收藏本站 |切换到宽版 | 更换论坛皮肤
 找回密码  忘记邮箱  QQ快速登录  快速登录  快速注册

卡饭»论坛 安全区 国外杀毒软件 发个样本和扫描记录,看看是中什么毒?
12下一页
返回列表 发新帖
查看: 6274|回复: 13
收起左侧

[求助] 发个样本和扫描记录,看看是中什么毒?

[复制链接]
mass3327
发表于 2013-5-31 08:37:15 | 显示全部楼层 |阅读模式
发个样本和扫描记录,看看是中什么毒?已全盘扫描杀毒,系统已还原过,前后用小A、诺顿、红伞、360卫士、清理助手扫描过,无毒,但还是不定时报毒,目前用小A网络版中,附图如下:


扫描记录如下:


  3. 2013-05-29,14:01:17

  5. System Repair Engineer 2.8.4.1331
  6. Smallfrogs (http://www.KZTechs.com)

  8. Windows 7 Ultimate Edition Service Pack 1 (Build 7601) - 管理权限用户 - 完整功能

  10. 以下内容被选中:
  11.     所有的启动项目(包括注册表、启动文件夹、服务等)
  12.     浏览器加载项
  13.     正在运行的进程(包括进程模块信息)
  14.     文件关联
  15.     Winsock 提供者
  16.     Autorun.inf
  17.     HOSTS 文件
  18.     进程特权扫描
  19.     计划任务
  20.     Windows 安全更新检查
  21.     API HOOK
  22.     隐藏进程


  25. 启动项目
  26. 注册表
  27. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  28.     <XKToolBox><D:\Program Files\侠客工具盒\ToolBox.exe>  [恒古软件]
  29.     <Foxmail><"D:\Program Files\Foxmail\Foxmail.exe" -min>  [(Verified)Tencent Technology(Shenzhen) Company Limited]
  30.     <strokeit><D:\Program Files\StrokeIt\strokeit.exe>  []
  31.     <DesktopSprite><D:\Program Files\DesktopSprite2\DesktopSprite.exe>  [SnowFox Studio.]
  32. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  33.     <RtHDVCpl><C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s>  [(Verified)Realtek Semiconductor Corp]
  34.     <Microsoft Pinyin IME Migration><C:\PROGRA~1\COMMON~1\MICROS~1\IME12\IMESC\IMSCMIG.EXE /INSTALL>  [(Verified)Microsoft Corporation]
  35.     <avast><"C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui>  [(Verified)AVAST Software]
  36.     <IMSCMig><C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload>  [(Verified)Microsoft Corporation]
  37. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  38.     <shell><explorer.exe>  [(Verified)Microsoft Windows]
  39.     <Userinit><C:\Windows\system32\userinit.exe,>  [(Verified)Microsoft Windows]
  40. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  41.     <AppInit_DLLs><>  [N/A]
  42. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
  43.     <WebCheck><>  [N/A]
  44. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
  45.     <Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows]
  46. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
  47.     <Internet Explorer><C:\Windows\System32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows]
  48. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
  49.     <Browser Customizations><"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP>  [(Verified)Microsoft Corporation]
  50. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
  51.     <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
  52. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
  53.     <Microsoft Windows><"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE>  [File is missing]
  54. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
  55.     <Microsoft Windows Media Player><%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI>  [(Verified)Microsoft Windows]
  56. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
  57.     <Windows Desktop Update><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows]
  58. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
  59.     <Web Platform Customizations><C:\Windows\System32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows]
  60. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
  61.     <N/A><C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation]

  63. ==================================
  64. 启动文件夹
  65. [腾讯通RTX]
  66.   <C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\腾讯通RTX.lnk --> D:\PROGRA~1\Tencent\RTXC\RTX.exe [TENCENT]><N>
  67. [腾讯通RTX]
  68.   <C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\腾讯通RTX.lnk --> D:\PROGRA~1\Tencent\RTXC\RTX.exe [TENCENT]><N>

  70. ==================================
  71. 服务
  72. [Adobe Flash Player Update Service / AdobeFlashPlayerUpdateSvc][Stopped/Manual Start]
  73.   <C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe><Adobe Systems Incorporated>
  74. [avast! Antivirus / avast! Antivirus][Running/Auto Start]
  75.   <"C:\Program Files\AVAST Software\Avast\AvastSvc.exe"><AVAST Software>
  76. [avast! Firewall / avast! Firewall][Running/Auto Start]
  77.   <"C:\Program Files\AVAST Software\Avast\afwServ.exe"><AVAST Software>
  78. [DTLService / DTLService][Running/Auto Start]
  79.   <D:\Program Files\DriveTheLife\DTLService.exe><深圳市驱动人生软件技术有限公司>
  80. [ForceWare Intelligent Application Manager (IAM) / ForceWare Intelligent Application Manager (IAM)][Running/Auto Start]
  81.   <C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe><>
  82. [KNBCenter / KNBCenter][Stopped/Disabled]
  83.   <"R:\Program Files\liebao\LBBrowser\KNBCenter.exe"><(File is missing)>
  84. [Kingsoft Common Content Service / KSDSVC][Stopped/Auto Start]
  85.   <D:\Program Files\Kingsoft\PowerWord PE\ksdsvc.exe><(File is missing)>
  86. [ForceWare IP service / nSvcIp][Running/Auto Start]
  87.   <C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe><>
  88. [NVIDIA Driver Helper Service / NVSvc][Running/Auto Start]
  89.   <C:\Windows\system32\nvvsvc.exe><NVIDIA Corporation>

