|
|
& ?" Y5 G5 D$ H7 l1 k- 2008-05-22,20:37:43* P+ n. M% x) I
- System Repair Engineer 2.5.16.900
2 r# ?* w' v q: n0 j - Smallfrogs (http://www.KZTechs.com)% @! }7 p$ W2 z' f: R
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能
: K; }' Y" z7 n: a - 以下内容被选中:9 u, [7 `' |( O2 ]1 H# i
- 所有的启动项目(包括注册表、启动文件夹、服务等); ^7 j3 l4 x, G" O3 \
- 浏览器加载项
4 e5 c' f; v6 W+ D - 正在运行的进程(包括进程模块信息)
: p: D( g0 Y- z0 O* q - 文件关联& Y- F7 H% m2 L+ p6 T& ^$ b. _
- Winsock 提供者
- \4 B) c9 e& A - Autorun.inf
) ~4 s: m" G3 t: \% k - HOSTS 文件4 ~; B5 m' c+ K5 X5 M: c( V
- 进程特权扫描7 s5 k6 E* }9 ^ l
- % ~5 P5 Y/ L# b `) k$ J0 v
- 启动项目
1 o" |: h( P/ b7 k; U$ B- B - 注册表: B; L+ z7 e% U" |& b0 C
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]3 y/ O: ~4 `, ~9 L
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]8 G- c& e6 |* O3 j; x
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]# N5 U3 ]6 Q# E' R9 C
- <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
& Q3 X9 s8 M; p9 U4 I2 t! x" @- Y - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
" j8 I d0 R8 o9 z& x, ?% S9 l - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
& e# z! O$ |. }* f# } - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
9 x5 M0 o" f* v2 }0 Q2 n - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
- O8 v" w1 F1 r+ Q - <PHIME2002A><; > [N/A]
% P) Q3 [% P A8 k" m% Z. o# L0 s1 m - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]: o- U! V) U: ^, j" ^$ p
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]1 t6 t7 S2 O7 k' h
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
3 }. v' X! c. P - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
1 J: S$ X5 r0 F" V# t1 o/ g - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
0 p1 B) X% \9 I - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]7 S4 C, x: p7 V6 ^; `
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]. U* d, }# H% K* ]! g6 D/ _
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
0 P. t' z0 j4 f6 _ - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]4 m9 h2 ]0 W a, G; V: ~. O0 F
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]& R/ D: Y: _6 X* w1 X& Z
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]* s y7 U: _5 H+ p* L
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
: A+ J8 _ `, o' x/ j - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]+ X( w6 K+ ]" o* h$ z/ ^
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
) ~" Q- Q$ f8 k7 M" Q - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]* U) ]' @ z; ]$ W* E" s9 \3 K
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
4 ~; x4 S& a4 M+ k. e& B - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]2 G8 C5 j/ d4 r: w. x
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
8 _. p7 n$ ~6 D' e! n - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
; F( o& U; H5 ]& M4 \ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
" P8 W7 C% F& R# u* c - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
: j. X5 U: g6 k% b# _ - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
7 j; Q3 z. x: E - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
! N! j( g% R" R$ V - ==================================" h; x! P, [8 j8 {
- 启动文件夹
9 M: \) n7 D) w9 G* A1 Z - N/A- u0 ?- J3 ?; B* _- Y
- ==================================: k( l. z; U J2 s8 ?. B1 u# r/ H
- 服务
5 u" p4 r- o' M, R4 a* ] - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]
) C; J& S4 S5 W/ ~4 o* q8 _. J - <C:\WINDOWS\System32\3wareSrv.exe><N/A>
: b; v* y# l# E* R M - [Google Updater Service / gusvc][Stopped/Manual Start]
& u! m7 X; |$ ^; q7 a9 q* N - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>" J' D! I0 \% |7 B! j5 B1 M: u
- [Help and Support / helpsvc][Stopped/Disabled]% ~ f9 q& S8 X1 c0 P! o8 D$ F# p0 ?
