[CODE] 2009-05-24,14:05:17 System Repair Engineer 2.7.1.1261 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能 以下内容被选中: 所有的启动项目(包括注册表、启动文件夹、服务等) 浏览器加载项 正在运行的进程(包括进程模块信息) 文件关联 Winsock 提供者 Autorun.inf HOSTS 文件 进程特权扫描 计划任务 API HOOK 隐藏进程 启动项目 注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] <"C:\Program Files\Tencent\QQ2009\Bin\QQ.exe" /background> [(Verified)Tencent Technology(Shenzhen) Company Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] <%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start> [ Hewlett-Packard Development Company, L.P.] [(Verified)Microsoft Windows Hardware Compatibility Publisher] <"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [] [(Verified)Microsoft Corporation] [Intel Corporation] [Intel Corporation] [Intel Corporation] [Ahead Software Gmbh] <"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [RealNetworks, Inc.] [] [File is missing] <360Safetray> [(Verified)Qizhi Software (beijing) Co. Ltd] <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)Qizhi Software (beijing) Co. Ltd] <"d:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Corporation Limited] <"C:\Program Files\Tencent\QQLive\QQLiveOneClick.exe" -system_startup> [(Verified)Tencent Technology(Shenzhen) Company Limited] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}> [(Verified)Microsoft Windows Component Publisher] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] [Intel Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <浏览器自定义组件> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] [(Verified)Microsoft Windows Component Publisher] [HKEY_CURRENT_USER\Control Panel\Desktop] [(Verified)Microsoft Windows Publisher] ================================== 启动文件夹 [QQ游戏启动加速程序] C:\PROGRA~1\腾讯游戏\QQGAME\Accel.exe [深圳市腾讯计算机系统有限公司]> ================================== 服务 [AddFiltr / AddFiltr][Stopped/Manual Start] <"C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe"> [Human Interface Device Access / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [hpqwmiex / hpqwmiex][Running/Auto Start] [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [Rising RavTask Manager / RavTask][Stopped/Auto Start] <"d:\Program Files\Rising\Rav\RavTask.exe" RavTask> [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] ================================== 驱动程序 [000696f3 / 000696f3][Stopped/Manual Start] <\??\C:\WINDOWS\system32\Drivers\000696f3.sys> [360procmon / 360procmon][Running/Manual Start] <\??\D:\Program Files\360safe\safemon\360procmon.sys><> [Intel(R) PRO Network Connection Driver / E100B][Running/Manual Start] [eabfiltr / eabfiltr][Running/Manual Start] [HBtnKey / HBtnKey][Running/Manual Start] [Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Running/Manual Start] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [hookcont / hookcont][Running/System Start] [hooksys / hooksys][Running/System Start] [HSFHWAZL / HSFHWAZL][Running/Manual Start] [HSF_DPV / HSF_DPV][Running/Manual Start] [ialm / ialm][Running/Manual Start] [mdmxsdk / mdmxsdk][Running/Auto Start] [用于 Windows XP 32 Bit 版的英特尔(R) PRO/无线 3945ABG 适配器驱动程序 / NETw3x32][Running/Manual Start] [DLT 828 Serial port driver / oxser][Running/System Start] [pcidump / pcidump][Stopped/Manual Start] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [rimmptsk / rimmptsk][Stopped/Manual Start] [rimsptsk / rimsptsk][Stopped/Manual Start] [Ricoh xD-Picture Card Driver / rismxdp][Stopped/Manual Start] [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys> [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys><360安全中心> [Secdrv / Secdrv][Stopped/Manual Start] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [TesDrvPt / TesDrvPt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesDrvPt.sys> [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [Conexant Setup API / UIUSys][Stopped/Manual Start] [winachsf / winachsf][Running/Manual Start] [56109 / 56109][Running/System Start] <2 - 系统找不到指定的文件。 > ================================== 浏览器加载项 [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [启动迅雷5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} [] {e2e2dd38-d088-4134-82b7-f2ba38496583} <%windir%\Network Diagnostic\xpnetdiag.exe, (Signed) N/A> [Messenger] {FB5F1910-F110-11d2-BB9E-00C04F795683} [] {00000000-0000-0000-0000-000000000000} <, > [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, > [Player Class] {11F2A418-94B2-4e16-9B0C-B00C0435F903} [InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} [] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <, > [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} [XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} [] {29CF293A-1E7D-4069-9E11-E39698D0AF95} <, > [DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [Shell Name Space] {55136805-B2DE-11D1-B9F2-00A0C98BC547} [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [QQLiveFile