[CODE]

2008-05-22,13:26:53

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows Server 2003 Enterprise Edition Service Pack 1 (Build 3790) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><D:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <IMJPMIG8.1><"D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <IMEKRMIG6.1><D:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002ASync><D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><D:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
    <360Safetray><c:\Program Files\360safe\safemon\360tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <RavTask><"e:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><D:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <UIHost><%SystemRoot%\system32\logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><D:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection D:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><D:\WINDOWS\system32\Rundll32.exe D:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
[服务管理器]
  <D:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动\服务管理器.lnk --> D:\PROGRA~1\MICROS~3\80\Tools\Binn\sqlmangr.exe [Microsoft Corporation]><N>
[U8定时任务管理器]
  <D:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动\U8定时任务管理器.lnk --> D:\WINDOWS\system32\UFTASK~1.EXE [用友软件公司]><N>
[U8预警服务]
  <D:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动\U8预警服务.lnk --> D:\WINDOWS\system32\UFALER~1.EXE [用友软件公司]><N>
[U8加密服务]
  <D:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动\U8加密服务.lnk --> D:\WINDOWS\system32\UFAUTH~1.EXE [用友软件公司]><N>
[Microsoft Office]
  <D:\Documents and Settings\All Users.WINDOWS\「开始」菜单\程序\启动\Microsoft Office.lnk --> E:\PROGRA~1\MICROS~2\Office10\OSA.EXE [Microsoft Corporation]><N>

==================================
服务
[Microsoft Search / MSSEARCH][Running/Auto Start]
  <"D:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe"><Microsoft Corporation>
[MSSQLSERVER / MSSQLSERVER][Running/Auto Start]
  <D:\PROGRA~1\MICROS~3\MSSQL\binn\sqlservr.exe><Microsoft Corporation>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"e:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"E:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[SQLSERVERAGENT / SQLSERVERAGENT][Stopped/Manual Start]
  <D:\PROGRA~1\MICROS~3\MSSQL\binn\sqlagent.exe><Microsoft Corporation>
[U8BackupService / U8BackupService][Running/Auto Start]
  <D:\WINDOWS\system32\U8BackupService.exe><N/A>
[UFSoft SMS Platform / U8SmsSrv][Running/Auto Start]
  <D:\WINDOWS\system32\U8SMSSRV.exe><N/A>
[U8TaskService / U8TaskService][Running/Auto Start]
  <D:\WINDOWS\system32\U8TaskService.exe><N/A>
[用友U8预警调度服务 / UFALERTSERVICE][Running/Auto Start]
  <D:\WINDOWS\system32\AlertService.exe><N/A>
[UfAutoLoadService / UfAutoLoadService][Running/Auto Start]
  <D:\WINDOWS\system32\UfAutoLoadService.exe><>
[UfMsgGhost / UfMsgGhost][Running/Auto Start]
  <D:\WINDOWS\system32\MsgGhost.exe><>
[U8管理软件 / UFNet][Running/Auto Start]
  <D:\WINDOWS\system32\ServerNT.exe><N/A>
[用友U8任务调度服务 / UFTASKSCHEDULESERVICE][Running/Auto Start]
  <D:\WINDOWS\system32\U8TaskScheduleService.exe><ufsoft>

==================================
驱动程序
[Intel(R) PRO Network Connection Driver / E100B][Running/Manual Start]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Stopped/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
  <system32\DRIVERS\ipinip.sys><N/A>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[Senselock SenseIV v2.x Service / sense4v2][Running/Manual Start]
  <System32\Drivers\sense4v2.sys><Beijing Senselock Corp.>
[SureDrv / SureDrv][Stopped/Manual Start]
  <\??\J:\bin\java\win\bin\SureDrv32.sys><N/A>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\D:\WINDOWS\system32\TesSafe.sys><TENCENT>

==================================
浏览器加载项
