2008-03-17,14:24:55
System Repair Engineer 2.5.16.900
Smallfrogs (
http://www.KZ....com)
Windows XP Professional Service Pack 2 (Build 2600) - 管理许可权用户 - 完整功能
以下内容被选中:
所有的启动项目(包括注册表、开机档案夹、服务等)
流览器载入项
正在运行的进程(包括进程模组资讯)
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描
启动专案
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><> [N/A]
<run><> [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<TrackPointSrv><tp4serv.exe> [(Verified)Microsoft Windows Hardware Compatibility Publisher]
<SoundMAXPnP><; C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe> [Analog Devices, Inc.]
<SoundMAX><; C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray> [Analog Devices, Inc.]
<TPHOTKEY><C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe> []
<ACTray><C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe> [Lenovo]
<ACWLIcon><C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe> [Lenovo]
<PRONoMgrWired><C:\Program Files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe> [Intel(R) Corporation]
<Crystal Internet Meter><C:\Program Files\Crystal Internet Meter\cimeter.exe> []
<AVP><"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"> [(Verified)Kaspersky Lab]
<IMDreyePlugin><; "C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIMplugin.exe" /h> []
<Tweak UI><; RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp> [Microsoft Corporation]
<SunJavaUpdateSched><; "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"> [(Verified)"Sun Microsystems, Inc."]
<CJIMETIPSYNC><; C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\CHANGJIE\CINTLCFG.EXE /CJIMETIPSync> [(Verified)Microsoft Corporation]
<PHIMETIPSYNC><; C:\Program Files\Common Files\Microsoft Shared\IME\IMTC65\PHONETIC\TINTLCFG.EXE /PHIMETIPSync> [(Verified)Microsoft Corporation]
<ISUSPM Startup><; C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup> [InstallShield Software Corporation]
<ISUSScheduler><; "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start> [InstallShield Software Corporation]
<IBM Warranty Notification><; "C:\Program Files\IBM\acp\ERTS0749\ERTS0749.exe /nointro"> [IBM Corporation]
<Adobe Reader Speed Launcher><; "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)"Adobe Systems, Incorporated"]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe> [(Verified)Microsoft Windows Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,> [(Verified)Microsoft Windows Publisher]
<UIHost><logonui.exe> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
<WinlogonNotify: klogon><C:\WINDOWS\system32\klogon.dll> [Kaspersky Lab]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tpfnf2]
<WinlogonNotify: tpfnf2><notifyf2.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\tphotkey]
<WinlogonNotify: tphotkey><tphklock.dll> []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe> [(Verified)Microsoft Windows]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT> [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub> [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<Address Book 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
<N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install> [Microsoft Corporation]
==================================
开机档案夹
[Digital Line Detect]
<C:\Documents and Settings\All Users\「开始」功能表\程式集\启动\Digital Line Detect.lnk --> C:\PROGRA~1\DIGITA~1\DLG.exe [BVRP Software]><H>
[WLAN Client Utility]
<C:\Documents and Settings\All Users\「开始」功能表\程式集\启动\WLAN Client Utility.lnk --> C:\PROGRA~1\802~1.11W\WLANCL~1\WLANCL~1.EXE [ATMEL]><N>
[捷径 - P4MagicSpeed]
<C:\Documents and Settings\globe\「开始」功能表\程式集\启动\捷径 - P4MagicSpeed.lnk --> D:\SF\P4MSRC2.3\P4MAGI~1.EXE [none]><N>
==================================
服务
[Ac Profile Manager Service / AcPrfMgrSvc][Running/Auto Start]
<C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe><N/A>
[Access Connections Main Service / AcSvc][Running/Auto Start]
<C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe><Lenovo>
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
<C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Kaspersky Anti-Virus 6.0 / AVP][Running/Auto Start]
