|
|
/ l% q9 C {) }9 s9 {3 W8 i- 2008-05-22,20:37:43
& L# {% ~4 v+ T5 j- R/ G- _; J8 q - System Repair Engineer 2.5.16.900$ e6 Q% T( Q' y- a/ A. k
- Smallfrogs (http://www.KZTechs.com)* \, B% p9 ?1 t) t) a' Y/ L: d
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能3 t6 |& W) Y; P; w7 f2 n! y6 Z. T
- 以下内容被选中:
& g: \/ x3 s, k$ ^( P/ L& j - 所有的启动项目(包括注册表、启动文件夹、服务等)
- e& E# d$ T, `; d* _" s - 浏览器加载项
" J9 O1 m4 K+ n3 Z; e. m - 正在运行的进程(包括进程模块信息)& t# C: g$ l, u% s
- 文件关联* n- e4 y2 }4 [* O9 V$ p
- Winsock 提供者
+ ~0 z2 ~; c5 D) e/ l - Autorun.inf- F+ [/ T" ], P$ k
- HOSTS 文件; w2 b# Z8 v1 ^3 d
- 进程特权扫描7 N' I6 F: _7 n) I+ N; v; u
$ y/ U4 j. V7 @; v- 启动项目" X: d% a" ^0 `( M
- 注册表
+ { p4 c3 T1 Q/ Q" H - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]+ q4 z: q& s# I+ \; ?
- <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
9 T; c; J7 q) t - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
' v1 I4 R* Q# c - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]0 B& l& V* M) q& ~/ a* C ^: O9 s
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]0 \; D6 f7 G- f4 T
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
- V2 [. F# E9 z& N& @6 l - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
( y$ l; s; Z" c9 B. M$ g - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
, n: V6 a* L& K* V6 q" {4 I - <PHIME2002A><; > [N/A]
2 D' g' \1 L' ^# G; S" J - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
; ]. v6 y9 R8 L- I+ s - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]+ k; H1 v2 p' [- p) {7 R) Z
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
% n( O7 ]& M3 R1 } - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
/ Q: D& n: Y# D - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
0 S& A2 B' @2 a k - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks], {: A" ]" x4 _5 ^
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
+ h' E1 v% P& g3 p) P2 b0 P - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
' }9 a9 U* u! I; W1 D ` - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]# E$ ?* i' s/ `+ y* e
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]! [# x3 D; q6 L' Z4 F6 ]+ M: g$ c
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]4 D; H# j# G2 F3 U
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]$ O7 K$ ~3 H- D7 p+ O
- <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]2 a: S) ]2 [3 K, J1 w3 ?/ {" i. a
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]" T* ]2 N. Q" `# [& l" K K* k7 B
- <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]5 u6 U$ N w! |5 }2 ? ?( ^+ a
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]7 B2 j' A, L( b5 Z
- <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]
( J: `: \2 e4 }9 V# m! Z - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
, `/ g' R% _9 L9 H1 f7 e - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]4 q1 c% j8 M! g8 w# G
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
" @5 s0 D' I# a# H - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
T @) p7 g7 D# M/ A0 g1 G2 t' Q - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
8 y- l* l9 l6 D4 O - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
# t" @0 o, G( P. d% ~% T - ==================================9 [8 P$ B4 e4 i/ H T0 w- M: O$ e
- 启动文件夹
& ^7 J* F6 D" b9 A2 v - N/A5 U; V$ h5 \" I
- ==================================
) o- ^' X# e6 s6 V+ I/ W - 服务
) Z, x9 C& v2 n - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]: P1 [) r3 t5 ?5 z
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>6 n7 g8 P: C$ z# D! m& y d2 A7 o' o
- [Google Updater Service / gusvc][Stopped/Manual Start]: ?4 ]8 } a3 w3 |
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>/ g8 D9 x7 T4 j" D. u0 e2 i
- [Help and Support / helpsvc][Stopped/Disabled]
