T7 s; N- W( b' ^4 t - [EWA Control]
# N* }4 {# A8 o - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>& u! z) \& f0 v! m6 k
- [Windows Media Player]4 x: `# R" o: `4 @! H/ [
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>; e; m5 h! m# c( O
- [&Google]
& v( h% O; m' c) ? ~! C - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>/ y3 U$ p' ^5 E* I% Y
- [HTML Document]% {+ w' \# X+ S/ T
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
8 E: Z2 m: e' G8 Z% ~+ S% m - [DHTML Edit Control Safe for Scripting for IE5]6 c- ~* V. e$ K. n
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>' K2 W6 R- n& j% q, s; K
- [RealPlayer RAM Download Handler]
! N4 i: p+ d: O% K" \' z - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>! n- m: \, L. s# R& C2 a" W% j
- [IEBuddyExtControl Class], _( T) }: m9 r# @% Y
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
( Z v" u# [ K/ X5 ^- i N. K - [XML Document]
% @2 R- ?) j5 a k) o1 b - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>$ z- ^+ J! R, g: Y9 w! f+ |
- [HHCtrl Object], Q/ S' X& z1 H, H. Y8 |" @0 C
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
; b) R) _3 j7 q* O1 s: A - [Windows Media Player]# P" @. [; X" P6 @
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
0 K8 m+ H- \6 c# z% f2 e - [Active Desktop Mover]5 H9 q) N, k5 ?8 W( E2 o
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
; w, j9 X4 y1 ]$ Y# l7 n5 }: p! @ - [360SafeLive]
1 H$ ~8 i+ s5 W/ ` - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
4 N W, i3 E" G8 y7 I - [Microsoft Web 浏览器]4 T# j) u* p5 v5 e7 \
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>! t# p% a) W3 v$ e3 J
- [Browser Enhanced Objects]+ R8 a+ c4 J0 ^2 C5 j8 ]+ G4 v
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A># \& X0 ^9 d+ w# h2 \
- [Google Toolbar Helper]
+ c, ^' K0 R/ B - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
* I& ~ j7 ^6 P5 W3 P - [Microsoft Scriptlet Component]
% h' A! }4 m7 Z. B9 A, Q8 b+ ~ - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>4 `/ q* r3 G* c F. j+ F
- [Google Toolbar Notifier BHO]
9 o( `' K# P E# y3 ? - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>, Q4 j+ |% l/ Y' W; I: [
- [SearchAssistantOC]
3 b. l* E; A0 b0 m d! Q - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>( e( R0 `8 v* M" X
- [SafeMon Class]% k: }9 t- L, b2 N6 d
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
+ l$ |, I; `! A0 w- q - [RDS.DataSpace]
4 [, c' m @6 M0 R, S - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>% o1 r2 W+ g/ R
- [KooPlayer Control]
3 i7 u: p9 Q) ^$ } - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
0 d- Q+ Y A% s. V9 t, U) D - [AUDIO__MID Moniker Class], \# H& B! X+ B# }/ |& I8 ^
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
) ?% V' j) [4 X6 g8 g# l - [AUDIO__MP3 Moniker Class]
2 w! d [+ X3 [( V - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>1 v$ W8 A" w( ^2 j6 a6 e
- [AUDIO__X_MS_WMA Moniker Class]6 _. D* G. B+ w* g9 X
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
% {( |" b; e. k/ Q! h - [VIDEO__X_MS_WMV Moniker Class]
( T. P# S7 p3 t' ?# X - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>, }/ G' H9 }1 ^+ v6 M/ f6 f
- [RealPlayer G2 Control]; h: \) M, I' n% N- T2 |; c" @
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
5 _ T& y) j: B" V3 R - [Shockwave Flash Object]( i' f9 {) g+ `! l8 }
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
/ A8 p# v, j- N1 t8 @. R: s - [KUpdateObj2 Class]' T/ M6 s }; w4 d
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>2 I1 A3 q0 X! s W, S" ]5 B
- [kingsoft browser shield]" ]2 m' Q- h2 o) A$ e) P0 o) V/ L
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation># C/ f! I' c1 P/ r/ d: Q8 E5 {. o& c
- [PasswordEditCtrl Class]
4 j7 \8 l; |. D) O1 w4 u& x - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>$ w' [- C/ Z$ i k* N& C
- [QvodCtrl Class]
) t% Q: ~4 g( I) w/ r - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>: w& U: }% n* p" p5 O) h
- [&使用超级旋风下载]3 u' N3 b6 r0 d4 \% Z4 u
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
- Y: @" D7 H5 C, k* @' K6 X - [&使用超级旋风下载全部链接]
$ O: C& ^2 A' t1 o6 L+ S - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>& S. E. t$ r6 u! v; [3 O/ m* O
- [使用迅雷下载]3 `3 d/ E. U' h- J
- <, N/A>
; n7 C1 g8 z- i/ r5 O - [使用迅雷下载全部链接]
! [4 r( c* ]+ C% `2 m1 O - <, N/A>( d/ f6 W9 ?. K) S: I: D3 L
- [导出到 Microsoft Office Excel(&X)]
0 q( y1 o3 x$ q1 } - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
4 {) q7 @' _ W1 r/ I# [ - [添加到QQ表情] X3 `& D5 X9 ^! y1 ^4 k$ P
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
! R1 L2 f. w* [ - ==================================! X- U K, K0 ?
