|
|
- : Q& f; h5 E& l+ _( n
- 2008-05-22,20:37:43
: c. _& d8 H) w9 y/ \2 P# ~ - System Repair Engineer 2.5.16.900
6 I1 D* M: w/ u: F; l - Smallfrogs (http://www.KZTechs.com)
! z, ^1 O9 E7 K' g - Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能; H* V& q7 z0 [
- 以下内容被选中:
, B6 s3 Z+ B+ m9 S' k0 q, N' E4 D! ^ - 所有的启动项目(包括注册表、启动文件夹、服务等) q4 T4 y4 X0 X" ]2 \
- 浏览器加载项6 t, a4 B, `5 e6 F
- 正在运行的进程(包括进程模块信息)
4 T/ c5 P" E2 M, G - 文件关联
0 k' Y* J- J& B- t - Winsock 提供者
2 w6 ?$ _2 L5 X - Autorun.inf: d& f# S6 R& w" R$ b' L* C
- HOSTS 文件2 ~: S/ \9 G, C, H |
- 进程特权扫描5 N* _( H( [$ z5 q; Z" X& G
- ( k- B# @, u; r9 u8 t* W6 o3 g9 F
- 启动项目$ x& b" L" d2 s: W5 W7 n
- 注册表
0 {/ D0 M' Q3 ]# Q - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
0 R& @' u8 X O. ~0 ~2 @$ ?4 A& ?/ { - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]6 c. J* p1 b3 t0 R4 h) ?. H! z% x
- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
* u0 B+ t1 R6 S1 G0 M8 s! u - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]
% k% Y9 y8 _" B3 c+ b5 a - <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]* a" ~5 e1 E5 O2 i: i9 X; P
- <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
5 e2 O' i) q; B5 d1 Y. C9 \3 `2 r - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]
- V% ~/ b1 D/ b" O - <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
) z% u2 P' s: b - <PHIME2002A><; > [N/A]0 v9 v P( p% ^! u" O2 g' y
- <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
, z0 H0 S/ x. H" _ - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]$ J) h. o, P5 U5 t7 F6 E3 x
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]' Q) F8 z' M; Y
- <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]8 s. J8 U9 ^' L8 Z. D
- <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
0 d9 P* R) j2 ~, W - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
; B) E3 Y* c( i/ Q9 d" O$ J - <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
# u; ]+ ?9 y$ g6 ~% ? - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
+ ?5 |8 ^5 S( W1 ] - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]. ~$ u# [1 P$ ?# Q6 z
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]" a5 \& W0 C( v( b- z* |
- <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]% e6 g! c" h# t* h& q. V: b" R' Q
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
: S4 v5 X1 k9 L. s2 f) s. p - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
1 ?* s/ f+ W6 q0 A - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
$ i: {' f. o9 W, M3 z( w( r$ Q - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]: ~( s0 q5 t F
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
; I+ K, T+ r- t - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]. t* q+ Z" X& u4 j% w1 Q
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
/ v# U% m) K6 u( j0 R3 D, i7 r; a - <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]
* B" u/ J. y* s, w- j - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]6 X; h3 I I* R
- <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]
# q g8 U: I5 z# b - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
! \9 Q' @: {+ A' D3 a. l - <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]3 j8 x [' x' _3 u. {1 _1 |
- ==================================! K: L) A, Z. ]; B$ N
- 启动文件夹
% D; Y' o! J0 o0 Z+ ^! {5 w - N/A
5 ?1 i# T* N9 M+ C( ] - ==================================/ c, R$ E5 B( u9 s4 Q
- 服务: G9 R/ Q6 ]) q8 I5 `
- [3ware Controller Service / 3wareSrv][Stopped/Auto Start]7 U4 b8 y# B4 c- K( {( ~: i6 t
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>
/ ^: D1 z. x7 L" q2 M - [Google Updater Service / gusvc][Stopped/Manual Start]7 ~/ q0 h3 _9 B9 p5 U5 o7 j
- <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>/ @7 |9 b' ]3 ^ w/ C# K
- [Help and Support / helpsvc][Stopped/Disabled]
, r d; x; c! z* s - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>2 b0 m0 g5 o2 n' q0 q, V
- [Human Interface Device Access / HidServ][Stopped/Boot Start]# a- _1 R5 a( o1 `$ u# ]
- <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
' p5 x7 ]8 B! ? - [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start], Z2 V. V; B$ k! l6 ~8 t0 L6 {
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>
0 r/ b/ T! z& {( T - [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start], c6 R# [9 Y5 n- @/ a& a( {
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>8 K2 P- ^2 \$ V( C: z# k
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]. \5 ?+ i! t% d' [, K( ^/ p
- <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>) c" b5 \8 z- G5 g7 C
- [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]% B6 k$ K! O6 w% G" W* L5 [5 }
- <><N/A>; j9 f% l6 m- r3 y J1 P. [" r% n6 n
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]2 l3 i% A9 H4 J* a, X0 t6 D( Z
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>
9 s& i) U2 @4 S T$ z3 _8 I/ C - ==================================9 C8 D9 D2 g* Y7 ?
