|
|
% a0 S! t0 K$ H% a% r- 2008-05-22,20:37:43
% ?5 s) u6 s$ g' K6 m% r7 n1 a - System Repair Engineer 2.5.16.9008 o2 `; [; {# K3 A7 d$ _: f5 W
- Smallfrogs (http://www.KZTechs.com)/ _& ~; ~+ M( H# i0 L9 S: [) f y$ ^
- Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能% j8 O. I! H1 A' z! e) k
- 以下内容被选中:
" _1 N" J' D& ^7 ^+ z/ t" G - 所有的启动项目(包括注册表、启动文件夹、服务等)( o% }1 f5 a( f/ u
- 浏览器加载项) M$ l2 U: C- O O" p& y9 d) ]/ p
- 正在运行的进程(包括进程模块信息)8 h5 o9 h3 X# J
- 文件关联! }; `) g( H A+ H9 T+ m
- Winsock 提供者 Z. t# \8 j, x& [
- Autorun.inf
0 H0 _( c+ V6 q; d7 U0 @' e2 C - HOSTS 文件/ f/ p% I" f6 P( q7 {: f# H
- 进程特权扫描6 [1 h3 Z; ~; p8 J
- 8 m, k( l% _7 G" ]% T
- 启动项目/ w2 [4 N' P" E* Y
- 注册表
- R) t. m) q$ S4 y2 { - [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
2 L$ ~# o& a5 ~( {4 d2 w( O - <ctfmon.exe><C:\WINDOWS\system32\CTFMON.EXE> [(Verified)Microsoft Windows Publisher]
1 g( T! d# ?% Y6 C/ Y( P6 { - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
) y5 a: v x7 D& { - <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd]0 G% V- U' O: s: x9 Q
- <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
+ G% D0 ?) S! K* i; q/ Z# g - <360Antiarp><C:\Program Files\360safe\AntiArp\AntiArp.exe /start> [(Verified)Qizhi Software (beijing) Co. Ltd]
$ A i4 R# A) w+ V. N* ` - <KavStart><"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVStart.exe" -startup> [(Verified)KINGSOFT CORPORATION]5 v4 z1 _+ V4 L/ }- J! k' X! d
- <IMJPMIG8.1><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]' T% o; c$ L, u: J+ J* k
- <PHIME2002A><; > [N/A]
+ s' X2 O' S) |/ N* y/ m - <PHIME2002ASync><; C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32> [N/A]
3 Z* C7 O! j6 r# ^0 g1 T8 V$ Q - [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]2 L/ n, h* k# ~) V4 f6 [2 x
- <shell><Explorer.exe> [(Verified)Microsoft Windows Component Publisher]
5 I+ P1 k6 J& i$ V - <Userinit><C:\WINDOWS\system32\UserInit.exe,> [(Verified)Microsoft Windows Publisher]
* _- m7 k" H9 Y% H5 ^! ~ - <UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]" ?& C" K' Y9 ^* s
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]% j' L2 G2 v& K* J; k% \$ v* L; Y
- <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll> [Beijing Rising Technology Co., Ltd.]
: ~8 F7 [! O+ y - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
% `/ f1 d5 P" G% O5 t9 ^; S - <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A]
$ V: Y9 m+ z# J. t6 y - [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
) c, M P: I; ?. M( i% k - <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]! k5 M5 u: p8 S
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
# R$ }; d9 N" o. j( Z - <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]; `7 ]. ?7 ]/ f# f4 i% J# {
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
: X2 z( g1 \ ]/ y# ^- x - <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]% }! [. L# x3 _& ?5 j1 [0 p- K3 `/ o' x
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
0 k' u3 m0 s L; b5 ` - <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Remove.PerUser.NT> [(Verified)Microsoft Windows Publisher]; }! I& L9 a1 X7 g/ \1 z1 S9 N- R. A
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]( b, u4 w% s9 E4 N N, n
- <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser> [(Verified)Microsoft Windows Publisher]' r" q& Y. g. U n8 l' Q
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
( r s% l6 Q1 W+ B/ ?; u' f: w9 s - <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Publisher]0 J$ D: l2 O7 ]& W9 z& C
- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]8 n) A; i9 \* i/ i& z4 {
- <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]9 {% V) |. ]$ L9 B
- ==================================6 t. `% k( l& Y% {( N$ s( ^
- 启动文件夹 T0 c a0 T& }$ @
- N/A; x7 g7 L; W. g
- ==================================8 R4 P, O2 i+ M
- 服务
! X3 O- Z# t6 v9 ]0 {' Q - [3ware Controller Service / 3wareSrv][Stopped/Auto Start]5 P! e) K& v( Y9 U' P
- <C:\WINDOWS\System32\3wareSrv.exe><N/A>/ I! L0 T' T0 m2 ~0 B( B
- [Google Updater Service / gusvc][Stopped/Manual Start]
; _9 f$ k6 O; f2 _5 L6 F# ^ - <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"><Google>
/ E# m: j+ ?# U0 v' p0 } P; T - [Help and Support / helpsvc][Stopped/Disabled]
) ~! c6 s! m2 Q' V7 k2 e - <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll><N/A>0 T% D4 o$ `) }+ J
- [Human Interface Device Access / HidServ][Stopped/Boot Start]
7 d. v6 f; {0 P2 k0 J8 ^ p0 I - <\SystemRoot\C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>$ O2 C1 t# D9 }. U+ j5 y
- [Kingsoft Internet Security Common Service / KISSvc][Stopped/Auto Start]# G9 B3 }4 e/ a) ]0 u
- <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KISSvc.EXE><Kingsoft Corporation>9 Y: g5 q$ t |0 H' V
- [Kingsoft Personal Firewall Service / KPfwSvc][Running/Auto Start]
, B/ e2 H G. W - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KPfwSvc.EXE"><Kingsoft Corporation>/ E& h1 K" @ [, _: @
- [Kingsoft Antivirus KWatch Service / KWatchSvc][Running/Auto Start]
8 h y" h# {, n' X - <"C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KWatch.EXE"><Kingsoft Corporation>
) C% K( [ Q; C - [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Manual Start]
# [9 B3 j. g* e2 {' j, j - <><N/A>% s4 Q. G: A" u8 h6 s" b0 r
- [Qvod Terminal / Qvod Terminal][Running/Auto Start]1 n, m1 z. s4 o2 p) V. A9 Y1 o
- <C:\Program Files\QvodPlayer\QvodTerminal.exe><Shenzhen QVOD Technology Co.,Ltd>+ t/ T+ N8 H8 O6 F9 q6 z* p0 u
- ==================================
4 b2 O) D( `1 f6 W5 Q+ M+ F - 驱动程序9 Z# I8 R0 e8 q# ~
- [22j / 22jn][Stopped/Boot Start]% O; W( j L" O, J! F0 A: @- q! _
- <\SystemRoot\System32\DRIVERS\22jn.sys><N/A>
4 k+ a* ^$ g) |$ j8 W - [360AntiArp / 360AntiArp][Running/System Start]
+ z2 j6 d7 l' c4 U& w8 W - <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>" o9 G% O) ]5 B/ a+ O% r
- [43ec / 43ecu][Stopped/Boot Start]/ u' j2 n' M: _- C3 d$ u; E
- <\SystemRoot\System32\DRIVERS\43ecu.sys><N/A>3 A! ?& O9 A8 W- L0 G, e' g
- [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Running/Manual Start]: T( e6 [8 Y1 s. F1 w6 P1 n0 R
- <system32\drivers\ac97intc.sys><Intel Corporation>0 O2 `' K" `4 f% l
- [Promise driver accelerator / bb-run][Running/Boot Start] i3 k! G. {0 ^( G# B8 T- V3 E
- <\SystemRoot\system32\DRIVERS\bb-run.sys><Promise Technology, Inc.>
) Y. p# ?* E* ?* n6 c. _" E( F4 E. H - [Promise Removable Disk Control Driver / dontgo][Running/Boot Start]0 Q" R t7 l1 A1 L" f
- <\SystemRoot\system32\DRIVERS\DontGo.sys><Promise Technology, Inc.>
/ M% t' W d5 i - [KAVBase / KAVBase][Running/Auto Start]
, k% `! \: h" ^) o. k - <\??\C:\WINDOWS\system32\Drivers\KAVBase.sys><Kingsoft Corporation>
! P' [+ e9 [) [2 J! ^' ] - [KAVBootC / KAVBootC][Running/Boot Start]! e% X! G& j, e' y8 [1 H6 n
- <\SystemRoot\system32\Drivers\KAVBootC.sys><Kingsoft Corporation>
# M6 W( t R' Y3 w - [KAVSafe / KAVSafe][Running/Auto Start]
, a$ O5 I$ ^6 p9 @$ C - <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys><Kingsoft Corporation>0 `! o7 @& l: ?2 ?5 ?* ?
