|
|
- - Z1 ]9 @" Q; d$ y2 v! t8 H# p
- 2008-05-22,20:37:432 w: S) o- F- N; T0 M) x
- System Repair Engineer 2.5.16.900# _" L! P `/ I9 u' r2 D5 K" r
- Smallfrogs (http://www.KZTechs.com)
; F# F% k3 |1 ~2 o! g - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能: ]& m: H" y6 f3 ~! t8 ?6 v+ X8 r
- 以下内容被选中:
7 ~% g. P# y$ w m' s6 H& o5 [8 ] - 所有的启动项目(包括注册表、启动文件夹、服务等)
# h- D$ |5 H, {. p- [ - 浏览器加载项& e0 @3 V8 g( m! u; y+ x
- 正在运行的进程(包括进程模块信息)* t0 A$ a: w$ J5 x# U
- 文件关联
; [ F/ ^$ f y% c - Winsock 提供者( D4 b) Q- A4 s f$ ] R+ J
- Autorun.inf2 P; F' ]. {; i0 o3 J
- HOSTS 文件& Q$ _. ~- S$ \! s* H! _
- 进程特权扫描' j- c3 I5 s$ t3 I: L0 y
- . b H/ S$ j6 j
- 启动项目! I" }6 E' }; {' s) j1 F6 ^( A
- 注册表
6 _+ ^# O6 V( ?2 g3 e9 M - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]5 b) u) d2 W; r$ C
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
% g3 b+ c- @6 c: U7 @ - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]) A) ^( U# g D1 h3 T# a
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]- v, N* H. `4 ]$ E M
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]7 b7 J% F1 k7 ]
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]6 ^+ u( `5 T5 e+ ?" v5 O
- <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
/ e) ?1 X5 N+ b' C6 \" e @5 u - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
9 |8 S+ A! y* p - <PHIME2002A><; > [N/A]9 q* q; f3 F5 a c
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]# o+ F; B+ b+ V' T% S
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]: t$ R" i* w' M, ^! P( a
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
" M/ D7 \4 i# m. J3 K% f4 k* v - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher] v4 Q0 e. ]) }
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]9 o) ~ @" R0 U& W/ J. p
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
+ @' K# V: \# U" A; F - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]# _0 h/ I# |$ q3 u o g1 W
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]( X: z8 j3 u# e, S" }
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]8 _! }' y6 _& Q4 q4 j
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]* a9 k& a# h* q# H p0 G5 q1 }
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
4 y- t, `# K% _ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]: ~6 ~. I/ y- u4 ^
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
/ n2 l9 X }. L- {, m# e% u - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
+ p5 H H& `* e6 T' S$ p N - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
7 q( S+ t% d* v6 ^# n, C+ @ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
) O" B4 m2 p' p) ?/ U+ A) J - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
( Y# m' _0 N% M ] - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
, E1 f! g# D) J5 T - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]% b% F- y+ ~; t! m3 O4 w
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
. M* ?% X6 W _ - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]; Y2 B; a! m/ z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
% L! O& x( _ \# u( S- t - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]7 X) q8 E0 e- m1 t* }
- ==================================& Z5 v' ^9 T% T1 y
- 启动文件夹0 E( n9 k# b7 t0 I! Z7 |" d7 k1 b/ D
- N/A: K. ^' h( t7 Q% z) A* w2 }- i7 v
- ==================================
& \5 |- P. U1 R+ N6 l" }, ^ - 服务5 E4 C- ~# @& v: t8 E& H c- |+ ]
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]1 ^0 ^! r* Z" q+ h- g+ s' O6 f# ^/ _
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
9 i1 @9 h, _# N) h - [Google Updater Service / gusvc][Stopped/Manual Start]
: ?, _) A P1 K0 M4 d/ T5 A/ _ - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>( B& I1 ]. `3 o( @. Y$ l
- [Help and Support / helpsvc][Stopped/Disabled]0 O/ V, f2 P) G) Z; k" |
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
& u' I5 r* @9 O' N% @/ ~' N - [Human Interface Device Access / HidServ][Stopped/Boot Start]6 c1 q0 x8 Z6 T/ q
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
- ^1 j3 H* X8 K x- J. n - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
' g S- e) Y3 j( g' A( J - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
