瑞星卡卡安全论坛

首页 » 技术交流区 » 反病毒/反流氓软件论坛 » 帮忙看看
tianbaotea - 2008-6-10 0:24:00
进程模块信息:
1 (安全进程):C:\WINDOWS\system32\smss.exe 命令行: \SystemRoot\System32\smss.exe
2 (安全进程):c:\WINDOWS\system32\winlogon.exe 命令行: winlogon.exe
3    - 未知模块:c:\program files\Rising\Rfw\ijt_base.dll
4    - 未知模块:c:\program files\Rising\Rfw\olemon.dll
5 (安全进程):c:\WINDOWS\system32\services.exe 命令行: C:\WINDOWS\system32\services.exe
6    - 未知模块:c:\program files\Rising\Rfw\ijt_base.dll
7    - 未知模块:c:\program files\Rising\Rfw\olemon.dll
8 (安全进程):c:\WINDOWS\system32\lsass.exe 命令行: C:\WINDOWS\system32\lsass.exe
9    - 未知模块:c:\program files\Rising\Rfw\ijt_base.dll
10    - 未知模块:c:\program files\Rising\Rfw\olemon.dll
11 (安全进程):c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\system32\svchost -k DcomLaunch
12    - 未知模块:c:\program files\Rising\Rfw\ijt_base.dll
13    - 未知模块:c:\program files\Rising\Rfw\olemon.dll
14 未知进程:c:\program files\Rising\Rav\CCenter.exe 命令行: "C:\Program Files\Rising\Rav\CCenter.exe"
15    - 未知模块:c:\program files\Rising\Rfw\ijt_base.dll
16    - 未知模块:c:\program files\Rising\Rfw\olemon.dll
17 (安全进程):c:\WINDOWS\system32\svchost.exe 命令行: C:\WINDOWS\System32\svchost.exe -k netsvcs
18    - 未知模块:c:\program files\Rising\Rfw\ijt_base.dll
19    - 未知模块:c:\program files\Rising\Rfw\olemon.dll
20 未知进程:c:\program files\Rising\Rav\RavMonD.exe 命令行: "C:\PROGRAM FILES\RISING\RAV\ravmond.exe" -step
21    - 未知模块:c:\program files\Rising\Rav\BWList.dll
22    - 未知模块:c:\WINDOWS\system32\mfc71.dll
23    - 未知模块:c:\WINDOWS\system32\msvcr71.dll
24    - 未知模块:c:\WINDOWS\system32\msvcp71.dll
25    - 未知模块:c:\program files\Rising\Rav\RsAppMgr.dll
26    - 未知模块:c:\program files\Rising\Rav\CfgDll.dll
27    - 未知模块:c:\program files\Rising\Rav\RsLog.dll
28    - 未知模块:c:\program files\Rising\Rav\ProcCom.dll
29    - 未知模块:c:\program files\Rising\Rav\RsCommX2.dll
30    - 未知模块:c:\program files\Rising\Rav\MonRule.dll
31    - 未知模块:c:\program files\Rising\Rav\HOOKSYS.dll
32    - 未知模块:c:\program files\Rising\Rfw\ijt_base.dll
33    - 未知模块:c:\program files\Rising\Rfw\olemon.dll
34    - 未知模块:c:\program files\Rising\Rav\HookReg.dll
35    - 未知模块:c:\program files\Rising\Rav\HookNtos.dll
36    - 未知模块:c:\program files\Rising\Rav\rswalmon.dll
37    - 未知模块:c:\program files\Rising\Rav\recomp.dll
38    - 未知模块:c:\program files\Rising\Rav\refs.dll
39    - 未知模块:c:\program files\Rising\Rav\ffr.dll
40    - 未知模块:c:\program files\Rising\Rav\RsStore.dll
41    - 未知模块:c:\program files\Rising\Rav\HookCont.dll
42    - 未知模块:c:\program files\Rising\Rav\FakeScan.dll
43    - 未知模块:c:\program files\Rising\Rav\Scanner.dll
44    - 未知模块:c:\program files\Rising\Rav\VirusLib.dll
45    - 未知模块:c:\program files\Rising\Rav\relibldr.dll
46    - 未知模块:c:\program files\Rising\Rav\HookWeb.dll
47    - 未知模块:c:\program files\Rising\Rav\nvfile.dll
48    - 未知模块:c:\program files\Rising\Rav\ExtFile.dll
49    - 未知模块:c:\program files\Rising\Rav\pearc.dll
50    - 未知模块:c:\program files\Rising\Rav\scanexec.dll
51    - 未知模块:c:\program files\Rising\Rav\unexe.dll
52    - 未知模块:c:\program files\Rising\Rav\ScanEX.dll
53    - 未知模块:c:\program files\Rising\Rav\ScanPack.dll
54    - 未知模块:c:\program files\Rising\Rav\revm.dll
55    - 未知模块:c:\program files\Rising\Rav\urutils.dll
56    - 未知模块:c:\program files\Rising\Rav\ur000.dat
57    - 未知模块:c:\program files\Rising\Rav\ScanSct.dll
58    - 未知模块:c:\program files\Rising\Rav\scriptci.dll
59    - 未知模块:c:\program files\Rising\Rav\ur001.dat
60    - 未知模块:c:\program files\Rising\Rav\ur023.dat
61    - 未知模块:c:\program files\Rising\Rav\uroutine.dll
62 未知进程:c:\program files\Rising\Rfw\rfwsrv.exe 命令行: "c:\program files\rising\rfw\rfwsrv.exe"
