[CODE] 2010-03-01,11:32:25 System Repair Engineer 2.8.2.1321 Smallfrogs (http://www.KZTechs.com) Windows Server 2003 Enterprise Edition Service Pack 1 (Build 3790) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描计划任务 Windows 安全更新检查 API HOOK 隐藏进程启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Publisher] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <360Safetray><"C:\Program Files\360\360Safe\safemon\360tray.exe" /start> [(Verified)Qizhi Software (beijing) Co. Ltd] [PowerShadow] <; "C:\WINDOWS\system32\nap32.exe" /run> [Beijing Rising Information Technology Co., Ltd.] <"C:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Corporation Limited] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [N/A] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] <%SystemRoot%\system32\logonui.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Publisher] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Publisher] <%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Publisher] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Publisher] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <浏览器自定义组件> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{36BBA8D2-CA5C-4847-81CC-4F807DD86C91}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:IEUpdateUser urlmon.dll> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6D69F546-C1AF-4049-AE9E-28627B91D3F5}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:IEUpdateAdmin urlmon.dll> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] <%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] [Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A74704073}] <%IEHARDENADMIN_BASE_DESC%><%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenAdmin> [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A74704073}] <%IEHARDENUSER_DESC%><%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenUser> [(Verified)Microsoft Windows Publisher] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <360sd><; "C:\Program Files\360\360sd\360sd.exe" /autorun> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"> [(Verified)Adobe Systems, Incorporated] <; "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"> [(Verified)Adobe Systems, Incorporated] <; C:\WINDOWS\system32\hkcmd.exe> [Intel Corporation] <; C:\WINDOWS\system32\igfxtray.exe> [Intel Corporation] <; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32> [(Verified)Microsoft Windows Publisher] <; C:\Program Files\Mindjet\MindManager 7\MMReminderService.exe> [(Verified)Mindjet] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; "C:\Program Files\Mindjet\MindManager 7\PDF-XChange\pdfSaver\pdfSaver3.exe"> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName> [(Verified)Microsoft Windows Publisher] <; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC> [(Verified)Microsoft Windows Publisher] <; "C:\学习文档\史上最牛X批处理工具包09年7月11日更新版\VBS个性播放器.vbs" "E:\VBS个性播放器" flag> [File is missing] <; "D:\VMware\VMware Workstation\vmware-tray.exe"> [(Verified)VMware, Inc.] ================================== 启动文件夹 [CCProxy.exe] D:\CCProxy\CCProxy.exe []> [Foxmail.exe] D:\foxmail\Foxmail.exe [Tencent Inc.]> [IPMSG2007.exe] D:\飞鸽传书\IPMSG2~1.EXE [yatio]> [月光迷你钟.exe] D:\月光迷~1.8\月光迷~1.EXE [天之蓝工作室]> ================================== 服务 [Apache2 / Apache2][Running/Auto Start] <"C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe" -k runservice> [FLEXnet Licensing Service / FLEXnet Licensing Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"> [Human Interface Device Access / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe"> [NGINX / NGINX][Stopped/Disabled] [Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start] <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"> [Rav Service / RsRavMon][Running/Auto Start] <"C:\Program Files\Rising\Rav\RavMonD.exe"> [Shadow System Service / ShadowSystemService][Running/Auto Start] [VMware Agent Service / ufad-ws60][Stopped/Manual Start] <"D:\VMware\VMware Workstation\vmware-ufad.exe" -d "D:\VMware\VMware Workstation\\" -s ufad-p2v.xml> [VMware Authorization Service / VMAuthdService][Stopped/Auto Start] <"D:\VMware\VMware Workstation\vmware-authd.exe"> [VMware DHCP Service / VMnetDHCP][Stopped/Disabled] [VMware NAT Service / VMware NAT Service][Stopped/Auto Start] [VNC Server / winvnc][Stopped/Disabled] <"c:\program files\winvnc\winvnc.exe" -service><(File is missing)> [主动防御 / ZhuDongFangYu][Running/Auto Start] <"C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe"><360.cn> ================================== 驱动程序 [360AntiARP / 360AntiARP][Running/System Start] <\??\C:\WINDOWS\system32\Drivers\360AntiARP.sys><360安全中心> [Microsoft ACPI Driver / ACPI][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ACPI.sys> [aeaudio / aeaudio][Running/Manual Start] [Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Manual Start] [AFD 网络支持环境 / AFD][Running/System Start] <\SystemRoot\System32\drivers\afd.sys> [AppleTalk 协议 / AppleTalk][Running/Auto Start] [RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start] [标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start] <\SystemRoot\system32\DRIVERS\atapi.sys> [ATM ARP Client Protocol / Atmarpc][Stopped/Manual Start] [音频存根驱动程序 / audstub][Running/Manual Start] [BFSDRV / BFSDRV][Running/System Start] <\??\C:\WINDOWS\system32\drivers\bfsdrv.sys><360安全中心> [BREGDRV / BREGDRV][Running/System Start] <\??