救命！！ bbs.ikaka.com

酷酷小熊 - 2006-11-8 9:44:00

2006-11-08,08:22:46

System Repair Engineer 2.2.6.605
Smallfrogs (http://www.KZTechs.com)

Windows 2000 Server Service Pack 4 (Build 2195)
- 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<internat.exe><internat.exe> [(Verified)Microsoft Corporation]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><C:\WINNT\rundl132.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<CPQTEAM><cpqteam.exe> [(Verified)Hewlett-Packard Company]
<MS04_028 Memory Patch><C:\Documents and Settings\Administrator\My Documents\RavJPG.exe -Patch> [Beijing Rising Tech. Co., Ltd.]
<TPP Auto Loader><C:\WINNT\tppaldr.exe> [Cypress Semiconductor]
<LANServer><C:\WINNT\system32\LANServer.exe> [Ben Ziegler]
<RavTray><"C:\Program Files\Rising\Rav\RavTray.exe"> [Rising]
<RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system> [Beijing Rising Technology Co., Ltd.]
<ENStation><C:\WINNT\explorerb.exe> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><EXPLORER.EXE> [N/A]
<Userinit><C:\WINNT\system32\userinit.exe,> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINNT\system32\RavExt.dll> [Beijing Rising Technology Co., Ltd.]
<{6E44887F-5214-41F2-AB46-4728735C4CC6}><C:\Program Files\Internet Explorer\PLUGINS\system.sys> [N/A]
<{57B86673-276A-48B2-BAE7-C6DBB3020EB8}><D:\ewido_4.0.0.172c_3.3\shellexecutehook.dll> [Anti-Malware Development a.s.]

==================================
启动文件夹
[LANFax Manager]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\LANFax Manager.lnk --> C:\PROGRA~1\LANFAX~1\LANFAX~1\LANFAX~1.EXE [北京华录北方电子有限公司]><N>
[腾讯通]
<C:\Documents and Settings\All Users\「开始」菜单\程序\启动\腾讯通.lnk --> C:\PROGRA~1\Tencent\RTX\rtxc.exe [Tencent]><N>

==================================
服务
[ASP.NET State Service / aspnet_state]
<C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Event Notifier / CIMnotify]
<C:\WINNT\System32\CIMntfy\cimntfy.exe><Hewlett-Packard Company>
[NIC Agent / CpqNicMgmt]
<C:\WINNT\System32\CPQNiMgt\cpqnimgt.exe><Hewlett-Packard Company>
[Compaq Remote Monitor Service / CpqRcmc]
<C:\WINNT\System32\CpqRcmc.exe><Compaq>
[Version Control Agent / cpqvcagent]
<C:\Compaq\vcagent\vcagent.exe><N/A>
[Web Agent / CpqWebMgmt]
<C:\WINNT\System32\CPQMgmt\cpqwmgmt.exe><HP Corporation>
[Foundation Agent / CqMgHost]
<C:\WINNT\System32\CPQMgmt\CqMgHost\cqmghost.exe><Hewlett-Packard Company>
[Server Agents / CqMgServ]
<C:\WINNT\System32\CPQMgmt\CqMgServ\cqmgserv.exe><Hewlett-Packard Company>
[Storage Agents / CqMgStor]
<C:\WINNT\System32\CPQMgmt\CqMgStor\cqmgstor.exe><Hewlett-Packard Company>
[Logical Disk Manager Administrative Service / dmadmin]
<C:\WINNT\System32\dmadmin.exe /com><VERITAS Software Corp.>
[ewido anti-spyware 4.0 guard / ewido anti-spyware 4.0 guard]
<D:\ewido_4.0.0.172c_3.3\guard.exe><Anti-Malware Development a.s.>
[KDDelegateService / KDDelegateService]
<C:\Program Files\Kingdee\K3ERP\KDDelegateService.exe><N/A>
[Lotus Domino Server (LotusDominoData) / Lotus Domino Server (LotusDominoData)]
<e:\Lotus\Domino\nservice.exe =e:\Lotus\Domino\notes.ini><N/A>
[RavAgent / RavAgent]
<"C:\Program Files\Rising\Rav\RavAgent.exe"><北京瑞星科技股份有限公司>
[Rav Net Alert / RavAlert]
<"C:\Program Files\Rising\Rav\RavAlert.exe"><瑞星科技股份发展有限公司>
[RavService / RavService]
<"C:\Program Files\Rising\Rav\RavService.exe" /service><Beijing Rising Technology Co., Ltd.>
[RavUpdate / RavUpdate]
<"C:\Program Files\Rising\Rav\RavUpdate.exe" ><Beijing Rising Technology Co., Ltd.>
[RNReport / RNReport]
<"C:\Program Files\Rising\Rav\RNReport.exe"><瑞星科技股份发展有限公司>
[Rising Process Communication Center / RsCCenter]
<"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
<"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Surveyor / Surveyor]
<C:\compaq\survey\Surveyor.EXE><N/A>
[HP ProLiant System Shutdown Service / sysdown]
<C:\WINNT\System32\sysdown.exe><Compaq Computer Corporation>

