我用SREng扫描了一下，达人们帮我看看有没有问题，谢谢

显示全部楼层 · 发表于 2010-10-14 21:48:43

[code]

2010-10-14,21:36:45

System Repair Engineer 2.8.2.1321
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
计划任务
Windows 安全更新检查
API HOOK
隐藏进程

启动项目
注册表
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<avgnt><"C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min>  [Avira GmbH]
<KSafeTray><"d:\Program Files\KSafe\KSafeTray.exe" -autorun>  [(Verified)Kingsoft Security Co.,Ltd]
<360Safebox><"D:\Program Files\360Safebox\SafeBoxTray.exe" /r>  [(Verified)Qizhi Software (beijing) Co. Ltd]
<SuperKiller><; "D:\SuperKiller.exe"  /REG>  [(Verified)Qizhi Software (beijing) Co. Ltd]
<NvCplDaemon><; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)NVIDIA Corporation]
<OutpostFeedBack><; "d:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup>  [File is missing]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Component Publisher]
<UIHost><logonui.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
<{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
<CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
<WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
<SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
<WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
<WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
<WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
<WinlogonNotify: dimsntfy><%SystemRoot%\System32\dimsntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
<WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
<WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
<WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
<WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
<WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
<WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
<Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
<Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS]
<浏览器自定义组件><RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
<Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
<Internet Explorer 6><%SystemRoot%\system32\ie4uinit.exe>  [(Verified)Microsoft Windows Component Publisher]

==================================
启动文件夹
N/A

==================================
服务
[Avira AntiVir 计划程序 / AntiVirSchedulerService][Running/Auto Start]
  <"C:\Program Files\Avira\AntiVir Desktop\sched.exe"><Avira GmbH>
[Avira AntiVir Guard / AntiVirService][Running/Auto Start]
  <"C:\Program Files\Avira\AntiVir Desktop\avguard.exe"><Avira GmbH>
[Beike Online Scan Service / BkOlScanSvc][Running/Auto Start]
  <"d:\Program Files\Beike\Beike Online Scan\bkolscansvc.exe" -svc><贝壳网际（北京）安全技术有限公司>
[Conew Rescue Service / Conew Rescue Service][Running/Auto Start]
  <d:\Program Files\Keniu\ConewRsc\conewrsc.exe><>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[KSafe service / KSafeSvc][Running/Auto Start]
  <"d:\Program Files\KSafe\KSafeSvc.exe" -svc><Kingsoft Corporation.>
[NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Disabled]
  <><(File is missing)>
[nProtect GameGuard Service / npggsvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\GameMon.des -service><INCA Internet Co., Ltd.>
[NVIDIA Display Driver Service / nvsvc][Stopped/Manual Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>

==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[Ambfilt / Ambfilt][Stopped/Manual Start]
  <system32\drivers\Ambfilt.sys><Creative>
[AMD Processor Driver / AmdK8][Running/System Start]
  <system32\DRIVERS\AmdK8.sys><Advanced Micro Devices>
[AMD Low Level Device Driver / AmdLLD][Running/Manual Start]
  <system32\DRIVERS\AmdLLD.sys><AMD, Inc.>
[avgio / avgio][Running/System Start]
  <\??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys><Avira GmbH>
[avgntflt / avgntflt][Running/Auto Start]
  <system32\DRIVERS\avgntflt.sys><Avira GmbH>
[avipbb / avipbb][Running/System Start]
  <system32\DRIVERS\avipbb.sys><Avira GmbH>
[BAPIDRV / BAPIDRV][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\BAPIDRV.SYS><360.cn>
[BC / BC][Running/Boot Start]
  <\SystemRoot\system32\Drivers\BC.sys><Kingsoft Corporation>
[dump_wmimmc / dump_wmimmc][Stopped/Manual Start]
  <2 - 系统找不到指定的文件。
><N/A>
[Intel(R) PRO Adapter Driver / E100B][Stopped/Manual Start]
  <system32\DRIVERS\e100b325.sys><Intel Corporation>
[EfiSystemMon / EfiMon][Running/System Start]
  <System32\Drivers\Efimon.sys><奇虎网>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookPort / HookPort][Running/Boot Start]
  <\SystemRoot\System32\Drivers\Hookport.sys><360安全中心>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[krpr / krpr][Stopped/Manual Start]
  <\??\d:\Program Files\Keniu\ConewRsc\krpr.sys><Kingsoft Corporation>
[Monfilt / Monfilt][Stopped/Manual Start]
  <system32\drivers\Monfilt.sys><Creative Technology Ltd.>
[NPPTNT2 / NPPTNT2][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.>
[NSC Infrared Device Driver / NSCIRDA][Stopped/Manual Start]
  <system32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Quantum DeepScanner Servers / qutmdserv][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\qutmdrv.sys><360安全中心>
[SafeBoxAnti / SafeBoxAnti][Running/System Start]
  <System32\Drivers\AntiDrv.sys><360.cn>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SATALink driver accelerator / SiFilter][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[sptd / sptd][Running/Boot Start]
  <\SystemRoot\System32\Drivers\sptd.sys><N/A>
[ssmdrv / ssmdrv][Running/System Start]
  <system32\DRIVERS\ssmdrv.sys><Avira GmbH>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[IBM PS/2 TrackPoint Filter Driver / TwoTrack][Stopped/Manual Start]
  <system32\DRIVERS\TwoTrack.sys><IBM Corporation>
[viamraid / viamraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start]
  <system32\DRIVERS\yk51x86.sys><Marvell>
[VIMICRO USB PC Camera / ZSMC303][Stopped/Manual Start]
  <System32\Drivers\usbVM303.sys><VM>