- 驱动程序
1 T& _. m! g) o5 v6 Y - [22j / 22jn][Stopped/Boot Start]
% Y/ l' z/ P, X: ^- M - <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>6 k# v5 l- U1 k1 ?% h6 a/ H
- [360AntiArp / 360AntiArp][Running/System Start], B9 M) \' T9 ~) p$ U
- <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>1 m9 Q- _- i& ^7 c- r! t
- [43ec / 43ecu][Stopped/Boot Start]6 i! c0 F( X- |, Q# H; `- o
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>) _5 P0 j' o. [; R3 e$ n6 o8 X8 I
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]! M* X% m3 _) Q6 t! x9 q5 \
- <system32\drivers\ac97intc.sys><Intel Corporation>
; ]- k( j6 t: {0 k. v: V - [Promise driver accelerator / bb-run][Running/Boot Start]. u$ p! ~) p @0 i4 n! x
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>: R* { Z9 i5 M# w: K
- [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]' r, ?) C' k: T! T8 I N
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
$ d9 l" u$ E3 Y1 m. s6 S8 l# K. L/ T - [KAVBase / KAVBase][Running/Auto Start]
1 Q0 k. r' w" ` c7 _ - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation># ~* i! j/ F1 T! }; B
- [KAVBootC / KAVBootC][Running/Boot Start]
" e8 c7 `& s6 T - <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
' T! x% e% A {0 x% X; a - [KAVSafe / KAVSafe][Running/Auto Start]
0 |, z d i" m7 v' e - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>( R* \9 w3 s6 }" e) B
- [KNetWch / KNetWch][Running/System Start]
: O) s5 ^* A( T# g/ G; i - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>+ ?9 m0 h8 S7 S2 p
- [KWatch3 / KWatch3][Running/Auto Start]
3 r- i; v1 G3 F$ P" X" e. H% s* W - <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation>) @0 z: U2 {! j& q; `) H
- [ntptdb / ntptdb][Stopped/Auto Start] r& F) d5 j1 e8 c" y) u
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>8 S2 y+ Z& `, J. c9 X) R& d, a
- [nv / nv][Running/Manual Start]+ K/ e. o3 w2 f0 v) p
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
2 g3 S+ Y5 Q: a6 z/ q3 N9 s - [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
& }3 Y/ Q+ S: C1 f - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>" |- A2 x) J4 z# T" Q
- [DDK PACKET Protocol / Packet][Running/Manual Start]( Y j# L9 `5 ^1 m3 P( x% z/ n
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
, m7 e) |& j# W( Z3 }( w - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]3 N2 q7 E" `, t
- <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
, |# N7 n0 a [+ x7 R& C ] - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]5 f7 o- A; B8 j3 U# U4 v7 }
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>+ O. e9 m5 [5 N0 ^
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start]
1 A' b( X$ p3 F B4 h* [ - <\SystemRoot\system32\drivers\RsBoot.sys><N/A>% Z7 Q X N1 V7 A$ v, g$ Q
- [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]
& n+ M" e+ y- r! _ - <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation> i: d: Q0 z1 W
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
* z$ p% w9 _5 K A$ B - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
. |- O" N7 p( c. E A- V i$ r6 m - [Secdrv / Secdrv][Stopped/Manual Start], P* d/ C4 S4 y; P
- <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
; p- {; `. A" H4 R5 U1 N& i - [SATALink External Device Filter / SiRemFil][Running/Boot Start]; \. Y$ a- K( H i( x
- <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>' S- Y0 `% H0 e3 \" m- j
- [System Restore Filter Driver / sr][Stopped/Disabled]
$ q8 S! C$ E. w. L - <system32\DRIVERS\sr.sys><N/A>
2 z. k7 r3 P1 u: @: d - [TesSafe / TesSafe][Stopped/Manual Start]$ a# D) c2 w9 z) K. e
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
0 [: ^+ e. D; L7 @! X/ [7 | - [System Services / unzxzsrs][Stopped/Boot Start]4 v3 p7 |% W# Z- h) E$ D( U
- <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
" _% r5 f- F* j+ p - [ViBus / ViBus][Stopped/Boot Start]; d2 R& `0 H8 K5 `/ t9 e2 J( j) K( f
- <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
; ?$ z" M( ^, p m: ~! }' v - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