$ y: S; _8 I& |2 s* I2 C5 ^ - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>
4 X- X' U3 C5 g: H2 l - [Human Interface Device Access / HidServ][Stopped/Boot Start]
* W/ e( g& Z- M& k - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
7 J3 h/ k& q' H( c9 m' d' v$ W - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]) _7 `5 A! o( ^$ p- V2 C& u
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
# \, j4 a$ ]7 {6 Z( i7 x3 i" r - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
* B6 C% R/ }$ D2 z5 g# A4 I - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>6 t" L2 S* X$ n7 M, Z
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
+ i+ K2 i1 w% f - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>$ _' a1 k; M4 g7 J( C% [; Y
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]' u7 G1 h! h. l; E9 ^5 e
- <><N/A>
/ k4 b. f1 T1 ^2 H# c5 Z9 V - [Qvod Terminal / Qvod Terminal][Running/Auto Start]
. G" N! }+ }9 C$ d, h5 p2 e, E* R# f - <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>( Q" z: W- R) C: n
- ==================================
6 A6 Q" w- `& E3 n2 c* w% w( A- @ - 驱动程序
7 O# n4 k6 e/ g- G- {: c) F - [22j / 22jn][Stopped/Boot Start]( S- @, |& q b" u$ S7 |
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
) Z% X5 a, {, S+ i - [360AntiArp / 360AntiArp][Running/System Start]+ T) N4 L E J8 F& a/ G$ i. E
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>, `/ L+ U4 o8 A
- [43ec / 43ecu][Stopped/Boot Start]
3 p U! ]4 M9 u - <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>: r9 G& N$ `+ x& B, ?) Q
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]. d2 ]1 B' q3 g5 Y
- <system32\drivers\ac97intc.sys><Intel Corporation>
5 B6 h' O- P B2 X - [Promise driver accelerator / bb-run][Running/Boot Start]
+ X- {( x$ r# Y1 t. P - <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
: o+ k4 f) @- O4 J - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]7 q# C _+ Q7 {/ V
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
; I# \4 a( x' }7 e6 ~: U; y v" f - [KAVBase / KAVBase][Running/Auto Start]4 v9 g3 l* F: d$ T1 L- j
- <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
' V2 g0 d/ A0 }0 u: z - [KAVBootC / KAVBootC][Running/Boot Start]9 w; Y- Z0 c+ C
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>9 {: L; R$ k: W+ H4 E
- [KAVSafe / KAVSafe][Running/Auto Start]# I! r4 S$ D0 I% e5 p, I @
- <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>* N, [6 e+ M6 ?$ o
- [KNetWch / KNetWch][Running/System Start]
& ?# Q* Q) d; g1 _) B - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>$ T3 |/ K7 B/ C) k/ z$ N* H
- [KWatch3 / KWatch3][Running/Auto Start]
# L( x! u, j. r, i - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>, ?/ o% E9 |! Y& R& t6 m1 R; B
- [ntptdb / ntptdb][Stopped/Auto Start]& H; S( o2 Z/ x* i. N/ t
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>$ c7 h2 K: Y& r
- [nv / nv][Running/Manual Start]
( I9 a. M( c. F& b% D( G4 F+ h - <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
" S/ P, k& v# n& ] - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]( H7 e2 ]9 e# M3 U5 v/ W
- <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>! R3 S& }6 G+ Z7 ~' O2 i, P
- [DDK PACKET Protocol / Packet][Running/Manual Start]
2 q' w* n" A' \1 E8 [! j1 P - <system32\DRIVERS\ProtoDrv.sys><360安全中心>
. [/ a" g$ r1 I. Y' X9 @6 i' P - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]4 t; j* n/ E) L' @' }) e' x$ J
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A> j* W. I3 u5 G& z3 J& I
- [Direct Parallel Link Driver / Ptilink][Running/Manual Start]$ z) w+ H; F5 l
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.># p3 V% S% n! H6 W! A
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]/ H6 F6 P) L3 e5 i0 ^9 m, f! N
