Syscheck检测报告 1:当前进程模块情况: 第三方进程及模块 CCenter.exe=c:\program files\rising\rav\ccenter.exe [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [NOMS]c:\program files\rising\rav\ccenter.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\uxtheme.dll RavMonD.exe=c:\program files\rising\rav\ravmond.exe [NOMS]c:\program files\rising\rav\ur023.dat [NOMS]c:\program files\rising\rav\extmail.dll [NOMS]c:\program files\rising\rav\uroutine.dll [NOMS]c:\program files\rising\rav\scansct.dll [NOMS]c:\program files\rising\rav\ur001.dat [NOMS]c:\program files\rising\rav\scriptci.dll [NOMS]c:\program files\rising\rav\ur000.dat [NOMS]c:\program files\rising\rav\urutils.dll [NOMS]c:\program files\rising\rav\revm.dll [NOMS]c:\program files\rising\rav\scanpack.dll [NOMS]c:\program files\rising\rav\scanex.dll [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [NOMS]c:\program files\rising\rav\unexe.dll [NOMS]c:\program files\rising\rav\pearc.dll [NOMS]c:\program files\rising\rav\scanexec.dll [NOMS]c:\program files\rising\rav\extfile.dll [NOMS]c:\program files\rising\rav\nvfile.dll [NOMS]c:\program files\rising\rav\hookweb.dll [NOMS]c:\windows\system32\hanwangp.ime [NOMS]c:\program files\rising\rav\relibldr.dll [NOMS]c:\program files\rising\rav\viruslib.dll [NOMS]c:\program files\rising\rav\scanner.dll [NOMS]c:\program files\rising\rav\fakescan.dll [NOMS]c:\program files\rising\rav\hookcont.dll [NOMS]c:\program files\rising\rav\rsstore.dll [NOMS]c:\program files\rising\rav\ffr.dll [NOMS]c:\program files\rising\rav\refs.dll [NOMS]c:\program files\rising\rav\recomp.dll [NOMS]c:\program files\rising\rav\rswalmon.dll [NOMS]c:\program files\rising\rav\hookntos.dll [NOMS]c:\program files\rising\rav\hookreg.dll [NOMS]c:\program files\rising\rav\hooksys.dll [NOMS]c:\program files\rising\rav\monrule.dll [NOMS]c:\program files\rising\rav\rscommx2.dll [NOMS]c:\program files\rising\rav\proccom.dll [NOMS]c:\program files\rising\rav\rslog.dll [NOMS]c:\program files\rising\rav\cfgdll.dll [NOMS]c:\program files\rising\rav\rsappmgr.dll [NOMS]c:\program files\rising\rav\bwlist.dll [NOMS]c:\program files\rising\rav\ravmond.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\mfc71.dll [MS]c:\windows\system32\msvcr71.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\msvcp71.dll [MS]c:\windows\system32\wsock32.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\mfc71chs.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\sfc.dll [MS]c:\windows\system32\sfc_os.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\msctfime.ime [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\wtsapi32.dll [MS]c:\windows\system32\winsta.dll [MS]c:\windows\system32\netapi32.dll rfwsrv.exe=c:\program files\rising\rfw\rfwsrv.exe [NOMS]c:\program files\rising\rfw\mports.dll [NOMS]c:\program files\rising\rfw\unvdet.dll [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [NOMS]c:\program files\rising\rfw\ijt_ctrl.dll [NOMS]c:\program files\rising\rfw\rfwdrv.dll [NOMS]c:\program files\rising\rfw\rfwlog.dll [NOMS]c:\program files\rising\rfw\rfwrule.dll [NOMS]c:\program files\rising\rfw\cfgdll.dll [NOMS]c:\program files\rising\rfw\rsappmgr.dll [NOMS]c:\program files\rising\rfw\rscommx2.dll [NOMS]c:\program files\rising\rfw\proccom.dll [NOMS]c:\program files\rising\rfw\rfwsrv.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\mfc71.dll [MS]c:\windows\system32\msvcr71.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\msvcp71.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\mfc71chs.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\psapi.dll [MS]c:\windows\system32\sfc.dll [MS]c:\windows\system32\sfc_os.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\perfproc.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\xpsp2res.dll rfwProxy.exe=c:\program files\rising\rfw\rfwproxy.exe [NOMS]c:\program files\rising\rfw\monmid.dll [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [NOMS]c:\program files\rising\rfw\urlrule.dll [NOMS]c:\program files\rising\rfw\rfwrule.dll [NOMS]c:\program files\rising\rfw\rscommx2.dll [NOMS]c:\program files\rising\rfw\proccom.dll [NOMS]c:\program files\rising\rfw\rfwproxy.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\mfc71.dll [MS]c:\windows\system32\msvcr71.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\mfc71chs.dll [MS]c:\windows\system32\psapi.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\perfproc.dll RavStub.exe=c:\program files\rising\rav\ravstub.exe [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [NOMS]c:\program files\rising\rav\rscommon.dll [NOMS]c:\program files\rising\rav\rscommx2.dll [NOMS]c:\program files\rising\rav\proccom.dll [NOMS]c:\program files\rising\rav\ravstub.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll rfwstub.exe=c:\program files\rising\rfw\rfwstub.exe [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [NOMS]c:\program files\rising\rfw\rscommon.dll [NOMS]c:\program files\rising\rfw\rfwstub.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\msvcp71.dll [MS]c:\windows\system32\msvcr71.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\shell32.dll rfwmain.exe=c:\program files\rising\rfw\rfwmain.exe [NOMS]c:\program files\rising\rfw\rfwrule.dll [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [NOMS]c:\program files\rising\rfw\pngdll.dll [NOMS]c:\program files\rising\rfw\rsxml.dll [NOMS]c:\program files\rising\rfw\rfwctrl.dll [NOMS]c:\program files\rising\rfw\rscommon.dll [NOMS]c:\program files\rising\rfw\cfgdll.dll [NOMS]c:\program files\rising\rfw\rsappmgr.dll [NOMS]c:\program files\rising\rfw\rscommx2.dll [NOMS]c:\program files\rising\rfw\proccom.dll [NOMS]c:\program files\rising\rfw\rsguilib.dll [NOMS]c:\program files\rising\rfw\rfwmain.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\mfc71.dll [MS]c:\windows\system32\msvcr71.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\msvcp71.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\mfc71chs.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\rsaenh.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\perfproc.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\cryptnet.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\winhttp.dll [MS]c:\windows\system32\sensapi.dll nvsvc32.exe=c:\windows\system32\nvsvc32.exe [NOMS]c:\windows\system32\nvsvc32.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\powrprof.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\wtsapi32.dll [MS]c:\windows\system32\winsta.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\msctfime.ime [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\msv1_0.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\apphelp.dll [MS]c:\windows\system32\version.dll RavTask.exe=c:\program files\rising\rav\ravtask.exe [NOMS]c:\program files\rising\rav\cfgdll.dll [NOMS]c:\program files\rising\rav\rsappmgr.dll [NOMS]c:\program files\rising\rav\rscommon.dll [NOMS]c:\program files\rising\rav\rscommx2.dll [NOMS]c:\program files\rising\rav\proccom.dll [NOMS]c:\program files\rising\rav\ravtask.