\C:\WINDOWS\system32\drivers\bregdrv.sys><360安全中心> [CD-ROM Driver / Cdrom][Stopped/System Start] [群集磁盘驱动程序 / ClusDisk][Stopped/Disabled] [CRC 磁盘筛选驱动程序 / crcdisk][Running/Boot Start] <\SystemRoot\system32\DRIVERS\crcdisk.sys> [DfsDriver / DfsDriver][Running/Boot Start] <\SystemRoot\system32\drivers\Dfs.sys> [磁盘驱动程序 / Disk][Running/Boot Start] <\SystemRoot\system32\DRIVERS\disk.sys> [dmboot / dmboot][Stopped/Disabled] [Logical Disk Manager Driver / dmio][Running/Boot Start] <\SystemRoot\System32\drivers\dmio.sys> [dmload / dmload][Running/Boot Start] <\SystemRoot\System32\drivers\dmload.sys> [Microsoft Kernel DLS Syntheiszer / DMusic][Stopped/Manual Start] [Microsoft Kernel DRM Audio Descrambler / drmkaud][Stopped/Manual Start] [Intel(R) PRO Network Connection Driver / E100B][Running/Manual Start] [EfiSystemMon / EfiMon][Running/System Start] [Floppy Disk Controller Driver / Fdc][Running/Manual Start] [软盘驱动程序 / Flpydisk][Running/Manual Start] [FltMgr / FltMgr][Running/Boot Start] <\SystemRoot\system32\drivers\fltmgr.sys> [FsVga / FsVga][Running/System Start] [Volume Manager Driver / Ftdisk][Running/Boot Start] <\SystemRoot\system32\DRIVERS\ftdisk.sys> [Generic Packet Classifier / Gpc][Running/Manual Start] [VMware hcmon / hcmon][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\hcmon.sys> [Microsoft HID Class Driver / hidusb][Running/Manual Start] [hookcont / hookcont][Running/Auto Start] [HookPort / HookPort][Stopped/Boot Start] <\SystemRoot\\??\C:\windows\system32\drivers\hookport.sys> [hooksys / hooksys][Running/System Start] [HOSTNT / HOSTNT][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\hostnt.sys> [HTTP / HTTP][Running/Manual Start] [i8042 Keyboard and PS/2 Mouse Port Driver / i8042prt][Running/System Start] [ialm / ialm][Running/Manual Start] [CD-Burning Filter Driver / imapi][Stopped/System Start] [IntelIde / IntelIde][Running/Boot Start] <\SystemRoot\system32\DRIVERS\intelide.sys> [Intel Processor Driver / intelppm][Running/Manual Start] [IPv6 Windows Firewall Driver / ip6fw][Stopped/Manual Start] [IP Traffic Filter Driver / IpFilterDriver][Stopped/Manual Start] [IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start] [IP Network Address Translator / IpNat][Running/Manual Start] [IPSEC driver / IPSec][Running/System Start] [PnP ISA/EISA Bus Driver / isapnp][Running/Boot Start] <\SystemRoot\system32\DRIVERS\isapnp.sys> [Keyboard Class Driver / Kbdclass][Running/System Start] [Microsoft Kernel Wave Audio Mixer / kmixer][Running/Manual Start] [MHDRV / MHDRV][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\mhdrv.sys> [Mouse Class Driver / Mouclass][Running/System Start] [Mouse HID Driver / mouhid][Running/Manual Start] [WebDav Client Redirector / MRxDAV][Stopped/Manual Start] [MRxSmb / MRxSmb][Running/System Start] [Microsoft Streaming Service Proxy / MSKSSRV][Stopped/Manual Start] [Microsoft Streaming Clock Proxy / MSPCLOCK][Stopped/Manual Start] [Microsoft Streaming Quality Manager Proxy / MSPQM][Stopped/Manual Start] [Microsoft System Management BIOS Driver / mssmbios][Running/Manual Start] [Nal Service / NAL][Stopped/Manual Start] <\??\C:\windows\system32\Drivers\iqvw32.sys> [Remote Access NDIS TAPI Driver / NdisTapi][Running/Manual Start] [NDIS 用户模式 I/O 协议 / Ndisuio][Running/Manual Start] [Remote Access NDIS WAN Driver / NdisWan][Running/Manual Start] [NetBIOS Interface / NetBIOS][Running/System Start] [NetBios over Tcpip / NetBT][Running/System Start] [Network Monitor Driver / nm][Stopped/Manual Start] [NetGroup Packet Filter Driver / NPF][Stopped/Manual Start] [DDK PACKET Protocol / Packet][Running/System Start] [paldrv / paldrv][Running/Auto Start] <\??\C:\WINDOWS\system32\pal_drv.sys> [Parallel port driver / Parport][Running/Manual Start] [Parvdm / Parvdm][Running/Auto Start] [PCI Bus Driver / PCI][Running/Boot Start] <\SystemRoot\system32\DRIVERS\pci.sys> [PCIIde / PCIIde][Running/Boot Start] <\SystemRoot\system32\DRIVERS\pciide.sys> [PortTalk / PortTalk][Stopped/Manual Start] [WAN Miniport (PPTP) / PptpMiniport][Running/Manual Start] [处理器驱动程序 / Processor][Stopped/Manual Start] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [Quantum DeepScanner Servers / qutmdserv][Running/System Start] <\??\C:\WINDOWS\system32\drivers\qutmdrv.sys><360.cn> [qutmipc / qutmipc][Stopped/System Start] <\??\C:\windows\system32\drivers\qutmipc.sys><360安全中心> [Remote Access Auto Connection Driver / RasAcd][Running/System Start] [WAN Miniport (L2TP) / Rasl2tp][Running/Manual Start] [远程访问 PPPOE 驱动程序 / RasPppoe][Running/Manual Start] [Direct Parallel / Raspti][Running/Manual Start] [RCMHDOG / RCMHDOG][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\rcmhdog.sys> [Rdbss / Rdbss][Running/System Start] [RDPCDD / RDPCDD][Running/System Start] [Terminal Server Device Redirector Driver / rdpdr][Running/Manual Start] [Digital CD Audio Playback Filter Driver / redbook][Stopped/System Start] [Feitian ROCKEY4 Device Service / ROCKEYNT][Running/Manual Start] [rsassist / rsassist][Running/Auto Start] [Remote Storage Recall Support / RSFilter][Running/Boot Start] <\SystemRoot\system32\DRIVERS\RSFilter.sys> [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys> [Secdrv / Secdrv][Stopped/Manual Start] [Serenum Filter Driver / serenum][Running/Manual Start] [Serial port driver / Serial][Running/System Start] [smwdm / smwdm][Running/Manual Start] [Microsoft Kernel Audio Splitter / splitter][Stopped/Manual Start] [Srv / Srv][Running/Manual Start] [Software Bus Driver / swenum][Running/Manual Start] [Microsoft Kernel GS Wavetable Synthesizer / swmidi][Stopped/Manual Start] [Microsoft Kernel System Audio Device / sysaudio][Running/Manual Start] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [终端设备驱动程序 / TermDD][Running/System Start] [Microcode Update Driver / Update][Running/Manual Start] [Microsoft USB 2.0 Enhanced Host Controller Miniport Driver / usbehci][Running/Manual Start] [Microsoft USB Standard Hub Driver / usbhub][Running/Manual Start] [USB 大容量存储驱动程序 / USBSTOR][Stopped/Manual Start] [Microsoft USB Universal Host Controller Miniport Driver / usbuhci][Running/Manual Start] [Virtual CD-ROM Device Driver / vcdrom][Running/System Start] <\??\D:\WVCDCP_PConline\VCdRom.sys> [vga / vga][Stopped/Manual Start] [VGA 显示控制器。 / VgaSave][Running/System Start] <\SystemRoot\System32\drivers\vga.sys> [VMware vmci / vmci][Running/Auto Start] <\??\C:\WINDOWS\system32\Drivers\vmci.sys> [VMware kbd / vmkbd][Running/Manual Start] <\??\C:\WINDOWS\system32\drivers\VMkbd.sys> [VMware Virtual Ethernet Adapter Driver / VMnetAdapter][Stopped/Manual Start] [VMware Bridge Protocol / VMnetBridge][Running/Auto Start] [VMware Network Application Interface / VMnetuserif][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\vmnetuserif.sys> [VMware VMparport / VMparport][Running/Auto Start] <\??