63    - 未知模块:c:\WINDOWS\system32\mfc71.dll
64    - 未知模块:c:\WINDOWS\system32\msvcr71.dll
65    - 未知模块:c:\WINDOWS\system32\msvcp71.dll
66    - 未知模块:c:\program files\Rising\Rfw\ProcCom.dll
67    - 未知模块:c:\program files\Rising\Rfw\RsCommX2.dll
68    - 未知模块:c:\program files\Rising\Rfw\RsAppMgr.dll
69    - 未知模块:c:\program files\Rising\Rfw\CfgDll.dll
70    - 未知模块:c:\program files\Rising\Rfw\RfwRule.dll
71    - 未知模块:c:\program files\Rising\Rfw\RfwLog.dll
72    - 未知模块:c:\program files\Rising\Rfw\RfwDrv.dll
73    - 未知模块:c:\program files\Rising\Rfw\Psapi.dll
74    - 未知模块:c:\program files\Rising\Rfw\ijt_ctrl.dll
75    - 未知模块:c:\program files\Rising\Rfw\ijt_base.dll
76    - 未知模块:c:\program files\Rising\Rfw\olemon.dll
77    - 未知模块:c:\program files\Rising\Rfw\unvdet.dll
78    - 未知模块:c:\program files\Rising\Rfw\mPorts.dll
79 未知进程:c:\program files\Rising\Rfw\rfwProxy.exe 命令行: "c:\program files\rising\rfw\rfwproxy.exe"
80    - 未知模块:c:\WINDOWS\system32\mfc71.dll
81    - 未知模块:c:\WINDOWS\system32\msvcr71.dll
82    - 未知模块:c:\program files\Rising\Rfw\Psapi.dll
83    - 未知模块:c:\program files\Rising\Rfw\ProcCom.dll
84    - 未知模块:c:\program files\Rising\Rfw\RsCommX2.dll
85    - 未知模块:c:\program files\Rising\Rfw\RfwRule.dll
86    - 未知模块:c:\program files\Rising\Rfw\urlrule.dll
87    - 未知模块:c:\program files\Rising\Rfw\ijt_base.dll
88    - 未知模块:c:\program files\Rising\Rfw\olemon.dll
89    - 未知模块:c:\program files\Rising\Rfw\MonMid.dll
90 未知进程:c:\program files\Rising\Rfw\rfwstub.exe 命令行: "rfwstub.exe" -rfwsrv
91    - 未知模块:c:\WINDOWS\system32\msvcp71.dll
92    - 未知模块:c:\WINDOWS\system32\msvcr71.dll
93    - 未知模块:c:\program files\Rising\Rfw\RsCommon.dll
94 未知进程:c:\program files\Rising\Rav\RavStub.exe 命令行: "C:\PROGRAM FILES\RISING\RAV\RavStub.exe" /RAVMOND=1023
95    - 未知模块:c:\program files\Rising\Rfw\ijt_base.dll
96    - 未知模块:c:\program files\Rising\Rfw\olemon.dll
97    - 未知模块:c:\program files\Rising\Rav\ProcCom.dll
98    - 未知模块:c:\program files\Rising\Rav\RsCommX2.dll
99    - 未知模块:c:\program files\Rising\Rav\RsCommon.dll
100 (安全进程):c:\WINDOWS\system32\spoolsv.exe 命令行: C:\WINDOWS\system32\spoolsv.exe
101 (安全进程):c:\WINDOWS\explorer.exe 命令行: C:\WINDOWS\Explorer.EXE
102    - 未知模块:c:\program files\common files\Adobe\Shell\psicon.dll
103    - 未知模块:c:\program files\WinRAR\RarExt.dll
104    - 未知模块:c:\WINDOWS\system32\RavExt.dll
105 未知进程:c:\program files\Rising\Rfw\rfwmain.exe 命令行:  -StartUp
106    - 未知模块:c:\WINDOWS\system32\mfc71.dll
107    - 未知模块:c:\WINDOWS\system32\msvcr71.dll
108    - 未知模块:c:\WINDOWS\system32\msvcp71.dll
109    - 未知模块:c:\program files\Rising\Rfw\RsGuiLib.dll
110    - 未知模块:c:\program files\Rising\Rfw\ProcCom.dll
111    - 未知模块:c:\program files\Rising\Rfw\RsCommX2.dll
112    - 未知模块:c:\program files\Rising\Rfw\RsAppMgr.dll
113    - 未知模块:c:\program files\Rising\Rfw\CfgDll.dll
114    - 未知模块:c:\program files\Rising\Rfw\RsCommon.dll
115    - 未知模块:c:\program files\Rising\Rfw\RfwCtrl.dll
116    - 未知模块:c:\program files\Rising\Rfw\RsXML.dll
117    - 未知模块:c:\program files\Rising\Rfw\PngDll.dll
118    - 未知模块:c:\program files\Rising\Rfw\RfwRule.dll
119 未知进程:c:\WINDOWS\system32\khooker.exe 命令行: "C:\WINDOWS\System32\khooker.exe"
120 未知进程:c:\program files\Rising\Rav\RavTask.exe 命令行: "C:\Program Files\Rising\Rav\RavTask.exe" -system
121    - 未知模块:c:\program files\Rising\Rav\ProcCom.dll
122    - 未知模块:c:\program files\Rising\Rav\RsCommX2.dll
123    - 未知模块:c:\program files\Rising\Rav\RsCommon.dll
124    - 未知模块:c:\program files\Rising\Rav\RsAppMgr.dll
125    - 未知模块:c:\program files\Rising\Rav\CfgDll.dll
