引用:

【shjarthur的贴子】 还有 <WeNeedRestart><> [N/A] 谁知道这是什么？？？ ………………

“weneedrestart”的中文章意思是“我们需要重启”，很蹊跷的一个注册表值项，貌似不是好鸟。

那该怎么办啊？
貌似我没理解什么意思啊
好人能弄成一步一步的吗？
有点理解不了
并且阿，今天我家机子已经开始自动重启拉
网页基本不能打啦
哭啊55555555555555
以前都是瑞星给弄得，第一次自己来。
高不定阿

补充一句，以开网页CPU就容易冲到100%

回府 是18楼 那个怎么用啊？

[CODE]

2008-03-27,08:22:06

System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [NVIDIA Corporation]
    <SoundMan><SoundMan.exe>  []
    <SHAProc><C:\WINDOWS\SHAProc.exe>  []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Component Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  [(Verified)Microsoft Windows Publisher]
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [(Verified)Microsoft Windows Publisher]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <{D29DCEE0-457B-45A2-A92D-741B95B7723B}><C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys>  [N/A]
    <{50632D5C-B71B-4ba0-B012-3DC6F15C011B}><C:\WINDOWS\system32\msosiocp.dll>  []
    <{92792e5e-fea8-4c96-8536-7bd28759349b}><C:\WINDOWS\system32\ayNNBNNB1045.dll>  []
    <{a1fce912-3517-41d0-b809-16a255470bb4}><C:\WINDOWS\system32\ayDABDAB1057.dll>  []
    <{84143967-B645-4BFF-B873-DA1DC886E9A7}><C:\WINDOWS\system32\cedafb.dll>  []
    <{7914E0AA-ECCB-4311-B584-C49538227824}><C:\WINDOWS\system32\jhfrxz.dll>  []
    <{73AE86E6-7F03-4C3B-8980-FB1DA157D3C7}><C:\WINDOWS\system32\fmcvxy.dll>  []
    <{8f775dd4-cb68-4899-9517-90c1db5c32d4}><C:\WINDOWS\system32\IGBWMSJ1019.dll>  []
    <{84ef1e59-5ecd-4418-b28f-53cd96611a6f}><C:\WINDOWS\system32\ayQACQAC1029.dll>  []
    <{a597fd7d-deb9-4d70-929f-28931b953af9}><C:\WINDOWS\system32\ayWWQWWQ1002.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [(Verified)Microsoft Windows Component Publisher]
    <WebCheck><%SystemRoot%\system32\webcheck.dll>  [(Verified)Microsoft Windows Publisher]
    <SysTray><C:\WINDOWS\system32\stobject.dll>  [(Verified)Microsoft Windows Publisher]
    <WPDShServiceObj><C:\WINDOWS\system32\WPDShServiceObj.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
    <WinlogonNotify: crypt32chain><crypt32.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
    <WinlogonNotify: cryptnet><cryptnet.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
    <WinlogonNotify: cscdll><cscdll.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
    <WinlogonNotify: ScCertProp><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
    <WinlogonNotify: sclgntfy><sclgntfy.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
    <WinlogonNotify: SensLogn><WlNotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
    <WinlogonNotify: termsrv><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
    <WinlogonNotify: wlballoon><wlnotify.dll>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
    <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
    <Microsoft Windows Media Player><C:\WINDOWS\inf\unregmp2.exe /ShowWMP>  [(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\360Loader.exe]
    <IFEO[360Loader.exe]><svchost.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe]
    <IFEO[ctfmon.exe]><SoundMan.exe>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IceSword]
    <IFEO[IceSword]><svchost.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ras]
    <IFEO[ras]><svchost.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\runiep]
    <IFEO[runiep]><svchost.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe]
    <IFEO[taskmgr.exe]><svchost.exe>  [(Verified)Microsoft Windows Publisher]

==================================
启动文件夹
N/A

==================================
服务
[Help and Support / helpsvc][Stopped/Auto Start]
  <C:\WINDOWS\system32\interne.exe><N/A>
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
  <C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
  <"D:\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"D:\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>
[Security Control / secctrl][Stopped/Auto Start]
  <c:\windows\system32\rundll32.exe vmvreg32.dll,scan><Microsoft Corporation>

==================================
驱动程序
[cqit / cqit][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp71.tmp><N/A>
[dohs / dohs][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp6D.tmp><N/A>
[dump_wmimmc / dump_wmimmc][Stopped/Manual Start]
  <\??\E:\跑跑卡丁车\M01\GameGuard\dump_wmimmc.sys><N/A>
[EagleNT / EagleNT][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\EagleNT.sys><N/A>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[fmsq / fmsq][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp89.tmp><N/A>
[fpids32 / fpids32][Running/]
  <2 - 系统找不到指定的文件。
><N/A>
[Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start]
  <system32\DRIVERS\HDAudBus.sys><Windows (R) Server 2003 DDK provider>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
  <system32\drivers\RtkHDAud.sys><Realtek Semiconductor Corp.>
[mhfp / mhfp][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp13.tmp><N/A>
[mnsf / mnsf][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmp39.tmp><N/A>
[msertk / msertk][Running/Auto Start]
  <system32\drivers\msyecp.sys><N/A>
[msskye / msskye][Stopped/Auto Start]
  <system32\DRIVERS\msaclue.sys><N/A>
[ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start]
  <system32\DRIVERS\ASACPI.sys><>
[npkcrypt / npkcrypt][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkcrypt.sys><N/A>
[npkycryp / npkycryp][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npkycryp.sys><N/A>
[NPPTNT2 / NPPTNT2][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\npptNT2.sys><INCA Internet Co., Ltd.>
[nv / nv][Running/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[QKeyServiceDisplay / QKeyService][Running/Boot Start]
  <\SystemRoot\system32\KeyCrypt.sys><Tencent Technology (Shenzhen) Company Limited>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
  <system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[TesSafe / TesSafe][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\TesSafe.sys><TENCENT>
[VIA AGP Filter / viaagp1][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaagp1.sys><VIA Technologies, Inc.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaide.sys><Microsoft Corporation>
[videX32 / videX32][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\videX32.sys><VIA Technologies, Inc.>
[Pandrv / Pandrv][Running/Disabled]
  <\??\C:\WINDOWS\TEMP\Pandrv.sys><N/A>
[jtio / jtio][Stopped/Auto Start]
  <\??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\tmpCB.tmp><N/A>
[MS / MS][Running/]
  <2 - 系统找不到指定的文件。
><N/A>

