[CODE] 2009-07-09,20:01:58 System Repair Engineer 2.7.1.1261 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描计划任务 API HOOK 隐藏进程启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Component Publisher] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <"C:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Corporation Limited] [(Verified)Microsoft Windows Component Publisher] [(Verified)ShenZhen Thunder Networking Technologies Ltd.] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [File is missing] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}> [(Verified)Microsoft Windows Component Publisher] <{480F828B-3E98-426A-AEBC-B4307DF4771D}> [File is missing] <{FCA4D3BE-C6C7-4F4D-9CBD-CB2666647ACA}> [File is missing] <{9726072A-8039-4958-B609-565CF7A16B38}> [File is missing] <{F1C149F4-380C-4F8A-B87E-7393732B27C1}> [File is missing] <{AC933D46-96A7-4670-9292-E7C4126C071E}> [File is missing] <{AB900155-F1F0-4165-9E73-67BC13BBCE89}> [File is missing] <{39C1640B-E010-48CF-88A1-0D17A33AF9EA}> [File is missing] <{EBFD50DA-1206-4381-860D-77F92A2905D9}> [File is missing] <{76CBCF38-0583-44C7-A1AE-D463DFE625EC}> [File is missing] <{51F88A10-09E6-4763-948F-1C8861003255}> [File is missing] <{37C5D66A-8B1B-4545-8112-3751194F6A4A}> [File is missing] <{704C3595-DB85-40F6-A601-8D6F346907BD}> [File is missing] <{15882A2F-A06D-486E-8958-E84C86CBF273}> [File is missing] <{A0C86020-5935-4B87-B20E-0B656D450264}> [File is missing] <{BE4D19AC-C2B7-4E43-A4A5-2696B19E4082}> [File is missing] <{71C4F360-FF1E-413E-B17A-0CA267A78E97}> [File is missing] <{FC8F4603-4AB2-4A0D-B17F-886CC8AAAFD2}> [File is missing] <{16886058-6A31-4D53-B4AC-4CC7D2248D69}> [File is missing] <{23DA65D2-C696-4EE4-BEE8-B4841DEC3E30}> [File is missing] <{36AC68E6-0C26-4D39-B98E-54B49DAB6BAA}> [File is missing] <{F8C6B7B5-DAE0-4B78-BF2A-101C9A9CCA27}> [File is missing] <{A9BCD26B-9EFB-4718-A9DB-67A61DB76C77}> [File is missing] <{E45C0FF6-B170-43B2-B897-6D02C43A2E18}> [File is missing] <{CD95107F-52A5-42A4-9914-18949993E798}> [File is missing] <{50EBD6A5-0CF6-4E59-AE08-CCD991AA0596}> [File is missing] <{56441985-D4E7-4D1F-BA3A-000C647FAA00}> [File is missing] <{9D3E893F-55DA-42BF-94EF-B634AB358A24}> [File is missing] <{750DBD56-AF03-47CB-BB28-BBF312B059F9}> [File is missing] <{C5CB6C70-7185-4466-AB45-B1C34E7A37CA}> [File is missing] <{A5CA6C70-7185-4466-AB45-B1C34E7A37CA}> [File is missing] <{ACD32799-3CCF-4DBF-B1BE-6CF1979187E0}> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy] <%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\TPSvc] [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <浏览器自定义组件> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] <%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; ALCMTR.EXE> [(Verified)Microsoft Windows Hardware Compatibility Publisher] <; %systemroot%\system32\dumprep 0 -k> [File is missing] <; "D:\瑞星杀毒\kaka\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Corporation Limited] ================================== 启动文件夹 N/A ================================== 服务 [Ati HotKey Poller / Ati HotKey Poller][Stopped/Auto Start] [Contrl Center of Storm Media / ccosm][Stopped/Disabled] <北京暴风网际科技有限公司> [Help and Support / helpsvc][Stopped/Disabled] %WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll> [Human Interface Device Access / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [Microsoft HttpsFilter tools / HTTPFilters][Running/Auto Start] C:\WINDOWS\system32\PageSet.dll> [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Disabled] <><(File is missing)> [Microsoft IPsec Policy Agent / MSPolicyAgent][Running/Auto Start] c:\windows\system32\mspolicyagent.dll><> [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [Rising RavTask Manager / RavTask][Running/Auto Start] <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask> [ReBootFilmServer / ReBootFilmServer][Running/Auto Start] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [Windows Management / Windows Management][Stopped/Auto Start] ================================== 驱动程序 [AMD AGP Bus Filter Driver / amdagp][Running/Boot Start] <\SystemRoot\system32\DRIVERS\amdagp.sys> [Atheros AR5008 Wireless Network Adapter Service / AR5416][Stopped/Manual Start] [ati2mtag / ati2mtag][Running/Manual Start] [Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [hookcont / hookcont][Running/System Start] [hooksys / hooksys][Running/System Start] [hptpro / hptpro][Stopped/Boot Start] <\SystemRoot\system32\DRIVERS\hptpro.sys> [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [NetGroup Packet Filter Driver / NPF][Stopped/Manual Start] [AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys> [Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start] [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start] [Secdrv / Secdrv][Stopped/Manual Start] [SATALink driver accelerator / SiFilter][Running/Boot Start] <\SystemRoot\system32\DRIVERS\SiWinAcc.sys> [SATALink External Device Filter / SiRemFil][Running/Boot Start] <\SystemRoot\system32\DRIVERS\SiRemFil.sys> [SIS AGP Bus Filter / sisagp][Running/Boot Start] <\SystemRoot\system32\DRIVERS\sisagp.sys> [smserial / smserial][Running/Manual Start] [System Restore Filter Driver / sr][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sr.sys> [TCP/IP Protocol Driver / Tcpip][Running/System Start] [tifm21 / tifm21][Running/Manual Start] [VMware Pointing Device / vmmouse][Stopped/Manual Start] [VMware Ethernet Adapter Driver / vmxnet][Stopped/Manual Start] [vmx_svga / vmx_svga][Stopped/Manual Start] ================================== 浏览器加载项 [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [7555网址导航] {317FE61A-17FC-4817-9143-3E93FA9D39A1} [极速网络影视] {317FE61A-17FC-4817-9143-3E93FA9D39A3} <, > [腾云网络影视] {411B5FCC-B9C1-4539-B792-CA0DFDF452AF} <, > [GOOGLE搜索] {4A8FDCAB-4EAA-4D1E-8C3A-A5347339152B} [好玩小游戏] {57933805-E0DF-433B-9FFC-AD5873EA8396} [GOOGLE搜索] {6816999E-B715-44B4-8DEF-A796D53C45DD} [百度搜索] {80C1A71F-014E-4EA6-BA92-CB3C800D4F77} [启动网页迅雷] {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} [百度搜索] {C7374464-48C2-4ED6-9E78-2AB34A852FE1} [7555网址导航] {E77B97DC-FAFC-4A5F-A3C3-DB593B6421FD} [好玩小游戏] {F5845648-371E-4D70-BF42-170215FA6616} [] {61F0024B-8278-4999-B7E6-2718426D9FE6} <, > [瑞星卡卡工具条(&R)] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} [iTrusPTA Class] {1E0DFFCF-27FF-4574-849B-55007349FEDA} [] {488A4255-3236-44B3-8F27-FA1AECAA8844} <, > [CCTVUpdateInstall] {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} [WebThunder Browser Helper] {00000AAA-A363-466E-BEF5-9BB68697AA7F} [WebThunder Class] {03507A1A-E0C5-4404-AA26-205385C0892D} <, > [] {11F2A418-94B2-4e16-9B0C-B00C0435F903} <, > [InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} [] {2318C2B1-4965-11D4-9B18-009027A5CD4F} <, > [DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} [Vod Class] {2EEDA47E-8D5C-4d7e-B4B6-E16E19218555} [] {317FE61A-17FC-4817-9143-3E93FA9D39A1} <, > [] {317FE61A-17FC-4817-9143-3E93FA9D39A3} <, > [] {411B5FCC-B9C1-4539-B792-CA0DFDF452AF} <, > [] {4A8FDCAB-4EAA-4D1E-8C3A-A5347339152B} <, > [] {57933805-E0DF-433B-9FFC-AD5873EA8396} <, > [] {61F0024B-8278-4999-B7E6-2718426D9FE6} <, > [] {6816999E-B715-44B4-8DEF-A796D53C45DD} <, > [] {6A49F431-2A2E-41a5-9080-0F41D1A3AEC1} <, > [] {6B232760-90F1-41c3-9902-C8552C1D8A72} <, > [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [] {80C1A71F-014E-4EA6-BA92-CB3C800D4F77} <, > [Microsoft Web 浏览器] {8856F961-340A-11D0-A96B-00C04FD705A2} [] {962EFB8E-2683-42D4-AC74-AAA4C759B9C6} <, > [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [VersionDetector Class] {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} [] {AA58ED58-01DD-4D91-8333-CF10577473F7} <, > [] {C7374464-48C2-4ED6-9E78-2AB34A852FE1} <, > [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [] {D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62} <, > [瑞星卡卡工具条(&R)] {DB9ECD4F-FB8F-4311-B3CE-90B976C2707C} [] {E77B97DC-FAFC-4A5F-A3C3-DB593B6421FD} <, > [] {F5845648-371E-4D70-BF42-170215FA6616} <, > [使用Web迅雷下载] [使用Web迅雷下载全部链接] [使用网页迅雷下载] [使用网页迅雷下载全部链接] ================================== 正在运行的进程 [PID: 616 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 684 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 728 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\Ati2evxx.dll] [ATI Technologies Inc., 6.14.10.4177] [PID: 772 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] [PID: 784 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 980 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1060 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1188 / SYSTEM][C:\Program Files\Rising\Rav\CCENTER.EXE] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [C:\Program Files\Rising\Rav\combase.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] [C:\Program Files\Rising\Rav\cnt09.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37] [C:\Program Files\Rising\Rav\cnt08.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1196 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1260 / SYSTEM][C:\Program Files\Rising\Rav\RavTask.exe] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] [C:\Program Files\Rising\Rav\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\Rav\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.1] [C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.20] [C:\Program Files\Rising\Rav\rstask.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 40] [C:\Program Files\Rising\Rav\rsstub.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1332 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1472 / SYSTEM][C:\Program Files\Rising\Rav\RavMonD.exe] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [C:\Program Files\Rising\Rav\combase.