126 未知进程:c:\program files\Rising\Rav\RavMon.exe 命令行: "C:\Program Files\Rising\Rav\Ravmon.exe" -SYSTEM
127    - 未知模块:c:\WINDOWS\system32\mfc71.dll
128    - 未知模块:c:\WINDOWS\system32\msvcr71.dll
129    - 未知模块:c:\WINDOWS\system32\msvcp71.dll
130    - 未知模块:c:\program files\Rising\Rav\ProcCom.dll
131    - 未知模块:c:\program files\Rising\Rav\RsCommX2.dll
132    - 未知模块:c:\program files\Rising\Rav\RsCommon.dll
133    - 未知模块:c:\program files\Rising\Rav\recomp.dll
134    - 未知模块:c:\program files\Rising\Rav\refs.dll
135    - 未知模块:c:\program files\Rising\Rav\VirusLib.dll
136    - 未知模块:c:\program files\Rising\Rav\relibldr.dll
137    - 未知模块:c:\program files\Rising\Rav\RsAppMgr.dll
138    - 未知模块:c:\program files\Rising\Rav\CfgDll.dll
139    - 未知模块:c:\program files\Rising\Rav\MonRule.dll
140    - 未知模块:c:\program files\Rising\Rav\PngDll.dll
141    - 未知模块:c:\program files\Rising\Rav\RsGuiLib.dll
142    - 未知模块:c:\program files\Rising\Rav\RsXML.dll
143 未知进程:c:\program files\Rising\antispyware\runiep.exe 命令行: "C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup
144    - 未知模块:c:\program files\Rising\antispyware\mfc71.dll
145    - 未知模块:c:\program files\Rising\antispyware\msvcr71.dll
146    - 未知模块:c:\WINDOWS\system32\ieprot.dll
147 (安全进程):c:\WINDOWS\system32\ctfmon.exe 命令行: "C:\WINDOWS\system32\ctfmon.exe"
148 (安全进程):c:\program files\messenger\msmsgs.exe 命令行: "C:\Program Files\Messenger\msmsgs.exe" /background
149 未知进程:c:\program files\mozilla firefox\firefox.exe 命令行: "C:\Program Files\Mozilla Firefox\firefox.exe"
150    - 未知模块:c:\program files\mozilla firefox\js3250.dll
151    - 未知模块:c:\program files\mozilla firefox\nspr4.dll
152    - 未知模块:c:\program files\mozilla firefox\xpcom_core.dll
153    - 未知模块:c:\program files\mozilla firefox\plc4.dll
154    - 未知模块:c:\program files\mozilla firefox\plds4.dll
155    - 未知模块:c:\program files\mozilla firefox\smime3.dll
156    - 未知模块:c:\program files\mozilla firefox\nss3.dll
157    - 未知模块:c:\program files\mozilla firefox\softokn3.dll
158    - 未知模块:c:\program files\mozilla firefox\ssl3.dll
159    - 未知模块:c:\program files\mozilla firefox\xpcom_compat.dll
160    - 未知模块:c:\WINDOWS\system32\ieprot.dll
161    - 未知模块:c:\program files\mozilla firefox\components\myspell.dll
162    - 未知模块:c:\program files\mozilla firefox\components\jar50.dll
163    - 未知模块:c:\documents and settings\yhz\application data\Mozilla\Firefox\Profiles\7kypzdkd.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
164    - 未知模块:c:\program files\mozilla firefox\xpcom.dll
165    - 未知模块:c:\documents and settings\yhz\application data\Mozilla\Firefox\Profiles\7kypzdkd.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
166    - 未知模块:c:\program files\mozilla firefox\freebl3.dll
167    - 未知模块:c:\program files\mozilla firefox\nssckbi.dll
168    - 未知模块:c:\program files\mozilla firefox\components\spellchk.dll
169    - 未知模块:c:\program files\mozilla firefox\components\thundercomponent.dll
170    - 未知模块:c:\WINDOWS\system32\winwb86.IME
171    - 未知模块:c:\program files\mozilla firefox\plugins\NPSWF32.dll
172 未知进程:c:\program files\ftc\ftcleaner.exe 命令行: "C:\Program Files\ftc\FTCleaner.exe"
173    - 未知模块:c:\program files\ftc\MSVBVM60.DLL
174    - 未知模块:c:\WINDOWS\system32\ieprot.dll
175    - 未知模块:c:\program files\ftc\VB6CHS.DLL
176    - 未知模块:c:\program files\ftc\ftcapi.dll
177    - 未知模块:c:\program files\ftc\ftcapi3.dll
178    - 未知模块:c:\program files\ftc\ftcapi2.dll
179 未知进程:c:\program files\ftc\fyganalyze.exe 命令行: "C:\Program Files\ftc\FygAnalyze.exe"
180    - 未知模块:c:\WINDOWS\system32\ieprot.dll
181    - 未知模块:c:\program files\ftc\psapi.dll