==================================
浏览器加载项
[迅雷流媒体探测IE支持]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDMediaDetector5.9.28.1564.dll, (Signed) 深圳市迅雷网络技术有限公司>
[迅雷下载IE支持]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[迅雷流媒体探测IE支持]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <d:\Program Files\Thunder Network\Thunder\ComDlls\TDMediaDetector5.9.28.1564.dll, (Signed) 深圳市迅雷网络技术有限公司>
[PhotoDrawEx Class]
  {05F5F404-7C24-4B39-B5CC-340CEDEB9C0D} <d:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Qzone\bin\QQPhotoDrawEx\QQPhotoDrawEx.dll, (Signed) Tencent>
[InstallHelper Class]
  {1DABF8D5-8430-4985-9B7F-A30E53D709B3} <d:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\bin\QQMusic\MMInstaller.dll, (Signed) Tencent>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, (Signed) Microsoft Corporation>
[]
  {2D90D33C-DE76-42D0-9040-E4466DDC24AC} <, >
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent5.9.28.1564.dll, (Signed) 深圳市迅雷网络技术有限公司>
[QQPYChecker Class]
  {5052B4D0-9DF7-45ef-88EF-F42C0EA33A43} <D:\Program Files\Tencent\QQPinyin\3.3.881.400\QQImeChecker.dll, (Signed) Tencent>
[]
  {548BF84E-9665-47F9-B635-7380F8943E90} <, >
[Access UserInfo by Script]
  {6EE9CD3E-A386-4DAE-9737-A759DBF927AE} <d:\Program Files\Thunder Network\Thunder\ComDlls\UserAgent.dll, (Signed) 深圳市迅雷网络技术有限公司>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <d:\Program Files\Thunder Network\Thunder\userdata\Components\InMedia\MediaAddin.dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <, >
[迅雷下载IE支持]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll, (Signed) 深圳市迅雷网络技术有限公司>
[OFrameObject Class]
  {9701758C-4373-482E-B13C-776C048EC890} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5927.310.(259).dll, (Signed) 深圳市迅雷网络技术有限公司>
[VersionDetector Class]
  {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} <C:\Program Files\Common Files\Thunder Network\KanKan\vd.1.1.0.32.(259).dll, (Signed) 深圳市迅雷网络技术有限公司>
[HallToolkit Class]
  {A24E6133-404F-4431-A296-2DE576FC5AEE} <C:\Program Files\Common Files\Thunder Network\XLGame\HallTool.1.0.0.5.(259).dll, (Signed) 深圳市迅雷网络技术有限公司>
[APlayer Control]
  {A9322148-C691-4B9D-91FC-B9C461DBE9DD} <C:\Program Files\Common Files\Thunder Network\APlayer\APlayer_001.dll, (Signed) ShenZhen Thunder Networking Technologies, LTD>
[DapCtrl Class]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.3.5927.310.(259).dll, (Signed) 深圳市迅雷网络技术有限公司>
[]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <, >
[]
  {C69CA64A-98BF-340A-79E1-1B32D35EE267} <, >
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash10k.ocx, (Signed) Adobe Systems, Inc.>
[]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, >