- [KNetWch / KNetWch][Running/System Start]
7 o0 O) r; W; \6 ^$ Z - <\??\C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KNetWch.SYS><Kingsoft Corporation>1 E! I! P% ]4 _4 Z2 V
- [KWatch3 / KWatch3][Running/Auto Start]9 P+ u5 J# x; C2 c/ A
- <\??\C:\WINDOWS\system32\drivers\KWatch3.SYS><Kingsoft Corporation> b5 o4 k7 g$ P- Q
- [ntptdb / ntptdb][Stopped/Auto Start]9 W# P" K a5 X" }
- <\??\C:\Documents and Settings\All Users\Application Data\Microsoft\Office\SYSTEM\ntptdb.sys><N/A>7 n w/ n# E6 u
- [nv / nv][Running/Manual Start]. V: l4 P8 R. r5 b9 f
- <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>- x' b1 E. \ M: Z. L s3 K9 y
- [NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
9 v: I3 p1 Y$ p5 c ]9 s - <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>) e, y2 H# }2 |: Z. D; ?, J
- [DDK PACKET Protocol / Packet][Running/Manual Start]5 X8 u4 A% {. i- }. {; B- \; |
- <system32\DRIVERS\ProtoDrv.sys><360安全中心>
: T. @- g: `- M; m( n) F - [pnduojtwbt / pnduojtwbt][Stopped/Boot Start]
0 k8 \: d7 f( b! ^4 T - <\SystemRoot\system32\drivers\pnduojtwbt.sys><N/A>
j* L8 P0 G* M) k% q - [Direct Parallel Link Driver / Ptilink][Running/Manual Start]# u7 l' }1 q3 [1 l) ^' ?5 F
- <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>, I* a* e& I$ l Y* u! t6 y- _ s* B
- [RsAntiSpyware / RsAntiSpyware][Stopped/Boot Start], e- M( ~1 s9 R: v
- <\SystemRoot\system32\drivers\RsBoot.sys><N/A>
1 f5 U' n! o6 C" \1 M* [7 W' a% g - [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start]& A" g+ W6 k- q& n* d
- <system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>8 f' q' R. ?1 F7 F5 w7 E% h
- [SafeBoxKrnl / SafeBoxKrnl][Running/System Start]
& @4 I8 x) L* @: {7 O i - <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys><360安全中心>
9 n: W2 r% i+ q- n - [Secdrv / Secdrv][Stopped/Manual Start]
* D7 M: @5 O- {$ O1 r& h - <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>3 |" I, s. x/ E/ F
- [SATALink External Device Filter / SiRemFil][Running/Boot Start]
# O$ i3 {/ }* z/ P) `1 c: e - <\SystemRoot\system32\DRIVERS\SiRemFil.sys><Silicon Image, Inc.>6 v5 n0 ]6 Z* p3 y3 E; u& H0 W
- [System Restore Filter Driver / sr][Stopped/Disabled]
2 C3 y9 K3 q) t" |( ? r) X7 i0 V; i - <system32\DRIVERS\sr.sys><N/A>
& B7 l% `' C3 p5 P+ l6 Y- b - [TesSafe / TesSafe][Stopped/Manual Start]$ M; k) ]$ W; m
- <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>' z! [5 g& ^* S2 e) e) X3 U5 o4 o9 q
- [System Services / unzxzsrs][Stopped/Boot Start]
# @0 ~3 ?2 e+ y' Q" X) Z - <\SystemRoot\system32\drivers\unzxzsrs.sys><N/A>
3 S8 v( S! w( d# J# [0 j+ n - [ViBus / ViBus][Stopped/Boot Start]
* d* S. j6 a: w3 y$ z1 H4 x - <\SystemRoot\system32\DRIVERS\ViBus.sys><N/A>
# P8 ?8 f+ c6 v" A _2 m - [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
& {( v. w6 E* ~1 K$ Y4 y - <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>$ I: e- D9 }4 _* v g# |
- [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start]
9 {9 f" k9 c" c, p - <\SystemRoot\system32\DRIVERS\xfilt.sys><VIA Technologies,Inc>; ^4 g# M r) ]# u, ~6 J
- [ATI Extend / zhibmaso][Stopped/Boot Start]+ l) X& F% d$ M* _0 y* M- U
- <\SystemRoot\system32\drivers\zhibmaso.sys><N/A>
& ^1 r6 h. m# x0 @; m9 l& \ - [Vimicro USB PC Camera (ZC0301PL) / ZSMC301b][Running/Manual Start]- k2 c3 s/ P: c$ [0 L# i
- <System32\Drivers\usbVM31b.sys><Vimicro Corporation>7 V, \ B* [: r, N' f+ h
- ==================================; B' s5 \/ s% X9 g9 v* A3 [" i
- 浏览器加载项
: k* w! ^7 K! e( X4 K - [Google Toolbar Helper]
0 l, d0 X, z: m3 T7 u" i - {AA58ED58-01DD-4d91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
( |' L! j6 Q5 r6 V& @; m - [Google Toolbar Notifier BHO]* G2 |; R7 m& [/ F
