【求助】如何解决system用户自动启动iexplore.exe？

SailingStar

QUOTE:

Posted by chhao11 on 2007-10-4 19:35

没有winlogon.exe进程，随后发svchost.exe进程模块

19楼图左边第五行的winlogon.exe

chhao11

第一个
模块公司名称创建日期修改日期文件描述
C:\WINDOWS\system32\ntdll.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 NT Layer DLL
C:\WINDOWS\system32\kernel32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT BASE API Client DLL
C:\WINDOWS\system32\ADVAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Advanced Windows 32 Base API
C:\WINDOWS\system32\RPCRT4.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Procedure Call Runtime
C:\WINDOWS\system32\ShimEng.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Shim Engine DLL
C:\WINDOWS\AppPatch\AcGenral.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Compatibility DLL
C:\WINDOWS\system32\USER32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP USER API Client DLL
C:\WINDOWS\system32\GDI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 GDI Client DLL
C:\WINDOWS\system32\WINMM.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 MCI API DLL
C:\WINDOWS\system32\ole32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft OLE for Windows
C:\WINDOWS\system32\msvcrt.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT CRT DLL
C:\WINDOWS\system32\OLEAUT32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
C:\WINDOWS\system32\MSACM32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft ACM Audio Filter
C:\WINDOWS\system32\VERSION.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Version Checking and File Installation Libraries
C:\WINDOWS\system32\SHELL32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Shell Common Dll
C:\WINDOWS\system32\SHLWAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2006-9-23 12:12:34 Shell Light-weight Utility Library
C:\WINDOWS\system32\USERENV.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Userenv
C:\WINDOWS\system32\UxTheme.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft UxTheme Library
C:\WINDOWS\system32\IMM32.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP IMM32 API Client DLL
C:\WINDOWS\system32\LPK.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Language Pack
C:\WINDOWS\system32\USP10.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Uniscribe Unicode script processor
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll Microsoft Corporation 2007-2-3 9:53:26 2006-8-25 23:49:42 User Experience Controls Library
C:\WINDOWS\system32\comctl32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Common Controls Library
C:\WINDOWS\system32\NTMARTA.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT MARTA provider
C:\WINDOWS\system32\WLDAP32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Win32 LDAP API DLL
C:\WINDOWS\system32\SAMLIB.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 SAM Library DLL
c:\windows\system32\rpcss.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Distributed COM Services
c:\windows\system32\WS2_32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 2.0 32-Bit DLL
c:\windows\system32\WS2HELP.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 2.0 Helper for Windows NT
c:\windows\system32\Secur32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Security Support Provider Interface
C:\WINDOWS\system32\xpsp2res.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Service Pack 2 Messages
C:\WINDOWS\system32\CLBCATQ.DLL Microsoft Corporation 2007-2-3 7:34:00 2004-8-17 20:00:00 0
C:\WINDOWS\system32\COMRes.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
C:\WINDOWS\system32\WTSAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Terminal Server SDK APIs
C:\WINDOWS\system32\WINSTA.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Winstation Library
C:\WINDOWS\system32\NETAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Net Win32 API DLL
C:\WINDOWS\system32\msv1_0.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Authentication Package v1.0
C:\WINDOWS\system32\iphlpapi.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 IP Helper API
c:\windows\system32\termsrv.dll Microsoft Corporation 2007-2-3 7:34:04 2004-8-17 20:00:00 Terminal Server Service
c:\windows\system32\ICAAPI.dll Microsoft Corporation 2007-2-3 7:34:02 2004-8-17 20:00:00 DLL Interface to TermDD Device Driver
c:\windows\system32\SETUPAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Setup API
C:\WINDOWS\system32\WINTRUST.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Trust Verification APIs
C:\WINDOWS\system32\CRYPT32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Crypto API32
C:\WINDOWS\system32\MSASN1.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ASN.1 Runtime APIs
C:\WINDOWS\system32\IMAGEHLP.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT Image Helper
c:\windows\system32\AUTHZ.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Authorization Framework
c:\windows\system32\mstlsapi.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft? Terminal Server Licensing
c:\windows\system32\ACTIVEDS.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ADs Router Layer DLL
c:\windows\system32\adsldpc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ADs LDAP Provider C DLL
c:\windows\system32\ATL.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ATL Module for Windows XP (Unicode)
C:\WINDOWS\system32\REGAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Registry Configuration APIs
C:\WINDOWS\system32\rsaenh.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Enhanced Cryptographic Provider
C:\WINDOWS\system32\Apphelp.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Application Compatibility Client Library
--------------
超级进程管理器 1.0.1.920 模块列表 (53) 2007-10-4 19:37:24

第二个
模块公司名称创建日期修改日期文件描述
C:\WINDOWS\system32\ntdll.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 NT Layer DLL
C:\WINDOWS\system32\kernel32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT BASE API Client DLL
C:\WINDOWS\system32\ADVAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Advanced Windows 32 Base API
C:\WINDOWS\system32\RPCRT4.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Procedure Call Runtime
C:\WINDOWS\system32\ShimEng.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Shim Engine DLL
C:\WINDOWS\AppPatch\AcGenral.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Compatibility DLL
C:\WINDOWS\system32\USER32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP USER API Client DLL
C:\WINDOWS\system32\GDI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 GDI Client DLL
C:\WINDOWS\system32\WINMM.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 MCI API DLL
C:\WINDOWS\system32\ole32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft OLE for Windows
C:\WINDOWS\system32\msvcrt.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT CRT DLL
C:\WINDOWS\system32\OLEAUT32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
C:\WINDOWS\system32\MSACM32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft ACM Audio Filter
C:\WINDOWS\system32\VERSION.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Version Checking and File Installation Libraries
C:\WINDOWS\system32\SHELL32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Shell Common Dll
C:\WINDOWS\system32\SHLWAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2006-9-23 12:12:34 Shell Light-weight Utility Library
C:\WINDOWS\system32\USERENV.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Userenv
C:\WINDOWS\system32\UxTheme.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft UxTheme Library
C:\WINDOWS\system32\IMM32.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP IMM32 API Client DLL
C:\WINDOWS\system32\LPK.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Language Pack
C:\WINDOWS\system32\USP10.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Uniscribe Unicode script processor
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll Microsoft Corporation 2007-2-3 9:53:26 2006-8-25 23:49:42 User Experience Controls Library
C:\WINDOWS\system32\comctl32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Common Controls Library
c:\windows\system32\rpcss.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Distributed COM Services
c:\windows\system32\WS2_32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 2.0 32-Bit DLL
c:\windows\system32\WS2HELP.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 2.0 Helper for Windows NT
c:\windows\system32\Secur32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Security Support Provider Interface
C:\WINDOWS\system32\xpsp2res.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Service Pack 2 Messages
C:\WINDOWS\system32\rsaenh.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Enhanced Cryptographic Provider
C:\WINDOWS\system32\mswsock.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Windows Sockets 2.0 Service Provider
C:\WINDOWS\system32\hnetcfg.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Home Networking Configuration Manager
C:\WINDOWS\System32\wshtcpip.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Sockets Helper DLL
C:\Program Files\Bonjour\mdnsNSP.dll Apple Computer, Inc. 2006-2-28 12:42:30 2006-2-28 12:42:30 Bonjour Namespace Provider
C:\WINDOWS\system32\Iphlpapi.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 IP Helper API
C:\WINDOWS\system32\DNSAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 DNS Client API DLL
C:\WINDOWS\system32\MPRAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT MP Router Administration DLL
C:\WINDOWS\system32\ACTIVEDS.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ADs Router Layer DLL
C:\WINDOWS\system32\adsldpc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ADs LDAP Provider C DLL
C:\WINDOWS\system32\NETAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Net Win32 API DLL
C:\WINDOWS\system32\WLDAP32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Win32 LDAP API DLL
C:\WINDOWS\system32\ATL.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ATL Module for Windows XP (Unicode)
C:\WINDOWS\system32\rtutils.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Routing Utilities
C:\WINDOWS\system32\SAMLIB.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 SAM Library DLL
C:\WINDOWS\system32\SETUPAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Setup API
C:\WINDOWS\System32\winrnr.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 LDAP RnR Provider DLL
C:\WINDOWS\system32\rasadhlp.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Access AutoDial Helper
C:\WINDOWS\system32\CLBCATQ.DLL Microsoft Corporation 2007-2-3 7:34:00 2004-8-17 20:00:00 0
C:\WINDOWS\system32\COMRes.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
--------------
超级进程管理器 1.0.1.920 模块列表 (48) 2007-10-4 19:38:16
谢谢！

