[CODE]

2008-06-15,11:02:50

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <360Antiarp><D:\杀毒软件\360防火墙\360safe\antiarp\AntiArp.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <360Safetray><D:\杀毒软件\360防火墙\360safe\safemon\360Tray.exe /start>  [(Verified)Qizhi Software (beijing) Co. Ltd]
    <RavTask><"D:\杀毒软件\瑞星\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Windows Hardware Compatibility Publisher]
    <RfwMain><"D:\杀毒软件\防火墙\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)BEIJING RISING SCIENCE AND TECHNOLOGY CORPORATION LIMITED]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [Beijing Rising Technology Co., Ltd.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><C:\WINDOWS\system32\webcheck.dll>  [(Verified)Microsoft Windows Component Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
    <UPnPMonitor><C:\WINDOWS\system32\upnpui.dll>  [(Verified)Microsoft Windows XP Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
    <WinlogonNotify: Schedule><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}]
    <IE7 Uninstall Stub><C:\WINDOWS\system32\ieudinit.exe>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{D9FCD29C-7E14-4AF4-A935-B1321815EDEE}]
    <自定义浏览器><RunDLL32 IEDKCS32.DLL,BrandIE4 CUSTOM>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}]
    <Internet Explorer><C:\WINDOWS\system32\ie4uinit.exe -BaseSettings>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <N/A><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [Microsoft Corporation]

==================================
启动文件夹
N/A

==================================
服务
[ASP.NET State Service / aspnet_state][Stopped/Manual Start]
  <C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe><Microsoft Corporation>
[Autodesk Licensing Service / Autodesk Licensing Service][Stopped/Manual Start]
  <"C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe"><Autodesk>
[Contrl Center of Storm Media / ccosm][Stopped/Disabled]
  <E:\暴风影音\stormliv.exe /asservice><北京暴风网际科技有限公司>
[RaySat_3dsmax8 Server / mi-raysat_3dsmax8][Stopped/Disabled]
  <"C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe"><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
  <D:\杀毒软件\防火墙\Rising\Rfw\rfwProxy.exe><Beijing Rising Technology Co., Ltd.>
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
  <D:\杀毒软件\防火墙\Rising\Rfw\rfwsrv.exe><Beijing Rising Technology Co., Ltd.>
[Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Disabled]
  <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"><N/A>
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
  <"D:\杀毒软件\瑞星\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"D:\杀毒软件\瑞星\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[360AntiArp / 360AntiArp][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys><360安全中心>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[AMD Processor Driver / AmdK8][Running/System Start]
  <System32\drivers\amdk8.sys><Advanced Micro Devices>
[AMD Low Level Device Driver / AmdLLD][Running/Manual Start]
  <system32\DRIVERS\AmdLLD.sys><AMD, Inc.>
[BIOS / BIOS][Running/System Start]
  <\??\C:\WINDOWS\system32\drivers\BIOS.sys><BIOSTAR Group>
[ENTECH / ENTECH][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys><EnTech Taiwan>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[giveio / giveio][Running/Boot Start]
  <\SystemRoot\system32\giveio.sys><N/A>
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[HookUrl / HookUrl][Running/Auto Start]
  <\??\D:\杀毒软件\防火墙\Rising\Rfw\HookUrl.sys><Beijing Rising Technology Co., Ltd.>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[JMicron Hot-Plug Driver / JGOGO][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\JGOGO.sys><JMicron>
[JRAID / JRAID][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\jraid.sys><JMicron Technology Corp.>
[mv61xx / mv61xx][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\mv61xx.sys><Marvell Semiconductor, Inc.>
[NetGroup Packet Filter Driver / NPF][Stopped/Manual Start]
  <system32\drivers\npf.sys><Politecnico di Torino>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[NVIDIA nForce RAID Driver / nvrd32][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvrd32.sys><NVIDIA Corporation>
[DDK PACKET Protocol / Packet][Running/Manual Start]
  <system32\DRIVERS\ProtoDrv.sys><360安全中心>
[Padus ASPI Shell / pfc][Running/Manual Start]
  <system32\drivers\pfc.sys><Padus, Inc.>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
  <System32\DRIVERS\rfwbase.SYS><Beijing Rising Technology Co., Ltd.>
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
  <\SystemRoot\system32\drivers\RsBoot.sys><Beijing Rising Technology Co., Ltd.>
[RsFwDrv / RsFwDrv][Running/System Start]
  <\??\D:\杀毒软件\防火墙\Rising\Rfw\RsFwDrv.sys><Beijing Rising Technology Co., Ltd.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.>
[SATALink driver accelerator / SiFilter][Stopped/Disabled]
  <\SystemRoot\system32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[speedfan / speedfan][Stopped/Boot Start]
  <\SystemRoot\system32\speedfan.sys><Windows (R) Server 2003 DDK provider>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[viamraid / viamraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[Virtual Drive / VirtualDrive][Stopped/Manual Start]
  <\??\C:\Program Files\Virtual Drive Manager\vdd-x86.sys><Towodo Software>
[WINIO / WINIO][Stopped/Manual Start]
  <\??\C:\Program Files\MagicPanel\PMReader.sys><N/A>
[NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start]
  <system32\DRIVERS\yk51x86.sys><Marvell>