酷酷小熊 - 2006-11-8 9:44:00

驱动程序
[Microsoft ACPI Driver / ACPI]
<\SystemRoot\System32\DRIVERS\ACPI.sys><N/A>
[adpu160m / adpu160m]
<\SystemRoot\system32\drivers\adpu160m.sys><N/A>
[AFD 网络支持环境 / AFD]
<\SystemRoot\System32\drivers\afd.sys><N/A>
[RAS Asynchronous Media Driver / AsyncMac]
<System32\DRIVERS\asyncmac.sys><N/A>
[Standard IDE/ESDI Hard Disk Controller / atapi]
<\SystemRoot\System32\DRIVERS\atapi.sys><N/A>
[atirage3 / atirage3]
<System32\DRIVERS\atimpab.sys><N/A>
[ATM ARP Client Protocol / Atmarpc]
<System32\DRIVERS\atmarpc.sys><N/A>
[Audio Stub Driver / audstub]
<System32\DRIVERS\audstub.sys><N/A>
[Rising TDI Base Driver / BaseTDI]
<System32\DRIVERS\BaseTDI.SYS><N/A>
[CD-ROM Driver / Cdrom]
<System32\DRIVERS\cdrom.sys><N/A>
[Cdsys / Cdsys]
<\??\C:\WINNT\system32\cdcd.sys><N/A>
[Network Management Protocol Driver / CNMPROT]
<System32\DRIVERS\cnmprot.sys><N/A>
[cpq32fs2 / cpq32fs2]
<\SystemRoot\system32\drivers\cpq32fs2.sys><N/A>
[Cpqarray / Cpqarray]
<\SystemRoot\system32\drivers\cpqarray.sys><N/A>
[cpqarry2 / cpqarry2]
<\SystemRoot\system32\drivers\cpqarry2.sys><N/A>
[HP ProLiant Advanced System Management Controller / cpqasm]
<System32\DRIVERS\cpqasm.sys><N/A>
[CPQCISSE / CPQCISSE]
<System32\DRIVERS\CPQCISSE.sys><N/A>
[cpqcissm / cpqcissm]
<\SystemRoot\system32\drivers\cpqcissm.sys><N/A>
[HP Network Teaming and Configuration / CPQTeam]
<System32\DRIVERS\cpqteam.sys><N/A>
[DfsDriver / DfsDriver]
<\SystemRoot\system32\drivers\Dfs.sys><N/A>
[Disk Driver / Disk]
<\SystemRoot\System32\DRIVERS\disk.sys><N/A>
[dmboot / dmboot]
<System32\drivers\dmboot.sys><N/A>
[Logical Disk Manager Driver / dmio]
<\SystemRoot\System32\drivers\dmio.sys><N/A>
[dmload / dmload]
<\SystemRoot\System32\drivers\dmload.sys><N/A>
[ewido anti-spyware 4.0 driver / ewido anti-spyware 4.0 driver]
<\??\D:\ewido_4.0.0.172c_3.3\guard.sys><N/A>
[ExpScaner / ExpScaner]
<\??\C:\Program Files\Rising\Rav\ExpScan.sys><>
[Floppy Disk Controller Driver / Fdc]
<System32\DRIVERS\fdc.sys><N/A>
[Floppy Disk Driver / Flpydisk]
<System32\DRIVERS\flpydisk.sys><N/A>
[FltMgr / FltMgr]
<\SystemRoot\system32\drivers\fltmgr.sys><N/A>
[FsVga / FsVga]
<System32\DRIVERS\fsvga.sys><N/A>
[Volume Manager Driver / Ftdisk]
<\SystemRoot\System32\DRIVERS\ftdisk.sys><N/A>
[Generic Packet Classifier / Gpc]
<System32\DRIVERS\msgpc.sys><N/A>
[HookCont / HookCont]
<\??\C:\Program Files\Rising\Rav\HOOKCONT.sys><Rising tech Co. ltd>
[HookReg / HookReg]
<\??\C:\Program Files\Rising\Rav\HookReg.sys><>
[HookSys / HookSys]
<\??\C:\Program Files\Rising\Rav\HookSys.sys><Rising>
[i8042 Keyboard and PS/2 Mouse Port Driver / i8042prt]
<System32\DRIVERS\i8042prt.sys><N/A>
[IP Traffic Filter Driver / IpFilterDriver]
<System32\DRIVERS\ipfltdrv.sys><N/A>
[IP in IP Tunnel Driver / IpInIp]
<System32\DRIVERS\ipinip.sys><N/A>
[IP Network Address Translator / IpNat]
<System32\DRIVERS\ipnat.sys><N/A>
[IPSEC driver / IPSEC]
<System32\DRIVERS\ipsec.sys><N/A>
[IR Enumerator Service / IRENUM]
<System32\DRIVERS\irenum.sys><N/A>
[PnP ISA/EISA Bus Driver / isapnp]
<\SystemRoot\System32\DRIVERS\isapnp.sys><N/A>
[Keyboard Class Driver / Kbdclass]
<System32\DRIVERS\kbdclass.sys><N/A>
[MegaIDE / MegaIDE]
<\SystemRoot\system32\drivers\MegaIDE.sys><N/A>
[MEMSCAN / MEMSCAN]
<\??\C:\Program Files\Rising\Rav\MEMSCAN.sys><瑞星软件有限公司>
[Mouse Class Driver / Mouclass]
<System32\DRIVERS\mouclass.sys><N/A>
[MRxSmb / MRxSmb]
<System32\DRIVERS\mrxsmb.sys><N/A>