chhao11

第三个
模块公司名称创建日期修改日期文件描述
C:\WINDOWS\system32\ntdll.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 NT Layer DLL
C:\WINDOWS\system32\kernel32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT BASE API Client DLL
C:\WINDOWS\system32\ADVAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Advanced Windows 32 Base API
C:\WINDOWS\system32\RPCRT4.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Procedure Call Runtime
C:\WINDOWS\System32\ShimEng.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Shim Engine DLL
C:\WINDOWS\AppPatch\AcGenral.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Compatibility DLL
C:\WINDOWS\system32\USER32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP USER API Client DLL
C:\WINDOWS\system32\GDI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 GDI Client DLL
C:\WINDOWS\System32\WINMM.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 MCI API DLL
C:\WINDOWS\system32\ole32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft OLE for Windows
C:\WINDOWS\system32\msvcrt.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT CRT DLL
C:\WINDOWS\system32\OLEAUT32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
C:\WINDOWS\System32\MSACM32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft ACM Audio Filter
C:\WINDOWS\system32\VERSION.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Version Checking and File Installation Libraries
C:\WINDOWS\system32\SHELL32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Shell Common Dll
C:\WINDOWS\system32\SHLWAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2006-9-23 12:12:34 Shell Light-weight Utility Library
C:\WINDOWS\system32\USERENV.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Userenv
C:\WINDOWS\System32\UxTheme.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft UxTheme Library
C:\WINDOWS\system32\IMM32.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP IMM32 API Client DLL
C:\WINDOWS\System32\LPK.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Language Pack
C:\WINDOWS\System32\USP10.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Uniscribe Unicode script processor
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll Microsoft Corporation 2007-2-3 9:53:26 2006-8-25 23:49:42 User Experience Controls Library
C:\WINDOWS\system32\comctl32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Common Controls Library
C:\WINDOWS\System32\NTMARTA.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT MARTA provider
C:\WINDOWS\system32\WLDAP32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Win32 LDAP API DLL
C:\WINDOWS\System32\SAMLIB.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 SAM Library DLL
C:\WINDOWS\System32\xpsp2res.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Service Pack 2 Messages
c:\windows\system32\shsvcs.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Shell Services Dll
C:\WINDOWS\System32\WINSTA.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Winstation Library
C:\WINDOWS\system32\NETAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Net Win32 API DLL
C:\WINDOWS\System32\rsaenh.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Enhanced Cryptographic Provider
c:\windows\system32\dhcpcsvc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 DHCP Client Service
c:\windows\system32\DNSAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 DNS Client API DLL
c:\windows\system32\WS2_32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 2.0 32-Bit DLL
c:\windows\system32\WS2HELP.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 2.0 Helper for Windows NT
c:\windows\system32\iphlpapi.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 IP Helper API
c:\windows\system32\Secur32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Security Support Provider Interface
c:\windows\system32\wzcsvc.dll Microsoft Corporation 2004-8-16 16:39:12 2004-8-17 12:00:00 Wireless Zero Configuration Service
c:\windows\system32\rtutils.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Routing Utilities
c:\windows\system32\WMI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 WMI DC and DP functionality
C:\WINDOWS\system32\CRYPT32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Crypto API32
C:\WINDOWS\system32\MSASN1.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ASN.1 Runtime APIs
c:\windows\system32\WTSAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Terminal Server SDK APIs
c:\windows\system32\ESENT.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 服务器数据库存储引擎
c:\windows\system32\ATL.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ATL Module for Windows XP (Unicode)
C:\WINDOWS\System32\rastls.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Access PPP EAP-TLS
C:\WINDOWS\system32\CRYPTUI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Trust UI Provider
C:\WINDOWS\system32\WINTRUST.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Trust Verification APIs
C:\WINDOWS\system32\IMAGEHLP.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT Image Helper
C:\WINDOWS\system32\WININET.dll Microsoft Corporation 2004-8-17 12:00:00 2006-11-7 21:03:36 Internet Extensions for Win32
C:\WINDOWS\system32\Normaliz.dll Microsoft Corporation 2006-6-29 8:05:44 2006-6-29 8:05:44 Unicode Normalization DLL
C:\WINDOWS\system32\iertutil.dll Microsoft Corporation 2006-10-17 11:57:20 2007-6-27 22:04:48 Run time utility for Internet Explorer
C:\WINDOWS\System32\MPRAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT MP Router Administration DLL
C:\WINDOWS\System32\ACTIVEDS.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ADs Router Layer DLL
C:\WINDOWS\System32\adsldpc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ADs LDAP Provider C DLL
C:\WINDOWS\System32\SETUPAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Setup API
C:\WINDOWS\System32\RASAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Access API
C:\WINDOWS\System32\rasman.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Access Connection Manager
C:\WINDOWS\System32\TAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft(R) Windows(TM) Telephony API Client DLL
C:\WINDOWS\System32\SCHANNEL.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 TLS / SSL Security Provider
C:\WINDOWS\System32\WinSCard.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Smart Card API
C:\WINDOWS\System32\raschap.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Access PPP CHAP
C:\WINDOWS\system32\msv1_0.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Authentication Package v1.0
C:\WINDOWS\System32\CLBCATQ.DLL Microsoft Corporation 2007-2-3 7:34:00 2004-8-17 20:00:00 0
C:\WINDOWS\System32\COMRes.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
c:\windows\system32\schedsvc.dll Microsoft Corporation 2007-2-3 7:35:20 2004-8-17 20:00:00 Task Scheduler Engine
c:\windows\system32\NTDSAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 NT5DS
C:\WINDOWS\System32\MSIDLE.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 User Idle Monitor
c:\windows\system32\audiosrv.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Audio Service
c:\windows\system32\wkssvc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Workstation Service DLL
c:\windows\system32\cryptsvc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Cryptographic Services
c:\windows\system32\certcli.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft(R) Certificate Services Client
c:\windows\system32\srvsvc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Server Service DLL
c:\windows\pchealth\helpctr\binaries\pchsvc.dll Microsoft Corporation 2007-2-3 7:35:28 2004-8-17 20:00:00 Microsoft PCHealth Service Holder
c:\windows\system32\es.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
c:\windows\system32\ersvc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Error Reporting Service
c:\windows\system32\dmserver.dll Microsoft Corp. 2004-8-17 12:00:00 2004-8-17 12:00:00 Logical Disk Manager service dll
C:\WINDOWS\System32\HNETCFG.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Home Networking Configuration Manager
c:\windows\system32\trkwks.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Distributed Link Tracking Client
c:\windows\system32\tapisrv.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft(R) Windows(TM) Telephony Server
c:\windows\system32\PSAPI.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Process Status Helper
c:\windows\system32\srsvc.dll Microsoft Corporation 2007-2-3 7:35:26 2004-8-17 20:00:00 System Restore Service
c:\windows\system32\POWRPROF.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Power Profile Helper DLL
c:\windows\system32\netman.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Network Connections Manager
c:\windows\system32\netshell.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Network Connections Shell
c:\windows\system32\credui.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Credential Manager User Interface
c:\windows\system32\WZCSAPI.DLL Microsoft Corporation 2004-8-16 16:39:12 2004-8-17 12:00:00 Wireless Zero Configuration service API
c:\windows\system32\w32time.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Time Service
c:\windows\system32\MSVCP60.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft (R) C++ Runtime Library
c:\windows\system32\wuauserv.dll Microsoft Corporation 2007-2-3 7:35:38 2004-8-17 20:00:00 Windows Update AutoUpdate Service
c:\windows\system32\wbem\wmisvc.dll Microsoft Corporation 2007-2-3 7:33:58 2004-8-17 20:00:00 WMI
C:\WINDOWS\system32\VSSAPI.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft? Volume Shadow Copy Requestor/Writer Services API DLL
C:\WINDOWS\system32\wuaueng.dll Microsoft Corporation 2007-2-3 7:35:38 2007-7-30 19:19:42 Windows Update Agent
C:\WINDOWS\System32\WINSPOOL.DRV Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Spooler Driver
C:\WINDOWS\System32\WINHTTP.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows HTTP Services
C:\WINDOWS\System32\Cabinet.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft? Cabinet File API
C:\WINDOWS\System32\mspatcha.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft(R) Patch Engine
C:\WINDOWS\system32\mswsock.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Windows Sockets 2.0 Service Provider
C:\WINDOWS\System32\wshtcpip.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Sockets Helper DLL
C:\WINDOWS\System32\sfc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows File Protection
C:\WINDOWS\System32\sfc_os.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows 文件保护
C:\WINDOWS\System32\SXS.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Fusion 2.5
c:\windows\system32\browser.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Computer Browser Service DLL
c:\windows\system32\ipnathlp.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft NAT Helper Components
c:\windows\system32\AUTHZ.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Authorization Framework
C:\WINDOWS\system32\comsvcs.dll Microsoft Corporation 2007-2-3 7:34:00 2004-8-17 20:00:00 0
C:\WINDOWS\system32\MTXCLU.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 MS DTC amd MTS clustering support DLL
C:\WINDOWS\system32\WSOCK32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 32-Bit DLL
C:\WINDOWS\system32\colbact.DLL Microsoft Corporation 2007-2-3 7:34:02 2004-8-17 20:00:00 0
C:\WINDOWS\System32\CLUSAPI.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Cluster API Library
C:\WINDOWS\System32\RESUTILS.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Cluster Resource Utility DLL
c:\windows\system32\sens.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 System Event Notification Service (SENS)
c:\windows\system32\rasmans.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Access Connection Manager
c:\windows\system32\WINIPSEC.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows IPSec SPD Client DLL
c:\windows\system32\netcfgx.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Network Configuration Objects
C:\WINDOWS\System32\rastapi.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Access TAPI Compliance Layer
C:\WINDOWS\System32\unimdm.tsp Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Unimodem 5 Service Provider
C:\WINDOWS\System32\uniplat.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Unimodem AT Mini Driver Platform Driver for Windows NT
C:\WINDOWS\System32\kmddsp.tsp Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 TAPI Kernel-Mode Service Provider
C:\WINDOWS\System32\ndptsp.tsp Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 NDIS Proxy TAPI Service Provider
C:\WINDOWS\System32\ipconf.tsp Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Multicast Conference TAPI Service Provider
C:\WINDOWS\System32\h323.tsp Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft H.323 Telephony Service Provider
C:\WINDOWS\System32\hidphone.tsp Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft HID Phone TSP
C:\WINDOWS\System32\HID.DLL Microsoft Corporation 2004-8-16 16:38:50 2004-8-17 12:00:00 Hid User Library
C:\WINDOWS\System32\rasppp.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Access PPP
C:\WINDOWS\System32\ntlsapi.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft? License Server Interface DLL
C:\WINDOWS\system32\kerberos.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Kerberos Security Package
C:\WINDOWS\System32\cryptdll.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Cryptography Manager
C:\WINDOWS\system32\WBEM\wbemcore.dll Microsoft Corporation 2007-2-3 7:33:58 2004-8-17 20:00:00 WMI
C:\WINDOWS\system32\WBEM\esscli.dll Microsoft Corporation 2007-2-3 7:33:56 2004-8-17 20:00:00 WMI
C:\WINDOWS\system32\WBEM\wbemcomn.dll Microsoft Corporation 2007-2-3 7:33:58 2004-8-17 20:00:00 WMI
C:\WINDOWS\system32\WBEM\FastProx.dll Microsoft Corporation 2007-2-3 7:33:56 2004-8-17 20:00:00 WMI
C:\WINDOWS\system32\wbem\wbemsvc.dll Microsoft Corporation 2007-2-3 7:33:58 2004-8-17 20:00:00 WMI
C:\WINDOWS\system32\upnp.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Universal Plug and Play API
C:\WINDOWS\system32\SSDPAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 SSDP Client API DLL
C:\WINDOWS\System32\rasadhlp.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Access AutoDial Helper
C:\WINDOWS\system32\wbem\wmiutils.dll Microsoft Corporation 2007-2-3 7:33:58 2004-8-17 20:00:00 WMI
C:\WINDOWS\system32\wbem\repdrvfs.dll Microsoft Corporation 2007-2-3 7:33:56 2004-8-17 20:00:00 WMI
C:\WINDOWS\system32\wbem\wmiprvsd.dll Microsoft Corporation 2007-2-3 7:33:58 2004-8-17 20:00:00 WMI
C:\WINDOWS\system32\NCObjAPI.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00
C:\WINDOWS\system32\wbem\wbemess.dll Microsoft Corporation 2007-2-3 7:33:58 2004-8-17 20:00:00 WMI
C:\WINDOWS\System32\msi.dll Microsoft Corporation 2004-8-17 12:00:00 2005-5-4 14:45:32 Windows Installer
C:\WINDOWS\System32\RASDLG.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Access Common Dialog API
C:\WINDOWS\system32\wbem\ncprov.dll Microsoft Corporation 2007-2-3 7:33:56 2004-8-17 20:00:00 Non-COM WMI Event Provision APIs
C:\WINDOWS\system32\Apphelp.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Application Compatibility Client Library
C:\WINDOWS\system32\msxml3.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 MSXML 3.0 SP 5
--------------
超级进程管理器 1.0.1.920 模块列表 (146) 2007-10-4 19:39:01