- <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>- W, Q& C8 h8 I6 i. c9 N& J& b. V
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
3 H M4 h0 @$ W+ a; q) ~ - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
7 B/ G9 Q+ w# `; L3 W3 O7 g+ s - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]- \# Q/ [* y0 A4 }$ [# t
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>6 K0 E8 w% s D: \6 R0 J
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]% V: X: `" z9 u7 o5 p# j9 V
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>8 p7 h' Q+ Y/ _/ b$ t
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
6 l7 X2 d6 T; l, i L4 U/ E' j - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
1 j7 W+ H: A1 r O9 K! F) B - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
# k) b( c7 R% @9 h0 |. Z1 J - <><N/A>
+ h, X. V0 e, J; ^: I2 s/ m - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
n, A& y9 I" | - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
! v; H' S( @* ]) O - ==================================/ x" o) E$ v, u
- 驱动程序( L5 C$ a! w+ O3 v& _
- [22j / 22jn][Stopped/Boot Start]- H+ @9 q# Y) _0 x% g
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
# S5 \- C$ y. t. A0 i4 u: x* D - [360AntiArp / 360AntiArp][Running/System Start]
+ ]* e& E* w- m4 r - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
$ j* O ]9 [; h+ j# P, `! x - [43ec / 43ecu][Stopped/Boot Start]. b& H' M6 g+ d0 l! V8 Y
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>) }; R$ `, \( d
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]4 I5 ]8 c y: t4 V! q* e: G
- <system32\drivers\ac97intc.sys><Intel Corporation>
5 Y# O7 G; q! A! F3 h5 U - [Promise driver accelerator / bb-run][Running/Boot Start]
9 D5 i6 q: j' O1 L! f# E/ N - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.> J, N! S; }# J! g' F, i l
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]
; ?" e( E: X6 V; V - <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>) g& g! K4 ^3 u# F/ ~$ g
- [KAVBase / KAVBase][Running/Auto Start]
# l+ o1 `! i& R9 U& E - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
F8 s1 o" z) J/ ] - [KAVBootC / KAVBootC][Running/Boot Start]
: |. u+ ?7 s* G& S - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>, F0 s. J9 `( N2 i
- [KAVSafe / KAVSafe][Running/Auto Start]
9 l9 \9 K( [ E- ?( f# }- N; X - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
* c% F7 C7 o# p# p - [KNetWch / KNetWch][Running/System Start]
5 v5 x9 Z7 v' ] - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
% u6 \* Q! C* v& g5 i0 Y - [KWatch3 / KWatch3][Running/Auto Start]
& J! T: [) D4 \$ W! Z3 Z - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>5 i' d; _0 ^: T k, T
- [ntptdb / ntptdb][Stopped/Auto Start]5 M/ ~8 O) U3 B. u% V
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
7 J! f$ Q; j4 C6 B% q - [nv / nv][Running/Manual Start]
9 B5 U- W9 B4 Z; [3 z - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>+ K+ @! u C6 M( C; l
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]1 T5 E: ^& i8 L$ J) A8 C3 J( i# R1 M8 Q
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
! @) P' |+ L% G; g2 \ - [DDK PACKET Protocol / Packet][Running/Manual Start]( K8 c* D" ^- B8 q D1 t- p
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>4 T1 P; Y+ Q, W5 N% V
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]1 D5 j- @ G/ M' E4 S5 b; K
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
' t' H3 l7 }$ ?7 m - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]" r& c6 ?$ C) d/ E# L' i; {. Y6 e
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>/ X7 _5 e; |+ J# p9 r4 L6 V* H
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
8 P5 |9 C3 U$ T/ C8 B; p# S - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
5 _* R9 j. z/ c - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
" a7 X* t" ^2 Z5 A - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>& M2 \3 L2 G7 H: b
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] q! B4 r7 y. g8 f9 b3 c* O2 a
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
0 j5 b$ ]; B4 N! X, U4 n3 T+ z7 l - [Secdrv / Secdrv][Stopped/Manual Start]
% {& l' ^4 i* h8 y5 ? - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
& _( V$ W% k3 N+ r1 U+ i( v" ^# x& C - [SATALink External Device Filter / SiRemFil][Running/Boot Start]4 f3 R# g* I5 n& z0 |
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
' s, Q$ g) m& R4 |7 Y - [System Restore Filter Driver / sr][Stopped/Disabled]( k$ c0 h2 }( m% ?
