[CODE] 2000-06-03,22:10:30 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] [] <"D:\、Qq\QQ2009\Bin\QQ.exe" /background> [(Verified)Tencent Technology(Shenzhen) Company Limited] <> [N/A] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [(Verified)Microsoft Windows Hardware Compatibility Publisher] <"E:\、瑞星\上网助手\runiep.exe" /startup> [Beijing Rising Technology Co., Ltd.] <"E:\、瑞星\杀毒软件\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Science and Technology Corporation Limited] <"C:\Program Files\GridService\peer.exe" -n Grid> [Mercury] <360Safetray> [N/A] <"E:\、瑞星\防火墙\Rising\Rfw\rfwmain.exe" -Startup> [(Verified)BEIJING RISING SCIENCE AND TECHNOLOGY CORPORATION LIMITED] <搜狐彩电网页版> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] [] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Science and Technology Corporation Limited] <{4F4F0064-71E0-4f0d-0005-708476C7815F}> [Microsoft Corporation] <{4C648541-1025-9650-9057-6541258720C4}> [] <{4F4F0064-71E0-4f0d-0001-708476C7815F}> [Microsoft Corporation] <{4F4F0064-71E0-4f0d-0015-708476C7815F}> [Microsoft Corporation] <{528DF602-9541-A985-210A-984A698C6F25}> [] <{4F4F0064-71E0-4f0d-0023-708476C7815F}> [Microsoft Corporation] <{4F4F0064-71E0-4f0d-0018-708476C7815F}> [Microsoft Corporation] <{4F4F0064-71E0-4f0d-0014-708476C7815F}> [Microsoft Corporation] <{4F4F0064-71E0-4f0d-0017-708476C7815F}> [Microsoft Corporation] <{4A069845-2036-6084-9054-6087502480A4}> [] <{4F4F0064-71E0-4f0d-0004-708476C7815F}> [Microsoft Corporation] <{6319A1F1-9410-9654-3201-345FFA349136}> [] <{4F4F0064-71E0-4f0d-0012-708476C7815F}> [Microsoft Corporation] <{4FD45A54-9875-698F-E56E-65102358FDF4}> [] <{5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5}> [] <{35671234-7890-ABCD-CDEF-567801237653}> [] <{e96c6d84-63ce-4046-a18d-45cb4ad8ec75}> [] <{44FAE856-AD58-20CB-A025-CD4895FA6E44}> [] <{6BBAA1E6-CF54-4139-AB9C-8491A9F909D7}> [] <{18093456-9012-4568-9076-908765467181}> [] <{22596546-2036-9451-6058-658402589722}> [] <{1DB3C525-5271-46F7-887A-D4E1ADAA7632}> [] <{4A698102-5904-AFD0-20DF-CD1A65829CA4}> [] <{4F4F0064-71E0-4f0d-0022-708476C7815F}> [Microsoft Corporation] <{15FD6584-698F-BCD2-602C-698745210351}> [N/A] <{45AADFAA-DD36-42AB-83AD-0521BBF58C24}> [] <{17AC9076-C898-B098-D098-A18319080971}> [] <{1E51C0FD-EE36-434B-AD2A-FD1FF3731C38}> [] <{470165F1-9F65-569F-F895-F14F58F41074}> [] <{83BA45AF-FAAA-CDDD-BEEE-BCDE1234AB38}> [] <{25FD6584-698F-BCD2-602C-698745210352}> [] <{1AB1F65A-964F-4AE7-B254-05146A0E602E}> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] [Microsoft Corporation] [Microsoft Corporation] [Microsoft Corporation] [Microsoft Corporation] [Microsoft Corporation] [Microsoft Corporation] [Microsoft Corporation] [Microsoft Corporation] [Microsoft Corporation] [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] [HKEY_CURRENT_USER\Control Panel\Desktop] [Acme Photo Software] ================================== 启动文件夹 [QQ游戏启动加速程序] D:\、Qq\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]> ================================== 服务 [Adobe LM Service / Adobe LM Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"> [Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"> [FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start] [Human Interface Device Access / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [Rising Proxy Service / RfwProxySrv][Running/Auto Start] [Rising Personal Firewall Service / RfwService][Running/Auto Start] [Rising Process Communication Center / RsCCenter][Stopped/Auto Start] <"E:\、瑞星\杀毒软件\Rising\Rav\CCenter.exe"> [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"E:\、瑞星\杀毒软件\RISING\RAV\Ravmond.exe"> ================================== 驱动程序 [0e58a9ac922fb55a / 0e58a9ac922fb55a][Stopped/Manual Start] <\??