- \ Q4 G4 `* q - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
. _- @ ~3 O. ]) D# } - [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]. ~' b+ K5 Z$ J5 _! P& M# C/ H
- <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc># l' d0 b4 k' I
- [ATI Extend / zhibmaso][Stopped/Boot Start]& a1 s: [; P G, Z- g& m* b
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
( W3 `! |: |7 o$ W' m: E6 E! Z+ G - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]1 v2 T8 n/ I, K' Z$ }* f w' |& q
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>* a; p. ?% _0 q1 b8 i5 P4 i
- ==================================
* V8 i) U- k/ E - 浏览器加载项6 O3 \; O' g. v5 @+ X, A
- [Google Toolbar Helper] v- K; N6 ~$ k- V0 R. z: _7 @9 L
- {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.># d% h, R; v( @
- [Google Toolbar Notifier BHO]3 t M3 [) v3 F* L" M5 ]* e
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>* t$ B( i7 R; Q, I# u
- [SafeMon Class]
9 y a( ^& }6 q* b$ e - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
. b& f* Q* _0 ]: x - [kingsoft browser shield]- b7 w" \ @( R6 G) m V
- {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>0 H2 r$ V" b S
- [IEBuddyExtControl Class]' D) P% N6 `( z) J, |
- {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>& n! }8 }6 J" q# d7 \; C
- [Zcom 杂志]
2 `0 m# `+ j, P0 f l8 d( y! H! I+ U - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A> X ^$ ]) U% w8 B+ z
- [&Google]
/ h7 E$ O8 [( J; d7 E1 U6 }' W - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>5 a0 Y) o& M, q6 q+ `
- [KooPlayer Control]
" h! ~, u8 J) e) o& E8 f5 P - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
' n4 J- b- c" a% Z - [Shockwave Flash Object]( D4 Q* y9 n: n6 b5 O9 q
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
! `6 X C* N2 ]0 ^. h! u+ b5 K - [KUpdateObj2 Class]- ~4 f% Z" I) y- e4 h
- {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>+ L6 W7 p; L* n, z5 ]( F7 F2 |
- [Google Script Object]
8 {2 T) i, n9 C/ O5 n# m - {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>
0 M2 r- b" Z' j) H - [EWA Control]
( G9 X) W7 a# k3 h. p9 D - {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>
" b1 w1 x0 V3 n; x5 J% a - [Windows Media Player]
. f: _9 Z9 `+ U, _( h - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>( a9 c2 g+ [1 p- D4 U/ c
- [&Google]
3 b4 t9 a1 D/ d# Z5 A! b - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>8 I% l- a2 q/ b2 H
- [HTML Document]
Y( D7 p7 }! L1 z: L: l - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
* T, m9 E* P! w9 x# g! a& R - [DHTML Edit Control Safe for Scripting for IE5]
. P3 Q/ m; Z: G# R& O( ^( p1 B. ?6 X - {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
* t/ g5 _( i9 j4 Q! e" v - [RealPlayer RAM Download Handler]0 R+ s* b" N* Q! h
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
- Z1 {6 V) n0 x! R# Z2 k" M, @ - [IEBuddyExtControl Class]
" I( y& g1 Y6 A# q. _7 S+ { - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>
! J" k$ k; Y4 i( C4 {0 j - [XML Document]
9 r7 L( l" e. {4 S ^% S' s" l - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>* D3 x+ p H) Q @; D+ ~7 {
- [HHCtrl Object]/ W: Z2 Z, n! j( X) I
- {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>8 ^( [/ C$ Q: S7 n( K: Q. W
- [Windows Media Player]! K- b. W I% T; i% P
- {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation># s2 _; S0 {, g* E3 k' `
- [Active Desktop Mover]
+ H3 G4 Y* w* ~( @ - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>5 l y( q2 O S- ~' h2 p
- [360SafeLive]0 Y; v7 \4 ~% W% A0 ^( u
- {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
- U' R. `0 p& x' Q( y+ E( r - [Microsoft Web 浏览器]- T) B) x, V3 Q- V: k0 @
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
& Y6 o$ W% L4 A: r - [Browser Enhanced Objects]
) w2 x- n' h/ c$ L - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>
8 o3 O; e2 {: _' a+ S - [Google Toolbar Helper]
* m9 }) O4 }! X, K) C% q2 A" R - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>7 ^- y7 N- V' ^7 k' K% i
- [Microsoft Scriptlet Component]
