|
|
, B: P2 X" x& c8 z4 Q- Y% h5 x0 ^ W) g- 2008-05-22,20:37:43) m F% C7 v2 j3 A1 F( e
- System Repair Engineer 2.5.16.900
2 `- y7 ~: o( A - Smallfrogs (http://www.KZTechs.com)
" _! _; N% T, O - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能4 d- G" x. s9 ^# A% Q# |- _6 I
- 以下内容被选中:
& e5 y$ u! ]4 ] - 所有的启动项目(包括注册表、启动文件夹、服务等)
# e; e4 y% {" V - 浏览器加载项* q/ ~3 l) j& a5 n) V
- 正在运行的进程(包括进程模块信息)# h O" P# x# O+ n: U9 g5 U
- 文件关联/ e A+ J# B7 b
- Winsock 提供者2 D3 T% ?6 n1 X0 ?, W/ y j. X
- Autorun.inf
' s" w' p s# d: G5 Q2 | - HOSTS 文件
& @% A1 b' d* {0 K1 ]$ B- R2 G3 X - 进程特权扫描) D. w7 Y, q0 E m- l' Y
- @* X( a! l( V7 Z' V2 N1 m
- 启动项目
1 J7 M" r; y9 C+ [- @, K - 注册表( T% _" r- i/ V, C$ j6 h' l( X6 N
- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]3 u, N& W* L' E$ s% W
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
+ Q0 T, F* J3 ^) M( a - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
# T# @$ J& F7 B- M$ e6 r6 J# t - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]4 Q- ~5 c! r3 `7 X& t" n
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
9 N, N F' ?+ P6 n: z - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
I0 ]! k* v: J- R% l$ m - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
& Y7 H0 u* y9 t3 V9 _6 d+ O5 I* D - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
! D& Q. P7 y7 ]5 O# P3 \# Q# d - <PHIME2002A><; > [N/A]
; p) D6 |4 y4 [- \/ C. ^ - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
0 ]% I# W; X c* _ C+ { - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]1 I/ m1 \, P' A$ w R
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
1 K3 u+ _3 g# [0 m7 K' o - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
5 x" i- ]6 x9 S, v5 } - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]3 t# f m, u1 p/ ^
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]- g6 ^& Y* P# C# ?9 {; D( L6 N% o
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]( j2 n9 C- J* a$ o$ ?: R
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]$ i& n& ]1 _+ B: j# A
- <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]% ]" W; Y# x$ U4 C
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]( X4 k6 L7 B1 G7 N+ t0 w' N% H4 ~
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]3 K z& c( m, E p
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
8 Y8 }: L8 p7 ~2 |7 z1 g - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]% F- z6 _) h! S5 Y7 e: b0 `! N
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
. k2 ^& j5 c3 N" o( H - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]( U" D$ W4 G* E' V2 H9 ]
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
6 C; h( z! s t& w) O6 H4 t - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
0 e! m8 A, Y' ? - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
* ]4 p, y8 C( z: Z" C0 N - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
9 q5 [+ X: z/ \/ N( O3 z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
' W: R2 ~' s( m' ]$ U. @ - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]6 ?* p/ W R0 v8 @6 J$ ?# Y
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]( Y) N6 o, M% w0 {) C/ H
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
$ z! \& ]6 l( }; v! q2 w( ~ - ==================================9 _' }5 r( B$ y$ Q
- 启动文件夹
( ~5 b. S; S8 ~) X, D: r6 r+ G - N/A8 c/ N- b/ m8 V2 E# ^% F
- ==================================
5 U4 s0 d' z/ X# N2 y2 W- `1 W; x - 服务7 U5 @( G6 W0 C# w, `; d$ G8 Y
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]$ [4 {( o( h; W! e# o S
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>+ Y$ e8 W- ]- z m- A0 F
- [Google Updater Service / gusvc][Stopped/Manual Start]
! _' J- P( R h; T - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
0 |7 x% F5 [# }) P6 z - [Help and Support / helpsvc][Stopped/Disabled]
1 V5 N0 ]+ m8 w5 \ - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
2 v. v7 m5 _6 M) @/ M2 [ - [Human Interface Device Access / HidServ][Stopped/Boot Start]' Z* e- ]( P! ~- h) O# a
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>5 ]) b/ w6 T' w; A# y1 H
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]: T+ L1 f! k* h, }) `/ H$ Z$ N