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
$ A. Z/ Q& y/ }) \- P - [SafeMon Class]
9 R( u: w- D; Y/ s* x8 q- I5 z3 o - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>6 ?& v: O4 o" s" }7 A
- [kingsoft browser shield]
1 r3 L; d- n6 }2 X$ } - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>, y; E I6 U) n6 m( J K
- [IEBuddyExtControl Class]
) P% p! ]; N) y9 r4 e, B8 } o - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>, m! W8 `2 x; W( }5 t+ L
- [Zcom 杂志]
1 J, M5 o5 i: a3 f - {4045D313-1D5E-4fe4-93A0-A34630B6A00B} <C:\Zcom\E-Space.exe, N/A>
: o6 X" q$ T) n( D( K - [&Google]
- ?& n1 H% I6 i- O0 c - {2318C2B1-4965-11d4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
. ]' [+ A" P3 {% f) J1 W; V - [KooPlayer Control]
: F8 y+ J: G3 Z7 v' a - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>/ A% ]" L6 a* w# i7 w3 t
- [Shockwave Flash Object]; a# p9 Y& s' d6 W: G% j
- {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>) w' V: p; H# k/ p6 t
- [KUpdateObj2 Class]
5 R- Q0 ~( I0 n" Z - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>8 s! k: s. A e$ w( ] H
- [Google Script Object]+ o9 H5 W+ n6 c. {. @: D" j" W2 i
- {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} <c:\program files\google\googletoolbar2.dll, Google Inc.>9 g8 M" A; ^0 N+ V1 N
- [EWA Control]7 K" a) c T2 _* C
- {18226BF8-DC0B-4D81-80E9-A41AE37BB73A} <C:\PROGRA~1\PPLive\SYNACA~2.OCX, Synacast>1 X1 R: I3 C/ g1 M4 l$ F
- [Windows Media Player]
7 @) A' I+ X" @+ l* S - {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\msdxm.ocx, Microsoft Corporation>
1 W0 i) f$ I8 ^6 A* t# d7 t5 |5 M9 S! b - [&Google]
# \( P2 n- w2 J2 E' E& g - {2318C2B1-4965-11D4-9B18-009027A5CD4F} <c:\program files\google\googletoolbar2.dll, Google Inc.>
1 v& _% U% _. W7 q8 {) r$ V3 \ R - [HTML Document]
) I& O @9 I9 e' T - {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>7 Y& J7 C- F2 a4 B
- [DHTML Edit Control Safe for Scripting for IE5]! d3 ]8 B# E! t2 Q! Z5 o6 l
- {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
5 x; U, o3 G' b. G9 m C& @: V - [RealPlayer RAM Download Handler], N4 f$ Z% t7 j+ J2 d5 B
- {2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
6 y3 q2 s& t9 g2 i! m+ K; _ \ - [IEBuddyExtControl Class]
% F6 r1 O3 v3 j1 a0 V1 G4 ]$ x% E - {3AECD3C1-7085-4731-96DC-47B6CF7EF749} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL, Kingsoft Corporation>+ l* w7 _8 c4 v M) T: m
- [XML Document]
- i) T* @4 G S" V - {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>' k* z d0 _% x+ D1 \
- [HHCtrl Object]
% p3 a1 t/ a+ {# ?% e; _& d - {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
6 ?6 u# [8 c" P$ ?% R - [Windows Media Player]
8 M I0 C. o7 R) u- [ - {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
1 p# E2 ^( |" |1 x# H m - [Active Desktop Mover]
: t- e9 {6 b- I) J# ` - {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
8 F2 r% q4 P' C - [360SafeLive]
& ^- r0 j" S& p6 M1 }% h - {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
/ j, @! |) E6 }! O) { - [Microsoft Web 浏览器]0 Y! x- O( v' @# u* I( W7 u
- {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation># A$ v( V F. F
- [Browser Enhanced Objects]
+ A" d5 v6 R3 u! P) Y) P; h% w - {986488AF-13D5-9DDF-4FEF-9FB88698CFC1} <C:\Documents and Settings\All Users\Application Data\Microsoft\OFFICE\USERDATA\webbrowser_2011.dll, N/A>& T& n7 Y4 W4 S
- [Google Toolbar Helper]
0 _# [% A T7 I& ]" m* F( w( j - {AA58ED58-01DD-4D91-8333-CF10577473F7} <c:\program files\google\googletoolbar2.dll, Google Inc.>
4 I9 y* b. \* K. P7 J# m1 ^ - [Microsoft Scriptlet Component]+ ^( H) p$ D( K# G& s" r' t
- {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
