[CODE] 2010-07-05,21:58:52 System Repair Engineer 2.8.2.1321 Smallfrogs (http://www.KZTechs.com) Windows Vista Home Premium Edition (Build 6000) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描计划任务 Windows 安全更新检查 API HOOK 隐藏进程启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows] [(Verified)beijing qianxianghulian kejifazhan youxiangongsi] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <%ProgramFiles%\Windows Defender\MSASCui.exe -hide> [(Verified)Microsoft Windows] <"C:\Program Files\Google\Google Pinyin 2\GooglePinyinDaemon.exe"> [(Verified)Google Inc] <"C:\Program Files\Rising\Ris\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Corporation Limited] [(Verified)Microsoft Corporation] <"C:\Program Files\Tencent\QQDoctor\QQDoctorRTP.exe" /regrun> [(Verified)Tencent Technology(Shenzhen) Company Limited] <%windir%\WindowsMobile\wmdSync.exe> [(Verified)Microsoft Windows] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Infected) Microsoft Corporation] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] <"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Control Panel\Desktop] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; C:\Windows\system32\hhukcert02.exe> [(Verified)Beijing Huahong Integrated Circuit Design Co.,Ltd] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; "C:\Games\DcOo CS1.6 中文版\175PT.exe" /s> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; C:\Ulead Systems\Ulead VideoStudio 10\uvPL.exe> [Ulead Systems, Inc.] <; C:\Ulead Systems\Ulead VideoStudio 11\uvPL.exe> [InterVideo Digital Technology Corporation] ================================== 启动文件夹 N/A ================================== 服务 [Capture Device Service / Capture Device Service][Running/Auto Start] <"C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe"> [InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"> [Machine Debug Manager / MDM][Running/Auto Start] <"C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe"> [nProtect GameGuard Service / npggsvc][Stopped/Manual Start] [NVIDIA Display Driver Service / nvsvc][Running/Auto Start] [Panda IManager Service / PSIMSVC][Running/Auto Start] [Ris Service / RsRisMon][Running/Auto Start] <"C:\Program Files\Rising\Ris\RavMonD.exe"> [Tencent Software Update Service / TSUSVC][Stopped/Auto Start] <"C:\Program Files\Tencent\QQSoftMgr\1.0.318.203\TencentUpdateSvc.exe" -run> [Ulead Burning Helper / UleadBurningHelper][Running/Auto Start] ================================== 驱动程序 [adp94xx / adp94xx][Stopped/Disabled] <\SystemRoot\system32\drivers\adp94xx.sys> [adpahci / adpahci][Stopped/Disabled] <\SystemRoot\system32\drivers\adpahci.sys> [adpu160m / adpu160m][Stopped/Disabled] <\SystemRoot\system32\drivers\adpu160m.sys> [adpu320 / adpu320][Stopped/Disabled] <\SystemRoot\system32\drivers\adpu320.sys> [aic78xx / aic78xx][Stopped/Disabled] <\SystemRoot\system32\drivers\djsvs.sys> [aliide / aliide][Stopped/Disabled] <\SystemRoot\system32\drivers\aliide.sys> [arc / arc][Stopped/Disabled] <\SystemRoot\system32\drivers\arc.sys> [arcsas / arcsas][Stopped/Disabled] <\SystemRoot\system32\drivers\arcsas.sys> [blbdrive / blbdrive][Stopped/Disabled] <\SystemRoot\system32\drivers\blbdrive.sys> [Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start] <\SystemRoot\system32\drivers\brfiltlo.sys> [Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start] <\SystemRoot\system32\drivers\brfiltup.sys> [Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled] <\SystemRoot\system32\drivers\brserid.sys> [Brother WDM Serial driver / BrSerWdm][Stopped/Disabled] <\SystemRoot\system32\drivers\brserwdm.sys> [Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled] <\SystemRoot\system32\drivers\brusbmdm.sys> [Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start] <\SystemRoot\system32\drivers\brusbser.sys> [cmdide / cmdide][Stopped/Disabled] <\SystemRoot\system32\drivers\cmdide.sys> [cpuz130 / cpuz130][Stopped/Manual Start] <\??\C:\Users\刘源\AppData\Local\Temp\cpuz130\cpuz_x32.sys> [Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Running/Manual Start] [Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start] [elxstor / elxstor][Stopped/Disabled] <\SystemRoot\system32\drivers\elxstor.sys> [Hmonitor45 / Hmonitor45][Running/Auto Start] <\??