==================================
正在运行的进程
[PID: 648 / SYSTEM][\SystemRoot\System32\smss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 720 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 744 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 788 / SYSTEM][C:\WINDOWS\system32\services.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_gdr.090206-1234)]
[PID: 800 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 996 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1084 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1172 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\System32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 1260 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 1368 / SYSTEM][d:\Program Files\Keniu\ConewRsc\conewrsc.exe]  [, 2010,09,27,1438]
[d:\Program Files\Keniu\ConewRsc\kdump.dll]  [Kingsoft Corporation, 2010,08,24,1353]
[d:\Program Files\Keniu\ConewRsc\kxestat.dll]  [Kingsoft Corporation, 2009,11,20,309]
[d:\Program Files\Keniu\ConewRsc\kxebase.dll]  [Kingsoft Corporation, 2009,11,20,309]
[d:\Program Files\Keniu\ConewRsc\scom.dll]  [Kingsoft Corporation, 2009,11,20,309]
[d:\Program Files\Keniu\ConewRsc\kxecore\kxelog.dll]  [Kingsoft Corporation, 2009,11,20,309]
[d:\Program Files\Keniu\ConewRsc\kxecore\kxecore.dll]  [Kingsoft Corporation, 2010,5,12,402]
[d:\Program Files\Keniu\ConewRsc\kxecore\kxestat.dll]  [Kingsoft Corporation, 2009,11,20,309]
[d:\Program Files\Keniu\ConewRsc\ksmcorex.dll]  [Kingsoft Corporation, 2010,09,29,28]
[d:\Program Files\Keniu\ConewRsc\kcldrep.dll]  [Kingsoft Corporation, 2010,09,02,1377]
[d:\Program Files\Keniu\ConewRsc\sqlite.dll]  [N/A, ]
[d:\Program Files\Keniu\ConewRsc\kavifr.dll]  [Kingsoft Corporation, 2010,05,25,74]
[d:\Program Files\Keniu\ConewRsc\ksecorex.dll]  [Kingsoft Corporation, 2010,09,16,1206]
[d:\Program Files\Keniu\ConewRsc\kae\kaecore.dat]  [Kingsoft Corporation, 2010,06,30,436]
[d:\Program Files\Keniu\ConewRsc\ksbwsspx.dll]  [Kingsoft Corporation, 2010,05,27,1072]
[d:\Program Files\Keniu\ConewRsc\ksbwdet2.dll]  [Kingsoft Corporation, 2010,08,26,1359]
[d:\Program Files\Keniu\ConewRsc\kae\karchive.dat]  [Kingsoft Corporation, 2010,06,30,436]
[d:\Program Files\Keniu\ConewRsc\kae\kaearcha.dat]  [Kingsoft Corporation, 2010,06,30,436]
[d:\Program Files\Keniu\ConewRsc\kae\kaeolea.dat]  [Kingsoft Corporation, 2010,03,18,77]
[d:\Program Files\Keniu\ConewRsc\kae\kaearchb.dat]  [Kingsoft Corporation, 2010,06,30,436]
[PID: 1392 / SYSTEM][d:\Program Files\KSafe\KSafeSvc.exe]  [Kingsoft Corporation., 1.6.0.1155]
[d:\Program Files\KSafe\ksafeeng.dll]  [Kingsoft Corporation., 1.6.0.1155]
[d:\Program Files\KSafe\katrun.dll]  [Kingsoft Corporation., 1.6.0.1155]
[d:\Program Files\KSafe\ksafebak.dll]  [Kingsoft Corporation., 1.6.0.1155]
[d:\Program Files\KSafe\ksafedb.dll]  [Kingsoft Corporation., 1.6.0.1155]
[d:\Program Files\KSafe\kcache.dll]  [Kingsoft Corporation., 1.6.0.1155]
[d:\Program Files\KSafe\knescan.dll]  [Kingsoft Corporation., 1.0.0.1111]
[d:\Program Files\KSafe\kse\ksbwdet2.dll]  [Kingsoft Corporation, 2010,08,26,1359]
[d:\Program Files\KSafe\kse\sqlite.dll]  [Kingsoft Corporation, 2010,03,30,781]
[d:\Program Files\KSafe\KEng\ksafeave.dll]  [Kingsoft Corporation., 1.0.0.1114]
