|
|
- ' f) K9 b) Y7 n/ a
- 2008-05-22,20:37:43+ T, b, U4 `+ l, ]9 @( w
- System Repair Engineer 2.5.16.900/ s+ a9 C+ B8 W1 Y: f. z: L# Q
- Smallfrogs (http://www.KZTechs.com)
/ A4 N$ [3 f7 m( }$ a1 f - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能9 U, R# F( ]& H, q: {9 ~5 n6 h; J; s
- 以下内容被选中:/ O+ S& a5 T, S6 b5 l' A
- 所有的启动项目(包括注册表、启动文件夹、服务等)
/ M7 N- I$ ?3 \9 r - 浏览器加载项3 ~! |8 V. Z* L2 C
- 正在运行的进程(包括进程模块信息)
' _+ }* P& N, J# M" k - 文件关联
@0 X) M/ ^; y. P/ ` - Winsock 提供者
, S* c* H; T3 b- ^ - Autorun.inf
' [3 u6 w! o2 i2 @7 a2 G - HOSTS 文件* a) L2 A) _' X' Q
- 进程特权扫描; E/ ^# [6 F2 a! E' N* D# O
- 8 D( P; o$ h! W. p
- 启动项目
L* M; Z. e/ H( K" [ - 注册表
2 K4 F, @4 w& k1 X* b# F9 `" \6 w - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
& D4 y' T' F: S$ }: e: P - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
- r3 u/ G) @5 S; a$ Y4 N; |0 G - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
) z" s! ^' p4 l% b) C - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
% C1 X8 b7 E# i9 c; O - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
9 j, }! D0 m' v8 h$ J* w - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
0 a! ^( ?( x0 f# u - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]3 r0 c; {2 a8 Q' t
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]* @; d$ f; s. f( U1 q8 m! P* A" u% D
- <PHIME2002A><; > [N/A]
1 i- x$ D! U2 r" t7 R - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
+ Q2 B6 C4 @: J& J7 Y" D - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]7 C% f" R1 `' {# L( ^9 I! m
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]6 @: r/ Y o6 y4 i
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
, M( ?$ v2 w( f+ A2 e - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]; t2 _; }! N0 F, `
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]; f1 a" C3 U! m; [
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
( w, r/ c H/ [$ n, q' x- g1 H8 v1 U - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
0 K$ x& M3 O( H/ i - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]: L& y' [) I/ S
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]+ {! h! L: @ @ O! ~) y
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
9 X( [" `3 l% f - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
% q5 p& ?/ W' J* H - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]) X- D& N; X* U. j# M# ]4 u
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
/ s: z; \2 s; W ?' A - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]! K) j4 h; B1 G! }
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
6 U& h0 O$ a8 w k6 M - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]; J6 l( N2 _6 `; ~2 c X, Y* a
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
% Q% Q! C& y& Y3 U9 @# r - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher] s9 k, ~4 M( t. m
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
7 J) f) F) L' u1 d/ Y& l - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]7 \" M1 _6 q" ^/ a- L( e( ], Y. G
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]. b0 m$ k$ e" ~' K( C. b
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
' [- g4 c5 F W! q4 P+ y! Q" E - ==================================* e" t" M" L1 L1 j2 s
- 启动文件夹
6 o7 L7 d- ~9 ?1 @0 m - N/A
8 Q2 k W0 u) h, r" M8 b( ^' V7 C) c! Q - ==================================0 I4 U5 F3 Y; K" \' j! o+ m! Y
- 服务7 g \1 z' M3 U7 m7 g) \8 b
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]# n6 P) Y. i% `, t5 g
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
9 @" w W: Q7 m( } - [Google Updater Service / gusvc][Stopped/Manual Start]* A/ h) H( Z7 J* m7 _) k; [
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>7 [- e8 D& I, ]' Z6 Y0 y
- [Help and Support / helpsvc][Stopped/Disabled]
0 a# O4 |8 @( h" N, E k+ y) I3 v - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>/ \0 m K2 K/ c! B$ j- b. k
- [Human Interface Device Access / HidServ][Stopped/Boot Start]: D. D* [1 I% Z, F# t
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>/ M/ \) k7 y. M' e( N
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]
- a( j- \, V) ]: E' V& }( E - <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>; ?- R, \, n4 `9 \1 h5 k4 J" w