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <c:\Program Files\360safe\safemon\safemon.dll, 360.CN>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <D:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <D:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <E:\Program Files\Alisoft\WangWang\WangWangX6.dll, 阿里巴巴软件(上海)有限公司>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <c:\Program Files\360safe\live.dll, 360.cn>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <D:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[RavOnline Class]
  {9FAFB576-6933-4CCC-AB3D-B988EC43D04E} <D:\WINDOWS\Downloaded Program Files\RavOLCtl.dll, Beijing Rising Technology Co., Ltd.>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <D:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <D:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <D:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[导出到 Microsoft Excel(&x)]
  <res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000, N/A>

==================================
正在运行的进程
[PID: 440 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 620 / SYSTEM][\??\D:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 652 / SYSTEM][\??\D:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 712 / SYSTEM][D:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 724 / SYSTEM][D:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)]
[PID: 916 / SYSTEM][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 1016 / NETWORK SERVICE][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 1064 / SYSTEM][e:\Program Files\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.28]
[PID: 1116 / NETWORK SERVICE][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 1132 / LOCAL SERVICE][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 1240 / SYSTEM][E:\PROGRAM FILES\RISING\RAV\ravmond.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.75]
    [E:\PROGRAM FILES\RISING\RAV\BWList.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.4]
    [D:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [E:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [E:\PROGRAM FILES\RISING\RAV\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [E:\PROGRAM FILES\RISING\RAV\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.34]
    [E:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\PROGRAM FILES\RISING\RAV\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [E:\PROGRAM FILES\RISING\RAV\Hooksys.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 9]
    [E:\PROGRAM FILES\RISING\RAV\HookReg.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 4]
    [E:\PROGRAM FILES\RISING\RAV\HookNtos.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
    [E:\PROGRAM FILES\RISING\RAV\rswalmon.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]
    [E:\PROGRAM FILES\RISING\RAV\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 35]
    [E:\PROGRAM FILES\RISING\RAV\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 15]
    [E:\PROGRAM FILES\RISING\RAV\ffr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
    [e:\Program Files\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.8]
    [E:\PROGRAM FILES\RISING\RAV\HookCont.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]
    [e:\Program Files\Rising\Rav\fakescan.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.13]
    [e:\Program Files\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.36]
    [E:\PROGRAM FILES\RISING\RAV\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [E:\PROGRAM FILES\RISING\RAV\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
    [E:\PROGRAM FILES\RISING\RAV\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.2]
    [E:\PROGRAM FILES\RISING\RAV\nvfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [E:\PROGRAM FILES\RISING\RAV\extfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
    [E:\PROGRAM FILES\RISING\RAV\pearc.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [E:\PROGRAM FILES\RISING\RAV\scanexec.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [E:\PROGRAM FILES\RISING\RAV\unexe.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [E:\PROGRAM FILES\RISING\RAV\scanex.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 58]
