<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[PxHelp20 / PxHelp20][Running/Boot Start]
<\SystemRoot\System32\Drivers\PxHelp20.sys><Sonic Solutions>
[Realtek RTL8139/810x/8169/8110 all in one NDIS NT Driver / RTL8023][Stopped/Manual Start]
<system32\DRIVERS\Rtlnic51.sys><Realtek Semiconductor Corporation>
[Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start]
<system32\DRIVERS\RTL8139.SYS><Realtek Semiconductor Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[SiS AGP Filter / SISAGP][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\SISAGPX.sys><Silicon Integrated Systems Corporation>
[SiSide / SiSide][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\siside.sys><Silicon Integrated Systems Corp.>
[Add Performance Filter Driver / sisperf][Running/Boot Start]
<\SystemRoot\system32\drivers\sisperf.sys><Silicon Integrated Systems Corp.>
[PS/2 Keyboard Filter Driver for WinXp / Skkbdf][Running/Manual Start]
<system32\DRIVERS\Skkbdf.sys><Silitek Corp.>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
==================================
浏览器加载项
[DDDMon Class]
{6BDE1669-B490-48E3-B668-456314F2D6C3} <C:\Program Files\DuDu\DddClient\dddiemon.dll, >
[豪杰超级解霸V8]
{367E0A21-8601-4986-9C9A-153BF5ACA118} <C:\Herosoft\HeroV8\STHSDVD.EXE, N/A>
[]
{3DB9F45E-AA74-4373-A466-C18A9F1C500D} <C:\Program Files\DuDu\DddClient\DuDuAcc.exe, DuDu>
[联想]
{6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.lenovo.com, N/A>
[信息检索(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[Messenger]
{FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[DDDMon Class]
{6BDE1669-B490-48E3-B668-456314F2D6C3} <C:\Program Files\DuDu\DddClient\dddiemon.dll, >
[Shockwave Flash
Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\flash.ocx, Macromedia, Inc.>
[&使用DuDu 加速器下载]
<res://C:\Program Files\DuDu\DddClient\dddmext.dll/202, N/A>
[&使用DuDu 加速器下载全部链接]
<res://C:\Program Files\DuDu\DddClient\dddmext.dll/203, N/A>
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[豪杰超级解霸V8实时播放]
<C:\Herosoft\HeroV8\MPURLGET.HTM, N/A>
==================================
正在运行的进程
[PID: 140][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 192][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 216][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 260][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 272][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 412][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 460][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 500][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1076][C:\Program Files\木马杀客\mmsk.exe] [N/A, N/A]
[C:\Program Files\木马杀客\krnln.fnr] [, 1, 0, 0, 1]
[C:\Program Files\木马杀客\iext.fne] [, 1, 0, 0, 1]
[C:\Program Files\木马杀客\HtmlView.fne] [, 1, 0, 0, 1]
[C:\Program Files\木马杀客\TrayIcon.fne] [, 1, 0, 0, 1]
[C:\Program Files\木马杀客\iext2.fne] [, 1, 0, 0, 1]
[C:\Program Files\木马杀客\HYExtLib.fne] [N/A, N/A]
[C:\Program Files\木马杀客\xplib.fne] [N/A, N/A]
[C:\Program Files\木马杀客\shell.fne] [N/A, N/A]
[C:\Program Files\木马杀客\eAPI.fne] [, 1, 0, 0, 1]
[C:\Program Files\木马杀客\EThread.fne] [N/A, N/A]
[C:\Program Files\木马杀客\dp1.fne] [N/A, N/A]
[C:\Herosoft\HeroV8\VCvtShell.dll] [herosoft, 1, 0, 0, 1]
[PID: 1104][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Herosoft\HeroV8\VCvtShell.dll] [herosoft, 1, 0, 0, 1]
[PID: 1172][C:\WINDOWS\explorer.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Herosoft\HeroV8\VCvtShell.dll] [herosoft, 1, 0, 0, 1]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\WINDOWS\system32\LgdGuard.dll] [, ]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.7184]
[C:\WINDOWS\system32\nvshell.dll] [NVIDIA Corporation, 6.14.10.10035]
[PID: 1248][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Herosoft\HeroV8\VCvtShell.dll] [herosoft, 1, 0, 0, 1]
[PID: 1608][C:\Program Files\Microsoft Office\OFFICE11\POWERPNT.EXE] [Microsoft Corporation, 11.0.5529]
[C:\Herosoft\HeroV8\VCvtShell.dll] [herosoft, 1, 0, 0, 1]
[C:\WINDOWS\system32\FREEWB.IME] [Delphi Fan Studio, 3.3.001]
[PID: 1632][C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE] [Microsoft Corporation, 11.0.5604]
[C:\Herosoft\HeroV8\VCvtShell.dll] [herosoft, 1, 0, 0, 1]
[PID: 1732][H:\1文件\携带程序\RavWormZotob.exe] [Beijing Rising Tech. Co., Ltd., 1, 0, 0, 0]
[C:\Herosoft\HeroV8\VCvtShell.dll] [herosoft, 1, 0, 0, 1]
[PID: 792][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.313\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
[C:\Herosoft\HeroV8\VCvtShell.dll] [herosoft, 1, 0, 0, 1]
==================================
文件关联
.TXT Error. [NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
API HOOK
N/A
==================================
[/CODE]