\C:\Windows\system32\drivers\hmonitor45.sys> [hookcont / hookcont][Running/System Start] [hooksys / hooksys][Running/System Start] [HpCISSs / HpCISSs][Stopped/Disabled] <\SystemRoot\system32\drivers\hpcisss.sys> [i2omp / i2omp][Stopped/Disabled] <\SystemRoot\system32\drivers\i2o-p.sys> [Intel RAID Controller Vista / iaStorV][Running/Boot Start] <\SystemRoot\system32\drivers\iastorv.sys> [iirsp / iirsp][Stopped/Disabled] <\SystemRoot\system32\drivers\iirsp.sys> [IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start] [ITEATAPI_Service_Install / iteatapi][Stopped/Disabled] <\SystemRoot\system32\drivers\iteatapi.sys> [ITERAID_Service_Install / iteraid][Stopped/Disabled] <\SystemRoot\system32\drivers\iteraid.sys> [LSI_FC / LSI_FC][Stopped/Disabled] <\SystemRoot\system32\drivers\lsi_fc.sys> [LSI_SAS / LSI_SAS][Stopped/Disabled] <\SystemRoot\system32\drivers\lsi_sas.sys> [LSI_SCSI / LSI_SCSI][Stopped/Disabled] <\SystemRoot\system32\drivers\lsi_scsi.sys> [megasas / megasas][Stopped/Disabled] <\SystemRoot\system32\drivers\megasas.sys> [Mraid35x / Mraid35x][Stopped/Disabled] <\SystemRoot\system32\drivers\mraid35x.sys> [nfrd960 / nfrd960][Stopped/Disabled] <\SystemRoot\system32\drivers\nfrd960.sys> [N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled] <\SystemRoot\system32\drivers\ntrigdigi.sys> [nvlddmkm / nvlddmkm][Running/Manual Start] [nvraid / nvraid][Stopped/Disabled] <\SystemRoot\system32\drivers\nvraid.sys> [nvstor / nvstor][Stopped/Disabled] <\SystemRoot\system32\drivers\nvstor.sys> [IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start] [IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start] [Philips 713x Inbox PCI TV Card / Ph3xIB32][Stopped/Manual Start] [QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled] <\SystemRoot\system32\drivers\ql2300.sys> [QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled] <\SystemRoot\system32\drivers\ql40xx.sys> [Rising RfwARP Driver / RFWARP][Running/Auto Start] [Rising RfwBase Driver / RfwBase9][Running/System Start] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\Ris\rfwtdi.sys> [rsassist / rsassist][Running/Auto Start] [rsfwdrv / rsfwdrv][Running/System Start] <\??\C:\Program Files\Rising\Ris\rsfwdrv.sys> [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys> [SiSRaid2 / SiSRaid2][Stopped/Disabled] <\SystemRoot\system32\drivers\sisraid2.sys> [SiSRaid4 / SiSRaid4][Stopped/Disabled] <\SystemRoot\system32\drivers\sisraid4.sys> [Symc8xx / Symc8xx][Stopped/Disabled] <\SystemRoot\system32\drivers\symc8xx.sys> [Sym_hi / Sym_hi][Stopped/Disabled] <\SystemRoot\system32\drivers\sym_hi.sys> [Sym_u3 / Sym_u3][Stopped/Disabled] <\SystemRoot\system32\drivers\sym_u3.sys> [uliahci / uliahci][Stopped/Disabled] <\SystemRoot\system32\drivers\uliahci.sys> [UlSata / UlSata][Stopped/Disabled] <\SystemRoot\system32\drivers\ulsata.sys> [ulsata2 / ulsata2][Stopped/Disabled] <\SystemRoot\system32\drivers\ulsata2.sys> [viaide / viaide][Stopped/Disabled] <\SystemRoot\system32\drivers\viaide.sys> [vsmraid / vsmraid][Stopped/Disabled] <\SystemRoot\system32\drivers\vsmraid.sys> [tcphoc / tcphoc][Running/Manual Start] <1060 - 指定的服务未安装。 > ================================== 浏览器加载项 [迅雷流媒体探测IE支持] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [迅雷网页图片浏览器IE支持] {2D90D33C-DE76-42D0-9040-E4466DDC24AC} [CTSWebSiteMon Class] {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} [迅雷下载IE支持] {889D2FEB-5411-4565-8998-1DD2C5261283} [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [浩方电竞平台] {0A155D3C-68E2-4215-A47A-E800A446447A} [查看网页全部图片] {548BF84E-9665-47f9-B635-7380F8943E90} <, > [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [XiaoNei Album Uploader Class] {642D2749-A4FC-49C5-8384-E39E009EBCDD} [AxInputControl Class] {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} [InfoSecICBCNetSign Class] {B1FBC1AD-5644-4084-882A-0F8BA85E7506} [ICBCQPKCom_HH Class] {B219E31C-E110-4638-AF01-7BDD5ACA552C} [PPLive Lite Class] {EF0D1A14-1033-41A2-A589-240C01EDC078} [AxInputControl Class] {F2AF4FB7-CC87-49C9-B147-E1BAAC82BCDD} [Album Uploader] {0076209A-9553-40DC-A8F9-C2AD835B8C93} <, > [迅雷流媒体探测IE支持] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [PhotoDrawEx Class] {05F5F404-7C24-4B39-B5CC-340CEDEB9C0D} [] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, > [] {0A155D3C-68E2-4215-A47A-E800A446447A} <, > [InfosecCertInstall Class] {0EB487C8-E9AC-43A6-8C4C-083999B0622F} [Fade] {16B280C5-EE70-11D1-9066-00C04FD9189D} [InformationCardSigninHelper Class] {19916E01-B44E-4E31-94A4-4696DF46157B} [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} [XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [迅雷网页图片浏览器IE支持] {2D90D33C-DE76-42D0-9040-E4466DDC24AC} [IETag