注册表 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{E2C92237-1CA0-42A2-9389-034FAF327559}> [] <{5E4D7B4C-223E-44F8-BB27-8B2E187CA192}> [] <{3A303641-EEA5-4A46-AC10-9E5CBD3172A9}> [] <{5F36118C-A94C-46FF-A2AB-694425F18DAD}> [] <{1382E813-A404-4551-8FE1-E09122E0162A}> [] <{E35982DC-42C8-4C45-B7D1-1E8B78EAADE5}> [] <{B2B6572C-BB48-4A7C-B1F7-6EE517A883D3}> [] <{22D4319C-3C97-4815-B338-E678C1B92A75}> [] <{8F58CC2D-CAE0-4F7D-87BA-1120CDFB9739}> [] <{2718DD7F-FCFD-4B31-9E8C-601915C5D979}> [] <{650C9379-FF9A-416D-85AC-FBB0F679E757}> [] <{D5799CDC-5840-4F24-93A0-1B93DBACDF4B}> [File is missing] <{0F7A599D-CC92-4795-9C3B-12608778486A}> [File is missing] <{56F44CF1-4CF2-49B7-9CBF-A1C99FE929AF}> [File is missing] <{17B6BF0B-4E96-4759-9079-1C98C4CE1809}> [File is missing] <{38E826A1-1692-4A6F-9224-359D6C687C78}> [File is missing] <{81F6FC4F-1888-4E58-A8FF-A481B5824BEF}> [File is missing] <{ADE44DC7-05C3-4980-B278-788525C8C4FF}> [File is missing] <{E637058A-9E4D-4F0B-9459-8411DD70BA2B}> [File is missing] <{61936B76-8B4C-4E72-9EE2-62DEB1E9A954}> [File is missing] <{D40577EF-8936-45AD-BE3D-EC3B06B7AE76}> [File is missing] <{FB2FB322-D3BA-4E3D-AC88-3B64FB5286F9}> [File is missing] <{EA4522E3-6DE2-4857-92CB-17B09765C40A}> [File is missing] <{315B4ABF-186C-4C2D-8EFD-040C332AB4AF}> [File is missing] <{2DB920D4-1DD0-4110-A330-5BF940ABE365}> [File is missing] <{1444F708-DA5A-446D-A59D-102F2E82F9CB}> [File is missing] <{261EF826-F048-4397-8705-0BF70CB68993}> [File is missing] <{6C02B8B9-AD0F-440C-801C-BEBF98427E9E}> [File is missing] <{E1996F21-711A-44A9-BBF5-6AE0E469F640}> [File is missing] <{87154B17-659D-4E94-901A-B3DD0EA4406C}> [File is missing] <{432B2113-6B3A-4F94-A3CB-3078AA8349F9}> [File is missing] <{D14D5775-EC26-42D8-B1BD-99ABBA43AA07}> [File is missing] <{CE843C87-6C72-44AA-B944-C4285680DC40}> [File is missing] <{792DD17E-7E41-4C95-914E-FC9447AF9324}> [File is missing] <{49711758-5A47-4D37-B160-68A914382A0F}> [File is missing] <{B71F33E8-A760-4444-AA10-5E9A88307239}> [] <{1B642869-C5E7-4AAC-B8A6-C2524068F9D1}> [] <{B0913D0C-9FA5-4A9E-ABEF-614BC789780F}> [File is missing] <{23C998E8-7828-4CA7-9F88-FB2AA18F2A73}> [File is missing] <{45E257A5-5BC0-4FEB-A5B5-FE9FF9376EA3}> [File is missing] <{609E09D7-7F22-4D2B-A111-F0E7588A0141}> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <261EF826> [File is missing] [] <1444F708> [File is missing] <5E4D7B4C> [] <3A303641> [] <2DB920D4> [File is missing] <5F36118C> [] <1382E813> [] [] [] <315B4ABF> [File is missing] <22D4319C> [] <8F58CC2D> [] <2718DD7F> [] [File is missing] <650C9379> [] <6C02B8B9> [File is missing] [File is missing] <0F7A599D> [File is missing] <56F44CF1> [File is missing] <17B6BF0B> [File is missing] <38E826A1> [File is missing] <81F6FC4F> [File is missing] [File is missing] [File is missing] <61936B76> [File is missing] [File is missing] [File is missing] [File is missing] <87154B17> [File is missing] <432B2113> [File is missing] [File is missing] [File is missing] <792DD17E> [File is missing] <49711758> [File is missing] [] [File is missing] <23C998E8> [File is missing] <45E257A5> [File is missing] <609E09D7> [File is missing] <1B642869> [] ================================== 驱动程序 [0011701c / 0011701c][Stopped/Manual Start] <\??