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>* ^( W. L( s- X: j) D$ Z( }
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]- M" y# p# i" ]: N5 `
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>" |5 s( ^- O b( ?3 f& {
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
$ K3 x% F' A! E& w P v: I4 Z+ l3 o& j - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
. W7 s( \/ ?6 \ D5 C6 @( |7 m - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]: k- |7 h, m4 z r
- <><N/A>% C' \7 [+ q( q
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]0 r; ]* s5 [! j3 B6 }
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>2 n! B7 t+ C% f1 l" v6 ~
- ==================================
- E/ P" J% k, B2 c. Q - 驱动程序
, E+ {$ D8 L) i' B% d3 B - [22j / 22jn][Stopped/Boot Start]# a. C5 |: e$ Q* C, [
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
' i$ J! U0 r# ]4 e - [360AntiArp / 360AntiArp][Running/System Start]4 o: g$ Q3 \0 X. B2 p
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
8 x5 t+ _' D; k9 [& ^; O - [43ec / 43ecu][Stopped/Boot Start]+ w; h! e3 X' x/ R
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>/ C/ N6 o9 u5 M) n& v1 l7 t- J
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]
8 s3 a& |2 i4 v - <system32\drivers\ac97intc.sys><Intel Corporation>
2 Q" ^! [$ S& b7 V! @: J - [Promise driver accelerator / bb-run][Running/Boot Start]
, `! C" J# N- i0 Z8 }( u - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>( F* H5 M) F: d7 x5 b- v
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]% @: {, l3 m! @. h( A0 N
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>$ Z7 V& R# D N4 \0 N
- [KAVBase / KAVBase][Running/Auto Start]
& `* e% [: i8 ?" P - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>2 _, s G) V5 h' v* k
- [KAVBootC / KAVBootC][Running/Boot Start]. ?" c2 N/ r o+ L& F3 H4 l- R8 O
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>, S! P9 ?/ @6 S5 L2 ?# r5 _
- [KAVSafe / KAVSafe][Running/Auto Start]# t. G/ m& n, j6 K, e7 W
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>
% W/ |) P# Z8 w7 K- Z" H - [KNetWch / KNetWch][Running/System Start]2 I2 V- }0 O) m) _) f# W4 y
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
" e0 @, D U# N! Z - [KWatch3 / KWatch3][Running/Auto Start]
! I& U9 E, A, E c( Y, F - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>8 P* P. s' A) ^: R( h
- [ntptdb / ntptdb][Stopped/Auto Start] z7 g3 ^4 H) ]
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
& s ]7 r+ h$ J+ { - [nv / nv][Running/Manual Start]
( b; ]9 j( @1 O1 r# `7 U ` - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
* u% U4 a i4 D( z- | - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
+ K7 k2 s" m- k* ` - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>' K+ e2 `. d: x6 ]# C% q
- [DDK PACKET Protocol / Packet][Running/Manual Start]
4 V1 E. t. B6 P8 W2 `3 z" x3 w& r - <system32\DRIVERS\ProtoDrv.sys><360安全中心>0 N; L$ h( T' O9 V
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
) ^9 p; C1 Q: D" q) I) s - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
3 Z# c- s" O$ F, y2 T - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]
9 b* ?4 a+ B9 N! J: } - <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>& v N# ?5 N9 l+ {9 ^! T- u: U
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
, b8 a2 F% {6 E7 J- Z - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>8 D9 m8 h {/ a) {. |% W
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
" v- e% K% o# \. t* ^7 J - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>2 Y9 T7 J( |8 P; h8 V
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
0 ~1 C4 s3 r, i0 g' L R1 ~ - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
2 `. `" }! ~. i3 f: C* w( \" T - [Secdrv / Secdrv][Stopped/Manual Start]
/ _ m8 a: [5 T8 x - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>2 c m. z- |$ O' X2 }+ ^! E
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
& u& S% S# f2 M - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>2 j; }1 d" `( s& ~9 g/ T0 Q
- [System Restore Filter Driver / sr][Stopped/Disabled]( Y/ @7 J5 t' B- N/ d s3 `5 t N
- <system32\DRIVERS\sr.sys><N/A>
u! @* k1 ]7 z - [TesSafe / TesSafe][Stopped/Manual Start]