==================================
浏览器加载项
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\杀毒软件\360防火墙\360safe\safemon\safemon.dll, 360.CN>
[启动迅雷5]
  {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <D:\迅雷\Thunder.exe, Thunder Networking Technologies,LTD>
[赖子山庄]
  {DB7EF88E-5BBE-42A2-80A4-AD515FF0A6CB} <E:\癞子\赖子山庄.exe, arcst>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[System Requirements Lab Class]
  {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} <C:\WINDOWS\Downloaded Program Files\sysreqlab2.dll, Husdawg, LLC>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <D:\迅雷\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[GerneralPeerID Class]
  {0A47E819-F82E-4D5D-B806-6A9EA94D68CD} <D:\迅雷\Components\InMedia\peerid.dll, >
[Windows Media Player]
  {22D6F312-B0F6-11D0-94AB-0080C74C7E95} <C:\WINDOWS\system32\wmpdxm.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[XML DOM Document]
  {2933BF90-7B36-11D2-B20E-00C04F983E60} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <D:\迅雷\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[HHCtrl Object]
  {52A2AAAE-085D-4187-97EA-8C30DB990436} <C:\WINDOWS\system32\hhctrl.ocx, Microsoft Corporation>
[XMP Class]
  {6483F145-A768-4C41-AACC-52D4D7845851} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work, >
[System Requirements Lab Class]
  {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} <C:\WINDOWS\Downloaded Program Files\sysreqlab2.dll, Husdawg, LLC>
[XDRM]
  {693571CB-54A3-4E90-9D52-EEAE1334E2D3} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work, >
[StormPlayer Object]
  {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB} <E:\暴风影音\mps.dll, 北京暴风网际科技有限公司>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Active Desktop Mover]
  {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, N/A>
[MediaComm Class]
  {7670648D-461B-42AF-BDFE-46D26AF5EFF2} <D:\迅雷\Components\InMedia\MediaAddin16.dll, Thunder Networking Technologies,LTD>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <D:\杀毒软件\360防火墙\360safe\live.dll, 360.cn>
[Microsoft Web Browser]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\ieframe.dll, Microsoft Corporation>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <D:\迅雷\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[XML DOM 文档 5.0]
  {88D969E5-F192-11D4-A65F-0040963251E5} <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL, Microsoft Corporation>
[RMGetLicense Class]
  {A9FC132B-096D-460B-B7D5-1DB0FAE0C062} <C:\WINDOWS\system32\msnetobj.dll, Microsoft Corporation>
[Thunder DapCtrl]
  {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.1.6.5710.37.644.dll, N/A>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <D:\杀毒软件\360防火墙\360safe\safemon\safemon.dll, 360.CN>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx, Adobe Systems, Inc.>
[卡卡上网安全助手]
  {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} <C:\WINDOWS\system32\kakatool.dll, Beijing Rising Technology Co., Ltd.>
[Thunder DapPlayer]
  {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} <D:\迅雷\Components\DownAndPlay\DapPlayer3.0.578.69.208.dll, ShenZhen Thunder Networking Technologies Ltd.>
[XPPlayer Class]
  {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\pplayer.dll_1_work, Thunder>
[XML DOM Document 3.0]
  {F5078F32-C551-11D3-89B9-0000F81FE221} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[XML HTTP]
  {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <C:\WINDOWS\system32\msxml3.dll, Microsoft Corporation>
[&U使用纳米机器人下载并收藏]
  <D:\下载器\NamiRobot\Data\du.html, N/A>
[使用迅雷下载]
  <D:\迅雷\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <D:\迅雷\Program\getallurl.htm, N/A>
[添加到QQ表情]
  <D:\Program Files\Tencent\QQ2008\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 700 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 772 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sxs.dll]  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 796 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 840 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 852 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1016 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1084 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1180 / SYSTEM][D:\杀毒软件\瑞星\Rising\Rav\CCenter.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.28]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1196 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\System32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)]
    [C:\WINDOWS\System32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1280 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1392 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 1472 / SYSTEM][D:\杀毒软件\瑞星\RISING\RAV\ravmond.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.76]
    [D:\杀毒软件\瑞星\RISING\RAV\BWList.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.4]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\杀毒软件\瑞星\RISING\RAV\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [D:\杀毒软件\瑞星\RISING\RAV\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [D:\杀毒软件\瑞星\RISING\RAV\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.35]