启动信息:
182 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>
183 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <SiS KHooker><C:\WINDOWS\System32\khooker.exe>
184 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>
185 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <RfwMain><"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>
186 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <rkqoucdt><D;]XJOEPXT]Tztufn43]Svoemm43/fyf!D;]XJOEPXT]Tztufn43]deoqsi/emm!Tubsu>
187 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <SiSUSBRG><C:\WINDOWS\sisUSBrg.exe>
188 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <runeip><"C:\Program Files\Rising\AntiSpyware\runiep.exe" /startup>
189 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>
190 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <SiSPower><Rundll32.exe SiSPower.dll,ModeAgent>
191 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
  <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>
192 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>
193 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  <MSMSGS><"C:\Program Files\Messenger\msmsgs.exe" /background>
194 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Shell><Explorer.exe>
195 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <Userinit><C:\WINDOWS\system32\userinit.exe,>
196 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
  <UIHost><logonui.exe>
197 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
  <AppInit_DLLs><ieprot.dll>
198 [C:\Documents and Settings\yhz\「开始」菜单\程序\启动\]
  <C:\Documents and Settings\yhz\「开始」菜单\程序\启动\desktop.ini>
199 [C:\Documents and Settings\All Users\「开始」菜单\程序\启动\]
  <C:\Documents and Settings\All Users\「开始」菜单\程序\启动\desktop.ini>