\C:\0e58a9ac922fb55a.dat> [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] [Rising TDI Base Driver / BaseTDI][Running/Auto Start] [cqit / cqit][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp50.tmp> [drop / drop][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp55.tmp> [ec2a4bec38edf16d / ec2a4bec38edf16d][Stopped/Manual Start] <\??\C:\ec2a4bec38edf16d.dat> [fmsq / fmsq][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp5A.tmp> [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys> [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys> [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys> [HookSys / HookSys][Running/System Start] <\SystemRoot\system32\drivers\HookSys.sys> [HookUrl / HookUrl][Running/Auto Start] <\??\E:\、瑞星\防火墙\Rising\Rfw\HookUrl.sys> [ialm / ialm][Running/Manual Start] [jtio / jtio][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp58.tmp> [mnsf / mnsf][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp52.tmp> [msfpfis64 / msfpfis64][Running/System Start] <2 - 系统找不到指定的文件。 > [msp2p32 / msp2p32][Running/Manual Start] <2 - 系统找不到指定的文件。 > [WinPcap Packet Driver (NPF111) / NPF111][Running/Manual Start] [Motorola USB Device / P2k][Stopped/Manual Start] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [Rising Rfwbase Driver / RfwBase][Running/Auto Start] [RsAntiSpyware / RsAntiSpyware][Running/Boot Start] <\SystemRoot\system32\drivers\RsBoot.sys> [RsFwDrv / RsFwDrv][Running/System Start] <\??\E:\、瑞星\防火墙\Rising\Rfw\RsFwDrv.sys> [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys> [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start] [Secdrv / Secdrv][Stopped/Manual Start] [SAMSUNG Mobile USB Device 1.0 driver (WDM) / ss_bus][Stopped/Manual Start] [SAMSUNG Mobile USB Modem 1.0 Filter / ss_mdfl][Stopped/Manual Start] [SAMSUNG Mobile USB Modem 1.0 Drivers / ss_mdm][Stopped/Manual Start] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [zftp / zftp][Stopped/Auto Start] <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp4C.tmp> ================================== 浏览器加载项 [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [] {15FD6584-698F-BCD2-602C-698745210351} [] {17AC9076-C898-B098-D098-A18319080971} [] {18093456-9012-4568-9076-908765467181} [] {1AB1F65A-964F-4AE7-B254-05146A0E602E} [] {22596546-2036-9451-6058-658402589722} [] {25FD6584-698F-BCD2-602C-698745210352} [] {35671234-7890-ABCD-CDEF-567801237653} [] {44FAE856-AD58-20CB-A025-CD4895FA6E44} [] {470165F1-9F65-569F-F895-F14F58F41074} [] {4A069845-2036-6084-9054-6087502480A4} [] {4A698102-5904-AFD0-20DF-CD1A65829CA4} [] {4C648541-1025-9650-9057-6541258720C4} [] {4FD45A54-9875-698F-E56E-65102358FDF4} [] {528DF602-9541-A985-210A-984A698C6F25} [] {5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5} [] {6319A1F1-9410-9654-3201-345FFA349136} [] {83BA45AF-FAAA-CDDD-BEEE-BCDE1234AB38} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [启动迅雷5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} [番茄花园] {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [MMCPlayer Class] {05C1004E-2596-48E5-8E26-39362985EEB9} [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [163Uploader Control] {8686F2A6-DC01-4E8F-BDE3-DCC7DBBAD6AE} [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} [CyImgChinaCtl Class] {EDEDED2E-A0A6-4085-BC52-A95255A96DBD} [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [GerneralPeerID