[d:\Program Files\KSafe\KEng\kae\kaecore.dat]  [Kingsoft Corporation, 2010,06,30,436]
[d:\Program Files\KSafe\kdump.dll]  [Kingsoft Corporation, 2010,08,24,1353]
[d:\Program Files\KSafe\kxebase.dll]  [Kingsoft Corporation, 2010,5,12,402]
[d:\Program Files\KSafe\scom.dll]  [Kingsoft Corporation, 2010,5,12,402]
[d:\Program Files\KSafe\kxecore\kxecore.dll]  [Kingsoft Corporation, 2010,5,12,402]
[d:\Program Files\KSafe\kexectrl.dll]  [Kingsoft Corporation, 2010,09,18,1422]
[d:\Program Files\KSafe\kwssp.dll]  [Kingsoft Corporation, 2010,09,20,35]
[d:\Program Files\KSafe\json.dll]  [N/A, ]
[d:\Program Files\KSafe\ksscore.dll]  [Kingsoft Corporation, 2010,09,19,14]
[d:\Program Files\KSafe\kcldrep.dll]  [Kingsoft Corporation, 2010,09,06,1388]
[d:\Program Files\KSafe\kse\ksecorex.dll]  [Kingsoft Corporation, 2010,09,16,1206]
[d:\Program Files\KSafe\kavquara.dll]  [Kingsoft Corporation, 2010,09,09,1147]
[d:\Program Files\KSafe\KEng\kae\karchive.dat]  [Kingsoft Corporation, 2010,06,30,436]
[d:\Program Files\KSafe\KEng\kae\kaearcha.dat]  [Kingsoft Corporation, 2010,06,30,436]
[d:\Program Files\KSafe\KEng\kae\kaeolea.dat]  [Kingsoft Corporation, 2010,06,30,436]
[d:\Program Files\KSafe\KEng\kae\kaearchb.dat]  [Kingsoft Corporation, 2010,06,30,436]
[d:\Program Files\KSafe\KEng\kae\kaeunpak.dat]  [Kingsoft Corporation, 2010,06,30,436]
[d:\Program Files\KSafe\KEng\kae\kaevname.dat]  [Kingsoft Corporation, 2010,06,30,436]
[d:\Program Files\KSafe\KEng\kae\kaeunpack.dat]  [Kingsoft Corporation, 2010,07,18,365]
[d:\Program Files\KSafe\KEng\kae\kaecorea.dat]  [Kingsoft Corporation, 2010,06,30,436]
[PID: 1728 / Administrator][C:\WINDOWS\Explorer.EXE]  [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\Program Files\Avira\AntiVir Desktop\shlext.dll]  [Avira GmbH, 9.00.00.04]
[C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.12.5896]
[C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.12.5896]
[D:\Program Files\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
[D:\Program Files\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
[C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.12.5896]
[C:\Program Files\NVIDIA Corporation\nView\nvshell.dll]  [, ]
[d:\Program Files\7-Zip\7-zip.dll]  [Igor Pavlov, 9.17 beta]
[d:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll]  [深圳市迅雷网络技术有限公司, 5,9,28,1564]
[d:\Program Files\Thunder Network\Thunder\ComDlls\zlib1.dll]  [, 1.2.3]
[d:\Program Files\Thunder Network\Thunder\ComDlls\MSVCR71.dll]  [Microsoft Corporation, 7.10.6030.0]
[d:\Program Files\Thunder Network\Thunder\ComDlls\libexpat.dll]  [N/A, ]
[d:\Program Files\Thunder Network\Thunder\ComDlls\MSVCP71.dll]  [Microsoft Corporation, 7.10.6030.0]
[D:\Program Files\Thunder Network\Thunder\userdata\Components\ResWorker\DsBho_00.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 0, 33]
[D:\Program Files\Thunder Network\Thunder\userdata\Components\ResWorker\DataProcessor_00.dll]  [深圳市迅雷网络技术有限公司, 1, 0, 1, 6]
[D:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent5.9.28.1564.dll]  [深圳市迅雷网络技术有限公司, 5,9,28,1564]
[PID: 1752 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 180 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [(Verified) Microsoft Corporation, 5.1.2600.6024 (xpsp_sp3_gdr.100817-1626)]