+ o6 a6 J/ K m - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>$ o7 m/ u) _, C) y0 m, i& a. y. c
- [System Services / unzxzsrs][Stopped/Boot Start]% |7 ~9 @% R* c. G( w
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
: u/ i& w1 ?1 _. t7 t - [ViBus / ViBus][Stopped/Boot Start]$ Y+ v. ]5 G0 Z( T2 l+ Y( I8 _
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
8 i0 r* v$ ~& W- f2 p7 n0 Z - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]6 u5 F1 `1 h& b3 z; O8 L
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>: F+ H" {/ B. X) c8 P$ L1 J" e
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
, R3 `) e Y6 p8 q) \ L! T+ x5 o: D - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>1 s# J6 b5 M, T! b/ d' Y% I
- [ATI Extend / zhibmaso][Stopped/Boot Start]
' f6 r8 k* ^( L4 W4 R" | - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
0 G# r+ Q$ r8 E - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
) w! C& A7 f4 S4 X8 U - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
/ M4 d9 f+ }0 D+ C C2 K1 G - ==================================
, l3 p3 J" C+ W. L4 ^ - 浏览器加载项" u5 E& D3 ~# G' W4 s
- [Google Toolbar Helper]8 q7 F- g" `3 Y! M5 Q- F
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 ]! M( @. P( S' I; [" e. T
- [Google Toolbar Notifier BHO]
6 `# V/ J; U4 k/ e R; e! n - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>- U7 L6 z3 @/ L' M1 H
- [SafeMon Class]
0 E: }3 G% {4 K R- C8 w - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>+ i5 a w3 z" T
- [kingsoft browser shield]
& J8 s% J# Z; W ~ - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
6 n+ m8 y S) L: e: p `, W) j - [IEBuddyExtControl Class]! \ F7 ^6 b: Q7 }; F4 P# `
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
" D% _8 N6 @, H* R- o8 T! l - [Zcom 杂志]
f) X8 M8 J" F* F0 D1 {/ h$ J - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
" w ?' i$ s, f5 Y) [! }1 h - [&Google], Y1 C8 Q6 _( h0 o, |" D. }( u1 {' N% G
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>8 p) d* y F- i, Q- t+ W$ ~( w% u
- [KooPlayer Control]- W2 ~- A' E0 m
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
9 L9 \( g/ B" B3 x0 o8 J# q$ H8 m - [Shockwave Flash Object]
! O5 @6 N7 Y. M, r3 o8 R5 J; h/ a - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
9 c" I- E* O1 `% S, \' P - [KUpdateObj2 Class]
2 o1 h) ~% I/ J - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>$ p( a% J" u. F* Z. G6 y
- [Google Script Object]) `6 s# I% ?9 a5 }+ A8 a
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>2 z6 w! p9 q8 U
- [EWA Control]
9 n) K# i! c( ]% Q) N* w - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
+ B. K& j0 F. G1 Z. u% F - [Windows Media Player], U" O [! t5 J0 f% \+ N' `( O8 J4 U
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>, X7 @. L' y! o8 T
- [&Google]5 x; g/ F9 @8 n
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>; X' n& X) R" V, O# x/ [
- [HTML Document]( z8 s) I& _3 k# l* y9 ^/ A+ A I0 }
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>2 R+ W8 A5 k4 K
- [DHTML Edit Control Safe for Scripting for IE5]
( D8 T& K% i1 ^ - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation> P* s; d d$ {, [
- [RealPlayer RAM Download Handler]
5 u6 f4 X! H( l- j1 Q0 B- x/ h - {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
3 o" w7 F: _9 ]/ w1 m' P, S - [IEBuddyExtControl Class]2 Z# {( A+ b. \, B& z0 \9 p
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
! o9 f# J8 x8 m/ Y - [XML Document]
# L+ j# x R3 ]; B& w" c - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
6 B$ `) F7 C; x - [HHCtrl Object]
0 d3 |1 w. ~9 e" |3 Q; P( x - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>6 b1 S3 n6 f( Z
- [Windows Media Player]
: u' J/ s/ u6 g& H5 d0 h - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>0 t4 r/ G) y- r( t5 W' H0 {
- [Active Desktop Mover]
0 c' e0 `8 X, f& X* I - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
' H- X y) K; L/ A - [360SafeLive]% n4 L- Q' `; V
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn># N7 L W9 L* E4 A3 Z$ Z2 L
- [Microsoft Web 浏览器]
1 F# v3 w+ P+ T2 {5 ^3 f - {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