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>0 e1 m- {: d) `+ c) Y4 I; ?6 g
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
8 h3 E7 u) t: ^ k, l$ d2 l8 u- ] - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>% r' d5 I, ~8 v8 g- u8 a' {
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]; g. S9 P+ B! I( w. w! i E# }
- <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>$ ? D# r L5 T c( Z
- [Secdrv / Secdrv][Stopped/Manual Start]! l* @* B [% B8 B: S3 A h
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
3 M& ~9 |& Q# \$ k* R! Z! G4 p - [SATALink External Device Filter / SiRemFil][Running/Boot Start]
- R# i" x% x, u' b) u2 L - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>$ l0 o; R# G/ l- _, e
- [System Restore Filter Driver / sr][Stopped/Disabled]
. l) P0 @8 U: r6 q; p% s - <system32\DRIVERS\sr.sys><N/A>: Q: J9 T: F; x# w6 q5 U$ n
- [TesSafe / TesSafe][Stopped/Manual Start]$ `' H" l! ?# |% n4 z" v" h
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
: }- m1 l/ M. e) Z' J - [System Services / unzxzsrs][Stopped/Boot Start]& C+ V! ~4 T1 A7 t+ D" a- F0 F
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
3 S* |% ]* E) k( F9 a - [ViBus / ViBus][Stopped/Boot Start] s9 s/ w# b" c$ O; V
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
& G/ Z! h* R+ X% P) L7 e4 ? - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
3 n7 ` K$ F- a5 @2 P8 W C5 o' W - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
/ u- d U% u: X" \; J* ]# a* ?$ r - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
. Q, t' D- b$ O - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>
& a8 ^4 `0 w2 b8 j! E - [ATI Extend / zhibmaso][Stopped/Boot Start]
# w4 K- P; M$ T: |2 o. n - <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>& [$ c) G1 `+ d: K' Q) I
- [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]
( G( B9 T, @" `# {8 v' b7 | - <System32\Drivers\usbVM31b.sys><Vimicro Corporation>
0 A$ [5 [ r2 d. i - ==================================6 z. b$ L0 b- k. I9 ]4 ^5 y
- 浏览器加载项
9 b/ X" _% Z9 }% W3 ^ - [Google Toolbar Helper]6 l+ a, u! g; ?: l0 k
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>3 E8 g* b) V H3 C
- [Google Toolbar Notifier BHO]" [* H# L: G8 Z. Y' @5 K
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.># @0 v; y1 g3 O# @+ X4 H; ?
- [SafeMon Class]' v* q/ e; _8 G8 k
- {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN># `1 V, J( U9 A3 }
- [kingsoft browser shield]
) a8 J3 u: l' s - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>
, S$ i5 S. S6 l. L# l* G3 p6 U - [IEBuddyExtControl Class]% V1 b0 C( x' x; T) Y+ ^
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>, |! R4 \0 C6 p0 Q7 [* h5 {5 Y
- [Zcom 杂志]& Q/ C! l; K8 a; O$ Y$ q
- {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A> X3 @. `2 P$ w' J) Q
- [&Google]
( L; x; {2 ^8 j, I$ ?$ `" D& r - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>( E& c7 X( w# o7 o, U! U3 G
- [KooPlayer Control]! B8 ~/ \# W% A6 Y
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>/ E8 Z4 D9 ]5 [+ W$ S6 @
- [Shockwave Flash Object]9 z' }/ ]' W( a$ Y+ o2 c
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
6 m m9 e# r# f. n! @* T - [KUpdateObj2 Class]. Q" w$ R9 c; k1 G2 Q
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>* D/ l) d8 t5 o) M
- [Google Script Object]
, X- H2 {# j# U& X8 Y' d( O' u; Y- n - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
- J- }6 ]+ S, ^+ S; d2 O( o+ e - [EWA Control]
1 J7 I# u* h" V5 a0 z' H1 v - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
9 ~3 {5 {. y) T! K - [Windows Media Player]
* T4 S# s7 I( u$ c1 a - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>. X: h" j% ^4 K- x' _
- [&Google]0 f& w( S. l" S% Z. ?