显示全部楼层 · 发表于 2010-10-14 21:49:18

[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[PID: 216 / SYSTEM][C:\Program Files\Avira\AntiVir Desktop\sched.exe]  [Avira GmbH, 9.00.00.09]
[C:\Program Files\Avira\AntiVir Desktop\schedr.dll]  [Avira GmbH, 8.00.05.00]
[C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll]  [Avira GmbH, 9.00.00.07]
[C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll]  [, 3.06.01.00]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 524 / Administrator][C:\Program Files\Avira\AntiVir Desktop\avgnt.exe]  [Avira GmbH, 9.00.00.12]
[C:\Program Files\Avira\AntiVir Desktop\cclib.dll]  [Avira GmbH, 9.00.00.10]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[c:\program files\avira\antivir desktop\ccgen.dll]  [Avira GmbH, 9.00.00.35]
[c:\program files\avira\antivir desktop\ccgenrc.dll]  [Avira GmbH, 9.00.17.02]
[c:\program files\avira\antivir desktop\ccguard.dll]  [Avira GmbH, 9.00.00.19]
[c:\program files\avira\antivir desktop\ccgrdrc.dll]  [Avira GmbH, 9.00.06.02]
[c:\program files\avira\antivir desktop\avipc.dll]  [Avira GmbH, 1.1.3.4]
[c:\program files\avira\antivir desktop\ccupdate.dll]  [Avira GmbH, 9.00.00.16]
[c:\program files\avira\antivir desktop\ccupdrc.dll]  [Avira GmbH, 9.00.06.02]
[c:\program files\avira\antivir desktop\cclic.dll]  [Avira GmbH, 9.00.00.06]
[c:\program files\avira\antivir desktop\cclicrc.dll]  [Avira GmbH, 9.00.01.00]
[c:\program files\avira\antivir desktop\ccmsg.dll]  [Avira GmbH, 9.00.02.01]
[D:\Program Files\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
[D:\Program Files\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
[PID: 536 / Administrator][D:\Program Files\KSafe\KSafeTray.exe]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\KSafe\krunopt.dll]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\KSafe\kdump.dll]  [Kingsoft Corporation, 2010,08,24,1353]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\Program Files\KSafe\kwsctrl.dll]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
[D:\Program Files\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
[D:\Program Files\KSafe\ksafevul.dll]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\KSafe\ksafeup.dll]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\KSafe\zlib1.dll]  [, 1.2.3]
[D:\Program Files\KSafe\kplugeng.dll]  [Kingsoft Corporation., 1.5.2.1189]
[PID: 556 / Administrator][D:\Program Files\360Safebox\SafeBoxTray.exe]  [360.cn, 3, 5, 0, 1012]
[C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\Program Files\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
[D:\Program Files\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
[D:\Program Files\360Safebox\cloudsec2.dll]  [360.cn, 3, 2, 3, 7003]
[D:\Program Files\360Safebox\deepscan.dll]  [360.cn, 3, 2, 3, 6003]
[D:\Program Files\360Safebox\Bapi.dll]  [360.cn, 1.0.0.1013]
[D:\Program Files\360Safebox\cloudcom2.dll]  [360.cn, 3, 2, 3, 7001]
[D:\Program Files\360Safebox\antips.dll]  [360.cn, 4, 0, 0, 1003]
[D:\Program Files\360Safebox\SafeLive.dll]  [, 1, 0, 0, 1006]
[D:\Program Files\360Safebox\pdown.dll]  [360.cn, 1, 2, 0, 1012]
[D:\Program Files\360Safebox\360MalwareSection.dll]  [360.cn, 3, 2, 1, 1003]
[D:\Program Files\360Safebox\heavygate.dll]  [360.cn, 3, 6, 21, 0]
[D:\Program Files\360Safebox\LiveUpd360.dll]  [360.cn, 1, 2, 0, 1030]
[D:\Program Files\360Safebox\360net.dll]  [奇虎网, 1, 1, 14, 1017]
[D:\Program Files\360Safebox\360P2SP.dll]  [360.cn, 1, 1, 0, 1041]