chhao11

第四个
模块公司名称创建日期修改日期文件描述
C:\WINDOWS\system32\ntdll.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 NT Layer DLL
C:\WINDOWS\system32\kernel32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT BASE API Client DLL
C:\WINDOWS\system32\ADVAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Advanced Windows 32 Base API
C:\WINDOWS\system32\RPCRT4.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Procedure Call Runtime
C:\WINDOWS\system32\ShimEng.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Shim Engine DLL
C:\WINDOWS\AppPatch\AcGenral.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Compatibility DLL
C:\WINDOWS\system32\USER32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP USER API Client DLL
C:\WINDOWS\system32\GDI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 GDI Client DLL
C:\WINDOWS\system32\WINMM.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 MCI API DLL
C:\WINDOWS\system32\ole32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft OLE for Windows
C:\WINDOWS\system32\msvcrt.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT CRT DLL
C:\WINDOWS\system32\OLEAUT32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
C:\WINDOWS\system32\MSACM32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft ACM Audio Filter
C:\WINDOWS\system32\VERSION.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Version Checking and File Installation Libraries
C:\WINDOWS\system32\SHELL32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Shell Common Dll
C:\WINDOWS\system32\SHLWAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2006-9-23 12:12:34 Shell Light-weight Utility Library
C:\WINDOWS\system32\USERENV.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Userenv
C:\WINDOWS\system32\UxTheme.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft UxTheme Library
C:\WINDOWS\system32\IMM32.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP IMM32 API Client DLL
C:\WINDOWS\system32\LPK.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Language Pack
C:\WINDOWS\system32\USP10.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Uniscribe Unicode script processor
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll Microsoft Corporation 2007-2-3 9:53:26 2006-8-25 23:49:42 User Experience Controls Library
C:\WINDOWS\system32\comctl32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Common Controls Library
c:\windows\system32\dnsrslvr.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 DNS Caching Resolver Service
c:\windows\system32\DNSAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 DNS Client API DLL
c:\windows\system32\WS2_32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 2.0 32-Bit DLL
c:\windows\system32\WS2HELP.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 2.0 Helper for Windows NT
c:\windows\system32\iphlpapi.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 IP Helper API
C:\WINDOWS\system32\MPRAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT MP Router Administration DLL
C:\WINDOWS\system32\ACTIVEDS.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ADs Router Layer DLL
C:\WINDOWS\system32\adsldpc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ADs LDAP Provider C DLL
C:\WINDOWS\system32\NETAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Net Win32 API DLL
C:\WINDOWS\system32\WLDAP32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Win32 LDAP API DLL
C:\WINDOWS\system32\ATL.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ATL Module for Windows XP (Unicode)
C:\WINDOWS\system32\rtutils.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Routing Utilities
C:\WINDOWS\system32\SAMLIB.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 SAM Library DLL
C:\WINDOWS\system32\SETUPAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Setup API
C:\WINDOWS\system32\mswsock.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Windows Sockets 2.0 Service Provider
C:\WINDOWS\system32\hnetcfg.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Home Networking Configuration Manager
C:\WINDOWS\System32\wshtcpip.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Sockets Helper DLL
--------------
超级进程管理器 1.0.1.920 模块列表 (40) 2007-10-4 19:39:40

第五个
模块公司名称创建日期修改日期文件描述
C:\WINDOWS\system32\ntdll.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 NT Layer DLL
C:\WINDOWS\system32\kernel32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT BASE API Client DLL
C:\WINDOWS\system32\ADVAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Advanced Windows 32 Base API
C:\WINDOWS\system32\RPCRT4.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Procedure Call Runtime
C:\WINDOWS\system32\ShimEng.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Shim Engine DLL
C:\WINDOWS\AppPatch\AcGenral.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Compatibility DLL
C:\WINDOWS\system32\USER32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP USER API Client DLL
C:\WINDOWS\system32\GDI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 GDI Client DLL
C:\WINDOWS\system32\WINMM.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 MCI API DLL
C:\WINDOWS\system32\ole32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft OLE for Windows
C:\WINDOWS\system32\msvcrt.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT CRT DLL
C:\WINDOWS\system32\OLEAUT32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
C:\WINDOWS\system32\MSACM32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft ACM Audio Filter
C:\WINDOWS\system32\VERSION.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Version Checking and File Installation Libraries
C:\WINDOWS\system32\SHELL32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Shell Common Dll
C:\WINDOWS\system32\SHLWAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2006-9-23 12:12:34 Shell Light-weight Utility Library
C:\WINDOWS\system32\USERENV.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Userenv
C:\WINDOWS\system32\UxTheme.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft UxTheme Library
C:\WINDOWS\system32\IMM32.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP IMM32 API Client DLL
C:\WINDOWS\system32\LPK.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Language Pack
C:\WINDOWS\system32\USP10.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Uniscribe Unicode script processor
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll Microsoft Corporation 2007-2-3 9:53:26 2006-8-25 23:49:42 User Experience Controls Library
C:\WINDOWS\system32\comctl32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Common Controls Library
C:\WINDOWS\system32\NTMARTA.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT MARTA provider
C:\WINDOWS\system32\WLDAP32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Win32 LDAP API DLL
C:\WINDOWS\system32\SAMLIB.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 SAM Library DLL
C:\WINDOWS\system32\xpsp2res.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Service Pack 2 Messages
c:\windows\system32\lmhsvc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 TCPIP NetBios Transport Services DLL
c:\windows\system32\iphlpapi.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 IP Helper API
c:\windows\system32\WS2_32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 2.0 32-Bit DLL
c:\windows\system32\WS2HELP.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 2.0 Helper for Windows NT
c:\windows\system32\webclnt.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Web DAV Service DLL
C:\WINDOWS\system32\WININET.dll Microsoft Corporation 2004-8-17 12:00:00 2006-11-7 21:03:36 Internet Extensions for Win32
C:\WINDOWS\system32\Normaliz.dll Microsoft Corporation 2006-6-29 8:05:44 2006-6-29 8:05:44 Unicode Normalization DLL
C:\WINDOWS\system32\iertutil.dll Microsoft Corporation 2006-10-17 11:57:20 2007-6-27 22:04:48 Run time utility for Internet Explorer
C:\WINDOWS\system32\Secur32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Security Support Provider Interface
c:\windows\system32\regsvc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Registry Service
c:\windows\system32\ssdpsrv.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 SSDP Service DLL
C:\WINDOWS\system32\hnetcfg.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Home Networking Configuration Manager
C:\WINDOWS\system32\CLBCATQ.DLL Microsoft Corporation 2007-2-3 7:34:00 2004-8-17 20:00:00 0
C:\WINDOWS\system32\COMRes.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
C:\WINDOWS\system32\mswsock.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Windows Sockets 2.0 Service Provider
C:\WINDOWS\System32\wshtcpip.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Sockets Helper DLL
--------------
超级进程管理器 1.0.1.920 模块列表 (43) 2007-10-4 19:40:10