[Microsoft Streaming Service Proxy / MSKSSRV]
<system32\drivers\MSKSSRV.sys><N/A>
[Microsoft Streaming Clock Proxy / MSPCLOCK]
<system32\drivers\MSPCLOCK.sys><N/A>
[Microsoft Streaming Quality Manager Proxy / MSPQM]
<system32\drivers\MSPQM.sys><N/A>
[Remote Access NDIS TAPI Driver / NdisTapi]
<System32\DRIVERS\ndistapi.sys><N/A>
[NDIS 用户模式 I/O 协议 / Ndisuio]
<System32\DRIVERS\ndisuio.sys><N/A>
[Remote Access NDIS WAN Driver / NdisWan]
<System32\DRIVERS\ndiswan.sys><N/A>
[NetBIOS Interface / NetBIOS]
<System32\DRIVERS\netbios.sys><N/A>
[NetBios over Tcpip / NetBT]
<System32\DRIVERS\netbt.sys><N/A>
[NetDetect / NetDetect]
<\SystemRoot\system32\drivers\netdtect.sys><N/A>
[New0 / New0]
<\??\C:\WINNT\System32\new.sys><N/A>
[npkcrypt / npkcrypt]
<\??\C:\Program Files\Tencent\QQ\npkcrypt.sys><INCA Internet Co., Ltd.>
[IPX Traffic Filter Driver / NwlnkFlt]
<System32\DRIVERS\nwlnkflt.sys><N/A>
[IPX Traffic Forwarder Driver / NwlnkFwd]
<System32\DRIVERS\nwlnkfwd.sys><N/A>
[Microsoft USB Open Host Controller Driver / openhci]
<System32\DRIVERS\openhci.sys><N/A>
[Parallel class driver / Parallel]
<System32\DRIVERS\parallel.sys><N/A>
[Parallel port driver / Parport]
<System32\DRIVERS\parport.sys><N/A>
[PCI Bus Driver / PCI]
<\SystemRoot\System32\DRIVERS\pci.sys><N/A>
[PCIIde / PCIIde]
<\SystemRoot\System32\DRIVERS\pciide.sys><N/A>
[WAN Miniport (PPTP) / PptpMiniport]
<System32\DRIVERS\raspptp.sys><N/A>
[Direct Parallel Link Driver / Ptilink]
<System32\DRIVERS\ptilink.sys><N/A>
[Compaq NC7760 Gigabit Server Adapter / q57w2k]
<System32\DRIVERS\q57w2k.sys><N/A>
[Remote Access Auto Connection Driver / RasAcd]
<System32\DRIVERS\rasacd.sys><N/A>
[WAN Miniport (L2TP) / Rasl2tp]
<System32\DRIVERS\rasl2tp.sys><N/A>
[Direct Parallel / Raspti]
<System32\DRIVERS\raspti.sys><N/A>
[Microsoft Streaming Network Raw Channel Access / RCA]
<system32\drivers\RCA.sys><N/A>
[Rdbss / Rdbss]
<System32\DRIVERS\rdbss.sys><N/A>
[Terminal Server Device Redirector Driver / rdpdr]
<System32\DRIVERS\rdpdr.sys><N/A>
[Digital CD Audio Playback Filter Driver / redbook]
<System32\DRIVERS\redbook.sys><N/A>
[Serenum Filter Driver / serenum]
<System32\DRIVERS\serenum.sys><N/A>
[Serial port driver / Serial]
<System32\DRIVERS\serial.sys><N/A>
[特殊目的工具驱动程序 / spud]
<\SystemRoot\System32\drivers\spud.sys><N/A>
[Srv / Srv]
<System32\DRIVERS\srv.sys><N/A>
[Software Bus Driver / swenum]
<System32\DRIVERS\swenum.sys><N/A>
[symc810 / symc810]
<\SystemRoot\System32\DRIVERS\symc810.sys><N/A>
[symc8xx / symc8xx]
<\SystemRoot\System32\DRIVERS\symc8xx.sys><N/A>
[symmpi / symmpi]
<\SystemRoot\system32\drivers\symmpi.sys><N/A>
[sym_hi / sym_hi]
<\SystemRoot\System32\DRIVERS\sym_hi.sys><N/A>
[HP ProLiant System Management Interface Driver / sysmgmt]
<System32\DRIVERS\sysmgmt.sys><N/A>
[TCP/IP Protocol Driver / Tcpip]
<System32\DRIVERS\tcpip.sys><N/A>
[Terminal Device Driver / TermDD]
<\SystemRoot\System32\drivers\termdd.sys><N/A>
[USB Storage Adapter FX (TPP) / TPPFX]
<system32\DRIVERS\TPPFX.SYS><N/A>
[Microcode Update Driver / Update]
<System32\DRIVERS\update.sys><N/A>
[Microsoft USB Standard Hub Driver / usbhub]
<System32\DRIVERS\usbhub.sys><N/A>
[USB Mass Storage Driver / USBSTOR]
<System32\DRIVERS\USBSTOR.SYS><N/A>
[VgaSave / VgaSave]
<\SystemRoot\System32\drivers\vga.sys><N/A>
[Remote Access IP ARP Driver / Wanarp]
<System32\DRIVERS\wanarp.sys><N/A>
[XPROTECTOR / XPROTECTOR]
<\??\C:\WINNT\system32\drivers\Oreans.sys><N/A>