\C:\WINDOWS\system32\Drivers\VMparport.sys> [VMware vmx86 / vmx86][Running/Auto Start] <\??\C:\WINDOWS\system32\Drivers\vmx86.sys> [存储卷 / VolSnap][Running/Boot Start] <\SystemRoot\system32\DRIVERS\volsnap.sys> [Vstor2 WS60 Virtual Storage Driver / vstor2-ws60][Running/Auto Start] <\??\D:\VMware\VMware Workstation\vstor2-ws60.sys> [Remote Access IP ARP Driver / Wanarp][Running/Manual Start] [Microsoft WINMM WDM Audio Compatibility Driver / wdmaud][Running/Manual Start] [网络负载平衡 / WLBS][Running/Manual Start] [Windows 套接字 2 .0 Non-IFS 服务提供程序支持环境 / WS2IFSL][Running/System Start] <\SystemRoot\System32\drivers\ws2ifsl.sys> ================================== 浏览器加载项 [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [CmjBrowserHelperObject Object] {07A11D74-9D25-4fea-A833-8B0D76A5577A} [IE2EMBHO Class] {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} [Adobe PDF Link Helper] {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [Adobe PDF Conversion Toolbar Helper] {AE7CD045-E861-484f-8273-0445EE161910} [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [HttpWatch Professional] {F1F69322-008F-4895-B2BF-AD194219825A} [SmartSelect Class] {F4971EE7-DAA0-4053-9964-665D8EE6A077} [Java Plug-in 1.5.0] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} [CmjBrowserHelperObject Object] {941E1A34-C6AF-4baa-A973-224F9C3E04BF} [Adobe PDF] {47833539-D0C5-4125-9FA8-0819E2EAAC93} [Edit Class] {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} [Windows Genuine Advantage Validation Tool] {17492023-C23A-453E-A040-C7C580BBF700} [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [XIsOro Control] {48FE89A0-486C-48DF-9DEC-BED22BDC6057} [Java Plug-in 1.5.0] {8AD9C840-044E-11D1-B3E9-00805F499D93} [CCTVSmart.UserControl1] {8B949579-3003-4DA3-8BAF-FD885B578DB1} [Submit Class] {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} [Java Plug-in 1.5.0] {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [Outlook Today's Data-binding control] {0468C085-CA5B-11D0-AF08-00609797F0E0} [CmjBrowserHelperObject Object] {07A11D74-9D25-4FEA-A833-8B0D76A5577A} [] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, > [IE2EMBHO Class] {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} [Edit Class] {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} [IFlashGetNetscapeEx Class] {116BA71C-8187-4F15-9A1F-C9D6289155D1} [Windows Genuine Advantage Validation Tool] {17492023-C23A-453E-A040-C7C580BBF700} [Adobe PDF Link Helper] {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [HallToolkit Class] {1E36C446-29F0-4773-A3FB-59C5501446EB} [] {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} <, > [Microsoft Visio Document] {279D6C9A-652E-4833-BEFC-312CA8887857} [XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} [JetCarNetscape Class] {2974c985-8151-4de5-b23c-b875f0a8522f} [Adobe PDF] {47833539-D0C5-4125-9FA8-0819E2EAAC93} [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [Shell Name Space] {55136805-B2DE-11D1-B9F2-00A0C98BC547} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A> [] {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} <, > [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [Microsoft Web Browser] {8856F961-340A-11D0-A96B-00C04FD705A2} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [XML HTTP 5.0] {88D969EA-F192-11D4-A65F-0040963251E5} [XML DOM Document 6.0] {88D96A05-F192-11D4-A65F-0040963251E5} [XML HTTP 6.0] {88D96A0A-F192-11D4-A65F-0040963251E5} [] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, > [] {941E1A34-C6AF-4BAA-A973-224F9C3E04BF} <, > [OFrameObject Class] {9701758C-4373-482E-B13C-776C048EC890} [VersionDetector Class] {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} [Submit Class] {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} [APlayer Control] {A9322148-C691-4B9D-91FC-B9C461DBE9DD} [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [Microsoft Scriptlet Component] {AE24FDAE-03C6-11D1-8B76-0080C744F389} [Adobe PDF Conversion Toolbar Helper] {AE7CD045-E861-484F-8273-0445EE161910} [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, (Signed) N/A> [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [VIDEO__MPEG Moniker Class] {CD3AFA89-B84F-48F0-9393-7EDC34128127} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [safeInput Class] {ECCBA956-80E5-11D3-9285-0080ADB811C9} [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} [HttpWatch Professional] {F1F69322-008F-4895-B2BF-AD194219825A} [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [SmartSelect Class] {F4971EE7-DAA0-4053-9964-665D8EE6A077} [XML DOM Document 3.0] {F5078F32-C551-11D3-89B9-0000F81FE221} [Free Threaded XML DOM Document 3.0] {F5078F33-C551-11D3-89B9-0000F81FE221} [XML HTTP 3.0] {F5078F35-C551-11D3-89B9-0000F81FE221} [XSL Template 3.0] {F5078F36-C551-11D3-89B9-0000F81FE221} [XML DOM Document] {F6D90F11-9C73-11D3-B32E-00C04F990BB4} [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} [使用快车3下载] [使用快车3下载全部链接] [使用电驴下载] [使用迅雷下载] [使用迅雷下载全部链接] [使用迅雷离线下载] [导出到 Microsoft Excel(&X)] [将转换链接目标为 Adobe PDF] [将链接目标转换为 Adobe PDF] [将链接目标转换到现有的 PDF] [将链接目标追加到现有的 PDF] [用维棠下载视频] [转换为 Adobe PDF] [追加到现有的 PDF] ================================== 正在运行的进程 [PID: 672 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 904 / SYSTEM][\??\C:\windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [PID: 976 / SYSTEM][\??\C:\windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 1028 / SYSTEM][C:\windows\system32\services.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 1040 / SYSTEM][C:\windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [PID: 1256 / SYSTEM][C:\windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 1336 / NETWORK SERVICE][C:\windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 1376 / SYSTEM][C:\Program Files\Rising\Rav\RavMonD.exe] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Rav\combase.