Factory] {38481807-CA0E-42D2-BF39-B33AF135CC4D} [QuickTime Object] {4063BE15-3B08-470D-A0D5-B37161CFFD69} [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [] {548BF84E-9665-47F9-B635-7380F8943E90} <, > [Shell Name Space] {55136805-B2DE-11D1-B9F2-00A0C98BC547} [XiaoNei Album Uploader Class] {642D2749-A4FC-49C5-8384-E39E009EBCDD} [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [Microsoft Shell UI Helper] {64AB4BB7-111E-11D1-8F79-00C04FC2FBE1} [QQMusicCreator Class] {6927992D-6A89-4549-8A32-95901BF5D920} <, > [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [AxInputControl Class] {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [] {77FEF28E-EB96-44FF-B511-3185DEA48697} <, > [CTSWebSiteMon Class] {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} [XDownloaddManager Class] {802F530B-A8F6-4631-AE49-6BACAAC6373E} [Microsoft Web Browser] {8856F961-340A-11D0-A96B-00C04FD705A2} [迅雷下载IE支持] {889D2FEB-5411-4565-8998-1DD2C5261283} [XML DOM Document 5.0] {88D969E5-F192-11D4-A65F-0040963251E5} [XML HTTP 5.0] {88D969EA-F192-11D4-A65F-0040963251E5} [XML DOM Document 6.0] {88D96A05-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A> [XML HTTP 6.0] {88D96A0A-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A> [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} [SSOForPTLogin Class] {8FC1EE75-72B3-4A23-B987-2B1C4C8A611B} [] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, > [] {95B3F550-91C4-4627-BCC4-521288C52977} <, > [OFrameObject Class] {9701758C-4373-482E-B13C-776C048EC890} [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [VersionDetector Class] {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} [HallToolkit Class] {A24E6133-404F-4431-A296-2DE576FC5AEE} [] {A7F05EE4-0426-454F-8013-C41E3596E9E9} <, > [APlayer Control] {A9322148-C691-4B9D-91FC-B9C461DBE9DD} [] {AC414988-E5BB-4C2C-873B-EA53D2F3D23A} <, > [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [InfoSecICBCNetSign Class] {B1FBC1AD-5644-4084-882A-0F8BA85E7506} [ICBCQPKCom_HH Class] {B219E31C-E110-4638-AF01-7BDD5ACA552C} [] {B580CF65-E151-49C3-B73F-70B13FCA8E86} <, > [XiaoNei Talk Application] {BA2B9F86-D8D2-4397-BE9B-0EC00242F7AC} <, > [] {BB4491A2-D11A-4C6B-91C0-B53246A3122B} <, > [FTNUpload Class] {BDEACC50-F56D-4D60-860F-CF6ED1766D65} [AxSubmitControl Class] {C702C61A-4126-4870-98B2-C718BD2A3077} [QQPlayerCtrl Class] {CD108273-D434-43E6-AA90-1469F97EB398} [AUDIO__MID Moniker Class] {CD3AFA74-B84F-48F0-9393-7EDC34128127} [AUDIO__MP3 Moniker Class] {CD3AFA76-B84F-48F0-9393-7EDC34128127} [AUDIO__WAV Moniker Class] {CD3AFA7B-B84F-48F0-9393-7EDC34128127} [VIDEO__AVI Moniker Class] {CD3AFA88-B84F-48F0-9393-7EDC34128127} [VIDEO__X_MS_WMV Moniker Class] {CD3AFA94-B84F-48F0-9393-7EDC34128127} [Microsoft Url Search Hook] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [QuickTimeCheck Class] {DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21} [Microsoft Silverlight] {DFEAF541-F3E1-4C24-ACAC-99C30715084A} [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} [AxUSBKey Class] {E4BFF825-2E50-4BCC-8497-6EFDFB6C9B3D} [SSOForPTLogin2 Class] {EAAED308-7322-4B9B-965E-171933ADD473} [TimwpDll.TimwpCheck] {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [PPLive Lite Class] {EF0D1A14-1033-41A2-A589-240C01EDC078} [AxInputControl Class] {F2AF4FB7-CC87-49C9-B147-E1BAAC82BCDD} [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [XML DOM Document 3.0] {F5078F32-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [Free Threaded XML DOM Document 3.0] {F5078F33-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [XML HTTP 3.0] {F5078F35-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [XSL Template 3.0] {F5078F36-C551-11D3-89B9-0000F81FE221} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [XML DOM Document] {F6D90F11-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [信息检索(&R)] {FF059E31-CC5A-4E2E-BF3B-96E929D65503} [使用迅雷下载] [使用迅雷下载全部链接] [使用迅雷查看图片] [导出到 Microsoft Excel(&X)] [添加到QQ表情] ================================== 正在运行的进程 [PID: 444 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 524 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 572 / SYSTEM][C:\Windows\system32\wininit.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 584 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 616 / SYSTEM][C:\Windows\system32\services.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 628 / SYSTEM][C:\Windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 636 / SYSTEM][C:\Windows\system32\lsm.