<"C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r><Kaspersky Lab>
[ConfigFree Service / CFSvcs][Stopped/Auto Start]
<><N/A>
[Intel(R) PROSet/Wireless Event Log / EvtEng][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\EvtEng.exe><Intel Corporation>
[ThinkPad PM Service / IBMPMSVC][Running/Auto Start]
<C:\WINDOWS\system32\ibmpmsvc.exe><>
[InstallDriver Table Manager / IDriverT][Stopped/Manual Start]
<"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"><Macrovision Corporation>
[O&O Defrag / O&O Defrag][Running/Auto Start]
<C:\WINDOWS\system32\oodag.exe><O&O Software GmbH>
[Intel(R) PROSet/Wireless Registry Service / RegSrvc][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe><Intel Corporation>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start]
<"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><CACE Technologies>
[Intel(R) PROSet/Wireless Service / S24EventMonitor][Running/Auto Start]
<C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe><Intel Corporation>
[SoundMAX Agent Service / SoundMAX Agent Service (default)][Running/Auto Start]
<C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe><Analog Devices, Inc.>
[WDelMgr20 / WDelMgr20][Running/Auto Start]
<C:\WINDOWS\system32\drivers\WDelMgr20.exe><N/A>
==================================
驱动程式
[3xHybrid service / 3xHybrid][Stopped/Manual Start]
<system32\DRIVERS\3xHybrid.sys><Philips Semiconductors GmbH>
[aeaudio / aeaudio][Running/Manual Start]
<system32\drivers\aeaudio.sys><Andrea Electronics Corporation>
[AEGIS Protocol (IEEE 802.1x) v3.4.10.0 / AegisP][Running/Auto Start]
<system32\DRIVERS\AegisP.sys><Meetinghouse Data Communications>
[ANC / ANC][Running/System Start]
<System32\drivers\ANC.SYS><IBM Corp.>
[ati2mtag / ati2mtag][Running/Manual Start]
<system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[Intel(R) PRO/1000 Adapter Driver / E1000][Running/Manual Start]
<system32\DRIVERS\e1000325.sys><Intel Corporation>
[IBM Access Support / EGATHDRV][Stopped/Manual Start]
<\??\C:\WINDOWS\Downloaded Program Files\EGATHDRV.SYS><IBM Corporation>
[HSFHWICH / HSFHWICH][Running/Manual Start]
<system32\DRIVERS\HSFHWICH.sys><Conexant Systems, Inc.>
[HSF_DPV / HSF_DPV][Running/Manual Start]
<system32\DRIVERS\HSF_DPV.sys><Conexant Systems, Inc.>
[IBMPMDRV / IBMPMDRV][Running/Manual Start]
<system32\DRIVERS\ibmpmdrv.sys><Lenovo.>
[IBMTPCHK / IBMTPCHK][Running/System Start]
<\??\C:\WINDOWS\system32\Drivers\IBMBLDID.sys><N/A>
[IoMonkey / IoMonkey][Running/Manual Start]
<\??\C:\DOCUME~1\globe\LOCALS~1\Temp\IoMonkey.sys><Tenth Planet Software Intl.>
[kl1 / kl1][Running/Boot Start]
<\SystemRoot\system32\drivers\kl1.sys><Kaspersky Lab>
[klif / klif][Running/System Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[mdmxsdk / mdmxsdk][Running/Auto Start]
<system32\DRIVERS\mdmxsdk.sys><Conexant>
[TOSHIBA Network Device Usermode I/O Protocol / Netdevio][Running/Auto Start]
<system32\DRIVERS\netdevio.sys><TOSHIBA Corporation.>
[NetGroup Packet Filter Driver / NPF][Stopped/Manual Start]
<system32\drivers\npf.sys><CACE Technologies>
[NSC Infrared Device Driver / NSCIRDA][Running/Manual Start]
<system32\DRIVERS\nscirda.sys><National Semiconductor Corporation>
[OEM FVNETusb (AR)(R) Service for WLAN USB Adapter (AR) / OEM FVNETusb (AR)(R)][Stopped/Manual Start]
<system32\DRIVERS\vnetusbr.sys><ATMEL>
[PCANDIS5 NDIS Protocol Driver / PCANDIS5][Running/Manual Start]
<\??\C:\WINDOWS\system32\PCANDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
[直接平行连接埠连结驱动程式 / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[无线区域网路传输 / s24trans][Running/Auto Start]
<system32\DRIVERS\s24trans.sys><Intel Corporation>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[smwdm / smwdm][Running/Manual Start]
<system32\drivers\smwdm.sys><Analog Devices, Inc.>
[sojubus / sojubus][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\sojubus.sys><>
[sojuscsi / sojuscsi][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\sojuscsi.sys><>
[TDDI / TDDI][Running/Auto Start]
<\??\C:\WINDOWS\system32\drivers\tddi.sys><SafeNet China Ltd.>
