2009-02-02,15:25:54 System Repair Engineer 2.7.0.1210 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能 以下内容被选中: 所有的启动项目(包括注册表、启动文件夹、服务等) 浏览器加载项 正在运行的进程(包括进程模块信息) 文件关联 Winsock 提供者 Autorun.inf HOSTS 文件 进程特权扫描 计划任务 API HOOK 隐藏进程 启动项目 注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] (ctfmon.exe)(C:\WINDOWS\system32\ctfmon.exe) [(Verified)Microsoft Windows Publisher] (Nokia.PCSync)(; "D:\pcn81\Nokia PC Suite 7\PCSync2.exe" /NoDialog) [Time Information Services Ltd.] (PC Suite Tray)(; "D:\pcn81\Nokia PC Suite 7\PCSuite.exe" -onlytray) [Nokia] (swg)(; C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe) [File is missing] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] (load)() [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] (FlashGet)(; "C:\Program Files\FlashGet Network\Flashget\FlashGet.exe" /min) [File is missing] (Kernel and Hardware Abstraction Layer)(; KHALMNPR.EXE) [(Verified)Logitech] (KuGou)(; C:\Program Files\KuGou\KuGou2008\KuGoo.exe min) [File is missing] (Logitech Hardware Abstraction Layer)(; KHALMNPR.EXE) [(Verified)Logitech] (搜狐电视机网页版)(; C:\Program Files\sohutv_web\SysTrayIcon.exe "C:\Program Files\sohutv_web" "22446794ae7fca933e8af49086c883bc" "1.0.0.10" "") [File is missing] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] (shell)(Explorer.exe) [(Verified)Microsoft Windows Component Publisher] (Userinit)(C:\WINDOWS\system32\UserInit.exe,) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] (AppInit_DLLs)() [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] (UIHost)(logonui.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] ({AEB6717E-7E19-11d0-97EE-00C04FD91972})(shell32.dll) [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] (PostBootReminder)(%SystemRoot%\system32\SHELL32.dll) [(Verified)Microsoft Windows Component Publisher] (CDBurn)(%SystemRoot%\system32\SHELL32.dll) [(Verified)Microsoft Windows Component Publisher] (WebCheck)(%SystemRoot%\system32\webcheck.dll) [(Verified)Microsoft Windows Publisher] (SysTray)(C:\WINDOWS\system32\stobject.dll) [(Verified)Microsoft Windows Publisher] (WPDShServiceObj)(C:\WINDOWS\system32\WPDShServiceObj.dll) [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] (WinlogonNotify: crypt32chain)(crypt32.dll) [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] (WinlogonNotify: cryptnet)(cryptnet.dll) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] (WinlogonNotify: cscdll)(cscdll.dll) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] (WinlogonNotify: ScCertProp)(wlnotify.dll) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] (WinlogonNotify: Schedule)(wlnotify.dll) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] (WinlogonNotify: sclgntfy)(sclgntfy.dll) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Sebring] (WinlogonNotify: Sebring)(c:\WINDOWS\system32\LgNotify.dll) [Intel Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] (WinlogonNotify: SensLogn)(WlNotify.dll) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] (WinlogonNotify: termsrv)(wlnotify.dll) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] (WinlogonNotify: wlballoon)(wlnotify.dll) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] ({438755C2-A8BA-11D1-B96B-00A0C90312E1})(%SystemRoot%\system32\browseui.dll) [(Verified)Microsoft Windows Component Publisher] ({8C7461EF-2B13-11d2-BE35-3078302C2030})(%SystemRoot%\system32\browseui.dll) [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\){22d6f312-b0f6-11d0-94ab-0080c74c7e95}] (Microsoft Windows Media Player)(C:\WINDOWS\inf\unregmp2.exe /ShowWMP) [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\){26923b43-4d38-484f-9b9e-de460746276c}] (Internet Explorer)(%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE) [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\){881dd1c5-3dcf-431b-b061-f3f88e8be88a}] (Outlook Express)(%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE) [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] (Themes Setup)(%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll) [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] (Microsoft Outlook Express 6)("%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install) [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] (NetMeeting 