酷酷小熊 - 2006-11-8 9:46:00

浏览器加载项
[QQ]
{c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ\QQ.EXE, N/A>
[@msdxmLC.dll,-1@2052,电台(&R)]
{8E718888-423F-11D2-876E-00A0C9082467} <C:\WINNT\system32\msdxm.ocx, Microsoft Corporation>
[WUWebControl Class]
{6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINNT\system32\wuweb.dll, Microsoft Corporation>
[NTKO OFFICE文档控件]
{C9BC4DFF-4248-4A3C-8A49-63A7D317F404} <C:\WINNT\Downloaded Program Files\OfficeControl.ocx, 千航网络[NTKO SOFTWARE] WEB:http://www.ntko.com Email: tanger@ntko.com>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINNT\system32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>
[SnSubmitControl Class]
{DD713965-ECD7-407B-A886-FCF999BB6765} <C:\WINNT\Downloaded Program Files\SubmitControl.dll, 上海盛大网络发展有限公司 <www.snda.com>>
[上传到QQ网络硬盘]
<C:\Program Files\Tencent\QQ\AddToNetDisk.htm, N/A>
[添加到QQ自定义面板]
<C:\Program Files\Tencent\QQ\AddPanel.htm, N/A>
[添加到QQ表情]
<C:\Program Files\Tencent\QQ\AddEmotion.htm, N/A>
[用QQ彩信发送该图片]
<C:\Program Files\Tencent\QQ\SendMMS.htm, N/A>