- {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>9 ]( w$ @8 u4 j
- [HTML Document]; o* ]* A$ M- M: ?/ s& ~
- {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A># j3 ~2 t1 }, K: T' Z
- [DHTML Edit Control Safe for Scripting for IE5]
8 l, Y$ n8 h$ T! R2 k4 M - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>/ @- G- L9 S& {
- [RealPlayer RAM Download Handler]: d, D, A. d" O
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
# b5 j. ?; Y! d' `. L - [IEBuddyExtControl Class]
L0 F$ M5 w# [) D7 ?' _ - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
; a3 c' ?" A* t7 f$ Y - [XML Document]1 `* K3 X+ y$ e7 a) N, H/ C: a+ h
- {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation> W1 k3 c0 H+ |; _/ F _1 `$ R! g
- [HHCtrl Object] \, h' J9 o- ]4 h
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>+ d. M0 Z) ?: j
- [Windows Media Player], ^- e; x" ]# G8 E! U& C
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation> U9 d3 Y8 ~9 g4 Z
- [Active Desktop Mover]
% y2 F5 ?! q0 p7 ~7 T: [ - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
+ ]: x; D. p7 l+ b0 d3 E0 l - [360SafeLive]( F* @) J" g- L
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>3 f- ?1 ^$ O4 G( d
- [Microsoft Web 浏览器]# p+ `9 M! A) {. t& j" M8 ]
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
& f( Y W. R E6 v" u( s3 V - [Browser Enhanced Objects]3 ^) g! y& X7 B$ O" c' m& J ~2 S# \
- {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>4 @- a9 }2 G6 k9 y
- [Google Toolbar Helper]9 Y6 z% e6 a7 A( j
- {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.># I: Q2 g! l; T* b4 n) t; Z
- [Microsoft Scriptlet Component]/ L$ A0 S, J% V9 g- W9 E" e
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
( H5 d. Q; x( P+ Z - [Google Toolbar Notifier BHO]) ^: l& i r: b5 b+ K2 b! m: ]
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
3 z; H9 _4 i1 l - [SearchAssistantOC]
% R' n1 |9 u6 ]$ Y* ~: N8 n1 j# C - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>1 @2 x- S9 g' i. h3 Q! x% Q
- [SafeMon Class]
% s! {# y1 A( ?9 ~8 M- [ - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>- B3 f! a7 D1 s8 l
- [RDS.DataSpace]
& S7 h8 Q0 x0 b9 ` - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
' Q5 ~, m+ J5 U5 F, N3 c. ~# N - [KooPlayer Control]% ]; V) W8 Z* S0 z3 A& g9 Z" J
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
' @9 O: ?* }5 H; j) G# t+ ? - [AUDIO__MID Moniker Class]- F, z, H" H( V$ x
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
$ \; Q Z2 {' v - [AUDIO__MP3 Moniker Class]
9 l( P4 g8 w1 L/ _4 `, { - {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
& r+ {4 E2 g* K4 _8 ]4 C1 ^( N2 H5 e - [AUDIO__X_MS_WMA Moniker Class]
' r0 A' e& p5 T - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
; [+ n5 O) B% G, [. O, c' A - [VIDEO__X_MS_WMV Moniker Class]
/ Y8 F5 m* r$ [9 D. e - {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>( _6 S, v2 u t6 C8 T# u# y
- [RealPlayer G2 Control]
8 {/ W4 d& w: B' W3 Z) W* {1 g2 | - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>3 }/ e. b5 X) ^( ]- r
- [Shockwave Flash Object]
) A; S5 x! q% a% G: d0 o - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
& ~- q8 x" Q6 `4 l2 g - [KUpdateObj2 Class]
! s/ O6 c; L; E1 V- F V - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
5 c! a' X4 u4 D# e9 H0 p - [kingsoft browser shield]
1 P# e( R" f4 F8 K* m2 k - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>9 L" j2 i- ], e! T9 f+ `
- [PasswordEditCtrl Class]
}6 C- T' R; u3 r - {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>+ X+ L1 R& _5 u8 Y1 P
- [QvodCtrl Class]
' O' g, S5 F G/ g5 [5 ~( f - {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>
1 w& |" b% R* W ] - [&使用超级旋风下载] M" [7 M: ^- m
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
; l1 r% J b' C0 s6 D" G - [&使用超级旋风下载全部链接]
, S: _0 [% D! h3 M. z+ Y - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
; Z( Z" J, e: y' H6 V/ z - [使用迅雷下载]
5 W% T% C+ R) k, | - <, N/A>
) @0 m* }' `* V% @9 \- z' p - [使用迅雷下载全部链接]" \( o" b$ {" O+ w! h
- <, N/A>
6 U2 q4 U. |9 {' U' r% N - [导出到 Microsoft Office Excel(&X)]
( \) {* }6 ] p* |: }2 ? - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>8 R/ Z1 V# o7 v' }& V
- [添加到QQ表情]
# E- M) M0 g- z; R* F: @ - <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>4 l/ c6 w! R, l* n9 ~! n( ~7 ~2 T
- ==================================* |& m6 ]5 m8 K1 c: j) U+ h
- 正在运行的进程1 [4 U w* q( G
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ [2 M6 @* ^% O% h4 w4 I - [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( n" J0 O/ E( ?4 d
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 H1 A/ u1 S" b3 l! u