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\apphelp.dll [MS]c:\windows\system32\msctfime.ime RavMon.exe=c:\program files\rising\rav\ravmon.exe [NOMS]c:\program files\rising\rav\rsxml.dll [NOMS]c:\program files\rising\rav\rsguilib.dll [NOMS]c:\program files\rising\rav\pngdll.dll [NOMS]c:\program files\rising\rav\monrule.dll [NOMS]c:\program files\rising\rav\cfgdll.dll [NOMS]c:\program files\rising\rav\rsappmgr.dll [NOMS]c:\program files\rising\rav\relibldr.dll [NOMS]c:\program files\rising\rav\viruslib.dll [NOMS]c:\program files\rising\rav\refs.dll [NOMS]c:\program files\rising\rav\recomp.dll [NOMS]c:\program files\rising\rav\rscommon.dll [NOMS]c:\program files\rising\rav\rscommx2.dll [NOMS]c:\program files\rising\rav\proccom.dll [NOMS]c:\program files\rising\rav\ravmon.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\mfc71.dll [MS]c:\windows\system32\msvcr71.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\msvcp71.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\mfc71chs.dll [MS]c:\windows\system32\wtsapi32.dll [MS]c:\windows\system32\winsta.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\msctfime.ime [MS]c:\windows\system32\perfproc.dll ylive.exe=c:\progra~1\yahoo!\assist~1\ylive.exe [NOMS]c:\progra~1\yahoo!\assist~1\ynotifier.dll [NOMS]c:\progra~1\yahoo!\assist~1\yalliveex.dll [NOMS]c:\progra~1\yahoo!\assist~1\yalive.dll [NOMS]c:\windows\system32\xheemekfu.dll [NOMS]d:\setup\eolltl.dll [NOMS]c:\progra~1\yahoo!\assist~1\yhelper.dll [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [NOMS]c:\progra~1\yahoo!\assist~1\ylive.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\wininet.dll [MS]c:\windows\system32\normaliz.dll [MS]c:\windows\system32\iertutil.dll [MS]c:\windows\system32\ntmarta.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\samlib.dll [MS]c:\windows\system32\uxtheme.dll [MS]d:\setup\wsock32.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\pzwwewcxm.dll [MS]c:\windows\system32\bliiqiojy.dll [MS]c:\windows\system32\apphelp.dll [MS]c:\windows\system32\msctfime.ime [MS]c:\windows\system32\psapi.dll [MS]c:\windows\system32\urlmon.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\setupapi.dll [MS]c:\windows\system32\rasapi32.dll [MS]c:\windows\system32\rasman.dll [MS]c:\windows\system32\tapi32.dll [MS]c:\windows\system32\rtutils.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\msv1_0.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\sensapi.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll [MS]c:\windows\system32\rasadhlp.dll [MS]c:\windows\system32\dnsapi.dll [MS]c:\windows\system32\winrnr.dll VnetClient.exe=c:\program files\chinanet\vnetclient.exe [NOMS]c:\progra~1\chinanet\dlgskin.ocx [NOMS]c:\windows\system32\macromed\common\swsupport.dll [NOMS]c:\windows\system32\macromed\flash\flash9f.ocx [NOMS]c:\program files\rising\rav\ravscrch.dll [NOMS]c:\progra~1\chinanet\vnetoptlog.dll [NOMS]c:\progra~1\chinanet\allfun~1.dll [NOMS]c:\progra~1\chinanet\vneton~1.ocx [NOMS]c:\progra~1\chinanet\statnum.dll [NOMS]c:\progra~1\chinanet\vnetlo~1.ocx [NOMS]c:\progra~1\chinanet\allint~1.dll [NOMS]c:\progra~1\chinanet\plugpush.dll [NOMS]c:\windows\system32\packet.dll [NOMS]c:\windows\system32\pthreadvc.dll [NOMS]c:\windows\system32\wpcap.dll [NOMS]c:\progra~1\chinanet\passctrl.dll [NOMS]c:\progra~1\chinanet\newmes~1.dll [NOMS]c:\progra~1\chinanet\plugin~2.ocx [NOMS]c:\progra~1\chinanet\timer.ocx [NOMS]c:\progra~1\chinanet\dialogstyle.dll [NOMS]c:\progra~1\chinanet\vnetskin.ocx [NOMS]c:\progra~1\chinanet\accountmgr.dll [NOMS]c:\progra~1\chinanet\accoun~2.dll [NOMS]c:\progra~1\chinanet\vnetbs.ocx [NOMS]c:\progra~1\chinanet\gif89a.dll [NOMS]c:\progra~1\chinanet\advert~1.ocx [NOMS]c:\progra~1\chinanet\postplug.dll [NOMS]c:\progra~1\chinanet\webplu~1.dll [NOMS]c:\progra~1\chinanet\sign.dll [NOMS]c:\progra~1\chinanet\plugin~1.ocx [NOMS]c:\progra~1\chinanet\client~1.dll [NOMS]d:\setup\eolltl.dll [NOMS]c:\windows\system32\xheemekfu.dll [NOMS]c:\progra~1\yahoo!\assist~1\yhelper.dll [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [NOMS]c:\program files\chinanet\dialmodule.dll [NOMS]c:\program files\chinanet\communicate.dll [NOMS]c:\program files\chinanet\vnetclient.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\comdlg32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\winspool.drv [MS]c:\windows\system32\oledlg.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\olepro32.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\rasapi32.dll [MS]c:\windows\system32\rasman.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\tapi32.dll [MS]c:\windows\system32\rtutils.dll [MS]c:\windows\system32\winmm.dll [MS]c:\program files\chinanet\mfc42.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\msv1_0.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\mfc42loc.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\wininet.dll [MS]c:\windows\system32\normaliz.dll [MS]c:\windows\system32\iertutil.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\ntmarta.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\samlib.dll [MS]c:\windows\system32\wsock32.dll [MS]c:\windows\system32\pzwwewcxm.dll [MS]c:\windows\system32\bliiqiojy.dll [MS]c:\windows\system32\psapi.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\apphelp.dll [MS]c:\windows\system32\msctfime.ime [MS]c:\windows\system32\shdocvw.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\cryptui.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\asycfilt.dll [MS]c:\windows\system32\sxs.dll [MS]c:\windows\system32\setupapi.dll [MS]c:\windows\system32\urlmon.dll [MS]c:\windows\system32\shdoclc.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\mshtml.dll [MS]c:\windows\system32\msls31.dll [MS]c:\windows\system32\mlang.dll [MS]c:\windows\system32\msimtf.dll [MS]c:\windows\system32\msctf.dll [MS]c:\windows\system32\vbscript.dll [MS]c:\windows\system32\jscript.dll [MS]c:\windows\system32\ieframe.dll [MS]c:\windows\system32\sensapi.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\rasadhlp.dll [MS]c:\windows\system32\dnsapi.dll [MS]c:\windows\system32\wdmaud.drv [MS]c:\windows\system32\msacm32.drv [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\midimap.dll [MS]c:\windows\system32\schannel.dll [MS]c:\windows\system32\mshtmled.dll [MS]c:\windows\system32\oleacc.dll [MS]c:\windows\system32\msvcp60.dll [MS]c:\windows\system32\mprmsg.dll [MS]c:\windows\system32\winrnr.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll hypwise.exe=d:\海通证券大智慧2005专业版\internet\hypwise.exe [NOMS]d:\setup\eolltl.dll [NOMS]c:\windows\system32\xheemekfu.dll [NOMS]c:\progra~1\yahoo!\assist~1\yhelper.dll [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [NOMS]d:\海通证券大智慧2005专业版\internet\hypwise.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\wininet.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\normaliz.dll [MS]c:\windows\system32\iertutil.dll [MS]d:\海通证券大智慧2005专业版\internet\mfc42.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\mfc42loc.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\ntmarta.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\samlib.dll [MS]c:\windows\system32\wsock32.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\pzwwewcxm.dll [MS]c:\windows\system32\bliiqiojy.dll [MS]c:\windows\system32\psapi.dll [MS]c:\windows\system32\apphelp.dll [MS]c:\windows\system32\msctfime.ime [MS]c:\windows\system32\rasapi32.dll [MS]c:\windows\system32\rasman.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\tapi32.dll [MS]c:\windows\system32\rtutils.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\msv1_0.