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
/ M8 M* s( d! `, t1 n3 P0 b {% _ - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>% T$ R" ^ r# k$ v/ q: J
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
0 F: W! J: O K) R0 G - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
, e. }/ j& ^) l$ W - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]' ~( J8 v- d9 i8 ~3 q
- <><N/A>4 I% x* F3 w$ B: C
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]
8 m) p+ W* U; T# L* ~ - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
! P2 I/ C$ z. M# U - ==================================3 y6 J/ l# d4 q: v
- 驱动程序: {5 x) Z5 B" I: b! S) V
- [22j / 22jn][Stopped/Boot Start]9 c4 \3 ?1 t0 j
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>5 E d2 v/ Y' G. Z- w
- [360AntiArp / 360AntiArp][Running/System Start]
2 ?) m" H& A2 e6 L1 k7 u - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
+ f% e8 q% Y# h, D - [43ec / 43ecu][Stopped/Boot Start]1 W9 E) X( D7 e* F
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>
; H- {5 Z, _4 b# C' H: G - [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]2 }- j6 Q" C" }+ j7 T! e4 m' }: ^
- <system32\drivers\ac97intc.sys><Intel Corporation>; |' L y, D' r/ c6 g
- [Promise driver accelerator / bb-run][Running/Boot Start]
1 }! d& k3 T( n, p7 N - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
8 o( U; V4 @* p8 B' k2 N Z - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]8 G. N- l2 W; i- w2 J
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
1 q9 Q8 t9 p4 u# ]) j - [KAVBase / KAVBase][Running/Auto Start]
7 e1 f0 k, E5 o0 P8 o6 q - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
, p4 }2 h* k+ w# t7 @ - [KAVBootC / KAVBootC][Running/Boot Start]- E7 w$ N% ]0 g; @$ e, ]9 Y) m, f
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
" V I- T' p2 O. ^/ ~! u - [KAVSafe / KAVSafe][Running/Auto Start]) x: a, v8 O2 y3 t
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>' G) O( M: u. C) I+ \, C
- [KNetWch / KNetWch][Running/System Start]# a* _, D0 {. @2 D) x
- <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>
+ P1 W' z8 X+ H3 D5 O - [KWatch3 / KWatch3][Running/Auto Start]$ x ~ j0 a& Q; D8 ?/ A$ I
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>! C" a+ t! z6 G5 a' r
- [ntptdb / ntptdb][Stopped/Auto Start]5 s! W8 `2 S; b1 a) O; |
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>
' t+ F* O O1 m1 S1 A - [nv / nv][Running/Manual Start]- X' q' S! g! U1 r) s
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
+ O) b e' q( b" N& E+ e - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]4 U. U! }1 t) b# ~: d
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation># g0 G; ~* n1 L# {, J
- [DDK PACKET Protocol / Packet][Running/Manual Start]
3 F( V7 `- s% a$ D( c3 Y% m, y - <system32\DRIVERS\ProtoDrv.sys><360安全中心>9 N; c6 e: A+ m. I7 p
- [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]9 D( s; u# J/ H0 G/ c) u7 h
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
, _$ D7 s' H. f& X - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]$ U7 P" t5 z7 o- `
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
/ W* d5 v# E9 Q9 b4 Z+ D8 ^0 P! E - [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]( T5 e0 t, r$ e; d8 }: E, i
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>1 j; k! e* {6 [; r% C9 O+ t
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start] }" E* _ y6 Y
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>& I+ Y9 }- e; Y
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
4 B9 ~8 z- l/ ^- }1 o4 H! e- ] - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
# H* D+ K S0 M9 l - [Secdrv / Secdrv][Stopped/Manual Start]
* O$ m4 }. C- P9 ~/ v$ Z - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
1 ^7 E# M9 r4 R. \7 [ - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
3 j. X- h1 T% ?- Q - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>
6 r( [3 J: A& s& N# _$ p Z# ^ - [System Restore Filter Driver / sr][Stopped/Disabled]
) A0 n- A3 y, F. s$ J8 m* @ - <system32\DRIVERS\sr.sys><N/A>; y$ g; O3 s" f/ u/ q( c9 n1 [
- [TesSafe / TesSafe][Stopped/Manual Start]