2 {. g Y' ?. Y - [Google Toolbar Notifier BHO]0 ]7 N2 f6 ?7 `# V! b0 x
- {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} <C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll, Google Inc.>
% O' g* ?" ^& Z/ f - [SearchAssistantOC] h" V) I" g/ }! S8 M# k* P0 ]
- {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
( x* g8 ~( N4 Q' ^9 R0 t - [SafeMon Class]
( e5 U/ W0 x6 Y. s: ] - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, 360.CN>
+ N: S! K7 j* U( ^8 ?3 ~3 O - [RDS.DataSpace]- V! D1 }5 Q5 Q. E) T' O0 \- R
- {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
% }4 V# Y( j+ w" q- {1 i - [KooPlayer Control]
! d; h1 K1 A$ Q* J* u - {C728DAB8-FDF5-4CD7-89DD-879D25794C77} <C:\WINDOWS\system32\CCTVKO~1.OCX, Koos>
( [- S' e: R: q; ~4 b8 |( P& m - [AUDIO__MID Moniker Class]( P5 ~1 b: B+ x. ~! {: ~1 x7 j: ?
- {CD3AFA74-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>! O0 D$ \. U. B( ~
- [AUDIO__MP3 Moniker Class]& k/ B, O9 M% d
- {CD3AFA76-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>* i' d" K) E" p
- [AUDIO__X_MS_WMA Moniker Class]3 ?- D3 q( x, s9 ^( {) @+ W
- {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>- m$ W: U9 g( `6 Y/ Z4 ]
- [VIDEO__X_MS_WMV Moniker Class]2 X+ S% [1 c5 L) H8 k1 Y, b
- {CD3AFA94-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
' e# {. Y( i& S( U4 O - [RealPlayer G2 Control]
L7 v, o9 ^" z( D" W; e7 d - {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>- N2 J, `6 ?4 ^' }) r9 W5 H
- [Shockwave Flash Object]
) s2 G. z. D, i% ~ - {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>) u3 V3 \# E/ u' k! |1 H
- [KUpdateObj2 Class]
7 x3 j" f1 T. j' N+ c% R - {D82303B7-A754-4DCB-8AFC-8CF99435AACE} <C:\WINDOWS\system32\KingSoft\KOS\UpdateOcx2.dll, Kingsoft Corporation>* b, L# P3 Y. q( G( m" q& }; j9 u6 r$ V
- [kingsoft browser shield]
& T! @+ E/ t! o$ ^+ f! ^0 X2 v2 n - {D963BE1A-6B35-47DB-B002-49FAE71D85CC} <C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL, Kingsoft Corporation>6 v" ~2 X, h0 A* C3 m
- [PasswordEditCtrl Class]3 e* }6 z* c% r/ n, K1 u: R, Z
- {E787FD25-8D7C-4693-AE67-9406BC6E22DF} <C:\WINDOWS\system32\qqedit\qqedit.dll, 腾讯科技(深圳)有限公司>: z' s% A. M' }4 H/ U
- [QvodCtrl Class]8 x0 S, \8 E% B- T( X! X
- {F3D0D36F-23F8-4682-A195-74C92B03D4AF} <C:\Program Files\QvodPlayer\QvodInsert.dll, Shenzhen QVOD Technology Co.,Ltd>! N9 h( Y% T Q& X4 J9 G0 S, r( P
- [&使用超级旋风下载] Y7 ]. N0 R( t% b, ? P- y
- <C:\Program Files\Tencent\QQDownload\geturl.htm, N/A>* ^. I( [4 e" f) q# B) b7 O* d
- [&使用超级旋风下载全部链接]
5 u1 Z* |& ~/ Q# o7 ^: }+ I' Q5 u - <C:\Program Files\Tencent\QQDownload\getAllurl.htm, N/A>! ?. E: G9 ]1 k! \& h* _ p
- [使用迅雷下载]
M. C1 ^- x3 h8 z3 D! _. Q6 g - <, N/A>
. q F2 q8 J5 a2 ~$ I; d - [使用迅雷下载全部链接]5 ?- v& `+ m; x* V A: [( e% V
- <, N/A>
: F2 L: B' m* B2 [2 s& J9 p1 ` - [导出到 Microsoft Office Excel(&X)]
6 C* Y2 k$ _1 c3 Z3 @ - <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>: ^* x& F9 S0 i1 }
- [添加到QQ表情]: L" a. o+ ^9 [4 J$ Q
- <C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>8 ^- e: y, D7 O
- ==================================8 s' ]; N. {9 [! H6 q' n
- 正在运行的进程$ e; V# S2 H1 j) u( B) F" X& h
- [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]( M5 [' f1 K: J3 G0 B* ?/ q
- [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]6 X- }7 ]! [7 ]1 i- D. B
- [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]& v- C3 H: C- {( j4 x s2 H& s9 K
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
5 M$ R1 ?2 ^1 X - [PID: 564 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
6 q" [4 u _" d - [PID: 576 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
7 s( y" X: Z$ x7 z' `; j5 b7 J. M, Z- S - [PID: 720 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
