正在运行的进程
[PID: 616][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 736][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 760][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 820][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 832][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1000][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1352][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1524][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1704][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1872][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1916][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\WinRAR\rarext.dll] [N/A, N/A]
[C:\WINDOWS\system32\nvcpl.dll] [NVIDIA Corporation, 6.14.10.6172]
[C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.6172]
[C:\WINDOWS\system32\nvshell.dll] [NVIDIA Corporation, 6.14.10.6172]
[PID: 248][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[PID: 1508][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5.1.0.42]
[PID: 1152][C:\Program Files\Lenovo\功能键盘\HotKeyB.exe] [联想电脑公司, 2, 2, 0, 1]
[C:\Program Files\Lenovo\功能键盘\kbddrv.dll] [N/A, N/A]
[PID: 1828][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3208]
[PID: 384][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 412][F:\应用软件\实用工具\MagicSet\SRIECLI.EXE] [Super Rabbit Soft, 7.96]
[F:\应用软件\实用工具\MagicSet\shlobj71.ocx] [Sky Software (http://www.ssware.com), 7, 1, 0, 0]
[PID: 1460][C:\WINDOWS\system\WINSP00L.EXE] [N/A, N/A]
[PID: 1992][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[PID: 1132][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.6172]
[PID: 2664][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2536][F:\应用软件\实用工具\好的软件\防火墙\X战警防火墙\XGuard_1.0.1\XGuard\XGuard.exe] [N/A, N/A]
[PID: 668][C:\Vrv\Client\vrvmon.exe] [vrv, 1, 0, 0, 1]
[C:\Vrv\Client\vrvmonsc.dll] [BeiXinYuan, 1, 0, 0, 1]
[C:\Vrv\Client\vrvcfg.dll] [N/A, N/A]
[C:\Vrv\Client\vrvdll.dll] [N/A, N/A]
[C:\Vrv\Client\UNARJ.dll] [N/A, N/A]
[C:\Vrv\Client\UNZIP.dll] [N/A, N/A]
[C:\Vrv\Client\vrvguard.dll] [N/A, N/A]
[PID: 3912][C:\Vrv\Client\vrvnet.exe] [BeiXinYuan, 2006.5.18]
[PID: 4080][D:\敖游\Maxthon2\Maxthon.exe] [Maxthon International ltd., 2, 0, 1, 5442]
[D:\敖游\Maxthon2\mxpp.dll] [Maxthon, 1, 0, 0, 12]
[D:\敖游\Maxthon2\MxSk.dll] [Maxthon, 1, 0, 0, 100]
[D:\敖游\Maxthon2\MxProxy2.dll] [, 1, 0, 0, 2225]
[D:\敖游\Maxthon2\MxFav.dll] [Maxthon, 1, 0, 0, 9]
[D:\敖游\Maxthon2\maxzlib.dll] [N/A, 1.2.3]
[D:\敖游\Maxthon2\mxtool.dll] [, 1, 0, 0, 1]
[D:\敖游\Maxthon2\mxfeedU.dll] [, 1, 0, 45, 45]
[C:\WINDOWS\system32\Macromed\Flash\Flash6.ocx] [Macromedia, Inc., 6,0,88,0]
[PID: 3524][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system\MSVIDE0.dll] [mcsoft, 1, 0, 0, 0]
[PID: 1756][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 884][C:\Documents and Settings\Administrator\桌面\下载专用\sreng2\SREng.EXE] [Smallfrogs Studio, 2.3.13.690]
启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Corporation]
<Super Rabbit IEPro><F:\应用软件\实用工具\MagicSet\SRIECLI.EXE /LOAD> [Super Rabbit Soft]
<1MJPM1G9.l><C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system\MSVIDE0.dll,Run> [mcsoft]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<IMJPMIG8.1><"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Corporation]
<PHIME2002ASync><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Corporation]
<PHIME2002A><C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Corporation]
<SoundMan><SOUNDMAN.EXE> [(Verified)Realtek Semiconductor Corp.]
<NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)NVIDIA Corporation]
<nwiz><nwiz.exe /install> [NVIDIA Corporation]
<NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit> [(Verified)NVIDIA Corporation]
<FASTKEY><C:\Program Files\Lenovo\功能键盘\HotKeyB.exe> [联想电脑公司]
<IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload> [(Verified)Microsoft Corporation]
<TkBellExe><"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.]
<XGuard><F:\应用软件\实用工具\好的软件\防火墙\X战警防火墙\XGuard_1.0.1\XGuard\XGuard.exe -autostart> [N/A]
<vrvnet><C:\Vrv\Client\vrvnet.exe> [BeiXinYuan]
<xysecond><C:\Vrv\Client\vrvmon.exe> [vrv]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
<Super Rabbit SRCK><"F:\应用软件\实用工具\MagicSet\srck.exe" /autokill:283> [Super Rabbit Soft]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Corporation]
<Userinit><C:\WINDOWS\system32\userinit.exe> [(Verified)Microsoft Corporation]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe> [(Verified)Microsoft Corporation]