. u, N$ c% n6 M4 U - {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
8 F' t% P: s D, S; d1 o9 e ^7 E - [Google Toolbar Notifier BHO]
4 m. R! B. m2 @5 c( O - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
8 m3 t. L1 D8 o5 w. E+ t - [SearchAssistantOC]
; M F; V$ v& p4 e5 C9 t4 i - {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
. e# J$ J1 r: O7 {. b5 O7 w9 l - [SafeMon Class]
' N1 L! c7 w2 h4 S - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>: L3 }1 O" ^7 w9 ]& C0 D: V) F0 t
- [RDS.DataSpace]
. C' G- c) O* _- X- C - {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
4 m) d, \. h. H9 X6 l! L$ C - [KooPlayer Control]- B" A1 P8 V, d7 y
- {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>6 L! o2 r8 s" a! N
- [AUDIO__MID Moniker Class]
1 o+ D' h6 O+ L& g- o, ^/ w( }' { - {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
5 Y% k6 m0 G V! l6 u( H - [AUDIO__MP3 Moniker Class]3 s2 b- S" i9 B8 Z1 K8 [
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>9 y c- B9 @( J i9 G$ C2 ^
- [AUDIO__X_MS_WMA Moniker Class]
) v- Y7 q, p# h, F H2 G - {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
, W6 K( ^& z+ o1 `( d2 A, ~ - [VIDEO__X_MS_WMV Moniker Class]8 q u9 @' Z7 Y9 I% g" h- H' p
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>$ {! n0 r8 Z; S8 Q9 k
- [RealPlayer G2 Control]5 P: U% {5 k" ]9 g7 F, k/ O
- {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
, y* x8 Y/ c5 h9 Z# K - [Shockwave Flash Object]
) j! z" N. ?0 C E& F - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
: G3 @( a1 ^9 D! _; V) k" r. L4 i0 s - [KUpdateObj2 Class]
& q( c+ J1 e) ?4 b - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>
0 g8 x* e; o+ R8 z0 N( G1 d - [kingsoft browser shield]
- c* B7 \" h% g: b0 I - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>' _$ L# x6 ?6 N6 M0 k+ |( ^$ ]/ s/ F
- [PasswordEditCtrl Class]' T+ c7 Q. f7 d- P% w
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>8 K2 Y7 S( l; q' e0 K
- [QvodCtrl Class]: v; }5 ?$ J5 `4 ]2 K
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>0 a8 Q1 g4 J1 n: |7 J; D: J! [
- [&使用超级旋风下载]
8 D* Q( o! G* ?: K- Y$ c - <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>
, }' u* L- [2 Q - [&使用超级旋风下载全部链接]1 y: s1 ^( D, I
- <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>
3 M. V2 A- R7 L r - [使用迅雷下载]# F9 A1 t9 j% }3 Z! I& o
- <, N/A>3 K5 |5 Y$ d' o- v( C- `" t
- [使用迅雷下载全部链接]
/ }# t G# K W - <, N/A>
7 o9 n$ u) f. a - [导出到 Microsoft Office Excel(&X)]% b9 K/ | G w$ X5 j
- <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>0 t/ e4 |: Q. g/ M
- [添加到QQ表情]1 Y: y$ ~! n. T' Y, R# P; z
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
% s0 ~. v, d( T; O6 V - ==================================
. k6 z9 N* a, n/ w$ ~# T! v0 J - 正在运行的进程
. R, U2 O- Y" g' t; n0 S# U - [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]/ @% k1 d, v" E- {3 i" M
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
$ t0 ]) i7 F( } - [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]! Y1 ?9 f3 x" G- c9 N
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
) ?4 e. i" |: c1 @5 s - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 ]6 F) l: S' ^0 |. [ i! \2 q
- [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]* ~% c. q+ D8 g
- [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
% h4 V" s, I% l1 n6 L+ o; H - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 }+ N. f$ @) a: Q0 t) ] - [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 x$ y# Y. F# \% ] - [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# q, w- C7 l: ~4 a$ ` - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 j( e5 {5 r% L; h+ f4 |2 c. K - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]* b& C& w) K9 K* ]. R5 f# g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ _8 n8 A! J' \4 Z+ q' g
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]: U+ b: j8 K7 t
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
. }: B( o. C& M$ N( I - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
9 d7 ~' }8 u" w& e$ z. |- D) v - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]