9 x w; ]% B. N - <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT># ~& G; }! F5 M! }
- [System Services / unzxzsrs][Stopped/Boot Start]. a/ k7 i# y% G$ K& p7 W4 r
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>3 ]" ]" K9 K$ ^
- [ViBus / ViBus][Stopped/Boot Start]$ f2 a! t. O" @4 s4 b' h: N
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
% Q6 z& ]. ]4 ]5 Z% O- U - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]$ G5 i: ?+ {, [- D4 [! R+ T
- <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>& g) b& h* X+ r4 I$ L4 D
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]1 i6 ` B2 V3 @+ t2 U
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
* I: _9 t4 U! m/ S- o2 h+ Z! K" Q - [ATI Extend / zhibmaso][Stopped/Boot Start]: X! J3 n" H. a- n% g! L1 a& q
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>' u" u- J0 L6 c* r% C7 D7 p& R
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
+ B1 E$ S r9 Q2 j - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>2 g& j R/ X. P' t4 i" I8 J. m: F) v
- ==================================
1 z2 V: y6 z t) s( U3 _# y - 浏览器加载项$ Z( \# z* ~2 A2 m5 w
- [Google Toolbar Helper]
5 R |1 G. S. I7 T5 U$ k - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 S, N I2 v+ e( q" f
- [Google Toolbar Notifier BHO]* U. [4 X Z4 r' k$ ^) E) w
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>7 _- [* v9 N" ?2 M- [6 _3 H
- [SafeMon Class]
# x7 X, V' B& h* G6 R1 ?1 V" K' W - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
. T8 c6 _. k* T: r% v - [kingsoft browser shield]
* v/ @' J, x0 i9 K% r1 Y5 } - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>; n4 \* t7 W0 E2 A
- [IEBuddyExtControl Class]
& ^2 t' x& s7 f# Y. I8 C - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>! w7 i: N& i. g1 B0 A v& X: K: j
- [Zcom 杂志]
8 Z; ]9 a |9 C! \0 ^9 \ - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>+ @ F; C3 ~& v+ O8 B) C( P# N
- [&Google]4 w8 F% @! x8 a* P3 ]
- {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
. ~# l! m9 O, E. C8 i% g - [KooPlayer Control]# g' K; J. b0 [ q' ]1 D% g
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
. F! Q5 N& a! ^( X B& S9 d - [Shockwave Flash Object]
8 d$ q4 j" z2 ] - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
* @ O( A6 j* N - [KUpdateObj2 Class]
% j& F9 M8 g: Z; R1 B; \3 t' i E - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>) u2 J t; }8 ^3 U; K3 F% }( w T( W
- [Google Script Object]) D g1 o1 a9 \( P* y$ k' T
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
* c, J% [ Q2 v. i - [EWA Control]
/ V; c9 v# A. ] g - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
9 T& H8 U8 b, S( _0 U0 H. D9 v - [Windows Media Player]! V ~# ?. s* r. v) A% O; j6 t
- {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
, @6 y% s& Y: ^* \. `/ G* c/ T - [&Google]5 @$ ~" U1 X, x l% U
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>$ S* R8 q2 u; N- \ ]+ b; d
- [HTML Document]
3 i0 U, z! F. n8 F( U2 x% u: { - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>* D* c( G5 b( B7 N- x2 t
- [DHTML Edit Control Safe for Scripting for IE5]
; `8 K* D# ~( w+ U' z/ Y8 r, X4 Y - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>& H( j) |/ X/ T1 J
- [RealPlayer RAM Download Handler]9 ?% R; t7 C9 i9 i% b
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
' K. L1 Q$ d) V2 A. _ - [IEBuddyExtControl Class]1 _' ^& a' b" U: K, Q6 j- p
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>7 b$ c+ ]& Q' ] e
- [XML Document]4 v9 G- h4 [5 p2 q( v, l+ f
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
+ j! c, o& i5 V7 Q - [HHCtrl Object]
$ i" {/ l% ~0 c: S, _* p( V& Q - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>' u' t- e ^& N7 z$ d7 G! G
- [Windows Media Player]
5 _: n. E0 J% w7 S - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
9 a: A! d7 K; e3 p6 Y - [Active Desktop Mover]
9 b2 Z. U% j! l i& n - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
' p9 M. c5 M8 o- c* B+ R - [360SafeLive]
! |5 c% W; y+ ?3 u2 r - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>* x/ W8 p8 k, p& |/ d- {3 ~
- [Microsoft Web 浏览器]. j1 w0 V4 @/ G: l6 e
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>6 Z2 P9 b( o, ?, V! o% U' Y) i! a