Class] {6B232760-90F1-41c3-9902-C8552C1D8A72} [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [Active Desktop Mover] {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A> [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [] {77FEF28E-EB96-44FF-B511-3185DEA48697} <, > [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [Microsoft Web Browser] {8856F961-340A-11D0-A96B-00C04FD705A2} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [XML DOM 文档 5.0] {88D969E5-F192-11D4-A65F-0040963251E5} [] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, > [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [] {998A88A0-A355-809B-831C-B83A80000991} <, > [] {998A88A0-A355-809B-831C-B83A80000992} <, > [] {A7F05EE4-0426-454F-8013-C41E3596E9E9} <, > [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [Microsoft Scriptlet Component] {AE24FDAE-03C6-11D1-8B76-0080C744F389} [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A> [] {B580CF65-E151-49C3-B73F-70B13FCA8E86} <, > [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [WebPlayer Class] {B965124A-7C58-45f8-91BF-28A981CE7594} [RDS.DataSpace] {BD96C556-65A3-11D0-983A-00C04FC29E36} [AUDIO__MP3 Moniker Class] {CD3AFA76-B84F-48F0-9393-7EDC34128127} [VIDEO__X_MS_ASF Moniker Class] {CD3AFA8F-B84F-48F0-9393-7EDC34128127} [VIDEO__X_MS_WMV Moniker Class] {CD3AFA94-B84F-48F0-9393-7EDC34128127} [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [QQLive Class] {D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62} [QuickTimeCheck Class] {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} [] {E2E2DD38-D088-4134-82B7-F2BA38496583} <, > [] {EAB7A1CC-C77B-45E5-9AC2-AD037D047BCC} <, > [TimwpDll.TimwpCheck] {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [XML DOM Document 3.0] {F5078F32-C551-11D3-89B9-0000F81FE221} [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} [] {FB5F1910-F110-11D2-BB9E-00C04F795683} <, > [使用迅雷下载] [使用迅雷下载全部链接] [导出到 Microsoft Office Excel(&X)] ================================== 正在运行的进程 [PID: 756 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 816 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 840 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 884 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)] [PID: 900 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1052 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1132 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1192 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1336 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1372 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1768 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [C:\WINDOWS\system32\CNMLM75.DLL] [CANON INC., 1.90.2.21] [C:\WINDOWS\system32\mdimon.dll] [Microsoft Corporation, 11.3.1897.0] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\CNMPD75.DLL] [CANON INC., 1.90.2.21] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll] [Microsoft Corporation, 11.3.1897.0] [PID: 2020 / Administrator][C:\WINDOWS\Explorer.EXE] [, 1, 0, 0, 1] [C:\WINDOWS\phpi.dll] [N/A, ] [D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1009] [PID: 260 / Administrator][C:\WINDOWS\system32\conime.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 792 / Administrator][C:\WINDOWS\temp\explorer.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1009] [PID: 1920 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 492 / SYSTEM][C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe] [Hewlett-Packard Development Company, L.P., 2, 0, 1, 9] [PID: 2104 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2188 / Administrator][C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe] [ Hewlett-Packard Development Company, L.P., 6, 1, 2, 9] [C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll] [Hewlett-Packard Development Company, L.P., 6, 1, 2, 7] [C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqExec.dll] [Hewlett-Packard Company, 6, 1, 1, 2] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [PID: 2232 / Administrator][C:\WINDOWS\system32\igfxtray.exe] [Intel Corporation, 6.14.10.4864] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 6.14.10.4864] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4864] [C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 6.14.10.4864] [C:\WINDOWS\system32\igfxress.dll] [Intel Corporation, 6.14.10.4864] [PID: 2240 / Administrator][C:\WINDOWS\system32\hkcmd.exe] [Intel Corporation, 6.14.10.4864] [C:\WINDOWS\system32\hccutils.DLL] [Intel Corporation, 6.14.10.4864] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4864] [C:\WINDOWS\system32\igfxres.dll] [Intel Corporation, 6.14.10.4864] [C:\WINDOWS\system32\COMRes.dll] [N/A, ] [PID: 2248 / Administrator][C:\WINDOWS\system32\igfxpers.exe] [Intel Corporation, 6.14.10.4864] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4864] [C:\WINDOWS\system32\COMRes.dll] [N/A, ] [PID: 2264 / Administrator][C:\Program Files\Common