- <system32\DRIVERS\sr.sys><N/A>4 D1 `( {* v! Q, n
- [TesSafe / TesSafe][Stopped/Manual Start], {( K! {. \+ N% Z) \4 j0 Q+ z
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>. x& i/ o4 N8 h" v( G& n3 O
- [System Services / unzxzsrs][Stopped/Boot Start]; R# _4 |; l3 j7 Q* @
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>" p7 n s% P. H/ p/ j8 x+ X
- [ViBus / ViBus][Stopped/Boot Start]
7 m9 s! n" ^* l0 x2 b$ _$ } - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
) d7 Z% A) P& x0 c; V - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]" p. C3 s$ e9 j
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
5 I- K0 G, a. ?; g - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]' C: V: I$ i* M7 Q- I( C" Q0 F
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>; y, Z: `( ^- }7 D/ k- z
- [ATI Extend / zhibmaso][Stopped/Boot Start]! M# H& E) j1 M: q- D4 E( I! E: ]
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>0 }8 F/ c) D. r+ Z& Q5 S4 I; u
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]$ C* d8 l/ y: G# Q
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>+ r" A' G8 a$ ?% P/ ?
- ==================================% K; I" j: d* T; {( O6 W# e
- 浏览器加载项
' S2 u: m( J9 A4 F5 A) y5 h3 _) O - [Google Toolbar Helper]5 w# N E, a# F q! r3 q
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>0 X( m: N! E, i7 K1 O" y+ K q
- [Google Toolbar Notifier BHO]
9 c6 d' n5 c+ ?. b - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
" H6 _+ d& n) L) ^8 @+ Y - [SafeMon Class]6 e) p& R) z5 p: p" D$ C
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
+ Q/ C7 T7 S# y9 E2 z: w+ g - [kingsoft browser shield]
# f' p% F+ g& H# M - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
* p' E' r6 B9 L: g9 m0 d' Q - [IEBuddyExtControl Class]
" ?0 ]3 v' N% K) D - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>2 s" K& A6 A* o0 n: @" E. {
- [Zcom 杂志]
% o, i( q: _; W# j - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
& X! E7 \/ ]! T4 P; h9 m - [&Google]% I& p) L- X# f3 x
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>$ x( p( q" b: b; U
- [KooPlayer Control]: |( w" k5 z$ C/ L8 \
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
! l4 f; r6 v: f6 E( T! h: ~: F - [Shockwave Flash Object]
2 I/ }3 m! X6 Q; c4 B6 ` - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>0 S+ ?) p& J. O# A' _2 Y% T+ r
- [KUpdateObj2 Class]
+ C: c; K7 O. [7 p' U - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
# Y1 `( j, Q4 L/ p$ W6 B% G% S - [Google Script Object]
- L: n% j/ N* [( T$ x - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
) Z/ h8 C# ?( f" l1 p# i - [EWA Control]
/ n; ]3 \1 h% F3 p0 s7 Z - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
4 V4 q& G: F7 x$ u7 q8 r - [Windows Media Player]
( ~( V5 j; A k2 d- _ - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
* W9 ^0 {6 \8 X8 \- {! o - [&Google]# N8 e0 C' t+ h# J; @) P( M
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
7 s% T4 [9 p0 j2 G# G - [HTML Document]
" M4 J/ E& W( D8 i" H - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>; i9 n. C2 M) E4 o+ E& W
- [DHTML Edit Control Safe for Scripting for IE5]
; I5 |" H' E+ ?" v4 R7 n+ u - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>: F: e" A# q( K3 `0 h5 F
- [RealPlayer RAM Download Handler]; q [5 w4 b* J! W: h, V
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
/ G T( U, r+ H' _: ^2 k- f3 E - [IEBuddyExtControl Class]! Z9 @" |6 O8 I" Z9 a0 ]
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>3 f( ^ j0 O( `* r5 E
- [XML Document]4 J" ]5 }4 S$ v
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
2 I& a, x a/ a - [HHCtrl Object]
) p( H& h9 l, G2 K% ~4 k) Z4 j - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
( ^* e& }# t1 B" @ N# t - [Windows Media Player]0 p. J+ K5 t" J( C- i& t7 `
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, O2 Y8 Q1 [9 m - [Active Desktop Mover]; y# O) o# X, `$ W3 L
- {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>6 C ^ z& S: ~8 T# I) q
- [360SafeLive]
9 C; G. R. L0 {! S/ c6 Y) J% e6 W/ | - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
" i. n* W) C' p1 i$ d - [Microsoft Web 浏览器]
% @" q! d9 w- b7 z1 \2 Q3 k, O - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