    [D:\杀毒软件\瑞星\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\瑞星\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\瑞星\RISING\RAV\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [D:\杀毒软件\瑞星\RISING\RAV\Hooksys.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 9]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [D:\杀毒软件\瑞星\RISING\RAV\HookReg.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 4]
    [D:\杀毒软件\瑞星\RISING\RAV\HookNtos.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 2]
    [D:\杀毒软件\瑞星\RISING\RAV\rswalmon.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 22]
    [D:\杀毒软件\瑞星\RISING\RAV\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39]
    [D:\杀毒软件\瑞星\RISING\RAV\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [D:\杀毒软件\瑞星\RISING\RAV\ffr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 15]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\瑞星\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.8]
    [D:\杀毒软件\瑞星\RISING\RAV\HookCont.dll]  [Beijing Rising Technology Co., Ltd, 22, 0, 0, 1]
    [D:\杀毒软件\瑞星\Rising\Rav\fakescan.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.13]
    [D:\杀毒软件\瑞星\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.36]
    [D:\杀毒软件\瑞星\RISING\RAV\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [D:\杀毒软件\瑞星\RISING\RAV\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\瑞星\RISING\RAV\HookWeb.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.2]
    [D:\杀毒软件\瑞星\RISING\RAV\extfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 29]
    [D:\杀毒软件\瑞星\RISING\RAV\pearc.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [D:\杀毒软件\瑞星\RISING\RAV\nvfile.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 6]
    [D:\杀毒软件\瑞星\RISING\RAV\scanexec.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\瑞星\RISING\RAV\unexe.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 5]
    [D:\杀毒软件\瑞星\RISING\RAV\scanex.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 77]
    [D:\杀毒软件\瑞星\RISING\RAV\scanpack.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [D:\杀毒软件\瑞星\RISING\RAV\revm.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 8]
    [D:\杀毒软件\瑞星\RISING\RAV\urutils.dll]  [, 20, 0, 0, 6]
    [D:\杀毒软件\瑞星\RISING\RAV\ur000.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 18]
    [D:\杀毒软件\瑞星\RISING\RAV\scriptci.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [D:\杀毒软件\瑞星\RISING\RAV\ur023.dat]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 1]
    [D:\杀毒软件\瑞星\RISING\RAV\uroutine.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [D:\杀毒软件\瑞星\RISING\RAV\scansct.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
    [D:\杀毒软件\瑞星\RISING\RAV\extmail.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 9]
[PID: 1488 / SYSTEM][D:\杀毒软件\防火墙\Rising\Rfw\rfwsrv.exe]  [Beijing Rising Technology Co., Ltd., 7.0.0.68]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\杀毒软件\防火墙\Rising\Rfw\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\防火墙\Rising\Rfw\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\防火墙\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [D:\杀毒软件\防火墙\Rising\Rfw\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [D:\杀毒软件\防火墙\Rising\Rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.13]
    [D:\杀毒软件\防火墙\Rising\Rfw\rfwlog.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.12]
    [D:\杀毒软件\防火墙\Rising\Rfw\Rfwdrv.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.41]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_ctrl.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.0]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [D:\杀毒软件\防火墙\Rising\Rfw\unvdet.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.5]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\mPorts.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.3]
[PID: 1568 / SYSTEM][D:\杀毒软件\防火墙\Rising\Rfw\rfwProxy.exe]  [Beijing Rising Technology Co., Ltd., 7.0.0.33]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\杀毒软件\防火墙\Rising\Rfw\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\防火墙\Rising\Rfw\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\防火墙\Rising\Rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.13]
    [D:\杀毒软件\防火墙\Rising\Rfw\urlrule.dll]  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 9]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [D:\杀毒软件\防火墙\Rising\Rfw\MonMid.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.4]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1812 / SYSTEM][D:\杀毒软件\防火墙\Rising\Rfw\rfwstub.exe]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [D:\杀毒软件\防火墙\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 232 / SYSTEM][D:\杀毒软件\瑞星\RISING\RAV\RavStub.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.9]