+ w* L* x; `, C" B8 `) F% _$ G2 d - [PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]2 Z& q* e6 ^# F. }% g
- [PID: 856 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]1 x6 K9 T- r" y- h3 }
- [PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
3 k4 A( V" J4 L0 A+ d" Y+ o - [PID: 1012 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
" S. r& A7 s; D3 j - [PID: 1236 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
( {0 J$ x' j. E( C& V8 W7 J - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
8 g, r! }2 \3 m$ H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]+ p: o! a, R& R) V% n& t( ^
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
, i$ `8 V" x" A, y5 S! U' H - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
; N+ I4 l/ d$ O' o1 q9 N0 M - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVEXT.DLL] [Kingsoft Corporation, 2008,05,07,373]1 E* f) f- ~( p& ~0 |
- [C:\Program Files\Tencent\QQ\qdshm.dll] [, 1, 0, 101, 20]8 g# ^- p( ^$ O! I
- [C:\Program Files\Tencent\QQ\MFC42.DLL] [Microsoft Corporation, 6.00.8665.0]( G, `. q5 J' s
- [C:\Program Files\WinRAR\rarext.dll] [N/A, ]' Y& l! \ M4 j( C( r" R& ^( q3 c& l
- [C:\WINDOWS\system32\shlhook.dll] [Beijing Rising Technology Co., Ltd., 4.0.0.9]
; D; u) O4 X8 K, R - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ g# [5 {( |& E" G+ A
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]7 w; ]0 _0 a4 x( _! D6 u
- [PID: 1332 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]8 p& ~# i/ w! t# o/ C0 o
- [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.8166.2]
) @1 Q! X2 U6 ?9 ?6 G" H' e; E - [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.8166.2]5 W/ ^6 ~! r5 l- V9 y! r3 Z- V
- [PID: 1540 / Administrator][C:\Program Files\360safe\AntiArp\AntiArp.exe] [360安全中心, 2, 0, 0, 1008]1 i# M# T6 m4 e, Q% a9 O. m% N
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) Q, n K5 y1 z4 s* U# {4 l
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]* G4 N, O( x* Q5 ~7 l! ~
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364] k! I @9 n; Q3 j
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
8 y, N% A3 _' ^ - [PID: 1560 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
/ N, U4 S' a) Y; e! V0 ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
7 o; p N$ L- H8 T5 ^6 l8 M" n, Z2 ] - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
0 L6 b5 v1 Y; n - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
) }1 H t8 F* m& U2 t - [PID: 1576 / Administrator][C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe] [Google Inc., 2, 0, 301, 1654]
2 f$ y$ y# S0 u - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\gtn.dll] [Google Inc., 2, 0, 301, 7164]
! L3 r |6 J# l2 p3 G" @ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]7 H ?# g# A- Y- M! }2 ^
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
! P8 H* z+ X* x% y. Q/ Z+ P - [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\res_zh-CN.dll] [Google Inc., 2, 0, 301, 7164]8 p) W9 O' O- E# C) m
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]
5 j8 u/ w. ]) k0 v& T - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* b$ w1 d/ ?/ G) K# x5 B" s
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
* l4 p+ ~/ l, W$ y - [PID: 1648 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
# U ]/ ?6 \+ e u' w4 v7 p - [PID: 1744 / SYSTEM][C:\Program Files\QvodPlayer\QvodTerminal.exe] [Shenzhen QVOD Technology Co.,Ltd, 2, 5, 0, 53]; V% m y1 m W/ k, a
- [PID: 1860 / SYSTEM][C:\WINDOWS\system32\skeys.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]) [6 \# X% V _! x, b
- [PID: 1908 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]9 C$ E G' O$ Q q5 ?