  91. ==================================
  92. 驱动程序
  93. [adp94xx / adp94xx][Stopped/Manual Start]
  94.   <\SystemRoot\system32\drivers\adp94xx.sys><Adaptec, Inc.>
  95. [adpahci / adpahci][Stopped/Manual Start]
  96.   <\SystemRoot\system32\drivers\adpahci.sys><Adaptec, Inc.>
  97. [adpu320 / adpu320][Stopped/Manual Start]
  98.   <\SystemRoot\system32\drivers\adpu320.sys><Adaptec, Inc.>
  99. [aic78xx / aic78xx][Stopped/Manual Start]
  100.   <\SystemRoot\system32\drivers\djsvs.sys><Adaptec, Inc.>
  101. [aliide / aliide][Stopped/Manual Start]
  102.   <\SystemRoot\system32\drivers\aliide.sys><Acer Laboratories Inc.>
  103. [amdsata / amdsata][Stopped/Manual Start]
  104.   <\SystemRoot\system32\drivers\amdsata.sys><Advanced Micro Devices>
  105. [amdsbs / amdsbs][Stopped/Manual Start]
  106.   <\SystemRoot\system32\drivers\amdsbs.sys><AMD Technologies Inc.>
  107. [amdxata / amdxata][Running/Boot Start]
  108.   <\SystemRoot\system32\drivers\amdxata.sys><Advanced Micro Devices>
  109. [arc / arc][Stopped/Manual Start]
  110.   <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
  111. [arcsas / arcsas][Stopped/Manual Start]
  112.   <\SystemRoot\system32\drivers\arcsas.sys><Adaptec, Inc.>
  113. [aswMonFlt / aswMonFlt][Running/Auto Start]
  114.   <\??\C:\Windows\system32\drivers\aswMonFlt.sys><AVAST Software>
  115. [avast! Firewall NDIS Filter Service / aswNdis][Running/Boot Start]
  116.   <\SystemRoot\system32\DRIVERS\aswNdis.sys><ALWIL Software>
  117. [aswRdr / aswRdr][Running/System Start]
  118.   <\SystemRoot\System32\Drivers\aswrdr2.sys><AVAST Software>
  119. [Broadcom NetXtreme II VBD / b06bdrv][Stopped/Manual Start]
  120.   <\SystemRoot\system32\drivers\bxvbdx.sys><Broadcom Corporation>
  121. [Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60x][Stopped/Manual Start]
  122.   <system32\DRIVERS\b57nd60x.sys><Broadcom Corporation>
  123. [Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start]
  124.   <\SystemRoot\system32\drivers\BrFiltLo.sys><Brother Industries, Ltd.>
  125. [Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start]
  126.   <\SystemRoot\system32\drivers\BrFiltUp.sys><Brother Industries, Ltd.>
  127. [Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Manual Start]
  128.   <\SystemRoot\System32\Drivers\Brserid.sys><Brother Industries Ltd.>
  129. [Brother WDM Serial driver / BrSerWdm][Stopped/Manual Start]
  130.   <\SystemRoot\System32\Drivers\BrSerWdm.sys><Brother Industries Ltd.>
  131. [Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Manual Start]
  132.   <\SystemRoot\System32\Drivers\BrUsbMdm.sys><Brother Industries Ltd.>
  133. [Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start]
  134.   <\SystemRoot\System32\Drivers\BrUsbSer.sys><Brother Industries Ltd.>
  135. [cmdide / cmdide][Stopped/Manual Start]
  136.   <\SystemRoot\system32\drivers\cmdide.sys><CMD Technology, Inc.>
  137. [cpuz135 / cpuz135][Stopped/Manual Start]
  138.   <\??\C:\Users\ADMINI~1\AppData\Local\Temp\cpuz135\cpuz135_x32.sys><N/A>
  139. [DTLD48EC12D954B431e88684F32293ABA20 / DTLD48EC12D954B431e88684F32293ABA20][Running/System Start]
  140.   <\??\D:\Program Files\DriveTheLife\DtlSrvPro.dat><N/A>
  141. [Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start]
  142.   <system32\DRIVERS\E1G60I32.sys><Intel Corporation>
  143. [Broadcom NetXtreme II 10 GigE VBD / ebdrv][Stopped/Manual Start]
  144.   <\SystemRoot\system32\drivers\evbdx.sys><Broadcom Corporation>
  145. [elxstor / elxstor][Stopped/Manual Start]
  146.   <\SystemRoot\system32\drivers\elxstor.sys><Emulex>
  147. [Primo Ramdisk Controller / FancyRd][Running/Boot Start]
  148.   <\SystemRoot\system32\DRIVERS\fancyrd.sys><Romex Software>
  149. [Hauppauge Consumer Infrared Receiver / hcw85cir][Stopped/Manual Start]
  150.   <\SystemRoot\system32\drivers\hcw85cir.sys><Hauppauge Computer Works, Inc.>
  151. [HpSAMD / HpSAMD][Stopped/Manual Start]
  152.   <\SystemRoot\system32\drivers\HpSAMD.sys><Hewlett-Packard Company>
  153. [HWCore / HWCore][Running/Manual Start]
  154.   <\??\D:\Program Files\DriveTheLife\hwcore.sys><N/A>
  155. [iaStorV / iaStorV][Stopped/Manual Start]
  156.   <\SystemRoot\system32\drivers\iaStorV.sys><Intel Corporation>
  157. [iirsp / iirsp][Stopped/Manual Start]
  158.   <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
  159. [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  160.   <system32\drivers\RTKVHDA.sys><Realtek Semiconductor Corp.>
  161. [KNBDrv / KNBDrv][Stopped/Manual Start]
  162.   <\??\C:\Windows\system32\drivers\KNBDrv.sys><Kingsoft Corporation>
  163. [LSI_FC / LSI_FC][Stopped/Manual Start]
  164.   <\SystemRoot\system32\drivers\lsi_fc.sys><LSI Corporation>
  165. [LSI_SAS / LSI_SAS][Stopped/Manual Start]
  166.   <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Corporation>
  167. [LSI_SAS2 / LSI_SAS2][Stopped/Manual Start]
  168.   <\SystemRoot\system32\drivers\lsi_sas2.sys><LSI Corporation>
  169. [LSI_SCSI / LSI_SCSI][Stopped/Manual Start]
  170.   <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Corporation>
  171. [megasas / megasas][Stopped/Manual Start]
  172.   <\SystemRoot\system32\drivers\megasas.sys><LSI Corporation>
  173. [MegaSR / MegaSR][Stopped/Manual Start]
  174.   <\SystemRoot\system32\drivers\MegaSR.sys><LSI Corporation, Inc.>
  175. [Softlumos Multi-Platform / Mulsys][Running/Boot Start]
  176.   <\SystemRoot\System32\DRIVERS\Mulsys.SYS><Windows (R) Codename Longhorn DDK provider>
  177. [nfrd960 / nfrd960][Stopped/Manual Start]
  178.   <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
  179. [NVIDIA nForce 网络控制器驱动程序 / NVENETFD][Stopped/Manual Start]
  180.   <system32\DRIVERS\nvm62x32.sys><NVIDIA Corporation>
  181. [nvlddmkm / nvlddmkm][Running/Manual Start]
  182.   <system32\DRIVERS\nvlddmkm.sys><NVIDIA Corporation>
  183. [NVIDIA nForce 10/100/1000 Mbps Ethernet  / NVNET][Running/Manual Start]
  184.   <system32\DRIVERS\nvmf6232.sys><NVIDIA Corporation>
  185. [nvraid / nvraid][Stopped/Manual Start]
  186.   <\SystemRoot\system32\drivers\nvraid.sys><NVIDIA Corporation>
  187. [nvstor / nvstor][Running/Boot Start]
  188.   <\SystemRoot\system32\drivers\nvstor.sys><NVIDIA Corporation>
  189. [ql2300 / ql2300][Stopped/Manual Start]
  190.   <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
  191. [ql40xx / ql40xx][Stopped/Manual Start]
  192.   <\SystemRoot\system32\drivers\ql40xx.sys><QLogic Corporation>
  193. [Serial port driver / Serial][Running/System Start]
  194.   <system32\DRIVERS\serial.sys><Brother Industries Ltd.>
  195. [SiSRaid2 / SiSRaid2][Stopped/Manual Start]
  196.   <\SystemRoot\system32\drivers\SiSRaid2.sys><Silicon Integrated Systems Corp.>
  197. [SiSRaid4 / SiSRaid4][Stopped/Manual Start]
  198.   <\SystemRoot\system32\drivers\sisraid4.sys><Silicon Integrated Systems>
  199. [stexstor / stexstor][Stopped/Manual Start]
  200.   <\SystemRoot\system32\drivers\stexstor.sys><Promise Technology>
  201. [VirtualBox Service / VBoxDrv][Running/System Start]
  202.   <system32\DRIVERS\VBoxDrv.sys><Oracle Corporation>
  203. [VirtualBox Host-Only Ethernet Adapter / VBoxNetAdp][Running/Manual Start]
  204.   <system32\DRIVERS\VBoxNetAdp.sys><Oracle Corporation>
  205. [VirtualBox Bridged Networking Service / VBoxNetFlt][Running/Manual Start]
  206.   <system32\DRIVERS\VBoxNetFlt.sys><Oracle Corporation>
  207. [VirtualBox USB Monitor Driver / VBoxUSBMon][Running/System Start]
  208.   <system32\DRIVERS\VBoxUSBMon.sys><Oracle Corporation>
  209. [VGPU / VGPU][Stopped/Manual Start]
  210.   <System32\drivers\rdvgkmd.sys><N/A>
  211. [viaide / viaide][Stopped/Manual Start]
  212.   <\SystemRoot\system32\drivers\viaide.sys><VIA Technologies, Inc.>
  213. [vsmraid / vsmraid][Stopped/Manual Start]
  214.   <\SystemRoot\system32\drivers\vsmraid.sys><VIA Technologies Inc.,Ltd>
  215. [Virtual Device Driver / VxDevice][Running/Boot Start]
  216.   <\SystemRoot\System32\DRIVERS\VxDevice.SYS><N/A>

  218. ==================================
  219. 浏览器加载项
  220. [VideoUrlSniffer Class]
  221.   {00000ADA-7E0D-47C1-986C-F017D09C4304} <C:\Program Files\Common Files\Thunder Network\KanKan\VideoUrlSniffer.2.0.1.99.(782).dll, (Signed) 深圳市迅雷网络技术有限公司>
  222. [迅雷流媒体探测IE支持]
  223.   {01443AEC-0FD1-40fd-9C87-E93D1494C233} <, >
  224. [迅雷下载支持]
  225.   {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder\BHO\XunleiBHO7.2.90.92.dll, (Signed) 深圳市迅雷网络技术有限公司>
  226. []
  227.   {14c1d00e-0b92-4379-880b-444fa2d740dd} <, >
  228. [迅雷看看播放器]
  229.   {24c1d00e-0b92-4379-880b-444fa2d740dd} <, >
  230. [信息检索(&R)]
  231.   {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation>
  232. [Shockwave Flash Object]
  233.   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash32_11_7_700_202.ocx, (Signed) Adobe Systems, Inc.>
  234. [VideoUrlSniffer Class]
  235.   {00000ADA-7E0D-47C1-986C-F017D09C4304} <C:\Program Files\Common Files\Thunder Network\KanKan\VideoUrlSniffer.2.0.1.99.(782).dll, (Signed) 深圳市迅雷网络技术有限公司>
  236. [迅雷流媒体探测IE支持]
  237.   {01443AEC-0FD1-40FD-9C87-E93D1494C233} <, >
  238. [Agent Class]
  239.   {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\Thunder\BHO\ThunderAgent7.2.90.92.dll, (Signed) 深圳市迅雷网络技术有限公司>
  240. [QQPYChecker Class]
  241.   {5052B4D0-9DF7-45ef-88EF-F42C0EA33A43} <D:\Program Files\QQPinyin\4.5.1206.400\QQImeChecker.dll, (Signed) Tencent>
  242. [Windows Media Player]
  243.   {6BF52A52-394A-11D3-B153-00C04F79FAA6} <%SystemRoot%\system32\wmp.dll, (Signed) N/A>
  244. [Access UserInfo by Script]
  245.   {6EE9CD3E-A386-4DAE-9737-A759DBF927AE} <D:\Program Files\Thunder Network\Xmp\Program\UserAgent1.0.2.14.dll, (Signed) Thunder Networking Technologies,LTD>
  246. [迅雷下载支持]
  247.   {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\Program Files\Thunder\BHO\XunleiBHO7.2.90.92.dll, (Signed) 深圳市迅雷网络技术有限公司>
  248. [OFrameObject Class]
  249.   {9701758C-4373-482E-B13C-776C048EC890} <, >
  250. [VersionDetector Class]
  251.   {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.32.(999).dll, N/A>
  252. [APlayer Control]
  253.   {A9322148-C691-4B9D-91FC-B9C461DBE9DD} <, >
  254. [DapCtrl Class]
  255.   {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <, >
  256. [LiveDapCtrl Class]
  257.   {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F9} <, >
  258. [Shockwave Flash Object]
  259.   {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\Windows\system32\Macromed\Flash\Flash32_11_7_700_202.ocx, (Signed) Adobe Systems, Inc.>
  260. [xoliimpl Class]
  261.   {DD5BF6D1-6663-47E0-9DFA-5C343CAF178E} <C:\Windows\xinstaller.dll, (Signed) 深圳市迅雷技术有限公司>
  262. []
  263.   {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >
  264. [使用迅雷下载]
  265.   <D:\Program Files\Thunder\BHO\geturl.htm, N/A>
  266. [使用迅雷看看播放器播放]
  267.   <C:\ProgramData\Thunder Network\XMP4\core\program\XmpIEMenu.htm, N/A>
  268. [使用迅雷离线下载]
  269.   <D:\Program Files\Thunder\BHO\OfflineDownload.htm, N/A>
  270. [导出到 Microsoft Excel(&X)]
  271.   <res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000, N/A>