    [D:\杀毒软件\瑞星\RISING\RAV\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\瑞星\RISING\RAV\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\瑞星\RISING\RAV\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 256 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\AcSignIcon.dll]  [Autodesk, 16.2.54.0]
    [C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll]  [Autodesk, 16.2.54.0]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [D:\杀毒软件\360防火墙\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [D:\迅雷\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 96]
    [D:\迅雷\Components\ResWorker\DsBho_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 18]
    [D:\迅雷\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\SXS.DLL]  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.11.7516]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.11.7516]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.7516]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
[PID: 372 / Administrator][D:\杀毒软件\防火墙\Rising\Rfw\RfwMain.exe]  [Beijing Rising Technology Co., Ltd., 7.0.1.65]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\杀毒软件\防火墙\Rising\Rfw\RsGuiLib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
    [D:\杀毒软件\防火墙\Rising\Rfw\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\防火墙\Rising\Rfw\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\防火墙\Rising\Rfw\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [D:\杀毒软件\防火墙\Rising\Rfw\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [D:\杀毒软件\防火墙\Rising\Rfw\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [D:\杀毒软件\防火墙\Rising\Rfw\RfwCtrl.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.7]
    [D:\杀毒软件\防火墙\Rising\Rfw\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
    [D:\杀毒软件\防火墙\Rising\Rfw\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [D:\杀毒软件\防火墙\Rising\Rfw\RfwRule.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.13]
    [D:\杀毒软件\360防火墙\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
[PID: 504 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1172 / Administrator][D:\杀毒软件\360防火墙\360safe\antiarp\AntiArp.exe]  [360安全中心, 2, 0, 0, 1008]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\360防火墙\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
[PID: 1220 / Administrator][D:\杀毒软件\360防火墙\360safe\safemon\360Tray.exe]  [奇虎网, 4, 1, 8, 1002]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\360防火墙\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [D:\杀毒软件\360防火墙\360safe\safemon\SafeKrnl.dll]  [奇虎网, 4, 1, 8, 1001]
    [D:\杀毒软件\360防火墙\360safe\AntiAdwa.dll]  [360Safe.com, 4, 1, 5, 1001]
[PID: 1240 / Administrator][D:\杀毒软件\瑞星\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.23]
    [D:\杀毒软件\瑞星\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\瑞星\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\瑞星\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [D:\杀毒软件\瑞星\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [D:\杀毒软件\瑞星\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1316 / Administrator][D:\杀毒软件\瑞星\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 20.0.01.19]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\杀毒软件\瑞星\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\瑞星\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\杀毒软件\瑞星\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [D:\杀毒软件\瑞星\Rising\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 39]
    [D:\杀毒软件\瑞星\Rising\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 17]
    [D:\杀毒软件\瑞星\Rising\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 26]
    [D:\杀毒软件\瑞星\Rising\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [D:\杀毒软件\瑞星\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [D:\杀毒软件\瑞星\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.16]
    [D:\杀毒软件\瑞星\Rising\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.29]
    [D:\杀毒软件\瑞星\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\360防火墙\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [D:\杀毒软件\瑞星\Rising\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 89]
    [D:\杀毒软件\瑞星\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
[PID: 1360 / Administrator][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [D:\杀毒软件\360防火墙\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
[PID: 1692 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.11.7516]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.7516]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 2688 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3536 / SYSTEM][C:\WINDOWS\system32\wuauclt.exe]  [Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
[PID: 3776 / Administrator][D:\杀毒软件\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [D:\杀毒软件\防火墙\Rising\Rfw\ijt_base.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.10]
    [D:\杀毒软件\防火墙\Rising\Rfw\olemon.dll]  [Beijing Rising Technology Co., Ltd., 7.0.0.6]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\360防火墙\360safe\safemon\safemon.dll]  [360.CN, 4, 1, 5, 1002]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\杀毒软件\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]