chhao11

第六个
模块公司名称创建日期修改日期文件描述
C:\WINDOWS\system32\ntdll.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 NT Layer DLL
C:\WINDOWS\system32\kernel32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT BASE API Client DLL
C:\WINDOWS\system32\ADVAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Advanced Windows 32 Base API
C:\WINDOWS\system32\RPCRT4.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Procedure Call Runtime
C:\WINDOWS\system32\ShimEng.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Shim Engine DLL
C:\WINDOWS\AppPatch\AcGenral.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Compatibility DLL
C:\WINDOWS\system32\USER32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP USER API Client DLL
C:\WINDOWS\system32\GDI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 GDI Client DLL
C:\WINDOWS\system32\WINMM.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 MCI API DLL
C:\WINDOWS\system32\ole32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft OLE for Windows
C:\WINDOWS\system32\msvcrt.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT CRT DLL
C:\WINDOWS\system32\OLEAUT32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
C:\WINDOWS\system32\MSACM32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft ACM Audio Filter
C:\WINDOWS\system32\VERSION.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Version Checking and File Installation Libraries
C:\WINDOWS\system32\SHELL32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Shell Common Dll
C:\WINDOWS\system32\SHLWAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2006-9-23 12:12:34 Shell Light-weight Utility Library
C:\WINDOWS\system32\USERENV.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Userenv
C:\WINDOWS\system32\UxTheme.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft UxTheme Library
C:\WINDOWS\system32\IMM32.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP IMM32 API Client DLL
C:\WINDOWS\system32\LPK.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Language Pack
C:\WINDOWS\system32\USP10.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Uniscribe Unicode script processor
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll Microsoft Corporation 2007-2-3 9:53:26 2006-8-25 23:49:42 User Experience Controls Library
C:\WINDOWS\system32\comctl32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Common Controls Library
c:\windows\system32\wiaservc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Still Image Devices Service
c:\windows\system32\CFGMGR32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Configuration Manager Forwarder DLL
c:\windows\system32\setupapi.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Setup API
c:\windows\system32\mscms.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Color Matching System DLL
c:\windows\system32\WINSPOOL.DRV Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Spooler Driver
c:\windows\system32\WINSTA.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Winstation Library
C:\WINDOWS\system32\NETAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Net Win32 API DLL
C:\WINDOWS\system32\xpsp2res.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Service Pack 2 Messages
C:\WINDOWS\system32\CLBCATQ.DLL Microsoft Corporation 2007-2-3 7:34:00 2004-8-17 20:00:00 0
C:\WINDOWS\system32\COMRes.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
C:\WINDOWS\system32\WINTRUST.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Trust Verification APIs
C:\WINDOWS\system32\CRYPT32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Crypto API32
C:\WINDOWS\system32\MSASN1.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ASN.1 Runtime APIs
C:\WINDOWS\system32\IMAGEHLP.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT Image Helper
C:\WINDOWS\system32\actxprxy.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ActiveX Interface Marshaling Library
C:\WINDOWS\system32\sti.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Still Image Devices client DLL
--------------
超级进程管理器 1.0.1.920 模块列表 (39) 2007-10-4 19:40:50

谢谢！

chhao11

winlogon.exe进程

模块公司名称创建日期修改日期文件描述
C:\WINDOWS\system32\ntdll.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 NT Layer DLL
C:\WINDOWS\system32\kernel32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT BASE API Client DLL
C:\WINDOWS\system32\ADVAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Advanced Windows 32 Base API
C:\WINDOWS\system32\RPCRT4.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Remote Procedure Call Runtime
C:\WINDOWS\system32\AUTHZ.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Authorization Framework
C:\WINDOWS\system32\msvcrt.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT CRT DLL
C:\WINDOWS\system32\CRYPT32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Crypto API32
C:\WINDOWS\system32\USER32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP USER API Client DLL
C:\WINDOWS\system32\GDI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 GDI Client DLL
C:\WINDOWS\system32\MSASN1.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 ASN.1 Runtime APIs
C:\WINDOWS\system32\NDdeApi.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Network DDE Share Management APIs
C:\WINDOWS\system32\PROFMAP.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Userenv
C:\WINDOWS\system32\NETAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Net Win32 API DLL
C:\WINDOWS\system32\USERENV.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Userenv
C:\WINDOWS\system32\PSAPI.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Process Status Helper
C:\WINDOWS\system32\REGAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Registry Configuration APIs
C:\WINDOWS\system32\Secur32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Security Support Provider Interface
C:\WINDOWS\system32\SETUPAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Setup API
C:\WINDOWS\system32\VERSION.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Version Checking and File Installation Libraries
C:\WINDOWS\system32\WINSTA.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Winstation Library
C:\WINDOWS\system32\WINTRUST.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Trust Verification APIs
C:\WINDOWS\system32\IMAGEHLP.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT Image Helper
C:\WINDOWS\system32\WS2_32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 2.0 32-Bit DLL
C:\WINDOWS\system32\WS2HELP.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Socket 2.0 Helper for Windows NT
C:\WINDOWS\system32\IMM32.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows XP IMM32 API Client DLL
C:\WINDOWS\system32\LPK.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Language Pack
C:\WINDOWS\system32\USP10.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Uniscribe Unicode script processor
C:\WINDOWS\system32\MSGINA.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT Logon GINA DLL
C:\WINDOWS\system32\SHELL32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Shell Common Dll
C:\WINDOWS\system32\SHLWAPI.dll Microsoft Corporation 2004-8-17 12:00:00 2006-9-23 12:12:34 Shell Light-weight Utility Library
C:\WINDOWS\system32\COMCTL32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Common Controls Library
C:\WINDOWS\system32\ODBC32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Data Access - ODBC Driver Manager
C:\WINDOWS\system32\comdlg32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Common Dialogs DLL
C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll Microsoft Corporation 2007-2-3 9:53:26 2006-8-25 23:49:42 User Experience Controls Library
C:\WINDOWS\system32\odbcint.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Data Access - ODBC Resources
C:\WINDOWS\system32\SHSVCS.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Shell Services Dll
C:\WINDOWS\system32\sfc.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows File Protection
C:\WINDOWS\system32\sfc_os.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows 文件保护
C:\WINDOWS\system32\ole32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft OLE for Windows
C:\WINDOWS\system32\Apphelp.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Application Compatibility Client Library
C:\WINDOWS\system32\msctfime.ime Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Text Frame Work Service IME
C:\WINDOWS\system32\WINSCARD.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Smart Card API
C:\WINDOWS\system32\WTSAPI32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Terminal Server SDK APIs
C:\WINDOWS\system32\WINMM.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 MCI API DLL
C:\WINDOWS\system32\uxtheme.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft UxTheme Library
C:\WINDOWS\system32\Ati2evxx.dll ATI Technologies Inc. 2007-1-10 21:32:14 2005-3-23 10:56:12 ATI External Event Utility DLL Module
C:\WINDOWS\system32\cscdll.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Offline Network Agent
C:\WINDOWS\system32\WlNotify.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Common DLL to receive Winlogon notifications
C:\WINDOWS\system32\WINSPOOL.DRV Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows Spooler Driver
C:\WINDOWS\system32\MPR.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Multiple Provider Router DLL
C:\WINDOWS\system32\rsaenh.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Enhanced Cryptographic Provider
C:\WINDOWS\system32\SAMLIB.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 SAM Library DLL
C:\WINDOWS\system32\sxs.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Fusion 2.5
C:\WINDOWS\system32\msv1_0.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Authentication Package v1.0
C:\WINDOWS\system32\iphlpapi.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 IP Helper API
C:\WINDOWS\system32\cscui.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Client Side Caching UI
C:\WINDOWS\system32\xpsp2res.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Service Pack 2 Messages
C:\WINDOWS\system32\NTMARTA.DLL Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Windows NT MARTA provider
C:\WINDOWS\system32\WLDAP32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Win32 LDAP API DLL
C:\WINDOWS\system32\wdmaud.drv Microsoft Corporation 2004-8-16 16:39:28 2004-8-17 12:00:00 WDM Audio driver mapper
C:\WINDOWS\system32\msacm32.drv Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft Sound Mapper
C:\WINDOWS\system32\MSACM32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft ACM Audio Filter
C:\WINDOWS\system32\midimap.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 Microsoft MIDI Mapper
C:\WINDOWS\system32\COMRes.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
C:\WINDOWS\system32\OLEAUT32.dll Microsoft Corporation 2004-8-17 12:00:00 2004-8-17 12:00:00 0
C:\WINDOWS\system32\CLBCATQ.DLL Microsoft Corporation 2007-2-3 7:34:00 2004-8-17 20:00:00 0
--------------
超级进程管理器 1.0.1.920 模块列表 (66) 2007-10-4 19:47:46