  273. ==================================
  274. 正在运行的进程
  275. [PID: 308 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  276. [PID: 468 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  277. [PID: 528 / SYSTEM][C:\Windows\system32\wininit.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  278. [PID: 584 / SYSTEM][C:\Windows\system32\services.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  279. [PID: 600 / SYSTEM][C:\Windows\system32\lsass.exe]  [(Verified) Microsoft Corporation, 6.1.7601.17725 (win7sp1_gdr.111116-1503)]
  280. [PID: 608 / SYSTEM][C:\Windows\system32\lsm.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  281. [PID: 756 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  282. [PID: 844 / SYSTEM][C:\Windows\system32\nvvsvc.exe]  [NVIDIA Corporation, 8.17.12.6300]
  283.     [C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll]  [NVIDIA Corporation, 7.17.12.6300]
  284. [PID: 884 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  285. [PID: 960 / LOCAL SERVICE][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  286.     [C:\Windows\system32\MBWrp32.dll]  [Creative Technology Ltd., 1.0.0.200]
  287.     [C:\Windows\system32\RtkAPO.dll]  [Realtek Semiconductor Corp., 11, 0, 6000, 298]
  288. [PID: 1020 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  289. [PID: 1060 / SYSTEM][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  290. [PID: 1196 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  291. [PID: 1364 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  292. [PID: 1504 / SYSTEM][C:\Program Files\AVAST Software\Avast\AvastSvc.exe]  [AVAST Software, 8.0.1489.300]
  293.     [C:\Program Files\AVAST Software\Avast\aswCmnBS.dll]  [AVAST Software, 8.0.1489.300]
  294.     [C:\Program Files\AVAST Software\Avast\aswCmnOS.dll]  [AVAST Software, 8.0.1489.300]
  295.     [C:\Program Files\AVAST Software\Avast\aswCmnIS.dll]  [AVAST Software, 8.0.1489.300]
  296.     [C:\Program Files\AVAST Software\Avast\ashBase.dll]  [AVAST Software, 8.0.1489.300]
  297.     [C:\Program Files\AVAST Software\Avast\aswEngLdr.dll]  [AVAST Software, 8.0.1489.300]
  298.     [C:\Program Files\AVAST Software\Avast\2052\Base.dll]  [AVAST Software, 8.0.1489.300]
  299.     [C:\Program Files\AVAST Software\Avast\ashServ.dll]  [AVAST Software, 8.0.1489.300]
  300.     [C:\Program Files\AVAST Software\Avast\aswAux.dll]  [AVAST Software, 8.0.1489.300]
  301.     [C:\Program Files\AVAST Software\Avast\ashTask.dll]  [AVAST Software, 8.0.1489.300]
  302.     [C:\Program Files\AVAST Software\Avast\ashTaskEx.dll]  [AVAST Software, 8.0.1489.300]
  303.     [C:\Program Files\AVAST Software\Avast\aswLog.dll]  [AVAST Software, 8.0.1489.300]
  304.     [C:\Program Files\AVAST Software\Avast\aswSqLt.dll]  [AVAST Software, 8.0.1489.300]
  305.     [C:\Program Files\AVAST Software\Avast\aswProperty.dll]  [AVAST Software, 8.0.1489.300]
  306.     [C:\Program Files\AVAST Software\Avast\AavmRpch.dll]  [AVAST Software, 8.0.1489.300]
  307.     [C:\Program Files\AVAST Software\Avast\Aavm4h.dll]  [AVAST Software, 8.0.1489.300]
  308.     [C:\Program Files\AVAST Software\Avast\avastIP.dll]  [AVAST Software, 8.0.1489.300]
  309.     [C:\Program Files\AVAST Software\Avast\aswIdle.dll]  [AVAST Software, 8.0.1489.300]
  310.     [C:\Program Files\AVAST Software\Avast\aswDld.dll]  [AVAST Software, 8.0.1489.300]
  311.     [C:\Program Files\AVAST Software\Avast\aswStrm.dll]  [AVAST Software, 8.0.1489.300]
  312.     [C:\Program Files\AVAST Software\Avast\AhResNS.dll]  [AVAST Software, 8.0.1489.300]
  313.     [C:\Program Files\AVAST Software\Avast\AhResStd.dll]  [AVAST Software, 8.0.1489.300]
  314.     [C:\Program Files\AVAST Software\Avast\AhResWS.dll]  [AVAST Software, 8.0.1489.300]
  315.     [C:\Program Files\AVAST Software\Avast\ashWebSv.dll]  [AVAST Software, 8.0.1489.300]
  316.     [C:\Program Files\AVAST Software\Avast\ashWsFtr.dll]  [AVAST Software, 8.0.1489.300]
  317.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswEngin.dll]  [AVAST Software, 7.0.1488.137]
  318.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswCmnIS.dll]  [AVAST Software, 7.0.1483.117]
  319.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswCmnOS.dll]  [AVAST Software, 7.0.1485.125]
  320.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswCmnBS.dll]  [AVAST Software, 7.0.1488.137]
  321.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswScan.dll]  [AVAST Software, 7.0.1485.125]
  322.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswRep.dll]  [AVAST Software, 7.0.1488.138]
  323.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswFiDb.dll]  [AVAST Software, 7.0.1484.119]
  324.     [C:\Program Files\AVAST Software\Avast\defs\13052801\algo.dll]  [N/A, ]
  325.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswCleanerDLL.dll]  [AVAST Software, 1, 0, 212, 0]
  326. [PID: 1640 / SYSTEM][C:\Program Files\AVAST Software\Avast\afwServ.exe]  [AVAST Software, 8.0.1489.300]
  327.     [C:\Program Files\AVAST Software\Avast\afwCore.dll]  [AVAST Software, 8.0.1489.300]
  328.     [C:\Program Files\AVAST Software\Avast\Aavm4h.dll]  [AVAST Software, 8.0.1489.300]
  329.     [C:\Program Files\AVAST Software\Avast\AavmRpch.dll]  [AVAST Software, 8.0.1489.300]
  330.     [C:\Program Files\AVAST Software\Avast\ashBase.dll]  [AVAST Software, 8.0.1489.300]
  331.     [C:\Program Files\AVAST Software\Avast\aswEngLdr.dll]  [AVAST Software, 8.0.1489.300]
  332.     [C:\Program Files\AVAST Software\Avast\aswCmnOS.dll]  [AVAST Software, 8.0.1489.300]
  333.     [C:\Program Files\AVAST Software\Avast\aswCmnIS.dll]  [AVAST Software, 8.0.1489.300]
  334.     [C:\Program Files\AVAST Software\Avast\aswCmnBS.dll]  [AVAST Software, 8.0.1489.300]
  335.     [C:\Program Files\AVAST Software\Avast\ashTask.dll]  [AVAST Software, 8.0.1489.300]
  336.     [C:\Program Files\AVAST Software\Avast\aswAux.dll]  [AVAST Software, 8.0.1489.300]
  337.     [C:\Program Files\AVAST Software\Avast\aswProperty.dll]  [AVAST Software, 8.0.1489.300]
  338.     [C:\Program Files\AVAST Software\Avast\avastIP.dll]  [AVAST Software, 8.0.1489.300]
  339.     [C:\Program Files\AVAST Software\Avast\aswLog.dll]  [AVAST Software, 8.0.1489.300]
  340.     [C:\Program Files\AVAST Software\Avast\aswSqLt.dll]  [AVAST Software, 8.0.1489.300]
  341.     [C:\Program Files\AVAST Software\Avast\afwCoreServ.dll]  [AVAST Software, 8.0.1489.300]
  342.     [C:\Program Files\AVAST Software\Avast\afwRpc.dll]  [AVAST Software, 8.0.1489.300]