- p- e+ K: A" x0 ~1 Y - [Browser Enhanced Objects]
! J4 k5 O/ y# `+ y1 y - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>0 f% p7 C/ E/ |# e w
- [Google Toolbar Helper]$ k" k' _- {2 _
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
" `2 h# d1 D4 x# Q - [Microsoft Scriptlet Component]
/ j" g2 j$ p, J; i5 Z- v# q. k) F8 e) M - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>) b) q! q' ^$ }- E
- [Google Toolbar Notifier BHO]1 T8 p1 q7 Z% A) |' N% Z
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>7 ^* i5 `7 @0 w; I
- [SearchAssistantOC]
+ K0 G/ N* S* M3 p* ~ - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
0 e* g: u: L. f0 E, C0 [" p# B9 L - [SafeMon Class]. G4 f5 B5 `* U
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>3 k7 [: \$ w5 r6 A* n0 l2 `
- [RDS.DataSpace]
J4 E K4 H2 w. N2 Y - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>: ~! s- @0 u5 a/ g
- [KooPlayer Control]" a' S) p2 m* L
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>) P8 a' g3 M& R6 Y/ o! U8 P' [
- [AUDIO__MID Moniker Class]
! Z0 Y/ P% b& G5 [ - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
. _4 E* Z( Q, H9 m" J3 u, {0 V$ O v - [AUDIO__MP3 Moniker Class]
( l5 [4 z. J9 j) f% x1 H - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>: O0 Y; {# u' i
- [AUDIO__X_MS_WMA Moniker Class]; w, G4 K! i% T5 @. _" d$ W
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
/ P6 w( Y% I# A! m7 x - [VIDEO__X_MS_WMV Moniker Class]
4 n$ k. d% Y/ S9 ~2 H8 u - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
1 I' i, a: n5 X7 g* t1 a1 J - [RealPlayer G2 Control]; q' J; H/ L$ Y* [8 d q6 Y
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>" M1 x2 b7 ?( j
- [Shockwave Flash Object]
6 Q# R6 n1 b" `- N: F# A' X+ @ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
5 R3 h3 G7 v: ?. }# L - [KUpdateObj2 Class]0 T4 f$ c0 }: a) J" M; T1 g6 y8 }
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>( L2 B: V" ~0 C$ x, F/ s
- [kingsoft browser shield]$ a# }4 t' R; `0 w) ]
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
: @6 n: u% D# \. ]* p. h - [PasswordEditCtrl Class]
8 }- c8 l0 s9 {# q) p - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>
6 p6 }$ p/ W6 ?3 U& ^; X - [QvodCtrl Class]) I9 r/ w# ]: c) s( c# ~
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
' h; y( N* ^& U6 N4 V2 E, O - [&使用超级旋风下载]
3 y+ Y; c- Q1 k+ ^9 F1 f/ n. z8 s - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>" W' L" K7 ~; ?; @* A+ s, n1 Q' T4 W* f
- [&使用超级旋风下载全部链接]& P6 d# X% n G/ C9 e5 _
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>+ D0 R6 O! _! F z
- [使用迅雷下载] y- b: `* y" @- F9 Y$ i" u5 Q1 g
- <, N/A>
3 ~+ i3 g. R* G+ E - [使用迅雷下载全部链接]5 _# z/ q) [% K
- <, N/A>, e$ q; O4 |6 `0 h/ F5 F3 p: G" D
- [导出到 Microsoft Office Excel(&X)]
7 \6 Z# V& s6 S4 l& G - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>5 x, T8 [1 K# P, E+ Z
- [添加到QQ表情]1 c" N( B$ |9 c% m8 t/ [- W
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>9 i, Z8 b$ j+ J8 l- }
- ==================================$ r1 @5 x0 n3 R: \
- 正在运行的进程8 Q2 T: K* A7 J/ ] j9 h( T1 Y
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" A6 w: [+ x# W6 [* r5 m/ o
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]- |% i. I) J, K& j5 }+ Z4 Y
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' @" w9 Y8 j8 t0 f7 w - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]) C, s3 |% b; f1 u: O
- [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' w' b+ Y9 u9 Y9 ?0 E2 W# M/ p B - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]3 o! ]( M3 {9 f' Y
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ Z' R5 e+ R* L# g, O - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]: Y! x3 `$ A5 M: z& e/ f
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. A' `6 p, @- ^5 O7 Y, f2 Y
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]8 E, X6 z7 W: V/ U( q4 c- B& R! F
- [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 u6 {9 v4 d. }# b3 ]' P0 X- X8 o
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
' a8 ^( q! _" I. j2 [. w6 ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# y/ U& c/ a7 e& Q/ L2 C4 @
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