Files\Real\Update_OB\realsched.exe] [RealNetworks, Inc., 0.1.0.3427] [PID: 2272 / Administrator][C:\PROGRA~1\delutong\SRTWATCH.EXE] [N/A, ] [C:\PROGRA~1\delutong\MFC42.DLL] [Microsoft Corporation, 6.00.9586.0] [C:\PROGRA~1\delutong\SRT.DLL] [, 2, 2, 0, 0] [PID: 3756 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)] [PID: 4092 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2636 / Administrator][C:\WINDOWS\system32\igfxsrvc.exe] [Intel Corporation, 6.14.10.4864] [C:\WINDOWS\system32\igfxsrvc.dll] [Intel Corporation, 6.14.10.4864] [C:\WINDOWS\system32\igfxdev.dll] [Intel Corporation, 6.14.10.4864] [PID: 3612 / Administrator][C:\Program Files\Tencent\QQLive\qqlive.exe] [Tencent, 8.00.4465.0] [C:\Program Files\Tencent\QQLive\ExceptCatch.dll] [Tencent, 8.00.4465.0] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files\Tencent\QQLive\log.dll] [N/A, ] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files\Tencent\QQLive\Skin.dll] [Tencent, 8.00.4465.0] [C:\Program Files\Tencent\QQLive\proxy.dll] [N/A, ] [C:\Program Files\Tencent\QQLive\Encrypt.dll] [N/A, ] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files\Tencent\QQLive\Core.dll] [Tencent, 8.00.4465.0] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files\Tencent\QQLive\SetupShell.dll] [Tencent, 8.00.4465.0] [C:\Program Files\Tencent\QQLive\Upgrade.dll] [Tencent, 8.00.4465.0] [C:\Program Files\Tencent\QQLive\LiveAPI.dll] [Tencent, 8.00.4465.0] [C:\Program Files\Tencent\QQLive\LiveMaster.dll] [Tencent, 8.00.4465.0] [C:\Program Files\Tencent\QQLive\p2papp.dll] [Tencent, 2, 7, 0, 167] [C:\Program Files\Tencent\QQLive\p2phttp.DLL] [Tencent, 2, 7, 0, 167] [C:\Program Files\Tencent\QQLive\p2pdata.dll] [Tencent, 2, 7, 0, 167] [C:\Program Files\Tencent\QQLive\p2pcore.dll] [Tencent, 2, 7, 0, 167] [C:\Program Files\Tencent\QQLive\UserData.dll] [Tencent, 8.00.4465.0] [C:\Program Files\Tencent\QQLive\MiniTips.dll] [Tencent, 8.00.4465.0] [C:\Program Files\Tencent\QQLive\QQLiveCommu.dll] [Tencent, 8.00.4465.0] [C:\Program Files\Tencent\QQLive\Statistic.dll] [Tencent, 8.00.4465.0] [C:\Program Files\Tencent\QQLive\TNProxy.dll] [Tencent Technology(Shenzhen) Company Limited, 2, 1, 101, 90] [PID: 3888 / Administrator][D:\Program Files\360safe\360Down.exe] [360Safe.com, 1, 0, 0, 2] [D:\Program Files\360safe\360net.dll] [奇虎网, 1, 1, 0, 1002] [D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1009] [C:\WINDOWS\system32\COMRes.dll] [N/A, ] [PID: 572 / Administrator][C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe] [Thunder Networking Technologies,LTD, 5.8.6.612] [C:\Program Files\Thunder Network\Thunder\Program\BugReport.dll] [Thunder Networking Technologies,LTD, 1, 4, 1, 20] [D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1009] [C:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 3, 10, 72] [C:\Program Files\Thunder Network\Thunder\Program\download_interface.dll] [Thunder Networking Technologies,LTD, 3, 3, 2, 325] [C:\Program Files\Thunder Network\Thunder\Program\mp.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 2] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Thunder Network\Thunder\Program\asyn_frame.dll] [Thunder Networking Technologies,LTD, 1, 3, 2, 28] [C:\Program Files\Thunder Network\Thunder\Program\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Thunder Network\Thunder\Program\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 5, 2, 25] [C:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll] [Thunder Networking Technologies,LTD, 1, 1, 1, 10] [C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DownAndPlay.dll] [, 1, 0, 12, 30] [C:\Program Files\Thunder Network\Thunder\Program\backend_agent.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 25] [C:\Program Files\Thunder Network\Thunder\Program\zlib1.dll] [, 1.2.3] [C:\Program Files\Thunder Network\Thunder\Program\p2sp.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 43] [C:\Program Files\Thunder Network\Thunder\Program\fs.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 13] [C:\Program Files\Thunder Network\Thunder\Program\down_dispatcher.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 29] [C:\Program Files\Thunder Network\Thunder\Program\ptl.dll] [Thunder Networking Technologies,LTD, 3, 2, 2, 35] [C:\Program Files\Thunder Network\Thunder\Program\dl_peer_id.dll] [Thunder Networking Technologies,LTD, 3, 1, 2, 3] [C:\Program Files\Thunder Network\Thunder\Program\xl_stat.dll] [, 1, 1, 2, 6] [d:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.74] [C:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll] [Thunder Networking Technologies,LTD, 1, 0, 4, 35] [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87] [C:\Program Files\Thunder Network\Thunder\Program\p2p.dll] [Thunder Networking Technologies,LTD, 1,1,2,37] [C:\Program Files\Thunder Network\Thunder\Program\p2p_upload.dll] [Thunder Networking Technologies,LTD, 1,1,2,13] [C:\Program