[PID: 584 / SYSTEM][C:\Program Files\Avira\AntiVir Desktop\avguard.exe]  [Avira GmbH, 9.00.01.32]
[C:\Program Files\Avira\AntiVir Desktop\AVEvtLog.dll]  [Avira GmbH, 9.00.00.07]
[C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll]  [Avira GmbH, 9.00.02.00]
[C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll]  [, 3.06.01.00]
[C:\Program Files\Avira\AntiVir Desktop\AVPREF.DLL]  [Avira GmbH, 9.00.03.00]
[C:\Program Files\Avira\AntiVir Desktop\SMTPLIB.DLL]  [Avira GmbH, 9.02.00.25]
[C:\Program Files\Avira\AntiVir Desktop\AVGIO.DLL]  [Avira GmbH, 9.00.01.04]
[C:\Program Files\Avira\AntiVir Desktop\aecore.dll]  [Avira GmbH, 8.1.17.0]
[C:\Program Files\Avira\AntiVir Desktop\aevdf.dll]  [Avira GmbH, 8.1.2.1]
[C:\Program Files\Avira\AntiVir Desktop\aescript.dll]  [Avira GmbH, 8.1.3.45]
[C:\Program Files\Avira\AntiVir Desktop\aescn.dll]  [Avira GmbH, 8.1.6.1]
[C:\Program Files\Avira\AntiVir Desktop\aesbx.dll]  [Avira GmbH, 8.1.3.1]
[C:\Program Files\Avira\AntiVir Desktop\aerdl.dll]  [Avira GmbH, 8.1.9.2]
[C:\Program Files\Avira\AntiVir Desktop\aepack.dll]  [Avira GmbH, 8.2.3.11]
[C:\Program Files\Avira\AntiVir Desktop\unacev2.dll]  [ACE Compression Software, 2.6.0.2]
[C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll]  [Avira GmbH, 8.1.1.8]
[C:\Program Files\Avira\AntiVir Desktop\aeheur.dll]  [Avira GmbH, 8.1.2.33]
[C:\Program Files\Avira\AntiVir Desktop\aehelp.dll]  [Avira GmbH, 8.1.14.0]
[C:\Program Files\Avira\AntiVir Desktop\aegen.dll]  [Avira GmbH, 8.1.3.23]
[C:\Program Files\Avira\AntiVir Desktop\aeemu.dll]  [Avira GmbH, 8.1.2.0]
[C:\Program Files\Avira\AntiVir Desktop\aebb.dll]  [Avira GmbH, 8.1.1.0]
[C:\Program Files\Avira\AntiVir Desktop\avipc.dll]  [Avira GmbH, 1.1.3.4]
[PID: 596 / SYSTEM][d:\Program Files\Beike\Beike Online Scan\bkolscansvc.exe]  [贝壳网际（北京）安全技术有限公司, 2009.12.4.12]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[d:\Program Files\Beike\Beike Online Scan\bkolscanner.dll]  [贝壳网际（北京）安全技术有限公司, 2009.12.4.12]
[PID: 2504 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 664 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 2780 / Administrator][D:\Program Files\360\360se3\360se.exe]  [360.cn, 3, 5, 0, 6]
[D:\Program Files\360\360se3\Extensions\SafeCentral\SafeCentral.dll]  [360.cn, 1, 3, 1, 1047]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\Program Files\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\360\360se3\Extensions\Favorites\Favorites.dll]  [360.cn, 2, 0, 3, 1064]
[D:\Program Files\360\360se3\Extensions\LoginEnrol\LoginEnrol.dll]  [360.cn, 2, 0, 3, 1064]
[D:\Program Files\360\360se3\sqlite3.dll]  [N/A, ]
[D:\PROGRA~1\360\360se3\Extensions\UICenter\UICenter.dll]  [360.cn, 1, 1, 0, 1004]
[D:\PROGRA~1\360\360se3\Extensions\ExtAddons\ExtAddons.dll]  [360.cn, 1, 0, 5, 1004]
[D:\PROGRA~1\360\360se3\Extensions\ExtAdfilter\ExtAdfilter.dll]  [360.cn, 1, 1, 0, 1040]
[D:\PROGRA~1\360\360se3\Extensions\ExtBank\ExtBank.dll]  [360.cn, 1, 0, 1, 1002]
[D:\PROGRA~1\360\360se3\Extensions\ExtDoctor\ExtDoctor.dll]  [360.cn, 1.0.0.1006]
[C:\Documents and Settings\Administrator\Application Data\360se\extensions\ExtDoctor\doctor.dll]  [360.cn, 1, 0, 1, 1013]
[D:\PROGRA~1\360\360se3\Extensions\ExtDownload\ExtDownload.dll]  [360.cn, 1, 0, 4, 1018]
[D:\PROGRA~1\360\360se3\Extensions\SafeCentral\urlproc.dll]  [360.cn, 1, 2, 0, 1004]
[D:\PROGRA~1\360\360se3\Extensions\SafeCentral\urlprocnet.dll]  [360.cn, 1, 1, 0, 1005]