谢谢！

SailingStar

   模             块                                  公司名称                         创建日期                   修改日期    C:\WINDOWS\system32\iertutil.dll       Microsoft Corporation       2006-10-17 11:57:20       2007-6-27 22:04:48
C:\WINDOWS\system32\CLBCATQ.DLL       Microsoft Corporation       2007-2-3 7:34:00       2004-8-17 20:00:00

svchost.exe关联的iertutil.dll在2007-6-27 22:04:48被修改了，而且iertutil.dll也被ie调用。CLBCATQ.DLL的日期也可疑。

先备份好重要文件，在ie、svchost.exe进程中关闭iertutil.dll，到http://www.dll-files.com/dllindex/dll-files.shtml?iertutil下载一个，拷贝到原来目录下，覆盖。然后，开始-运行-输入 regsvr32 iertutil.dll 。

在svchost.exe、winlogon.exe进程中关闭CLBCATQ.DLL，同样处理。然后重启。

--------------------------------------------------------------------------------------------------------------
还有个SHLWAPI.dll也和svchost.exe、ie都有关，一起换了吧：
C:\WINDOWS\system32\SHLWAPI.dll       Microsoft Corporation       2004-8-17 12:00:00       2006-9-23 12:12:34

[ Edited by  SailingStar on 2007-10-4 21:56 ]

DarkSniper

提示: 作者被禁止或删除内容自动屏蔽

chhao11

回DarkSniper兄：已扫描，结果如下。谢谢

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 0:05:30, on 2007-10-5
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sygate\SON\Sygate.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\jj4\jiajiasr.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\lvhidsvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\program files\internet explorer\iexplore.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Sygate\SON\sgserv.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Downloads\HiJackThis_PConline\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\Jccatch.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [SyGateManager] C:\Program Files\Sygate\SON\Sygate.exe -bootup
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\RunServices: [LvHidSvc] C:\WINDOWS\system32\lvhidsvc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [jiajiasr] C:\Program Files\jj4\jiajiasr.exe
O4 - HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O9 - Extra button: 信息检索 - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ.EXE
O9 - Extra 'Tools' menuitem: 腾讯QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.co ... current/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{17E74305-90CD-4119-921B-718BED9E3F24}: NameServer = 202.114.224.1,202.103.0.117
O17 - HKLM\System\CCS\Services\Tcpip\..\{55962825-09BE-4BF6-AD57-D113CDC12AA8}: NameServer = 202.114.224.1,202.103.0.117
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Lifeview HID Remote Controller Service (lvhidsvc) - Animation Technologies Inc. - C:\WINDOWS\system32\lvhidsvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: SyGateService (SaService) - Sygate technologies Inc. - C:\Program Files\Sygate\SON\sgserv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Windows Wuck (TTwind) - Unknown owner - C:\program files\Common Files\Microsoft Shared\MSInfo\system.exe
O23 - Service: 自动 LiveUpdate 调度程序 - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe

--
End of file - 6034 bytes

chhao11

回SailingStar兄：按照指教，在dos下全部更换从好机子里拷贝来的三个dll，结果无效，仍然有该进程。谢谢。

mm586

老兄，我的情况和你一摸一样，这个IEXPLORE.EXE进程还会自动打开很多的电影下载网站，有些网站还有木马，我的QQ也被盗了，昨晚下了金山毒霸的AV终结者和灰鸽子专杀工具也没有办法，用AV终结者查出有 8749.b，但重启后还是出现这个进程，再杀又杀不出。不想重装系统，你如果解决了麻烦告诉一声，谢了！

我的邮箱：mm586@126.com

mm586

而且可能由于这个病毒造成360safe也无法使用、安装。

chhao11

我的情况是感觉没有什么影响，只是多了这么个进程，总是心有余悸，决定除掉它，但至今没有结果，难怪杀毒软件无可奈何，连启动进程的地方都找不到，当然如此了。希望各位大侠能鼎力相助，谢谢。

mm586

这个进程是在后台运行的，在屏幕上是没有显示的，但如果自动打开的是电影下载网站，会出现显示屏上没有出现网页，但有电影的声音发出，只有查进程才能查到它打开的网站。它的高明之处是用系统IE去自动打开有木马的网站，从而神不知鬼不觉地盗取密码。

chhao11

到现在还没有解决，每次开机后第一件事情就是把这个进程关掉。真是莫名其妙！等待解决的办法…………。

chhao11

好烦恼呀，至今仍然没有找到启动这个进程的是什么，在哪里。任务管理器中没有几个进程，真的没办法找到吗，总觉得不应这么难。请大侠指教，谢谢。

pangzihui

我也有过这种情况
费了很大力气没搞定
重装解决

chhao11

我是重新覆盖安装，结果还是有，看来非得格了安装才行，我再等等看有没有办法，每次开机就结束这个进程，先用着，还是觉得不顺心。谢谢。

chhao11

用SReng扫描的日志，请各位dx指教，谢谢。

2007-10-11,08:23:48

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
所有的启动项目（包括注册表、启动文件夹、服务等）
浏览器加载项
正在运行的进程（包括进程模块信息）
文件关联
Winsock 提供者
Autorun.inf
HOSTS 文件
进程特权扫描

启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
<ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
<jiajiasr><C:\Program Files\jj4\jiajiasr.exe>  [加加工作组]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
<SyGateManager><C:\Program Files\Sygate\SON\Sygate.exe -bootup>  [Sygate Technologies, Inc.]
<ccApp><"C:\Program Files\Common Files\Symantec Shared\ccApp.exe">  [(Verified)Symantec Corporation]
<osCheck><"C:\Program Files\Norton AntiVirus\osCheck.exe">  [(Verified)Symantec Corporation]
<Symantec PIF AlertEng><"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll">  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices]
<LvHidSvc><C:\WINDOWS\system32\lvhidsvc.exe>  [Animation Technologies Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
<Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
<AppInit_DLLs><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
<UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
<WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
<IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
<Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
<Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
<Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
<NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
<Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
<Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
<通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<acdseemc.exe><; C:\Program Files\Common Files\ACD Systems\ACDSeeMC.EXE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
<Acrobat Assistant 7.0><; >  [N/A]
<Acrobat Assistant 8.0><; "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe">  [(Verified)"Adobe Systems, Incorporated"]
<ccApp><; >  [N/A]
<CloneCDTray><; "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s>  [SlySoft, Inc.]
<DVDCTray><; C:\Program Files\FarStone\VDPPro\dvdcreator\DVDCTrayIconShl.exe>  []
<IMEKRMIG6.1><; C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE>  [(Verified)Microsoft Windows Publisher]
<IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
<MSPY2002><; C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC>  [(Verified)Microsoft Windows Publisher]
<NeroFilterCheck><; C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe>  [(Verified)Nero AG]
<osCheck><; >  [N/A]
<PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [(Verified)Microsoft Windows Publisher]
<PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [(Verified)Microsoft Windows Publisher]
<RAMDrive><; "C:\Program Files\FarStone\VDPPro\VHD\RDTask.exe">  []
<Sursen Live Update><; "C:\WINDOWS\system32\SursenLiveUpdate\LiveUpdate.exe">  [Sursen]
<VirtualDrive><; C:\Program Files\FarStone\VDPPro\VDP\vdtask.exe /AutoRestore>  [FarStone Technology Inc.]

==================================
启动文件夹
N/A

==================================
服务
[Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start]
  <C:\WINDOWS\system32\Ati2evxx.exe><ATI Technologies Inc.>
[Symantec Event Manager / ccEvtMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>
[Symantec Settings Manager / ccSetMgr][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>
[Symantec Lic NetConnect service / CLTNetCnService][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon><Symantec Corporation>
[FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"><Macrovision Europe Ltd.>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Symantec IS Password Validation / ISPwdSvc][Stopped/Manual Start]
  <"C:\Program Files\Norton AntiVirus\isPwdSvc.exe"><Symantec Corporation>
[LiveUpdate / LiveUpdate][Stopped/Manual Start]
  <"C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"><Symantec Corporation>
[LiveUpdate Notice Service Ex / LiveUpdate Notice Ex][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon><Symantec Corporation>
[LiveUpdate Notice Service / LiveUpdate Notice Service][Stopped/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll"><Symantec Corporation>
[Lifeview HID Remote Controller Service / lvhidsvc][Running/Auto Start]
  <C:\WINDOWS\system32\lvhidsvc.exe><Animation Technologies Inc.>
[NMIndexingService / NMIndexingService][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe"><Nero AG>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start]
  <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><CACE Technologies>
[SyGateService / SaService][Running/Auto Start]
  <C:\Program Files\Sygate\SON\sgserv.exe><Sygate technologies Inc.>
[Symantec Core LC / Symantec Core LC][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"><Symantec Corporation>
[Symantec AppCore Service / SymAppCore][Running/Auto Start]
  <"C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe"><Symantec Corporation>
[Windows Wuck / TTwind][Stopped/Auto Start]
  <C:\program files\Common Files\Microsoft Shared\MSInfo\system.exe><N/A>
[自动 LiveUpdate 调度程序 / 自动 LiveUpdate 调度程序][Running/Auto Start]
  <"C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"><Symantec Corporation>