Files\Thunder Network\Thunder\Program\xldc.dll] [Thunder Networking Technologies,LTD, 4, 0, 2, 28] [C:\Program Files\Thunder Network\Thunder\Program\stream.dll] [Thunder Networking Technologies,LTD, 2, 1, 2, 404] [C:\Program Files\Thunder Network\Thunder\Program\p2p_local_res.dll] [Thunder Networking Technologies,LTD, 1,1,2,18] [C:\Program Files\Thunder Network\Thunder\Program\al.dll] [Thunder Networking Technologies,LTD, 1,1,2,23] [C:\Program Files\Thunder Network\Thunder\Program\emule_id.dll] [, 1, 0, 2, 11] [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll] [ShenZhen Thunder Networking Technologies,LTD, 3, 4, 12, 125] [C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed22.dll] [ShenZhen Thunder Networking Technologies,LTD, 3, 4, 12, 125] [C:\Program Files\Thunder Network\Thunder\Components\InMedia\XLIPC.DLL] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 2] [C:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll] [Thunder Networking Technologies,LTD, 2, 2, 5, 70] [C:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll] [Thunder Networking Technologies,LTD, 2, 5, 0, 90] [C:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 17, 0, 67] [C:\Program Files\Thunder Network\Thunder\Program\MSVCIRT.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\Program Files\Thunder Network\Thunder\Program\imdt.dll] [Thunder Networking Technologies,LTD, 1.2.0.21] [C:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin19.dll] [ShenZhen Thunder Networking Technologies,LTD, 3, 1, 7, 82] [C:\Program Files\Thunder Network\Thunder\Program\xldcsubtask.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 13] [C:\Program Files\Thunder Network\Thunder\Components\Community\audioCtrl.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 2] [C:\Program Files\Thunder Network\Thunder\Components\Community\xlaudio.dll] [, 1, 0, 2, 4] [C:\Program Files\Thunder Network\Thunder\Program\xlvdt.dll] [Thunder Networking Technologies,LTD, 1.0.2.6] [C:\Program Files\Thunder Network\Thunder\Components\Security\ThunderSafe.dll] [深圳市迅雷网络技术有限公司, 2, 1, 5, 99] [C:\Program Files\Thunder Network\Thunder\Components\Security\ConfigManager.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 1] [C:\Program Files\Thunder Network\Thunder\Components\Security\SafeManager.dll] [Xunlei Networking Technologies,LTD, 1, 0, 5, 20] [C:\Program Files\Thunder Network\Thunder\Components\Security\SafeStatistic.dll] [Xunlei Networking Technologies,LTD, 1, 0, 0, 1] [C:\Program Files\Thunder Network\Thunder\Program\XLNetU.Dll] [Thunder Networking Technologies,LTD, 1, 5, 1, 24] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\XLSafeHost.dll] [深圳市迅雷网络技术有限公司, 1, 2, 18, 105] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\ThunderRAV.dll] [N/A, ] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\rsscan.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\refs.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] [C:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll] [Thunder Networking Technologies,LTD, 1, 1, 7, 25] [C:\Program Files\Thunder Network\Thunder\Program\LiveUpdate.dll] [Thunder Networking Technologies,LTD, 1, 2, 4, 26] [C:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\DrThunderHost.dll] [深圳市迅雷网络技术有限公司, 1.0.0.9] [C:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\DrKernel.dll] [深圳市迅雷网络技术有限公司, 1.0.0.4] [C:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\DrSoftIdentifier.dll] [深圳市迅雷网络技术有限公司, 1.0.0.9] [C:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\DrUpdate.dll] [深圳市迅雷网络技术有限公司, 1.1.0.3] [C:\Program Files\Thunder Network\Thunder\Plugins\GouGouTop\GouGouTop.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 5] [C:\Program Files\Thunder Network\Thunder\Plugins\KanKanTop\KanKanTop.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 4] [C:\Program Files\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll] [Thunder Networking Technologies,LTD, 1, 0, 4, 19] [C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll] [Thunder Networking Technologies,LTD, 6, 0, 4, 42] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 120] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.34] [C:\Program Files\Thunder Network\Thunder\Components\Tips\TipsClient.dll] [Thunder Networking Technologies,LTD, 2, 2, 14, 120] [C:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VPSHELL.dll] [迅雷网络, 4, 0, 0, 38] [C:\Program Files\Thunder Network\Thunder\Components\UserExperience\UserExperience.dll] [Thunder Networking Technologies,LTD, 1, 0, 3, 5] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsXlCom.dll] [, 1, 0, 0, 30] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\MediaWorker.dll] [Thunder Networking Technologies,LTD, 1, 2, 0, 22] [C:\Program Files\Thunder Network\Thunder\Components\Tips\XLIPC.DLL] [Thunder Networking Technologies,LTD, 1, 0, 0, 2] [C:\Program Files\Thunder Network\Thunder\Components\DownloadStat\DownloadStat.dll] [Thunder Networking Technologies,LTD, 1, 4, 1, 6] [C:\Program Files\Thunder Network\Thunder\Program\bd.