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
2 l1 y7 t8 e7 |- H) _6 c; ` - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
' Y; `6 a/ r, M" \7 g7 |0 B& \ - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ M' D" w7 S! l2 A5 W# ?9 K! ?5 g
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 Z$ c) ^; G' B; D - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]" v) T6 Z# C' R" T, p! q. l
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
1 W, i' o" N( k: Y- e - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
H8 G$ x c, l/ j% f" @8 r - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]7 R& a- v' M4 E# a- G6 \
- [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]0 w# m2 o! [7 S% O' b' ?! T% _+ h. |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]3 Q1 H7 a" i2 s# t* m. D
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
+ \9 K, o- b( o, [/ K$ w4 x$ q - [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]* Z8 Y# Y* [' N
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
% m) n( ~ h. l' Y' I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
- }* w! t6 T; H; S4 B - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]
; w) C7 k U7 R/ P - [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]
/ ]7 h0 V. B( h* J J& j - [C:\Program Files\WinRAR\rarext.dll] [N/A, ]
* |) \7 i/ H: B2 Q( e& c: [# J0 `$ [ - [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]) ^( w l. N8 b2 x9 M
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]" B$ ?' X m+ i; h/ Y- U$ C9 j G
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]% |' C- l- r8 H5 S" }; z& @' @
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
' L2 \; Q9 @6 e+ i/ l! t - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]* _( K3 o# N1 r9 h
- [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]; l1 ]- ]8 z" J9 Q: B
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008], j9 k8 F: d. F( f! o: E0 `
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ |' B# q: h6 a1 H; h% N' X - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 B+ W- | [- P - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, _1 B7 d2 R, e! v1 r* C" n. j - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0] V6 l' A6 D6 W# Y
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( Q- b0 Q/ P$ \7 w# ^ Q+ m
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
$ c9 n! K8 }2 L8 G' N. ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
& j9 ]2 O# t% Y/ w& s6 u - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0] V. R8 n$ R; E+ u
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
$ J" P6 \' n0 K% {) L$ x - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]! L# b' ^/ U% e& L/ E% v0 K1 N
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]' W# e3 w! G2 f9 X* Z
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
, r* v3 R2 j5 {% h8 V- u* s$ b - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]/ O- v$ R q1 N" z5 R; D2 p
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]2 ?6 v( ^ {/ [3 v) b
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
: q3 r) O0 b! M& E3 e$ N- `$ ]( s - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]- R( f. e1 H6 W" c
- [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
8 @+ P* f. a1 J5 \; U - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
, Z. t* I! p! C- T( U; G2 C - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]% r+ v/ p+ c, c/ @. E
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ I4 {) k7 T2 ]* m; ~1 B; ` - [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] R a( i- }& g& i
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
( {, W+ Z8 L9 I/ _5 V - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
& y# q3 h2 P9 Y4 m6 o - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
* D1 ^6 e0 H: j( r1 `% ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
2 m( r; A/ V8 w. _ - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
' r) K5 M) {. v2 G - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
0 S7 R6 c5 @2 c1 p9 R" a; [ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]! D3 x9 K6 ]6 Z0 L2 W/ o7 R! `8 e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]9 h6 p |& Y# B; ^$ o& l, P
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]
& l2 j) m# e4 e# }4 g w% \ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]7 a- X: k, `4 V S# ~" q) f
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]
1 m9 s6 {$ F; @1 W0 J2 ? - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]( D: T1 e( @4 M8 a) d
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
) y% p+ a3 N# y6 o5 q4 H5 [0 m - [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