Class] {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} [] {15FD6584-698F-BCD2-602C-698745210351} [] {17AC9076-C898-B098-D098-A18319080971} [] {18093456-9012-4568-9076-908765467181} [] {1AB1F65A-964F-4AE7-B254-05146A0E602E} [] {22596546-2036-9451-6058-658402589722} [] {25FD6584-698F-BCD2-602C-698745210352} [] {35671234-7890-ABCD-CDEF-567801237653} [] {44FAE856-AD58-20CB-A025-CD4895FA6E44} [] {470165F1-9F65-569F-F895-F14F58F41074} [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [] {4A069845-2036-6084-9054-6087502480A4} [] {4A698102-5904-AFD0-20DF-CD1A65829CA4} [] {4C648541-1025-9650-9057-6541258720C4} [] {4FD45A54-9875-698F-E56E-65102358FDF4} [] {528DF602-9541-A985-210A-984A698C6F25} [] {5B1AEF69-DDAE-FDAD-DCAB-698F026ABDB5} [] {6319A1F1-9410-9654-3201-345FFA349136} [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [] {83BA45AF-FAAA-CDDD-BEEE-BCDE1234AB38} [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [卡卡上网安全助手] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [Thunder DapPlayer] {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [使用iTudou下载节目] [使用迅雷下载] [使用迅雷下载全部链接] ================================== 正在运行的进程 [PID: 440 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 496 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 520 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 604 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 616 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 760 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 828 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Windows Media Player\comdm.dll] [Microsoft Corporation, 5, 2, 2939, 1432 (srv03_sp1_rtm.050733-1233)] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 984 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\Program Files\Windows Media Player\comdm.dll] [Microsoft Corporation, 5, 2, 2939, 1432 (srv03_sp1_rtm.050733-1233)] [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [PID: 1048 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 1132 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 1216 / SYSTEM][E:\、瑞星\防火墙\Rising\Rfw\rfwsrv.exe] [Beijing Rising Technology Co., Ltd., 7.0.0.68] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [C:\Program Files\Samsung\Samsung PC Studio 3\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [E:\、瑞星\防火墙\Rising\Rfw\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [E:\、瑞星\防火墙\Rising\Rfw\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [E:\、瑞星\防火墙\Rising\Rfw\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0] [E:\、瑞星\防火墙\Rising\Rfw\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16] [E:\、瑞星\防火墙\Rising\Rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.13] [E:\、瑞星\防火墙\Rising\Rfw\rfwlog.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.12] [E:\、瑞星\防火墙\Rising\Rfw\Rfwdrv.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.41] [E:\、瑞星\防火墙\Rising\Rfw\psapi.dll] [Microsoft Corporation, 4.00] [E:\、瑞星\防火墙\Rising\Rfw\ijt_ctrl.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.0] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [E:\、瑞星\防火墙\Rising\Rfw\unvdet.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.5] [E:\、瑞星\防火墙\Rising\Rfw\mPorts.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.3] [PID: 1416 / SYSTEM][E:\、瑞星\防火墙\Rising\Rfw\rfwProxy.exe] [Beijing Rising Technology Co., Ltd., 7.0.0.33] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [C:\Program Files\Samsung\Samsung PC Studio 3\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [E:\、瑞星\防火墙\Rising\Rfw\psapi.dll] [Microsoft Corporation, 4.00] [E:\、瑞星\防火墙\Rising\Rfw\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [E:\、瑞星\防火墙\Rising\Rfw\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [E:\、瑞星\防火墙\Rising\Rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.13] [E:\、瑞星\防火墙\Rising\Rfw\urlrule.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 9] [C:\Program Files\Windows Media Player\comdm.dll] [Microsoft Corporation, 5, 2, 2939, 1432 (srv03_sp1_rtm.050733-1233)] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [E:\、瑞星\防火墙\Rising\Rfw\MonMid.