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 19] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 41] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\scanpe.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\ur000.dat] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\urutils.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\extfile.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\revm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\extmail.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\scansct.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [PID: 3864 / Administrator][D:\Program Files\Rising\Rav\RsMain.exe] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [D:\Program Files\Rising\Rav\rspalmgr.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.29] [D:\Program Files\Rising\Rav\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [D:\Program Files\Rising\Rav\RSXML.DLL] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [D:\Program Files\Rising\Rav\RsGuiLib.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [D:\Program Files\Rising\Rav\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28] [D:\Program Files\Rising\Rav\ravbmenu.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17] [D:\Program Files\Rising\Rav\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [D:\Program Files\Rising\Rav\rspalvd.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.26] [D:\Program Files\Rising\Rav\ravppops.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15] [D:\Program Files\Rising\Rav\ravbintl.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29] [D:\Program Files\Rising\Rav\ravpsafe.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.28] [D:\Program Files\Rising\Rav\MonState.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] [D:\Program Files\Rising\Rav\ScanPrxy.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.17] [D:\Program Files\Rising\Rav\psafecfg.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.19] [D:\Program Files\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.1] [D:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.19] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [D:\Program Files\Rising\Rav\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\Program Files\Rising\Rav\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] [D:\Program Files\Rising\Rav\ravxpage.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 90] [D:\Program Files\Rising\Rav\ravxmons.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] [D:\Program Files\Rising\Rav\ravptool.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.20] [D:\Program Files\Rising\Rav\log2file.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.10] [D:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [D:\Program Files\Rising\Rav\htmllib.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [D:\Program Files\Rising\Rav\rsvrinfo.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [D:\Program Files\Rising\Rav\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [D:\Program Files\Rising\Rav\refs.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [D:\Program Files\Rising\Rav\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [D:\Program Files\Rising\Rav\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] [PID: 268 / Administrator][D:\Program Files\Rising\Rav\scanfrm.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.11] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [D:\Program Files\Rising\Rav\combase.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] [D:\Program Files\Rising\Rav\moncomm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] [D:\Program Files\Rising\Rav\scansrvp.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.12] [D:\Program Files\Rising\Rav\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] [D:\Program Files\Rising\Rav\ScanSrv.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.10] [D:\Program Files\Rising\Rav\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\Program Files\Rising\Rav\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [D:\Program Files\Rising\Rav\ScanRavT.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.25] [D:\Program Files\Rising\Rav\ScanBT.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.46] [D:\Program Files\Rising\Rav\ScanStub.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.9] [D:\Program Files\Rising\Rav\RsLog.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.36] [D:\Program Files\Rising\Rav\ScanAdd.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.17] [D:\Program Files\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.1] [D:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.19] [D:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.38] [D:\Program Files\Rising\Rav\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [D:\Program Files\Rising\Rav\refs.