- [PID: 1964 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]% s. e7 d9 x9 V0 v' N6 `/ i) c1 c6 W. f
- [PID: 2772 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
* [% Y5 D* q0 B/ R4 b- u ] - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]) h# t. _3 n& [' X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
" M1 v/ ]% [8 \/ r8 E: Q3 T. g* ^ - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
& }4 L5 U; ~$ Z: ` - [c:\program files\google\googletoolbar2.dll] [Google Inc., 4, 0, 1606, 6690]& \: r) E9 i. y0 O
- [C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll] [Google Inc., 2, 0, 301, 7164]5 A% M+ l7 P& A) _$ X
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KASBrowserShield.DLL] [Kingsoft Corporation, 2008,04,15,2]
, @0 _/ N9 O* K5 u( G+ V, H - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddy.dll] [Kingsoft Corporation, 2008,04,15,2]# l0 f& A$ |, X+ r5 `$ U
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\IEBuddyExt.DLL] [Kingsoft Corporation, 2008,05,14,83]* d; N' m, o- i) U, T
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KANTray.dll] [Kingsoft Corporation, 2008,04,15,2]
9 F3 b6 {( p, o8 V" P4 \ l4 D4 | - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KAVAFish.DLL] [Kingsoft Corporation, 2008,05,13,78]( i4 p& s# D4 x; K5 `7 M
- [C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]/ t, r% w" f7 W3 w6 J
- [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]+ \- A8 V+ J! C1 z
- [C:\WINDOWS\system32\WN.IME] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]5 Z, N! L9 c! t* H% W
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_StatusWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]
0 i, e: w' H' B - [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_CompWnd.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]- G# C1 G$ A" T" t, f0 l i
- [C:\Program Files\ShiQiang\wnime\Dll32\wnpy_Query.dll] [深圳世强软件开发部 www.wn51.com, 2008, 3, 20, 1]8 v1 E1 C y# }
- [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.2.0.0]
/ x1 A9 P$ A- a/ D - [C:\Documents and Settings\Administrator\My Documents\SogouInput\Plugin\SgImeWord.dll] [Sogou.com Inc., 3.2.0.0]
5 |3 s- C& e- q* n# K, C - [C:\WINDOWS\system32\WINWB98.IME] [Microsoft Corporation, 4.00.950]) ]2 l( ^+ b: G. R8 {+ K6 _* Q
- [C:\WINDOWS\system32\WINWB86.IME] [Microsoft Corporation, 4.00.950]2 |5 c% J( t1 [6 ]' R% M1 d" D
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]( }" t0 B3 M n. Q, t
- [PID: 1124 / Administrator][C:\Program Files\Tencent\QQ\TXPlatform.exe] [Tencent, 1, 0, 170, 0]
8 R5 e, i7 g9 |3 q - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]* O3 I/ |2 I: e- h2 m. |# G) j2 S' F
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]
0 V) J+ r( q4 Q: ]; |/ x3 `8 i( b - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]$ l0 D$ @0 Y* l5 K; a; y
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]0 |0 K1 J/ A; O: _0 \. i0 q6 E5 a0 P
- [PID: 928 / Administrator][F:\arvmon.exe] [任软工作室, 2.2.5.201]
+ D# a5 ~% {0 B e8 O3 z9 j. a3 ~ - [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]
" L% _8 }7 J9 v2 V - [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]7 f, {) z" n* x# x& h
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]
6 u8 Z g1 {4 z* S5 T - [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]/ R* ?; Q5 V5 @8 u6 |
- [F:\Vdata.dll] [任软工作室, 2, 2, 1, 94]