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll 123.EXE.EXE=c:\documents and settings\hp_owner\桌面\123.exe.exe [NOMS]c:\windows\system32\xheemekfu.dll [NOMS]d:\setup\eolltl.dll [NOMS]c:\progra~1\yahoo!\assist~1\yhelper.dll [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [NOMS]c:\documents and settings\hp_owner\桌面\123.exe.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\oledlg.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\winspool.drv [MS]c:\windows\system32\wininet.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\normaliz.dll [MS]c:\windows\system32\iertutil.dll [MS]c:\windows\system32\comdlg32.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\riched20.dll [MS]c:\windows\system32\ntmarta.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\samlib.dll [MS]d:\setup\wsock32.dll [MS]c:\windows\system32\pzwwewcxm.dll [MS]c:\windows\system32\bliiqiojy.dll [MS]c:\windows\system32\apphelp.dll [MS]c:\windows\system32\msctfime.ime [MS]c:\windows\system32\psapi.dll [MS]c:\windows\system32\sfc.dll [MS]c:\windows\system32\sfc_os.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\sensapi.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\linkinfo.dll [MS]c:\windows\system32\ntshrui.dll [MS]c:\windows\system32\atl.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\rsaenh.dll [MS]c:\windows\system32\cryptnet.dll [MS]c:\windows\system32\winhttp.dll [MS]c:\windows\system32\cabinet.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll [MS]c:\windows\system32\rasapi32.dll [MS]c:\windows\system32\rasman.dll [MS]c:\windows\system32\tapi32.dll [MS]c:\windows\system32\rtutils.dll [MS]c:\windows\system32\msv1_0.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\dnsapi.dll [MS]c:\windows\system32\rasadhlp.dll [MS]c:\windows\system32\cscui.dll [MS]c:\windows\system32\cscdll.dll [MS]c:\windows\system32\browseui.dll [MS]c:\windows\system32\setupapi.dll [MS]c:\windows\system32\shdocvw.dll [MS]c:\windows\system32\cryptui.dll 111.EXE=c:\documents and settings\hp_owner\桌面\syscheck2\111.exe [NOMS]c:\windows\system32\xheemekfu.dll [NOMS]d:\setup\eolltl.dll [NOMS]c:\progra~1\yahoo!\assist~1\yhelper.dll [NOMS]c:\documents and settings\hp_owner\桌面\syscheck2\111.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\comdlg32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\mpr.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\winspool.drv [MS]c:\windows\system32\wsock32.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\wininet.dll [MS]c:\windows\system32\normaliz.dll [MS]c:\windows\system32\iertutil.dll [MS]c:\windows\system32\ntmarta.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\samlib.dll [MS]c:\windows\system32\pzwwewcxm.dll [MS]c:\windows\system32\bliiqiojy.dll [MS]c:\windows\system32\apphelp.dll [MS]c:\windows\system32\msctfime.ime [MS]c:\windows\system32\psapi.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\setupapi.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\cscui.dll [MS]c:\windows\system32\cscdll.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\linkinfo.dll [MS]c:\windows\system32\ntshrui.dll [MS]c:\windows\system32\atl.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\shdocvw.dll [MS]c:\windows\system32\cryptui.dll [MS]c:\program files\microsoft office\office11\msohev.dll 微软进程及模块 smss.exe=c:\windows\system32\smss.exe [MS]c:\windows\system32\smss.exe [MS]c:\windows\system32\ntdll.dll csrss.exe=c:\windows\system32\csrss.exe [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [MS]c:\windows\system32\csrss.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\csrsrv.dll [MS]c:\windows\system32\basesrv.dll [MS]c:\windows\system32\winsrv.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\sxs.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\imm32.dll winlogon.exe=c:\windows\system32\winlogon.exe [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [MS]c:\windows\system32\winlogon.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\authz.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\nddeapi.dll [MS]c:\windows\system32\profmap.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\psapi.dll [MS]c:\windows\system32\regapi.dll [MS]c:\windows\system32\setupapi.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\winsta.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\msgina.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\odbc32.dll [MS]c:\windows\system32\comdlg32.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\odbcint.dll [MS]c:\windows\system32\shsvcs.dll [MS]c:\windows\system32\sfc.dll [MS]c:\windows\system32\sfc_os.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\apphelp.dll [MS]c:\windows\system32\msctfime.ime [MS]c:\windows\system32\winscard.dll [MS]c:\windows\system32\wtsapi32.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\cscdll.dll [MS]c:\windows\system32\wlnotify.dll [MS]c:\windows\system32\winspool.drv [MS]c:\windows\system32\mpr.dll [MS]c:\windows\system32\rsaenh.dll [MS]c:\windows\system32\samlib.dll [MS]c:\windows\system32\sxs.dll [MS]c:\windows\system32\msv1_0.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\cscui.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\ntmarta.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\wdmaud.drv [MS]c:\windows\system32\msacm32.drv [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\midimap.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\clbcatq.dll services.exe=c:\windows\system32\services.exe [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [MS]c:\windows\system32\services.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\scesrv.dll [MS]c:\windows\system32\authz.dll [MS]c:\windows\system32\umpnpmgr.dll [MS]c:\windows\system32\winsta.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\ncobjapi.dll [MS]c:\windows\system32\msvcp60.dll [MS]c:\windows\system32\shimeng.dll [MS]c:\windows\apppatch\acadproc.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\system32\apphelp.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\eventlog.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\psapi.dll [MS]c:\windows\system32\wtsapi32.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll lsass.exe=c:\windows\system32\lsass.exe [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [MS]c:\windows\system32\lsass.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\lsasrv.dll [MS]c:\windows\system32\mpr.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\ntdsapi.dll [MS]c:\windows\system32\dnsapi.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\samlib.dll [MS]c:\windows\system32\samsrv.dll [MS]c:\windows\system32\cryptdll.dll [MS]c:\windows\system32\shimeng.dll [MS]c:\windows\apppatch\acgenral.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\msprivs.dll [MS]c:\windows\system32\kerberos.dll [MS]c:\windows\system32\msv1_0.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\netlogon.dll [MS]c:\windows\system32\w32time.dll [MS]c:\windows\system32\msvcp60.dll [MS]c:\windows\system32\schannel.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\wdigest.dll [MS]c:\windows\system32\rsaenh.dll [MS]c:\windows\system32\scecli.dll [MS]c:\windows\system32\setupapi.dll [MS]c:\windows\system32\ipsecsvc.dll [MS]c:\windows\system32\authz.dll [MS]c:\windows\system32\oakley.dll [MS]c:\windows\system32\winipsec.dll [MS]c:\windows\system32\pstorsvc.