0 m \& l2 E6 F8 g9 C - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
; H; z0 z9 ~( }7 a. X& o2 C Q - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>9 F! s8 Q2 F4 H. V1 `4 d$ f
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
7 x* V* U) V. H$ D$ l* @) b* q! A; @+ z - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
0 l7 y% n; F/ w6 d# f - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]- n7 y) G/ h- B- K* `
- <><N/A>4 x# B1 V* u7 d# x6 O
- [Qvod Terminal / Qvod Terminal][Running/Auto Start] f9 K! o- T1 c h' {5 z
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>0 N, C. G4 d% z! P; I
- ==================================
! O/ y5 T B" e. T - 驱动程序1 N) q9 @- L L0 ]" N- Y- M! @# o$ K4 x" \
- [22j / 22jn][Stopped/Boot Start]
; e* w' S) w2 K" B' K# p - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
3 w; R) U/ {* q+ a( W - [360AntiArp / 360AntiArp][Running/System Start]' E5 v9 I0 a) X* [
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
& n% P. S8 }& _( d, y& D: C: h - [43ec / 43ecu][Stopped/Boot Start]
) c9 S& t4 `- f4 }" G* e0 u& T( a2 i4 m - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
* w) V. q$ c5 G9 ^+ V' Y$ u - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
% X. j7 B$ H! ~( U" y, U# c - <system32\drivers\ac97intc.sys><Intel Corporation>
; n: z0 y& h. P9 X6 A* C - [Promise driver accelerator / bb-run][Running/Boot Start]( V9 ?$ l% w( M* w+ o
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
$ q" c; L0 F0 z- c - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]7 e' A& N e% A! ^: T7 p( U6 E
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
8 i8 p# ~8 |0 d0 h - [KAVBase / KAVBase][Running/Auto Start]: S- n: Y6 T& N* B9 A; f. S& _) G) j
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
6 s# A! P5 u7 y6 y. {* ^3 H, } - [KAVBootC / KAVBootC][Running/Boot Start]
( P7 o6 t( |6 g g$ ]4 C - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
* s3 V8 e7 \8 V8 f9 @; c* w; V" k - [KAVSafe / KAVSafe][Running/Auto Start]
- W9 F& r8 V# {2 W& L - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation># ?6 V! S+ p/ R# [/ R+ G7 I0 u3 [
- [KNetWch / KNetWch][Running/System Start]7 O" C2 @7 C( I+ r# L& h
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>5 k/ w: [0 w1 A
- [KWatch3 / KWatch3][Running/Auto Start]4 l( |5 ]* i0 h& K
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>$ D( e* [5 \* A
- [ntptdb / ntptdb][Stopped/Auto Start]" o& @! C& P$ O7 b- f$ s
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
! S. x& \ P& c, n8 s9 k- e! H - [nv / nv][Running/Manual Start]
) D/ v2 ]0 S2 x" {3 Z, k" K - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
* n( Q6 x" w$ X5 q - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
6 x# Q# f: ~# E7 B, m6 L - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
5 ~) Z% D2 j9 B+ K9 r" L2 Y: W4 [' H - [DDK PACKET Protocol / Packet][Running/Manual Start]
+ x" M ^3 Q4 `+ Q - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
, B1 x1 w' u! Q( W2 k - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]( l& ]7 Y, P1 ^$ P: _) s: m
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
7 s ^8 a0 y9 u- t - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]4 G8 l6 k" q/ L5 P9 \
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>8 V0 e; B6 c% M# L) z* {2 [; I
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
/ }0 d2 T, ]& p; v6 N9 F" n i - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>6 x4 Z( B, L- m2 _9 t$ E
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]/ |) H- T. m8 ?+ @) F& X/ ]
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
" i3 b5 C1 l! q3 y B - [SafeBoxKrnl / SafeBoxKrnl][Running/System Start], b9 ?5 G' r9 v- Z' m4 G8 f
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>9 `8 P: @0 V8 N
- [Secdrv / Secdrv][Stopped/Manual Start]1 |+ N! o0 R: g [2 ?. O: k. K' _9 l
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>) K2 g* m; ^! `# L$ q, A3 q) \ [3 ^' E
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
& `4 ^. b8 F: P+ X - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>$ w& X1 `7 W9 w* g
- [System Restore Filter Driver / sr][Stopped/Disabled]
% g! [( z. y9 s - <system32\DRIVERS\sr.sys><N/A>