==================================
正在运行的进程
[PID: 212][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 236][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 260][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6997]
[C:\WINNT\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[PID: 288][C:\WINNT\system32\services.exe] [Microsoft Corporation, 5.00.2195.7035]
[C:\WINNT\system32\dmserver.dll] [VERITAS Software Corp., 2195.6605.297.3]
[PID: 300][C:\WINNT\system32\lsass.exe] [Microsoft Corporation, 5.00.2195.7011]
[PID: 392][C:\WINNT\System32\termsrv.exe] [Microsoft Corporation, 5.00.2195.6696]
[PID: 500][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 528][C:\Program Files\Rising\Rav\CCenter.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 544][C:\Program Files\Rising\Rav\Ravmond.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 1, 19]
[C:\Program Files\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8168.0]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 20]
[C:\Program Files\Rising\Rav\HOOKSYS.dll] [Rising, 18, 1, 0, 9]
[C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 32]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\regmon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\psapi.dll] [Microsoft Corporation, 4.00]
[C:\Program Files\Rising\Rav\HookWeb.dll] [rising, 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\MemMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\expscan.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\mPorts.dll] [Beijing Rising Technology Co., Ltd., 4, 0, 0, 3]
[C:\Program Files\Rising\Rav\MailMon.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\Rav\SpamEng.dll] [N/A, 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\engine.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 35]
[C:\Program Files\Rising\Rav\PostTrt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 18]
[C:\Program Files\Rising\Rav\UnExe.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 11]
[C:\Program Files\Rising\Rav\ScanExec.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 15]
[C:\Program Files\Rising\Rav\ScanEx.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 30]
[C:\Program Files\Rising\Rav\RSUnpack.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18]
[C:\Program Files\Rising\Rav\ExtFile.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 21]
[C:\Program Files\Rising\Rav\NvFile.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 7]
[C:\Program Files\Rising\Rav\ScanMac.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\ScanSct.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
[C:\Program Files\Rising\Rav\Unpacker.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\Rav\ExtOLE.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\ScanNet.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\Rising\Rav\ExtMail.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\ScanElf.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 3]
[PID: 584][C:\WINNT\system32\spoolsv.exe] [Microsoft Corporation, 5.00.2195.7059]
[C:\WINNT\system32\spool\DRIVERS\W32X86\3\SDNT5UI.DLL] [Zenographics, Inc., 5.50.1811.0]
[C:\WINNT\system32\spool\DRIVERS\W32X86\3\SDDM32.DLL] [Zenographics, Inc., 5, 52, 1023, 0]
[C:\WINNT\system32\spool\DRIVERS\W32X86\3\ZSPOOL.dll] [Zenographics, Inc., 5, 51, 709, 0]
[C:\WINNT\system32\spool\DRIVERS\W32X86\3\ZGDI32.dll] [Zenographics, Inc., 5, 51, 628, 0]
[C:\WINNT\system32\spool\DRIVERS\W32X86\3\ZTAG32.dll] [Zenographics, Inc., 5, 50, 1725, 0]
[C:\WINNT\system32\spool\DRIVERS\W32X86\3\SDDMUI.DLL] [Zenographics, Inc., 5, 51, 1211, 0]
[C:\WINNT\system32\spool\DRIVERS\W32X86\3\ZLANG.dll] [Zenographics, Inc., 1, 2, 1414, 0]
[C:\WINNT\system32\spool\DRIVERS\W32X86\3\SR32.dll] [Zenographics, Inc., 5, 54, 315, 0]
[PID: 660][C:\Program Files\Rising\Rav\RavStub.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 920][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 956][C:\WINNT\System32\llssrv.exe] [Microsoft Corporation, 5.00.2195.7021]
[PID: 988][e:\Lotus\Domino\nservice.exe] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[PID: 1020][C:\Program Files\Rising\Rav\RavAgent.exe] [北京瑞星科技股份有限公司, 18, 0, 1, 28]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8168.0]
[C:\Program Files\Rising\Rav\RsCommx.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\Strategy.dll] [Rising, 18, 0, 0, 10]
[PID: 1036][C:\Program Files\Rising\Rav\RavAlert.exe] [瑞星科技股份发展有限公司, 18, 0, 0, 27]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8168.0]
[C:\Program Files\Rising\Rav\RsCommx.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\PlugIn\RptMC.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\PlugIn\AltP936.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\PlugIn\MalAlrt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\PlugIn\TrpPlgIn.dll] [, 18, 0, 0, 6]
[C:\Program Files\Rising\Rav\RsSnmp.dll] [, 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\PlugIn\MBPlgIn.dll] [, 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\PlugIn\NLPlgIn.dll] [, 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\PlugIn\RptUpCT.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 6]