& H% z2 l" ]9 m - [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]+ O4 Q1 t T, }% ?$ K
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]6 L# j O8 m* g) |' ~" `) c/ N
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]$ @( O6 S; E$ M$ w. P
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]. ^( \) Q* Q9 v: h; U
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
% u$ x+ H7 r6 h. j4 O0 V& O4 H - [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
- O+ h- }# a, }+ O - [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
- a# L( d2 Z" Z& d" r* Y - [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
# W" Y4 Q: g( F; j( o& b+ \6 ` - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]; Z% E! Y- R' O; H* X6 @
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]2 u4 G& m }( _" a+ [
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]9 d' C# D! k* B/ i9 }6 y6 j( ?! A) w
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]+ S# f! p5 E. s3 S- b. K) |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 d; a8 t- p6 ?
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]+ D; A5 o% X, C1 \6 H" k- y* i: a
- [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ k/ L7 N* F' u% e - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]# J# N- [/ p' g- N" e
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]/ t: z a4 R9 D0 h0 n+ v
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]3 ]* W9 V- n; {9 |
- [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]/ H) q9 O. I: k
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
7 g) P0 _! R+ f; q5 D! w - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]) F6 M: N7 @9 G, E
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]% o; {9 W4 ^; \. R8 G# p- ~
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]6 t& ?/ H6 X# s+ o5 P" t4 q
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
4 I5 Q4 w5 n" S - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]' e" a1 f2 d- W" U
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
( Y5 n7 I, b' l - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 \( Q& D2 U* n+ n/ y2 h
- [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]
- i. \* D) o) Z @" K. I0 l% j0 [; J - [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& F" X8 m( f+ ]; s
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]. |9 S) D5 N8 K$ h7 a4 \, Q
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
; u3 b% V1 k9 ?# w6 D! K - [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
/ Y/ x% t2 u( Y/ ]1 I - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
6 i8 t& g- r' l% q - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
3 O; t/ y' c) |6 \$ _; I f - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
. a$ R/ U7 a$ v! W2 c5 b2 E - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]
. f; `8 r+ {9 P, }, L - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
2 r% _5 V$ O" z `9 p6 m9 u - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]" k7 ]# N, G% u& `; F; X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]
0 g7 s, j& }3 t# b2 I - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]8 x2 f8 q2 G, C) ?/ Y" I
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
) @9 G3 Y2 ^( V0 x$ L; V1 l - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]* R7 Y3 P5 c/ m0 K1 {1 L
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510] X4 ~$ j8 M0 I9 x$ W2 }
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]# S! V& u( B. R Z( t. J
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]# ?, n9 H/ O) h2 w3 O
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
" ~. }' y0 p6 J3 g - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]5 }1 x0 I. u/ Q+ B
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
. g( q, f( | R2 [ - [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]( B3 ~6 ~' x: ]% j) u
- [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
0 d3 W0 B* r" ]3 y! d* f; C0 S1 W9 v - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]- @, \6 z3 g- P6 Z! ?