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] [C:\Program Files\Rising\Rav\cnt09.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Rav\moncomm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] [C:\Program Files\Rising\Rav\MonBase.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rav\Rslog.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.41] [C:\Program Files\Rising\Rav\mondrv.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Rav\defmon.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 46] [C:\Program Files\Rising\Rav\moncom08.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Rav\MonRule.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] [C:\Program Files\Rising\Rav\FileMon.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29] [C:\Program Files\Rising\Rav\MailMon.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] [C:\Program Files\Rising\Rav\HookWeb.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12] [C:\Program Files\Rising\Rav\rsindent.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11] [C:\Program Files\Rising\Rav\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\Rav\taskplug.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] [C:\Program Files\Rising\Rav\scansrvp.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.7] [C:\Program Files\Rising\Rav\cnt08.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Rav\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Rav\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Rav\Hooksys.dll] [Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 3] [C:\Program Files\Rising\Rav\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rav\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Rav\HookCont.dll] [Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 1] [C:\Program Files\Rising\Rav\BACore.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 35] [C:\Program Files\Rising\Rav\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Rav\refs.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rav\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rav\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rav\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rav\bawhite.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rav\RSStore.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Rav\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.22] [C:\Program Files\Rising\Rav\ScanAdd.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [C:\Program Files\Rising\Rav\NComm2.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rav\rstask.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Rav\rsstub.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Rav\ScanSrv.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.3] [C:\Program Files\Rising\Rav\scanpe.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] [C:\Program Files\Rising\Rav\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Rav\ur000.dat] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Rav\urutils.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Rav\revm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Rav\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Rav\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Rav\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Rav\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Rav\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 68] [C:\Program Files\Rising\Rav\scantj.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Rav\methodex.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Rav\heurex.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 16] [C:\Program Files\Rising\Rav\pecompd.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Rav\extmail.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Rav\scansct.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Rav\ur025.dat] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Rav\posttrt.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Rav\ScanRavT.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [C:\Program Files\Rising\Rav\ScanBT.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.19] [C:\Program Files\Rising\Rav\ScanStub.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [PID: 1424 / NETWORK SERVICE][C:\windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 1596 / LOCAL SERVICE][C:\windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 1644 / SYSTEM][C:\windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 1672 / SYSTEM][C:\Program Files\360\360Safe\deepscan\zhudongfangyu.exe] [360.cn, 3, 2, 0, 1001] [C:\Program Files\360\360Safe\SoftMgr\360SoftMgrS.dll] [奇虎网, 2, 1, 5, 1010] [C:\Program Files\360\360Safe\deepscan\CloudCom2.dll] [360.cn, 3, 2, 1, 1003] [C:\Program Files\360\360Safe\deepscan\heavygate.dll] [360.cn, 3, 6, 21, 0] [C:\Program Files\360\360Safe\deepscan\qutmload.dll] [360.cn, 6, 2, 0, 1007] [PID: 220 / SYSTEM][C:\windows\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [C:\windows\system32\AdobePDF.dll] [Adobe Systems Inc, 9.0.0000.0000] [C:\windows\system32\dopdfmn6.dll] [Softland, 6.2.296] [C:\windows\system32\spool\DRIVERS\W32X86\3\SDNT5UI.DLL] [Zenographics, Inc., 5.60.709.0] [C:\windows\system32\spool\DRIVERS\W32X86\3\SDDM32.DLL] [Zenographics, Inc., 5, 60, 2629, 0] [C:\windows\system32\spool\DRIVERS\W32X86\3\ZSPOOL.dll] [Zenographics, Inc., 5, 51, 709, 0] [C:\windows\system32\spool\DRIVERS\W32X86\3\ZGDI32.dll] [Zenographics, Inc., 5, 60, 709, 0] [C:\windows\system32\spool\DRIVERS\W32X86\3\ZTAG32.dll] [Zenographics, Inc., 5, 60, 1210, 0] [C:\windows\system32\spool\DRIVERS\W32X86\3\SDDMUI.DLL] [Zenographics, Inc., 6, 1, 524, 0] [C:\windows\system32\spool\DRIVERS\W32X86\3\SR32.dll] [Zenographics, Inc., 6, 1, 520, 1] [PID: 328 / NETWORK SERVICE][C:\WINDOWS\system32\msdtc.exe] [(Verified) Microsoft Corporation, 2001.12.4720.1830 (srv03_sp1_rtm.050324-1447)] [PID: 464 / SYSTEM][C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\bin\libapr-1.dll] [Apache Software Foundation, 1.2.8] [C:\Program Files\Apache Software Foundation\Apache2.2\bin\libaprutil-1.dll] [Apache Software Foundation, 1.2.8] [C:\Program Files\Apache Software Foundation\Apache2.2\bin\libapriconv-1.dll] [Apache Software Foundation, 1.1.1] [C:\Program Files\Apache Software Foundation\Apache2.2\bin\libhttpd.dll] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_actions.