5 G% }# D5 ?. u+ @9 @& Y - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
2 u8 s3 S" L/ `, ]( v( | - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]; [, L: \# r/ h: b2 R' E$ a
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]# N5 d8 l4 f/ ` w9 x; A
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
3 x( l/ M7 p) [3 B - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
- n6 X1 F1 Y6 v( P3 s( ^ - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]+ M3 o E- u2 n9 Z
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]
3 F. _ {6 N% n0 S - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
9 V3 F6 Q# o2 ?: F+ @ - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]8 Y1 }; K8 z) S- B) x
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
+ {4 Q& A2 t% {& C6 c4 S - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 U: f" m$ c. Y& Y' u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. O0 d: V$ U- w( J - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( j+ O- @( D$ i! j. v9 h6 \' H" S - [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]* @# ]& G5 B# i+ @
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]! L% O8 ~$ N6 B1 ^0 I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: ~8 _+ y8 E1 d9 Y$ H, C l, M
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" ]' c! w& G1 y4 }5 I( x3 T
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
, X# x, e5 T. l+ T - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
9 M+ f* B/ x, P6 K. J - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
" |6 Y% T" ^9 K - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
7 `" i; ^- o" n" y; H3 Y% ]% T - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
; D7 ~: P, `5 K z - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ A3 c5 s( `& v2 c; @# s
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) K2 v6 {* q: Q7 H! p" A - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] h* e/ g+ a5 @7 C, }* l: W! f! O
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]4 K& L( [' D) _1 O) S
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
3 z1 h+ r$ Z" i1 e" [2 _' E1 Z7 X* f4 v - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ `7 J* O$ |. B
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 Y/ U" j9 T* V* m# K/ N7 E4 a4 G
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]( j" A# Q, O# D5 C
- ==================================; q/ [( Q- \9 H
- 文件关联
6 q; Q* @/ f+ i# k# C, b - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]" Z4 ]- R& \) Y- S3 l( k) o
- .EXE OK. ["%1" %*]- o4 a: s5 Y1 u0 L
- .COM OK. ["%1" %*]
0 l& u! b6 m* Y& c7 Q - .PIF OK. ["%1" %*]$ Q, F G# }- K9 `/ M
- .REG OK. [regedit.exe "%1"]
5 a- |* M3 z f ^" |1 { u - .BAT OK. ["%1" %*]* ]( v- z; ~ x+ Z' w( ~
- .SCR OK. ["%1" /S]* g; N) Z' g8 L8 b6 z
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]% h" q% [" A; ~; o% N w9 r
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]0 \, R+ r j4 \5 i: U9 z8 M$ h
- .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]6 v4 b$ j: X8 L/ ]
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]6 l6 q7 K/ B1 s. T. M- @* F
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
4 q# @6 B+ K6 W/ |0 | - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] G* G8 R" c- b8 R0 y' o
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]& y1 K8 h9 F+ M
- ==================================; `* Q: ]' R% p, u" D
- Winsock 提供者2 ^0 @+ D6 K% S7 m) C2 @
- N/A
* o7 J$ o6 x1 ^ - ==================================
) v5 t6 l/ {1 Y. n! V# B" @0 l5 p S - Autorun.inf
/ F6 e) b. t& k: }4 K/ b - N/A7 w! p8 M% A+ ?8 V# H
- ==================================3 E4 i: r% g3 l) `/ X
- HOSTS 文件
) p( X% Z, t" @& K/ [% h - N/A
- h) }8 I; L" U# I - ==================================
, ^ {! U# x& P% L% C4 U% x - 进程特权扫描
3 T$ P& K: {- ^/ m9 c - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
2 E( Q# z/ }9 M# G7 y% d - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]3 w1 U/ a( O# k9 n% k0 N& K
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]2 l& z( V, D4 c4 l8 [% ]; Y& T
- 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
`' }9 W. K. q. |' Y - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
/ z# H8 k0 X5 g( J5 ~ - ==================================/ D+ N: Y# j# k! b# F" A4 }
- API HOOK
, |3 B: q: G: Z; r0 |/ Q5 C - N/A' _& @7 A+ g. Q0 L! [# d
- ==================================8 H' b$ E ?, E) z* P" O4 H# Y
- 隐藏进程
+ N, n9 Z1 {2 h - N/A% y w$ w n7 o) l; u
- ==================================8 M! \! C2 f9 W& b
: e2 N @& T% u' H2 S
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