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll [MS]c:\windows\system32\psbase.dll [MS]c:\windows\system32\dssenh.dll svchost.exe=c:\windows\system32\svchost.exe [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [MS]c:\windows\system32\svchost.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\shimeng.dll [MS]c:\windows\apppatch\acgenral.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\ntmarta.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\samlib.dll [MS]c:\windows\system32\rpcss.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\termsrv.dll [MS]c:\windows\system32\icaapi.dll [MS]c:\windows\system32\setupapi.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\authz.dll [MS]c:\windows\system32\mstlsapi.dll [MS]c:\windows\system32\activeds.dll [MS]c:\windows\system32\adsldpc.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\atl.dll [MS]c:\windows\system32\regapi.dll [MS]c:\windows\system32\rsaenh.dll [MS]c:\windows\system32\apphelp.dll svchost.exe=c:\windows\system32\svchost.exe [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [MS]c:\windows\system32\svchost.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\shimeng.dll [MS]c:\windows\apppatch\acgenral.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\rpcss.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\rsaenh.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll [MS]c:\windows\system32\dnsapi.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\winrnr.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\rasadhlp.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll svchost.exe=c:\windows\system32\svchost.exe [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [MS]c:\windows\system32\svchost.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\shimeng.dll [MS]c:\windows\apppatch\acgenral.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\ntmarta.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\samlib.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\shsvcs.dll [MS]c:\windows\system32\winsta.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\dhcpcsvc.dll [MS]c:\windows\system32\dnsapi.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\rsaenh.dll [MS]c:\windows\system32\wzcsvc.dll [MS]c:\windows\system32\rtutils.dll [MS]c:\windows\system32\wmi.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\wtsapi32.dll [MS]c:\windows\system32\esent.dll [MS]c:\windows\system32\atl.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll [MS]c:\windows\system32\rastls.dll [MS]c:\windows\system32\cryptui.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\wininet.dll [MS]c:\windows\system32\normaliz.dll [MS]c:\windows\system32\iertutil.dll [MS]c:\windows\system32\mprapi.dll [MS]c:\windows\system32\activeds.dll [MS]c:\windows\system32\adsldpc.dll [MS]c:\windows\system32\setupapi.dll [MS]c:\windows\system32\rasapi32.dll [MS]c:\windows\system32\rasman.dll [MS]c:\windows\system32\tapi32.dll [MS]c:\windows\system32\schannel.dll [MS]c:\windows\system32\winscard.dll [MS]c:\windows\system32\raschap.dll [MS]c:\windows\system32\msv1_0.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\schedsvc.dll [MS]c:\windows\system32\ntdsapi.dll [MS]c:\windows\system32\msidle.dll [MS]c:\windows\system32\audiosrv.dll [MS]c:\windows\system32\wkssvc.dll [MS]c:\windows\system32\qmgr.dll [MS]c:\windows\system32\mpr.dll [MS]c:\windows\system32\shfolder.dll [MS]c:\windows\system32\winhttp.dll [MS]c:\windows\system32\wuauserv.dll [MS]c:\windows\system32\wbem\wmisvc.dll [MS]c:\windows\system32\vssapi.dll [MS]c:\windows\system32\wuaueng.dll [MS]c:\windows\system32\winspool.drv [MS]c:\windows\system32\cabinet.dll [MS]c:\windows\system32\mspatcha.dll [MS]c:\windows\system32\w32time.dll [MS]c:\windows\system32\msvcp60.dll [MS]c:\windows\system32\trkwks.dll [MS]c:\windows\system32\srsvc.dll [MS]c:\windows\system32\powrprof.dll [MS]c:\windows\system32\seclogon.dll [MS]c:\windows\system32\es.dll [MS]c:\windows\system32\netman.dll [MS]c:\windows\system32\netshell.dll [MS]c:\windows\system32\credui.dll [MS]c:\windows\system32\wzcsapi.dll [MS]c:\windows\system32\srvsvc.dll [MS]c:\windows\pchealth\helpctr\binaries\pchsvc.dll [MS]c:\windows\system32\ersvc.dll [MS]c:\windows\system32\cryptsvc.dll [MS]c:\windows\system32\certcli.dll [MS]c:\windows\system32\sfc.dll [MS]c:\windows\system32\sfc_os.dll [MS]c:\windows\system32\wscsvc.dll [MS]c:\windows\system32\msi.dll [MS]c:\windows\system32\ipnathlp.dll [MS]c:\windows\system32\authz.dll [MS]c:\windows\system32\sens.dll [MS]c:\windows\system32\browser.dll [MS]c:\windows\system32\wbem\wbemcomn.dll [MS]c:\windows\system32\wbem\wbemcore.dll [MS]c:\windows\system32\wbem\esscli.dll [MS]c:\windows\system32\wbem\fastprox.dll [MS]c:\windows\system32\wbem\wmiutils.dll [MS]c:\windows\system32\wbem\repdrvfs.dll [MS]c:\windows\system32\tapisrv.dll [MS]c:\windows\system32\psapi.dll [MS]c:\windows\system32\wbem\wmiprvsd.dll [MS]c:\windows\system32\ncobjapi.dll [MS]c:\windows\system32\rasmans.dll [MS]c:\windows\system32\winipsec.dll [MS]c:\windows\system32\netcfgx.dll [MS]c:\windows\system32\clusapi.dll [MS]c:\windows\system32\wbem\wbemess.dll [MS]c:\windows\system32\sxs.dll [MS]c:\windows\system32\comsvcs.dll [MS]c:\windows\system32\colbact.dll [MS]c:\windows\system32\mtxclu.dll [MS]c:\windows\system32\wsock32.dll [MS]c:\windows\system32\resutils.dll [MS]c:\windows\system32\rasadhlp.dll [MS]c:\windows\system32\rastapi.dll [MS]c:\windows\system32\wbem\ncprov.dll [MS]c:\windows\system32\unimdm.tsp [MS]c:\windows\system32\uniplat.dll [MS]c:\windows\system32\kmddsp.tsp [MS]c:\windows\system32\ndptsp.tsp [MS]c:\windows\system32\ipconf.tsp [MS]c:\windows\system32\h323.tsp [MS]c:\windows\system32\hidphone.tsp [MS]c:\windows\system32\hid.dll [MS]c:\windows\system32\rasppp.dll [MS]c:\windows\system32\ntlsapi.dll [MS]c:\windows\system32\kerberos.dll [MS]c:\windows\system32\cryptdll.dll [MS]c:\windows\system32\upnp.dll [MS]c:\windows\system32\ssdpapi.dll [MS]c:\windows\system32\rasdlg.dll [MS]c:\windows\system32\wuapi.dll svchost.exe=c:\windows\system32\svchost.exe [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [MS]c:\windows\system32\svchost.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\shimeng.dll [MS]c:\windows\apppatch\acgenral.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\dnsrslvr.dll [MS]c:\windows\system32\dnsapi.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\rsaenh.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll svchost.exe=c:\windows\system32\svchost.exe [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [MS]c:\windows\system32\svchost.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\shimeng.dll [MS]c:\windows\apppatch\acgenral.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\ntmarta.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\samlib.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\lmhsvc.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\webclnt.dll [MS]c:\windows\system32\wininet.dll [MS]c:\windows\system32\normaliz.dll [MS]c:\windows\system32\iertutil.dll [MS]c:\windows\system32\ssdpsrv.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\wshtcpip.dll explorer.exe=c:\windows\explorer.exe [NOMS]c:\progra~1\yahoo!