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_alias.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_asis.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_auth_basic.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authn_default.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authn_file.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_default.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_groupfile.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_host.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_user.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_autoindex.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_cgi.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_dir.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_env.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_imagemap.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_include.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_isapi.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_log_config.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_mime.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_negotiation.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_setenvif.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_userdir.so] [Apache Software Foundation, 2.2.4] [PID: 500 / SYSTEM][C:\windows\system32\cisvc.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 524 / SYSTEM][C:\windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 552 / SYSTEM][C:\Program Files\Apache Software Foundation\Apache2.2\bin\httpd.exe] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\bin\libapr-1.dll] [Apache Software Foundation, 1.2.8] [C:\Program Files\Apache Software Foundation\Apache2.2\bin\libaprutil-1.dll] [Apache Software Foundation, 1.2.8] [C:\Program Files\Apache Software Foundation\Apache2.2\bin\libapriconv-1.dll] [Apache Software Foundation, 1.1.1] [C:\Program Files\Apache Software Foundation\Apache2.2\bin\libhttpd.dll] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_actions.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_alias.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_asis.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_auth_basic.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authn_default.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authn_file.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_default.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_groupfile.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_host.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_authz_user.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_autoindex.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_cgi.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_dir.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_env.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_imagemap.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_include.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_isapi.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_log_config.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_mime.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_negotiation.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_setenvif.so] [Apache Software Foundation, 2.2.4] [C:\Program Files\Apache Software Foundation\Apache2.2\modules\mod_userdir.so] [Apache Software Foundation, 2.2.4] [PID: 588 / SYSTEM][C:\WINDOWS\system32\inetsrv\inetinfo.exe] [(Verified) Microsoft Corporation, 6.0.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 2428 / SYSTEM][C:\windows\system32\tcpsvcs.exe] [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [PID: 2456 / SYSTEM][C:\windows\system32\sfmprint.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 2676 / NETWORK SERVICE][C:\Program Files\Microsoft SQL Server\90\DTS\Binn\MsDtsSrvr.exe] [Microsoft Corporation, 9.00.1399.00] [C:\windows\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b48373bb350594459f7494cfcf18f8de\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\System\44cbf80df03a864b8c70b6b205214a04\System.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\MsDtsSrvr\185189d4a0224841861b9660824cb8d3\MsDtsSrvr.ni.exe] [Microsoft Corporation, 9.00.1399.00] [C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5bf0bd0a3a7c1b4c843696359deb7b76\System.ServiceProcess.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\105c12f4c58c924a8cd27d9c8ada1386\Microsoft.SqlServer.MgdSqlDumper.ni.dll] [Microsoft Corporation, 2005.090.1399.00] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\msvcm80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f057b9662ee4294f99c424c0440f3fc9\System.Configuration.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\37029e1168f9b746907eb3fdd537f8f4\System.Xml.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\GAC_MSIL\System.resources\2.0.0.0_zh-CHS_b77a5c561934e089\System.resources.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.SqlServer#\c24ab944f07c8d46b0dcead78413de38\Microsoft.SqlServer.DtsServer.Interop.ni.dll] [ , 9.0.242.0] [C:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_zh-CHS_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [PID: 2800 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe] [Microsoft Corporation, 2005.090.1399.00] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\Resources\1033\sqlevn70.RLL] [Microsoft Corporation, 2005.090.1399.00] [C:\windows\system32\MSCOREE.DLL] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_CBB27474\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762] [PID: 2816 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe] [Microsoft Corporation, 2005.090.1399.00] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\windows\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\msvcm80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b48373bb350594459f7494cfcf18f8de\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\System\44cbf80df03a864b8c70b6b205214a04\System.