, F# N; Q3 C2 p% f* g D - [TesSafe / TesSafe][Stopped/Manual Start] k' i" d& P$ {
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
d( V* v, i; {1 O - [System Services / unzxzsrs][Stopped/Boot Start]
2 [3 d9 E4 d( u- r2 u" [! J - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>* X c1 G/ [$ l* \2 C& V! U. ?( i) g
- [ViBus / ViBus][Stopped/Boot Start]
4 _. D% Y% Q2 w - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
" a' ~8 }$ N" p, f8 f0 q5 V8 n - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]$ [& J, c6 L$ U- S# C% O; s
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
. Q! i) A/ M* K$ ?9 J3 K - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]2 i6 r2 @. U8 ?3 \
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
9 k8 B* U* X# @8 } - [ATI Extend / zhibmaso][Stopped/Boot Start] e$ w( W/ \; \9 v
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
1 m% {, j9 g. g+ S3 |1 |5 \; H6 | - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]) e( l1 ~8 }4 a# w6 g9 X9 t
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation> F- e8 n+ J) a2 t: a$ R
- ==================================- t( ? ^9 P) p0 c5 J. n, B8 P
- 浏览器加载项
& r% B( {9 j# a$ ] - [Google Toolbar Helper]
/ |$ _. G1 E) ^$ y7 \- G& F - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>( v" l2 P6 ^& r" p$ t8 D5 u' }
- [Google Toolbar Notifier BHO]& `- o- u1 }% i
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>: V0 O! \- W7 n+ w v
- [SafeMon Class]
# J) F( Q6 J% h( N" p - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>" X8 B0 ?6 ^+ Y. n+ J
- [kingsoft browser shield], l ^1 Z; D% j$ x' E6 L
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
/ Y8 f* g; ^& V$ q) h8 A& q - [IEBuddyExtControl Class], d4 w1 r! n& M8 J( s
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
; N+ ^/ J0 o3 Q) B+ u/ P - [Zcom 杂志]4 v9 x0 q& t$ H# o2 _9 e9 o
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
- l) T9 p2 g- D* ^# x) n+ k - [&Google]
) Y6 p2 A6 n2 e7 r" h$ A - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>4 L, n, I* [& m6 d8 X8 \% B
- [KooPlayer Control]4 j- y. c: V" p! X$ ]1 I$ b
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>' l7 v5 V3 q+ V& F- Q( |
- [Shockwave Flash Object]
7 I6 @3 ~) r; t2 b2 o - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
b% y3 ?: |) i - [KUpdateObj2 Class]1 ]) a5 ]3 t2 A& u
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>% o( T) b- \7 q: u
- [Google Script Object]
1 {0 }; U2 I* d i - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
. O" I# q2 c$ y' P - [EWA Control]
& u; ~; w: a' J X6 c - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>, Z" U* K9 T' h8 N- C, V* w7 @# ~3 o
- [Windows Media Player]- w. c/ q# @0 w* A6 b3 x* @8 ^
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
, h8 g0 `3 k" p6 ?6 C - [&Google]
% e0 @4 w- H3 h. w: z& ~ - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
5 N ~9 I9 H4 E3 o$ H& E: O' y - [HTML Document]2 M1 ~. T, m; s3 r: U, N' v
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
* k6 t0 H) c6 g) c* K/ ]. W - [DHTML Edit Control Safe for Scripting for IE5]$ e; u: l! e8 {2 h& a0 \! B
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
9 u" Y5 W8 H1 d3 ?" C% l* d6 f0 }; v - [RealPlayer RAM Download Handler]& f- [( B E- @6 x( B
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>3 J, G6 F9 |+ M# G! C2 p
- [IEBuddyExtControl Class]
! J9 B9 L9 @& Y4 D/ t, O - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
+ E7 Y3 q& i. ` C - [XML Document] H5 J( K+ t7 d
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
: @" I0 H6 t; d, z- |$ b0 W - [HHCtrl Object]
0 V# R$ I7 S, t - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>) J9 b3 z8 }8 \+ A
- [Windows Media Player]
! q/ _: A9 a$ k3 F0 e - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
0 G, z# ` J5 }7 t& l- c0 P' G - [Active Desktop Mover]9 A2 c8 f6 Q* s, {% x1 t( f
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>7 T# }' s6 ?% ^5 W( k. K
- [360SafeLive]. g$ ?& z# @0 R% P; w/ f
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
0 J* w% q8 G& q! Q1 J4 s* z9 ?; o - [Microsoft Web 浏览器]2 c: W& [( G+ N b, m0 F/ Q
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