3.01)(rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] (Windows Messenger 4.7)(rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] (Microsoft Windows Media Player)(rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub) [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] (通讯簿 6)("%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install) [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] (Windows 桌面更新)(regsvr32.exe /s /n /i:U shell32.dll) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] (Internet Explorer 6)(%SystemRoot%\system32\ie4uinit.exe) [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] (N/A)(C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install) [Microsoft Corporation] [HKEY_CURRENT_USER\Control Panel\Desktop] (SCRNSAVE.EXE)(C:\WINDOWS\System32\logon.scr) [(Verified)Microsoft Windows Publisher] -------------------------------------------------------------------------------- 启动文件夹 [qq] (C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\qq.exe --) [File is missing])(N) -------------------------------------------------------------------------------- 服务 [ASP.NET State Service / aspnet_state][Stopped/Manual Start] (C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe)(Microsoft Corporation) [avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start] ("C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe")(ALWIL Software) [Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start] (C:\WINDOWS\system32\Ati2evxx.exe)() [avast! Antivirus / avast! Antivirus][Running/Auto Start] ("C:\Program Files\Alwil Software\Avast4\ashServ.exe")(ALWIL Software) [avast! Mail Scanner / avast! Mail Scanner][Running/Manual Start] ("C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service)(ALWIL Software) [avast! Web Scanner / avast! Web Scanner][Running/Manual Start] ("C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service)(ALWIL Software) [Human Interface Device Access / HidServ][Stopped/Disabled] (C:\WINDOWS\System32\svchost.exe -k netsvcs--)%SystemRoot%\System32\hidserv.dll)(N/A) [hpqcxs08 / hpqcxs08][Stopped/Manual Start] (C:\WINDOWS\system32\svchost.exe -k hpdevmgmt--)C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll)(Hewlett-Packard Co.) [Net Driver HPZ12 / Net Driver HPZ12][Running/Auto Start] (C:\WINDOWS\System32\svchost.exe -k HPZ12--)C:\WINDOWS\system32\HPZinw12.dll)(Hewlett-Packard) [Pml Driver HPZ12 / Pml Driver HPZ12][Running/Auto Start] (C:\WINDOWS\System32\svchost.exe -k HPZ12--)C:\WINDOWS\system32\HPZipm12.dll)(Hewlett-Packard) [RegSrvc / RegSrvc][Running/Auto Start] (C:\WINDOWS\system32\RegSrvc.exe)(Intel Corporation) [Spectrum24 Event Monitor / S24EventMonitor][Running/Auto Start] (C:\WINDOWS\system32\S24EvMon.exe)(Intel Corporation) [ServiceLayer / ServiceLayer][Stopped/Manual Start] ("C:\Program Files\PC Connectivity Solution\ServiceLayer.exe")(Nokia.) -------------------------------------------------------------------------------- 驱动程序 [a320raid / a320raid][Running/Boot Start] (\SystemRoot\System32\DRIVERS\a320raid.sys)(Adaptec, Inc.) [aar1210 / aar1210][Running/Boot Start] (\SystemRoot\System32\DRIVERS\aar1210.sys)(Adaptec, Inc.) [adpu320 / adpu320][Running/Boot Start] (\SystemRoot\System32\DRIVERS\adpu320.sys)(Adaptec, Inc.) [ACARD AEC6210UF UltraDMA33 Controller / aec6210][Running/Boot Start] (\SystemRoot\System32\DRIVERS\aec6210.sys)(ACARD Technology Corp.) [ACARD AEC6260 UltraDMA-66 Controller / aec6260][Running/Boot Start] (\SystemRoot\System32\DRIVERS\aec6260.sys)(ACARD Technology Corp.) [aec6280 / aec6280][Running/Boot Start] (\SystemRoot\System32\DRIVERS\aec6280.sys)(ACARD Technology Corp.) [AEC6890 / AEC6890][Running/Boot Start] (\SystemRoot\System32\DRIVERS\AEC6890.sys)(ACARD Technology Corp.) [aec68x5 / aec68x5][Running/Boot Start] (\SystemRoot\System32\DRIVERS\aec68x5.sys)(ACARD Technology Corp.) [AliIde / AliIde][Stopped/Boot Start] (\SystemRoot\System32\DRIVERS\aliide.sys)(N/A) [asc / asc][Running/Boot Start] (\SystemRoot\System32\DRIVERS\asc.sys)(Advanced System Products, Inc.) [asc3550 / asc3550][Running/Boot Start] (\SystemRoot\System32\DRIVERS\asc3550.sys)(Advanced System