用户系统信息:Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-CN; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14
tianbaotea - 2008-6-10 0:25:00
IE辅助对象BHO信息:
200 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
  <{7369D35A-5B70-4A5B-B789-B25FE09B4AF3}><C:\Program Files\Super Rabbit\MagicSet\haokanbar.dll>

IE右键菜单信息:
201 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
  <使用WEB迅雷下载><C:\Program Files\Thunder Network\WebThunder\GetUrl.htm>
202 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
  <使用WEB迅雷下载全部链接><C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm>
203 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
  <使用迅雷下载><C:\Program Files\Thunder Network\Thunder\Program\geturl.htm>
204 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
  <使用迅雷下载全部链接><C:\Program Files\Thunder Network\Thunder\Program\getallurl.htm>
205 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt]
  <添加到QQ表情><C:\Program Files\Tencent\QQ\AddEmotion.htm>

IE工具栏项信息:
206 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions]
  <{962EFB8E-2683-42d4-AC74-AAA4C759B9C6}><http://my.xunlei.com>

ActiveX对象DPF信息:
207 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
  <DirectAnimation Java Classes><>
208 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
  <Microsoft XML Parser for Java><>
209 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
  <{05317530-B882-449D-9421-18D94FA3ED34}><C:\WINDOWS\OSInfo.ocx>
210 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
  <{16095503-786F-4097-AED6-5D567A26D760}><C:\WINDOWS\SiS_OCX.ocx>
211 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
  <{17492023-C23A-453E-A040-C7C580BBF700}><C:\WINDOWS\system32\legitcheckcontrol.dll>
212 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
  <{33564D57-9980-0010-8000-00AA00389B71}><>
213 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
  <{78ABDC59-D8E7-44D3-9A76-9A0918C52B4A}><C:\WINDOWS\Downloaded Program Files\downloader.dll>
214 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
  <{C01170CC-AF05-46C3-88BC-2C120DCEE288}><C:\WINDOWS\DOWNLO~1\IMTVPL~1.OCX>
215 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units]
  <{D27CDB6E-AE6D-11CF-96B8-444553540000}><C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx>

网络服务SPI信息:
无可疑

映像劫持IFEO信息:
216 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options]
  <Your Image File Name Here without a path><C:\WINDOWS\system32\ntsd -d>

系统服务信息:
217 [ COM+ System Application | COMSysApp | 停用 ]
  c:\windows\system32\dllhost.exe /processid:{02d4b3f1-fd88-11d1-960d-00805fc79235}
218 [ Human Interface Device Access | HidServ | 停用 ]
  c:\windows\system32\svchost.exe - c:\windows\system32\hidserv.dll
219 [ Rising Proxy  Service | RfwProxySrv | 启动 ]
  c:\program files\rising\rfw\rfwproxy.exe
220 [ Rising Personal Firewall Service | RfwService | 启动 ]
  c:\program files\rising\rfw\rfwsrv.exe
221 [ Rising Process Communication Center | RsCCenter | 启动 ]
  c:\program files\rising\rav\ccenter.exe
222 [ Rising RealTime Monitor | RsRavMon | 停用 ]
  c:\program files\rising\rav\ravmond.exe
223 [ MS Software Shadow Copy Provider | SwPrv | 停用 ]
  c:\windows\system32\dllhost.exe /processid:{149d4de2-464f-4e0b-890f-e13d41087483}