- [Browser Enhanced Objects]
) M+ H/ A9 Q4 i, |( H' H& a - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>; b* } m0 o/ H
- [Google Toolbar Helper]
- d# I( {+ S% q( ]! q4 U - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
2 f6 P$ d( x6 p' E5 ^. o0 v$ S - [Microsoft Scriptlet Component]$ p; n7 S$ e0 b9 {: {2 u3 I3 F
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
0 o2 A6 n( O0 W |3 e2 V - [Google Toolbar Notifier BHO]( E3 s8 Z# |5 g, Z/ t4 N1 I0 n
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
" V* F' @# } K4 t0 h6 L' R9 g - [SearchAssistantOC]
; k. m& \! e3 F! l% Q/ O5 X! o - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>& }5 j6 K( G* ?3 F
- [SafeMon Class]) F, f V; d% D) X: N3 @
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>' b) E+ G/ A4 v# b# ~
- [RDS.DataSpace] m) O, O- H; Y5 j ^6 M+ k
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
; T- z. [. A+ `) i! \ - [KooPlayer Control]; e3 d' y# i S8 B! G4 n
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
$ W; }- N6 ^6 ~9 S) u - [AUDIO__MID Moniker Class]! A3 w# B5 w% q) R7 ]7 l
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>* ?/ \6 ~- B8 o
- [AUDIO__MP3 Moniker Class]
9 y$ d& l+ G/ e" S9 L% Z - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>) {6 b3 m4 n/ @
- [AUDIO__X_MS_WMA Moniker Class]
' f6 q- G: y$ x/ @& W - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
c0 z5 Z1 \# [. e% W- q - [VIDEO__X_MS_WMV Moniker Class]
9 h/ Q! U( [. D5 o& G - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>9 X* m; [+ U* ?5 k
- [RealPlayer G2 Control]
% N5 X3 y# V$ D4 L5 h! @ - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>' S! ]. N5 J; ^) {3 s
- [Shockwave Flash Object]
! U# ?5 Z4 k! J" k% u! w8 O q - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
8 k" M `! d1 J" X7 X8 H9 g - [KUpdateObj2 Class]
; t9 ` @$ H$ p* R& U - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>0 B1 b( T1 }! d" o; k
- [kingsoft browser shield]# D3 s2 W* `; E& j: C$ i; D
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>- T/ U" {: v+ ^( N* x& K
- [PasswordEditCtrl Class]
: Q, P* u, S" w5 x - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>+ C% n8 M* L- r2 k
- [QvodCtrl Class]7 w" ], F; J d; t- }& g- R
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
+ a P, E6 I! S* l8 c - [&使用超级旋风下载]( W8 d2 B. D0 D6 R3 J
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>0 g' [' t4 K9 r' w! p3 N% _7 g
- [&使用超级旋风下载全部链接]
4 w! o5 N8 L/ ` - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>4 N. b& O* q# t* Q
- [使用迅雷下载]
- D3 s% q5 H5 H9 y; I - <, N/A>+ h L( E* g" ^* d0 m4 K
- [使用迅雷下载全部链接]; x( T. E+ z. U$ a1 S
- <, N/A>
- K9 e- q! K5 u$ L - [导出到 Microsoft Office Excel(&X)]
* k; x9 F: q* d8 ^ - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>6 G- I- @2 t. S$ a7 e! J1 m U h8 W
- [添加到QQ表情]
/ s0 F" _( P0 y2 f! _- @ - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>( ]* n2 m6 @) P
- ==================================
2 j" ~2 r5 x$ B z% T2 B- G - 正在运行的进程# l \& Y( ?1 s& N/ u
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 c0 y7 Z, W/ i2 C: d/ l) K! G6 B - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
9 q# a9 z& K/ p+ ?. E - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 r" R: ?' ]+ j* I
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
4 G, ~! z' a' y8 }. _ - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
! d& [% ^# K' } - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
4 N+ e6 i5 f5 T8 t6 n - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 Z; ~- N4 |* d5 [1 _
- [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" y# Z& V7 }1 p c
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 t- Z8 ^3 ~' [ H1 j o* O0 K7 g+ P - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
. q5 l5 \+ Y+ s" r) W. k* b/ [ - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 i% J& C1 v8 w% M7 Y
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]8 E" b6 e4 u0 C, z w0 {4 x
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
. m1 d p$ o. T) M- s; M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