  343.     [C:\Program Files\AVAST Software\Avast\afwCoreClient.dll]  [AVAST Software, 8.0.1489.300]
  344.     [C:\Program Files\AVAST Software\Avast\afwGeoIP.dll]  [AVAST Software, 8.0.1489.300]
  345.     [C:\Program Files\AVAST Software\Avast\2052\Base.dll]  [AVAST Software, 8.0.1489.300]
  346.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswEngin.dll]  [AVAST Software, 7.0.1488.137]
  347.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswCmnIS.dll]  [AVAST Software, 7.0.1483.117]
  348.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswCmnOS.dll]  [AVAST Software, 7.0.1485.125]
  349.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswCmnBS.dll]  [AVAST Software, 7.0.1488.137]
  350.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswScan.dll]  [AVAST Software, 7.0.1485.125]
  351.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswRep.dll]  [AVAST Software, 7.0.1488.138]
  352.     [C:\Program Files\AVAST Software\Avast\defs\13052801\aswFiDb.dll]  [AVAST Software, 7.0.1484.119]
  353.     [C:\Program Files\AVAST Software\Avast\defs\13052801\fwAux.dll]  [AVAST Software, 7.0.1481.100]
  354. [PID: 1804 / SYSTEM][C:\Windows\System32\spoolsv.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  355.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZSDNT5UI.DLL]  [Zenographics, Inc., 0, 3, 2911, 1]
  356.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZSDDM.DLL]  [Zenographics, Inc., 6, 20, 1611, 0]
  357.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZSPOOL.dll]  [Zenographics, Inc., 6, 1, 1, 0]
  358.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZGDI.dll]  [Zenographics, Inc., 5, 60, 709, 0]
  359.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZTAG.dll]  [Zenographics, Inc., 5, 60, 1210, 0]
  360.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZSDDMUI.DLL]  [Zenographics, Inc., 6, 2, 411, 0]
  361.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZSR.dll]  [Zenographics, Inc., 6, 20, 1625, 0]
  362. [PID: 1832 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  363. [PID: 1952 / SYSTEM][D:\Program Files\DriveTheLife\DTLService.exe]  [深圳市驱动人生软件技术有限公司, 1, 0, 1, 32]
  364.     [D:\Program Files\DriveTheLife\PipeProtocol.dll]  [N/A, ]
  365.     [D:\Program Files\DriveTheLife\dtlupdater\checkupdate.dll]  [深圳市驱动人生软件技术有限公司, 1, 0, 1, 15]
  366.     [D:\Program Files\DriveTheLife\substat.dll]  [深圳市驱动人生软件技术有限公司, 1, 0, 0, 21]
  367.     [D:\Program Files\DriveTheLife\tipsdll.dll]  [, 1, 0, 1, 17]
  368.     [D:\Program Files\DriveTheLife\drvs.dll]  [深圳市驱动人生软件技术有限公司, 1, 0, 1, 32]
  369.     [D:\Program Files\DriveTheLife\DstUdp.dll]  [深圳市驱动人生软件技术有限公司, 1, 0, 1, 20]
  370.     [D:\Program Files\DriveTheLife\utility.dll]  [深圳市驱动人生软件技术有限公司, 1, 0, 0, 10]
  371.     [D:\Program Files\DriveTheLife\udp.dll]  [深圳市驱动人生软件技术有限公司, 1, 0, 0, 7]
  372.     [D:\Program Files\DriveTheLife\hdenum.dll]  [深圳市驱动人生软件技术有限公司, 2, 3, 3, 7]
  373.     [D:\Program Files\DriveTheLife\bios.dll]  [深圳市驱动人生软件技术有限公司, 1.1.16.0]
  374. [PID: 1868 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe]  [, 1, 0, 1, 0]
  375.     [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\NMI.dll]  [NVIDIA Corporation, 2, 2, 0, 7325]
  376.     [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll]  [N/A, ]
  377.     [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll]  [N/A, ]
  378. [PID: 1544 / SYSTEM][C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe]  [, 2, 2, 0, 7325]
  379.     [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nv_common.dll]  [N/A, ]
  380.     [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\NMI.dll]  [NVIDIA Corporation, 2, 2, 0, 7325]
  381.     [C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\SpecialCase.dll]  [N/A, ]
  382. [PID: 2200 / NETWORK SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  383. [PID: 3108 / SYSTEM][C:\Windows\system32\SearchIndexer.exe]  [(Verified) Microsoft Corporation, 7.00.7600.16385 (win7_rtm.090713-1255)]
  384. [PID: 3544 / LOCAL SERVICE][C:\Windows\system32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  385. [PID: 3640 / SYSTEM][C:\Windows\System32\svchost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  386. [PID: 1612 / SYSTEM][C:\Windows\system32\SearchProtocolHost.exe]  [(Verified) Microsoft Corporation, 7.00.7601.17610 (win7sp1_gdr.110503-1502)]
  387. [PID: 1220 / SYSTEM][C:\Windows\system32\csrss.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  388. [PID: 3528 / SYSTEM][C:\Windows\system32\winlogon.exe]  [(Verified) Microsoft Corporation, 6.1.7601.17514 (win7sp1_rtm.101119-1850)]
  389. [PID: 792 / SYSTEM][C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe]  [NVIDIA Corporation, 7.17.12.6300]
  390.     [C:\Program Files\NVIDIA Corporation\Display\NVXDApiX.dll]  [NVIDIA Corporation, 7.17.12.6300]
  391.     [C:\Program Files\NVIDIA Corporation\Display\NvUI.dll]  [NVIDIA Corporation, 7.17.12.6300]
  392.     [C:\Windows\system32\nvapi.dll]  [NVIDIA Corporation, 8.17.12.6300]
  393.     [C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll]  [NVIDIA Corporation, 7.17.12.6300]
  394.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  395. [PID: 1788 / SYSTEM][C:\Windows\system32\nvvsvc.exe]  [NVIDIA Corporation, 8.17.12.6300]
  396.     [C:\Windows\system32\NVSVC.DLL]  [NVIDIA Corporation, 8.17.12.6300]
  397.     [C:\Windows\system32\nvapi.dll]  [NVIDIA Corporation, 8.17.12.6300]
  398.     [C:\Windows\system32\NVSVCR.DLL]  [NVIDIA Corporation, 8.17.12.6300]
  399.     [C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll]  [NVIDIA Corporation, 7.17.12.6300]
  400.     [C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll]  [NVIDIA Corporation, 7.17.12.6300]
  401. [PID: 2876 / Administrator][C:\Windows\system32\Dwm.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  402.     [C:\Windows\system32\nvd3dum.dll]  [NVIDIA Corporation, 8.17.12.6300]
  403. [PID: 2156 / Administrator][C:\Windows\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  404.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  405.     [C:\Program Files\AVAST Software\Avast\ashShell.dll]  [AVAST Software, 8.0.1489.300]
  406.     [D:\Program Files\NetSpeedMonitorX86\nsm.dll]  [Florian Gilles, 2, 5, 4, 0]
  407.     [C:\Windows\System32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0401]
  408.     [C:\Windows\system32\FXSAPI.dll]  [Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  409.     [C:\Windows\system32\nvshext.dll]  [NVIDIA Corporation, 263.00]