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [D:\Program Files\Rising\Rav\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [D:\Program Files\Rising\Rav\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] [D:\Program Files\Rising\Rav\mvengine.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [D:\Program Files\Rising\Rav\SysMail.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.5] [D:\Program Files\Rising\Rav\posttrt.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [D:\Program Files\Rising\Rav\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [D:\Program Files\Rising\Rav\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [D:\Program Files\Rising\Rav\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [D:\Program Files\Rising\Rav\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [D:\Program Files\Rising\Rav\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 41] [D:\Program Files\Rising\Rav\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [D:\Program Files\Rising\Rav\scanpe.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] [D:\Program Files\Rising\Rav\ur000.dat] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] [D:\Program Files\Rising\Rav\urutils.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [D:\Program Files\Rising\Rav\extfile.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] [D:\Program Files\Rising\Rav\revm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [D:\Program Files\Rising\Rav\ur001.dat] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] [D:\Program Files\Rising\Rav\rsstore.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [D:\Program Files\Rising\Rav\ur027.dat] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [D:\Program Files\Rising\Rav\ur023.dat] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] [D:\Program Files\Rising\Rav\scansct.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [D:\Program Files\Rising\Rav\extole.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [D:\Program Files\Rising\Rav\extmail.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [PID: 3344 / Administrator][D:\Program Files\Rising\Rav\RsAgent.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.17] [D:\Program Files\Rising\Rav\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [D:\Program Files\Rising\Rav\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\Program Files\Rising\Rav\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [D:\Program Files\Rising\Rav\ScanPrxy.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.17] [C:\WINDOWS\system32\COMRes.dll] [N/A, ] [PID: 2056 / Administrator][C:\Program Files\Rising\AntiSpyware\rstray.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.17] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Rising\AntiSpyware\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] [C:\Program Files\Rising\AntiSpyware\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [C:\Program Files\Rising\AntiSpyware\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\AntiSpyware\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\AntiSpyware\ComServ.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.31] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\AntiSpyware\rscommon.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.1.1] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\pngdll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\Program Files\Rising\AntiSpyware\runiep.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.43] [C:\Program Files\Rising\AntiSpyware\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11] [d:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\AntiSpyware\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\WINDOWS\system32\COMRes.dll] [N/A, ] [PID: 3292 / Administrator][C:\Program Files\Rising\AntiSpyware\ras.exe] [Beijing Rising Information Technology Co., Ltd., 6.0.0.7] [C:\Program Files\Rising\AntiSpyware\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\AntiSpyware\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1009] [C:\Program Files\Rising\AntiSpyware\KakaMgr.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.29] [C:\Program Files\Rising\AntiSpyware\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [d:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\AntiSpyware\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\dbmgr.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.4] [C:\Program Files\Rising\AntiSpyware\RSXML.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [C:\Program Files\Rising\AntiSpyware\pweb.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.21] [C:\Program Files\Rising\AntiSpyware\pscan.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.67] [C:\Program Files\Rising\AntiSpyware\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11] [C:\Program Files\Rising\AntiSpyware\pset.