4 C2 d3 H: Z: I" k9 f* i( P - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
5 N: i* M1 o Y' E v - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]# Q* N! u( |7 A8 ?% m3 q/ E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
$ H" N9 p* `5 ]4 A6 l - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20], l0 B w# _2 k1 ?( H) S
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
0 d2 \6 B8 G3 I - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]7 S: j# K0 L% d% v$ H7 a
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
9 y. H' }( E# ] }8 `! b - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]2 ~1 `. A5 j0 Q S' O
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
9 S% Y! \+ ^0 M5 } - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
4 s, k5 N$ f7 O - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
0 E" X# ^" G/ _2 Z - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]7 N9 E* ^1 ~+ M
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]( x j9 B0 i4 X" k& M6 m
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 T2 P3 O6 ]/ q$ v" @1 M/ J) {1 E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" [( [2 w7 f2 Y+ c2 v. v - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
& W* V5 ^" Q% {; @0 _ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
0 ?) D2 \7 v6 X) r- I, G - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 W5 Q& U# V; b0 s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]9 q6 c0 U# ~# A$ D+ E v' K5 O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
2 b7 ?% ~' J& k( M: P, O - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( D X3 S, A- u9 O - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
3 W; b5 Z% f' b, z$ \. O - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]0 d- G9 M- w1 E9 F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]$ ~+ a6 t1 x6 U% n6 p4 e7 Q5 V$ J8 _+ G
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]; w D" a& ?/ s) {* L, B
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]( s* y" z. J/ O; T7 i. O- P
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]- ^; U( k: |% g3 J
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]8 g3 |9 K( O& d7 J+ `
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]7 r, ~( h% N q# R) Z* ~, D* v; ~
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 A {* |0 C- p
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]- O. Z, A1 c1 {6 {3 x9 I, o
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]0 p" u1 ~8 p' v6 [' Z
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]4 t# n P! s) Y* H8 }+ T" m$ @
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
) b* U6 Y$ z5 s& A& E( ] - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
- F9 u/ z& A# ?' H9 S3 t - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]- _6 Z: K- x9 h! _& H
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
' A# |" H$ q2 M8 v6 d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]8 m7 v9 v) l* C) B: S. l- j
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]) o4 v( ^, p- {! ^5 N6 H" @
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]0 `6 \/ s4 W' [2 v- M: f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
( f4 I5 s* ? p a- _ @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]; g/ V+ H( }: y
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
% ]. K+ b0 ]# \7 G( Z# u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
* ?: x- H" L; c+ q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
8 [; p3 C+ @% q - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]" c' Z2 e' _" A/ ?( ` u
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]$ w6 `' B4 Q* m# i ?1 [4 i
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
j1 F1 z" C# G2 t* D7 `1 l8 j - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]' [( s: J5 [! ~# }. |( G, c0 _' J
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]! E5 {: U( [- i) n
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
5 R3 ^& c$ a X1 B I G - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]1 \/ X1 v1 Z, p4 l9 ^- B5 g( t
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
) z5 }" ?! [4 n - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]