5 V- J" g# S$ [+ R+ p" n ` - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]% \4 M& ], U1 Z& b( v1 B1 I& p) H
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
. Y( N# @- [5 ^: u* V* p" Y* Z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]! f$ b, B( I4 W; G5 _
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
1 Y/ Z5 U4 y4 k+ G& z - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
# e' @7 i% q+ C# s - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]% u3 j6 F/ z) o( s3 e
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]5 T9 o4 L- s, c8 u) M
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]7 h4 u+ ^' u7 G0 v: k8 G/ `3 J
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]+ |3 X2 G% K3 U5 q
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
5 R& Y3 H" @- b( c - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
5 \8 I7 }$ n0 t3 O - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]
. u0 {/ X2 y) r! ^6 U - [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]
. _9 g' Z+ ?1 f# a - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]3 e2 u& }6 c# e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( e/ c, s8 m. \$ F6 R7 }5 I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]' n D' C$ w# l3 z: H
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( \& B0 C* |! K4 M, P - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) y% I+ S: V$ U9 Q8 p9 m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
4 }+ ~ p; l( G; c/ s - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
7 i$ `# K5 b1 i4 c" A; I3 T$ e' { - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' n) |: o# [" l" U g- I
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]! r% k, W3 G0 `: D! t3 }( C+ X+ d
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]3 @' j( v% t7 s0 C
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]" w8 u9 L" v# L- E s% v4 M; I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! p* a1 S- ^+ H$ U% U6 U6 `) s - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]8 }4 N* ~- @) O& [# u0 L, a0 v( c
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]5 w. h5 K0 `6 [$ F
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
# w9 Y: X* ]: \$ U3 b$ D - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
3 ^1 X4 ` f' b4 U' m o6 ^ - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 Y/ ~* \- q: o5 S6 O' Q$ w+ z
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]( v9 ~( j- a/ n1 I4 K
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
, c! h; h9 A% T) w# i' s2 f - [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 {: l x- N( h! Q9 b3 Z8 F6 l6 R
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
3 m8 o% G/ O3 l% w - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] q& S& U. j8 W+ D$ U8 u
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
# a: b+ ~8 g t, i w1 ]' O& t( f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
, U+ f5 F2 T) [; B: _8 }4 [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 L6 x9 d7 J' D @: k
- [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]: W: ]' p; w" o1 ~; W/ C+ r
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164], O9 B" C! J* q6 R; f/ X# ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]: j5 [ a! _3 g! ?& h# T, A3 E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]0 T) e. ~5 l: o% n0 T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
: z/ I }' ^5 b3 f5 c' d - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
2 V2 u+ ?: w4 e; i: V. r# p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]5 |! o2 I7 K2 c, N" F* ^1 e* v+ }& l
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
7 Y# w! T, Q7 p/ d o. G' p1 }+ E - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]$ u# d- H) }4 J: E9 O3 M/ I( ~! p2 b
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
' |" s A2 f7 \! f - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
+ k5 x8 k9 B, c8 q5 Z - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]. a. L. c0 S. B0 Y5 u
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]' n v( m# E9 ?& U' ?4 v
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]/ K B2 F0 q( Y& ^, T
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