Products, Inc.) [aswFsBlk / aswFsBlk][Running/Auto Start] (system32\DRIVERS\aswFsBlk.sys)(ALWIL Software) [ati2mtag / ati2mtag][Running/Manual Start] (system32\DRIVERS\ati2mtag.sys)(ATI Technologies Inc.) [Broadcom 570x Gigabit Integrated Controller / b57w2k][Running/Manual Start] (system32\DRIVERS\b57xp32.sys)(Broadcom Corporation) [CmdIde / CmdIde][Running/Boot Start] (\SystemRoot\System32\DRIVERS\cmdide.sys)(CMD Technology, Inc.) [dac2w2k / dac2w2k][Running/Boot Start] (\SystemRoot\System32\DRIVERS\dac2w2k.sys)(Mylex Corporation) [dpti2o / dpti2o][Stopped/Boot Start] (\SystemRoot\System32\DRIVERS\dpti2o.sys)(N/A) [Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start] (system32\drivers\es1371mp.sys)(Creative Technology Ltd.) [fasttrak / fasttrak][Running/Boot Start] (\SystemRoot\System32\DRIVERS\fasttrak.sys)(Promise Technology, Inc.) [fasttx2k / fasttx2k][Running/Boot Start] (\SystemRoot\System32\DRIVERS\fasttx2k.sys)(Promise Technology, Inc.) [fasttx2k2 / fasttx2k2][Running/Boot Start] (\SystemRoot\System32\DRIVERS\fasttx2k2.sys)(Promise Technology, Inc.) [Hpt366 / Hpt366][Running/Boot Start] (\SystemRoot\System32\DRIVERS\Hpt366.sys)(Microsoft Corporation) [HPT371 / HPT371][Running/Boot Start] (\SystemRoot\System32\DRIVERS\HPT371.sys)(HighPoint Technologies, Inc.) [hpt374 / hpt374][Running/Boot Start] (\SystemRoot\System32\DRIVERS\hpt374.sys)(HighPoint Technologies, Inc.) [hpt3xx / hpt3xx][Running/Boot Start] (\SystemRoot\System32\DRIVERS\hpt3xx.sys)(HighPoint Technologies, Inc.) [hptmv / hptmv][Running/Boot Start] (\SystemRoot\System32\DRIVERS\hptmv.sys)(HighPoint Technologies, Inc.) [hptpro / hptpro][Stopped/Boot Start] (\SystemRoot\System32\DRIVERS\hptpro.sys)(HighPoint Technologies, Inc.) [IEEE-1284.4 Driver HPZid412 / HPZid412][Stopped/Manual Start] (system32\DRIVERS\HPZid412.sys)(HP) [Print Class Driver for IEEE-1284.4 HPZipr12 / HPZipr12][Stopped/Manual Start] (system32\DRIVERS\HPZipr12.sys)(HP) [USB to IEEE-1284.4 Translation Driver HPZius12 / HPZius12][Stopped/Manual Start] (system32\DRIVERS\HPZius12.sys)(HP) [HSFHWICH / HSFHWICH][Running/Manual Start] (system32\DRIVERS\HSFHWICH.sys)(Conexant Systems, Inc.) [HSF_DP / HSF_DP][Running/Manual Start] (system32\DRIVERS\HSF_DP.sys)(Conexant Systems, Inc.) [Intel Integrated RAID / iaStor][Running/Boot Start] (\SystemRoot\system32\drivers\iaStor.sys)(Intel Corporation) [ITERAID_Service_Install / iteraid][Running/Boot Start] (\SystemRoot\System32\DRIVERS\iteraid.sys)(Integrated Technology Express, Inc.) [Logitech SetPoint Keyboard Driver / L8042Kbd][Running/Manual Start] (system32\DRIVERS\L8042Kbd.sys)(Logitech Inc.) [SetPoint PS/2 Mouse Filter Driver / L8042mou][Running/Manual Start] (system32\DRIVERS\L8042mou.Sys)(Logitech Inc.) [Logitech SetPoint KMDF HID Filter Driver / LHidFilt][Stopped/Manual Start] (system32\DRIVERS\LHidFilt.Sys)(Logitech, Inc.) [Logitech SetPoint KMDF Mouse Filter Driver / LMouFilt][Stopped/Manual Start] (system32\DRIVERS\LMouFilt.Sys)(Logitech, Inc.) [SetPoint Mouse Filter Driver / LMouKE][Running/Manual Start] (system32\DRIVERS\LMouKE.Sys)(Logitech Inc.) [Logitech SetPoint KMDF USB Filter / LUsbFilt][Stopped/Manual Start] (System32\Drivers\LUsbFilt.Sys)(Logitech, Inc.) [m5228 / m5228][Running/Boot Start] (\SystemRoot\System32\DRIVERS\m5228.sys)(ALi Corporation.) [m5281 / m5281][Running/Boot Start] (\SystemRoot\system32\drivers\m5281.sys)(ALi Corporation) [AEGIS Protocol (IEEE 802.1x) v2.2.1.0 / MDC8021X][Running/Auto Start] (system32\DRIVERS\mdc8021x.sys)(Meetinghouse Data Communications) [mdmxsdk / mdmxsdk][Running/Auto Start] (system32\DRIVERS\mdmxsdk.sys)(Conexant) [MegaIDE / MegaIDE][Running/Boot Start] (\SystemRoot\System32\DRIVERS\MegaIDE.sys)(LSI Logic Corporation.) [mraid2k / mraid2k][Running/Boot Start] (\SystemRoot\System32\DRIVERS\mraid2k.sys)(American Megatrends, Inc.) [mraid35x / mraid35x][Running/Boot Start] (\SystemRoot\System32\DRIVERS\mraid35x.sys)(American Megatrends Inc.) [Nokia USB Phone Parent / nmwcd][Stopped/Manual Start] (system32\drivers\ccdcmb.sys)(Nokia) [Nokia USB Generic / nmwcdc][Stopped/Manual Start] (system32\drivers\ccdcmbo.sys)(Nokia) [npkcrypt / npkcrypt][Stopped/Manual Start] (\??