\assist~1\assist\yphtb.dll [NOMS]c:\windows\system32\cmdlineext.dll [NOMS]c:\program files\rising\rav\rscommon.dll [NOMS]c:\program files\winrar\rarext.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\ywiper.dll [NOMS]c:\program files\全能音频转换通\shellex.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\yxpstyle.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\yasfsks.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\yrepair.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\yoptimum.dll [NOMS]c:\progra~1\yahoo!\assistant\shell\yassecblk.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\yadfil~2.dll [NOMS]c:\progra~1\yahoo!\assist~1\yalliveex.dll [NOMS]c:\progra~1\yahoo!\assist~1\yalive.dll [NOMS]c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll [NOMS]c:\program files\haali\matroskasplitter\mkunicode.dll [NOMS]c:\program files\haali\matroskasplitter\mmfinfo.dll [NOMS]c:\progra~1\yahoo!\assist~1\yhelper.dll [NOMS]c:\windows\system32\ravext.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\ypagetr.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\ymyweb.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\ymailp.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\ysetti~2.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\yasiesec.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\yaswiper.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\yzsnetproto.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\yasnoad.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\ysearch.dll [NOMS]c:\progra~1\yahoo!\assist~1\assist\yasbar.dll [NOMS]d:\setup\eolltl.dll [NOMS]c:\windows\system32\xheemekfu.dll [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [MS]c:\windows\explorer.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\browseui.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\shdocvw.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\cryptui.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\wininet.dll [MS]c:\windows\system32\normaliz.dll [MS]c:\windows\system32\iertutil.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\shimeng.dll [MS]c:\windows\apppatch\acgenral.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\apphelp.dll [MS]c:\windows\system32\msctfime.ime [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\cscui.dll [MS]c:\windows\system32\cscdll.dll [MS]c:\windows\system32\themeui.dll [MS]c:\windows\system32\msimg32.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\linkinfo.dll [MS]c:\windows\system32\ntshrui.dll [MS]c:\windows\system32\atl.dll [MS]c:\windows\system32\mpr.dll [MS]c:\windows\system32\drprov.dll [MS]c:\windows\system32\ntlanman.dll [MS]c:\windows\system32\netui0.dll [MS]c:\windows\system32\netui1.dll [MS]c:\windows\system32\netrap.dll [MS]c:\windows\system32\samlib.dll [MS]c:\windows\system32\davclnt.dll [MS]c:\windows\system32\urlmon.dll [MS]c:\windows\system32\ieframe.dll [MS]c:\windows\system32\psapi.dll [MS]c:\windows\system32\rsaenh.dll [MS]c:\windows\system32\msi.dll [MS]c:\windows\system32\winsta.dll [MS]c:\windows\system32\webcheck.dll [MS]c:\windows\system32\stobject.dll [MS]c:\windows\system32\batmeter.dll [MS]c:\windows\system32\powrprof.dll [MS]c:\windows\system32\setupapi.dll [MS]c:\windows\system32\wtsapi32.dll [MS]c:\windows\system32\wsock32.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll [MS]c:\windows\system32\dnsapi.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\winrnr.dll [MS]c:\windows\system32\rasadhlp.dll [MS]c:\windows\system32\wdmaud.drv [MS]c:\windows\system32\msacm32.drv [MS]c:\windows\system32\midimap.dll [MS]c:\windows\system32\netshell.dll [MS]c:\windows\system32\rtutils.dll [MS]c:\windows\system32\credui.dll [MS]c:\windows\system32\fxsst.dll [MS]c:\windows\system32\winspool.drv [MS]c:\windows\system32\fxsapi.dll [MS]c:\windows\system32\ntmarta.dll [MS]c:\windows\system32\browselc.dll [MS]c:\windows\system32\msvcp60.dll [MS]c:\windows\system32\asycfilt.dll [MS]c:\windows\system32\rasapi32.dll [MS]c:\windows\system32\rasman.dll [MS]c:\windows\system32\tapi32.dll [MS]c:\windows\system32\comdlg32.dll [MS]c:\windows\system32\mshtml.dll [MS]c:\windows\system32\msls31.dll [MS]c:\windows\system32\msv1_0.dll [MS]c:\windows\system32\sensapi.dll [MS]c:\windows\system32\sxs.dll [MS]c:\windows\system32\duser.dll [MS]c:\windows\system32\msgina.dll [MS]c:\windows\system32\odbc32.dll [MS]c:\windows\system32\odbcint.dll [MS]c:\windows\system32\mlang.dll [MS]c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll [MS]c:\windows\system32\wmvcore.dll [MS]c:\windows\system32\wmasf.dll [MS]c:\windows\system32\shdoclc.dll [MS]c:\windows\system32\mydocs.dll [MS]c:\windows\system32\actxprxy.dll [MS]c:\windows\system32\xpsp1res.dll spoolsv.exe=c:\windows\system32\spoolsv.exe [NOMS]c:\windows\system32\hpzsnt12.dll [NOMS]c:\windows\system32\hptcpmib.dll [NOMS]c:\windows\system32\hpzjrd01.dll [NOMS]c:\windows\system32\hptcpmon.dll [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [MS]c:\windows\system32\spoolsv.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\shimeng.dll [MS]c:\windows\apppatch\acgenral.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\spoolss.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\dnsapi.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\rasadhlp.dll [MS]c:\windows\system32\localspl.dll [MS]c:\windows\system32\sfc_os.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\winspool.drv [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\cnbjmon.dll [MS]c:\windows\system32\clusapi.dll [MS]c:\windows\system32\hptcpmui.dll [MS]c:\windows\system32\mgmtapi.dll [MS]c:\windows\system32\snmpapi.dll [MS]c:\windows\system32\wsnmp32.dll [MS]c:\windows\system32\fxsmon.dll [MS]c:\windows\system32\fxsevent.dll [MS]c:\windows\system32\pjlmon.dll [MS]c:\windows\system32\tcpmon.dll [MS]c:\windows\system32\usbmon.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\winrnr.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\win32spl.dll [MS]c:\windows\system32\netrap.dll [MS]c:\windows\system32\ntdsapi.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\inetpp.dll alg.exe=c:\windows\system32\alg.exe [MS]c:\windows\system32\alg.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\atl.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\wsock32.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\shimeng.dll [MS]c:\windows\apppatch\acgenral.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll svchost.exe=c:\windows\system32\svchost.exe [MS]c:\windows\system32\svchost.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\shimeng.dll [MS]c:\windows\apppatch\acgenral.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\userenv.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\wiaservc.dll [MS]c:\windows\system32\cfgmgr32.dll [MS]c:\windows\system32\setupapi.dll [MS]c:\windows\system32\mscms.dll [MS]c:\windows\system32\winspool.drv [MS]c:\windows\system32\winsta.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\actxprxy.dll [MS]c:\windows\system32\sti.dll iexplore.exe=c:\program files\internet explorer\iexplore.exe [NOMS]c:\windows\system32\macromed\common\swsupport.dll [NOMS]c:\windows\system32\macromed\flash\flash9f.ocx [NOMS]c:\program files\rising\rav\ravscrch.dll [NOMS]c:\progra~1\chinanet\client~1.dll [NOMS]c:\progra~1\chinanet\communicate.dll [NOMS]c:\progra~1\chinanet\vnettr~1.dll [NOMS]d:\qqdownload\qqiehelper01.dll [NOMS]c:\progra~1\yahoo!