2 B1 e M( t1 E ?$ Q, f9 a - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]/ y/ R" T9 [! Y. X( h2 q1 e, N. @
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]4 `) |% l$ e/ S; d( l* d
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]. u7 ?3 ~! ]* w
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
9 Y/ s" h: F, d2 I' _, ` - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
2 Y& Q1 d2 R3 q4 m' p - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
: v9 r: S( K. t- \( R' t - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]1 A6 a2 w% k) s5 F! |+ W
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
- Q- } j/ S2 @- v. |* J - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]) `( \& @/ m4 {6 R) i! m
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! ^3 ]7 a- l9 t
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
' S6 T) t+ U1 {, c" R - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 j9 C/ C/ y) R! O, Y. i5 Y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]' ^6 [0 o* g& I- f
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
$ S7 }- k- J! _) j- t! R+ \. t - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]4 {; O; p9 G5 V9 m& a3 U" R
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 R$ C6 G7 V- B7 e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5] A) g y/ a, k
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
% E' Q" [# |2 [4 J - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
! q6 O/ O) f8 W7 w9 Q4 a; d% P - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
2 j2 j s6 R- ^ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
: U- j- B, J% \) v - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 v" {' t$ I2 N, Q' M g - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% [; F. t6 x8 H8 j# k
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
& v% {, O* t. p: U. Z - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]3 s. s7 w) D& \# E! P
- ==================================
6 e$ Z8 n+ d1 b& v - 文件关联* A: b& o+ j3 M6 }7 W7 x7 a
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]6 d/ u# ~5 j- m, N& A
- .EXE OK. ["%1" %*]
) Z' a ]( p; M! c( P" K' | - .COM OK. ["%1" %*]9 m e" l7 i# O7 @6 N7 q
- .PIF OK. ["%1" %*]) }+ L [1 B5 W- q; |
- .REG OK. [regedit.exe "%1"]
7 I' j2 C7 O+ `; D9 C7 F! e3 @2 S - .BAT OK. ["%1" %*]
" g+ a. U) }) s - .SCR OK. ["%1" /S]
$ I- f/ m! O6 M) w - .CHM OK. ["C:\WINDOWS\hh.exe" %1]
4 B4 `2 V; w& d8 f" W% m - .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]3 q3 Z+ W3 s( e5 G, S/ }
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
* ]3 _) \" \- l1 B/ M1 B - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]6 F1 ^0 H+ [# g3 e/ u
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
$ I$ A+ h0 u( g - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]) D9 [' z" r- i% e+ j
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]% Z2 {& f9 Y2 b
- ==================================
2 U3 L/ K4 {- l( _' s - Winsock 提供者
' N1 h' O9 f( S+ |) W4 M Q - N/A/ B1 h- C: @3 x; O5 c
- ==================================: B4 W# x! p a. ~8 E4 T6 S" I, a
- Autorun.inf
6 c5 O: [. T5 P& Q - N/A6 f. Q6 I: u- y8 D( C
- ==================================
1 F6 O$ H* z, @/ f4 h( Z - HOSTS 文件
, A- D# x5 {- ]2 j2 l7 |4 N. U - N/A6 g( ^) U& n, s6 m" c3 u
- ==================================
& b+ v3 e$ F' ] - 进程特权扫描9 I) J b% O$ d1 Z. P& L% O
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
. q3 p2 m* \/ d6 F- t- R - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
b9 @( m) ]) X( O6 _7 I - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]3 `- O: ^$ I1 Z, m% p2 e0 N# u
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]; G/ D/ T) V, d4 ?
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]$ E4 k4 ]) w: |0 G s" V
- ==================================
' b( [/ c8 R+ y2 F+ s& s/ a, P* ] - API HOOK
2 c S& s' U/ T. t5 T6 I7 D - N/A8 _) Z& j( v' |5 j
- ==================================3 B/ A& _3 K; O' e; m& G. X' Y
- 隐藏进程9 }$ j( V# t: D, a
- N/A4 j: Y# y4 [) |# O( e$ _7 I) ~- E
- ==================================
" a+ ?4 `1 ]* L/ F% ~4 V8 B - _: ] c0 \" J$ N) l
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