酷酷小熊 - 2006-11-8 9:47:00

[PID: 1064][C:\Program Files\Rising\Rav\RavService.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 43]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8168.0]
[C:\Program Files\Rising\Rav\DLCenter.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[PID: 1096][C:\Program Files\Rising\Rav\RavUpdate.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 36]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8168.0]
[C:\Program Files\Rising\Rav\DLCenter.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 27]
[C:\Program Files\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[PID: 1140][e:\Lotus\Domino\nSERVER.EXE] [N/A, N/A]
[e:\Lotus\Domino\nserverl.dll] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[e:\Lotus\Domino\nTCP.DLL] [N/A, N/A]
[e:\Lotus\Domino\nNTCP.DLL] [N/A, N/A]
[e:\Lotus\Domino\kvfilter.dll] [Verity, Inc., Build 1453]
[e:\Lotus\Domino\nFTGTR34.DLL] [N/A, N/A]
[e:\Lotus\Domino\gtr34nts.dll] [N/A, N/A]
[e:\Lotus\Domino\nlxlid102.dll] [N/A, N/A]
[e:\Lotus\Domino\nlxrt22.dll] [N/A, N/A]
[e:\Lotus\Domino\nlxsum22.dll] [N/A, N/A]
[PID: 1224][C:\Program Files\Rising\Rav\RNReport.exe] [瑞星科技股份发展有限公司, 18, 0, 0, 10]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8168.0]
[C:\Program Files\Rising\Rav\RsCommx.dll] [rising, 18, 0, 0, 1]
[PID: 1380][C:\WINNT\System32\locator.exe] [Microsoft Corporation, 5.00.2195.6619]
[PID: 1400][C:\WINNT\system32\MSTask.exe] [Microsoft Corporation, 4.71.2195.6972]
[PID: 1452][C:\WINNT\System32\snmp.exe] [Microsoft Corporation, 5.00.2195.6605]
[C:\WINNT\System32\CPQMgmt\CqMgHost\HOSTMIB.DLL] [N/A, N/A]
[C:\WINNT\System32\CQHSTUTL.dll] [N/A, N/A]
[C:\WINNT\system32\cpqmgmt\CqMgHost\hostsnmp.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgHost\CPQMIB1K.DLL] [N/A, N/A]
[C:\WINNT\System32\CPQNiMgt\CPQNIMIB.DLL] [N/A, N/A]
[C:\WINNT\system32\cpqnimgt\w2kmgdll.dll] [N/A, N/A]
[C:\WINNT\system32\cpqnimgt\cqnisnmp.dll] [N/A, N/A]
[C:\WINNT\system32\sm2user.dll] [Hewlett-Packard Company, 6.30.0.0]
[C:\WINNT\System32\CPQNiMgt\NICMIB.DLL] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgStor\STORMIB.DLL] [N/A, N/A]
[C:\WINNT\System32\cqstrutl.dll] [N/A, N/A]
[C:\WINNT\system32\cpqmgmt\cqmgstor\storsnmp.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgServ\SERVMIB.DLL] [N/A, N/A]
[C:\WINNT\System32\cqsrvutl.dll] [N/A, N/A]
[C:\WINNT\system32\cpqmgmt\cqmgserv\servsnmp.dll] [N/A, N/A]
[PID: 1496][C:\WINNT\System32\lserver.exe] [Microsoft Corporation, 5.00.2195.6701]
[PID: 1536][C:\WINNT\system32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 1552][C:\WINNT\System32\CPQNiMgt\cpqnimgt.exe] [Hewlett-Packard Company, 6.30.0.0]
[C:\WINNT\System32\CPQNiMgt\w2kmgdll.dll] [N/A, N/A]
[PID: 1596][e:\Lotus\Domino\nRouter.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[e:\Lotus\Domino\nNTCP.DLL] [N/A, N/A]
[e:\Lotus\Domino\nTCP.DLL] [N/A, N/A]
[PID: 1780][C:\WINNT\System32\CPQMgmt\CqMgServ\cqmgserv.exe] [Hewlett-Packard Company, 6.30.0.0]
[C:\WINNT\System32\CPQMgmt\CqMgServ\CQMGSERV.dll] [N/A, N/A]
[C:\WINNT\system32\cqsrvutl.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgServ\CPQHLTH.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgServ\SERVALRT.dll] [N/A, N/A]
[PID: 1808][C:\WINNT\System32\CPQMgmt\CqMgStor\cqmgstor.exe] [Hewlett-Packard Company, 6.30.0.0]
[C:\WINNT\System32\CPQMgmt\CqMgStor\CQMGSTOR.dll] [N/A, N/A]