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 736 / SYSTEM][C:\Windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 824 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 864 / SYSTEM][C:\Windows\system32\nvvsvc.exe] [NVIDIA Corporation, 8.17.11.9745] [PID: 892 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 924 / SYSTEM][C:\Program Files\Rising\Ris\RavMonD.exe] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Ris\combase.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] [C:\Program Files\Rising\Ris\cnt09.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Ris\moncomm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] [C:\Program Files\Rising\Ris\MonBase.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\Rslog.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.41] [C:\Program Files\Rising\Ris\mondrv.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Ris\defmon.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 46] [C:\Program Files\Rising\Ris\moncom08.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\MonRule.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] [C:\Program Files\Rising\Ris\FileMon.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29] [C:\Program Files\Rising\Ris\MailMon.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] [C:\Program Files\Rising\Ris\HookWeb.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12] [C:\Program Files\Rising\Ris\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.15] [C:\Program Files\Rising\Ris\rfwrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\Ris\rfwsrv.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.2] [C:\Program Files\Rising\Ris\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\Ris\mPorts.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Ris\rfwdrvc.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.1] [C:\Program Files\Rising\Ris\Rfwdrv.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.5] [C:\Program Files\Rising\Ris\RfwArp.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.5] [C:\Program Files\Rising\Ris\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Ris\urlrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\Program Files\Rising\Ris\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Ris\refs.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\rfwproxy.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 73] [C:\Program Files\Rising\Ris\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\rsindent.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11] [C:\Program Files\Rising\Ris\taskplug.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] [C:\Program Files\Rising\Ris\scansrvp.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.7] [C:\Program Files\Rising\Ris\cnt08.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Ris\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Ris\Hooksys.dll] [Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 3] [C:\Program Files\Rising\Ris\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Ris\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Ris\HookCont.dll] [Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 1] [C:\Program Files\Rising\Ris\BACore.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 39] [C:\Program Files\Rising\Ris\bawhite.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\RSStore.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Ris\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.22] [C:\Program Files\Rising\Ris\ScanAdd.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [C:\Program Files\Rising\Ris\NComm2.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\rstask.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Ris\rsstub.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\ScanSrv.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.3] [C:\Program Files\Rising\Ris\scanpe.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] [C:\Program Files\Rising\Ris\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Ris\ur000.dat] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\urutils.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\revm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Ris\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Ris\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Ris\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 81] [C:\Program Files\Rising\Ris\ur001.dat] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Ris\scantj.