& v: S/ D2 @( f" S6 I0 U0 V: C) x5 ` - [Browser Enhanced Objects]
+ u, {" T8 V+ S! k - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
4 A! G( a% t$ ]! l Z - [Google Toolbar Helper]
) R# M/ y0 d+ I' J - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
; g# T2 D# v# l: ~% ^% o. z - [Microsoft Scriptlet Component]
/ T P ]3 z5 s7 x! p; W - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>, J; _9 ~6 x/ H M
- [Google Toolbar Notifier BHO]5 j( ]! |, P j! D. p
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
' i% c r) D+ @% y! d& ^ - [SearchAssistantOC]
: a+ Q8 p. J3 k3 ]: t7 M - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
; }+ E# K" |6 H9 O# f: i( B - [SafeMon Class]
, x* ~, u3 J& y9 i$ ~ l - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
. ?5 r' U y# k: ] - [RDS.DataSpace]3 q) R4 g' k4 Y3 O4 `4 F$ J
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>( a9 m; J4 n* r6 U( u+ s- O# w- j
- [KooPlayer Control]
$ _3 M" b& B) \ - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>6 y* B6 A! V' T V2 n n' {( R( {
- [AUDIO__MID Moniker Class]! \( s2 O; {2 t: U4 o. o- u
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>' B2 o. l t+ q( v4 ~
- [AUDIO__MP3 Moniker Class]
9 t; {8 k7 ?0 _; x" D7 @. e- A$ U - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>! J$ [+ q; J9 \
- [AUDIO__X_MS_WMA Moniker Class]/ _1 A; U' W- B! L6 P
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
+ I* R' m8 c, S: v7 B - [VIDEO__X_MS_WMV Moniker Class]; U- l5 ]3 P& v! U1 y$ x, U
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
" r6 k0 v" O0 `! Z" W - [RealPlayer G2 Control]" ^/ X+ t: ^. J- d; a, r; [
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
' _! k+ Q' d( {( N& J - [Shockwave Flash Object]$ L F8 o6 \& t4 F& S* N1 |
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
/ w: {- i$ R0 d& e! R/ e - [KUpdateObj2 Class]9 `& z9 u4 S4 ~ P% Y) k
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
; [5 E: J4 u. N# c7 P - [kingsoft browser shield]4 D- \2 l" l0 B; s9 J! b1 e
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
$ b' a/ [6 b5 O& d' \# J( A! b - [PasswordEditCtrl Class]
, S5 s8 i0 y# a; v - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
) L! d0 i3 M3 O3 E9 t1 p - [QvodCtrl Class]
, Q, k' f4 D8 b' ^* g; P% w - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
$ w7 S; }- V: l; Z( u - [&使用超级旋风下载]
/ B- A+ p6 B* `# o+ B# {# G# l - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
# k/ S9 |) E1 D - [&使用超级旋风下载全部链接]
/ U4 H6 C3 U# f9 q' l; x) H - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>& p4 ^ E C* \ M% E
- [使用迅雷下载]
- u& n2 S" i$ o4 I9 I7 U - <, N/A>7 |4 d- C$ D6 }+ E
- [使用迅雷下载全部链接]2 d+ w3 a& X+ J* v0 `* o
- <, N/A>
* M5 u4 l+ s) Z, a9 J) L - [导出到 Microsoft Office Excel(&X)]) l" \7 i0 V7 X& k
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>: L) `: G; `- B) a3 t
- [添加到QQ表情]: P! `9 p( S% f* |' Z9 P6 r
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>8 m1 g# q+ x% j: x+ z+ K, k
- ==================================1 Q& J9 K5 T! l8 ~; M+ `
- 正在运行的进程. v3 C: l2 K. P" O; ~0 {- _
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# ]& V$ M0 v/ r& B" P6 F0 f2 C( F4 F - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ X$ I: t+ B9 P" t5 w4 v( u" N( Q - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 a: \& `8 X# w, N+ E, P, e* |
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
( I+ M) W' K& U" W; l8 \. I - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' |; W Q# \/ O: G0 e - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! s' O. x* V0 e o
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# g" e' S& M1 C; d4 s. } - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 S( b/ Z m5 U! i0 e
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# d! w& E2 L& _2 B4 R - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 l) m w: P1 f/ X8 V; P8 A; |
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 h# l' X j. l( p4 c - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]6 {2 k+ t" |; q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, z8 o) ?% ~. M! A% g! ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 k; J( A0 _- y5 W- O$ M5 q. Z