系统驱动信息:
224 [ Rising TDI Base Driver | BaseTDI | 停用 ]
  c:\windows\system32\drivers\basetdi.sys
225 [ BeatTrojanHelperOne | BeatTrojanHelperOne | 停用 ]
  c:\program files\beattrojan\beattrojanhelperone.sys
226 [ cqrthuu | cqrthuu6 | 停用 ]
  c:\windows\system32\drivers\cqrthuu6.sys
227 [ FTCkillfile | FTCkillfile | 停用 ]
  c:\windows\system32\drivers\ftckillfile.sys
228 [ FTCProtect | FTCProtect | 停用 ]
  c:\windows\system32\drivers\ftcprotect.sys
229 [ FTCProTime | FTCProTime | 停用 ]
  c:\windows\system32\drivers\ftcprotime.sys
230 [ HookCont | HookCont | 启动 ]
  C:\WINDOWS\system32\drivers\hookcont.sys
231 [ HookNtos | HookNtos | 启动 ]
  C:\WINDOWS\system32\drivers\hookntos.sys
232 [ HookReg | HookReg | 启动 ]
  C:\WINDOWS\system32\drivers\hookreg.sys
233 [ hooksys | hooksys | 启动 ]
  C:\WINDOWS\system32\drivers\hooksys.sys
234 [ HookUrl | HookUrl | 启动 ]
  c:\program files\rising\rfw\hookurl.sys
235 [ New0 | New0 | 停用 ]
  c:\windows\system32\new.sys
236 [ npkcrypt | npkcrypt | 停用 ]
  c:\windows\system32\npkcrypt.sys
237 [ npkycryp | npkycryp | 停用 ]
  c:\windows\system32\npkycryp.sys
238 [ Ntdfdisk | Ntdfdisk | 停用 ]
  c:\windows\system32\drivers\ntrapi.sys
239 [ LENOVO USB Serial Driver | PhSerUsb | 停用 ]
  c:\windows\system32\drivers\lenovoserusb.sys
240 [ QKeyServiceDisplay | QKeyService | 启动 ]
  c:\windows\system32\keycrypt.sys
241 [ Rising  Rfwbase Driver | RfwBase | 启动 ]
  c:\windows\system32\drivers\rfwbase.sys
242 [ RsAntiSpyware | RsAntiSpyware | 启动 ]
  c:\windows\system32\drivers\rsboot.sys
243 [ RsFwDrv | RsFwDrv | 启动 ]
  c:\program files\rising\rfw\rsfwdrv.sys
244 [ RsNTGDI | RsNTGDI | 启动 ]
  c:\windows\system32\drivers\rsntgdi.sys
245 [ TCP/IP Protocol Driver | Tcpip | 启动 ]
  c:\windows\system32\drivers\tcpip.sys
246 [ TesSafe | TesSafe | 停用 ]
  c:\windows\system32\tessafe.sys

已经加载的驱动信息:
247 C:\WINDOWS\system32\drivers\rsboot.sys
248 C:\WINDOWS\system32\drivers\rsntgdi.sys
249 C:\WINDOWS\system32\drivers\keycrypt.sys
250 C:\WINDOWS\system32\drivers\tcpip.sys
251 c:\program files\rising\rfw\rsfwdrv.sys
252 c:\program files\rising\rfw\rfwhelp.sys
253 C:\WINDOWS\system32\drivers\hooksys.sys
254 C:\WINDOWS\system32\drivers\hookhelp.sys
255 C:\WINDOWS\system32\drivers\hookreg.sys
256 C:\WINDOWS\system32\drivers\hookntos.sys
257 C:\WINDOWS\system32\drivers\hookcont.sys
258 C:\WINDOWS\system32\drivers\dump_atapi.sys
259 C:\WINDOWS\system32\drivers\dump_wmilib.sys
260 C:\WINDOWS\system32\drivers\rfwbase.sys
261 c:\program files\rising\rfw\hookurl.sys
1
查看完整版本: 帮忙看看
© 2000 - 2026 Rising Corp. Ltd.