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\methodex.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\heurex.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] [C:\Program Files\Rising\Ris\pecompd.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Ris\urllib.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\scansct.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\extmail.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Ris\ScanRavT.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [C:\Program Files\Rising\Ris\ScanBT.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.21] [C:\Program Files\Rising\Ris\ScanStub.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\Program Files\Rising\Ris\extsfx.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\scriptci.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\uroutine.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\ur023.dat] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\ur027.dat] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\extole.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [PID: 984 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 1036 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 1064 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 1076 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 1180 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 1196 / NETWORK SERVICE][C:\Windows\system32\SLsvc.exe] [(Verified) Microsoft Corporation, 6.0.6000.16509 (vista_gdr.070620-1500)] [PID: 1224 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 1400 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 1668 / SYSTEM][C:\Windows\system32\nvvsvc.exe] [NVIDIA Corporation, 8.17.11.9745] [C:\Windows\system32\NVSVC.DLL] [NVIDIA Corporation, 8.17.11.9745] [C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 8.17.11.9745] [C:\Windows\system32\NVSVCR.DLL] [NVIDIA Corporation, 8.17.11.9621] [PID: 1748 / SYSTEM][C:\Windows\System32\spoolsv.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\System32\hpz3llhn.dll] [Hewlett-Packard Company, 61.053.25.9] [C:\Windows\system32\spool\PRTPROCS\W32X86\hpzpplhn.dll] [Hewlett-Packard Corporation, 61.053.25.9] [PID: 1792 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 1964 / SYSTEM][C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe] [InterVideo Inc., 1.0.0.1] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [PID: 1260 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe] [Microsoft Corporation, 7.10.3077] [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll] [Microsoft Corporation, 7.10.3077] [C:\Program Files\Common Files\Microsoft Shared\VS7Debug\csm.dll] [Microsoft Corporation, 8.0.50727.42 (RTM.050727-4200)] [PID: 2128 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 2188 / SYSTEM][C:\Program Files\Panda Software\Panda Antivirus 2007\pavdr.exe] [N/A, ] [PID: 2268 / SYSTEM][C:\Program Files\Panda Software\Panda Antivirus 2007\psimreal.exe] [N/A, ] [PID: 2352 / LOCAL SERVICE][C:\Windows\System32\tcpsvcs.exe] [(Verified) Microsoft Corporation, 6.0.6000.16908 (vista_gdr.090814-0321)] [PID: 2372 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 2468 / SYSTEM][C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe] [Ulead Systems, Inc., 1, 0, 0, 4] [PID: 2488 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 2536 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 2700 / LOCAL SERVICE][C:\Windows\system32\WUDFHost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 2832 / SYSTEM][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 3640 / 刘源][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 3656 / 刘源][C:\Windows\system32\Dwm.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 8.17.11.9745] [PID: 3700 / 刘源][C:\Windows\Explorer.EXE] [(Infected) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Program Files\Thunder Network\Thunder\ComDlls\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\zlib1.dll] [, 1.2.3] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DsBho_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 33] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DataProcessor_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 6] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Windows\system32\nvshext.dll] [NVIDIA Corporation, 196.21] [C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 8.17.11.9745] [PID: 3952 / 刘源][C:\Program Files\Windows Defender\MSASCui.exe] [Microsoft Corporation, 1.1.1505.0] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 3964 / 刘源][C:\Program Files\Google\Google Pinyin 2\GooglePinyinDaemon.exe] [Google Inc., 2.3.13.82] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 3972 / 刘源][C:\Program Files\Rising\Ris\RsTray.exe] [Beijing Rising Information Technology Co., Ltd., 22.0.0.11] [C:\Program Files\Rising\Ris\comserv.