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.4] [PID: 1520 / Administrator][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.17] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\mndhddwd.dll] [N/A, ] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\ptjhehlp.dll] [N/A, ] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\ozfydbyt.dll] [N/A, ] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\zywmfime.dll] [N/A, ] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\apsgdjba.dll] [N/A, ] [C:\WINDOWS\system32\oohxdbyt.dll] [N/A, ] [C:\WINDOWS\system32\yxcschlp.dll] [N/A, ] [C:\WINDOWS\system32\MMDXYBQE1034.dll] [N/A, ] [C:\WINDOWS\system32\pjjxddwd.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\opshbbty.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\Program Files\Windows Media Player\comdm.dll] [Microsoft Corporation, 5, 2, 2939, 1432 (srv03_sp1_rtm.050733-1233)] [C:\WINDOWS\system32\zycbdime.dll] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\lofsdjbo.dll] [N/A, ] [C:\WINDOWS\system32\yxfhcjpg.dll] [N/A, ] [C:\WINDOWS\system32\rijxbkin.dll] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\agxdqrbt.dll] [N/A, ] [D:\、迅雷\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.29] [D:\、迅雷\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96] [D:\、迅雷\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20] [D:\、迅雷\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [E:\、瑞星\杀毒软件\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [PID: 1748 / SYSTEM][E:\、瑞星\防火墙\Rising\Rfw\rfwstub.exe] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [E:\、瑞星\防火墙\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 1924 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 2024 / Administrator][E:\、瑞星\防火墙\Rising\Rfw\RfwMain.exe] [Beijing Rising Technology Co., Ltd., 7.0.1.65] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [E:\、瑞星\防火墙\Rising\Rfw\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\Program Files\Samsung\Samsung PC Studio 3\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [E:\、瑞星\防火墙\Rising\Rfw\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [E:\、瑞星\防火墙\Rising\Rfw\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [E:\、瑞星\防火墙\Rising\Rfw\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0] [E:\、瑞星\防火墙\Rising\Rfw\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16] [E:\、瑞星\防火墙\Rising\Rfw\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [E:\、瑞星\防火墙\Rising\Rfw\RfwCtrl.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.7] [E:\、瑞星\防火墙\Rising\Rfw\RsXML.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0] [E:\、瑞星\防火墙\Rising\Rfw\PngDll.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [E:\、瑞星\防火墙\Rising\Rfw\RfwRule.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.13] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\agxdqrbt.dll] [N/A, ] [PID: 1068 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 2612 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\System32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\System32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\System32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\System32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\System32\tisqatyu.dll] [N/A, ] [C:\Program Files\Windows Media Player\comdm.dll] [Microsoft Corporation, 5, 2, 2939, 1432 (srv03_sp1_rtm.050733-1233)] [PID: 2864 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\bb.exe] [N/A, ] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [PID: 3312 / Administrator][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5.1.0.39] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [PID: 3364 / Administrator][C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation, 