/ d6 h$ \$ ~) y: M- l: M - [Browser Enhanced Objects]
6 x# ?0 t: [ x7 o - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>6 Y4 ]; S8 x. f( w( @3 m4 ^! m
- [Google Toolbar Helper]
5 A9 n" b# g# I# ^4 f7 u% Z5 B - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>- @: z! B% P" K. W( N w
- [Microsoft Scriptlet Component]
* u' y" M, C# G9 Z5 H - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>3 d2 j% d/ X8 h& s; e1 M. R9 l
- [Google Toolbar Notifier BHO]2 [3 h) c; s% ]: P9 n
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
: N2 N0 V. L4 k6 ]5 C4 ` - [SearchAssistantOC]
) T( R5 R4 a" y6 V# i+ \4 T - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
7 W @& m u# \4 Y/ {5 J d/ o. z - [SafeMon Class]+ G. x0 ?1 p) Z
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>9 H" p$ Y- @* F6 e- N/ k9 c9 d
- [RDS.DataSpace]$ w5 R _ E8 g* B/ U9 c8 K8 E5 b
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation># Y1 k1 O& u5 N8 m
- [KooPlayer Control]
% W3 e0 ^0 X1 i" x8 h K1 W, r5 ? - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
- K) B' o, U5 n; J: \ - [AUDIO__MID Moniker Class]1 d; P! T# F1 \7 @9 X
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>0 [# @' h3 x5 z" ]" I' V }
- [AUDIO__MP3 Moniker Class]6 }' ~- j8 t/ p9 H) j
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
! H" z& S1 Z" X+ l# A9 [ - [AUDIO__X_MS_WMA Moniker Class]: w" F, ~; F* m1 A1 k9 A+ d: |4 D6 `- O
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
/ }; C; V T' c) ] - [VIDEO__X_MS_WMV Moniker Class]1 T3 d8 x0 [+ b( j3 W' R
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>+ p+ Q& @$ M/ |$ d s* F
- [RealPlayer G2 Control]
# s: J1 ?( ?& A% F# P. b - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
# X/ x( a; h7 m: j- O' g }5 q - [Shockwave Flash Object]8 [, Y' ]& J1 t! I8 j m
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
& w: w2 c# S5 V - [KUpdateObj2 Class] U# c) D. V* l) k
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
; z1 Y0 u% m8 j$ v - [kingsoft browser shield]6 k/ U% r$ M, R0 G$ w5 {3 {2 M
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation># u) E) _( U: k% A
- [PasswordEditCtrl Class]
. t; w! l1 T8 G# @5 B. Z, R - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>0 [ d O" r' x6 _; c7 m4 m
- [QvodCtrl Class]
4 i4 E2 O9 d# l! j - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
3 n% ^- ^ B( b% {: c - [&使用超级旋风下载]
; J9 U" f. X) J6 m7 V! j3 B - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
# B* z3 `* f: k- S8 ] - [&使用超级旋风下载全部链接]
- ~# d9 J6 i1 l1 Q - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>* q3 L- ~5 m: F9 @$ V- B% X
- [使用迅雷下载]1 Z3 f2 `8 B- ~5 z' [+ `6 E) E, v, Y
- <, N/A>( N4 G* u. r# N* P$ u8 n+ l: T
- [使用迅雷下载全部链接]
6 A/ @ Q' @) }5 S( H# e! v - <, N/A>
* }+ E) Z: C; s* u4 o1 c$ O - [导出到 Microsoft Office Excel(&X)]
2 ^. k. r |6 A+ L' ~) t6 b - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
2 `5 i( b: R. |# c4 R- \, _ - [添加到QQ表情]
2 f+ d0 y [* _( N - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>0 w( H4 g( Z$ z5 a3 D2 B
- ==================================
4 @4 H+ l5 `+ F* }3 V- Y - 正在运行的进程7 M, f; X0 ^. k! @
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! G0 y" e6 A/ |& r
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 b: a' d7 u' |8 ~: T6 F, B
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]' P" A4 G2 Z3 f& y( w, Q/ Z
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]! } ~+ Y: e& E
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 }: w% X r* ~- b3 y
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) P4 P; U! Q4 j! R4 }) B6 i# E; R! \
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
& h# g7 W& ~& w# t6 ] - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: V O( m* l9 _" J
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]; ~, I7 W/ l5 A5 K7 w! u
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
; h* Z g5 Z* m8 X - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% n4 j7 g. ?, c# q - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]9 j ~) y6 f8 g# \% z& }$ d3 Y5 o
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]1 d" }/ r. W a% q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( b9 B# g: Y' g9 G. F - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