[PS/2 TrackPoint Driver / Tp4Track][Running/Manual Start]
<system32\DRIVERS\tp4track.sys><Lenovo Group Limited>
[TSP / TSP][Stopped/Manual Start]
<\??\C:\WINDOWS\system32\drivers\klif.sys><Kaspersky Lab>
[IBM PS/2 TrackPoint Filter Driver / TwoTrack][Stopped/Manual Start]
<system32\DRIVERS\TwoTrack.sys><IBM Corporation>
[USB Home PhoneLine 1Mbps Network Adapter / USBH1][Stopped/Manual Start]
<system32\DRIVERS\USBH1.sys><USBs>
[Windows XP 的 Intel(R) PRO/Wireless 2915ABG 网路连线驱动程式 / w29n51][Running/Manual Start]
<system32\DRIVERS\w29n51.sys><IntelR Corporation>
[winachsf / winachsf][Running/Manual Start]
<system32\DRIVERS\HSF_CNXT.sys><Conexant Systems, Inc.>
[世界标准电传转码器 / WSTCODEC][Stopped/Manual Start]
<system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>
==================================
流览器载入项
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[Java Plug-in 1.6.0_03]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Web反病毒保护 统计]
{1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\SCIEPlgn.dll, Kaspersky Lab>
[参考资料(&R)]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[更新 ThinkPad 软体]
{D1A4DEBD-C2EE-449f-B9FB-E8409F9A0BC5} <C:\Program Files\Lenovo\PkgMgr\PkgMgr.exe, Lenovo Group Limited>
[D.S.Lite]
{F8475519-8412-4D40-A46E-692D9D04DF7F} <D:\DSLite2.07.45\DSLite2\DSLite.exe, watermonster.org>
[Dr.eye WebPage Translation]
{92B255FE-94E2-4BCA-958D-3926CE38913F} <C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIEBar.dll, >
[MeadCo ScriptX]
{1663ed61-23eb-11d2-b92f-008048fdd814} <C:\WINDOWS\system32\MCScripX.dll, Mead & Co Limited>
[IASRunner Class]
{2DAD3559-2923-4935-AD49-B673D2539944} <C:\WINDOWS\Downloaded Program Files\acpir2.dll, >
[Java Plug-in 1.6.0_03]
{8AD9C840-044E-11D1-B3E9-00805F499D93} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[NowStarter Control]
{A22B8FD2-4CAA-4EFB-82F7-680CD656D9B0} <C:\WINDOWS\DOWNLO~1\GNOWST~1.OCX, (C) NOWCOM>
[Java Plug-in 1.4.2_15]
{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.5.0_13]
{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Java Plug-in 1.6.0_03]
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} <C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll, Sun Microsystems, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[Adobe PDF Reader Link Helper]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Web Browser Applet Control]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} <C:\WINDOWS\system32\msjava.dll, Microsoft Corporation>
[Shockwave ActiveX Control]
{166B1BCA-3F9C-11CF-8075-444553540000} <C:\WINDOWS\system32\macromed\Director\SwDir.dll, Macromedia, Inc.>
[Windows Media Player]
{22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[Windows Media Player]
{6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[SSVHelper Class]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll, Sun Microsystems, Inc.>
[Microsoft Web Browser]
{8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Dr.eye WebPage Translation]
{92B255FE-94E2-4BCA-958D-3926CE38913F} <C:\Program Files\Inventec\Dreye\DreyeMT\DreyeIEBar.dll, >
[Microsoft Scriptlet Component]
{AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[NTIECatcher Class]
{C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[RealPlayer G2 Control]
{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} <C:\WINDOWS\system32\rmoc3260.dll, RealNetworks, Inc.>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx, Adobe Systems, Inc.>
[Microsoft Agent Control 2.0]
{D45FD31B-5C6E-11D1-9EC1-00C04FD7081F} <C:\WINDOWS\msagent\agentctl.dll, Microsoft Corporation>
[MessengerChecker Class]
{DA4F543C-C8A9-4E88-9A79-548CBB46F18F} <C:\Program Files\Yahoo!\Messenger\YPagerChecker.dll, Yahoo! Inc.>
[QuickTimeCheck Class]
{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} <C:\WINDOWS\system32\QuickTimeCheck.ocx, Apple Computer, Inc.>
[XML HTTP Request]
{ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML HTTP]
{F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
[下载编码内容(&D.S.Lite)]
<D:\DSLite2.07.45\DSLite2\dl_text.html, N/A>
[下载编码档案内容(&D.S.Lite)]