==================================
驱动程序
[ati2mtag / ati2mtag][Running/Manual Start]
  <system32\DRIVERS\ati2mtag.sys><ATI Technologies Inc.>
[SoundFusion(tm) WDM Driver / cwrwdm][Running/Manual Start]
  <system32\DRIVERS\cwrwdm.sys><Crystal Semiconductor Corp.>
[DVDRC / DVDRC][Running/Auto Start]
  <System32\drivers\DVDRC.sys><N/A>
[Symantec Eraser Control driver / eeCtrl][Running/System Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys><Symantec Corporation>
[ElbyCDFL / ElbyCDFL][Running/Manual Start]
  <System32\Drivers\ElbyCDFL.sys><SlySoft, Inc.>
[ElbyCDIO Driver / ElbyCDIO][Running/Auto Start]
  <System32\Drivers\ElbyCDIO.sys><Elaborate Bytes AG>
[EraserUtilRebootDrv / EraserUtilRebootDrv][Running/Manual Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys><Symantec Corporation>
[fcdabus / fcdabus][Running/Manual Start]
  <system32\DRIVERS\fcdabus.sys><FarStone Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[RamDisk Drive Service / fsRamDsk][Running/Manual Start]
  <System32\Drivers\fsRamDsk.sys><FarStone>
[fvdscsi / fvdscsi][Running/Manual Start]
  <system32\DRIVERS\fvdscsi.sys><FarStone Inc.>
[TV Card WDM Video Capture / LVCap138][Running/Manual Start]
  <system32\DRIVERS\lvcap138.sys><Animation Technologies Inc.>
[TV Card TV Tuner / lvtuner][Running/Manual Start]
  <system32\DRIVERS\lvtuner.sys><Animation Technologies Inc.>
[NAVENG / NAVENG][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071010.023\NAVENG.SYS><Symantec Corporation>
[NAVEX15 / NAVEX15][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20071010.023\NAVEX15.SYS><Symantec Corporation>
[NetGroup Packet Filter Driver / NPF][Stopped/Manual Start]
  <system32\drivers\npf.sys><NetGroup - Politecnico di Torino>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\Tencent\npkcrypt.sys><INCA Internet Co., Ltd.>
[oreans32 / oreans32][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\oreans32.sys><N/A>
[PCAMPR5 NDIS Protocol Driver / PCAMPR5][Running/Manual Start]
  <\??\C:\WINDOWS\system32\PCAMPR5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
[PCANDIS5 NDIS Protocol Driver / PCANDIS5][Running/Manual Start]
  <\??\C:\WINDOWS\system32\PCANDIS5.SYS><Printing Communications Assoc., Inc. (PCAUSA)>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SPBBCDrv / SPBBCDrv][Running/System Start]
  <\??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys><Symantec Corporation>
[SRTSP / SRTSP][Running/System Start]
  <System32\Drivers\SRTSP.SYS><Symantec Corporation>
[SRTSPL / SRTSPL][Stopped/Manual Start]
  <System32\Drivers\SRTSPL.SYS><Symantec Corporation>
[SRTSPX / SRTSPX][Running/System Start]
  <System32\Drivers\SRTSPX.SYS><Symantec Corporation>
[SYMDNS / SYMDNS][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMDNS.SYS><Symantec Corporation>
[SymEvent / SymEvent][Running/Manual Start]
  <\??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS><Symantec Corporation>
[SYMFW / SYMFW][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMFW.SYS><Symantec Corporation>
[SYMIDS / SYMIDS][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMIDS.SYS><Symantec Corporation>
[SYMIDSCO / SYMIDSCO][Running/Manual Start]
  <\??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\IDS-DI~1\20071009.001\SymIDSCo.sys><Symantec Corporation>
[SYMNDIS / SYMNDIS][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMNDIS.SYS><Symantec Corporation>
[SYMREDRV / SYMREDRV][Running/Manual Start]
  <\SystemRoot\System32\Drivers\SYMREDRV.SYS><Symantec Corporation>
[SYMTDI / SYMTDI][Running/System Start]
  <\SystemRoot\System32\Drivers\SYMTDI.SYS><Symantec Corporation>
[USB Storage Adapter FX (TPP) / TPPFX][Stopped/Manual Start]
  <system32\DRIVERS\TPPFX.SYS><N/A>
[SyGate for NT, Wg1n / Wg1n][Running/Auto Start]
  <\SystemRoot\SYSTEM32\Drivers\Wg1n.sys><Sygate Technologies, Inc.>
[SyGate for NT, Wg2n / Wg2n][Running/Auto Start]
  <\SystemRoot\SYSTEM32\Drivers\Wg2n.sys><Sygate Technologies, Inc.>
[SyGate for NT, wg4n / wg4n][Running/Auto Start]
  <\SystemRoot\SYSTEM32\Drivers\wg4n.sys><Sygate Technologies, Inc.>
[SyGate for NT, wg5n / wg5n][Running/Auto Start]
  <\SystemRoot\SYSTEM32\Drivers\wg5n.sys><Sygate Technologies, Inc.>
[SyGate for NT, wg6n / wg6n][Running/Auto Start]
  <\SystemRoot\SYSTEM32\Drivers\wg6n.sys><Sygate Technologies, Inc.>
[SyGate for NT, wg8n / wg8n][Running/Auto Start]
  <\SystemRoot\SYSTEM32\Drivers\wg8n.sys><Sygate Technologies, Inc.>
[SyGate for NT, wg9n / wg9n][Running/Auto Start]
  <\SystemRoot\SYSTEM32\Drivers\wg9n.sys><Sygate Technologies, Inc.>
[SyGate for NT, Wsdrv / Wsdrv][Running/Boot Start]
  <\SystemRoot\\SystemRoot\SYSTEM32\Drivers\Wsdrv.sys><N/A>
[World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start]
  <system32\DRIVERS\WSTCODEC.SYS><Microsoft Corporation>

==================================
浏览器加载项
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[AddTask Class]
  {24F06550-65E3-4D1C-8CFE-839C296B5530} <C:\Program Files\eREAD6.0\eREAD6.0\IEeREAD.dll, >
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\Program Files\FlashGet\Jccatch.dll, FlashGet>
[AddTask Class]
  {6A19C29D-ED45-4483-8999-9F939C8161F2} <C:\Program Files\eREAD6.0\eREAD6.0\WebHook.dll, >
[Adobe PDF Conversion Toolbar Helper]
  {AE7CD045-E861-484f-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, >
[信息检索(&R)]
  {92780B25-18CC-41C8-B9BE-3C9C571A8263} <C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL, Microsoft Corporation>
[QQ]
  {c95fe080-8f5d-11d2-a20b-00aa003c157b} <C:\Program Files\Tencent\QQ.EXE, TENCENT>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[Office Update Installation Engine]
  {C7DB51B4-BCF7-4923-8874-7F1A0DC92277} <C:\WINDOWS\opuc.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[Adobe PDF Reader Link Helper]
  {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} <C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll, Adobe Systems Incorporated>
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[AddTask Class]
  {24F06550-65E3-4D1C-8CFE-839C296B5530} <C:\Program Files\eREAD6.0\eREAD6.0\IEeREAD.dll, >
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\system32\msxml3.dll, N/A>
[IeCatch5 Class]
  {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} <C:\Program Files\FlashGet\Jccatch.dll, FlashGet>
[SSReaderPlug Control]
  {3359C0B1-2363-40B3-AFCA-1ABC799AC486} <C:\WINDOWS\system32\SSREAD~1.OCX, CX>
[Adobe PDF]
  {47833539-D0C5-4125-9FA8-0819E2EAAC93} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[AddTask Class]
  {6A19C29D-ED45-4483-8999-9F939C8161F2} <C:\Program Files\eREAD6.0\eREAD6.0\WebHook.dll, >
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[XML DOM Document 4.0]
  {88D969C0-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[Free Threaded XML DOM Document 4.0]
  {88D969C1-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XSL Template 4.0]
  {88D969C3-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XML HTTP 4.0]
  {88D969C5-F192-11D4-A65F-0040963251E5} <C:\WINDOWS\system32\msxml4.dll, Microsoft Corporation>
[XML DOM Document 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, Microsoft Corporation>
[Free Threaded XML DOM Document 5.0]
  {88D969E6-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, Microsoft Corporation>
[XSL Template 5.0]
  {88D969E8-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, Microsoft Corporation>
[XML HTTP 5.0]
  {88D969EA-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\msxml5.dll, Microsoft Corporation>
[Adobe PDF Conversion Toolbar Helper]
  {AE7CD045-E861-484F-8273-0445EE161910} <C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll, Adobe Systems Incorporated>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx, Adobe Systems, Inc.>
[XML HTTP Request]
  {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\system32\msxml3.dll, N/A>
[gFlash Class]
  {F156768E-81EF-470C-9057-481BA8380DBA} <C:\Program Files\FlashGet\getflash.dll, >
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML HTTP 3.0]
  {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML DOM Document]
  {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\system32\msxml3.dll, N/A>
[使用网际快车下载]
  <C:\Program Files\FlashGet\jc_link.htm, N/A>
[使用网际快车下载全部链接]
  <C:\Program Files\FlashGet\jc_all.htm, N/A>