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\Rav\moncomm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] [C:\Program Files\Rising\Rav\MonBase.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] [C:\Program Files\Rising\Rav\Rslog.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Rav\mondrv.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9] [C:\Program Files\Rising\Rav\defmon.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31] [C:\Program Files\Rising\Rav\moncom08.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [C:\Program Files\Rising\Rav\MonRule.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9] [C:\Program Files\Rising\Rav\FileMon.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28] [C:\Program Files\Rising\Rav\MailMon.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] [C:\Program Files\Rising\Rav\HookWeb.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] [C:\Program Files\Rising\Rav\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] [C:\Program Files\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.1] [C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.20] [C:\Program Files\Rising\Rav\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Rav\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\Rav\Hooksys.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18] [C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rav\HookCont.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] [C:\Program Files\Rising\Rav\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] [C:\Program Files\Rising\Rav\BACore.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22] [C:\Program Files\Rising\Rav\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Rav\refs.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [C:\Program Files\Rising\Rav\RSStore.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [C:\Program Files\Rising\Rav\ScanAdd.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.19] [C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.39] [C:\Program Files\Rising\Rav\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [C:\Program Files\Rising\Rav\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\Rav\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [C:\Program Files\Rising\Rav\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [C:\Program Files\Rising\Rav\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] [C:\Program Files\Rising\Rav\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [C:\Program Files\Rising\Rav\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 49] [C:\Program Files\Rising\Rav\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Rav\scanpe.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] [C:\Program Files\Rising\Rav\extfile.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15] [C:\Program Files\Rising\Rav\ur000.dat] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] [C:\Program Files\Rising\Rav\urutils.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Rav\methodex.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [C:\Program Files\Rising\Rav\pecompd.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [C:\Program Files\Rising\Rav\heurex.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10] [C:\Program Files\Rising\Rav\revm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8] [C:\Program Files\Rising\Rav\ur001.dat] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] [C:\Program Files\Rising\Rav\scriptci.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [C:\Program Files\Rising\Rav\uroutine.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Rav\extmail.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [C:\Program Files\Rising\Rav\scansct.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [C:\Program Files\Rising\Rav\ur025.dat] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [PID: 1620 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\spool\PRTPROCS\W32X86\TPWinPrn.dll] [ThinPrint GmbH, 7,6,193,1] [PID: 1800 / 吴][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.76] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [PID: 1852 / SYSTEM][C:\Program Files\Rising\Rav\rsnetsvr.exe] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15] [C:\Program Files\Rising\Rav\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.12] [C:\Program Files\Rising\Rav\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\Rav\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Rav\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 2012 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [c:\windows\system32\pageset.dll] [N/A, ] [PID: 2028 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [c:\windows\system32\mspolicyagent.dll] [, 2.1.3.1088] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.76] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx] [Adobe Systems, Inc., 10,0,12,36] [E:\阿里旺旺\Ali_Check.dll] [, 1, 0, 0, 2] [PID: 160 / SYSTEM][C:\WINDOWS\system32\ReBootFilmServer.exe] [N/A, ] [PID: 200 / SYSTEM][C:\Program Files\Rising\Rav\ScanFrm.