\C:\WINDOWS\system32\npkcrypt.sys)(N/A) [npkycryp / npkycryp][Stopped/Manual Start] (\??\C:\WINDOWS\system32\npkycryp.sys)(N/A) [O2Micro SmartCardBus Reader / O2SCBUS][Running/Manual Start] (system32\DRIVERS\ozscr.sys)(O2Micro) [OMCI / OMCI][Running/System Start] (\SystemRoot\SYSTEM32\DRIVERS\OMCI.SYS)(Dell Computer Corporation) [PCCS Mode Change Filter Driver / pccsmcfd][Stopped/Manual Start] (system32\DRIVERS\pccsmcfd.sys)(Nokia) [AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start] (system32\DRIVERS\pcntpci5.sys)(AMD Inc.) [SiI 680 ATA Controller / Pnp680][Running/Boot Start] (\SystemRoot\System32\DRIVERS\pnp680.sys)(Silicon Image, Inc.) [Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Running/Boot Start] (\SystemRoot\System32\DRIVERS\pnp680r.sys)(Silicon Image, Inc) [Direct Parallel Link Driver / Ptilink][Running/Manual Start] (system32\DRIVERS\ptilink.sys)(Parallel Technologies, Inc.) [ql1080 / ql1080][Running/Boot Start] (\SystemRoot\System32\DRIVERS\ql1080.sys)(QLogic Corporation) [ql12160 / ql12160][Running/Boot Start] (\SystemRoot\System32\DRIVERS\ql12160.sys)(QLogic Corporation) [ql1280 / ql1280][Running/Boot Start] (\SystemRoot\System32\DRIVERS\ql1280.sys)(QLogic Corporation) [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start] (system32\DRIVERS\RTL8139.SYS)(Realtek Semiconductor Corporation) [WLAN Transport / s24trans][Running/Auto Start] (system32\DRIVERS\s24trans.sys)(Intel Corporation) [Secdrv / Secdrv][Stopped/Manual Start] (system32\DRIVERS\secdrv.sys)(Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [SiI-3512 SATALink Controller / SI3112][Running/Boot Start] (\SystemRoot\System32\DRIVERS\SI3112.sys)(Silicon Image, Inc.) [Silicon Image SiI 3512 SATARaid Controller / SI3112r][Running/Boot Start] (\SystemRoot\system32\drivers\SI3112r.sys)(Silicon Image, Inc) [SiI-3114 SATALink Controller / SI3114][Running/Boot Start] (\SystemRoot\System32\DRIVERS\SI3114.sys)(Silicon Image, Inc.) [SiI-3114 SATARaid Controller / SI3114r][Running/Boot Start] (\SystemRoot\System32\DRIVERS\SI3114R.sys)(Silicon Image, Inc) [SiI-3124 SATALink Controller / SI3124][Running/Boot Start] (\SystemRoot\System32\DRIVERS\SI3124.sys)(Silicon Image, Inc.) [SiI-3124 SATARaid Controller / SI3124r][Running/Boot Start] (\SystemRoot\System32\DRIVERS\SI3124R.sys)(Silicon Image, Inc) [SATALink driver accelerator / SiFilter][Running/Boot Start] (\SystemRoot\System32\DRIVERS\SiWinAcc.sys)(Silicon Image, Inc.) [SiSRaid / SiSRaid][Running/Boot Start] (\SystemRoot\System32\DRIVERS\SiSRaid.sys)(Silicon Integrated Systems) [SiSRaid1 / SiSRaid1][Running/Boot Start] (\SystemRoot\System32\DRIVERS\SiSRaid1.sys)(Silicon Integrated Systems) [Sparrow / Sparrow][Running/Boot Start] (\SystemRoot\System32\DRIVERS\sparrow.sys)(Adaptec, Inc.) [sptrak / sptrak][Running/Boot Start] (\SystemRoot\System32\DRIVERS\sptrak.sys)(Promise Technology, Inc.) [Audio Driver (WDM) - SigmaTel CODEC / STAC97][Running/Manual Start] (system32\drivers\stac97.sys)(SigmaTel, Inc.) [SVKP / SVKP][Running/Auto Start] (\??\C:\WINDOWS\system32\SVKP.sys)(AntiCracking) [symc810 / symc810][Running/Boot Start] (\SystemRoot\System32\DRIVERS\symc810.sys)(Symbios Logic Inc.) [symc8xx / symc8xx][Running/Boot Start] (\SystemRoot\System32\DRIVERS\symc8xx.sys)(LSI Logic) [sym_hi / sym_hi][Running/Boot Start] (\SystemRoot\System32\DRIVERS\sym_hi.sys)(LSI Logic) [sym_u3 / sym_u3][Running/Boot Start] (\SystemRoot\System32\DRIVERS\sym_u3.sys)(LSI Logic) [TCP/IP Protocol Driver / Tcpip][Running/System Start] (system32\DRIVERS\tcpip.sys)(Microsoft Corporation) [UlSata / UlSata][Running/Boot Start] (\SystemRoot\System32\DRIVERS\ulsata.sys)(Promise Technology, Inc.) [ultra / ultra][Running/Boot Start] (\SystemRoot\System32\DRIVERS\ultra.sys)(Promise Technology, Inc.) [upperdev / upperdev][Stopped/Manual Start] (system32\DRIVERS\usbser_lowerflt.sys)(Windows (R) Codename Longhorn DDK provider) [UsbserFilt / UsbserFilt][Stopped/Manual Start] (system32\DRIVERS\usbser_lowerfltj.sys)(Windows (R) Codename Longhorn DDK provider) [WirelessMgr / VCOM_WirelessMgr][Running/Manual Start] (system32\DRIVERS\VCOM_A2000P.sys)(N/A) [viamraid / viamraid][Running/Boot Start] (\SystemRoot\system32\DRIVERS\viamraid.sys)(VIA Technologies