chhao11

－－－续

==================================
正在运行的进程
[PID: 864 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 912 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 936 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Ati2evxx.dll]  [ATI Technologies Inc., 6.14.10.4114]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 980 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\AppPatch\AcAdProc.dll]  [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)]
[PID: 992 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1140 / SYSTEM][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4114]
[C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2496]
[PID: 1176 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1264 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1500 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[PID: 1616 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1692 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[PID: 184 / chhao11][C:\WINDOWS\system32\Ati2evxx.exe]  [ATI Technologies Inc., 6.14.10.4114]
[C:\WINDOWS\system32\Ati2edxx.dll]  [ATI Technologies, Inc., 6, 14, 10, 2496]
[PID: 296 / chhao11][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\ieframe.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\WPDShServiceObj.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceTypes.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\PortableDeviceApi.dll]  [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS]  [Adobe Systems, Inc., 8.0.0.0]
[C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll]  [Nero AG, 2, 0, 0, 8]
[C:\Program Files\Common Files\Ahead\Lib\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Ahead\Lib\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Ahead\Lib\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MFC71CHS.DLL]  [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll]  [Adobe Systems, Inc., 8.1.0.0]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[C:\Program Files\WinRAR\rarext.dll]  [N/A, ]
[C:\WINDOWS\system32\vgdshell.dll]  [FarStone Technology Inc., 1,7, 0, 0]
[C:\WINDOWS\system32\VGDShlRc.dll]  [FarStone Technology Inc., 1,7, 0, 0]
[C:\Program Files\FarStone\VDPPro\DVDCreator\BurnInterface.dll]  [, 1, 0, 0, 1]
[C:\Program Files\FarStone\VDPPro\DVDCreator\CDInfo.dll]  [N/A, ]
[C:\Program Files\FarStone\VDPPro\DVDCreator\WriteLog.dll]  [N/A, ]
[C:\Program Files\FarStone\VDPPro\DVDCreator\UDFGen.dll]  [, 1, 0, 0, 1]
[C:\Program Files\FarStone\VDPPro\DVDCreator\CDBLib.dll]  [N/A, ]
[C:\Program Files\FarStone\VDPPro\DVDCreator\UDFFormat.dll]  [N/A, ]
[C:\Program Files\FarStone\VDPPro\DVDCreator\ListCtrl.dll]  [N/A, ]
[C:\Program Files\FarStone\VDPPro\DVDCreator\LogDLL.dll]  [N/A, ]
[C:\Program Files\FarStone\VDPPro\DVDCreator\FsGetVcdInfo.dll]  [FarStone Technology Inc., 1, 2, 0, 1]
[C:\Program Files\FarStone\VDPPro\DVDCreator\FsLodLib.dll]  [, 1, 0, 0, 1]
[C:\Program Files\FarStone\VDPPro\DVDCreator\ExportFile.dll]  [N/A, ]
[C:\WINDOWS\system32\ComRc.dll]  [, 1, 0, 0, 1]
[C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll]  [Nero AG, 2, 8, 3, 0]
[C:\PROGRA~1\NORTON~1\NavShExt.dll]  [Symantec Corporation, 14.2.0.29]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll]  [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\NORTON~1\NavShExt.loc]  [N/A, ]
[C:\Program Files\FarStone\VDPPro\DVDCreator\DVDCreatorMenuShell.dll]  [, 1, 0, 0, 1]
[C:\Program Files\FarStone\VDPPro\DVDCreator\DCMenuShl_Rc.dll]  [FarStone, 1, 0, 0, 1]
[C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll]  [Adobe Systems Inc., 8.1.5.2007051000\0]
[C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.chs]  [Adobe Systems Inc., 8.0.5.2006102200\0]
[C:\Program Files\FarStone\VDPPro\vdp\VDExt900.dll]  [, 1, 0, 0, 1]
[PID: 304 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\AdobePDF.dll]  [Adobe Systems Incorporated., 8.0.0.00]
[C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdistRes.CHS]  [, ]
[C:\WINDOWS\system32\HPDCMON.DLL]  [Hewlett-Packard, 03.40.00]
[C:\WINDOWS\system32\mdimon.dll]  [Microsoft Corporation, 11.3.2175.0]
[C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll]  [Microsoft Corporation, 11.3.2175.0]
[PID: 500 / chhao11][C:\Program Files\Sygate\SON\Sygate.exe]  [Sygate Technologies, Inc., 4,5,851,1]
[C:\Program Files\Sygate\SON\SaSrvAd.dll]  [Sygate Technologies, Inc., 4,5,851,1]
[C:\Program Files\Sygate\SON\Netport.dll]  [N/A, ]
[C:\Program Files\Sygate\SON\wsman.dll]  [SyberGen Networks, Inc., 2, 3, 3114, 0]
[C:\Program Files\Sygate\SON\wgman.dll]  [SyberGen Networks, Inc., 1.01.1221]
[C:\Program Files\Sygate\SON\sasrv.dll]  [N/A, ]
[C:\Program Files\Sygate\SON\natsrv.dll]  [N/A, ]
[C:\Program Files\Sygate\SON\salic.dll]  [N/A, ]
[C:\Program Files\Sygate\SON\DhcpSrv.dll]  [N/A, ]
[C:\Program Files\Sygate\SON\CorpAd.dll]  [Sygate Technologies, Inc., 4,5,851,1]
[C:\Program Files\Sygate\SON\AREdt.dll]  [, 1, 0, 0, 1]
[C:\Program Files\Sygate\SON\EvtLogUI.dll]  [, 1, 0, 0, 1]
[C:\Program Files\Sygate\SON\EventLog.dll]  [N/A, ]
[C:\Program Files\Sygate\SON\bwmedt.dll]  [Sybergen Networks, Inc., 1, 0, 0, 1]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[PID: 512 / chhao11][C:\Program Files\Common Files\Symantec Shared\ccApp.exe]  [Symantec Corporation, 106.2.0.21]
[C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll]  [Symantec Corporation, 106.2.0.21]
[C:\WINDOWS\system32\SymNeti.dll]  [Symantec Corporation, 7.2.0.15]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSvc.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppPlg32.dll]  [Symantec Corporation, 1.1.1.2]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll]  [Symantec Corporation, 1.1.1.2]
[C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll]  [Symantec Corporation, 1.1.1.2]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCALERT.DLL]  [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEMLPXY.DLL]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Norton AntiVirus\fwAlert.dll]  [Symantec Corporation, 10.2.0.50]
[C:\Program Files\Norton AntiVirus\fwAlRes.dll]  [Symantec Corporation, 10.2.0.50]
[C:\PROGRA~1\NORTON~1\DEFALERT.DLL]  [Symantec Corporation, 14.2.0.29]
[C:\PROGRA~1\NORTON~1\AVPAPP32.DLL]  [Symantec Corporation, 14.2.0.29]
[C:\Program Files\Common Files\Symantec Shared\NPC\npcTRAY.dll]  [Symantec Corporation, 2007.4.00.2]
[C:\Program Files\Common Files\Symantec Shared\CF\PEP2.dll]  [Symantec Corporation, 2006.1.02.4]
[C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll]  [Symantec Corporation, 1.2.0.18]
[C:\Program Files\Common Files\Symantec Shared\COH\sesHlp.dll]  [Symantec Corporation, 6.1.2.54]
[C:\PROGRA~1\NORTON~1\AVPAPP32.loc]  [Symantec Corporation, 14.2.0.29]
[C:\Program Files\Common Files\Symantec Shared\ccSetEvt.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\COH\sH0000.dll]  [Symantec Corporation, 6,1,2,54]
[C:\Program Files\Common Files\Symantec Shared\NPC\DataPvdr.dll]  [Symantec Corporation, 2007.4.00.2]
[C:\Program Files\Norton AntiVirus\isDataCl.dll]  [Symantec Corporation, 10.2.0.50]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll]  [Symantec Corporation, 1.2.00.34]
[C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\NPC\NSCHlpr2.dll]  [Symantec Corporation, 2007.4.00.2]
[C:\PROGRA~1\COMMON~1\SYMANT~1\rcEmlPxy.dll]  [Symantec Corporation, 106.2.0.21]
[C:\WINDOWS\system32\SymRedir.dll]  [Symantec Corporation, 7.2.0.15]
[C:\Program Files\Norton AntiVirus\fwEvent.dll]  [Symantec Corporation, 10.2.0.50]
[C:\Program Files\Common Files\Symantec Shared\NPC\pcStatus.dll]  [Symantec Corporation, 2007.4.00.2]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVMail.dll]  [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Norton AntiVirus\SetEvtHp.dll]  [Symantec Corporation, 10.2.0.50]
[C:\Program Files\Common Files\Symantec Shared\NPC\uiLicPlg.dll]  [Symantec Corporation, 2007.4.00.2]
[C:\Program Files\Common Files\Symantec Shared\NPC\NSCWSCR2.DLL]  [Symantec Corporation, 2007.4.00.2]
[C:\Program Files\Common Files\Symantec Shared\NPC\npcWmiCl.dll]  [Symantec Corporation, 2007.4.00.2]
[C:\Program Files\Common Files\Symantec Shared\NPC\npcWmiDt.dll]  [Symantec Corporation, 2007.4.00.2]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll]  [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Norton AntiVirus\IMCfg.dll]  [Symantec Corporation, 10.2.0.50]
[C:\Program Files\Common Files\Symantec Shared\NPC\PEPEvnt.dll]  [Symantec Corporation, 2007.4.00.2]
[C:\Program Files\Common Files\Symantec Shared\CF\cfV2Pack.dll]  [Symantec Corporation, 2006.1.02.4]
[C:\Program Files\Common Files\Symantec Shared\CF\cfEPack.dll]  [Symantec Corporation, 2006.1.02.4]
[C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\AlertUi.dll]  [Symantec Corporation, 1.2.0.18]
[PID: 680 / chhao11][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 712 / chhao11][C:\Program Files\jj4\jiajiasr.exe]  [加加工作组, 4, 1, 0, 47]
[PID: 1168 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe]  [Symantec Corporation, 106.2.0.21]
[C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSvc.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETPLG.DLL]  [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\NORTON~1\AVPSVC32.DLL]  [Symantec Corporation, 14.2.0.29]
[C:\PROGRA~1\NORTON~1\AVPSVC32.loc]  [Symantec Corporation, 14.2.0.29]
[C:\Program Files\Norton AntiVirus\AVSubmit.dll]  [Symantec Corporation, 14.2.0.29]
[C:\Program Files\Norton AntiVirus\AVSubmit.loc]  [Symantec Corporation, 14.2.0.29]
[C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\PIFENG.DLL]  [Symantec Corporation, 1.2.0.18]
[C:\PROGRA~1\NORTON~1\ISDATASV.DLL]  [Symantec Corporation, 10.2.0.50]
[C:\PROGRA~1\COMMON~1\SYMANT~1\NPC\NPCWMIMN.DLL]  [Symantec Corporation, 2007.4.00.2]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SNDSVC.DLL]  [Symantec Corporation, 7.2.0.15]
[C:\Program Files\Common Files\Symantec Shared\ccL60.dll]  [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SUBENG.DLL]  [Symantec Corporation, 2.2.0.34]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SUBRES.loc]  [Symantec Corporation, 2.2.0.34]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\TPROCPLG.DLL]  [Symantec Corporation, 3.2.0.21]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCEVTPLG.DLL]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccEvtCli.dll]  [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\FIREWALL\FWAGENT.DLL]  [Symantec Corporation, 2.3.0.4]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SPBBC\SPBBCEVT.DLL]  [Symantec Corporation, 3.3.2.3]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SRTSP\SRTSP32.DLL]  [Symantec Corporation, 10.2.1.8]
[C:\PROGRA~1\COMMON~1\SYMANT~1\CCSETEVT.DLL]  [Symantec Corporation, 106.2.0.21]
[C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\NORTON~1\NAVEVENT.DLL]  [Symantec Corporation, 14.2.0.29]
[C:\WINDOWS\SYSTEM32\SYMNETI.DLL]  [Symantec Corporation, 7.2.0.15]
[C:\Program Files\Norton AntiVirus\isDataCl.dll]  [Symantec Corporation, 10.2.0.50]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVIfc.dll]  [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll]  [Symantec Corporation, 1.1.1.2]
[C:\Program Files\Common Files\Symantec Shared\Firewall\FWHelper.dll]  [Symantec Corporation, 2.3.0.4]
[C:\Program Files\Norton AntiVirus\fwPlugin.dll]  [Symantec Corporation, 10.2.0.50]
[C:\Program Files\Norton AntiVirus\fwEvent.dll]  [Symantec Corporation, 10.2.0.50]
[C:\Program Files\Norton AntiVirus\SetEvtHp.dll]  [Symantec Corporation, 10.2.0.50]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll]  [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\NPC\npcWmiDt.dll]  [Symantec Corporation, 2007.4.00.2]
[C:\Program Files\Norton AntiVirus\IMCfg.dll]  [Symantec Corporation, 10.2.0.50]
[C:\Program Files\Common Files\Symantec Shared\SPBBC\bbRGen.dll]  [Symantec Corporation, 3.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\PIF\{B8E1D~1\PollMgr.dll]  [Symantec Corporation, 1.2.0.18]
[C:\PROGRA~1\COMMON~1\SYMANT~1\SUBMIS~1\SubConn.dll]  [Symantec Corporation, 2.2.0.34]
[PID: 1320 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe]  [Symantec Corporation, 106.2.0.21]
[C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSvc.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\OPC\{31011~1\CLTNETCN.DLL]  [Symantec Corporation, 7.2.0.164]