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.12] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\Rav\combase.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] [C:\Program Files\Rising\Rav\moncomm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] [C:\Program Files\Rising\Rav\scansrvp.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.13] [C:\Program Files\Rising\Rav\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] [C:\Program Files\Rising\Rav\ScanSrv.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.10] [C:\Program Files\Rising\Rav\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Rav\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\Rav\ScanRavT.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.27] [C:\Program Files\Rising\Rav\ScanBT.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.49] [C:\Program Files\Rising\Rav\ScanStub.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.9] [C:\Program Files\Rising\Rav\ScanAdd.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.19] [C:\Program Files\Rising\Rav\RsLog.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.1] [C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.20] [C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.39] [C:\Program Files\Rising\Rav\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Rav\refs.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [C:\Program Files\Rising\Rav\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [C:\Program Files\Rising\Rav\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] [C:\Program Files\Rising\Rav\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [C:\Program Files\Rising\Rav\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [C:\Program Files\Rising\Rav\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] [C:\Program Files\Rising\Rav\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [C:\Program Files\Rising\Rav\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 49] [C:\Program Files\Rising\Rav\scansct.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [C:\Program Files\Rising\Rav\extmail.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [C:\Program Files\Rising\Rav\extfile.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15] [C:\Program Files\Rising\Rav\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Rav\scanpe.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] [C:\Program Files\Rising\Rav\ur000.dat] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] [C:\Program Files\Rising\Rav\urutils.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Rav\methodex.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [C:\Program Files\Rising\Rav\heurex.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10] [C:\Program Files\Rising\Rav\pecompd.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [C:\Program Files\Rising\Rav\revm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8] [C:\Program Files\Rising\Rav\ur001.dat] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] [C:\Program Files\Rising\Rav\extole.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [PID: 228 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1236 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\System32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] [PID: 1696 / 吴][C:\Program Files\Rising\Rav\RsTray.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.22] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\Rav\ComServ.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.49] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\Rav\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28] [C:\Program Files\Rising\Rav\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Rav\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\Rav\rsxml.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [C:\Program Files\Rising\Rav\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] [C:\Program Files\Rising\Rav\MonState.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] [C:\Program Files\Rising\Rav\ScanEvnt.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.14] [C:\Program Files\Rising\Rav\rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\Rav\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.1] [C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.20] [C:\Program Files\Rising\Rav\rspalvd.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.26] [C:\Program Files\Rising\Rav\ravbintl.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29] [C:\Program Files\Rising\Rav\mruleui.