    [E:\PROGRAM FILES\RISING\RAV\scanpack.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [E:\PROGRAM FILES\RISING\RAV\revm.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
    [E:\PROGRAM FILES\RISING\RAV\urutils.dll]  [, 20, 0, 0, 5]
    [E:\PROGRAM FILES\RISING\RAV\ur000.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
    [E:\PROGRAM FILES\RISING\RAV\scriptci.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [E:\PROGRAM FILES\RISING\RAV\uroutine.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [E:\PROGRAM FILES\RISING\RAV\scansct.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
    [E:\PROGRAM FILES\RISING\RAV\ur001.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [E:\PROGRAM FILES\RISING\RAV\ur023.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 1248 / SYSTEM][D:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 1564 / SYSTEM][E:\PROGRAM FILES\RISING\RAV\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.9]
    [E:\PROGRAM FILES\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\PROGRAM FILES\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [E:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
[PID: 1736 / SYSTEM][D:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
    [D:\WINDOWS\system32\CNAP1NP.DLL]  [CANON INC., 1.44.0.002]
    [D:\WINDOWS\system32\CNAB6LMK.DLL]  [CANON INC., 3.00.0.003]
    [D:\WINDOWS\system32\CNAB6SMK.DLL]  [CANON INC., 3.00.0.003]
    [D:\WINDOWS\system32\CNAB6PTU.DLL]  [CANON INC., 3.00.0.003]
    [D:\WINDOWS\system32\CNAB6EMU.DLL]  [CANON INC., 3.00.0.003]
[PID: 1792 / NETWORK SERVICE][D:\WINDOWS\system32\msdtc.exe]  [Microsoft Corporation, 2001.12.4720.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 1976 / SYSTEM][D:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 180 / SYSTEM][D:\WINDOWS\system32\inetsrv\inetinfo.exe]  [Microsoft Corporation, 6.0.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 344 / Administrator][D:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]
    [c:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]
    [D:\WINDOWS\system32\MsgBoxHook.dll]  [, 1, 0, 0, 1]
    [D:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [e:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [E:\Program Files\Microsoft Office\Office10\msohev.dll]  [Microsoft Corporation, 10.0.2609]
    [D:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [e:\Program Files\WinRAR\rarext.dll]  [N/A, ]
[PID: 604 / SYSTEM][D:\PROGRA~1\MICROS~3\MSSQL\binn\sqlservr.exe]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\PROGRA~1\MICROS~3\MSSQL\binn\opends60.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\PROGRA~1\MICROS~3\MSSQL\binn\sqlsort.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\PROGRA~1\MICROS~3\MSSQL\binn\ums.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\PROGRA~1\MICROS~3\MSSQL\binn\Resources\2052\sqlevn70.RLL]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\Program Files\Microsoft SQL Server\MSSQL\binn\SSNETLIB.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\PROGRA~1\MICROS~3\MSSQL\binn\SSmsLPCn.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\PROGRA~1\MICROS~3\MSSQL\binn\SSnmPN70.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\Program Files\Microsoft SQL Server\MSSQL\binn\SQLFTQRY.DLL]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\Program Files\Common Files\System\Ole DB\sqloledb.dll]  [Microsoft Corporation, 2000.086.1830.00 (srv03_sp1_rtm.050324-1447)]
[PID: 596 / SYSTEM][D:\WINDOWS\system32\CNAB6RPK.EXE]  [CANON INC., 3.00.0.003]
[PID: 1096 / LOCAL SERVICE][D:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 1804 / SYSTEM][D:\WINDOWS\system32\U8BackupService.exe]  [N/A, ]
    [D:\WINDOWS\system32\SecuComm.dll]  [N/A, ]
    [D:\WINDOWS\system32\UFCOMSQL\UFBackPlan.dll]  [北京用友软件股份有限公司, 8.50.0039]
    [D:\WINDOWS\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9782]
    [D:\WINDOWS\system32\vb6chs.dll]  [Microsoft Corporation, 6.00.8988]