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.15] [C:\Program Files\Rising\Ris\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Ris\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\Ris\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\rsxml.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Ris\MonState.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Ris\ScanEvnt.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.3] [C:\Program Files\Rising\Ris\rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57] [C:\Program Files\Rising\Ris\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\Program Files\Rising\Ris\rfwrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\Ris\rspalvd.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.7] [C:\Program Files\Rising\Ris\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\ravbintl.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] [C:\Program Files\Rising\Ris\mruleui.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7] [C:\Program Files\Rising\Ris\MonTray.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.74] [C:\Program Files\Rising\Ris\RavITray.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Ris\rfwtray.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 39] [C:\Program Files\Rising\Ris\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\scanleak.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Ris\ravppops.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] [C:\Program Files\Rising\Ris\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Ris\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Ris\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Ris\ScanPrxy.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [C:\Program Files\Rising\Ris\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.15] [PID: 4068 / 刘源][C:\Windows\WindowsMobile\wmdSync.exe] [Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 800 / 刘源][C:\Program Files\Rising\AntiSpyware\RSTray.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.29] [C:\Program Files\Rising\AntiSpyware\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\AntiSpyware\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\Rising\AntiSpyware\ComServ.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.33] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\AntiSpyware\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\AntiSpyware\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\AntiSpyware\rscommon.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.1.1] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\rsxml1.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [C:\Program Files\Rising\AntiSpyware\pngdll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\Program Files\Rising\AntiSpyware\runiep.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.65] [C:\Program Files\Rising\AntiSpyware\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11] [C:\Program Files\Rising\AntiSpyware\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\AntiSpyware\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [PID: 2348 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 2696 / 刘源][C:\Program Files\Windows Media Player\wmpnscfg.exe] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 3304 / 刘源][C:\Windows\System32\mobsync.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 2172 / NETWORK SERVICE][C:\Program Files\Windows Media Player\wmpnetwk.exe] [Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)] [PID: 1284 / 刘源][C:\Program Files\Google\Google Pinyin 2\GooglePinyinService.exe] [N/A, ] [PID: 848 / 刘源][C:\Windows\system32\wuauclt.exe] [(Verified) Microsoft Corporation, 7.4.7600.226 (winmain_wtr_wsus3sp2(wmbla).090806-1834)] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 3904 / 刘源][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Windows\system32\GOOGLEPINYIN2.IME] [Google Inc., 2.3.13.82] [PID: 3696 / 刘源][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDMediaDetector5.9.21.1442.