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]) |3 J1 ]9 z9 g& O# B5 B
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
1 ^' c# H3 v- r* t2 W; l - [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
g: V1 f) Z. o- { - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
( |/ l* s1 n6 z1 Z9 ^$ J1 J - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
( {' H9 k3 a( G6 l } - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]" j$ x5 Y0 g2 s. U1 {3 K
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]$ |- ]% p. e$ Z! C" _# l+ I
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]2 w& p# m5 M% ]9 {+ @) w$ Z
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
4 b/ f. ` ^2 n' ]/ C( {7 | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]. o& w, ` q5 g/ W3 V! [9 J
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]) m; M5 ^; V/ I/ a3 |; w
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
" w' s) M+ C. R - [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]+ ?7 x) W2 ^- O, _5 N0 y
- [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]
. }5 W, Y( l5 D( N% Z6 h$ [) }" I - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
9 U- G( ^1 A& w/ ^- b/ z) D% a - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 Z& a6 t) H# D7 I: ^! _ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364], s- t) _' o1 b, K8 x3 g( g' C; _
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 s2 K0 c- v- l3 J8 j" k
- [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
" p/ i/ T" ^; P( n( b" Y - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
" P. @: z7 a3 s/ ?1 H- O" g8 M( g2 W - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]; Y$ N6 w# m- p O
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]4 F; s4 c9 P" V3 i' N5 [1 R
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
5 b. l- o: k8 ]- Q) C$ }" Q: b - [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]+ _6 M8 ^* w& i) M" x& M: O s* A
- ==================================3 ?( v. G& c, a4 R. u
- 文件关联
7 T6 e U. ~1 b - .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]& I$ H& ^! _5 j% ^: l
- .EXE OK. ["%1" %*]. h& W8 c$ L* L
- .COM OK. ["%1" %*]
* [, j' O) e H1 V; r* ` - .PIF OK. ["%1" %*]
' l2 s+ L; I' h* o/ \ - .REG OK. [regedit.exe "%1"]& ^% \) C) V/ S% s7 a9 r! w
- .BAT OK. ["%1" %*]
$ `7 k6 n! D8 W4 R% u- f4 h - .SCR OK. ["%1" /S]+ v$ W [% Y9 b; l/ L* v$ `+ v" Q
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]! ]) S2 g5 H c7 t
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
5 r# e% P, S+ c$ w - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]; O3 b1 `4 J1 j$ O5 l
- .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
% m0 o1 k3 I1 N. ]3 t3 y; P3 y9 L - .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]* L) X5 L1 X8 f6 ~2 n7 J* L
- .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]8 y3 I: D3 D* ~, L( X
- .LNK OK. [{00021401-0000-0000-C000-000000000046}]
1 F; j( X, ?' V4 h* A, q& m; e3 E. g - ==================================
% B) Q* |5 P7 M% z9 B: E" k( n - Winsock 提供者 B! u$ C0 ?* S3 Q' o' G! t
- N/A
[1 x3 G7 O" K% ~5 @) f - ==================================
( W/ Z% S- V3 O' I* R - Autorun.inf9 i! }# m' x. K( [3 m
- N/A; J4 W, L( ]" G" ]5 `1 J2 x0 N
- ==================================
& w5 D# {/ M! J; D6 O - HOSTS 文件
* b0 q/ k* I4 V7 [' x. @; _* H - N/A5 g' `8 s( H3 f0 h* N3 N2 p$ P, p( G7 ], N
- ==================================
7 E7 {' `4 }1 S) A8 R% E - 进程特权扫描
9 o/ V2 v8 J7 q5 l% T, ], h - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
, P9 l, b3 x7 a4 { - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
" i4 |- Z: n2 L3 E: g - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
* {, t3 L) D+ i V: I. t1 { - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]) J! M- ?" b) i, ^
- 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]2 R& |4 j* B- R+ c# A
- ==================================0 M7 {) x5 |6 d; \
- API HOOK
# p! j8 m0 l/ F- ~2 b4 g6 b - N/A* f( }4 T4 B3 K/ K! {8 ^
- ==================================
& u- d) N- O% V - 隐藏进程
; c! e3 C* e, n; Z1 u& m6 l - N/A( V$ ~$ L% b+ G
- ==================================. u# t2 ]7 p+ f7 e" Y1 N+ @4 d3 [; \
- 4 M; V* Z4 K( j6 ^; y
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