[D:\PROGRA~1\360\360se3\Extensions\ExtIeMode\ExtIeMode.dll]  [360.cn, 1, 0, 0, 1003]
[D:\PROGRA~1\360\360se3\Extensions\ExtPages\ExtPages.dll]  [360.cn, 1, 0, 7, 1003]
[D:\PROGRA~1\360\360se3\Extensions\ExtProxy\ExtProxy.dll]  [360.cn, 1, 0, 2, 1004]
[D:\PROGRA~1\360\360se3\Extensions\ExtSafeAddress\ExtSafeAddress.dll]  [360.cn, 1, 0, 1, 1005]
[D:\PROGRA~1\360\360se3\Extensions\ExtSuggest\ExtSuggest.dll]  [360SE, 1, 0, 1, 2]
[D:\PROGRA~1\360\360se3\Extensions\ExtUrlQuery\ExtUrlQuery.dll]  [360.cn, 1, 0, 0, 1001]
[D:\PROGRA~1\360\360se3\Extensions\ExtYouxi\ExtYouxi.dll]  [360.cn, 1, 0, 0, 1005]
[D:\PROGRA~1\360\360se3\Extensions\onlinefav\onlinefav.dll]  [360.cn, 3, 1, 0, 1001]
[D:\PROGRA~1\360\360se3\Extensions\pluginbar\pluginbar.dll]  [360.cn, 1, 0, 0, 1004]
[D:\PROGRA~1\360\360se3\Extensions\SnapPlugin\SnapPlugin.dll]  [360.cn, 1, 1, 0, 1002]
[D:\PROGRA~1\360\360se3\Extensions\TranslatorPlugin\TranslatorPlugin.dll]  [360.cn, 2, 0, 0, 1010]
[C:\WINDOWS\system32\QQPINYIN.IME]  [Tencent, 3.4.922.400]
[PID: 952 / Administrator][D:\Program Files\360\360se3\Extensions\SafeCentral\urlproc.exe]  [360.cn, 1.0.0.1001]
[D:\Program Files\360\360se3\Extensions\SafeCentral\urlproc.dll]  [360.cn, 1, 2, 0, 1004]
[D:\Program Files\360\360se3\Extensions\SafeCentral\urlprocnet.dll]  [360.cn, 1, 1, 0, 1005]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[PID: 3416 / Administrator][D:\Program Files\360\360se3\360se.exe]  [360.cn, 3, 5, 0, 6]
[D:\Program Files\360\360se3\Extensions\SafeCentral\SafeCentral.dll]  [360.cn, 1, 3, 1, 1047]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\Program Files\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\360\360se3\Extensions\Favorites\Favorites.dll]  [360.cn, 2, 0, 3, 1064]
[D:\PROGRA~1\360\360se3\Extensions\ExtAdfilter\ExtAdfilter.dll]  [360.cn, 1, 1, 0, 1040]
[D:\PROGRA~1\360\360se3\Extensions\ExtProxy\ExtProxy.dll]  [360.cn, 1, 0, 2, 1004]
[C:\WINDOWS\system32\Macromed\Flash\Flash10k.ocx]  [Adobe Systems, Inc., 10,1,85,3]
[C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.12.5896]
[C:\WINDOWS\system32\QQPINYIN.IME]  [Tencent, 3.4.922.400]
[PID: 480 / Administrator][D:\Program Files\360\360se3\360se.exe]  [360.cn, 3, 5, 0, 6]
[D:\Program Files\360\360se3\Extensions\SafeCentral\SafeCentral.dll]  [360.cn, 1, 3, 1, 1047]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\Program Files\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\360\360se3\Extensions\Favorites\Favorites.dll]  [360.cn, 2, 0, 3, 1064]
[D:\PROGRA~1\360\360se3\Extensions\ExtAdfilter\ExtAdfilter.dll]  [360.cn, 1, 1, 0, 1040]
[D:\PROGRA~1\360\360se3\Extensions\ExtProxy\ExtProxy.dll]  [360.cn, 1, 0, 2, 1004]
[C:\WINDOWS\system32\Macromed\Flash\Flash10k.ocx]  [Adobe Systems, Inc., 10,1,85,3]
[C:\WINDOWS\system32\QQPINYIN.IME]  [Tencent, 3.4.922.400]
[PID: 2932 / Administrator][D:\Program Files\sreng2\SREngLdr.EXE]  [Smallfrogs Studio, 2.8.2.1321]
[PID: 2036 / Administrator][D:\Program Files\sreng2\SRE1a964ccb.EXE]  [Smallfrogs Studio, 2.8.2.1321]
[C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)]
[D:\Program Files\KSafe\ksfmon.dll]  [Kingsoft Corporation., 1.6.0.1155]
[D:\Program Files\KSafe\kwsui.dll]  [Kingsoft Corporation, 2010,10,11,2]
[D:\Program Files\KSafe\kswebshield.dll]  [Kingsoft Corporation, 2010,10,11,2]
[C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)]
[D:\Program Files\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
N/A