<D:\DSLite2.07.45\DSLite2\dl_url.html, N/A>
[汇出至 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[转换到现有 PDF]
<, N/A>
[转换连结目标到现有 PDF]
<, N/A>
[转换选定的连结到现有 PDF]
<, N/A>
[转换选择内容到现有 PDF]
<, N/A>
==================================
正在运行的进程
[PID: 956 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1024 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1052 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4115]
[C:\WINDOWS\system32\klogon.dll] [Kaspersky Lab, 6.0.2.671]
[C:\WINDOWS\system32\tphklock.dll] [N/A, ]
[C:\WINDOWS\system32\notifyf2.dll] [N/A, ]
[PID: 1096 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1272 / SYSTEM][C:\WINDOWS\system32\ibmpmsvc.exe] [, ]
[PID: 1312 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4115]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 1324 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1412 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1556 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 204 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\EvtEng.exe] [Intel Corporation, 10, 1, 1, 1]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10, 1, 1, 2]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10, 1, 1, 5]
[PID: 316 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe] [Intel Corporation , 10, 1, 1, 34]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10, 1, 1, 5]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10, 1, 1, 2]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, ]
[C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10, 1, 1, 3]
[C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL] [N/A, ]
[PID: 556 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 576 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 164 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0]
[PID: 428 / SYSTEM][C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [N/A, ]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcLocMigrator.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ThinQCon.dll] [N/A, ]
[PID: 640 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 712 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE] [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\1028\mdmui.dll] [Microsoft Corporation, 7.00.9466]
[PID: 828 / SYSTEM][C:\WINDOWS\system32\oodag.exe] [O&O Software GmbH, 8.0.1398]
[C:\WINDOWS\system32\OODAGRS.DLL] [O&O Software GmbH, 8.0.1.1347]
[PID: 984 / SYSTEM][C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe] [Intel Corporation, 10, 1, 1, 1]
[PID: 1488 / SYSTEM][C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe] [Analog Devices, Inc., 3, 2, 6, 0]
[PID: 1724 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: DNSRV(bld4act)]
[PID: 680 / SYSTEM][C:\WINDOWS\system32\drivers\WDelMgr20.exe] [N/A, ]
[PID: 1888 / SYSTEM][C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe] [Lenovo, 4, 11, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [N/A, ]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcSvcHlpr.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ANCA.dll] [IBM Corp., 8.3]
[C:\Program Files\ThinkPad\ConnectUtilities\ANC.dll] [IBM Corp., 8.3]
[C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ACGolan.DLL] [N/A, ]
[C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 10, 1, 1, 48]
[C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10, 1, 1, 5]
[C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10, 1, 1, 2]
[C:\Program Files\Intel\Wireless\Bin\DbEngine.dll] [Intel Corporation, 10, 1, 1, 14]
[C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, ]
[C:\Program Files\Intel\Wireless\Bin\IntStngs.dll] [, 10, 1, 1, 3]
[C:\Program Files\Intel\Wireless\Bin\MurocAPI.dll] [Intel Corporation, 10, 1, 1, 39]
[C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll] [Intel Corporation, 10, 1, 1, 1]
[PID: 844 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2520 / SYSTEM][C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe] [Lenovo, 4, 11, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [N/A, ]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ACGUIHlpr.dll] [Lenovo, 4, 11, 0, 0]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll] [N/A, ]