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.12] [C:\Program Files\Rising\AntiSpyware\pdefend.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.14] [C:\Program Files\Rising\AntiSpyware\ptools.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.16] [C:\Program Files\Rising\AntiSpyware\psysinfo.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.57] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [C:\Program Files\Rising\AntiSpyware\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [d:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.74] [C:\Program Files\Rising\AntiSpyware\engine.dll] [Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 26] [C:\Program Files\Rising\AntiSpyware\zip.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 0] [PID: 3184 / Administrator][C:\Program Files\Rising\AntiSpyware\knownsvr.exe] [Beijing Rising Information Technology Co., Ltd., 6.0.0.14] [C:\Program Files\Rising\AntiSpyware\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [PID: 2408 / Administrator][C:\Program Files\Rising\AntiSpyware\Ras.exe] [Beijing Rising Information Technology Co., Ltd., 6.0.0.7] [C:\Program Files\Rising\AntiSpyware\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\AntiSpyware\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1009] [C:\Program Files\Rising\AntiSpyware\KakaMgr.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.29] [C:\Program Files\Rising\AntiSpyware\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [d:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\AntiSpyware\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\RSXML.DLL] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [C:\Program Files\Rising\AntiSpyware\pwiz.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.15] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [C:\Program Files\Rising\AntiSpyware\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\Program Files\Rising\AntiSpyware\engine.dll] [Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 26] [C:\Program Files\Rising\AntiSpyware\zip.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 0] [PID: 3144 / Administrator][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 7.00.6000.16827 (vista_gdr.090226-1506)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1009] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.34] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 120] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\WINDOWS\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] [C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.15] [D:\Program Files\360safe\safemon\urlproc.dll] [360.CN, 1, 0, 0, 1005] [d:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.74] [PID: 520 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 7.00.6000.16827 (vista_gdr.090226-1506)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1009] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.34] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 120] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 20] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [Thunder Networking Technologies,LTD, 1, 0, 0, 16] [C:\WINDOWS\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] [C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.15] [D:\Program Files\360safe\safemon\urlproc.dll] [360.CN, 1, 0, 0, 1005] [d:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.74] [C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx] [Adobe Systems, Inc., 10,0,22,87] [C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll] [Thunder Networking Technologies,LTD, 6, 0, 4, 42] [PID: 1232 / Administrator][C:\Program Files\WinRAR\WinRAR.exe] [N/A, ] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1009] [PID: 1640 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.797\SREngLdr.EXE] [Smallfrogs Studio, 2.7.1.1261] [PID: 3456 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.797\SREa279d863.EXE] [Smallfrogs Studio, 2.7.1.1261] [D:\Program Files\360safe\safemon\safemon.dll] [360.CN, 5, 0, 0, 1009] [C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\Rar$EX00.797\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== 文件关联 .TXT Error. [C:\WINDOWS\notepad.exe %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf [C:\] [autorun] Open=1.exe [D:\] [autorun] Open=1.exe [E:\] [autorun] Open=1.exe ================================== HOSTS 文件 127.0.0.1 v.onondown.com.cn 127.0.0.2 ymsdasdw1.cn 127.0.0.3 h96b.info 127.0.0.0 fuck.zttwp.cn 127.0.0.0 www.hackerbf.cn 127.0.0.0 geekbyfeng.cn 127.0.0.0 121.14.101.68 127.0.0.0 ppp.etimes888.com 127.0.0.0 www.bypk.com 127.0.0.0 CSC3-2004-crl.verisign.com 127.0.0.1 va9sdhun23.cn 127.0.0.0 udp.hjob123.com 127.0.0.2 bnasnd83nd.cn 127.0.0.0 www.gamehacker.com.cn 127.0.0.0 gamehacker.com.cn 127.0.0.3 