# m8 ^6 \0 i4 { - [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]0 t& w |9 E+ T
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
$ ^8 a( i4 d% m( _8 u5 u4 z" B - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
/ U, Z1 {; \6 r+ X3 a3 Y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
, Y+ _+ C1 }* b" ?7 R& W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. I5 |, {' I/ s3 X G# l Q) d
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
/ x* w; O9 Z2 l |. \ - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% f7 ]4 X0 O! h# `& q% [* h4 N - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
) F B/ b' A" I) J1 D5 P3 e' l2 V - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
! R- V" K6 t5 a% E. ?7 c" Q8 \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
9 e5 u( l1 l) H1 o7 n7 S: e% c - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]3 ^* f+ @9 D. _& A% h: w+ Y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
! k7 e0 T# b/ \ - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]& X) s% w( H& O( N: f
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]5 u l, S( N; W
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
/ x. A x( h" Z7 ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]1 K9 h& B8 P& u, z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 G' B- g3 ]3 b! ] [
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 D% v6 [# p/ T - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]6 i4 E* m! r' N$ g" ~/ G! \3 N" J6 \
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
\2 x" t* _& } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" I" z6 C, G& B! w: F6 l2 Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]2 K! E7 c+ K, C* I4 n: K9 U
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
! `: a6 ~3 A! n+ M9 C0 c5 [ - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
1 h4 Q! g4 n3 R9 f/ ?+ X - ==================================
# [: g* F& Z( M# u - 文件关联
, X8 Z+ o7 `* q8 k1 Q - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
% e) O) r5 j# [3 S - .EXE OK. ["%1" %*]! x9 \( e; J; q3 H. h
- .COM OK. ["%1" %*]
, F0 f/ x) g, p5 k" @0 _# V8 t( s3 J - .PIF OK. ["%1" %*]
1 X4 A9 X- p) z, W$ h- y - .REG OK. [regedit.exe "%1"]
( } [3 P$ Y! }& A3 M1 o3 l - .BAT OK. ["%1" %*]0 o2 {# p- n$ f, y3 B: E
- .SCR OK. ["%1" /S]/ K: _/ _0 q+ [/ z
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]
% l6 E9 L. j0 p* e/ h# ` - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] p0 s& L/ \& d7 {- L
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
8 u8 p' e0 J: T - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]" Y! S7 v2 ~/ B( J) v* B s: s
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]/ ` T7 V( k/ p, t' v% Y9 ?' _
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]$ {$ o, H8 B! M0 \0 E/ Q7 |6 Q. m
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
5 ^) g' _& y2 Q1 F - ==================================) Z1 f% G' E5 ]+ G- T- I( Q
- Winsock 提供者4 ^: s; y7 T& \" C
- N/A
: h. @4 _! n& N/ j; O% ~ - ==================================
$ x v& k2 V$ v( ?) E8 z) u - Autorun.inf$ g' q, u: v @' A
- N/A2 l; M& ?! n8 q/ ]$ H
- ==================================, m% j( C1 n& o' `, E$ }! H/ |
- HOSTS 文件
+ \4 i+ b7 S# Q. f6 f; m - N/A0 |0 E r3 S2 X7 @7 J+ D7 f
- ==================================
& h) S0 Q: a. s7 o4 w2 P9 r; m7 j$ v4 K - 进程特权扫描3 ~- m+ v. j! m+ T
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]; ?7 A0 M# ~# [
- 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
, R/ X, E0 T9 N1 U3 n+ K* u - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]& j* |8 h! k; [# [0 u
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]: I) Y- N' j' M, s5 U; O% N
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]+ r3 w3 q: R- |$ L9 k3 W0 W* v
- ================================== @0 H( q" N9 `6 c9 d0 h# G
- API HOOK5 c- ~4 V3 J/ ~- a
- N/A
; ^" ^8 K5 _8 G3 T6 A8 F - ==================================) S* ?. Q, ?; O2 ?/ Q
- 隐藏进程% V$ ^: I4 P+ W
- N/A3 S9 _' |2 u B4 s( Z7 v) H7 `$ `
- ==================================; T3 ]" D1 ]2 F
- % {0 p. f1 K& t, H& {& V5 M
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