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 744, C:\WINDOWS\SYSTEM32\WINLOGON.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 216, C:\PROGRAM FILES\AVIRA\ANTIVIR DESKTOP\SCHED.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 524, C:\PROGRAM FILES\AVIRA\ANTIVIR DESKTOP\AVGNT.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 584, C:\PROGRAM FILES\AVIRA\ANTIVIR DESKTOP\AVGUARD.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 2932, D:\PROGRAM FILES\SRENG2\SRENGLDR.EXE]

==================================
计划任务
[已禁用] 贝壳木马专杀登录扫描任务.job
      D:\beikescan.exe
[已禁用] 贝壳木马专杀每日定时扫描任务.job
      D:\beikescan.exe
[已禁用] SmartDefrag.job
      D:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
[已禁用] AWC Update.job
      D:\Program Files\IObit\Advanced SystemCare 3\IObitUpdate.exe
[已禁用] AWC AutoSweep.job
      D:\Program Files\IObit\Advanced SystemCare 3\AutoSweep.exe

==================================
Windows 安全更新检查
Microsoft .NET Framework 版本 1.1，简体中文版
KB925850,  Windows Media Player 11
KB940157,  用于 Windows XP 的 Windows 搜索 4.0 (KB940157)
KB902344,  启用了 WMDRM 的 Media Player 更新程序 (KB902344)
KB909520,  Microsoft 基本智能卡加密服务提供程序包： x86 (KB909520)
KB951847,  Microsoft .NET Framework 3.5 Service Pack 1 和 .NET Framework 3.5 Family Update (KB951847) x86
KB973924,  Microsoft Visual C++ 2008 Redistributable Package 的安全更新 (KB973924) MS09-035
KB944036,  用于 Windows XP 的 Internet Explorer 8
KB971513,  Windows XP 更新程序 (KB971513)
KB978601,  Windows XP 安全更新程序 (KB978601) MS10-019
KB978601,  Windows Live 软件包
KB982926,  Microsoft Silverlight (KB982926)
KB979482,  Windows XP 安全更新程序 (KB979482) MS10-033
KB2286198,  Windows XP 安全更新程序 (KB2286198) MS10-046
KB2079403,  Windows XP 安全更新程序 (KB2079403) MS10-051
KB980436,  Windows XP 安全更新程序 (KB980436) MS10-049
KB931125,  根证书更新 [2010 年 8 月] (KB931125)
KB982670,  用于 Windows XP x86 的 Microsoft .NET Framework 4 Client Profile (KB982670)
KB982671,  用于 Windows XP x86 的 Microsoft .NET Framework 4 (KB982671)
KB890830,  Windows 恶意软件删除工具 - 2010 年 10 月 (KB890830)

==================================
API HOOK
入口点错误：LoadLibraryExW (危险等级: 高,  被下面模块所HOOK: 0x012802F1)
入口点错误：CreateProcessA (危险等级: 高,  被下面模块所HOOK: 0x012102F1)
入口点错误：CreateProcessW (危险等级: 高,  被下面模块所HOOK: 0x012402F1)
入口点错误：ShellExecuteExW (危险等级: 高,  被下面模块所HOOK: 0x012A02F1)
入口点错误：ShellExecuteW (危险等级: 高,  被下面模块所HOOK: 0x012902F1)

==================================
隐藏进程
N/A

==================================

[/code]

显示全部楼层 · 发表于 2010-10-14 21:53:43

回复 2楼 zsgws 的帖子

没什么问题，安全软件比你实际用的软件多。

显示全部楼层 · 发表于 2010-10-14 22:19:07

回复 3楼想和你去吹吹风的帖子

谢谢！
这个没问题吗？
API HOOK
入口点错误：LoadLibraryExW (危险等级: 高,  被下面模块所HOOK: 0x012802F1)
入口点错误：CreateProcessA (危险等级: 高,  被下面模块所HOOK: 0x012102F1)
入口点错误：CreateProcessW (危险等级: 高,  被下面模块所HOOK: 0x012402F1)
入口点错误：ShellExecuteExW (危险等级: 高,  被下面模块所HOOK: 0x012A02F1)
入口点错误：ShellExecuteW (危险等级: 高,  被下面模块所HOOK: 0x012902F1)

显示全部楼层 · 发表于 2010-10-14 23:16:09

回复 4楼 zsgws 的帖子

杀软HOOK的，没事。

显示全部楼层 · 发表于 2010-11-6 16:35:40

回复 5楼想和你去吹吹风的帖子

感谢！
很久没来了

[求助] 我用SREng扫描了一下，达人们帮我看看有没有问题，谢谢