[C:\WINDOWS\system32\MFC71CHT.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\TC\GUIHlprRes.dll] [Lenovo, 4, 0, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\TC\SvcHlprRes.dll] [Lenovo
, 4, 0, 0, 0]
[PID: 4076 / globe][C:\WINDOWS\system32\Ati2evxx.exe] [ATI Technologies Inc., 6.14.10.4115]
[C:\WINDOWS\system32\Ati2edxx.dll] [ATI Technologies, Inc., 6, 14, 10, 2497]
[PID: 448 / globe][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll] [Kaspersky Lab, 6.0.2.671]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 8.0.0.2006102200]
[C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll] [Xi, 1.91.12]
[C:\Program Files\Xi\NetTransport 2\MFC42.DLL] [Microsoft Corporation, 6.00.9782.0]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHT] [Adobe Systems, Inc., 8.0.0.0]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[C:\Program Files\Unlocker\UnlockerCOM.dll] [N/A, ]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\ShellEx.dll] [Kaspersky Lab, 6.0.2.671]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 8.1.0.0]
[PID: 2116 / globe][C:\WINDOWS\system32\tp4serv.exe] [Lenovo Group Limited, 3.55]
[C:\WINDOWS\system32\tp4uires.dll] [N/A, ]
[PID: 2200 / globe][C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe] [N/A, ]
[C:\Program Files\Lenovo\PkgMgr\HOTKEY_2\tphk_2k.dll] [N/A, ]
[C:\WINDOWS\system32\Oemdspif.dll] [ATI Technologies, Inc., 6.14.0012]
[PID: 2208 / globe][C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe] [Lenovo, 4, 11, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [N/A, ]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\ThinkPad\ConnectUtilities\ACGUIHlpr.dll] [Lenovo, 4, 11, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [N/A, ]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71CHT.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\TC\GUIHlprRes.dll] [Lenovo, 4, 0, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\TC\TrayRes.dll] [Lenovo
, 4, 0, 0, 0]
[PID: 2244 / globe][C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe] [Lenovo, 4, 11, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll] [N/A, ]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\ThinkPad\ConnectUtilities\ACGUIHlpr.dll] [Lenovo, 4, 11, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll] [N/A, ]
[C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll] [N/A, ]
[C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71CHT.DLL] [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\TC\GUIHlprRes.dll] [Lenovo, 4, 0, 0, 0]
[C:\Program Files\ThinkPad\ConnectUtilities\Res\TC\IconRes.dll] [Lenovo, 4, 0, 0, 0]
[PID: 2260 / globe][C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe] [N/A, ]
[PID: 2268 / globe][C:\Program Files\Crystal Internet Meter\cimeter.exe] [N/A, ]
[PID: 2272 / globe][C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe] [Lenovo Group Limited, 1.16]
[PID: 2316 / globe][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2432 / globe][C:\Program Files\802.11 Wireless LAN\WLAN Client Utility\WLANClientUtility.exe] [ATMEL, 3, 3, 4, 40]
[C:\WINDOWS\system32\W32N50.dll] [Printing Communications Assoc., Inc. (PCAUSA), 5.03.16.54]
[PID: 2648 / globe][D:\SF\P4MSRC2.3\P4MagicSpeed.exe] [none, 1.00]
[C:\WINDOWS\system32\MSVBVM60.DLL] [Microsoft Corporation, 6.00.9782]
[C:\WINDOWS\system32\VB6CHT.DLL] [Microsoft Corporation, 6.00.8988]
[D:\SF\P4MSRC2.3\CPUPerfKit.dll] [N/A, ]
[D:\SF\P4MSRC2.3\iomonkey.dll] [Tenth Planet Software Intl., Fri Sep 12 18:42:17 2003]
[PID: 2188 / globe][C:\Program Files\Open PCMan Combo\PCMan.exe] [Open PCMan Project, 8.2.0.314]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scrchpg.dll] [Kaspersky Lab, 6.0.2.671]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\klscav.dll] [Kaspersky Lab, 6.0.2.671]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prremote.dll] [Kaspersky Lab, 6.0.2.671]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prloader.dll] [Kaspersky Lab, 6.0.2.671]