inc,.ltd) [VIA ATA/ATAPI Host Controller / viapdsk][Running/Boot Start] (\SystemRoot\System32\DRIVERS\viapdsk.sys)(VIA Technologies, Inc.) [viaraid / viaraid][Running/Boot Start] (\SystemRoot\System32\DRIVERS\viaraid.sys)(VIA Technologies inc,.ltd) [viasraid / viasraid][Running/Boot Start] (\SystemRoot\system32\drivers\viasraid.sys)(VIA Technologies inc,.ltd) [vmscsi / vmscsi][Running/Boot Start] (\SystemRoot\system32\drivers\vmscsi.sys)(VMware, Inc.) [Intel(R) PRO/Wireless 2200 Adapter 驱动程序 / w22n51][Running/Manual Start] (system32\DRIVERS\w22n51.sys)(Intel? Corporation) [winachsf / winachsf][Running/Manual Start] (system32\DRIVERS\HSF_CNXT.sys)(Conexant Systems, Inc.) [ZTE USB Download Driver / zusbdemo][Stopped/Manual Start] (system32\DRIVERS\zusbdemo.sys)(MCCI) -------------------------------------------------------------------------------- 浏览器加载项 [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} (D:\迅雷\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD) [MMCPlayer Class] {05C1004E-2596-48E5-8E26-39362985EEB9} (C:\Program Files\sohutv_web\MMCShell.dll, (Signed) Sohu.com Inc.) [Windows Genuine Advantage Validation Tool] {17492023-C23A-453E-A040-C7C580BBF700} (C:\WINDOWS\system32\LegitCheckControl.DLL, (Signed) Microsoft Corporation) [WUWebControl Class] {6414512B-B978-451D-A0D8-FCFDF33E833C} (C:\WINDOWS\system32\wuweb.dll, (Signed) Microsoft Corporation) [Java Plug-in 1.5.0] {8AD9C840-044E-11D1-B3E9-00805F499D93} (C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll, JavaSoft / Sun Microsystems, Inc.) [RavOnline Class] {9FAFB576-6933-4CCC-AB3D-B988EC43D04E} (C:\WINDOWS\Downloaded Program Files\RavOLCtl.dll, Beijing Rising Information Technology Co., Ltd.) [Java Plug-in 1.5.0] {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} (C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll, JavaSoft / Sun Microsystems, Inc.) [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} (D:\迅雷\ComDlls\xunleiBHO_Now.dll, (Signed) Thunder Networking Technologies,LTD) [RavOnline Class] {9FAFB576-6933-4CCC-AB3D-B988EC43D04E} (C:\WINDOWS\Downloaded Program Files\RavOLCtl.dll, Beijing Rising Information Technology Co., Ltd.) [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} (C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, (Signed) Adobe Systems, Inc.) [使用迅雷下载] (D:\迅雷\Program\geturl.htm, N/A) [使用迅雷下载全部链接] (D:\迅雷\Program\getallurl.htm, N/A) -------------------------------------------------------------------------------- 正在运行的进程 [PID: 396 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 884 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1036 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\Ati2evxx.dll] [, ] [c:\WINDOWS\system32\LgNotify.dll] [Intel Corporation, 8, 0, 0, 162] [PID: 1240 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1252 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1468 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [, ] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1516 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1628 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1748 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1840 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1948 / SYSTEM][C:\WINDOWS\system32\S24EvMon.exe] [Intel Corporation , 8, 0, 0, 162] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2040 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 268 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 336 / Administrator][C:\WINDOWS\system32\ZCfgSvc.exe] [Intel Corporation, 8, 0, 0, 162] [C:\WINDOWS\system32\PfMgrApi.dll] [Intel Corporation, 8, 0, 0, 162] [C:\WINDOWS\system32\PsRegApi.dll] [Intel Corporation, 8, 0, 0, 162] [C:\WINDOWS\system32\WConfig.DLL] [Intel Corporation, 8, 0, 0, 162] [C:\WINDOWS\system32\WiFiAdap.DLL] [Intel Corporation, 8, 0, 0, 162] [C:\WINDOWS\system32\PsGuiMgr.dll] [Intel Corporation., 8, 0, 0, 162] [C:\WINDOWS\system32\C1XStngs.dll] [Intel Corporation, 8, 0, 0, 162] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [c:\Program Files\Intel\PROSetWireless\PROSet\CHS\ZcSvcCHS.dll] [Intel Corporation, 8, 0, 0, 107] [c:\Program Files\Intel\PROSetWireless\PROSet\CHS\PmApiCHS.dll] [Intel