3.0.0.4342] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4342] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4342] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4342] [C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4342] [C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 3.0.0.4342] [PID: 3420 / Administrator][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.4342] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 3.0.0.4342] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 3.0.0.4342] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 3.0.0.4342] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\igfxhk.dll] [Intel Corporation, 3.0.0.4342] [C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 3.0.0.4342] [PID: 3572 / Administrator][E:\、瑞星\上网助手\runiep.exe] [Beijing Rising Technology Co., Ltd., 5.0.0.16] [E:\、瑞星\上网助手\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [E:\、瑞星\上网助手\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\Program Files\Samsung\Samsung PC Studio 3\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\mndhddwd.dll] [N/A, ] [C:\WINDOWS\system32\ptjhehlp.dll] [N/A, ] [C:\WINDOWS\system32\ozfydbyt.dll] [N/A, ] [C:\WINDOWS\system32\zywmfime.dll] [N/A, ] [C:\WINDOWS\system32\apsgdjba.dll] [N/A, ] [C:\WINDOWS\system32\oohxdbyt.dll] [N/A, ] [C:\WINDOWS\system32\yxcschlp.dll] [N/A, ] [C:\WINDOWS\system32\MMDXYBQE1034.dll] [N/A, ] [C:\WINDOWS\system32\pjjxddwd.dll] [N/A, ] [C:\WINDOWS\system32\opshbbty.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [C:\WINDOWS\system32\lofsdjbo.dll] [N/A, ] [C:\WINDOWS\system32\yxfhcjpg.dll] [N/A, ] [C:\WINDOWS\system32\rijxbkin.dll] [N/A, ] [PID: 3652 / Administrator][E:\、瑞星\杀毒软件\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 20.0.0.23] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [E:\、瑞星\杀毒软件\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [E:\、瑞星\杀毒软件\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [E:\、瑞星\杀毒软件\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [E:\、瑞星\杀毒软件\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 20.0.0.0] [E:\、瑞星\杀毒软件\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [PID: 3660 / Administrator][C:\Program Files\GridService\peer.exe] [Mercury, 2, 0, 10, 7348] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\Program Files\Windows Media Player\comdm.dll] [Microsoft Corporation, 5, 2, 2939, 1432 (srv03_sp1_rtm.050733-1233)] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [PID: 3916 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [PID: 1188 / Administrator][E:\、瑞星\杀毒软件\Rising\Rav\Rav.exe] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 71] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\WINDOWS\system32\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 18] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [E:\、瑞星\杀毒软件\Rising\Rav\ProcCom.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [E:\、瑞星\杀毒软件\Rising\Rav\RsCommX2.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19] [E:\、瑞星\杀毒软件\Rising\Rav\Rsguilib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 89] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Samsung\Samsung PC Studio 3\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [E:\、瑞星\杀毒软件\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0] [E:\、瑞星\杀毒软件\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4] [E:\、瑞星\杀毒软件\Rising\Rav\RsCommon.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [E:\、瑞星\杀毒软件\Rising\Rav\ravpagem.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 1, 5] [E:\、瑞星\杀毒软件\Rising\Rav\htmllib.