[C:\WINNT\system32\cqstrutl.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgStor\CPQIDE.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgStor\CPQMSCSI.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgStor\CPQMDISK.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgStor\CPQMIDA.dll] [N/A, N/A]
[C:\WINNT\system32\CQHSTUTL.DLL] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgStor\CPQFCA.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgStor\STORALRT.dll] [N/A, N/A]
[PID: 1872][C:\WINNT\System32\dns.exe] [Microsoft Corporation, 5.00.2195.6715]
[PID: 1920][C:\WINNT\system32\inetsrv\inetinfo.exe] [Microsoft Corporation, 5.00.0984]
[C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_filter.dll] [Microsoft Corporation, 1.1.4322.573]
[C:\WINNT\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll] [Microsoft Corporation, 1.1.4322.2032]
[PID: 1928][e:\Lotus\Domino\nReplica.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\nTCP.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[PID: 2148][e:\Lotus\Domino\nUpdate.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[e:\Lotus\Domino\nFTGTR34.DLL] [N/A, N/A]
[e:\Lotus\Domino\gtr34nts.dll] [N/A, N/A]
[e:\Lotus\Domino\nlxlid102.dll] [N/A, N/A]
[e:\Lotus\Domino\nlxrt22.dll] [N/A, N/A]
[e:\Lotus\Domino\nlxsum22.dll] [N/A, N/A]
[e:\Lotus\Domino\kvfilter.dll] [Verity, Inc., Build 1453]
[PID: 2196][C:\WINNT\System32\CPQMgmt\CqMgHost\cqmghost.exe] [Hewlett-Packard Company, 6.30.0.0]
[C:\WINNT\System32\CPQMgmt\CqMgHost\CQMGHOST.dll] [N/A, N/A]
[C:\WINNT\system32\CQHSTUTL.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgHost\CPQMHOST.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgHost\CPQPERF.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgHost\CPQSTAT.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgHost\CPQSWV.dll] [Hewlett-Packard Company, 6.30.0.0]
[C:\WINNT\System32\CPQMgmt\CqMgHost\CPQTHRSH.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CqMgHost\HOSTALRT.dll] [N/A, N/A]
[PID: 2272][C:\WINNT\System32\CPQMgmt\cpqwmgmt.exe] [HP Corporation, 6.30.0.0]
[C:\WINNT\System32\CPQMgmt\CPQWEBAG.dll] [HP Corporation, 6.30.0.0]
[C:\WINNT\System32\CPQMgmt\MSVCP60.dll] [Microsoft Corporation, 6.00.8168.0]
[C:\WINNT\System32\CPQMgmt\XPath.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\xerces-c_1_3.dll] [Apache Software Foundation, 1, 3, 0]
[C:\WINNT\System32\CPQMgmt\PlatformSupport.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\XalanDOM.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\DOMSupport.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\XercesParserLiaison.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\XMLSupport.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\XSLT.dll] [N/A, N/A]
[C:\WINNT\System32\CPQMgmt\CpqHMMO.dll] [HP, 5.5.0]
[C:\WINNT\System32\CPQMgmt\expat.dll] [N/A, N/A]
[PID: 2280][e:\Lotus\Domino\nAmgr.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[PID: 2348][e:\Lotus\Domino\namgr.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\nlsxbe.DLL] [N/A, N/A]
[e:\Lotus\Domino\LTOUIN22.dll] [Lotus Development Corporation., 2.2.0.8911]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[e:\Lotus\Domino\javai.DLL] [N/A, N/A]
[e:\Lotus\Domino\zip.dll] [N/A, N/A]
[PID: 2364][e:\Lotus\Domino\nAdminP.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[PID: 2372][e:\Lotus\Domino\nCalConn.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[PID: 2400][e:\Lotus\Domino\nEvent.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[PID: 2388][e:\Lotus\Domino\nSched.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[e:\Lotus\Domino\nTCP.DLL] [N/A, N/A]