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\msmgdsrv\afacbafc1cf44644abc2c269027880c5\msmgdsrv.ni.dll] [Microsoft Corporation, 2005.090.1399.00] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [PID: 3036 / Administrator][C:\windows\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.3790.1830 (srv03_sp1_rtm.050324-1447)] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\WINDOWS\system32\dfshim.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 9.0.0.2008061100] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [Adobe Systems, Inc., 9.0.0.0] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360安全中心, 5, 2, 0, 1005] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [深圳市迅雷网络技术有限公司, 5,9,14,1246] [C:\Program Files\Thunder Network\Thunder\ComDlls\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll] [Mindjet, 7.0.429] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [深圳市迅雷网络技术有限公司, 5,9,14,1246] [C:\Program Files\WinRAR\rarext.dll] [N/A, ] [C:\windows\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.dll] [Adobe Systems Inc., 9.0.5.2008061100\0] [C:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3BF8FA05\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files\Adobe\Acrobat 9.0\Acrobat Elements\ContextMenu.chs] [Adobe Systems Inc., 9.0.5.2008061100\0] [C:\Program Files\Notepad++\NppShell.dll] [, 0.1] [PID: 3228 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.3\Reporting Services\ReportServer\bin\ReportingServicesService.exe] [Microsoft Corporation, 9.00.1399.00] [C:\windows\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b48373bb350594459f7494cfcf18f8de\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\System\44cbf80df03a864b8c70b6b205214a04\System.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\5bf0bd0a3a7c1b4c843696359deb7b76\System.ServiceProcess.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_zh-CHS_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_CBB27474\ATL80.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\msvcm80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Reporting#\0a7ab452a1e16445a4b75861f23c87cf\Microsoft.ReportingServices.Diagnostics.ni.dll] [Microsoft Corporation, 9.00.1399.00] [C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\f057b9662ee4294f99c424c0440f3fc9\System.Configuration.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\37029e1168f9b746907eb3fdd537f8f4\System.Xml.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\Microsoft.Reporting#\820a3657077fc94ca076bb45e09935f7\Microsoft.ReportingServices.Interfaces.ni.dll] [Microsoft Corporation, 9.00.1399.00] [C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\b78d3f0d3f6cd345940f4a28e688a099\System.Web.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_zh-CHS_b77a5c561934e089\mscorlib.resources.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\ReportingServicesNa#\136fb43fe3f54d4985d517c5b9fd1647\ReportingServicesNativeClient.ni.dll] [Microsoft Corporation, 2005.090.1399.00] [C:\windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\GAC_MSIL\System.Data.resources\2.0.0.0_zh-CHS_b77a5c561934e089\System.Data.resources.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll] [Microsoft Corporation, 8.0.50727.42 (RTM.050727-4200)] [PID: 3408 / Administrator][C:\Program Files\360\360Safe\safemon\360tray.exe] [360.CN, 6, 2, 0, 3001] [C:\Program Files\360\360Safe\ipc\ipcservice.dll] [360.CN, 6, 2, 0, 1005] [C:\Program Files\360\360Safe\ipc\yhregd.dll] [, 6, 2, 0, 1009] [C:\Program Files\360\360Safe\ipc\appd.dll] [360.cn, 6, 2, 0, 2003] [C:\Program Files\360\360Safe\safemon\360compro.dll] [360安全中心, 6, 2, 0, 1002] [C:\Program Files\360\360Safe\safemon\360webpro.dll] [360.CN, 1, 3, 0, 1030] [C:\Program Files\360\360Safe\safemon\360traylive.dll] [360安全中心, 6, 0, 1, 1011] [C:\Program Files\360\360Safe\safemon\360safemonpro.tpi] [360.CN, 1, 0, 0, 1001] [C:\Program Files\360\360Safe\ipc\qutmipc.dll] [360安全中心, 1, 0, 0, 1005] [C:\Program Files\360\360Safe\deepscan\qutmload.dll] [360.cn, 6, 2, 0, 1007] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360安全中心, 5, 2, 0, 1005] [C:\Program Files\360\360Safe\safemon\urlproc.dll] [360.CN, 1, 0, 0, 1006] [C:\Program Files\360\360Safe\deepscan\cloudsec.dll] [360安全中心, 2, 1, 0, 2001] [C:\Program Files\360\360Safe\deepscan\deepscan.dll] [360.cn, 3, 2, 1, 1002] [C:\Program Files\360\360Safe\deepscan\bfsdll.dll] [360安全中心, 1, 0, 0, 1019] [C:\Program Files\360\360Safe\deepscan\cloudcom.dll] [360安全中心, 2, 1, 0, 2001] [C:\Program Files\360\360Safe\SafeLive.dll] [, 1, 0, 0, 1006] [C:\Program Files\360\360Safe\pdown.dll] [360.cn, 1, 2, 0, 1010] [C:\Program Files\360\360Safe\LiveUpd360.dll] [360.cn, 1, 2, 0, 1019] [C:\Program Files\360\360Safe\360net.dll] [奇虎网, 1, 1, 10, 1013] [C:\Program Files\360\360Safe\360P2SP.dll] [360.cn, 1, 1, 0, 1019] [PID: 3440 / Administrator][C:\Program Files\Rising\Rav\RsTray.exe] [Beijing Rising Information Technology Co., Ltd., 22.0.0.10] [C:\Program Files\Rising\Rav\comserv.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.15] [C:\Program Files\Rising\Rav\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Rav\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Rav\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\Rav\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Rav\rsxml.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Rav\MonState.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Rav\ScanEvnt.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.3] [C:\Program Files\Rising\Rav\rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57] [C:\Program Files\Rising\Rav\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\Program Files\Rising\Rav\rspalvd.