\assist~1\yalliveex.dll [NOMS]c:\progra~1\yahoo!\assist~1\yalive.dll [NOMS]c:\windows\system32\xheemekfu.dll [NOMS]d:\setup\eolltl.dll [NOMS]c:\progra~1\yahoo!\assist~1\yscrblock.dll [NOMS]c:\progra~1\yahoo!\assist~1\yhelper.dll [NOMS]c:\program files\rising\rfw\olemon.dll [NOMS]c:\program files\rising\rfw\ijt_base.dll [MS]c:\program files\internet explorer\iexplore.exe [MS]c:\windows\system32\ntdll.dll [MS]c:\windows\system32\kernel32.dll [MS]c:\windows\system32\advapi32.dll [MS]c:\windows\system32\rpcrt4.dll [MS]c:\windows\system32\secur32.dll [MS]c:\windows\system32\gdi32.dll [MS]c:\windows\system32\user32.dll [MS]c:\windows\system32\msvcrt.dll [MS]c:\windows\system32\shlwapi.dll [MS]c:\windows\system32\shell32.dll [MS]c:\windows\system32\ole32.dll [MS]c:\windows\system32\urlmon.dll [MS]c:\windows\system32\oleaut32.dll [MS]c:\windows\system32\iertutil.dll [MS]c:\windows\system32\version.dll [MS]c:\windows\system32\imm32.dll [MS]c:\windows\system32\lpk.dll [MS]c:\windows\system32\usp10.dll [MS]c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [MS]c:\windows\system32\comctl32.dll [MS]c:\windows\system32\ieframe.dll [MS]c:\windows\system32\psapi.dll [MS]c:\windows\system32\uxtheme.dll [MS]c:\windows\system32\wininet.dll [MS]c:\windows\system32\normaliz.dll [MS]c:\windows\system32\ntmarta.dll [MS]c:\windows\system32\wldap32.dll [MS]c:\windows\system32\samlib.dll [MS]d:\setup\wsock32.dll [MS]c:\windows\system32\ws2_32.dll [MS]c:\windows\system32\ws2help.dll [MS]c:\windows\system32\pzwwewcxm.dll [MS]c:\windows\system32\bliiqiojy.dll [MS]c:\windows\system32\xpsp2res.dll [MS]c:\windows\system32\netapi32.dll [MS]c:\windows\system32\setupapi.dll [MS]c:\windows\system32\apphelp.dll [MS]c:\windows\system32\msctfime.ime [MS]c:\windows\system32\ieui.dll [MS]c:\windows\system32\msimg32.dll [MS]c:\windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll [MS]c:\windows\system32\xmllite.dll [MS]c:\windows\system32\clbcatq.dll [MS]c:\windows\system32\comres.dll [MS]c:\windows\system32\oleacc.dll [MS]c:\windows\system32\msvcp60.dll [MS]c:\windows\system32\msfeeds.dll [MS]c:\windows\system32\msimtf.dll [MS]c:\windows\system32\msctf.dll [MS]c:\windows\system32\cscui.dll [MS]c:\windows\system32\cscdll.dll [MS]c:\program files\microsoft office\office11\msohev.dll [MS]c:\windows\system32\shdocvw.dll [MS]c:\windows\system32\crypt32.dll [MS]c:\windows\system32\msasn1.dll [MS]c:\windows\system32\cryptui.dll [MS]c:\windows\system32\wintrust.dll [MS]c:\windows\system32\imagehlp.dll [MS]c:\windows\system32\userenv.dll [MS]c:\program files\internet explorer\ieproxy.dll [MS]c:\windows\system32\sxs.dll [MS]c:\windows\system32\mlang.dll [MS]c:\windows\system32\winmm.dll [MS]c:\windows\system32\rasapi32.dll [MS]c:\windows\system32\rasman.dll [MS]c:\windows\system32\tapi32.dll [MS]c:\windows\system32\rtutils.dll [MS]c:\windows\system32\comdlg32.dll [MS]c:\windows\system32\winspool.drv [MS]c:\windows\system32\shdoclc.dll [MS]c:\windows\system32\mswsock.dll [MS]c:\windows\system32\hnetcfg.dll [MS]c:\windows\system32\wshtcpip.dll [MS]c:\windows\system32\msv1_0.dll [MS]c:\windows\system32\iphlpapi.dll [MS]c:\windows\system32\actxprxy.dll [MS]c:\windows\system32\rasadhlp.dll [MS]c:\windows\system32\dnsapi.dll [MS]c:\windows\system32\mshtml.dll [MS]c:\windows\system32\msls31.dll [MS]c:\windows\system32\ieapfltr.dll [MS]c:\windows\system32\vbscript.dll [MS]c:\windows\system32\jscript.dll [MS]c:\windows\system32\wdmaud.drv [MS]c:\windows\system32\msacm32.drv [MS]c:\windows\system32\msacm32.dll [MS]c:\windows\system32\midimap.dll [MS]c:\windows\system32\schannel.dll [MS]c:\windows\system32\ddrawex.dll [MS]c:\windows\system32\ddraw.dll [MS]c:\windows\system32\dciman32.dll [MS]c:\windows\system32\mshtmled.dll [MS]c:\windows\system32\rsaenh.dll [MS]c:\windows\system32\dxtrans.dll [MS]c:\windows\system32\atl.dll [MS]c:\windows\system32\dxtmsft.dll [MS]c:\windows\system32\iepeers.dll [MS]c:\windows\system32\msxml3.dll [MS]c:\windows\system32\dssenh.dll [MS]c:\windows\system32\imgutil.dll [MS]c:\windows\system32\pngfilt.dll [MS]c:\program files\common files\microsoft shared\office11\msoxmlmf.dll [MS]c:\windows\system32\mscoree.dll [MS]c:\windows\microsoft.net\framework\v1.1.4322\mscorie.dll [MS]c:\windows\microsoft.net\framework\v1.1.4322\msvcr71.dll [MS]c:\windows\microsoft.net\framework\v1.1.4322\mscorld.dll [MS]c:\windows\system32\ntshrui.dll [MS]c:\windows\system32\linkinfo.dll [MS]c:\windows\system32\msrating.dll [MS]c:\windows\system32\pintlgnt.ime [MS]c:\windows\system32\browseui.dll 2:当前运行中的服务情况: 第三方服务 [NOMS]SYMTDI c:\windows\system32\drivers\symtdi.sys 2005-04-05 [NOMS]SymEvent c:\program files\symantec\symevent.sys 2005-07-28 [NOMS]Secdrv c:\windows\system32\drivers\secdrv.sys 2007-11-13 [NOMS]RsNTGDI c:\windows\system32\drivers\rsntgdi.sys 2008-07-28 [NOMS]RsFwDrv c:\program files\rising\rfw\rsfwdrv.sys 2008-07-29 [NOMS]RsCCenter c:\program files\rising\rav\ccenter.exe 2008-07-28 [NOMS]RfwService c:\program files\rising\rfw\rfwsrv.exe 2008-07-25 [NOMS]RfwProxySrv c:\program files\rising\rfw\rfwproxy.exe 2008-07-29 [NOMS]RfwBase c:\windows\system32\drivers\rfwbase.sys 2008-07-29 [NOMS]PxHelp20 c:\windows\system32\drivers\pxhelp20.sys 2005-04-25 [NOMS]Ptilink c:\windows\system32\drivers\ptilink.sys 2004-08-17 [NOMS]Ps2 c:\windows\system32\drivers\ps2.sys 2005-07-04 [NOMS]NVSvc c:\windows\system32\nvsvc32.exe 2005-08-02 [NOMS]nv c:\windows\system32\drivers\nv4_mini.sys 2005-08-02 [NOMS]IntcAzAudAddService c:\windows\system32\drivers\rtkhdaud.sys 2005-06-09 [NOMS]HookUrl c:\program files\rising\rfw\hookurl.sys 2008-07-29 [NOMS]HookSys c:\windows\system32\drivers\hooksys.sys 2008-07-28 [NOMS]HookReg c:\windows\system32\drivers\hookreg.sys 2008-07-28 [NOMS]HookNtos c:\windows\system32\drivers\hookntos.sys 2008-07-28 [NOMS]HookCont c:\windows\system32\drivers\hookcont.sys 2008-07-28 [NOMS]HDAudBus c:\windows\system32\drivers\hdaudbus.sys 2005-01-07 [NOMS]gltfjcj c:\windows\system32\drivers\gltfjcj.sys 2008-08-13 [NOMS]GEARAspiWDM c:\windows\system32\drivers\gearaspiwdm.sys 2008-01-29 [NOMS]E100B c:\windows\system32\drivers\e100b325.sys 2004-10-15 [NOMS]BaseTDI c:\windows\system32\drivers\basetdi.sys 2007-08-10 [NOMS]ADProt c:\windows\system32\drivers\adprot.sys 2008-08-13 微软服务 [IsMS]ACPI c:\windows\system32\drivers\acpi.sys 2004-08-17 [IsMS]AFD c:\windows\system32\drivers\afd.sys 2008-06-20 [IsMS]ALG c:\windows\system32\alg.exe 2004-08-17 [IsMS]Arp1394 c:\windows\system32\drivers\arp1394.sys 2004-08-17 [IsMS]atapi c:\windows\system32\drivers\atapi.sys 2004-08-03 [IsMS]AudioSrv c:\windows\system32\audiosrv.dll 2004-08-17 [IsMS]audstub c:\windows\system32\drivers\audstub.sys 2001-08-17 [IsMS]BITS c:\windows\system32\qmgr.dll 2004-08-17 [IsMS]Browser c:\windows\system32\browser.dll 2004-08-17 [IsMS]Cdrom c:\windows\system32\drivers\cdrom.sys 2004-08-17 [IsMS]CryptSvc c:\windows\system32\cryptsvc.dll 2004-08-17 [IsMS]DcomLaunch c:\windows\system32\rpcss.dll 2005-07-26 [IsMS]Dhcp c:\windows\system32\dhcpcsvc.dll 2006-05-19 [IsMS]Disk c:\windows\system32\drivers\disk.sys 2004-08-17 [IsMS]Dnscache c:\windows\system32\dnsrslvr.dll 2008-02-20 [IsMS]ERSvc c:\windows\system32\ersvc.dll 