Corporation, 8, 0, 0, 107] [C:\WINDOWS\system32\S24MUDLL.dll] [Intel Corporation, 8, 0, 0, 162] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [c:\Program Files\Intel\PROSetWireless\PROSet\CHS\C1XStCHS.dll] [Intel Corporation, 8, 0, 0, 107] [PID: 524 / Administrator][C:\WINDOWS\system32\Ati2evxx.exe] [, ] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 684 / Administrator][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [D:\pcn81\Nokia PC Suite 7\phonebrowser.dll] [Nokia, 7, 0, 103, 0] [D:\pcn81\Nokia PC Suite 7\NGSCM.DLL] [Nokia, 7, 0, 140, 6] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [D:\pcn81\Nokia PC Suite 7\Lang\PhoneBrowser_chi-sc.nlr] [Nokia, 7, 0, 64, 0] [D:\pcn81\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr] [Nokia, 7, 0, 20, 0] [D:\删除软件\Unlocker\UnlockerCOM.dll] [N/A, ] [D:\解压\rarext.dll] [N/A, ] [C:\Program Files\IDM Computer Solutions\UltraEdit\ue32ctmn.dll] [, 1, 0, 0, 4] [C:\Program Files\Alwil Software\Avast4\ashShell.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll] [N/A, ] [C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll] [N/A, ] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.0.0.0] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [Adobe Systems, Inc., 8.0.0.0] [D:\迅雷\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96] [D:\迅雷\Components\ResWorker\DsBho_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20] [D:\迅雷\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [PID: 940 / SYSTEM][C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [PID: 1052 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashServ.exe] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswInteg.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswIdle.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Alwil Software\Avast4\ChineseS\Base.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\ahResMes.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\AhResNS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\AhResOut.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\ahResP2P.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\AhResStd.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\AhResWS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\AhResJs.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\ashSSqlt.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Alwil Software\Avast4\aswRes.dll] [ALWIL Software, 4, 8, 1296, 0] [PID: 1388 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\hpz3l4x6.dll] [Hewlett-Packard Company, 61.063.263.21] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\hpzpp4x6.dll] [Hewlett-Packard Corporation, 61.063.263.21] [PID: 224 / LOCAL SERVICE][C:\WINDOWS\System32\SCardSvr.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [PID: 692 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.00.9466] [PID: 1976 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\hpzinw12.dll] [Hewlett-Packard, 12,1,1,54] [PID: 848 / LOCAL SERVICE][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [c:\windows\system32\hpzipm12.dll] [Hewlett-Packard, 12,1,1,54] [PID: 864 / SYSTEM][C:\WINDOWS\system32\RegSrvc.exe] [Intel Corporation, 8, 0, 0, 162] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [PID: 592 / Administrator][C:\WINDOWS\system32\1XConfig.exe] [Intel, 8, 0, 0, 162] [C:\WINDOWS\system32\IntelAE5.dll] [Meetinghouse Data Communications, 1, 42, 19, 1] [C:\WINDOWS\system32\SSLEAY32.dll] [N/A, ] [C:\WINDOWS\system32\LIBEAY32.dll] [N/A, ] [C:\WINDOWS\system32\PsRegApi.dll] [Intel Corporation, 8, 0, 0, 162] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [PID: 1104 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [PID: 3916 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [PID: 3996 / Administrator][C:\WINDOWS\system32\wuauclt.exe] [(Verified) Microsoft Corporation, 7.2.6001.788 (winmain_oob/wu_wsuswlc(wmbla).081016-1330)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [PID: 924 / Administrator][C:\WINDOWS\System32\WScript.exe] [(Verified) Microsoft Corporation, 5.6.0.8820] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\AhAScr.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1296, 0] [PID: 2896 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\AhResMai.