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
& H4 Z, K2 u; y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 P& f2 Y! l# K P! U5 H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
- a, w& V! b" D" N3 z' ^: `& q7 R. e2 m - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]8 Q% j/ G6 h. F. L* a: I
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]( b" v6 f+ |) n$ _
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
6 v3 t: F! Y, |) C3 p$ s6 W - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
0 g3 t0 O) V; Q- ^( ? h' S - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 L* n: u$ L2 ^1 @ z
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]1 K$ Z5 u$ S ?( l5 I" x4 z, e9 k1 H
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]; e$ C$ |5 i" v3 _
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]( b0 L( \, U8 `9 s7 c
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]( X, o7 B% f4 B5 l- o& ~
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
. S9 U3 B. D0 R& E2 P - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
" o3 b9 M+ P$ X8 o% O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
2 k- z( j& F3 o% Y4 n5 h- M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]) ~- D- L1 K7 I' u. Q# W2 Q, ?
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 k. M" N: |8 ^1 T4 \
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 X7 M) D, v3 z0 |' ~% Y( ?: U - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 w3 C- Q7 I8 ]" A4 }4 T9 Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
- H5 R- f4 l8 _2 ~0 k. u - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 a! c' I5 A# C# ~" t - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
2 R2 q6 J, }% ? - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
H+ ^$ f1 P4 r& P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]4 \: K0 V4 M6 z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]& V. W! k( a+ Q, h) e
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]7 [. Q: U6 K' Y! d1 b
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]5 H4 @* q$ k9 A' G8 x" J
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]# l; Y/ W8 N9 K- W: o9 X
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]* H2 v9 R) p6 B7 U2 p7 X2 Y9 P
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% q1 o8 z' x% y% k: m - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
5 m ^! k2 M5 W8 C& L; x' { - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ v4 X: T) G' Q$ E* H- g$ A - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 k3 {" \& N* P/ B8 h, h
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]' G( m( c3 m3 G# C1 m! V; M
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
' w. A0 A0 ?: O; L1 O7 g- ~ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ |. X% Y, x' F9 h T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" Z. R2 z3 O7 B$ d) s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
# N- x7 ^2 M. o3 f - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]% c) \: u) y2 ]
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
4 q4 {' j1 | r$ v) C5 K - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
; a0 W& h9 I* B/ B - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2] a( a* A5 I% V Q5 B' d4 s
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
: w9 u+ T$ x# p( N$ i2 y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
8 S3 ^; {, G I( g& Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]# n# v3 u( j4 {9 e4 |9 O
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
- J( |# r- S8 H+ K! Z% _- ` - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
- J* Y; Y) S6 J1 L) p - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1] A1 e- Y" ^" l4 G
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
5 E- h9 P; ]9 n& K' A' e1 Q - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
; ]. U4 d% I6 z" _3 h - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
/ V+ m5 F! W P% R - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
0 k1 o8 k7 w0 u2 v( Q' I+ b0 O - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
' p1 q) A; |) e1 k% T1 t7 R - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]# q/ f4 Z, [! V8 y p