==================================
文件关联
.TXT  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  OK. ["C:\WINDOWS\hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS   OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1       localhost
127.0.0.1 c0mo.com
127.0.0.1 gxgxy.net
127.0.0.1 fg.pvs360.com
127.0.0.1 cw.pvs360.com
127.0.0.1 ta.pvs360.com
127.0.0.1 dl.pvs360.com
127.0.0.1 ok.sl8cjs.cn
127.0.0.1 nc.mskess.com
127.0.0.1 idc.windowsupdeta.cn
127.0.0.1 pvs360.com
127.0.0.1 sl8cjs.cn
127.0.0.1 windowsupdeta.cn
127.0.0.1 up.22x44.com
127.0.0.1 my.531jx.cn
127.0.0.1 nx.51ylb.cn
127.0.0.1 llboss.com
127.0.0.1 down.malasc.cn
127.0.0.1 d2.llsging.com
127.0.0.1 171817.171817.com
127.0.0.1 wg.47255.com
127.0.0.1 www.tomwg.com
127.0.0.1 tp.shpzhan.cn
127.0.0.1 1.joppnqq.com
127.0.0.1 xx.exiao01.com
127.0.0.1 www.22aaa.com
127.0.0.1 ilove.com
127.0.0.1 xxx.mmma.biz
127.0.0.1 www.868wg.com
127.0.0.1 2.joppnqq.com
127.0.0.1 1.jopanqc.com
127.0.0.1 yu.8s7.net
127.0.0.1 1.jopmmqq.com
127.0.0.1 cao.kv8.info
127.0.0.1 xtx.kv8.info
127.0.0.1 new.749571.com
127.0.0.1 xxx.vh7.biz
127.0.0.1 1.jopenkk.com
127.0.0.1 d.93se.com
127.0.0.1 3.joppnqq.com
127.0.0.1 xxx.j41m.com
127.0.0.1 1.jopenqc.com
127.0.0.1 xxx.m111.biz
127.0.0.1 down.18dd.net
127.0.0.1 www.333292.com
127.0.0.1 qqq.hao1658.com
127.0.0.1 qqq.dzydhx.com
127.0.0.1 www.exiao01.com
127.0.0.1 www.cike007.cn

==================================
进程特权扫描
N/A

==================================
API HOOK
入口点错误：CreateProcessA (危险等级: 高,  被下面模块所HOOK: 0x010E1FFD)
入口点错误：CreateProcessW (危险等级: 高,  被下面模块所HOOK: 0x010E20E5)

==================================
隐藏进程
N/A

==================================


[/CODE]