- j1 ]" v/ |" n" j+ a# Z2 t - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% D4 q6 n9 P+ W$ r3 X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]' `1 [! ]/ @% c
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]* p, {; u# q& o- p
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]9 \4 a2 y- r2 T# N% K9 w' T$ F
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]) a& t" u# u" j4 k" v2 B
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9] b& \$ j" @3 _( E: q
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
: h' i% p3 Y4 ?# z+ L* b* n - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]. f; w s4 h# ~% M1 N; f+ z" H) |
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
0 @. O( T& k" v, t* g, U - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
% U, ?, m! k$ G6 }4 N5 s - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]1 Q- j }; |2 x3 j) m4 s# S. V
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]6 ~4 W7 y2 o# @2 S' |2 \
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 w. Q9 o$ [, \, Z& ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; J' A, h* \. ~4 ?9 k5 U. a
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ g& ~. Y1 T+ ?- _4 }5 ^6 Q - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 y4 T' p1 I4 {/ q% O. }3 k
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
) }, y- X1 l8 Y% C2 Y( c1 Y - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: z4 f# @* m: a# b. z# O - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]6 y2 F* v8 b4 p$ O
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 |$ z$ u+ L* B3 ]
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]/ w) B [2 X' i. b0 S; @6 U
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]* E# C* S& w# ~+ H1 o6 Q& J+ k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 X, E6 J' j( R- H4 W! N/ l* q; c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! l5 ?: H6 b9 p7 j7 S5 n - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]
: f: t4 O F ~# \ - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]1 J7 ~3 D2 z% P* C
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) W9 p) v1 e1 P1 y1 q0 e! D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ m0 Z0 \, V4 J, u! C1 C1 K1 J1 X
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 B' X2 p5 ^/ c# w# D: F g
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]4 F% P9 m" v: e1 R0 Q7 F) |9 c' r# h4 d
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' V- b9 H& |, g! [ - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 ?& g5 z2 X7 \/ z1 N k - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
. v3 O0 r: n" M - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
0 D/ {# v4 i# C8 | - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
0 }* w. u9 X+ _5 R0 E* ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
+ E a4 d* P( P5 F$ Q& G - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% W4 ` P3 c- P
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
* i; N& j" @) q# y1 F - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
5 X' t% Y4 T! X* t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2], m% _ @* `; g/ H+ N- t3 q. J, t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
9 _5 R5 R9 M4 N p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]9 d G6 Q3 Z0 Z6 }
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]8 Q5 S F7 c$ O. l( G7 H$ j- l; h" I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]& @& Y* z3 q5 _7 ^, m+ x r! F
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
( m- {9 z6 ]: X7 g" \ - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
1 Q7 p( r6 p3 S; D+ E. s - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1] G$ Y- U3 z* r9 o
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
8 ]: S/ e* K) r6 N1 u( z - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]3 Q- [6 R/ ]0 r/ `+ s3 a/ M9 s
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]2 d* `' r( g$ K6 M1 t
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
, K% H6 v2 J9 b/ ]: ^' ` - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]& z9 t; i7 D; B& R2 t; v& A2 b
