发表于: 2006-08-13 11:16 | 显示全部 短消息 资料
字号: 11楼

启动文件夹
服务
[Adobe LM Service / Adobe LM Service]
  <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"><Adobe Systems>
[ewido security suite control / ewido security suite control]
  <D:\Program Files\ewido anti-malware\ewidoctrl.exe><ewido networks>
[NVIDIA Display Driver Service / NVSvc]
  <C:\WINDOWS\System32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv]
  <c:\program files\rising\rfw\rfwproxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService]
  <c:\program files\rising\rfw\rfwsrv.exe><N/A>
[Rising Process Communication Center / RsCCenter]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[RsRavMon Service / RsRavMon]
  <"C:\Program Files\Rising\Rav\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
浏览器加载项
[XBTP01967 Class]
  {F3E19DD9-6D5B-4867-A057-1EFFFC62322E} <C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Toolbar.dll, IE Toolbar>
[TT33定向搜索]
  {D940F380-49C7-4A05-9E33-53930AF5768F} <C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Toolbar.dll, IE Toolbar>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\System32\Macromed\Flash\Flash8b.ocx, Macromedia, Inc.>

==================================
正在运行的进程
[PID: 324][\SystemRoot\System32\smss.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
[PID: 388][\??\C:\WINDOWS\system32\csrss.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
[PID: 412][\??\C:\WINDOWS\system32\winlogon.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\KB914847M.LOG]  <N/A><N/A>
[PID: 464][C:\WINDOWS\system32\services.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\KB914847M.LOG]  <N/A><N/A>
[PID: 484][C:\WINDOWS\system32\lsass.exe]  <Microsoft Corporation><5.1.2600.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\KB914847M.LOG]  <N/A><N/A>
[PID: 676][C:\WINDOWS\system32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\KB914847M.LOG]  <N/A><N/A>
    [C:\WINDOWS\System32\cn_spi32.dll]  <N/A><N/A>
[PID: 756][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\KB914847M.LOG]  <N/A><N/A>
    [C:\WINDOWS\System32\cn_spi32.dll]  <N/A><N/A>
[PID: 844][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\KB914847M.LOG]  <N/A><N/A>
[PID: 856][C:\WINDOWS\System32\svchost.exe]  <Microsoft Corporation><5.1.2600.0 (xpclient.010817-1148)>
    [C:\WINDOWS\KB914847M.LOG]  <N/A><N/A>
[PID: 1488][C:\WINDOWS\Explorer.exe]  <Microsoft Corporation><6.00.2800.1106 (xpsp1.020828-1920)>
    [C:\WINDOWS\KB914847M.LOG]  <N/A><N/A>
    [C:\WINDOWS\system32\RavExt.dll]  <Beijing Rising Technology Co., Ltd.><18, 0, 0, 21>
    [D:\Program Files\ewido anti-malware\shellhook.dll]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\WinHook.sys]  <N/A><N/A>
    [C:\NTLDR.DLL]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  <N/A><N/A>
[PID: 1768][C:\Documents and Settings\林敬满\桌面\procexp\procexp\procexp.exe]  <Sysinternals><8.60>
    [C:\WINDOWS\KB914847M.LOG]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\WinHook.sys]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  <N/A><N/A>
[PID: 1836][C:\Documents and Settings\林敬满\桌面\sreng2\SREng2\SREng.exe]  <Smallfrogs Studio><2.0.21.505>
    [C:\WINDOWS\KB914847M.LOG]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\WinHook.sys]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  <N/A><N/A>
    [C:\WINDOWS\System32\cn_spi32.dll]  <N/A><N/A>
[PID: 1852][C:\WINDOWS\WINLOGON.EXE]  <zJeuKZJHdgr43s><0.00.0087>
    [C:\WINDOWS\KB914847M.LOG]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\WinHook.sys]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\IEXPLORE.Dat]  <N/A><N/A>
    [C:\Program Files\Internet Explorer\IEXPLORE.Sys]  <N/A><N/A>

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  Error. [winfiles]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\system32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者

==================================