    [D:\Program Files\Common Files\System\Ole DB\sqloledb.dll]  [Microsoft Corporation, 2000.086.1830.00 (srv03_sp1_rtm.050324-1447)]
    [D:\WINDOWS\system32\DBNETLIB.DLL]  [Microsoft Corporation, 2000.086.1830 (srv03_sp1_rtm.050324-1447)]
    [D:\WINDOWS\system32\DBnmpNTw.dll]  [Microsoft Corporation, 2000.086.1830 (srv03_sp1_rtm.050324-1447)]
    [D:\Program Files\Common Files\System\Ole DB\SQLOLEDB.RLL]  [Microsoft Corporation, 2000.086.1830.00 (srv03_sp1_rtm.050324-1447)]
[PID: 2116 / SYSTEM][D:\WINDOWS\system32\U8SMSSRV.exe]  [N/A, ]
[PID: 2152 / SYSTEM][D:\WINDOWS\system32\U8TaskService.exe]  [N/A, ]
    [D:\WINDOWS\system32\UFCOMSQL\U8TaskPro.dll]  [ufsoft, 8.61]
    [D:\WINDOWS\system32\MSVBVM60.DLL]  [Microsoft Corporation, 6.00.9782]
    [D:\WINDOWS\system32\vb6chs.dll]  [Microsoft Corporation, 6.00.8988]
    [D:\WINDOWS\system32\Client.DLL]  [, 1, 0, 0, 1]
    [D:\WINDOWS\system32\UMIscell.dll]  [, 1, 0, 0, 1]
    [D:\WINDOWS\system32\M80SGV.dll]  [, 8, 2, 0, 0]
    [D:\Program Files\Common Files\System\Ole DB\sqloledb.dll]  [Microsoft Corporation, 2000.086.1830.00 (srv03_sp1_rtm.050324-1447)]
    [D:\WINDOWS\system32\DBNETLIB.DLL]  [Microsoft Corporation, 2000.086.1830 (srv03_sp1_rtm.050324-1447)]
    [D:\WINDOWS\system32\DBmsLPCn.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[PID: 2236 / SYSTEM][D:\WINDOWS\system32\AlertService.exe]  [N/A, ]
    [D:\WINDOWS\system32\AlertDispatcher.dll]  [, 1, 0, 0, 1]
[PID: 2256 / SYSTEM][D:\WINDOWS\system32\MsgGhost.exe]  [, 1, 0, 0, 1]
[PID: 2304 / Administrator][c:\Program Files\360safe\safemon\360tray.exe]  [奇虎网, 4, 1, 8, 1002]
    [c:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]
    [c:\Program Files\360safe\safemon\SafeKrnl.dll]  [奇虎网, 4, 1, 8, 1001]
    [c:\Program Files\360safe\AntiAdwa.dll]  [360Safe.com, 4, 1, 5, 1001]
    [C:\Program Files\360safe\live.dll]  [360.cn, 1, 0, 1, 1027]
    [D:\WINDOWS\system32\MsgBoxHook.dll]  [, 1, 0, 0, 1]
[PID: 2344 / Administrator][e:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.23]
    [e:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [e:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [e:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [e:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [e:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
[PID: 2364 / SYSTEM][D:\WINDOWS\system32\ServerNT.exe]  [N/A, ]
    [D:\WINDOWS\system32\UMiscell.dll]  [, 1, 0, 0, 1]
    [D:\WINDOWS\system32\M80SGV.dll]  [, 8, 2, 0, 0]
    [D:\WINDOWS\system32\SecuComm.dll]  [N/A, ]
[PID: 2388 / Administrator][D:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 2412 / Administrator][e:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 20.0.01.14]
    [D:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [D:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [e:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [e:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [e:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [e:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 35]
    [e:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 15]
    [e:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [e:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
    [e:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [e:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [e:\Program Files\Rising\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [e:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [e:\Program Files\Rising\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
    [e:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 2424 / Administrator][D:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\WINDOWS\system32\SQLUNIRL.dll]  [Microsoft Corporation, 2000.080.0728.00]
    [D:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\Program Files\Microsoft SQL Server\80\Tools\Binn\W95SCM.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLSVC.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\WINDOWS\system32\odbcbcp.dll]  [Microsoft Corporation, 2000.086.1830.00 (srv03_sp1_rtm.050324-1447)]