adlaji.cn 127.0.0.1 858656.com 127.1.1.1 bnasnd83nd.cn 127.0.0.1 my123.com 127.0.0.0 user1.12-27.net 127.0.0.1 8749.com 127.0.0.0 fengent.cn 127.0.0.1 4199.com 127.0.0.1 user1.16-22.net 127.0.0.1 7379.com 127.0.0.1 2be37c5f.3f6e2cc5f0b.com 127.0.0.1 7255.com 127.0.0.1 user1.23-12.net 127.0.0.1 3448.com 127.0.0.1 www.guccia.net 127.0.0.1 7939.com 127.0.0.1 a.o1o1o1.nEt 127.0.0.1 8009.com 127.0.0.1 user1.12-73.cn 127.0.0.1 piaoxue.com 127.0.0.1 3n8nlasd.cn 127.0.0.1 kzdh.com 127.0.0.0 www.sony888.cn 127.0.0.1 about.blank.la 127.0.0.0 user1.asp-33.cn 127.0.0.1 6781.com 127.0.0.0 www.netkwek.cn 127.0.0.1 7322.com 127.0.0.0 ymsdkad6.cn 127.0.0.1 localhost 127.0.0.0 www.lkwueir.cn 127.0.0.1 06.jacai.com 127.0.1.1 user1.23-17.net 127.0.0.1 1.jopenkk.com 127.0.0.0 upa.luzhiai.net 127.0.0.1 1.jopenqc.com 127.0.0.0 www.guccia.net 127.0.0.1 1.joppnqq.com 127.0.0.0 4m9mnlmi.cn 127.0.0.1 1.xqhgm.com 127.0.0.0 mm119mkssd.cn 127.0.0.1 100.332233.com 127.0.0.0 61.128.171.115:8080 127.0.0.1 121.11.90.79 127.0.0.0 www.1119111.com 127.0.0.1 121565.net 127.0.0.0 win.nihao69.cn 127.0.0.1 125.90.88.38 127.0.0.1 16888.6to23.com 127.0.0.1 2.joppnqq.com 127.0.0.0 puc.lianxiac.net 127.0.0.1 204.177.92.68 127.0.0.0 pud.lianxiac.net 127.0.0.1 210.74.145.236 127.0.0.0 210.76.0.133 127.0.0.1 219.129.239.220 127.0.0.0 61.166.32.2 127.0.0.1 219.153.40.221 127.0.0.0 218.92.186.27 127.0.0.1 219.153.46.27 127.0.0.0 www.fsfsfag.cn 127.0.0.1 219.153.52.123 127.0.0.0 ovo.ovovov.cn 127.0.0.1 221.195.42.71 127.0.0.0 dw.com.com 127.0.0.1 222.73.218.115 127.0.0.1 203.110.168.233:80 127.0.0.1 3.joppnqq.com 127.0.0.1 203.110.168.221:80 127.0.0.1 363xx.com 127.0.0.1 www1.ip10086.com.cm 127.0.0.1 4199.com 127.0.0.1 blog.ip10086.com.cn 127.0.0.1 43242.com 127.0.0.1 www.ccji68.cn 127.0.0.1 5.xqhgm.com 127.0.0.0 t.myblank.cn 127.0.0.1 520.mm5208.com 127.0.0.0 x.myblank.cn 127.0.0.1 59.34.131.54 127.0.0.1 210.51.45.5 127.0.0.1 59.34.198.228 127.0.0.1 www.ew1q.cn 127.0.0.1 59.34.198.88 127.0.0.1 59.34.198.97 127.0.0.1 60.190.114.101 127.0.0.1 60.190.218.34 127.0.0.0 qq-xing.com.cn 127.0.0.1 60.191.124.252 127.0.0.1 61.145.117.212 127.0.0.1 61.157.109.222 127.0.0.1 75.126.3.216 127.0.0.1 75.126.3.217 127.0.0.1 75.126.3.218 127.0.0.0 59.125.231.177:17777 127.0.0.1 75.126.3.220 127.0.0.1 75.126.3.221 127.0.0.1 75.126.3.222 127.0.0.1 772630.com 127.0.0.1 832823.cn 127.0.0.1 8749.com 127.0.0.1 888.jopenqc.com 127.0.0.1 89382.cn 127.0.0.1 8v8.biz 127.0.0.1 97725.com 127.0.0.1 9gg.biz 127.0.0.1 www.9000music.com 127.0.0.1 test.591jx.com 127.0.0.1 a.topxxxx.cn 127.0.0.1 picon.chinaren.com 127.0.0.1 www.5566.net 127.0.0.1 p.qqkx.com 127.0.0.1 news.netandtv.com 127.0.0.1 z.neter888.cn 127.0.0.1 b.myblank.cn 127.0.0.1 wvw.wokutu.com 127.0.0.1 unionch.qyule.com 127.0.0.1 www.qyule.com 127.0.0.1 it.itjc.cn 127.0.0.1 www.linkwww.com 127.0.0.1 vod.kaicn.com 127.0.0.1 www.tx8688.com 127.0.0.1 b.neter888.cn 127.0.0.1 promote.huanqiu.com 127.0.0.1 www.huanqiu.com 127.0.0.1 www.haokanla.com 127.0.0.1 play.unionsky.cn 127.0.0.1 www.52v.com 127.0.0.1 www.gghka.cn 127.0.0.1 icon.ajiang.net 127.0.0.1 new.ete.cn 127.0.0.1 www.stiae.cn 127.0.0.1 o.neter888.cn 127.0.0.1 comm.jinti.com 127.0.0.1 www.google-analytics.com 127.0.0.1 hz.mmstat.com 127.0.0.1 www.game175.cn 127.0.0.1 x.neter888.cn 127.0.0.1 z.neter888.cn 127.0.0.1 p.etimes888.com 127.0.0.1 hx.etimes888.com 127.0.0.1 abc.qqkx.com 127.0.0.1 dm.popdm.cn 127.0.0.1 www.yl9999.com 127.0.0.1 www.dajiadoushe.cn 127.0.0.1 v.onondown.com.cn 127.0.0.1 www.interoo.net 127.0.0.1 bally1.bally-bally.net 127.0.0.1 www.bao5605509.cn 127.0.0.1 www.rty456.cn 127.0.0.1 www.werqwer.cn 127.0.0.1 1.360-1.cn 127.0.0.1 user1.23-16.net 127.0.0.1 www.guccia.net 127.0.0.1 www.interoo.net 127.0.0.1 upa.netsool.net 127.0.0.1 js.users.51.la 127.0.0.1 vip2.51.la 127.0.0.1 web.51.la 127.0.0.1 qq.gong2008.com 127.0.0.1 2008tl.copyip.com 127.0.0.1 tla.laozihuolaile.cn 127.0.0.1 www.tx6868.cn 127.0.0.1 p001.tiloaiai.com 127.0.0.1 s1.tl8tl.com 127.0.0.1 s1.gong2008.com 127.0.0.1 4b3ce56f9g.3f6e2cc5f0b.com 127.0.0.1 2be37c5f.3f6e2cc5f0b.com ================================== 进程特权扫描 特殊特权被允许: SeLoadDriverPrivilege [PID = 792, C:\WINDOWS\TEMP\EXPLORER.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 2188, C:\PROGRAM FILES\HEWLETT-PACKARD\HP QUICK LAUNCH BUTTONS\QLBCTRL.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 2264, C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE] 特殊特权被允许: SeDebugPrivilege [PID = 1232, C:\PROGRAM FILES\WINRAR\WINRAR.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 1232, C:\PROGRAM FILES\WINRAR\WINRAR.EXE] 特殊特权被允许: SeDebugPrivilege [PID = 1640, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\RAR$EX00.797\SRENGLDR.EXE] 特殊特权被允许: SeLoadDriverPrivilege [PID = 1640, C:\DOCUME~1\ADMINI~1\LOCALS~1\TEMP\RAR$EX00.797\SRENGLDR.EXE] ================================== 计划任务 N/A ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]