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Alwil Software\Avast4\ChineseS\Base.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\ChineseS\Lang.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Alwil Software\Avast4\ChineseS\langmai.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [PID: 3372 / SYSTEM][C:\Program Files\Alwil Software\Avast4\ashWebSv.exe] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Alwil Software\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Alwil Software\Avast4\ChineseS\Base.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswEngin.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\aswScan.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\Program Files\Alwil Software\Avast4\ashWsFtr.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\AhResWs.dll] [ALWIL Software, 4, 8, 1296, 0] [PID: 2676 / Administrator][C:\WINDOWS\system32\conime.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [PID: 2392 / Administrator][C:\Program Files\Rising\AntiSpyware\knownsvr.exe] [Beijing Rising Information Technology Co., Ltd., 6.0.0.14] [C:\Program Files\Rising\AntiSpyware\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [PID: 1116 / Administrator][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [D:\迅雷\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96] [D:\迅雷\Components\ResWorker\DsBho_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20] [D:\迅雷\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\Program Files\Common Files\Microsoft Shared\INK\PENCHS.DLL] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Program Files\Alwil Software\Avast4\AhAScr.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0] [D:\迅雷\ComDlls\ThunderAgent_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 4, 23] [PID: 3544 / Administrator][D:\迅雷\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5.8.5.595] [D:\迅雷\Program\BugReport.dll] [Thunder Networking Technologies,LTD, 1, 4, 1, 20] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [D:\迅雷\Program\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 3, 9, 71] [D:\迅雷\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 3, 100, 2, 322] [D:\迅雷\Program\mp.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 2] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [D:\迅雷\Program\asyn_frame.dll] [Thunder Networking Technologies,LTD, 1, 2, 2, 25] [D:\迅雷\Program\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0] [D:\迅雷\Program\fs.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 12] [D:\迅雷\Program\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 5, 2, 25] [D:\迅雷\Program\BHOStub.dll] [Thunder Networking Technologies,LTD, 1, 1, 1, 10] [D:\迅雷\Components\DownAndPlay\DownAndPlay.dll] [, 1, 0, 12, 30] [D:\迅雷\Program\backend_agent.dll] [Thunder Networking Technologies,LTD, 1, 2, 2, 24] [D:\迅雷\Program\zlib1.dll] [, 1.2.3] [D:\迅雷\Program\p2sp.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 39] [D:\迅雷\Program\down_dispatcher.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 24] [D:\迅雷\Program\ptl.dll] [Thunder Networking Technologies,LTD, 3,2,2,31] [D:\迅雷\Program\dl_peer_id.dll] [Thunder Networking Technologies,LTD, 3, 1, 2, 2] [D:\迅雷\Program\xl_stat.dll] [, 1, 1, 2, 6] [D:\迅雷\Program\iTargetAD.dll] [Thunder Networking Technologies,LTD, 1, 0, 4, 35] [C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx] [Adobe Systems, Inc., 9,0,124,0] [C:\Program Files\Common Files\Microsoft Shared\INK\PENCHS.DLL] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [D:\迅雷\Program\p2p.dll] [Thunder Networking Technologies,LTD, 1,2,2,34] [D:\迅雷\Program\xldc.dll] [Thunder Networking Technologies,LTD, 4, 0, 2, 25] [D:\迅雷\Program\stream.dll] [Thunder Networking Technologies,LTD, 2, 1, 2, 399] [D:\迅雷\Program\p2p_upload.dll] [Thunder Networking Technologies,LTD, 1,2,2,12] [D:\迅雷\Program\p2p_local_res.dll] [Thunder Networking Technologies,LTD, 1,2,2,16] [D:\迅雷\Program\al.dll] [Thunder Networking Technologies,LTD, 1,2,2,22] [D:\迅雷\Program\p2p_network_com.dll] [, 1, 0, 2, 25] [D:\迅雷\Components\InMedia\iEmbedShell.dll] [ , 3, 4, 10, 117] [D:\迅雷\Components\InMedia\iEmbed19.dll] [Thunder Networking Technologies,LTD, 3, 4, 10, 117] [D:\迅雷\Components\InMedia\PlayerHelper.dll] [thunder, 1, 2, 7, 61] [D:\迅雷\Components\InMedia\XLIPC.DLL] [Thunder Networking Technologies,LTD, 1, 0, 0, 2] [D:\迅雷\Components\P4PClient\P4PClient.dll] [Thunder Networking Technologies,LTD, 2, 2, 5, 70] [D:\迅雷\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 2, 5, 0, 90] [D:\迅雷\Program\xldcsubtask.