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16] [C:\Program Files\Windows Media Player\comdm.dll] [Microsoft Corporation, 5, 2, 2939, 1432 (srv03_sp1_rtm.050733-1233)] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.17] [C:\WINDOWS\system32\mndhddwd.dll] [N/A, ] [C:\WINDOWS\system32\ptjhehlp.dll] [N/A, ] [C:\WINDOWS\system32\ozfydbyt.dll] [N/A, ] [C:\WINDOWS\system32\zywmfime.dll] [N/A, ] [C:\WINDOWS\system32\apsgdjba.dll] [N/A, ] [C:\WINDOWS\system32\oohxdbyt.dll] [N/A, ] [C:\WINDOWS\system32\yxcschlp.dll] [N/A, ] [C:\WINDOWS\system32\MMDXYBQE1034.dll] [N/A, ] [C:\WINDOWS\system32\pjjxddwd.dll] [N/A, ] [C:\WINDOWS\system32\opshbbty.dll] [N/A, ] [C:\WINDOWS\system32\zycbdime.dll] [N/A, ] [C:\WINDOWS\system32\lofsdjbo.dll] [N/A, ] [C:\WINDOWS\system32\yxfhcjpg.dll] [N/A, ] [C:\WINDOWS\system32\rijxbkin.dll] [N/A, ] [C:\WINDOWS\system32\agxdqrbt.dll] [N/A, ] [E:\、瑞星\杀毒软件\Rising\Rav\ravpagew.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 87] [E:\、瑞星\杀毒软件\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.0] [E:\、瑞星\杀毒软件\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.16] [E:\、瑞星\杀毒软件\Rising\Rav\fakescan.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.13] [E:\、瑞星\杀毒软件\Rising\Rav\Scanner.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.36] [E:\、瑞星\杀毒软件\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.4] [E:\、瑞星\杀毒软件\Rising\Rav\SysMail.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.10] [E:\、瑞星\杀毒软件\Rising\Rav\recomp.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39] [E:\、瑞星\杀毒软件\Rising\Rav\refs.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17] [E:\、瑞星\杀毒软件\Rising\Rav\viruslib.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26] [E:\、瑞星\杀毒软件\Rising\Rav\relibldr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [E:\、瑞星\杀毒软件\Rising\Rav\mvengine.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16] [E:\、瑞星\杀毒软件\Rising\Rav\posttrt.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18] [E:\、瑞星\杀毒软件\Rising\Rav\ffr.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 14] [E:\、瑞星\杀毒软件\Rising\Rav\nvfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6] [E:\、瑞星\杀毒软件\Rising\Rav\scanexec.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17] [E:\、瑞星\杀毒软件\Rising\Rav\unexe.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4] [E:\、瑞星\杀毒软件\Rising\Rav\scanex.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 73] [E:\、瑞星\杀毒软件\Rising\Rav\pearc.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5] [E:\、瑞星\杀毒软件\Rising\Rav\extfile.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29] [E:\、瑞星\杀毒软件\Rising\Rav\RsLog.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.34] [E:\、瑞星\杀毒软件\Rising\Rav\scanpack.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9] [E:\、瑞星\杀毒软件\Rising\Rav\revm.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8] [E:\、瑞星\杀毒软件\Rising\Rav\urutils.dll] [, 20, 0, 0, 6] [E:\、瑞星\杀毒软件\Rising\Rav\ur000.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18] [E:\、瑞星\杀毒软件\Rising\Rav\scriptci.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3] [E:\、瑞星\杀毒软件\Rising\Rav\ur001.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3] [E:\、瑞星\杀毒软件\Rising\Rav\extmail.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9] [E:\、瑞星\杀毒软件\Rising\Rav\extole.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 12] [E:\、瑞星\杀毒软件\Rising\Rav\scansct.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9] [E:\、瑞星\杀毒软件\Rising\Rav\uroutine.