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10] [C:\Program Files\Rising\Rav\MonTray.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.1.4] [C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Rav\RavITray.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23] [C:\Program Files\Rising\Rav\ScanPrxy.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.17] [C:\Program Files\Rising\Rav\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] [PID: 1668 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 2216 / 吴][D:\瑞星杀毒\kaka\rstray.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.17] [D:\瑞星杀毒\kaka\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\瑞星杀毒\kaka\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [D:\瑞星杀毒\kaka\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [D:\瑞星杀毒\kaka\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [D:\瑞星杀毒\kaka\ComServ.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.31] [D:\瑞星杀毒\kaka\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [D:\瑞星杀毒\kaka\rscommon.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.1.1] [D:\瑞星杀毒\kaka\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\瑞星杀毒\kaka\pngdll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [D:\瑞星杀毒\kaka\runiep.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.43] [D:\瑞星杀毒\kaka\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11] [C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [D:\瑞星杀毒\kaka\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 2232 / 吴][C:\WINDOWS\system32\CTFMON.EXE] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] [PID: 3760 / 吴][C:\Program Files\racer-ccn-racerpc-ha\racer.exe] [Putian Runway, 3,3,130,306] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] [D:\瑞星杀毒\kaka\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\瑞星杀毒\kaka\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\racer-ccn-racerpc-ha\rwxre.dll] [Putian Runway, 3,3,130,306] [C:\Program Files\racer-ccn-racerpc-ha\nspr4.dll] [Netscape Communications Corporation, 4.6.1] [C:\Program Files\racer-ccn-racerpc-ha\xpcom_core.dll] [Mozilla Foundation, Personal] [C:\Program Files\racer-ccn-racerpc-ha\plc4.dll] [Netscape Communications Corporation, 4.6.1] [C:\Program Files\racer-ccn-racerpc-ha\plds4.dll] [Netscape Communications Corporation, 4.6.1] [C:\Program Files\racer-ccn-racerpc-ha\nss3.dll] [Netscape Communications Corporation, 3.10.2] [C:\Program Files\racer-ccn-racerpc-ha\softokn3.dll] [Netscape Communications Corporation, 3.10.2] [C:\Program Files\racer-ccn-racerpc-ha\js3250.dll] [Netscape Communications Corporation, 4.0] [C:\Program Files\racer-ccn-racerpc-ha\gkgfx.dll] [Mozilla Foundation, Personal] [C:\Program Files\racer-ccn-racerpc-ha\xpcom_compat.dll] [Mozilla Foundation, Personal] [C:\Program Files\racer-ccn-racerpc-ha\smime3.dll] [Netscape Communications Corporation, 3.10.2] [C:\Program Files\racer-ccn-racerpc-ha\ssl3.dll] [Netscape Communications Corporation, 3.10.2] [C:\Program Files\racer-ccn-racerpc-ha\components\racer_base_comp.dll] [Putian Runway, 3,3,130,306] [C:\Program Files\racer-ccn-racerpc-ha\racer_base.dll] [Putian Runway, 3,3,130,306] [C:\Program Files\racer-ccn-racerpc-ha\kbdhook.dll] [Putian Runway, 3,3,130,306] [C:\Program Files\racer-ccn-racerpc-ha\components\jar50.dll] [Mozilla Foundation, Personal] [C:\Program Files\racer-ccn-racerpc-ha\components\gklayout.dll] [Mozilla Foundation, Personal] [C:\Program Files\racer-ccn-racerpc-ha\nssckbi.dll] [Netscape Communications Corporation, 1.53] [C:\Program Files\racer-ccn-racerpc-ha\components\racer_ad_comp.dll] [Putian Runway, 3,3,130,306] [C:\Program Files\racer-ccn-racerpc-ha\components\racer_access_pppoe.dll] [Putian Runway, 3,3,130,325] [C:\Program Files\racer-ccn-racerpc-ha\pppoe.dll] [北京润汇科技有限公司, 9, 0, 22, 50] [C:\Program Files\racer-ccn-racerpc-ha\components\racer_nss4_comp.dll] [Putian Runway, 3,3,130,306] [C:\Program Files\racer-ccn-racerpc-ha\nss4.dll] [北京润汇科技有限公司, 1, 0, 0, 4] [C:\Program Files\racer-ccn-racerpc-ha\wpcap.dll] [CACE Technologies, 3, 2, 0, 29] [C:\Program Files\racer-ccn-racerpc-ha\packet.dll] [CACE Technologies, 3, 2, 0, 29] [C:\Program Files\racer-ccn-racerpc-ha\WanPacket.dll] [CACE Technologies, 3, 2, 0, 29] [C:\Program Files\racer-ccn-racerpc-ha\plugins\NPSWF32.dll] [, ] [PID: 2900 / 吴][D:\瑞星杀毒\kaka\knownsvr.exe] [Beijing Rising Information Technology Co., Ltd., 6.0.0.14] [D:\瑞星杀毒\kaka\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] [D:\瑞星杀毒\kaka\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\瑞星杀毒\kaka\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [PID: 3224 / 吴][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] [D:\瑞星杀毒\kaka\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\瑞星杀毒\kaka\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\PROGRA~1\RACER-~1\pppoe.dll] [北京润汇科技有限公司, 9, 0, 22, 50] [PID: 360 / 吴][E:\QQ2009\Bin\QQ.exe] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\Common.dll] [Tencent, 1, 26, 760, 0] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [E:\QQ2009\Bin\KernelUtil.