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\Program\EmbedDetectNow.dll] [Xunlei, 1, 0, 1, 41] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\zlib1.dll] [, 1.2.3] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DsBho_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 33] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DataProcessor_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 6] [C:\Windows\system32\nvd3dum.dll] [NVIDIA Corporation, 8.17.11.9745] [C:\Windows\system32\Macromed\Flash\Flash10h.ocx] [Adobe Systems, Inc., 10,1,53,64] [C:\Windows\system32\nvapi.dll] [NVIDIA Corporation, 8.17.11.9745] [C:\Windows\system32\GOOGLEPINYIN2.IME] [Google Inc., 2.3.13.82] [C:\Program Files\Tencent\QQDoctor\TSWebMon.dat] [Tencent, 2009, 11, 10, 8] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent5.9.21.1442.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Windows\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.21] [PID: 5092 / SYSTEM][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] [PID: 5144 / SYSTEM][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDMediaDetector5.9.21.1442.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\Program\EmbedDetectNow.dll] [Xunlei, 1, 0, 1, 41] [C:\Program Files\Tencent\QQDoctor\TSWebMon.dat] [Tencent, 2009, 11, 10, 8] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\zlib1.dll] [, 1.2.3] [C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent5.9.21.1442.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DsBho_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 33] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DataProcessor_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 6] [C:\Windows\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.21] [C:\Windows\system32\Macromed\Flash\Flash10h.ocx] [Adobe Systems, Inc., 10,1,53,64] [PID: 5288 / SYSTEM][C:\Windows\system32\UI0Detect.exe] [(Verified) Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 4804 / SYSTEM][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDMediaDetector5.9.21.1442.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\Program\EmbedDetectNow.dll] [Xunlei, 1, 0, 1, 41] [C:\Program Files\Tencent\QQDoctor\TSWebMon.dat] [Tencent, 2009, 11, 10, 8] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\zlib1.dll] [, 1.2.3] [C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent5.9.21.1442.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DsBho_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 33] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DataProcessor_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 6] [C:\Windows\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.21] [C:\Windows\system32\Macromed\Flash\Flash10h.ocx] [Adobe Systems, Inc., 10,1,53,64] [PID: 3120 / SYSTEM][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDMediaDetector5.9.21.1442.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\Program\EmbedDetectNow.dll] [Xunlei, 1, 0, 1, 41] [C:\Program Files\Tencent\QQDoctor\TSWebMon.dat] [Tencent, 2009, 11, 10, 8] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\zlib1.dll] [, 1.2.3] [C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent5.9.21.1442.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DsBho_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 33] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DataProcessor_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 6] [C:\Windows\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.21] [C:\Windows\system32\Macromed\Flash\Flash10h.ocx] [Adobe Systems, Inc., 10,1,53,64] [PID: 5956 / 刘源][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDMediaDetector5.9.21.1442.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\Program\EmbedDetectNow.dll] [Xunlei, 1, 0, 1, 41] [C:\Program Files\Tencent\QQDoctor\TSWebMon.dat] [Tencent, 2009, 11, 10, 8] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\zlib1.dll] [, 1.2.3] [C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent5.9.21.1442.