  410.     [C:\Program Files\NVIDIA Corporation\Display\NVXDBat.dll]  [NVIDIA Corporation, 7.17.12.6300]
  411.     [C:\Program Files\NVIDIA Corporation\Display\NVXDPlcy.dll]  [NVIDIA Corporation, 7.17.12.6300]
  412.     [C:\Program Files\360\360zip\360ZipExt.dll]  [360.cn, 2, 0, 0, 1071]
  413.     [D:\Program Files\Tencent\RTXC\RTXShlMenu.dll]  [Tencent, 1, 0, 0, 1]
  414.     [D:\Program Files\侠客工具盒\TBoxExt.dll]  [恒古软件, 6, 0, 0, 0]
  415.     [D:\Program Files\StrokeIt\mhook.dll]  [N/A, ]
  416. [PID: 2484 / Administrator][C:\Windows\system32\taskhost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  417.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  418.     [C:\Windows\System32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0401]
  419. [PID: 2776 / Administrator][C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe]  [Realtek Semiconductor, 1, 0, 0, 821]
  420.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  421. [PID: 716 / Administrator][C:\Program Files\AVAST Software\Avast\AvastUI.exe]  [AVAST Software, 8.0.1489.300]
  422.     [C:\Program Files\AVAST Software\Avast\aswUtil.dll]  [AVAST Software, 8.0.1489.300]
  423.     [C:\Program Files\AVAST Software\Avast\ashBase.dll]  [AVAST Software, 8.0.1489.300]
  424.     [C:\Program Files\AVAST Software\Avast\aswEngLdr.dll]  [AVAST Software, 8.0.1489.300]
  425.     [C:\Program Files\AVAST Software\Avast\aswCmnOS.dll]  [AVAST Software, 8.0.1489.300]
  426.     [C:\Program Files\AVAST Software\Avast\aswCmnIS.dll]  [AVAST Software, 8.0.1489.300]
  427.     [C:\Program Files\AVAST Software\Avast\aswCmnBS.dll]  [AVAST Software, 8.0.1489.300]
  428.     [C:\Program Files\AVAST Software\Avast\ashTask.dll]  [AVAST Software, 8.0.1489.300]
  429.     [C:\Program Files\AVAST Software\Avast\aswAux.dll]  [AVAST Software, 8.0.1489.300]
  430.     [C:\Program Files\AVAST Software\Avast\avastIP.dll]  [AVAST Software, 8.0.1489.300]
  431.     [C:\Program Files\AVAST Software\Avast\aswProperty.dll]  [AVAST Software, 8.0.1489.300]
  432.     [C:\Program Files\AVAST Software\Avast\AavmRpch.dll]  [AVAST Software, 8.0.1489.300]
  433.     [C:\Program Files\AVAST Software\Avast\aswLog.dll]  [AVAST Software, 8.0.1489.300]
  434.     [C:\Program Files\AVAST Software\Avast\aswSqLt.dll]  [AVAST Software, 8.0.1489.300]
  435.     [C:\Program Files\AVAST Software\Avast\2052\Base.dll]  [AVAST Software, 8.0.1489.300]
  436.     [C:\Program Files\AVAST Software\Avast\afwGeoIP.dll]  [AVAST Software, 8.0.1489.300]
  437.     [C:\Program Files\AVAST Software\Avast\aswData.dll]  [AVAST Software, 8.0.1489.300]
  438.     [C:\Program Files\AVAST Software\Avast\ashTaskEx.dll]  [AVAST Software, 8.0.1489.300]
  439.     [C:\Program Files\AVAST Software\Avast\Aavm4h.dll]  [AVAST Software, 8.0.1489.300]
  440.     [C:\Program Files\AVAST Software\Avast\afwCore.dll]  [AVAST Software, 8.0.1489.300]
  441.     [C:\Program Files\AVAST Software\Avast\afwCoreClient.dll]  [AVAST Software, 8.0.1489.300]
  442.     [C:\Program Files\AVAST Software\Avast\afwRpc.dll]  [AVAST Software, 8.0.1489.300]
  443.     [C:\Program Files\AVAST Software\Avast\2052\UILangRes.dll]  [AVAST Software, 8.0.1489.300]
  444.     [C:\Program Files\AVAST Software\Avast\CommonRes.dll]  [AVAST Software, 8.0.1489.300]
  445.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  446.     [C:\Program Files\AVAST Software\Avast\defs\13052801\uiExt.dll]  [AVAST Software, 7.0.1485.126]
  447.     [C:\Windows\System32\l3codeca.acm]  [Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0401]
  448.     [C:\Program Files\AVAST Software\Avast\ashShell.dll]  [AVAST Software, 8.0.1489.300]
  449. [PID: 3980 / Administrator][D:\Program Files\侠客工具盒\ToolBox.exe]  [恒古软件, 6, 0, 0, 0]
  450.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  451.     [D:\Program Files\StrokeIt\mhook.dll]  [N/A, ]
  452. [PID: 4080 / Administrator][D:\Program Files\Foxmail\Foxmail.exe]  [Tencent Inc., 7.0.1.91]
  453.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  454.     [D:\Program Files\Foxmail\FoxNote.dll]  [N/A, ]
  455.     [D:\Program Files\Foxmail\rfri.dll]  [Tencent Inc., 1, 0, 0, 1]
  456.     [D:\Program Files\Foxmail\nspi.dll]  [TENCENT, 1, 0, 0, 1]
  457.     [D:\Program Files\Foxmail\emsmdb.dll]  [Tencent Inc., 1, 0, 0, 1]
  458.     [D:\Program Files\Foxmail\Skin\TXScrollbar.dll]  [N/A, ]
  459.     [C:\Program Files\AVAST Software\Avast\ashShell.dll]  [AVAST Software, 8.0.1489.300]
  460.     [D:\Program Files\Foxmail\libeay32.dll]  [N/A, ]
  461.     [D:\Program Files\Foxmail\ssleay32.dll]  [N/A, ]
  462. [PID: 3992 / Administrator][D:\Program Files\StrokeIt\strokeit.exe]  [, Pro .9.7]
  463.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  464.     [D:\Program Files\StrokeIt\Plugins\exec.dll]  [N/A, ]
  465.     [D:\Program Files\StrokeIt\Plugins\keys.dll]  [N/A, ]
  466.     [D:\Program Files\StrokeIt\Plugins\msg.dll]  [N/A, ]
  467.     [D:\Program Files\StrokeIt\Plugins\multimon.dll]  [N/A, ]
  468.     [D:\Program Files\StrokeIt\Plugins\OSD.dll]  [N/A, ]
  469.     [D:\Program Files\StrokeIt\Plugins\siControl.dll]  [N/A, ]
  470.     [D:\Program Files\StrokeIt\Plugins\utilities.dll]  [N/A, ]
  471.     [D:\Program Files\StrokeIt\Plugins\win.dll]  [N/A, ]
  472.     [D:\Program Files\StrokeIt\mhook.dll]  [N/A, ]
  473. [PID: 3728 / Administrator][D:\Program Files\DesktopSprite2\DesktopSprite.exe]  [SnowFox Studio., 2.5.3.52]
  474.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  475. [PID: 3964 / Administrator][D:\Program Files\Tencent\RTXC\RTX.exe]  [TENCENT, 8.1.446.202]
  476.     [D:\Program Files\Tencent\RTXC\UIU.dll]  [Tencent, 4,0,0,55]
  477.     [D:\Program Files\Tencent\RTXC\Localization.dll]  [, 1, 0, 0, 1]
  478.     [D:\Program Files\Tencent\RTXC\HelperU.dll]  [, 1, 0, 0, 1]
  479.     [D:\Program Files\Tencent\RTXC\Crypt.dll]  [N/A, ]
  480.     [D:\Program Files\Tencent\RTXC\TBarDll.dll]  [, 1, 0, 0, 1]
  481.     [D:\Program Files\Tencent\RTXC\InfoSvrApi.dll]  [, 1, 0, 0, 1]
  482.     [D:\Program Files\Tencent\RTXC\OutSupportNW.dll]  [, 1, 0, 0, 1]
  483.     [D:\Program Files\Tencent\RTXC\RTXRes.dll]  [N/A, ]
  484.     [D:\Program Files\Tencent\RTXC\MainFrameRes.dll]  [, 1, 0, 0, 1]
  485.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  486.     [D:\Program Files\Tencent\RTXC\NewSkin.dll]  [, 1, 0, 0, 1]
  487.     [D:\PROGRA~1\Tencent\RTXC\RTXImage.ocx]  [tencent, 1, 0, 0, 1]
  488.     [D:\Program Files\Tencent\RTXC\rtxcapi.dll]  [, 1, 0, 0, 1]
  489.     [D:\Program Files\Tencent\RTXC\RTXNetClient.dll]  [, 1, 0, 0, 1]