- 正在运行的进程
& V" |% e2 ?: k" I# Y4 i - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
0 L& t; @) W- E - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]$ T+ E8 e( W$ p
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 n. v$ n5 p$ J, ?8 Q- j: ~: I
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]5 c n' K* p: V" S. e
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( K1 I, a5 M7 L$ \* g }8 `( w
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 b3 ~2 e% Z- {" c/ B: j2 w
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% ]8 p1 O4 ~' L) ]9 `3 J
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]+ Y5 l, b3 m: }( b8 f- Y$ i7 u2 X
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; e# O j' i, T8 V9 w9 e* H - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ P: y5 K! D$ X7 O; I4 j" ^8 ?" m9 u
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) d+ _9 W/ m( _$ ^, J4 j' \) s - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
. ^8 X" ?1 r4 S* r( F% F, c3 }. N! X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, \) M7 s& B$ a1 R# j - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
' J/ N7 i5 Q6 Y: D) X - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]" B& x: G6 h* }, A8 z; ]% L% D6 t9 c1 L
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! f m) v" y7 t+ |1 Y O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]/ ^& u1 A) S, A
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]8 q# s6 S5 b5 `8 w( A% t
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
0 Q3 v1 Q8 O, ^) v- v J L0 q - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
; }7 B/ ?4 w% `8 T2 o/ |) T - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
4 E9 `% i O: N3 g0 } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 J8 I$ e6 v1 [! T1 d8 u4 l$ } - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]+ ^# s! [: |( Q8 p$ d) s1 e1 R
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
4 v. v8 x" F& o# I# ~2 ` - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
G6 \4 W5 c4 S& M8 G - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]7 J2 T, v- D) f% P4 X3 G
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
, c, a+ y, e! O" V$ Y9 K0 U - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]: n7 V( z$ c" V. G
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 `" n, a# q" w( \: m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: P: y& K' v+ k3 F/ @
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
; W, Z* ]& W2 N2 G+ V - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]# D- W# m0 p0 _# C* k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* v% h. W" m$ L7 w$ e4 X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 P6 d. q6 H1 s' \8 u/ U' O
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
6 v2 M) B( b3 s3 O$ Z& k - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]+ f1 J+ _7 s( a9 \/ d
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]% v- p: o3 ^% c" ]8 E* z9 P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ O/ U l% u6 l% c! ~7 N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( @& l2 C4 o5 x9 f- r - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]# M- ]1 z. a; x- `4 w: U
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]2 D' g8 T, p, k7 f( o' g" n
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
* l$ {+ e% D8 [- f. O' ?5 q2 b - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
/ R/ G. I$ E% A% i i0 S - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 z% t- o0 q: V- W; w; \
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]1 _8 U0 l- x5 r0 k( k I
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& M* R; y A7 j2 h - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 [1 L2 O+ h4 P
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]5 _& t, o. v5 L0 b) ]$ R, H
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]- h+ |- b( i' |1 I/ @) h- U
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]+ k0 M* \( U2 \& N5 l
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
6 u" o7 A* c3 Y$ Y* x2 {7 }! U- [/ A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 o1 S, O, E. Q; k& p- Y
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]4 ]/ j/ s* W: U. F- _: i2 N, q; f
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
3 S v4 \, F7 `' y9 Y j4 t0 ~2 R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
/ w- A/ U- ]1 v& V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]1 V% S0 m2 `8 V5 q. G
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]+ ?" o" A3 o+ {# Z' L( c/ G
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
! C9 x% I7 q2 O9 i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
5 |! K: S$ k5 s5 A - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]. D+ o3 i( H& u