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.7] [C:\Program Files\Rising\Rav\ravbintl.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] [C:\Program Files\Rising\Rav\mruleui.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7] [C:\Program Files\Rising\Rav\MonTray.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.74] [C:\Program Files\Rising\Rav\RavITray.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Rav\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Rav\scanleak.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Rav\ravppops.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] [C:\Program Files\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Rav\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Rav\ScanPrxy.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [PID: 3476 / Administrator][C:\windows\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360安全中心, 5, 2, 0, 1005] [PID: 3580 / SYSTEM][C:\WINDOWS\system32\shadow\ShadowService.exe] [N/A, ] [PID: 3616 / LOCAL SERVICE][C:\windows\System32\snmptrap.exe] [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [PID: 3648 / SYSTEM][C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe] [Microsoft Corporation, 2005.090.1399.00] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [PID: 3708 / Administrator][D:\CCProxy\CCProxy.exe] [, 6, 5, 0, 0] [PID: 3728 / Administrator][D:\foxmail\Foxmail.exe] [Tencent Inc., 6, 15, 201, 22] [D:\foxmail\Skin\TXScrollbar.dll] [N/A, ] [D:\foxmail\3rdParty\punylib.dll] [CNNIC, 1, 0, 0, 3] [PID: 3756 / LOCAL SERVICE][C:\Program Files\Microsoft Visual SourceSafe\SSService.EXE] [Microsoft Corporation, 8.0.50727.42 (RTM.050727-4200)] [C:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3BF8FA05\MFC80.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.762] [C:\Program Files\Microsoft Visual SourceSafe\2052\ssui.dll] [Microsoft Corporation, 8.0.50727.42 (RTM.050727-4200)] [PID: 3816 / Administrator][D:\飞鸽传书\IPMSG2007.exe] [yatio, 2.05] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360安全中心, 5, 2, 0, 1005] [C:\windows\system32\SOGOUPY.IME] [Sogou.com Inc., 4.3.0.3315] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS] [Adobe Systems, Inc., 9.0.0.0] [PID: 3832 / Administrator][D:\月光迷你钟6.8\月光迷你钟.exe] [天之蓝工作室, 6.05.0397] [C:\windows\system32\vb6chs.dll] [Microsoft Corporation, 6.00.8169] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360安全中心, 5, 2, 0, 1005] [PID: 4048 / SYSTEM][C:\windows\system32\lserver.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 2328 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe] [Microsoft Corporation, 12.0.5626.1] [PID: 2764 / SYSTEM][C:\WINDOWS\system32\RsServ.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 1932 / SYSTEM][C:\windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 2600 / SYSTEM][C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE] [Microsoft Corporation, 2005.090.1399.00] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCR80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\MSVCP80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\windows\system32\mscoree.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6B128700\msvcm80.dll] [Microsoft Corporation, 8.00.50727.762] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b48373bb350594459f7494cfcf18f8de\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll] [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [PID: 3624 / SYSTEM][C:\WINDOWS\system32\rsmsink.exe] [(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.030324-2048)] [PID: 3332 / SYSTEM][C:\windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 1184 / SYSTEM][C:\windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 4696 / LOCAL SERVICE][C:\windows\System32\alg.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 4844 / SYSTEM][C:\WINDOWS\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 5848 / Administrator][C:\Program Files\360\360se3\360SE.exe] [360安全中心, 3, 1, 0, 8] [C:\Program Files\360\360se3\Extensions\SafeCentral\SafeCentral.dll] [, 1, 0, 1, 5] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360安全中心, 5, 2, 0, 1005] [C:\Program Files\360\360se3\Extensions\Favorites\Favorites.dll] [360安全中心, 1, 0, 1, 3] [C:\Program Files\360\360se3\Extensions\LoginEnrol\LoginEnrol.dll] [, 1, 0, 0, 6] [C:\Program Files\360\360se3\Extensions\SafeCentral\urlproc.dll] [360.CN, 1, 0, 0, 1006] [C:\PROGRA~1\360\360se3\Extensions\ExtProxy\ExtProxy.dll] [360, 1, 0, 0, 9] [C:\PROGRA~1\360\360se3\Extensions\MiniSearchBar\MiniSearchBar.dll] [, 1, 0, 0, 4] [C:\PROGRA~1\360\360se3\Extensions\UICenter\UICenter.dll] [, 1, 0, 0, 7] [C:\PROGRA~1\360\360se3\Extensions\onlinefav\onlinefav.dll] [, 3, 0, 0, 3] [C:\PROGRA~1\360\360se3\Extensions\ExtAdfilter\ExtAdfilter.dll] [, 1, 0, 1, 1] [C:\PROGRA~1\360\360se3\Extensions\ExtSuggest\ExtSuggest.dll] [360SE, 1, 0, 1, 2] [C:\PROGRA~1\360\360se3\Extensions\ExtDownload\ExtDownload.dll] [360, 1, 0, 3, 4] [C:\PROGRA~1\360\360se3\Extensions\ExtBlankPage\ExtBlankPage.dll] [360, 1, 0, 0, 3] [C:\PROGRA~1\360\360se3\Extensions\ExtSafeAddress\ExtSafeAddress.dll] [Phoenix Studio, 1, 0, 0, 3] [C:\PROGRA~1\360\360se3\Extensions\ExtAddons\ExtAddons.dll] [360安全中心, 1, 0, 2, 5] [C:\PROGRA~1\360\360se3\Extensions\SnapPlugin\SnapPlugin.dll] [, 1, 0, 0, 2] [C:\PROGRA~1\360\360se3\Extensions\ExtPages\ExtPages.dll] [360安全中心, 1, 0, 2, 9] [C:\WINDOWS\system32\Macromed\Flash\Flash10c.ocx] [Adobe Systems, Inc., 10,0,32,18] [C:\Program Files\360\360Safe\safemon\urlproc.dll] [360.CN, 1, 0, 0, 1006] [C:\Program Files\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] [C:\windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\windows\system32\SOGOUPY.IME] [Sogou.com Inc., 4.3.0.3315] [PID: 5792 / SYSTEM][C:\windows\system32\cidaemon.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 3396 / SYSTEM][C:\windows\system32\cidaemon.