  490.     [D:\Program Files\Tencent\RTXC\StoreComp.dll]  [, 1, 0, 0, 1]
  491.     [D:\Program Files\Tencent\RTXC\rtxstore.dll]  [, 1, 0, 0, 1]
  492.     [D:\Program Files\Tencent\RTXC\sqlite3.dll]  [N/A, ]
  493.     [D:\Program Files\Tencent\RTXC\RTXP2P.dll]  [, 1, 0, 0, 1]
  494.     [D:\Program Files\Tencent\RTXC\P2P.Dll]  [, 1, 0, 0, 1]
  495.     [D:\Program Files\Tencent\RTXC\QQNW.dll]  [, 1, 0, 0, 1]
  496.     [D:\Program Files\Tencent\RTXC\SessionClient.dll]  [, 1, 0, 0, 1]
  497.     [D:\Program Files\Tencent\RTXC\DisGroup.dll]  [, 1, 0, 0, 1]
  498.     [D:\Program Files\Tencent\RTXC\RTXCPro.dll]  [, 1, 0, 0, 1]
  499.     [D:\Program Files\Tencent\RTXC\BqqZip.dll]  [N/A, ]
  500.     [D:\Program Files\Tencent\RTXC\ClientObjects.dll]  [, 1, 0, 0, 1]
  501.     [D:\Program Files\Tencent\RTXC\RTXCSDK.dll]  [, 1, 0, 0, 1]
  502.     [D:\Program Files\Tencent\RTXC\FileTransfer.dll]  [, 1, 0, 0, 1]
  503.     [D:\Program Files\Tencent\RTXC\FileCom.dll]  [Tencent, 4,0,0,7]
  504.     [D:\Program Files\Tencent\RTXC\OrgStruct.dll]  [, 1, 0, 0, 1]
  505.     [D:\Program Files\Tencent\RTXC\IM.dll]  [, 1, 0, 0, 1]
  506.     [D:\Program Files\Tencent\RTXC\RTXSMS.dll]  [, 1, 0, 0, 1]
  507.     [D:\Program Files\Tencent\RTXC\LocalTabManager.dll]  [, 1, 0, 0, 1]
  508.     [D:\Program Files\Tencent\RTXC\OffMsgModule.dll]  [, 1, 0, 0, 1]
  509.     [D:\Program Files\Tencent\RTXC\Config.dll]  [, 1, 0, 0, 1]
  510.     [D:\Program Files\Tencent\RTXC\Watcher.dll]  [, 1, 0, 0, 1]
  511.     [D:\Program Files\Tencent\RTXC\ClientRightMgr.dll]  [, 1, 0, 0, 1]
  512.     [D:\Program Files\Tencent\RTXC\TAPD.dll]  [, 1, 0, 0, 1]
  513.     [D:\Program Files\Tencent\RTXC\RCAStoreComp.dll]  [, 1, 0, 0, 1]
  514.     [D:\Program Files\Tencent\RTXC\RCAModule.dll]  [, 1, 0, 0, 1]
  515.     [D:\Program Files\Tencent\RTXC\RCAIM.dll]  [, 1, 0, 0, 1]
  516.     [D:\Program Files\Tencent\RTXC\RCAUserProfile.dll]  [, 1, 0, 0, 1]
  517.     [D:\Program Files\Tencent\RTXC\EPortal.dll]  [, 1, 0, 0, 1]
  518.     [D:\Program Files\Tencent\RTXC\RTXLogin.dll]  [, 1, 0, 0, 1]
  519.     [D:\PROGRA~1\Tencent\RTXC\RTXOrg.ocx]  [, 1, 0, 0, 1]
  520.     [D:\Program Files\Tencent\RTXC\UserSelector.dll]  [, 1, 0, 0, 1]
  521.     [D:\Program Files\Tencent\RTXC\UserProfile.dll]  [, 1, 0, 0, 1]
  522.     [D:\PROGRA~1\Tencent\RTXC\RTXMOB~1.OCX]  [MS User, 1, 0, 0, 1]
  523.     [D:\Program Files\Tencent\RTXC\RTXOLAss.dll]  [Tencent, 1, 0, 0, 1]
  524.     [D:\Program Files\Tencent\RTXC\UpdateModule.dll]  [, 1, 0, 0, 1]
  525.     [D:\Program Files\Tencent\RTXC\SearchUsers.dll]  [, 1, 0, 0, 1]
  526.     [D:\Program Files\Tencent\RTXC\Alert.dll]  [, 1, 0, 0, 1]
  527.     [D:\Program Files\Tencent\RTXC\BroadCast.dll]  [, 1, 0, 0, 1]
  528.     [D:\Program Files\Tencent\RTXC\Plugins\bizmailclient\ExMailClient.dll]  [, 1, 0, 0, 8]
  529.     [D:\Program Files\Tencent\RTXC\UserDefineWizard.dll]  [, 1, 0, 0, 1]
  530.     [D:\Program Files\Tencent\RTXC\RTXPhone.dll]  [, 1, 0, 0, 1]
  531.     [D:\Program Files\Tencent\RTXC\RTXPluginMgr.dll]  [, 1, 0, 0, 1]
  532.     [D:\Program Files\Tencent\RTXC\AddRCAUser.dll]  [, 1, 0, 0, 1]
  533.     [D:\Program Files\Tencent\RTXC\ImExtraInfo.dll]  [, 2, 1, 0, 15]
  534.     [D:\Program Files\Tencent\RTXC\rtxskin.dll]  [Tencent, 3,4,0,32]
  535.     [D:\PROGRA~1\Tencent\RTXC\Plugins\BIZMAI~1\config\Setting.ocx]  [, 1, 0, 0, 3]
  536.     [C:\Program Files\AVAST Software\Avast\ashShell.dll]  [AVAST Software, 8.0.1489.300]
  537. [PID: 2036 / NETWORK SERVICE][C:\Program Files\Windows Media Player\wmpnetwk.exe]  [Microsoft Corporation, 12.0.7600.16385 (win7_rtm.090713-1255)]
  538. [PID: 2580 / LOCAL SERVICE][C:\Windows\system32\WUDFHost.exe]  [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)]
  539. [PID: 1568 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)]
  540.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  541. [PID: 3380 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe]  [Microsoft Corporation, 9.00.8112.16421 (WIN7_IE9_RTM.110308-0330)]
  542.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  543.     [C:\Windows\system32\nvd3dum.dll]  [NVIDIA Corporation, 8.17.12.6300]
  544.     [C:\Windows\system32\Macromed\Flash\Flash32_11_7_700_202.ocx]  [Adobe Systems, Inc., 11,7,700,202]
  545. [PID: 5492 / Administrator][C:\Program Files\Microsoft Office\Office12\EXCEL.EXE]  [Microsoft Corporation, 12.0.4518.1014]
  546.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  547.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZSDNT5UI.DLL]  [Zenographics, Inc., 0, 3, 2911, 1]
  548.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZSDDM.DLL]  [Zenographics, Inc., 6, 20, 1611, 0]
  549.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZSPOOL.dll]  [Zenographics, Inc., 6, 1, 1, 0]
  550.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZGDI.dll]  [Zenographics, Inc., 5, 60, 709, 0]
  551.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZTAG.dll]  [Zenographics, Inc., 5, 60, 1210, 0]
  552.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZSDDMUI.DLL]  [Zenographics, Inc., 6, 2, 411, 0]
  553.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZSR.dll]  [Zenographics, Inc., 6, 20, 1625, 0]
  554.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZIMFDRV.DLL]  [Zenographics, Inc., 0, 3, 5209, 0]
  555.     [C:\Windows\system32\spool\DRIVERS\W32X86\3\ZIMF.dll]  [Zenographics, Inc., 5, 70, 616, 0]
  556.     [C:\Program Files\AVAST Software\Avast\ashShell.dll]  [AVAST Software, 8.0.1489.300]
  557.     [C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL]  [, ]
  558.     [C:\Program Files\Microsoft Office\Office12\USP10.DLL]  [Microsoft Corporation, 1.0626.5756.0 (vista_rtm.061008-1400)]
  559. [PID: 5412 / Administrator][D:\Program Files\Thunder\Program\Thunder.exe]  [深圳市迅雷网络技术有限公司, 7,2,90,92]
  560.     [D:\Program Files\Thunder\Program\XLUE.dll]  [深圳市迅雷网络技术有限公司, 0.9.0.422]
  561.     [D:\Program Files\Thunder\Program\XLGraphic.dll]  [深圳市迅雷网络技术有限公司, 0.9.0.422]
  562.     [D:\Program Files\Thunder\Program\libpng13.dll]  [, 1.2.38]
  563.     [D:\Program Files\Thunder\Program\zlib1.dll]  [, 1.2.5]
  564.     [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
  565.     [D:\Program Files\Thunder\Program\MSIMG32.dll]  [N/A, ]
  566.     [D:\Program Files\Thunder\Program\XLFSIO.dll]  [深圳市迅雷网络技术有限公司, 0.9.0.422]
  567.     [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
  568.     [D:\Program Files\Thunder\Program\XLLuaRuntime.dll]  [深圳市迅雷网络技术有限公司, 0.9.0.412]