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\GF.dll] [Tencent, 1, 26, 760, 0] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] [D:\瑞星杀毒\kaka\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\瑞星杀毒\kaka\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [E:\QQ2009\Bin\AppUtil.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\MainFrame.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\TaskTray.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\txpfproxy.dll] [N/A, ] [E:\QQ2009\Bin\AppMisc.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\ChatFrame.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\ConfigCenter.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\CustomFace.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\IM.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\KernelMisc.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\LongCnn.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\ContactInfoFrame.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\MsgMgr.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\SkinMgr.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\QInterLive.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\AppCtrl.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\SystemMsg.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\Com.Tencent.Soso\Bin\Soso.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\Com.Tencent.Weather\Bin\Weather.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\Com.Tencent.SoBar\Bin\SoBar.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\Com.Tencent.taotao\Bin\Taotao.dll] [Tencent, 1, 26, 760, 0] [C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll] [Tencent, 1.1.1.6] [C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL] [Tencent, 1.1.1.3] [E:\QQ2009\Bin\BasicCtrlDll.dll] [TENCENT, 8,0,773,1801] [E:\QQ2009\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll] [Tencent, 1.26.1.26] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.76] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\msdmo.dll] [, ] [E:\QQ2009\Plugin\com.tencent.advertisement\Bin\Advertisement.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.snsapp\Bin\SNSApp.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.NetBar\Bin\NetBar.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.wireless\Bin\Wireless.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.wenwen\Bin\WenWen.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.mail\Bin\Mail.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.crm\Bin\CRM.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.paycenter\Bin\PayCenter.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.qqring\Bin\QQRing.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.qqvip\Bin\QQVip.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.qbar\Bin\QBar.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.qqshow\Bin\QQShow.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.qqpet\Bin\QQPet.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\InformationBox.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.memo\Bin\Memo.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\GroupApp.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.today\Bin\Today.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.qqgame\Bin\QQGame.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Plugin\com.tencent.qqwebsite\Bin\QQWebsite.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\AddrSearch.dll] [Tencent, 2, 3, 10, 12] [C:\WINDOWS\system32\Macromed\Flash\Flash10a.ocx] [Adobe Systems, Inc., 10,0,12,36] [C:\Program Files\Microsoft Silverlight\npctrl.1.0.30716.0.dll] [ Microsoft Corporation, 1.0.30716.0] [E:\QQ2009\Plugin\com.tencent.gamelife\Bin\GameLife.dll] [Tencent, 1, 26, 760, 0] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.0.0.1981] [E:\QQ2009\Bin\Camera.dll] [Tencent, 1, 26, 760, 0] [E:\QQ2009\Bin\SCCore.dll] [Tencent, 1, 7, 1, 6] [PID: 216 / 吴][E:\QQ2009\Bin\TXPlatform.exe] [Tencent, 1, 26, 760, 0] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] [D:\瑞星杀毒\kaka\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\瑞星杀毒\kaka\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [E:\QQ2009\Bin\txpfproxy.dll] [N/A, ] [PID: 120 / 吴][E:\TT\TTraveler.exe] [Tencent, 3, 8, 308, 201] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] [D:\瑞星杀毒\kaka\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\瑞星杀毒\kaka\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [E:\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll] [腾讯公司, 1, 1, 0, 5] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [E:\TT\TTNetFavor.dll] [N/A, ] [C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.76] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\SOGOUPY.IME] [Sogou.com Inc., 4.0.0.1981] [PID: 3016 / 吴][C:\DOCUME~1\吴\LOCALS~1\Temp\Rar$EX00.641\SREngLdr.EXE] [Smallfrogs Studio, 2.7.1.1261] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] [PID: 2792 / 吴][C:\DOCUME~1\吴\LOCALS~1\Temp\Rar$EX00.641\SREf0787223.EXE] [Smallfrogs Studio, 2.7.1.1261] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] [D:\瑞星杀毒\kaka\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\瑞星杀毒\kaka\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\DOCUME~1\吴\LOCALS~1\Temp\Rar$EX00.641\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [PID: 1436 / 吴][E:\迅雷\WebThunder.exe] [深圳市迅雷网络技术有限公司, 1, 14, 2, 241] [E:\迅雷\unrar.dll] [N/A, ] [E:\迅雷\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\WINDOWS\system32\kmon.dll] [Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] [D:\瑞星杀毒\kaka\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\瑞星杀毒\kaka\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [E:\迅雷\CacheServer.dll] [, 1, 0, 0, 1] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [E:\迅雷\TaskManager.dll] [Thunder Networking Technologies,LTD, 1, 3, 10, 72] [E:\迅雷\download_interface.dll] [ShenZhen Thunder Networking Technologies,LTD, 3, 4, 2, 333] [E:\迅雷\mp.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 5] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [E:\迅雷\asyn_frame.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 3, 2, 32] [E:\迅雷\ATL71.DLL] [Microsoft Corporation, 7.10.3077.0] [E:\迅雷\backend_agent.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 30] [E:\迅雷\zlib1.dll] [, 1.2.3] [E:\迅雷\XLCrypto.dll] [N/A, ] [E:\迅雷\ptl.dll] [ShenZhen Thunder Networking Technologies,LTD, 3, 2, 2, 55] [E:\迅雷\dl_peer_id.dll] [ShenZhen Thunder Networking Technologies,LTD, 3, 1, 2, 4] [E:\迅雷\xl_stat.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 7] [E:\迅雷\RegisterDll.dll] [Thunder Networking Technologies,LTD, 2, 17, 0, 67] [E:\迅雷\MSVCIRT.dll] [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [E:\迅雷\XLSafe\SafeInfo.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 2] [E:\迅雷\XLSafe\RMFScan.dll] [N/A, ] [E:\迅雷\XLNet.Dll] [Thunder Networking Technologies,LTD, 1, 5, 2, 25] [E:\迅雷\p2p_upload.dll] [ShenZhen Thunder Networking Technologies,LTD, 1,1,2,13] [E:\迅雷\XLWebDownload.dll] [深圳市迅雷网络技术有限公司, 1.0.0.148] [C:\WINDOWS\system32\MFC71U.DLL] [Microsoft Corporation, 7.10.3077.0] [E:\迅雷\p2p.dll] [ShenZhen Thunder Networking Technologies,LTD, 1,1,2,48] [E:\迅雷\fs.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 1, 2, 17] [E:\迅雷\xldc.dll] [ShenZhen Thunder Networking Technologies,LTD, 4, 0, 2, 27] [E:\迅雷\p2p_local_res.dll] [ShenZhen Thunder Networking Technologies,LTD, 1,1,2,18] [E:\迅雷\al.dll] [ShenZhen Thunder Networking Technologies,LTD, 1,1,2,31] [E:\迅雷\down_dispatcher.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 44] [E:\迅雷\sl.dll] [ShenZhen Thunder Networking Technologies,LTD, 1.0.2.2] [E:\迅雷\p2sp_pd.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 5] [E:\迅雷\p2sp.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 1, 2, 59] [C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.76] [E:\迅雷\XLStatistic\XLStatisticAddin.dll] [深圳市迅雷网络技术有限公司, 1, 4, 1, 5] [E:\迅雷\xldcsubtask.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 5] [E:\迅雷\bd.dll] [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 2, 20] ================================== 文件关联 .TXT Error. [C:\WINDOWS\notepad.exe %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM Error. ["hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 v.onondown.com.cn 127.0.0.2 ymsdasdw1.cn 127.0.0.3 h96b.info 127.0.0.0 fuck.zttwp.cn 127.0.0.0 www.hackerbf.cn 127.0.0.0 geekbyfeng.cn 127.0.0.0 121.14.101.68 127.0.0.0 ppp.etimes888.com 127.0.0.0 www.bypk.com 127.0.0.0 CSC3-2004-crl.verisign.com 127.0.0.1 va9sdhun23.cn 127.0.0.0 udp.hjob123.com 127.0.0.2 bnasnd83nd.cn 127.0.0.0 www.gamehacker.com.cn 127.0.0.0 gamehacker.com.cn 127.0.0.3 adlaji.cn 127.0.0.1 858656.com 127.1.1.1 bnasnd83nd.cn 127.0.0.1 my123.com 127.0.0.0 user1.12-27.net 127.0.0.1 8749.com 127.0.0.0 fengent.cn 127.0.0.1 4199.com 127.0.0.1 user1.16-22.net 127.0.0.1 7379.com 127.0.0.1 2be37c5f.3f6e2cc5f0b.com 127.0.0.1 7255.com 127.0.0.1 user1.23-12.net 127.0.0.1 3448.com 127.0.0.1 www.guccia.net 127.0.0.1 7939.com 127.0.0.1 a.o1o1o1.nEt 127.0.0.1 8009.com 127.0.0.1 user1.12-73.cn 127.0.0.1 piaoxue.com 127.0.0.1 3n8nlasd.cn 127.0.0.1 kzdh.com 127.0.0.0 www.sony888.cn 127.0.0.1 about.blank.la 127.0.0.0 user1.asp-33.cn 127.0.0.1 6781.com 127.0.0.0 www.netkwek.cn 127.0.0.1 7322.com 127.0.0.0 ymsdkad6.cn 127.0.0.1 localhost 127.0.0.0 www.lkwueir.cn 127.0.0.1 06.jacai.com 127.0.1.1 user1.23-17.net 127.0.0.1 1.jopenkk.com 127.0.0.0 