- [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
2 d0 c; h9 u3 u9 A% K( u1 e - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]9 u* {6 v! F+ ^$ H3 ^% A! d
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* T9 @2 T! ?' ]$ u3 Q/ q - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
- U! v0 `3 s2 l& ~) f9 g B - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]0 m9 T3 @. Y- V+ O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
7 ~" r, d* ^$ w1 e/ K) P; L/ W% Q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
9 c9 j5 A) @$ } - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
8 d7 u& e4 `( l - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]4 Q! F3 p; h2 |% e$ D
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]$ J8 w! t0 ?& h& f. w" w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]5 S r! H& I+ |# M' B# A
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
( l9 g* b" H, D - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
+ m3 X/ j6 C) T4 G/ t7 M1 G - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]! J9 Y7 F* |+ k8 A0 Y9 O: o* H7 e( y
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]0 H$ K% O l% |! T3 g# k* e
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 b; n- ]; V& G+ V
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 F/ t$ p2 J9 P9 A+ \/ G a( ` - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
; D- l0 ?$ D9 n' j9 F - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 t. f3 w' z& M( B - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] l7 m+ H( K( [% c' ] d5 ~
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]' d; ~6 f! _0 r7 r! j
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( m% u! I0 @$ B+ Z) h6 m* A - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 G0 r- y, l- r+ {4 Y6 x0 x - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
2 q" @) S, }- u# V$ ?4 W p - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]/ }+ n- Y2 y+ O" y3 d1 f$ g6 f
- ==================================
+ t3 A. G, v3 Z) u0 Z - 文件关联6 U% W( T5 E1 [& D' ]
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]: ?! d& _5 s! r$ u1 W7 @
- .EXE OK. ["%1" %*]
e9 K R9 G& k6 l+ ?; I9 k% `1 P - .COM OK. ["%1" %*]: |) F( E" v1 d$ \2 K
- .PIF OK. ["%1" %*]
4 d" S) x" O/ \0 g - .REG OK. [regedit.exe "%1"]
( V/ M, b, _7 ]) j$ P' i - .BAT OK. ["%1" %*]3 Q0 V5 I) J8 ~2 P
- .SCR OK. ["%1" /S]7 k. x. W7 v3 G* h, t. F
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]' W( G- p. X* G
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]' u7 z' m& X3 t% q# K9 E! {& N ]
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
4 N4 t$ O/ J4 `1 P, X2 k+ R, Y# I - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
. V3 P3 r- Z5 ~ - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
* @: k! I5 U6 x$ p - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]3 Y; q8 y% ?8 k; J
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]' e2 P& v7 ^7 q# o9 f( [% f
- ==================================1 _) o& \( @* y5 w5 u' c
- Winsock 提供者
8 {, A, F( Q- d* D7 a. s - N/A! D. }+ ^7 W$ R& i$ O# u4 B
- ==================================
3 k- U! A2 ?$ I' q- _. D: U9 O3 F4 K ^ - Autorun.inf+ D4 Z% ], Q# B! C! k; R# B
- N/A# P$ _- M2 m# r$ R! D2 B
- ==================================7 u2 t+ K# u) [1 J9 q$ L
- HOSTS 文件
6 e+ b1 I0 B3 [2 D+ `) J9 L! a - N/A
; a& X( c- g' N2 S/ X/ Z5 q - ================================== Y9 t5 \& V# e- o
- 进程特权扫描9 e- R2 N8 U y/ ^$ x k" ~3 o
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
9 c8 H& y3 M( t, J - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
5 b7 f. l9 h5 X! q; c% d( y - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]# D# {' I" X2 X
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]$ v9 G( m3 a( X- i
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE], v" f& B( R2 ^4 f8 o2 A
- ==================================9 Y: j3 A; i# _" h
- API HOOK: W9 w! I5 X0 V
- N/A
' g, N. n; o8 d" c, s) o0 ] - ==================================6 ^6 q: x0 j& t
- 隐藏进程
& x; z" z9 O1 }4 ~) k H: M - N/A$ c4 }$ Z F& R
- ==================================
; U1 T8 z1 Y6 |1 e
8 G; B8 M( h/ ~, j8 A& n0 v
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