    [D:\Program Files\Microsoft SQL Server\80\Tools\Binn\SQLRESLD.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [D:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\SQLSVC.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [D:\Program Files\Microsoft SQL Server\80\Tools\Binn\Resources\2052\sqlmangr.RLL]  [Microsoft Corporation, 2000.080.0194.00]
    [c:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]
    [D:\WINDOWS\system32\MsgBoxHook.dll]  [, 1, 0, 0, 1]
[PID: 2472 / Administrator][D:\WINDOWS\system32\UfTaskSvrMgr.exe]  [用友软件公司, 1, 0, 0, 1]
    [D:\WINDOWS\system32\MultiLang.dll]  [UFIDA, 8, 61, 0, 0]
    [e:\U8SOFT\Resources\UfTaskSvrMgrzh-CN.dll]  [用友软件公司, 1, 0, 0, 1]
    [c:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]
    [D:\WINDOWS\system32\MsgBoxHook.dll]  [, 1, 0, 0, 1]
[PID: 2476 / SYSTEM][D:\WINDOWS\system32\U8TaskScheduleService.exe]  [ufsoft, 1, 0, 0, 1]
    [D:\WINDOWS\system32\TaskDispatcher.dll]  [, 1, 0, 0, 1]
[PID: 2540 / Administrator][D:\WINDOWS\system32\UfAlertSvrMgr.exe]  [用友软件公司, 1, 0, 0, 1]
    [D:\WINDOWS\system32\MultiLang.dll]  [UFIDA, 8, 61, 0, 0]
    [e:\U8SOFT\Resources\UfAlertSvrMgrzh-CN.dll]  [用友软件公司, 1, 0, 0, 1]
    [c:\Program Files\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1001]
    [D:\WINDOWS\system32\MsgBoxHook.dll]  [, 1, 0, 0, 1]
[PID: 2660 / Administrator][D:\WINDOWS\system32\UfAuthSvrMgr.exe]  [用友软件公司, 1, 0, 0, 1]
    [D:\WINDOWS\system32\MultiLang.dll]  [UFIDA, 8, 61, 0, 0]
    [e:\U8SOFT\Resources\UfAuthSvrMgrzh-CN.dll]  [用友软件公司, 1, 0, 0, 1]
    [D:\WINDOWS\system32\MsgBoxHook.dll]  [, 1, 0, 0, 1]
[PID: 2672 / SYSTEM][D:\Program Files\Common Files\System\MSSearch\Bin\mssearch.exe]  [Microsoft Corporation, 9.107.5512.0]
    [D:\Program Files\Common Files\System\MSSearch\Bin\mssws.dll]  [Microsoft Corporation, 9.107.5512.0]
    [D:\PROGRA~1\COMMON~1\System\MSSearch\Bin\mssrch.dll]  [Microsoft Corporation, 9.107.5512.0]
    [D:\Program Files\Common Files\System\MSSearch\Bin\tquery.dll]  [Microsoft Corporation, 9.107.5512.0]
    [D:\PROGRA~1\COMMON~1\System\MSSearch\Bin\propdefs.dll]  [Microsoft Corporation, 9.107.5512.0]
    [D:\PROGRA~1\COMMON~1\System\MSSearch\Bin\srchidx.dll]  [Microsoft Corporation, 9.107.5512.0]
[PID: 2904 / SYSTEM][D:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 3056 / SYSTEM][D:\WINDOWS\system32\UfAutoLoadService.exe]  [, 1, 0, 0, 1]
[PID: 3264 / SYSTEM][D:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 3296 / SYSTEM][D:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 3216 / SYSTEM][D:\WINDOWS\system32\wbem\wmiprvse.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
[PID: 3464 / Administrator][D:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)]
    [D:\WINDOWS\system32\MsgBoxHook.dll]  [, 1, 0, 0, 1]
    [E:\Program Files\Microsoft Office\Office10\msohev.dll]  [Microsoft Corporation, 10.0.2609]
    [e:\Program Files\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [D:\WINDOWS\system32\UNISPIM.IME]  [北京清华紫光软件股份有限公司, 3.0.0.0 alpha 21225]
    [D:\WINDOWS\system32\upengine.dll]  [北京清华紫光软件股份有限公司, 3.0.0.0 alpha 21225]
    [D:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [E:\Program Files\Alisoft\WangWang\WangWangX6.dll]  [阿里巴巴软件(上海)有限公司, 1, 0, 0, 5]
[PID: 3600 / Administrator][D:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)]
    [D:\WINDOWS\system32\MsgBoxHook.dll]  [, 1, 0, 0, 1]
[PID: 1040 / NETWORK SERVICE][d:\windows\system32\inetsrv\w3wp.exe]  [Microsoft Corporation, 6.0.3790.1830 (srv03_sp1_rtm.050324-1447)]
    [\\?\D:\WINDOWS\MicroSoft.NET\Framework\V1.1.4322\aspnet_isapi.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [D:\WINDOWS\system32\mscoree.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\nativeimages1_v1.1.4322\mscorlib\1.0.5000.0__b77a5c561934e089_6bec25c6\mscorlib.dll]  [N/A, ]