\C:\WINDOWS\system32\Drivers\0011701c.sys> [msiffei / msiffei][Stopped/Manual Start] ================================== 正在运行的进程(主进程为正常文件，但被插入木马DLL模块进程) [PID: 608 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 652 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 664 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 824 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 872 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 972 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\System32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\System32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\System32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\System32\ofloccid.dll] [N/A, ] [C:\WINDOWS\System32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\System32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\System32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\System32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\System32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\System32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\System32\inhoddnf.dll] [N/A, ] [PID: 1040 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 1104 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 1292 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 1372 / SYSTEM][C:\Program Files\Rising\Rav\rsnetsvr.exe] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 1568 / Administrator][C:\WINDOWS\EXPLORER.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [C:\WINDOWS\system32\hjoieohj.dll] [N/A, ] [C:\WINDOWS\system32\bibmlnic.dll] [N/A, ] [PID: 1660 / Administrator][C:\WINDOWS\system32\conime.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 1744 / Administrator][C:\WINDOWS\system32\cmd.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 2008 / SYSTEM][C:\Program Files\Rising\Rav\ScanFrm.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.11] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 2016 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 232 / Administrator][C:\WINDOWS\system32\cmd.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [PID: 1772 / Administrator][C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation, 3.0.0.4363] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [PID: 1764 / Administrator][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 3.0.0.4363] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [PID: 1788 / Administrator][C:\WINDOWS\system32\igfxpers.exe] [Intel Corporation, 3.0.0.4363] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [PID: 1768 / Administrator][C:\Program Files\Rising\AntiSpyware\rstray.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.16] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [PID: 1896 / Administrator][C:\Program Files\Rising\Rav\RsTray.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.22] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [PID: 920 / Administrator][C:\WINDOWS\RTHDCPL.EXE] [Realtek Semiconductor Corp., 2.1.3.2] [C:\WINDOWS\system32\hjoieohj.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [PID: 1556 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\hjoieohj.dll] [N/A, ] [C:\WINDOWS\system32\bibmlnic.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [PID: 3196 / Administrator][J:\SREngLdr.EXE] [Smallfrogs Studio, 2.7.0.1210] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\bibmlnic.dll] [N/A, ] [C:\WINDOWS\system32\hjoieohj.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] [PID: 3276 / Administrator][J:\SRE1611a4ab.EXE] [Smallfrogs Studio, 2.7.0.1210] [C:\WINDOWS\system32\hbmkiomp.dll] [N/A, ] [C:\WINDOWS\system32\bibmlnic.dll] [N/A, ] [C:\WINDOWS\system32\hjoieohj.dll] [N/A, ] [C:\WINDOWS\system32\eicpiijn.dll] [N/A, ] [C:\WINDOWS\system32\lekdnbkc.dll] [N/A, ] [C:\WINDOWS\system32\inhoddnf.dll] [N/A, ] [C:\WINDOWS\system32\iidkjhpc.dll] [N/A, ] [C:\WINDOWS\system32\jajgjmkh.dll] [N/A, ] [C:\WINDOWS\system32\lfjmhhoc.dll] [N/A, ] [C:\WINDOWS\system32\ejlpoidc.dll] [N/A, ] [C:\WINDOWS\system32\mlgcpjnp.dll] [N/A, ] [C:\WINDOWS\system32\bnhfjjeo.dll] [N/A, ] [C:\WINDOWS\system32\ofloccid.dll] [N/A, ] ==================================