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DsBho_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 33] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DataProcessor_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 6] [C:\Windows\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.21] [C:\Windows\system32\Macromed\Flash\Flash10h.ocx] [Adobe Systems, Inc., 10,1,53,64] [PID: 4620 / 刘源][C:\Users\刘源\Desktop\sreng\SREngLdr.EXE] [Smallfrogs Studio, 2.8.2.1321] [PID: 4844 / 刘源][C:\Users\刘源\Desktop\sreng\SREd836775.EXE] [Smallfrogs Studio, 2.8.2.1321] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Users\刘源\Desktop\sreng\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [PID: 476 / SYSTEM][C:\Program Files\Internet Explorer\IEXPLORE.EXE] [Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDMediaDetector5.9.21.1442.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\ComDlls\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Thunder Network\Thunder\Program\EmbedDetectNow.dll] [Xunlei, 1, 0, 1, 41] [C:\Program Files\Tencent\QQDoctor\TSWebMon.dat] [Tencent, 2009, 11, 10, 8] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Program Files\Thunder Network\Thunder\ComDlls\zlib1.dll] [, 1.2.3] [C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent5.9.21.1442.dll] [深圳市迅雷网络技术有限公司, 5,9,21,1442] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DsBho_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 33] [C:\Users\Public\Thunder Network\Thunder_4371940B-9350-4A36-979E-49D2B1D78384_\Components\ResWorker\DataProcessor_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 6] [C:\Windows\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.21] [C:\Windows\system32\Macromed\Flash\Flash10h.ocx] [Adobe Systems, Inc., 10,1,53,64] ================================== 文件关联 .TXT Error. [C:\Windows\notepad.exe %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["%SystemRoot%\hh.exe" %1] .HLP OK. [%SystemRoot%\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*] .JS Error. [C:\Windows\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost ::1 localhost ================================== 进程特权扫描 N/A ================================== 计划任务 [已启用] \\At1 C:\Games\DCOOCS~1.6中\175PT.exe -a [已启用] \\RunAsStdUser Task30929 C:\Program Files\Rising\Ris\rsconfig.exe /s:netview [已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask BthUdTask.exe $(Arg0) [已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask N/A [已启用] \Microsoft\Windows\CertificateServicesClient\UserTask N/A [已启用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam N/A [已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator %SystemRoot%\System32\wsqmcons.exe [已启用] \Microsoft\Windows\Customer Experience Improvement Program\OptinNotification %SystemRoot%\System32\wsqmcons.exe -n 0x1C577FA2B69CAD0 [已启用] \Microsoft\Windows\Defrag\ScheduledDefrag %windir%\system32\defrag.exe -c -i [已启用] \Microsoft\Windows\Media Center\ehDRMInit %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [已启用] \Microsoft\Windows\Media Center\mcupdate %SystemRoot%\ehome\mcupdate $(Arg0) -gc [已启用] \Microsoft\Windows\Media Center\OCURActivate %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [已启用] \Microsoft\Windows\Media Center\OCURDiscovery %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery [已启用] \Microsoft\Windows\Media Center\UpdateRecordPath %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [已启用] \Microsoft\Windows\MobilePC\HotStart N/A [已启用] \Microsoft\Windows\MobilePC\TMM N/A [已启用] \Microsoft\Windows\MUI\LPRemove %windir%\system32\lpremove.exe [已启用] \Microsoft\Windows\Multimedia\SystemSoundsService N/A [已启用] \Microsoft\Windows\NetworkAccessProtection\NAPStatus UI N/A [已启用] \Microsoft\Windows\Shell\CrawlStartPages N/A [已禁用] \Microsoft\Windows\SideShow\AutoWake N/A [已启用] \Microsoft\Windows\SideShow\GadgetManager N/A [已禁用] \Microsoft\Windows\SideShow\SessionAgent N/A [已禁用] \Microsoft\Windows\SideShow\SystemDataProviders N/A [已启用] \Microsoft\Windows\SystemRestore\SR %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1 rundll32 ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2 rundll32 ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [已启用] \Microsoft\Windows\UPnP\UPnPHostConfig sc.exe config upnphost start= auto [已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting %windir%\system32\wermgr.exe -queuereporting [已启用] \Microsoft\Windows\Wired\GatherWiredInfo %windir%\system32\gatherWiredInfo.vbs [已启用] \Microsoft\Windows\Wireless\GatherWirelessInfo %windir%\system32\gatherWirelessInfo.vbs ================================== Windows 安全更新检查 KB931621, 用于 Windows Vista 的 Windows Media Player 11 更新程序 (KB931621) KB936330, Windows Vista Service Pack 1 (KB936330) KB915597, Definition Update for Windows Defender - KB915597 (Definition 1.85.1476.0) ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]