8 a, n. x/ V& g+ m" ~7 {5 E - [PID: 2540 / Administrator][F:\AutoGuarder.exe] [任软工作室, 2.2.5.201]1 Z2 A; ^3 S" D* }$ n. ?2 \4 h
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]; y" c6 C) F0 ^' y4 g4 y% A! |
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]: O* \- E$ _' Z. f& O5 d8 {
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]9 z$ S: e0 E$ G n; x+ X, c
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]
. N1 }/ W6 E a - [PID: 2476 / Administrator][d:\我的文档\桌面\系统检测修复\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]5 _- I) C% ^4 ^6 P
- [C:\Program Files\360safe\safemon\safemon.dll] [360.CN, 4, 1, 5, 1001]% v+ h. e9 i1 `# m5 b
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\KMailOEBand.DLL] [Kingsoft Corporation, 2008,04,02,5]( I! y( [5 _ J# j. }5 Q
- [C:\Program Files\Kingsoft\Kingsoft Internet Security 2008\kis.dll] [Kingsoft Corporation, 2008,04,22,364]8 z D, {6 R& D b" w9 b: l; `. B
- [C:\Program Files\Tencent\QQ\DShared.dll] [Tencent, 2, 1, 0, 0]5 x: ^1 E. L. J6 o
- [d:\我的文档\桌面\系统检测修复\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]1 A/ s/ {; k8 S2 G) ?+ H; L
- ==================================
$ W' K, H/ e( {$ x5 \% h - 文件关联* D8 [6 d) M0 F
- .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1], c, z3 }3 \$ f! ~! d
- .EXE OK. ["%1" %*]
# ]9 w, Z, T8 u6 l* p/ Z - .COM OK. ["%1" %*]/ x, A+ F0 i3 p1 H
- .PIF OK. ["%1" %*]* a% E$ Y# X" U2 f( o
- .REG OK. [regedit.exe "%1"]% x# K4 w+ w) O7 q6 W
- .BAT OK. ["%1" %*]
' Q8 y: E; D. {9 b5 u - .SCR OK. ["%1" /S]; Y$ [2 I. o' M* a, n+ Z) y2 i2 A
- .CHM OK. ["C:\WINDOWS\hh.exe" %1]. R4 ?8 R: C" i [/ k
- .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
) [2 R3 O/ o. X, k: A$ U6 ? c& n - .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
0 n% T4 L/ r7 K/ d8 ~6 ] - .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]+ Y" \3 D( M6 k: O# ?4 Y* u
- .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
9 q6 i$ x0 @8 E1 z - .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
! ` G S0 Y0 w$ F* d1 k - .LNK OK. [{00021401-0000-0000-C000-000000000046}]3 k. q3 b7 l% R0 r5 Z6 B9 \+ E
- ==================================
) h5 S- |+ Y! g& n) c5 m% Z: k - Winsock 提供者
) s" M& A x I - N/A4 ^$ ]% u# m( t1 V3 p# _2 w
- ==================================3 |& r3 f0 ~3 n' Y2 Y# S1 g
- Autorun.inf& S' K1 F3 [+ g# _7 N7 n
- N/A
3 X1 X1 H' {, x4 N, a2 F% L - ==================================" e) ?5 t4 u$ a% V) Z" N+ q8 _( g
- HOSTS 文件$ @2 q& L. @" E( D. @* W
- N/A* ^$ q1 y8 v/ y
- ==================================
) M) m5 L1 \/ T# a& F9 I - 进程特权扫描
3 _- C% n) o8 ^3 p! r! c - 特殊特权被允许: SeLoadDriverPrivilege [PID = 520, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
Y0 e) R# K3 ^& _4 f! h* q - 特殊特权被允许: SeDebugPrivilege [PID = 928, F:\ARVMON.EXE]
9 O+ c3 p% h% G% L, m( U3 x - 特殊特权被允许: SeLoadDriverPrivilege [PID = 928, F:\ARVMON.EXE]
+ o( h. C) c" i/ O' u' ] - 特殊特权被允许: SeDebugPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]
; _# Y! }) g5 i - 特殊特权被允许: SeLoadDriverPrivilege [PID = 2540, F:\AUTOGUARDER.EXE]0 U {9 P! G# x Z- k3 |" F
- ==================================7 M8 N; j9 K( i* l
- API HOOK* ~2 Z+ D2 n4 f3 @3 ] ~
- N/A
2 j i# J+ V4 s7 i6 u+ k% B& u - ==================================
5 {1 b) n9 v: @& Y) f: V! d - 隐藏进程8 K1 [6 m0 o' }5 C
- N/A, e+ U6 F( Q/ b V9 h; P* E
- ==================================/ x" z h r5 G
- f% J0 p" n; B5 H8 }
|
|
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
显身卡