2004-08-17 [IsMS]Eventlog c:\windows\system32\services.exe 2004-08-17 [IsMS]EventSystem c:\windows\system32\es.dll 2005-07-26 [IsMS]FastUserSwitchingCompatibility c:\windows\system32\shsvcs.dll 2006-12-20 [IsMS]FltMgr c:\windows\system32\drivers\fltmgr.sys 2006-08-21 [IsMS]FsVga c:\windows\system32\drivers\fsvga.sys 2004-08-17 [IsMS]Ftdisk c:\windows\system32\drivers\ftdisk.sys 2004-08-17 [IsMS]Gpc c:\windows\system32\drivers\msgpc.sys 2004-08-17 [IsMS]helpsvc c:\windows\pchealth\helpctr\binaries\pchsvc.dll 2004-08-17 [IsMS]HTTP c:\windows\system32\drivers\http.sys 2006-03-17 [IsMS]i8042prt c:\windows\system32\drivers\i8042prt.sys 2004-08-16 [IsMS]Imapi c:\windows\system32\drivers\imapi.sys 2004-08-17 [IsMS]intelppm c:\windows\system32\drivers\intelppm.sys 2004-08-16 [IsMS]IpNat c:\windows\system32\drivers\ipnat.sys 2004-09-30 [IsMS]IPSec c:\windows\system32\drivers\ipsec.sys 2004-08-17 [IsMS]isapnp c:\windows\system32\drivers\isapnp.sys 2001-08-31 [IsMS]Kbdclass c:\windows\system32\drivers\kbdclass.sys 2004-08-16 [IsMS]kmixer c:\windows\system32\drivers\kmixer.sys 2006-06-14 [IsMS]lanmanserver c:\windows\system32\srvsvc.dll 2004-12-08 [IsMS]lanmanworkstation c:\windows\system32\wkssvc.dll 2006-08-17 [IsMS]LmHosts c:\windows\system32\lmhsvc.dll 2004-08-17 [IsMS]Mouclass c:\windows\system32\drivers\mouclass.sys 2004-08-17 [IsMS]MRxDAV c:\windows\system32\drivers\mrxdav.sys 2007-12-18 [IsMS]MRxSmb c:\windows\system32\drivers\mrxsmb.sys 2006-05-05 [IsMS]mssmbios c:\windows\system32\drivers\mssmbios.sys 2004-08-17 [IsMS]NdisTapi c:\windows\system32\drivers\ndistapi.sys 2004-08-17 [IsMS]Ndisuio c:\windows\system32\drivers\ndisuio.sys 2004-08-17 [IsMS]NdisWan c:\windows\system32\drivers\ndiswan.sys 2004-08-17 [IsMS]NetBIOS c:\windows\system32\drivers\netbios.sys 2004-08-17 [IsMS]NetBT c:\windows\system32\drivers\netbt.sys 2004-08-17 [IsMS]Netman c:\windows\system32\netman.dll 2005-08-23 [IsMS]NIC1394 c:\windows\system32\drivers\nic1394.sys 2004-08-17 [IsMS]Nla c:\windows\system32\mswsock.dll 2008-06-21 [IsMS]ohci1394 c:\windows\system32\drivers\ohci1394.sys 2004-08-17 [IsMS]Parport c:\windows\system32\drivers\parport.sys 2004-08-17 [IsMS]PCI c:\windows\system32\drivers\pci.sys 2004-08-16 [IsMS]PCIIde c:\windows\system32\drivers\pciide.sys 2001-08-31 [IsMS]PlugPlay c:\windows\system32\services.exe 2004-08-17 [IsMS]PolicyAgent c:\windows\system32\lsass.exe 2004-08-17 [IsMS]PptpMiniport c:\windows\system32\drivers\raspptp.sys 2004-08-17 [IsMS]ProtectedStorage c:\windows\system32\lsass.exe 2004-08-17 [IsMS]PSched c:\windows\system32\drivers\psched.sys 2004-08-17 [IsMS]RasAcd c:\windows\system32\drivers\rasacd.sys 2004-08-17 [IsMS]Rasl2tp c:\windows\system32\drivers\rasl2tp.sys 2004-08-17 [IsMS]RasMan c:\windows\system32\rasmans.dll 2006-05-14 [IsMS]RasPppoe c:\windows\system32\drivers\raspppoe.sys 2004-08-17 [IsMS]Raspti c:\windows\system32\drivers\raspti.sys 2004-08-17 [IsMS]Rdbss c:\windows\system32\drivers\rdbss.sys 2006-05-05 [IsMS]RDPCDD c:\windows\system32\drivers\rdpcdd.sys 2004-08-17 [IsMS]redbook c:\windows\system32\drivers\redbook.sys 2004-08-16 [IsMS]RpcSs c:\windows\system32\rpcss.dll 2005-07-26 [IsMS]SamSs c:\windows\system32\lsass.exe 2004-08-17 [IsMS]Schedule c:\windows\system32\schedsvc.dll 2004-08-17 [IsMS]seclogon c:\windows\system32\seclogon.dll 2004-08-17 [IsMS]SENS c:\windows\system32\sens.dll 2004-08-17 [IsMS]SharedAccess c:\windows\system32\ipnathlp.dll 2004-08-17 [IsMS]ShellHWDetection c:\windows\system32\shsvcs.dll 2006-12-20 [IsMS]Spooler c:\windows\system32\spoolsv.exe 2005-06-11 [IsMS]sr c:\windows\system32\drivers\sr.sys 2004-08-17 [IsMS]srservice c:\windows\system32\srsvc.dll 2004-08-17 [IsMS]Srv c:\windows\system32\drivers\srv.sys 2006-08-14 [IsMS]SSDPSRV c:\windows\system32\ssdpsrv.dll 2004-08-17 [IsMS]stisvc c:\windows\system32\wiaservc.dll 2006-12-20 [IsMS]swenum c:\windows\system32\drivers\swenum.sys 2004-08-17 [IsMS]sysaudio c:\windows\system32\drivers\sysaudio.sys 2004-08-03 [IsMS]TapiSrv c:\windows\system32\tapisrv.dll 2005-07-09 [IsMS]Tcpip c:\windows\system32\drivers\tcpip.sys 2008-06-20 [IsMS]TermDD c:\windows\system32\drivers\termdd.sys 2004-08-16 [IsMS]TermService c:\windows\system32\termsrv.dll 2004-08-17 [IsMS]Themes c:\windows\system32\shsvcs.dll 2006-12-20 [IsMS]TrkWks c:\windows\system32\trkwks.dll 2004-08-17 [IsMS]Update c:\windows\system32\drivers\update.sys 2007-04-23 [IsMS]usbehci c:\windows\system32\drivers\usbehci.sys 2004-08-03 [IsMS]usbhub c:\windows\system32\drivers\usbhub.sys 2004-08-03 [IsMS]USBSTOR c:\windows\system32\drivers\usbstor.sys 2004-08-03 [IsMS]usbuhci c:\windows\system32\drivers\usbuhci.sys 2004-08-03 [IsMS]VgaSave c:\windows\system32\drivers\vga.sys 2004-08-17 [IsMS]W32Time c:\windows\system32\w32time.dll 2004-08-17 [IsMS]Wanarp c:\windows\system32\drivers\wanarp.sys 2004-08-17 [IsMS]wdmaud c:\windows\system32\drivers\wdmaud.sys 2006-06-14 [IsMS]WebClient c:\windows\system32\webclnt.dll 2006-01-04 [IsMS]winmgmt c:\windows\system32\wbem\wmisvc.dll 2004-08-17 [IsMS]WS2IFSL c:\windows\system32\drivers\ws2ifsl.sys 2004-08-17 [IsMS]wscsvc c:\windows\system32\wscsvc.dll 2004-08-17 [IsMS]wuauserv c:\windows\system32\wuauserv.dll 2004-08-17 [IsMS]WZCSVC c:\windows\system32\wzcsvc.dll 2004-08-17 3:当前活动文件情况: 腾讯qq.lnk [启动组] C:\Documents and Settings\HP_Owner\「开始」菜单\程序\启动\腾讯qq.lnk ravtask.exe [启动值] c:\program files\rising\rav\ravtask.exe nvcpl.dll [启动值] rundll32.exe c:\windows\system32\nvcpl.dll isuspm.exe [启动值] ; c:\progra~1\common~1\instal~1\update~1\isuspm.exe dumprep 0 -k [启动值] ; %systemroot%\system32\dumprep 0 -k mppds.exe [启动值] ; c:\windows\mppds.exe msccrt.exe [启动值] ; c:\windows\msccrt.exe qttask.exe [启动值] ; "c:\program files\quicktime\qttask.exe tkbbkt67.dll [启动值] ; %systemroot%\system32\rundll32.exe "%systemroot%\system32\tkbbkt67.dll realsched.exe [启动值] ; "c:\program files\common files\real\update_ob\realsched.exe upxdnd.exe [启动值] ; c:\windows\temp\upxdnd.exe upxdnf.exe [启动值] ; c:\windows\temp\upxdnf.exe winform.exe [启动值] ; c:\windows\winform.exe yassistse.exe [启动值] ; "c:\progra~1\yahoo!\assistant\yassistse.exe ylive.exe [启动值] ; c:\progra~1\yahoo!\assist~1\ylive.exe mmdabluu1077.dll [启动值] c:\windows\system32\mmdabluu1077.dll mmsadzfb1045.dll [启动值] c:\windows\system32\mmsadzfb1045.dll dqwlvwlv1012.dll [启动值] c:\windows\system32\dqwlvwlv1012.dll ravext.dll [启动值] c:\windows\system32\ravext.dll zefdst.dll [启动值] c:\windows\system32\zefdst.dll mnmhdsrv.dll [启动值] mnmhdsrv.dll mpmydapi.dll [启动值] mpmydapi.dll zptlcsys.dll [启动值] zptlcsys.dll zyzxhime.dll [启动值] zyzxhime.dll mpwdcapi.dll [启动值] mpwdcapi.dll mndhcdwd.dll [启动值] mndhcdwd.dll skqnbbib.dll [启动值] skqnbbib.dll oohxdbyt.dll [启动值] oohxdbyt.dll zywmeime.dll [启动值] zywmeime.dll jfrwdh.dll [启动值] c:\windows\system32\jfrwdh.dll yxcschlp.dll [启动值] yxcschlp.dll cedafb.dll [启动值] c:\windows\system32\cedafb.dll ypcqfhlp.dll [启动值] ypcqfhlp.dll jhrcar.dll [启动值] c:\windows\system32\jhrcar.dll sgdewg.dll [启动值] c:\windows\system32\sgdewg.dll mndsesrv.dll [启动值] mndsesrv.dll pedadt.dll [启动值] c:\windows\system32\pedadt.dll rijxakin.dll [启动值] c:\windows\system32\rijxakin.dll ozfydbyt.dll [启动值] ozfydbyt.dll jdsaex.dll [启动值] c:\windows\system32\jdsaex.dll jkhxaklo.dll [启动值] jkhxaklo.dll mtewdh.dll [启动值] c:\windows\system32\mtewdh.dll mndhfdwd.dll [启动值] c:\windows\system32\mndhfdwd.dll