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 5] [D:\迅雷\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 17, 0, 67] [D:\迅雷\Program\MSVCIRT.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [D:\迅雷\Program\imdt.dll] [Thunder Networking Technologies,LTD, 1.2.2.18] [D:\迅雷\Components\Community\audioCtrl.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 2] [D:\迅雷\Components\Community\xlaudio.dll] [, 1, 0, 2, 4] [D:\迅雷\Program\xlvdt.dll] [Thunder Networking Technologies,LTD, 1.0.2.6] [D:\迅雷\Components\Search\XLSearch.dll] [Thunder Networking Technologies,LTD, 1, 1, 7, 25] [D:\迅雷\Program\LiveUpdate.dll] [Thunder Networking Technologies,LTD, 1, 2, 4, 26] [D:\迅雷\Components\ExplorerHelper\ExplorerHelper.dll] [Thunder Networking Technologies,LTD, 1, 0, 4, 19] [D:\迅雷\Components\Tips\TipsClient.dll] [Thunder Networking Technologies,LTD, 2, 2, 14, 120] [D:\迅雷\Program\p2sp_pd.dll] [Thunder Networking Technologies,LTD, 1, 100, 2, 4] [D:\迅雷\Components\VPSHELL\VPSHELL.dll] [迅雷网络, 4, 0, 0, 38] [D:\迅雷\Components\UserExperience\UserExperience.dll] [Thunder Networking Technologies,LTD, 1, 0, 3, 5] [D:\迅雷\Components\ResWorker\DsXlCom.dll] [, 1, 0, 0, 30] [D:\迅雷\Components\ResWorker\DataProcessor_01.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [D:\迅雷\Components\ResWorker\MediaWorker.dll] [Thunder Networking Technologies,LTD, 1, 2, 0, 22] [D:\迅雷\Components\Tips\XLIPC.DLL] [Thunder Networking Technologies,LTD, 1, 0, 0, 2] [D:\迅雷\Components\DownloadStat\DownloadStat.dll] [Thunder Networking Technologies,LTD, 1, 4, 1, 6] [D:\迅雷\Program\emule_id.dll] [, 1, 0, 2, 11] [C:\Program Files\Alwil Software\Avast4\AhAScr.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\Aavm4h.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\AavmRpch.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\ashBase.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnOS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnB.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswCmnS.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\ashTask.dll] [ALWIL Software, 4, 8, 1296, 0] [C:\PROGRA~1\ALWILS~1\Avast4\aswAux.dll] [ALWIL Software, 4, 8, 1296, 0] [D:\迅雷\Components\InMedia\MediaAddin18.dll] [Thunder Networking Technologies,LTD, 3, 1, 6, 81] [D:\迅雷\Program\bd.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 18] [PID: 5392 / Administrator][D:\主页保护神\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.7.0.1210] [PID: 5596 / Administrator][D:\主页保护神\sreng2\SREbf75fb3a.EXE] [Smallfrogs Studio, 2.7.0.1210] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Alwil Software\Avast4\AhJsctNs.dll] [ALWIL Software, 4, 8, 1296, 0] [D:\主页保护神\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] -------------------------------------------------------------------------------- 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] -------------------------------------------------------------------------------- Winsock 提供者 N/A -------------------------------------------------------------------------------- Autorun.inf N/A -------------------------------------------------------------------------------- HOSTS 文件 N/A -------------------------------------------------------------------------------- 进程特权扫描 特殊特权被允许: SeLoadDriverPrivilege [PID = 3544, D:\迅雷\PROGRAM\THUNDER5.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 5392, D:\主页保护神\SRENG2\SRENGLDR.EXE] -------------------------------------------------------------------------------- 计划任务 [已启用] SogouImeMgr.job C:\PROGRA~1\SOGOUI~1\400~1.208\PinyinRepair.exe -------------------------------------------------------------------------------- API HOOK N/A -------------------------------------------------------------------------------- 隐藏进程 N/A --------------------------------------------------------------------------------