[C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\prkernel.ppl] [Kaspersky Lab, 6.0.2.671]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\params.ppl] [Kaspersky Lab, 6.0.2.671]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\pxstub.ppl] [Kaspersky Lab, 6.0.2.671]
[c:\program files\kaspersky lab\kaspersky anti-virus 6.0\tempfile.ppl] [Kaspersky Lab, 6.0.2.671]
[C:\WINDOWS\system32\CHEWING.IME] [, 0, 3, 2, 2]
[C:\WINDOWS\system32\Macromed\Flash\Flash9c.ocx] [Adobe Systems, Inc., 9,0,45,0]
[C:\WINDOWS\system32\Macromed\Common\SwSupport.dll] [Macromedia, Inc., 10.1r11]
[PID: 704 / globe][C:\WINDOWS\system32\IME\Chewing\ChewingServer.exe] [N/A, ]
[PID: 1876 / SYSTEM][C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe] [Intel Corporation, 10, 1, 1, 84]
[C:\PROGRA~1\Intel\Wireless\Bin\acAuth.dll] [, 4.0.23.0 2006-03-10 14:49:28]
[C:\PROGRA~1\Intel\Wireless\Bin\C1XStngs.dll] [Intel Corporation, 10, 1, 1, 31]
[C:\PROGRA~1\Intel\Wireless\Bin\PsRegApi.dll] [Intel Corporation, 10, 1, 1, 2]
[C:\PROGRA~1\Intel\Wireless\Bin\IntStngs.dll] [, 10, 1, 1, 3]
[C:\PROGRA~1\Intel\Wireless\Bin\TraceAPI.DLL] [Intel Corporation, 10, 1, 1, 5]
[C:\PROGRA~1\Intel\Wireless\Bin\IWMSPROV.DLL] [N/A, ]
[C:\Program Files\Intel\Wireless\Bin\C8021CHT.dll] [Intel Corporation, 10, 1, 1, 31]
[C:\PROGRA~1\Intel\Wireless\Bin\LSAWRAPI.dll] [Intel Corporation, 10, 1, 1, 1]
[C:\PROGRA~1\Intel\Wireless\Bin\PfMgrApi.dll] [Intel Corporation, 10, 1, 1, 48]
[C:\PROGRA~1\Intel\Wireless\Bin\DbEngine.dll] [Intel Corporation, 10, 1, 1, 14]
[C:\PROGRA~1\Intel\Wireless\Bin\LIBEAY32.dll] [N/A, ]
[PID: 3052 / globe][C:\WINDOWS\system32\taskmgr.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1908 / globe][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2164 / globe][D:\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900]
[D:\sreng2\Lang\1028.DLL] [System Repair Engineer, 2.5.16.900]
[D:\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
==================================
进程特权扫描
特殊特权被允许: SeLoadDriverPrivilege [PID = 316, C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1888, C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACSVC.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2520, C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\SVCGUIHLPR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2200, C:\PROGRA~1\LENOVO\PKGMGR\HOTKEY\TPHKMGR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2208, C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACTRAY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2244, C:\PROGRAM FILES\THINKPAD\CONNECTUTILITIES\ACWLICON.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2260, C:\PROGRAM FILES\LENOVO\PKGMGR\HOTKEY\TPONSCR.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2268, C:\PROGRAM FILES\CRYSTAL INTERNET METER\CIMETER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2272, C:\PROGRAM FILES\LENOVO\PKGMGR\HOTKEY_1\TPSCREX.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2432, C:\PROGRAM FILES\802.11 WIRELESS LAN\WLAN CLIENT UTILITY\WLANCLIENTUTILITY.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2648, D:\SF\P4MSRC2.3\P4MAGICSPEED.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 2188, C:\PROGRAM FILES\OPEN PCMAN COMBO\PCMAN.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 704, C:\WINDOWS\SYSTEM32\IME\CHEWING\CHEWINGSERVER.EXE]
特殊特权被允许: SeLoadDriverPrivilege [PID = 1876, C:\PROGRA~1\INTEL\WIRELESS\BIN\DOT1XCFG.EXE]
==================================
API HOOK
RVA 错误: LoadLibraryA (危险等级: 高, 被下面模组所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA 错误: LoadLibraryExA (危险等级: 高, 被下面模组所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA 错误: LoadLibraryExW (危险等级: 高, 被下面模组所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA 错误: LoadLibraryW (危险等级: 高, 被下面模组所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
RVA 错误: GetProcAddress (危险等级: 高, 被下面模组所HOOK: \??\C:\WINDOWS\system32\drivers\klif.sys)
==================================
隐藏进程
N/A
==================================
有哪些是有问题的呢??
我最近只要砍rmvb档案~explorer都会占cpu使用率40%以上~且会lag~砍一个100mb的rmvb档~竟然要10秒左右~砍别种档案却都不会…这是怎魔一回事呢??
各位大大帮我解答下~感恩!