upa.luzhiai.net 127.0.0.1 1.jopenqc.com 127.0.0.0 www.guccia.net 127.0.0.1 1.joppnqq.com 127.0.0.0 4m9mnlmi.cn 127.0.0.1 1.xqhgm.com 127.0.0.0 mm119mkssd.cn 127.0.0.1 100.332233.com 127.0.0.0 61.128.171.115:8080 127.0.0.1 121.11.90.79 127.0.0.0 www.1119111.com 127.0.0.1 121565.net 127.0.0.0 win.nihao69.cn 127.0.0.1 125.90.88.38 127.0.0.1 16888.6to23.com 127.0.0.1 2.joppnqq.com 127.0.0.0 puc.lianxiac.net 127.0.0.1 204.177.92.68 127.0.0.0 pud.lianxiac.net 127.0.0.1 210.74.145.236 127.0.0.0 210.76.0.133 127.0.0.1 219.129.239.220 127.0.0.0 61.166.32.2 127.0.0.1 219.153.40.221 127.0.0.0 218.92.186.27 127.0.0.1 219.153.46.27 127.0.0.0 www.fsfsfag.cn 127.0.0.1 219.153.52.123 127.0.0.0 ovo.ovovov.cn 127.0.0.1 221.195.42.71 127.0.0.0 dw.com.com 127.0.0.1 222.73.218.115 127.0.0.1 203.110.168.233:80 127.0.0.1 3.joppnqq.com 127.0.0.1 203.110.168.221:80 127.0.0.1 363xx.com 127.0.0.1 www1.ip10086.com.cm 127.0.0.1 4199.com 127.0.0.1 blog.ip10086.com.cn 127.0.0.1 43242.com 127.0.0.1 www.ccji68.cn 127.0.0.1 5.xqhgm.com 127.0.0.0 t.myblank.cn 127.0.0.1 520.mm5208.com 127.0.0.0 x.myblank.cn 127.0.0.1 59.34.131.54 127.0.0.1 210.51.45.5 127.0.0.1 59.34.198.228 127.0.0.1 www.ew1q.cn 127.0.0.1 59.34.198.88 127.0.0.1 59.34.198.97 127.0.0.1 60.190.114.101 127.0.0.1 60.190.218.34 127.0.0.0 qq-xing.com.cn 127.0.0.1 60.191.124.252 127.0.0.1 61.145.117.212 127.0.0.1 61.157.109.222 127.0.0.1 75.126.3.216 127.0.0.1 75.126.3.217 127.0.0.1 75.126.3.218 127.0.0.0 59.125.231.177:17777 127.0.0.1 75.126.3.220 127.0.0.1 75.126.3.221 127.0.0.1 75.126.3.222 127.0.0.1 772630.com 127.0.0.1 832823.cn 127.0.0.1 8749.com 127.0.0.1 888.jopenqc.com 127.0.0.1 89382.cn 127.0.0.1 8v8.biz 127.0.0.1 97725.com 127.0.0.1 9gg.biz 127.0.0.1 www.9000music.com 127.0.0.1 test.591jx.com 127.0.0.1 a.topxxxx.cn 127.0.0.1 picon.chinaren.com 127.0.0.1 www.5566.net 127.0.0.1 p.qqkx.com 127.0.0.1 news.netandtv.com 127.0.0.1 z.neter888.cn 127.0.0.1 b.myblank.cn 127.0.0.1 wvw.wokutu.com 127.0.0.1 unionch.qyule.com 127.0.0.1 www.qyule.com 127.0.0.1 it.itjc.cn 127.0.0.1 www.linkwww.com 127.0.0.1 vod.kaicn.com 127.0.0.1 www.tx8688.com 127.0.0.1 b.neter888.cn 127.0.0.1 promote.huanqiu.com 127.0.0.1 www.huanqiu.com 127.0.0.1 www.haokanla.com 127.0.0.1 play.unionsky.cn 127.0.0.1 www.52v.com 127.0.0.1 www.gghka.cn 127.0.0.1 icon.ajiang.net 127.0.0.1 new.ete.cn 127.0.0.1 www.stiae.cn 127.0.0.1 o.neter888.cn 127.0.0.1 comm.jinti.com 127.0.0.1 www.google-analytics.com 127.0.0.1 hz.mmstat.com 127.0.0.1 www.game175.cn 127.0.0.1 x.neter888.cn 127.0.0.1 z.neter888.cn 127.0.0.1 p.etimes888.com 127.0.0.1 hx.etimes888.com 127.0.0.1 abc.qqkx.com 127.0.0.1 dm.popdm.cn 127.0.0.1 www.yl9999.com 127.0.0.1 www.dajiadoushe.cn 127.0.0.1 v.onondown.com.cn 127.0.0.1 www.interoo.net 127.0.0.1 bally1.bally-bally.net 127.0.0.1 www.bao5605509.cn 127.0.0.1 www.rty456.cn 127.0.0.1 www.werqwer.cn 127.0.0.1 1.360-1.cn 127.0.0.1 user1.23-16.net 127.0.0.1 www.guccia.net 127.0.0.1 www.interoo.net 127.0.0.1 upa.netsool.net 127.0.0.1 js.users.51.la 127.0.0.1 vip2.51.la 127.0.0.1 web.51.la 127.0.0.1 qq.gong2008.com 127.0.0.1 2008tl.copyip.com 127.0.0.1 tla.laozihuolaile.cn 127.0.0.1 www.tx6868.cn 127.0.0.1 p001.tiloaiai.com 127.0.0.1 s1.tl8tl.com 127.0.0.1 s1.gong2008.com 127.0.0.1 4b3ce56f9g.3f6e2cc5f0b.com 127.0.0.1 2be37c5f.3f6e2cc5f0b.com ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 728, C:\WINDOWS\SYSTEM32\WINLOGON.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3760, C:\PROGRAM FILES\RACER-CCN-RACERPC-HA\RACER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 120, E:\TT\TTRAVELER.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 3016, C:\DOCUME~1\吴\LOCALS~1\TEMP\RAR$EX00.641\SRENGLDR.EXE] ================================== 计划任务 [已启用] GoogleUpdate_9_1_1.job C:\WINDOWS\GoogleUpdate.exe [已启用] SogouImeMgr.job C:\PROGRA~1\SOGOUI~1\400~1.198\PinyinRepair.exe ================================== API HOOK 入口点错误：NtCreateFile (危险等级: 高, 被下面模块所HOOK: 0x003C5685) 入口点错误：NtCreateKey (危险等级: 高, 被下面模块所HOOK: 0x003C5825) 入口点错误：NtLoadDriver (危险等级: 高, 被下面模块所HOOK: 0x003C5F75) 入口点错误：NtSetValueKey (危险等级: 高, 被下面模块所HOOK: 0x003C58F5) 入口点错误：NtWriteFile (危险等级: 高, 被下面模块所HOOK: 0x003C5755) 入口点错误：ZwCreateFile (危险等级: 高, 被下面模块所HOOK: 0x003C5685) 入口点错误：ZwCreateKey (危险等级: 高, 被下面模块所HOOK: 0x003C5825) 入口点错误：ZwSetValueKey (危险等级: 高, 被下面模块所HOOK: 0x003C58F5) 入口点错误：ZwWriteFile (危险等级: 高, 被下面模块所HOOK: 0x003C5755) 入口点错误：CreateServiceA (危险等级: 高, 被下面模块所HOOK: 0x003C5C35) 入口点错误：CreateServiceW (危险等级: 高, 被下面模块所HOOK: 0x003C5D05) 入口点错误：LoadLibraryA (危险等级: 高, 被下面模块所HOOK: 0x003C6935) 入口点错误：LoadLibraryExW (危险等级: 高, 被下面模块所HOOK: 0x003C551D) 入口点错误：CreateFileW (危险等级: 高, 被下面模块所HOOK: 0x003C6455) 入口点错误：CreateProcessA (危险等级: 高, 被下面模块所HOOK: 0x003C6865) 入口点错误：CreateProcessW (危险等级: 高, 被下面模块所HOOK: 0x003C66C5) ================================== 隐藏进程 N/A ================================== [/CODE]