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]/ O* J; O6 `# `6 m. h& O
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]: f% S' i: \; D. S1 D% D4 O- \
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]& h! W2 u0 x7 I' Q: N
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
$ n/ l* r, ~$ _6 m - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
6 r* c0 i: x- s( ]8 f! O+ @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
" Z2 B+ q/ V# {) |4 q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
4 _/ u3 M0 ^0 c* y1 c3 M+ t - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]4 A1 y1 |( F _" m. x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]1 Q2 d6 a2 F. |, X7 H, H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
) E, S9 X. X: r. A5 C3 S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ y4 s# N6 M) v0 e& C- r4 X
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
# P1 `+ @2 k+ G( l% s3 [. y - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
3 T8 r8 l7 m D6 [6 W, C - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]2 x( p5 E1 s9 [# F. N
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
% t" S$ ^9 @+ k- p7 S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) E$ w; d8 n4 Y4 v3 ~. `& p0 H# \. t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 a& a6 v/ W$ h - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]; d( I; P0 B+ g9 k( }: W( p
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]7 I- c1 `5 e' c
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 o* ]; l2 ~% g2 n. V# l% ~ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) u4 c' U4 K, I9 Y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! `$ w9 ^2 I# w$ z7 F* l - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% e9 m$ U1 W3 r1 M1 k - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
8 T* g- p; T8 R4 h/ {4 h$ r - ==================================& V( Q) w' I" @8 h1 n+ A; | P4 z
- 文件关联
* o5 n( ?4 V W& c - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
9 U# h+ V/ ?7 @, {8 i - .EXE OK. ["%1" %*]
3 f( [$ S! E3 ~ - .COM OK. ["%1" %*]" B8 W/ t) U( g/ p: Z' r+ I/ S
- .PIF OK. ["%1" %*]
1 \; [! @: r# S: }' @" b - .REG OK. [regedit.exe "%1"]/ w4 x& ?+ D4 v2 J4 ]
- .BAT OK. ["%1" %*]
. z }% n, k: s" {+ `: I3 x4 Y - .SCR OK. ["%1" /S]. g+ i; U. D: d) O, _ H
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
: \7 w- z4 s" L - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]( q- Y: u G$ D0 u. K/ j
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]! A6 y/ P7 a: m) L( J1 x- }
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
$ i. R* n& K7 b2 U; {( k - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
6 E h- Z1 K1 ]* D- c - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]: l: l1 M& U6 o3 s% t: w
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
2 W2 t9 J( D* J0 M* e5 n - ==================================
& @/ G) f2 C1 d" \0 q - Winsock 提供者
8 n$ ]" ]* |% t! Z. b - N/A
5 y9 z, m O1 } - ==================================
5 {4 N' Z8 Q; Z% ]& Z - Autorun.inf4 ?2 ?- i0 G8 y7 `* R1 S) p( P
- N/A! K1 D1 H5 U" J3 j8 t# m
- ==================================
% n) H4 T/ L1 A0 J8 g - HOSTS 文件
5 R4 r3 [7 g* N% g8 }* O9 J - N/A0 ~$ t, q: `; V( A
- ==================================
4 Y- }: _7 C N9 h% e" e5 l - 进程特权扫描. _# q, k5 |: Q* X3 L1 Q. P+ o
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]7 w+ H' F [) S9 i( d6 S8 }
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
9 ^5 i8 \* o# O. U$ ^4 |: m - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
$ R% L# Y. M% g9 r6 q - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE] I e8 D$ f' H! S' A0 T: S
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]' t" ?# c! w/ R* y
- ==================================9 c, p0 d- L5 v* x1 s% P& Y4 g
- API HOOK
5 i! t. H2 P/ s% A* @ E# h8 z! ^( ] - N/A
# ?9 J' K; W0 J( | - ==================================/ e3 Y v8 u7 b: n" p& k% L! ~
- 隐藏进程% a0 W+ {' Q+ D
- N/A
9 Z" R$ r( }4 J7 R6 H& y* n% t - ==================================1 t. e! |+ i# x# |
- r7 x: A6 }% a, L. Y9 F8 s- M9 I
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