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26] [E:\、瑞星\杀毒软件\Rising\Rav\RsStore.dll] [Beijing Rising Technology Co., Ltd., 20.0.0.8] [E:\、瑞星\杀毒软件\Rising\Rav\ur023.dat] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 1] [PID: 2460 / Administrator][D:\、Qq\TT\TTraveler.exe] [腾讯公司, 3, 3, 200, 290] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [D:\、Qq\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll] [腾讯公司, 1, 1, 0, 5] [D:\、Qq\TT\Plugins\TWeather\TWeather.dll] [, 1, 0, 0, 3] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\agxdqrbt.dll] [N/A, ] [D:\、Qq\TT\TTNetFavor.dll] [N/A, ] [C:\Program Files\Windows Media Player\comdm.dll] [Microsoft Corporation, 5, 2, 2939, 1432 (srv03_sp1_rtm.050733-1233)] [E:\、瑞星\杀毒软件\Rising\Rav\RavScrCh.dll] [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 3.3.0.0] [C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx] [Adobe Systems, Inc., 9,0,115,0] [D:\、迅雷\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 96] [C:\WINDOWS\system32\mndhddwd.dll] [N/A, ] [C:\WINDOWS\system32\ptjhehlp.dll] [N/A, ] [C:\WINDOWS\system32\ozfydbyt.dll] [N/A, ] [C:\WINDOWS\system32\zywmfime.dll] [N/A, ] [C:\WINDOWS\system32\apsgdjba.dll] [N/A, ] [C:\WINDOWS\system32\oohxdbyt.dll] [N/A, ] [C:\WINDOWS\system32\yxcschlp.dll] [N/A, ] [C:\WINDOWS\system32\MMDXYBQE1034.dll] [N/A, ] [C:\WINDOWS\system32\pjjxddwd.dll] [N/A, ] [C:\WINDOWS\system32\opshbbty.dll] [N/A, ] [C:\WINDOWS\system32\zycbdime.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [C:\WINDOWS\system32\lofsdjbo.dll] [N/A, ] [C:\WINDOWS\system32\yxfhcjpg.dll] [N/A, ] [C:\WINDOWS\system32\rijxbkin.dll] [N/A, ] [PID: 916 / Administrator][C:\Program Files\Samsung\Samsung PC Studio 3\Launcher.exe] [, 3, 6, 10, 26] [C:\Program Files\Samsung\Samsung PC Studio 3\ConMgrC.dll] [Samsung Electronics Co., Ltd., 4, 0, 0, 621] [C:\Program Files\Samsung\Samsung PC Studio 3\MFC71LU.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Samsung\Samsung PC Studio 3\MSLUR71.dll] [MobileLeader, Inc., 7.10.0000] [C:\Program Files\Samsung\Samsung PC Studio 3\PXImage.dll] [Pizzolato Davide - www.xdp.it, 5, 9, 9, 5] [C:\Program Files\Samsung\Samsung PC Studio 3\XTP9601LibL.dll] [Codejock Software, 9, 6, 0, 1] [C:\Program Files\Samsung\Samsung PC Studio 3\SecTheme.dll] [N/A, ] [C:\Program Files\Samsung\Samsung PC Studio 3\MSLUP71.dll] [MobileLeader, Inc., 7.10.0000] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\Program Files\Samsung\Samsung PC Studio 3\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\Program Files\Samsung\Samsung PC Studio 3\LCRes.dll] [, 3, 7, 6, 7] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\agxdqrbt.dll] [N/A, ] [PID: 3060 / Administrator][C:\WINDOWS\system32\wuauclt.exe] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [E:\、瑞星\防火墙\Rising\Rfw\ijt_base.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.10] [E:\、瑞星\防火墙\Rising\Rfw\olemon.dll] [Beijing Rising Technology Co., Ltd., 7.0.0.6] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\wups2.dll] [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [PID: 3904 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX04.765\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\WINDOWS\system32\agxdqrbt.dll] [N/A, ] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX04.765\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\Program Files\Windows Media Player\comdm.dll] [Microsoft Corporation, 5, 2, 2939, 1432 (srv03_sp1_rtm.050733-1233)] [PID: 3300 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX06.125\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\WINDOWS\system32\tisqatyu.dll] [N/A, ] [C:\WINDOWS\system32\nhmxajkl.dll] [N/A, ] [C:\WINDOWS\system32\msoscqit00.dll] [N/A, ] [C:\WINDOWS\system32\msosjtio00.dll] [N/A, ] [C:\WINDOWS\system32\msosfmsq00.dll] [N/A, ] [C:\Program Files\Internet Explorer\PLUGINS\WinSys48.Sys] [N/A, ] [C:\WINDOWS\system32\midimapqn3.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapjr.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimaptl.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapms.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapwd.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapcq.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapmy.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzt.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\midimapzx.dll] [Microsoft Corporation, 5, 1, 2600, 3119] [C:\WINDOWS\system32\SysDaJHv.dll] [Microsoft Corporation, 5.1.2600.3099] [C:\WINDOWS\system32\zdesfx.dll] [N/A, ] [C:\WINDOWS\system32\wyrsdj.dll] [N/A, ] [C:\WINDOWS\system32\hfrdzx.dll] [N/A, ] [C:\WINDOWS\system32\wfrdvq.dll] [N/A, ] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX06.125\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\WINDOWS\system32\agxdqrbt.dll] [N/A, ] [C:\Program Files\Windows Media Player\comdm.dll] [Microsoft Corporation, 5, 2, 2939, 1432 (srv03_sp1_rtm.050733-1233)] ================================== 文件关联 .TXT Error. [C:\WINDOWS\notepad.exe %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 MSAFD Tcpip [TCP/IP] C:\Program Files\Windows Media Player\comdm.dll(Microsoft Corporation, Microsoft Windows Sockets 2.0 Service Provider) ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost 127.0.0.1 yu.8s7.net 127.0.0.1 1.jopanqc.com 127.0.0.1 2.joppnqq.com 127.0.0.1 wg.47255.com 127.0.0.1 1.joppnqq.com 127.0.0.1 xxx.m111.biz 127.0.0.1 1.jopenqc.com 127.0.0.1 1.jopenkk.com 127.0.0.1 xxx.vh7.biz 127.0.0.1 xxx.j41m.com 127.0.0.1 3.joppnqq.com 127.0.0.1 d.93se.com 127.0.0.1 www.868wg.com 127.0.0.1 xxx.mmma.biz 127.0.0.1 ilove.com 127.0.0.1 tp.shpzhan.cn 127.0.0.1 www.tomwg.com 127.0.0.1 www.cike007.cn 127.0.0.1 www.22aaa.com 127.0.0.1 xx.exiao01.com 127.0.0.1 www.exiao01.com 127.0.0.1 www.exiao01.com 127.0.0.1 new.749571.com 127.0.0.1 xtx.kv8.info 127.0.0.1 cao.kv8.info 127.0.0.1 1.jopmmqq.com 127.0.0.1 171817.171817.com 127.0.0.1 d2.llsging.com 127.0.0.1 down.malasc.cn 127.0.0.1 llboss.com 127.0.0.1 nx.51ylb.cn 127.0.0.1 my.531jx.cn 127.0.0.1 qqq.dzydhx.com 127.0.0.1 qqq.hao1658.com 127.0.0.1 www.333292.com 127.0.0.1 down.18dd.net 127.0.0.1 up.22x44.com 127.0.0.1 aaa.faba01.com 127.0.0.1 bad.tqdlt.cn 127.0.0.1 1.chsipo.com 127.0.0.1 c3.aishangai.net 127.0.0.1 c2.aishangai.net 127.0.0.1 xxx.188dm.com 127.0.0.1 x2.1a2b3c1.com 127.0.0.1 d1.163500.net 127.0.0.1 down.google-serv.cn ================================== 进程特权扫描特殊特权被允许： SeDebugPrivilege [PID = 1520, C:\WINDOWS\EXPLORER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1520, C:\WINDOWS\EXPLORER.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2864, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\BB.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 3572, E:\、瑞星\上网助手\RUNIEP.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3572, E:\、瑞星\上网助手\RUNIEP.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 3660, C:\PROGRAM FILES\GRIDSERVICE\PEER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3660, C:\PROGRAM FILES\GRIDSERVICE\PEER.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2460, D:\、QQ\TT\TTRAVELER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2460, D:\、QQ\TT\TTRAVELER.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 916, C:\PROGRAM FILES\SAMSUNG\SAMSUNG PC STUDIO 3\LAUNCHER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 916, C:\PROGRAM FILES\SAMSUNG\SAMSUNG PC STUDIO 3\LAUNCHER.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 2800, C:\PROGRAM FILES\SAMSUNG\SAMSUNG PC STUDIO 3\CONMGR.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 2800, C:\PROGRAM FILES\SAMSUNG\SAMSUNG PC STUDIO 3\CONMGR.EXE] 特殊特权被允许： SeDebugPrivilege [PID = 3904, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\RAR$EX04.765\SRENGPS.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3904, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\RAR$EX04.765\SRENGPS.EXE] ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]