  569.     [D:\Program Files\Thunder\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.6101.0]
  570.     [D:\Program Files\Thunder\Program\libexpat.dll]  [N/A, ]
  571.     [D:\Program Files\Thunder\Program\XLBugHandler.dll]  [, 2, 2, 0, 11]
  572.     [D:\Program Files\Thunder\Program\minizip.dll]  [, 1, 0, 0, 1]
  573.     [D:\Program Files\Thunder\Program\XLIPC.dll]  [N/A, ]
  574.     [D:\Program Files\Thunder\Program\xlstat.dll]  [深圳市迅雷网络技术有限公司, 2.0.2.10]
  575.     [D:\Program Files\Thunder\Program\InstallProtect.dll]  [N/A, ]
  576.     [D:\Program Files\Thunder\Program\sqlite3.dll]  [, 3, 6, 22, 0]
  577.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  578.     [D:\Program Files\Thunder\Program\xl_data.dll]  [深圳市迅雷网络技术有限公司, 1, 12, 5, 38]
  579.     [D:\Program Files\Thunder\Program\DownloadKernel.dll]  [深圳市迅雷网络技术有限公司, 7,2,90,92]
  580.     [D:\Program Files\Thunder\Program\asyn_download_interface.dll]  [深圳市迅雷网络技术有限公司, 1,1,2,54]
  581.     [D:\Program Files\Thunder\Program\tp_proxy.dll]  [深圳市迅雷网络技术有限公司, 1, 0,  2,  22]
  582.     [C:\Program Files\AVAST Software\Avast\ashShell.dll]  [AVAST Software, 8.0.1489.300]
  583.     [D:\Program Files\Thunder\Program\XLUserAX.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 84]
  584.     [D:\Program Files\Thunder\Program\dl_peer_id.dll]  [深圳市迅雷网络技术有限公司, 3, 2,  2,  17]
  585.     [D:\Program Files\Thunder\Program\BaseCommunity.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 186]
  586.     [D:\Program Files\Thunder\Program\xl_client.dll]  [深圳市迅雷网络技术有限公司, 1, 14, 2, 35]
  587.     [D:\Program Files\Thunder\Program\asyn_frame.dll]  [深圳市迅雷网络技术有限公司, 1,6,2,22]
  588.     [D:\Program Files\Thunder\Program\dl_uac_tool.dll]  [N/A, ]
  589.     [D:\Program Files\Thunder\Program\mp.dll]  [深圳市迅雷网络技术有限公司, 1, 1,  2,  10]
  590.     [D:\Program Files\Thunder\Addins\Community\XLCPAddinManager.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 21]
  591.     [D:\Program Files\Thunder\Addins\community\Community.dll]  [Thunder Networking Technologies,LTD, 1, 0, 2, 113]
  592.     [D:\Program Files\Thunder\Addins\VipService\VipService.dll]  [Thunder Networking Technologies,LTD, 1, 1, 2, 391]
  593.     [D:\Program Files\Thunder\Program\Win7Trait.dll]  [N/A, ]
  594. [PID: 5236 / Administrator][D:\Program Files\Thunder\Program\ThunderPlatform.exe]  [深圳市迅雷网络技术有限公司, 1, 1,  2,  124]
  595.     [D:\Program Files\Thunder\Program\minizip.dll]  [, 1, 0, 0, 1]
  596.     [D:\Program Files\Thunder\Program\zlib1.dll]  [, 1.2.5]
  597.     [C:\Windows\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
  598.     [C:\Windows\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
  599.     [D:\Program Files\Thunder\Program\xlbughandler.dll]  [, 2, 2, 0, 11]
  600.     [D:\Program Files\Thunder\Program\dl_uac_tool.dll]  [N/A, ]
  601.     [D:\Program Files\Thunder\Program\download_engine.dll]  [深圳市迅雷网络技术有限公司, 3, 7,  2,  20]
  602.     [D:\Program Files\Thunder\Program\mp.dll]  [深圳市迅雷网络技术有限公司, 1, 1,  2,  10]
  603.     [D:\Program Files\Thunder\Program\XLCrypto.dll]  [N/A, ]
  604.     [D:\Program Files\Thunder\Program\asyn_frame.dll]  [深圳市迅雷网络技术有限公司, 1,6,2,22]
  605.     [D:\Program Files\Thunder\Program\ts.dll]  [深圳市迅雷网络技术有限公司, 1,1,2,35]
  606.     [D:\Program Files\Thunder\Program\ta.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 2, 105]
  607.     [D:\Program Files\Thunder\Program\ATL71.DLL]  [Microsoft Corporation, 7.10.6101.0]
  608.     [D:\Program Files\Thunder\Program\xl_data.dll]  [深圳市迅雷网络技术有限公司, 1, 12, 5, 38]
  609.     [D:\Program Files\Thunder\Program\XLLuaRuntime.dll]  [深圳市迅雷网络技术有限公司, 0.9.0.412]
  610.     [D:\Program Files\Thunder\Program\XLFSIO.dll]  [深圳市迅雷网络技术有限公司, 0.9.0.422]
  611.     [D:\Program Files\Thunder\Program\libexpat.dll]  [N/A, ]
  612.     [D:\Program Files\Thunder\Program\xl_client.dll]  [深圳市迅雷网络技术有限公司, 1, 14, 2, 35]
  613.     [D:\Program Files\Thunder\Program\backend_agent.dll]  [深圳市迅雷网络技术有限公司, 1, 2,  2,  68]
  614.     [D:\Program Files\Thunder\Program\ptl.dll]  [深圳市迅雷网络技术有限公司, 3, 3,  2,  123]
  615.     [D:\Program Files\Thunder\Program\dl_peer_id.dll]  [深圳市迅雷网络技术有限公司, 3, 2,  2,  17]
  616.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  617.     [D:\Program Files\Thunder\Program\MSIMG32.dll]  [N/A, ]
  618.     [D:\Program Files\Thunder\Program\fs.dll]  [深圳市迅雷网络技术有限公司, 1, 3,  2,  11]
  619.     [D:\Program Files\Thunder\Program\al.dll]  [深圳市迅雷网络技术有限公司, 1, 3,  2,  114]
  620.     [D:\Program Files\Thunder\Program\p2p_upload.dll]  [深圳市迅雷网络技术有限公司, 1, 2,  2,  32]
  621.     [D:\Program Files\Thunder\Program\down_dispatcher.dll]  [深圳市迅雷网络技术有限公司, 1, 2,  2,  143]
  622.     [D:\Program Files\Thunder\Program\p2p.dll]  [深圳市迅雷网络技术有限公司, 1, 2,  2,  186]
  623.     [D:\Program Files\Thunder\Program\p2p_local_res.dll]  [深圳市迅雷网络技术有限公司, 1, 2,  2,  31]
  624.     [D:\Program Files\Thunder\Program\bt_kernel.dll]  [深圳市迅雷网络技术有限公司, 1, 2,  2, 90]
  625.     [D:\Program Files\Thunder\Program\emule_kernel.dll]  [深圳市迅雷网络技术有限公司, 1, 4,  2,  21]
  626.     [D:\Program Files\Thunder\Program\p2sp.dll]  [深圳市迅雷网络技术有限公司, 1, 3,  2,  226]
  627. [PID: 4872 / Administrator][Z:\Program Files\opera10\Opera.exe]  [Opera Software, 1893]
  628.     [Z:\Program Files\opera10\Opera.dll]  [Opera Software, 1893]
  629.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  630.     [C:\Program Files\AVAST Software\Avast\ashShell.dll]  [AVAST Software, 8.0.1489.300]
  631. [PID: 1700 / Administrator][D:\Program Files\雨林木风工具箱\实用软件\FastStone Capture.exe]  [N/A, ]
  632.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  633.     [D:\Program Files\StrokeIt\mhook.dll]  [N/A, ]
  634.     [C:\Program Files\AVAST Software\Avast\ashShell.dll]  [AVAST Software, 8.0.1489.300]
  635. [PID: 1384 / Administrator][D:\Program Files\雨林木风工具箱\杀毒防毒\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.4.1331]
  636. [PID: 5196 / Administrator][D:\Program Files\雨林木风工具箱\杀毒防毒\sreng2\SREbf4b2b31.EXE]  [Smallfrogs Studio, 2.8.4.1331]
  637.     [C:\Windows\system32\freeime.ime]  [极点五笔工作室, 6.5.0.0]
  638.     [D:\Program Files\StrokeIt\mhook.dll]  [N/A, ]
  639.     [D:\Program Files\雨林木风工具箱\杀毒防毒\sreng2\Plugins\FILEDSV.SRE]  [Smallfrogs Studio, 1, 1, 0, 20]
  640.     [D:\Program Files\雨林木风工具箱\杀毒防毒\sreng2\Plugins\NTFSTREAM.SRE]  [Smallfrogs Studio, 1, 0, 0, 5]
  641.     [D:\Program Files\雨林木风工具箱\杀毒防毒\sreng2\Plugins\NWMON.SRE]  [Smallfrogs Studio, 1, 0, 0, 8]
  642. [PID: 3624 / SYSTEM][C:\Windows\system32\SearchFilterHost.exe]  [(Verified) Microsoft Corporation, 7.00.7601.17610 (win7sp1_gdr.110503-1502)]