酷酷小熊 - 2006-11-8 9:48:00

[PID: 2496][e:\Lotus\Domino\nStats.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[PID: 2532][e:\Lotus\Domino\nPOP3.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[e:\Lotus\Domino\nTCP.DLL] [N/A, N/A]
[e:\Lotus\Domino\nNTCP.DLL] [N/A, N/A]
[PID: 2552][e:\Lotus\Domino\nDECS.EXE] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[e:\Lotus\Domino\NLCHTAPI.dll] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[PID: 1560][e:\Lotus\Domino\nmaps.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[PID: 2380][e:\Lotus\Domino\nSMTP.EXE] [N/A, N/A]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[e:\Lotus\Domino\namhook.DLL] [N/A, N/A]
[e:\Lotus\Domino\ndecsext.DLL] [N/A, N/A]
[e:\Lotus\Domino\NLCAPI.dll] [N/A, N/A]
[e:\Lotus\Domino\nTCP.DLL] [N/A, N/A]
[e:\Lotus\Domino\nNTCP.DLL] [N/A, N/A]
[PID: 2544][C:\WINNT\System32\WBEM\WinMgmt.exe] [Microsoft Corporation, 1.50.1085.0100]
[C:\WINNT\system32\mscoree.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINNT\Microsoft.NET\Framework\v1.1.4322\CorperfmonExt.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINNT\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[e:\Lotus\Domino\nnotes.dll] [N/A, N/A]
[e:\Lotus\Domino\js32.dll] [N/A, N/A]
[e:\Lotus\Domino\NLSCCSTR.DLL] [N/A, N/A]
[e:\Lotus\Domino\NSTRINGS.DLL] [N/A, N/A]
[PID: 484][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 1956][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6997]
[PID: 2644][\??\C:\WINNT\system32\csrss.exe] [Microsoft Corporation, 5.00.2195.6601]
[PID: 2668][\??\C:\WINNT\system32\winlogon.exe] [Microsoft Corporation, 5.00.2195.6997]
[PID: 2952][C:\WINNT\system32\conime.exe] [Microsoft Corporation, 5.00.2195.6655]
[C:\WINNT\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[PID: 3076][C:\WINNT\System32\svchost.exe] [Microsoft Corporation, 5.00.2134.1]
[PID: 3044][C:\Program Files\Rising\Rav\RavControl.exe] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 71]
[C:\Program Files\Rising\Rav\Comm.dll] [北京瑞星科技股份有限公司, 18, 0, 0, 36]
[C:\WINNT\system32\MSVCP60.dll] [Microsoft Corporation, 6.00.8168.0]
[C:\Program Files\Rising\Rav\RavUILib.dll] [, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\RavControl936.dll] [瑞星科技股份发展有限公司, 18, 0, 0, 71]
[C:\WINNT\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[C:\Program Files\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[C:\Program Files\Rising\Rav\RsCommx.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\Rising\Rav\libload.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\Program Files\Rising\Rav\VirusLib.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 10]
[C:\WINNT\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
[D:\ewido_4.0.0.172c_3.3\shellexecutehook.dll] [Anti-Malware Development a.s., 4, 0, 0, 172]
[PID: 3188][C:\Program Files\LANFax Suite\LANFax Manager\LANFax Conversion.exe] [, 1, 0, 2, 1]
[C:\WINNT\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[PID: 3260][C:\WINNT\system32\dllhost.exe] [Microsoft Corporation, 5.00.2195.6692]
[PID: 3356][C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINNT\Microsoft.NET\Framework\v1.1.4322\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINNT\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINNT\system32\mscoree.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINNT\Microsoft.NET\Framework\v1.1.4322\mscorsvr.dll] [Microsoft Corporation, 1.1.4322.2032]
[C:\WINNT\Microsoft.NET\Framework\v1.1.4322\fusion.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\microsoft.net\framework\v1.1.4322\mscorlib.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_1a0a6180\mscorlib.dll] [N/A, N/A]
[c:\winnt\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll] [Microsoft Corporation, 1.1.4322.2037]
[c:\winnt\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\system.data\1.0.5000.0__b77a5c561934e089\system.data.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\system.enterpriseservices\1.0.5000.0__b03f5f7f11d50a3a\system.enterpriseservices.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\system.web.regularexpressions\1.0.5000.0__b03f5f7f11d50a3a\system.web.regularexpressions.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\microsoft.visualc\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualc.dll] [Microsoft Corporation, 7.10.3052.4]
[c:\winnt\assembly\gac\system.directoryservices\1.0.5000.0__b03f5f7f11d50a3a\system.directoryservices.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\system.runtime.serialization.formatters.soap\1.0.5000.0__b03f5f7f11d50a3a\system.runtime.serialization.formatters.soap.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll] [ , 7.10.3052.4]
[C:\WINNT\Microsoft.NET\Framework\v1.1.4322\MSCORJIT.DLL] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\system.web.mobile\1.0.5000.0__b03f5f7f11d50a3a\system.web.mobile.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\system.design\1.0.5000.0__b03f5f7f11d50a3a\system.design.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll] [Microsoft Corporation, 1.1.4322.2032]
[c:\winnt\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll] [Microsoft Corporation, 1.1.4322.573]
[PID: 3696][D:\ewido_4.0.0.172c_3.3\ewido.exe] [Anti-Malware Development a.s., 4, 0, 0, 172]
[D:\ewido_4.0.0.172c_3.3\engine.dll] [Anti-Malware Development a.s., 4, 0, 0, 172]
[C:\WINNT\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[PID: 3192][C:\Program Files\LANFax Suite\LANFax Manager\LANFax Manager.exe] [北京华录北方电子有限公司, 6, 5, 6, 0]
[C:\Program Files\LANFax Suite\LANFax Manager\LanFax.dll] [北京华录北方电子有限责任公司, 9, 1, 5, 0]
[C:\Program Files\LANFax Suite\LANFax Manager\lmsch.dll] [北京华录北方电子有限公司, 6, 5, 6, 0]
[C:\WINNT\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[PID: 3976][C:\WINNT\explorer.exe] [Microsoft Corporation, 5.00.3700.6690]
[C:\WINNT\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[C:\WINNT\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 19]
[D:\ewido_4.0.0.172c_3.3\shellexecutehook.dll] [Anti-Malware Development a.s., 4, 0, 0, 172]
[C:\WINNT\system32\c_g18030.dll] [Microsoft Corporation, 5.2.3663.0 (main.020715-1506)]
[C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 4]
[PID: 3960][D:\SREng\SREng.exe] [Smallfrogs Studio, 2.2.6.605]
[C:\WINNT\system32\UNISPIM.IME] [北京清华紫光软件股份有限公司, 3.0.0.3045]
[D:\SREng\Plugins\SRECXTMG.SRE] [Smallfrogs Studio, 1, 5, 0, 55]

==================================
文件关联
.TXT Error. [NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM Error. ["C:\WINNT\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1 localhost

瑞星卡卡安全论坛