    [d:\windows\assembly\gac\system.web\1.0.5000.0__b03f5f7f11d50a3a\system.web.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\system\1.0.5000.0__b77a5c561934e089\system.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\system.drawing\1.0.5000.0__b03f5f7f11d50a3a\system.drawing.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\system.xml\1.0.5000.0__b77a5c561934e089\system.xml.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\system.data\1.0.5000.0__b77a5c561934e089\system.data.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\system.enterpriseservices\1.0.5000.0__b03f5f7f11d50a3a\system.enterpriseservices.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\system.web.regularexpressions\1.0.5000.0__b03f5f7f11d50a3a\system.web.regularexpressions.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\microsoft.visualc\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualc.dll]  [Microsoft Corporation, 7.10.3052.4]
    [d:\windows\assembly\gac\system.directoryservices\1.0.5000.0__b03f5f7f11d50a3a\system.directoryservices.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\system.runtime.remoting\1.0.5000.0__b77a5c561934e089\system.runtime.remoting.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\system.runtime.serialization.formatters.soap\1.0.5000.0__b03f5f7f11d50a3a\system.runtime.serialization.formatters.soap.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\cscompmgd\7.0.5000.0__b03f5f7f11d50a3a\cscompmgd.dll]  [ , 7.10.3052.4]
    [d:\windows\assembly\gac\system.web.mobile\1.0.5000.0__b03f5f7f11d50a3a\system.web.mobile.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\system.design\1.0.5000.0__b03f5f7f11d50a3a\system.design.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\system.windows.forms\1.0.5000.0__b77a5c561934e089\system.windows.forms.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\accessibility\1.0.5000.0__b03f5f7f11d50a3a\accessibility.dll]  [Microsoft Corporation, 1.1.4322.573]
    [d:\windows\microsoft.net\framework\v1.1.4322\temporary asp.net files\u8application\4e481ad6\c5c7a1ed\assembly\dl2\e50b5ee4\0071d66b_6341c401\ufsoft.u8.framework.invokeservice.serversink.dll]  [ , 1.0.0.0]
    [d:\windows\assembly\gac\ufsoft.u8.framework.invokeservice\1.0.860.0__27100cfe39774293\ufsoft.u8.framework.invokeservice.dll]  [UFSoft Corporation, 1.0.860.0]
    [d:\windows\assembly\gac\ufsoft.u8.framework.bizbase\1.0.0.0__79a4e7ad54eeabca\ufsoft.u8.framework.bizbase.dll]  [ , 1.0.0.0]
    [d:\windows\assembly\gac\ufsoft.u8.framework.log\1.0.0.0__9445a96dcd94733f\ufsoft.u8.framework.log.dll]  [UFSoft Stock Corp, Ltd., 1.0.0.0]
    [d:\windows\microsoft.net\framework\v1.1.4322\temporary asp.net files\u8application\4e481ad6\c5c7a1ed\assembly\dl2\11ee23c8\0081c968_9b9fc401\icsharpcode.sharpziplib.dll]  [ , 0.5.0.0]
    [d:\windows\assembly\gac\ufsoft.u8.framework.logincontext\1.0.0.0__90e57cffdf9d854d\ufsoft.u8.framework.logincontext.dll]  [ , 1.0.0.0]
    [d:\windows\assembly\gac\ufsoft.u8.framework.error\1.0.0.0__abe02929a274df6b\ufsoft.u8.framework.error.dll]  [ , 1.0.0.0]
    [d:\windows\assembly\gac\log4net\1.2.0.30714__b32731d11ce58905\log4net.dll]  [Neoworks Limited, 1.2.0.30714]
    [d:\windows\microsoft.net\framework\v1.1.4322\temporary asp.net files\u8application\4e481ad6\c5c7a1ed\assembly\dl2\fff068f6\009c36f4_4c4dc501\si_ufsoft.u8.framework.login.bo.dll]  [ , 0.0.0.0]
    [d:\windows\microsoft.net\framework\v1.1.4322\temporary asp.net files\u8application\4e481ad6\c5c7a1ed\assembly\dl2\4d3f6278\006f05f3_4c4dc501\i_ufsoft.u8.framework.login.bo.dll]  [ , 0.0.0.0]
    [d:\windows\microsoft.net\framework\v1.1.4322\temporary asp.net files\u8application\4e481ad6\c5c7a1ed\assembly\dl2\229caffa\000fc11f_ca9cc501\ufsoft.u8.framework.login.bo.dll]  [ , 1.0.0.0]
    [d:\windows\microsoft.net\framework\v1.1.4322\temporary asp.net files\u8application\4e481ad6\c5c7a1ed\assembly\dl2\11bc8003\00b55e1d_ca9cc501\securityandcreditidentity.dll]  [ , 1.0.0.0]