chhao11

再续

[PID: 1444 / SYSTEM][C:\WINDOWS\system32\lvhidsvc.exe]  [Animation Technologies Inc., 2.3.27.0 (ROBIN.20040921)]
[PID: 1476 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]  [Microsoft Corporation, 7.00.9466]
[C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll]  [Microsoft Corporation, 7.00.9466]
[PID: 1572 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1876 / SYSTEM][C:\program files\internet explorer\iexplore.exe]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[PID: 1920 / SYSTEM][C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe]  [Symantec Corporation, 3.2.0.41]
[C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll]  [Symantec Corporation, 106.2.0.21]
[PID: 600 / SYSTEM][C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe]  [Symantec Corporation, 1.1.1.2]
[C:\WINDOWS\system32\ATL71.DLL]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
[C:\Program Files\Common Files\Symantec Shared\ccL60U.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccVrTrst.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppMgr32.dll]  [Symantec Corporation, 1.1.1.2]
[C:\Program Files\Common Files\Symantec Shared\AppCore\AppSet32.dll]  [Symantec Corporation, 1.1.1.2]
[C:\Program Files\Common Files\Symantec Shared\ccSet.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVScan.dll]  [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AV.loc]  [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\avDefMgr.dll]  [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\avModule.dll]  [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\QBackup.dll]  [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\AntiVirus\AVExclu.dll]  [Symantec Corporation, 1.2.00.34]
[C:\Program Files\Common Files\Symantec Shared\SRTSP\Srtsp32.dll]  [Symantec Corporation, 10.2.1.8]
[C:\Program Files\Common Files\Symantec Shared\ccProSub.dll]  [Symantec Corporation, 106.2.0.21]
[C:\PROGRA~1\COMMON~1\SYMANT~1\ccEvtCli.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccSvc.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCCli.dll]  [Symantec Corporation, 3.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ccScanw.dll]  [Symantec Corporation, 106.2.0.21]
[C:\Program Files\Common Files\Symantec Shared\ecmldr32.DLL]  [Symantec Corporation, 61.3.0.17]
[C:\Program Files\Common Files\Symantec Shared\MSL\msl.dll]  [Symantec Corporation, 5.0.071.000]
[PID: 3536 / SYSTEM][C:\Program Files\Sygate\SON\sgserv.exe]  [Sygate technologies Inc., 4.0.0.1]
[C:\Program Files\Sygate\SON\salic.dll]  [N/A, ]
[C:\Program Files\Sygate\SON\sasrv.dll]  [N/A, ]
[C:\Program Files\Sygate\SON\Netport.dll]  [N/A, ]
[C:\Program Files\Sygate\SON\wsman.dll]  [SyberGen Networks, Inc., 2, 3, 3114, 0]
[C:\Program Files\Sygate\SON\wgman.dll]  [SyberGen Networks, Inc., 1.01.1221]
[C:\Program Files\Sygate\SON\natsrv.dll]  [N/A, ]
[C:\Program Files\Sygate\SON\DhcpSrv.dll]  [N/A, ]
[PID: 2316 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3316 / chhao11][C:\Program Files\Huawei-3Com\H3C 802.1X 客户端\Dot1XClient.exe]  [N/A, ]
[C:\WINDOWS\system32\W32N50.dll]  [Printing Communications Assoc., Inc. (PCAUSA), 5.03.16.54]
[PID: 2540 / chhao11][C:\Program Files\Internet Explorer\IEXPLORE.EXE]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\IEFRAME.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[C:\WINDOWS\system32\IEUI.dll]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\WINDOWS\system32\xmllite.dll]  [Microsoft Corporation, 1.00.1018.0]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll]  [Microsoft Corporation, 11.0.5510]
[C:\Program Files\Internet Explorer\ieproxy.dll]  [Microsoft Corporation, 7.00.5730.11 (winmain(wmbla).061017-1135)]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\Program Files\eREAD6.0\eREAD6.0\IEeREAD.dll]  [, 1, 0, 0, 1]
[C:\Program Files\eREAD6.0\eREAD6.0\WebHook.dll]  [, 1, 0, 0, 1]
[C:\Program Files\eREAD6.0\eREAD6.0\ATL80.DLL]  [Microsoft Corporation, 8.00.50727.42]
[C:\WINDOWS\system32\ieapfltr.dll]  [Microsoft Corporation, 7.0.6000.16461]
[C:\WINDOWS\system32\Macromed\Flash\Flash9d.ocx]  [Adobe Systems, Inc., 9,0,47,0]
[C:\WINDOWS\system32\msacm32.drv]  [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\msadp32.acm]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2276 / chhao11][D:\Downloads\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
[C:\WINDOWS\system32\Normaliz.dll]  [Microsoft Corporation, 6.0.5441.0 (winmain(wmbla).060628-1735)]
[C:\WINDOWS\system32\iertutil.dll]  [Microsoft Corporation, 7.00.6000.16544 (vista_gdr.070814-1500)]
[D:\Downloads\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1    localhost

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 1444, C:\WINDOWS\SYSTEM32\LVHIDSVC.EXE]
特殊特权被允许： SeLoadDriverPrivilege [PID = 3316, C:\PROGRAM FILES\HUAWEI-3COM\H3C 802.1X 客户端\DOT1XCLIENT.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================

【求助】如何解决system用户自动启动iexplore.exe？

铜牌荣誉勋章(注册8年以上会员)

银牌荣誉勋章(注册10年以上会员)

		自动登录	找回密码
密码			注册