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
^6 d2 s# t: j7 p0 b' u. @ - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]+ f5 C4 G. e, m* p7 J# L2 B
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
5 Q+ J1 y- a' Q - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]) H [: F/ {5 K W$ Z- A: w$ r! K
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]( y6 m. T, O! \) G3 \& l
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
: I. z: R1 g6 W3 j7 P. O - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
$ e: t4 h) @, z7 g - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]9 S/ C4 X& ^* p& N' a3 \$ p* U8 T
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]. j% @% Q7 K& H! a2 H
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
8 j. W1 C1 c* p. h7 w% G - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]1 x! a3 q% {1 _" f
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 ^- n6 T6 X* |5 M" A8 \+ P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 N( j. X7 \" o$ Y& `+ c6 w$ n6 w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, N- g h; @# X" i1 ] - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]3 S3 ~8 {/ K! Y4 J2 Q
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]5 g" L# @* A1 m8 V) ^& o+ ]
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( d% J5 Z$ c. V; ^% @2 \; n - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]2 t b; L2 Q2 @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
h" Z$ b4 F {# O - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 J4 u3 q! P$ v$ d! o3 n! p; M - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]& h' ?& g8 k) a" F* a2 w+ b6 [: X+ f
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
2 {# Z: q- B+ C - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! ^3 q- C2 x) O- x! E) g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]% z# z0 C) |) B9 |6 O$ L
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, ?* d+ I4 m3 M) d; \: b A7 X - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]: m( n9 m% w$ |4 l+ R! X
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
3 B2 ^+ ?( s$ @" i - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
, y# o, [4 ?6 G% ] i - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]/ X' [/ f0 T2 q: m0 U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; ~! [/ d9 @3 [( N2 C* e3 D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% b c+ j9 A7 a: u: R - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]( H# \: R. d0 y' x7 k. E
- ==================================/ T% b W$ Y+ A) K( ^2 Q) c7 ?. i
- 文件关联* S2 G0 g, }6 K$ y v) V
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
2 k! z0 q) o. g; |$ I - .EXE OK. ["%1" %*]* g5 z! o' T. ?2 F1 S; \
- .COM OK. ["%1" %*]
/ l9 }8 l; Q8 u: g7 H - .PIF OK. ["%1" %*]0 Q% D" n' w5 V! h$ z
- .REG OK. [regedit.exe "%1"] p( ?. v/ l. q8 ~
- .BAT OK. ["%1" %*]$ R1 m3 f% ^3 A& _# j) P/ l2 @, H- |$ a
- .SCR OK. ["%1" /S], _, x0 O9 e u+ Q; X% G
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
, i8 I+ g3 B% B - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
- n0 h+ P: \; r& }/ `$ X - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]" k5 \9 A U+ Q8 [3 u
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
, ^1 a: T3 s: v+ M - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]! c S- m& X6 l
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]1 P0 `. x, n: g" p& ]/ u* c
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]) [1 o% S* ^, }9 P" @# f0 \8 k
- ==================================
/ f0 Y* U7 n' |, F - Winsock 提供者1 o' ?( m& h ?0 l$ g, C
- N/A- F6 r1 u) h3 a4 P& {) S% _+ @
- ==================================
; n; k1 J; |. A% C* @2 a1 q - Autorun.inf6 P [# n% {; C- ^. r; F2 B; |& ?+ s
- N/A
, Z( }. }6 w6 W& c6 c) o - ==================================
( [0 B, k8 R! f t - HOSTS 文件- U) @% u3 P" j. u9 {' d
- N/A0 ]1 X9 `; e$ w4 N, d9 S
- ==================================# `1 y1 n) J) [2 p* ]" W
- 进程特权扫描" a) i- s+ A$ X+ b
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]$ |- C8 m, n# v, [
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]* s/ L7 q3 V* e F# ?- ]/ I
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]$ O; y0 ?7 |2 X2 ]! ~: m
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]" W2 c. q D8 a+ S1 D
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]5 ]+ X# S ?0 l0 r' S
- ==================================
- W( {2 J7 Q; G, ~" N' I5 O- V - API HOOK
9 ]4 P5 [' t' p. ?- z. x - N/A
- v+ D" D/ O/ F' y - ==================================
0 A( ?! j% k* `/ g( ~2 }/ v - 隐藏进程1 ]- E# {; t8 u- N2 ^
- N/A; \5 h7 S5 k. D. O$ ?
- ==================================# }1 k! o- ~# [4 e0 v1 R L! O
* q+ x4 A, m3 y* |1 p
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