    [d:\windows\assembly\gac\ufsoft.u8.framework.servicemarkable\1.0.860.0__b30940874b271bd0\ufsoft.u8.framework.servicemarkable.dll]  [UFSoft Corporation, 1.0.860.0]
    [d:\windows\microsoft.net\framework\v1.1.4322\temporary asp.net files\u8application\4e481ad6\c5c7a1ed\assembly\dl2\a0c56482\00e28f1e_ca9cc501\ufsoft.u8.framework.keymanage.dll]  [ , 1.0.0.0]
    [d:\windows\microsoft.net\framework\v1.1.4322\temporary asp.net files\u8application\4e481ad6\c5c7a1ed\assembly\dl2\e257f6ff\00e28f1e_ca9cc501\tokenmanage.dll]  [ , 1.0.0.0]
    [d:\windows\microsoft.net\framework\v1.1.4322\temporary asp.net files\u8application\4e481ad6\c5c7a1ed\assembly\dl2\18c8b5ac\003c1330_cb26c401\ufsoft.u8.framework.cryptographyservice.bf.dll]  [ , 1.0.0.0]
    [d:\windows\microsoft.net\framework\v1.1.4322\temporary asp.net files\u8application\4e481ad6\c5c7a1ed\assembly\dl2\666a775f\00492290_7e91c501\ufsoft.u8.framework.datasourceconfig.bo.dll]  [ , 1.0.0.0]
    [d:\windows\microsoft.net\framework\v1.1.4322\temporary asp.net files\u8application\4e481ad6\c5c7a1ed\assembly\dl2\40cd4d2d\00eedcfe_a4b6c401\securitylib.dll]  [ , 1.0.0.0]
    [d:\windows\assembly\gac\ufsoft.u8.framework.resource\1.0.0.0__710ba790827d5bc0\ufsoft.u8.framework.resource.dll]  [ , 1.0.0.0]
    [d:\windows\assembly\gac\system.serviceprocess\1.0.5000.0__b03f5f7f11d50a3a\system.serviceprocess.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [d:\windows\assembly\gac\microsoft.visualbasic\7.0.5000.0__b03f5f7f11d50a3a\microsoft.visualbasic.dll]  [Microsoft Corporation, 7.10.6310.4]
    [d:\windows\assembly\gac\system.configuration.install\1.0.5000.0__b03f5f7f11d50a3a\system.configuration.install.dll]  [Microsoft Corporation, 1.1.4322.573]
    [d:\windows\assembly\gac\system.enterpriseservices\1.0.5000.0__b03f5f7f11d50a3a\system.enterpriseservices.thunk.dll]  [Microsoft Corporation, 1.1.4322.2300]
    [D:\WINDOWS\system32\dbnetlib.dll]  [Microsoft Corporation, 2000.086.1830 (srv03_sp1_rtm.050324-1447)]
    [D:\WINDOWS\system32\DBmsLPCn.dll]  [Microsoft Corporation, 2000.080.2039.00]
    [d:\windows\assembly\gac\mscorlib.resources\1.0.5000.0_zh-chs_b77a5c561934e089\mscorlib.resources.dll]  [Microsoft Corporation, 1.1.4322.573]
    [D:\WINDOWS\system32\Client.DLL]  [, 1, 0, 0, 1]
    [D:\WINDOWS\system32\UMIscell.dll]  [, 1, 0, 0, 1]
    [D:\WINDOWS\system32\M80SGV.dll]  [, 8, 2, 0, 0]
[PID: 2868 / Administrator][E:\downloads\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [D:\WINDOWS\system32\MsgBoxHook.dll]  [, 1, 0, 0, 1]
    [E:\downloads\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  Error. [D:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [D:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost
127.0.0.1  yu.8s7.net
127.0.0.1  1.jopanqc.com
127.0.0.1  2.joppnqq.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  xxx.m111.biz
127.0.0.1  1.jopenqc.com
127.0.0.1  1.jopenkk.com
127.0.0.1  xxx.vh7.biz
127.0.0.1  xxx.j41m.com
127.0.0.1  3.joppnqq.com
127.0.0.1  d.93se.com
127.0.0.1  www.868wg.com
127.0.0.1  xxx.mmma.biz
127.0.0.1  ilove.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  www.tomwg.com
127.0.0.1  www.cike007.cn
127.0.0.1  www.22aaa.com
127.0.0.1  xx.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
127.0.0.1  1.jopmmqq.com
127.0.0.1  171817.171817.com
127.0.0.1  d2.llsging.com
127.0.0.1  down.malasc.cn
127.0.0.1  llboss.com
127.0.0.1  nx.51ylb.cn
127.0.0.1  my.531jx.cn
127.0.0.1  qqq.dzydhx.com
127.0.0.1  qqq.hao1658.com
127.0.0.1  www.333292.com
127.0.0.1  down.18dd.net
127.0.0.1  up.22x44.com
127.0.0.1  aaa.faba01.com
127.0.0.1  bad.tqdlt.cn
127.0.0.1  1.chsipo.com
127.0.0.1  c3.aishangai.net
127.0.0.1  c2.aishangai.net
127.0.0.1  xxx.188dm.com
127.0.0.1  x2.1a2b3c1.com
127.0.0.1  d1.163500.net
127.0.0.1  down.google-serv.cn
127.0.0.1  idc.windowsupdeta.cn
127.0.0.1  nc.mskess.com
127.0.0.1  ok.sl8cjs.cn
127.0.0.1  dl.pvs360.com
127.0.0.1  ta.pvs360.com
127.0.0.1  cw.pvs360.com
127.0.0.1  fg.pvs360.com

==================================
进程特权扫描
N/A

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]