  644. ==================================
  645. 文件关联
  646. .TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  647. .EXE  OK. ["%1" %*]
  648. .COM  OK. ["%1" %*]
  649. .PIF  OK. ["%1" %*]
  650. .REG  OK. [regedit.exe "%1"]
  651. .BAT  OK. ["%1" %*]
  652. .SCR  OK. ["%1" /S]
  653. .CHM  OK. ["%SystemRoot%\hh.exe" %1]
  654. .HLP  OK. [%SystemRoot%\winhlp32.exe %1]
  655. .INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  656. .INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
  657. .VBS  OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*]
  658. .JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
  659. .LNK  OK. [{00021401-0000-0000-C000-000000000046}]

  661. ==================================
  662. Winsock 提供者
  663. N/A

  665. ==================================
  666. Autorun.inf
  667. N/A

  669. ==================================
  670. HOSTS 文件
  671. N/A

  673. ==================================
  674. 进程特权扫描
  675. N/A

  677. ==================================
  678. 计划任务
  679. [已启用] \\Adobe Flash Player Updater
  680.         C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
  681. [已禁用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated)
  682.         N/A
  683. [已启用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual)
  684.         N/A
  685. [已禁用] \Microsoft\Windows\AppID\PolicyConverter
  686.         %windir%\system32\appidpolicyconverter.exe
  687. [已禁用] \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck
  688.         %windir%\system32\appidcertstorecheck.exe
  689. [已启用] \Microsoft\Windows\Application Experience\AitAgent
  690.         aitagent
  691. [已启用] \Microsoft\Windows\Application Experience\ProgramDataUpdater
  692.         %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate
  693. [已启用] \Microsoft\Windows\Autochk\Proxy
  694.         %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations
  695. [已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask
  696.         BthUdTask.exe $(Arg0)
  697. [已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask
  698.         N/A
  699. [已启用] \Microsoft\Windows\CertificateServicesClient\UserTask
  700.         N/A
  701. [已禁用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam
  702.         N/A
  703. [已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator
  704.         %SystemRoot%\System32\wsqmcons.exe
  705. [已启用] \Microsoft\Windows\Defrag\ScheduledDefrag
  706.         %windir%\system32\defrag.exe -c
  707. [已启用] \Microsoft\Windows\Location\Notifications
  708.         %windir%\System32\LocationNotifications.exe
  709. [已启用] \Microsoft\Windows\Maintenance\WinSAT
  710.         N/A
  711. [已启用] \Microsoft\Windows\Media Center\ActivateWindowsSearch
  712.         %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch
  713. [已启用] \Microsoft\Windows\Media Center\ConfigureInternetTimeService
  714.         %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService
  715. [已启用] \Microsoft\Windows\Media Center\DispatchRecoveryTasks
  716.         %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0)
  717. [已启用] \Microsoft\Windows\Media Center\ehDRMInit
  718.         %SystemRoot%\ehome\ehPrivJob.exe /DRMInit
  719. [已启用] \Microsoft\Windows\Media Center\InstallPlayReady
  720.         %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0)
  721. [已启用] \Microsoft\Windows\Media Center\mcupdate
  722.         %SystemRoot%\ehome\mcupdate $(Arg0)
  723. [已启用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
  724.         %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
  725. [已启用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask
  726.         %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask
  727. [已启用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
  728.         %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
  729. [已启用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask
  730.         %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask
  731. [已启用] \Microsoft\Windows\Media Center\OCURActivate
  732.         %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate
  733. [已启用] \Microsoft\Windows\Media Center\OCURDiscovery
  734.         %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0)
  735. [已启用] \Microsoft\Windows\Media Center\PBDADiscovery
  736.         %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery
  737. [已启用] \Microsoft\Windows\Media Center\PBDADiscoveryW1
  738.         %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery
  739. [已启用] \Microsoft\Windows\Media Center\PBDADiscoveryW2
  740.         %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery
  741. [已禁用] \Microsoft\Windows\Media Center\PeriodicScanRetry
  742.         %windir%\ehome\MCUpdate.exe -pscn 0
  743. [已启用] \Microsoft\Windows\Media Center\PvrRecoveryTask
  744.         %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
  745. [已启用] \Microsoft\Windows\Media Center\PvrRecoveryTask
  746.         %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask
  747. [已启用] \Microsoft\Windows\Media Center\PvrScheduleTask
  748.         %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
  749. [已启用] \Microsoft\Windows\Media Center\PvrScheduleTask
  750.         %SystemRoot%\ehome\mcupdate.exe -PvrSchedule
  751. [已禁用] \Microsoft\Windows\Media Center\RecordingRestart
  752.         %SystemRoot%\ehome\ehrec /RestartRecording
  753. [已启用] \Microsoft\Windows\Media Center\RegisterSearch
  754.         %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0)
  755. [已启用] \Microsoft\Windows\Media Center\ReindexSearchRoot
  756.         %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot
  757. [已启用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
  758.         %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
  759. [已启用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask
  760.         %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask
  761. [已启用] \Microsoft\Windows\Media Center\UpdateRecordPath
  762.         %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0)
  763. [已启用] \Microsoft\Windows\MobilePC\HotStart
  764.         N/A
  765. [已启用] \Microsoft\Windows\MUI\LPRemove
  766.         %windir%\system32\lpremove.exe
  767. [已启用] \Microsoft\Windows\Multimedia\SystemSoundsService
  768.         N/A
  769. [已启用] \Microsoft\Windows\NetTrace\GatherNetworkInfo
  770.         %windir%\system32\gatherNetworkInfo.vbs
  771. [已禁用] \Microsoft\Windows\Offline Files\Background Synchronization
  772.         N/A
  773. [已禁用] \Microsoft\Windows\Offline Files\Logon Synchronization
  774.         N/A
  775. [已启用] \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
  776.         %SystemRoot%\System32\powercfg.exe -energy -auto
  777. [已启用] \Microsoft\Windows\Ras\MobilityManager
  778.         N/A
  779. [已禁用] \Microsoft\Windows\SideShow\AutoWake
  780.         N/A
  781. [已启用] \Microsoft\Windows\SideShow\GadgetManager
  782.         N/A
  783. [已禁用] \Microsoft\Windows\SideShow\SessionAgent
  784.         N/A
  785. [已禁用] \Microsoft\Windows\SideShow\SystemDataProviders
  786.         N/A
  787. [已禁用] \Microsoft\Windows\SystemRestore\SR
  788.         %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation
  789. [已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1
  790.         %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem
  791. [已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2
  792.         %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem
  793. [已启用] \Microsoft\Windows\Time Synchronization\SynchronizeTime
  794.         %windir%\system32\sc.exe start w32time task_started
  795. [已启用] \Microsoft\Windows\UPnP\UPnPHostConfig
  796.         sc.exe config upnphost start= auto
  797. [已禁用] \Microsoft\Windows\User Profile Service\HiveUploadTask
  798.         N/A
  799. [已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting
  800.         %windir%\system32\wermgr.exe -queuereporting
  801. [已启用] \Microsoft\Windows\Windows Media Sharing\UpdateLibrary
  802.         "%ProgramFiles%\Windows Media Player\wmpnscfg.exe"
  803. [已启用] \Microsoft\Windows\WindowsBackup\ConfigNotification
  804.         %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION
  805. [已禁用] \Microsoft\Windows\WindowsColorSystem\Calibration Loader
  806.         N/A

  808. ==================================
  809. Windows 安全更新检查
  810. N/A

  812. ==================================
  813. API HOOK
  814. N/A

  816. ==================================
  817. 隐藏进程
  818. N/A

  820. ==================================


复制代码

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

z2009
发表于 2013-5-31 08:41:21 | 显示全部楼层
eav拦截
回复

举报

yejian9237
发表于 2013-5-31 08:51:23 | 显示全部楼层


最好发往样本区,再链接过来

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

CIA
发表于 2013-5-31 09:30:27 | 显示全部楼层
根据我的    分析    你中毒了
回复

举报

maomao110
发表于 2013-5-31 09:38:55 | 显示全部楼层
去样本区求助吧
回复

举报

sdupyb
发表于 2013-5-31 10:27:55 | 显示全部楼层
镇楼

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?快速注册

x
回复

举报

mikefan21
发表于 2013-5-31 10:39:12 | 显示全部楼层
这是一个系统漏洞攻击,打补丁,装防火墙
回复

举报

辽宁大连~~小海
发表于 2013-5-31 14:22:38 | 显示全部楼层
360报毒
回复

举报

wefiwhfve
发表于 2013-5-31 15:03:53 | 显示全部楼层
sdupyb 发表于 2013-5-31 10:27
镇楼

我看到,,这个网站声誉极差
回复

举报

留侯
发表于 2013-5-31 16:07:34 | 显示全部楼层
大蜘蛛侦测到是高级蠕虫病毒:
样本\rundl132.exe - infected with Win32.HLLW.Gavir.54
样本\logo1_.exe - infected with Win32.HLLW.Gavir.54

我没有找到大蜘蛛对此病毒的定义,但是包含有对应其他反病毒软件对此病毒的名称定义:
http://vms.drweb.com/search/?q=Win32.HLLW.Gavir.54
建议楼主使用Dr.Web CureIt!执行一下全盘扫描吧!
回复

举报

下一页 »
12下一页
返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 快速注册

本版积分规则

手机版|杀毒软件|软件论坛| 卡饭论坛

Copyright © KaFan  KaFan.cn All Rights Reserved.

Powered by Discuz! X3.4( 沪ICP备2020031077号-2 ) GMT+8, 2025-5-17 13:36 , Processed in 0.167013 second(s), 18 queries .

卡饭网所发布的一切软件、样本、工具、文章等仅限用于学习和研究,不得将上述内容用于商业或者其他非法用途,否则产生的一切后果自负,本站信息来自网络,版权争议问题与本站无关,您必须在下载后的24小时之内从您的电脑中彻底删除上述信息,如有问题请通过邮件与我们联系。

快速回复 客服 返回顶部 返回列表