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 6120 / SYSTEM][C:\windows\system32\cidaemon.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [PID: 4836 / Administrator][D:\FlashFXP\flashfxp.exe] [IniCom Networks, Inc., 3.6.0.1240] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360安全中心, 5, 2, 0, 1005] [D:\FlashFXP\libeay32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8g] [D:\FlashFXP\ssleay32.dll] [The OpenSSL Project, http://www.openssl.org/, 0.9.8g] [PID: 5164 / Administrator][C:\windows\system32\conime.exe] [(Verified) Microsoft Corporation, 5.2.3790.1830 (srv03_sp1_rtm.050324-1447)] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360安全中心, 5, 2, 0, 1005] [PID: 6032 / Administrator][D:\sreng2\SREngLdr.EXE] [Smallfrogs Studio, 2.8.2.1321] [PID: 1384 / Administrator][D:\sreng2\SREb9f3ca54.EXE] [Smallfrogs Studio, 2.8.2.1321] [C:\Program Files\360\360Safe\safemon\safemon.dll] [360安全中心, 5, 2, 0, 1005] [D:\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== 文件关联 .TXT Error. [Notepad++_file] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM Error. ["C:\windows\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI Error. [C:\windows\system32\notepad.exe %1] .INF Error. [C:\windows\system32\notepad.exe %1] .VBS Error. [%WINDIR%\System32\CScript.exe //nologo "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 VMCI sockets DGRAM D:\VMware\VMware Workstation\vsocklib.dll(VMware, Inc., VSockets Library) VMCI sockets STREAM D:\VMware\VMware Workstation\vsocklib.dll(VMware, Inc., VSockets Library) ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost 222.43.120.80 www.likephoto.com 222.43.120.80 likephoto.com 222.43.120.80 www.xiying.com 222.43.120.80 xiying.com 222.43.120.80 www.guogang.com 222.43.120.80 guogang.com 222.43.120.80 www.dvdmb.com 222.43.120.80 dvdmb.com 222.43.120.80 www.xiying.cn 222.43.120.80 www.likephoto.cn 222.43.120.80 www.guogang.cn 222.43.120.80 www.dvdmb.cn 222.43.120.80 www1.likephoto.com 222.43.120.80 www2.likephoto.com 222.43.120.80 www3.likephoto.com 222.43.120.80 www1.xiying.com 222.43.120.80 www2.xiying.com 222.43.120.80 www3.xiying.com ================================== 进程特权扫描 N/A ================================== 计划任务 [已启用] GoodSync - test.job C:\Documents and Settings\Administrator\桌面\记录\GoodSync\GoodSync.exe [已启用] ShadowCopyVolume{d426d290-9891-11de-b62e-806e6f6e6963}.job C:\WINDOWS\system32\vssadmin.exe [已启用] 复件 NBKaiJi.job E:\Hold_资料文档_ON\bat\复件 NBKaiJi.bat [已启用] SogouImeMgr.job C:\PROGRA~1\SOGOUI~1\430~1.331\PinyinRepair.exe ================================== Windows 安全更新检查 KB873374, Microsoft GDI+ 检测工具 (KB873374) KB833407, Windows 关键更新程序 (KB833407) KB930178, Windows Server 2003 安全更新程序 (KB930178) MS07-021 KB932168, Windows Server 2003 安全更新程序 (KB932168) MS07-020 KB927891, Windows Server 2003 更新程序 (KB927891) KB924667, Windows Server 2003 安全更新程序 (KB924667) MS07-012 KB929123, 用于 Windows Server 2003 的 Outlook Express 累积安全更新程序 (KB929123) MS07-034 KB925398, Windows Media Player 6.4 安全更新程序 (KB925398) MS06-078 KB926122, Windows Server 2003 安全更新程序 (KB926122) MS07-039 KB936782, Windows Server 2003 安全更新程序 (KB936782) MS07-047 KB938127, Windows Server 2003 安全更新程序 (KB938127) MS07-050 KB933854, Microsoft .NET Framework 版本 1.1 Service Pack 1 安全更新程序 (KB933854) MS07-040 KB933729, Windows Server 2003 安全更新程序 (KB933729) MS07-058 KB936357, Windows Server 2003 更新程序 (KB936357) KB940767, 用于 Windows Server 2003 的 Windows Internet Explorer 7 KB943460, Windows Server 2003 安全更新程序 (KB943460) MS07-061 KB944653, Windows Server 2003 安全更新程序 (KB944653) MS07-067 KB941569, Windows Server 2003 安全更新程序 (KB941569) MS07-068 KB942830, Windows Server 2003 安全更新程序 (KB942830) MS08-006 KB942831, Windows Server 2003 安全更新程序 (KB942831) MS08-005 KB946026, Windows Server 2003 安全更新程序 (KB946026) MS08-007 KB943055, Windows Server 2003 安全更新程序 (KB943055) MS08-008 KB945553, Windows Server 2003 安全更新程序 (KB945553) MS08-020 KB950749, Windows Server 2003 安全更新程序 (KB950749) MS08-028 KB914961, Windows Server 2003 Service Pack 2（32 位 x86） KB950760, 用于 Windows Server 2003 的 ActiveX Killbit 累积安全更新程序 (KB950760) MS08-032 KB950762, Windows Server 2003 安全更新程序 (KB950762) MS08-036 KB951748, Windows Server 2003 安全更新程序 (KB951748) MS08-037 KB951066, 用于 Windows Server 2003 的 Outlook Express 安全更新程序 (KB951066) MS08-048 KB952954, Windows Server 2003 安全更新程序 (KB952954) MS08-046 KB950974, Windows Server 2003 安全更新程序 (KB950974) MS08-049 KB944338, Windows Server 2003 安全更新程序 (KB944338) MS08-022 KB110806, Microsoft .NET Framework 2.0 Service Pack 1 (KB110806) (x86) KB928416, Microsoft .NET Framework 3.0： x86 (KB928416) KB955069, Windows Server 2003 安全更新程序 (KB955069) MS08-069 KB954459, Microsoft XML Core Services 6.0 Service Pack 2 安全更新程序 (KB954459) MS08-069 KB957097, Windows Server 2003 安全更新程序 (KB957097) MS08-068 KB952069, Windows Server 2003 安全更新程序 (KB952069) MS08-076 KB954600, Windows Server 2003 安全更新程序 (KB954600) MS08-076 KB956802, Windows Server 2003 安全更新程序 (KB956802) MS08-071 KB955839, Windows Server 2003 更新程序 (KB955839) KB925902, Windows Server 2003 安全更新程序 (KB925902) MS07-017 KB956803, Windows Server 2003 安全更新程序 (KB956803) MS08-066 KB958687, Windows Server 2003 安全更新程序 (KB958687) MS09-001 KB960225, Windows Server 2003 安全更新程序 (KB960225) MS09-007 KB938464, Windows Server 2003 安全更新程序 (KB938464) MS08-052 KB958690, Windows Server 2003 安全更新程序 (KB958690) MS09-006 KB967715, Windows Server 2003 更新程序 (KB967715) KB909520, Microsoft 基本智能卡加密服务提供程序包： x86 (KB909520) KB961373, Windows Server 2003 安全更新程序 (KB961373) MS09-011 KB956572, Windows Server 2003 安全更新程序 (KB956572) MS09-012 KB952004, Windows Server 2003 安全更新程序 (KB952004) MS09-012 KB960803, Windows Server 2003 安全更新程序 (KB960803) MS09-013 KB959426, Windows Server 2003 安全更新程序 (KB959426) MS09-015 KB963027, 用于 Windows Server 2003 的 Internet Explorer 6 累积安全更新程序 (KB963027) MS09-014 KB923561, Windows Server 2003 安全更新程序 (KB923561) MS09-010 KB925876, 用于 Windows Server 2003 的远程桌面连接 (Terminal Services Client 6.0) (KB925876) KB890830, Windows 恶意软件删除工具 - 2010 年 2 月 (KB890830) ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]