wklsdd.dll [启动值] c:\windows\system32\wklsdd.dll mpmyhapi.dll [启动值] c:\windows\system32\mpmyhapi.dll ptjhehlp.dll [启动值] ptjhehlp.dll [启动值] [启动值] mndsgsrv.dll [启动值] c:\windows\system32\mndsgsrv.dll apzhctde.dll [启动值] c:\windows\system32\apzhctde.dll apsgfjba.dll [启动值] c:\windows\system32\apsgfjba.dll zxptejpg.dll [启动值] zxptejpg.dll pqzfajke.dll [启动值] c:\windows\system32\pqzfajke.dll [启动值] erxyaloe.dll [启动值] c:\windows\system32\erxyaloe.dll oswxdttb.dll [启动值] c:\windows\system32\oswxdttb.dll tysqakol.dll [启动值] c:\windows\system32\tysqakol.dll fsrgeb.dll [启动值] c:\windows\system32\fsrgeb.dll tdggrz.dll [启动值] c:\windows\system32\tdggrz.dll lijzdlit.dll [启动值] c:\windows\system32\lijzdlit.dll pjjxedwd.dll [启动值] c:\windows\system32\pjjxedwd.dll sderfx.dll [启动值] c:\windows\system32\sderfx.dll lassaplo.dll [启动值] c:\windows\system32\lassaplo.dll ozfyebyt.dll [启动值] c:\windows\system32\ozfyebyt.dll arjrbler.dll [启动值] c:\windows\system32\arjrbler.dll akjsckaq.dll [启动值] c:\windows\system32\akjsckaq.dll skqncbib.dll [启动值] c:\windows\system32\skqncbib.dll dpvvoxmh.dll [启动值] c:\windows\system32\dpvvoxmh.dll wanlhddw.dll [启动值] c:\windows\system32\wanlhddw.dll msobjstl.dll [启动值] c:\windows\system32\msobjstl.dll [启动值] rfdswc.dll [启动值] c:\windows\system32\rfdswc.dll ddserh.dll [启动值] c:\windows\system32\ddserh.dll jhfrxz.dll [启动值] c:\windows\system32\jhfrxz.dll ksuserfy.dll [启动值] c:\windows\system32\ksuserfy.dll kbdswjr.dll [启动值] c:\windows\system32\kbdswjr.dll wrqszl.dll [启动值] c:\windows\system32\wrqszl.dll dndsaf.dll [启动值] c:\windows\system32\dndsaf.dll imgutilhx2.dll [启动值] c:\windows\system32\imgutilhx2.dll ajfuodhw.dll [启动值] c:\windows\system32\ajfuodhw.dll cliconfgzx.dll [启动值] c:\windows\system32\cliconfgzx.dll lweurqhx.dll [启动值] c:\windows\system32\lweurqhx.dll kbdgrms.dll [启动值] c:\windows\system32\kbdgrms.dll certmgrkd.dll [启动值] c:\windows\system32\certmgrkd.dll adsntzt.dll [启动值] c:\windows\system32\adsntzt.dll winnt64.sys [启动值] c:\program files\internet explorer\plugins\winnt64.sys msmsgs.exe [启动值] ; "c:\program files\messenger\msmsgs.exe ie777.exe [启动值] ; c:\docume~1\hp_owner\locals~1\temp\ie777.exe rundll32 iedkcs32.dll,brandie4 signup [启动项] rundll32 iedkcs32.dll,brandie4 signup svchost.exe [启动项] c:\windows\system32\wryuwax\svchost.exe msnetmtg.inf [启动项] rundll32.exe advpack.dll,launchinfsection c:\windows\inf\msnetmtg.inf msmsgs.inf [启动项] rundll32.exe advpack.dll,launchinfsection c:\windows\inf\msmsgs.inf fxsocm.inf [启动项] rundll32.exe advpack.dll,launchinfsection c:\windows\inf\fxsocm.inf nvcpl.dll [Explorer加载] c:\windows\system32\nvcpl.dll nvshell.dll [Explorer加载] c:\windows\system32\nvshell.dll nvshell.dll [Explorer加载] c:\windows\system32\nvshell.dll nvshell.dll [Explorer加载] c:\windows\system32\nvshell.dll itunesminiplayer.dll [Explorer加载] c:\program files\itunes\itunesminiplayer.dll shellvrtf.dll [Explorer加载] c:\windows\system32\shellvrtf.dll rarext.dll [Explorer加载] c:\program files\winrar\rarext.dll ywiper.dll [Explorer加载] c:\progra~1\yahoo!\assist~1\assist\ywiper.dll shellex.dll [Explorer加载] c:\program files\全能音频转换通\shellex.dll yphtb.dll [Explorer加载] c:\progra~1\yahoo!\assist~1\assist\yphtb.dll nvcpl.dll [Explorer加载] c:\windows\system32\nvcpl.dll mmfinfo.dll [Explorer加载] c:\program files\haali\matroskasplitter\mmfinfo.dll haali matroska thumbnail exctractor [Explorer加载] haali matroska thumbnail exctractor saddr.dll [Explorer加载] c:\program files\tencent\ssplus\saddr.dll saddr.dll [Explorer加载] c:\program files\tencent\ssplus\saddr.dll saddr.dll [Explorer加载] c:\program files\tencent\ssplus\saddr.dll ssup.dll [Explorer加载] c:\windows\system32\ssup.dll ravext.dll [Explorer加载] c:\windows\system32\ravext.dll qqiehelper01.dll [BHO钩子] d:\qqdownload\qqiehelper01.dll qqiehelper01.dll [BHO钩子] d:\qqdownload\qqiehelper01.dll bitcometbar0.2.d [IE工具栏] c:\program files\bitcomet\bitcometbar\bitcometbar0.2.d yasbar.dll [IE工具栏] c:\progra~1\yahoo!\assist~1\assist\yasbar.dll fgiebar.dll [IE工具栏] c:\program files\flashget\fgiebar.dll googletoolbar2.dll [IE工具栏] c:\program files\google\googletoolbar2.dll //cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist [IE按钮] http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist monitor.htm [IE右键] c:\program files\riptide\plugin\monitor.htm jc_link.htm [IE右键] c:\program files\flashget\jc_link.htm jc_all.htm [IE右键] c:\program files\flashget\jc_all.htm geturl.htm [IE右键] d:\qqdownload\geturl.htm getallurl.htm [IE右键] d:\qqdownload\getallurl.htm geturl.htm [IE右键] c:\program files\thunder network\thunder\program\geturl.htm getallurl.htm [IE右键] c:\program files\thunder network\thunder\program\getallurl.htm addemotion.htm [IE右键] d:\setup\addemotion.htm yrss.dll [IE右键] res://c:\progra~1\yahoo!\assist~1\assist\yrss.dll flvcd_link.htm [IE右键] c:\program files\flvcd\flvcd_link.htm yasbar.dll [IE右键] res://c:\progra~1\yahoo!\assist~1\assist\yasbar.dll saddr.dll [IE搜索] c:\program files\tencent\ssplus\saddr.dll ravext.dll [文件右键] c:\windows\system32\ravext.dll ravext.dll [文件右键] c:\windows\system32\ravext.dll rarext.dll [文件右键] c:\program files\winrar\rarext.dll ywiper.dll [文件右键] c:\progra~1\yahoo!\assist~1\assist\ywiper.dll shellex.dll [文件右键] c:\program files\全能音频转换通\shellex.dll ravext.dll [文件右键] c:\windows\system32\ravext.dll ravext.dll [文件右键] c:\windows\system32\ravext.dll rarext.dll [文件右键] c:\program files\winrar\rarext.dll 4:当前敏感键值情况: 当前IE主页 Software\Microsoft\Internet Explorer\Main [Start Page]=http://www.sz800.com/ IE起始页 Software\Microsoft\Internet Explorer\Main [Default_Page_URL]= IE搜索 Software\Microsoft\Internet Explorer\Search [CustomizeSearch]=http://seek.yisou.com/srchcust.htm IE搜索 Software\Microsoft\Internet Explorer\Search [SearchAssistant]=http://seek.yisou.com/srchasst.htm 6:内核HOOK情况: NtAssignProcessToJobObject \SystemRoot\system32\drivers\HOOKHELP.sys NtConnectPort \WINDOWS\system32\hal.dll NtCreateKey \SystemRoot\system32\drivers\HOOKHELP.sys NtCreateThread \SystemRoot\system32\drivers\HOOKHELP.sys NtDebugActiveProcess \SystemRoot\system32\drivers\HOOKHELP.sys NtDeleteKey \SystemRoot\system32\drivers\HOOKHELP.sys NtDeleteValueKey \SystemRoot\system32\drivers\HOOKHELP.sys NtLoadDriver \SystemRoot\system32\drivers\HOOKHELP.sys NtLockVirtualMemory \SystemRoot\system32\drivers\HOOKHELP.sys NtOpenSection \SystemRoot\system32\drivers\HOOKHELP.sys NtProtectVirtualMemory \SystemRoot\system32\drivers\HOOKHELP.sys NtQueryValueKey \SystemRoot\system32\drivers\HOOKHELP.sys NtQueueApcThread \SystemRoot\system32\drivers\HOOKHELP.sys NtReadVirtualMemory \SystemRoot\system32\drivers\HOOKHELP.sys NtRenameKey \SystemRoot\system32\drivers\HOOKHELP.sys NtRequestWaitReplyPort \SystemRoot\system32\drivers\HOOKHELP.sys NtRestoreKey \SystemRoot\system32\drivers\HOOKHELP.sys NtSetContextThread \SystemRoot\system32\drivers\HOOKHELP.sys NtSetSecurityObject \SystemRoot\system32\drivers\HOOKHELP.sys NtSetSystemInformation \SystemRoot\system32\drivers\HOOKHELP.sys NtSetValueKey \SystemRoot\system32\drivers\HOOKHELP.sys NtSuspendProcess \SystemRoot\system32\drivers\HOOKHELP.sys NtSuspendThread \SystemRoot\system32\drivers\HOOKHELP.sys NtSystemDebugControl \SystemRoot\system32\drivers\HOOKHELP.sys NtTerminateProcess \SystemRoot\system32\drivers\HOOKHELP.sys NtTerminateThread \SystemRoot\system32\drivers\HOOKHELP.sys NtWriteVirtualMemory \SystemRoot\system32\drivers\HOOKHELP.sys