==================================
浏览器加载项
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <E:\QQDownload\QQIEHelper01.dll, 腾讯公司>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40fd-9C87-E93D1494C233} <E:\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <E:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, N/A>
[]
  {D29DCEE0-457B-45A2-A92D-741B95B7723B} <C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys, N/A>
[雨林木风]
  {6096E38F-5AC1-1200-8EC4-75DFA92FB32F} <http://bbs.ylmf.com, N/A>
[Messenger]
  {FB5F1910-F110-11d2-BB9E-00C04F795683} <C:\Program Files\Messenger\msmsgs.exe, Microsoft Corporation>
[EditCtrl Class]
  {488A4255-3236-44B3-8F27-FA1AECAA8844} <C:\WINDOWS\system32\aliedit\aliedit.dll, >
[VqqSpeedDlProxy Class]
  {9ADACAA6-533E-4383-AFA7-F0A66650B6D8} <C:\WINDOWS\vqqsdl10.dll, Tencent Technology (Shenzhen) Company Limited>
[Submit Class]
  {A3CD7F74-93C9-4BC4-B892-CCDF1514F714} <C:\WINDOWS\Downloaded Program Files\safein.dll, Beijing eChannels Century Technology Co.,Ltd>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[safeInput Class]
  {ECCBA953-80E5-11D3-9285-0080ADB811C5} <C:\WINDOWS\Downloaded Program Files\safein.dll, Beijing eChannels Century Technology Co.,Ltd>
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <E:\QQDownload\QQIEHelper01.dll, 腾讯公司>
[ThunderAtOnce Class]
  {01443AEC-0FD1-40FD-9C87-E93D1494C233} <E:\Thunder\ComDlls\TDAtOnce_Now.dll, Thunder Networking Technologies,LTD>
[Thunder Agent Class]
  {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} <E:\Thunder\ComDlls\ThunderAgent_Now.dll, Thunder Networking Technologies,LTD>
[WangWangObj Class]
  {6E213FC7-DD5A-4115-B7E6-D4C7838C361E} <C:\Program Files\WangWang\WangWangX4.dll, 阿里巴巴软件(上海)有限公司>
[360SafeLive]
  {87515F61-A66C-4319-A0E0-D416CB8059E3} <C:\Program Files\360safe\live.dll, 360.cn>
[Thunder Browser Helper]
  {889D2FEB-5411-4565-8998-1DD2C5261283} <E:\Thunder\ComDlls\xunleiBHO_Now.dll, Thunder Networking Technologies,LTD>
[VqqSpeedDlProxy Class]
  {9ADACAA6-533E-4383-AFA7-F0A66650B6D8} <C:\WINDOWS\vqqsdl10.dll, Tencent Technology (Shenzhen) Company Limited>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, N/A>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx, Adobe Systems, Inc.>
[]
  {D29DCEE0-457B-45A2-A92D-741B95B7723B} <C:\Program Files\Internet Explorer\PLUGINS\NewSys55.Sys, N/A>
[&使用超级旋风下载]
  <E:\QQDownload\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
  <E:\QQDownload\getAllurl.htm, N/A>
[使用迅雷下载]
  <E:\Thunder\Program\geturl.htm, N/A>
[使用迅雷下载全部链接]
  <E:\Thunder\Program\getallurl.htm, N/A>
[添加到QQ表情]
  <E:\qq\AddEmotion.htm, N/A>

==================================
正在运行的进程
[PID: 592 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 652 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 676 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\vhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
[PID: 724 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 736 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
[PID: 892 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
[PID: 968 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
[PID: 1072 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
[PID: 1208 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
[PID: 1400 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp.050610-1527)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\vhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1708 / Administrator][C:\WINDOWS\Explorer.EXE]  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_qfe.070613-1311)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [E:\Thunder\ComDlls\TDAtOnce_Now.dll]  [Thunder Networking Technologies,LTD, 1.0.5.16]
    [E:\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [E:\Thunder\Components\ResWorker\DsBho_01.dll]  [, 1, 0, 0, 17]
    [E:\Thunder\Components\ResWorker\DataProcessor_01.dll]  [Thunder Networking Technologies,LTD, 1, 0, 0, 16]
    [C:\WINDOWS\system32\msosiocp.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mycbukjwow.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\192896MM.DLL]  [N/A, ]
    [C:\WINDOWS\system32\pqcfln.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\couyjjar.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dlL]  [N/A, ]
    [C:\WINDOWS\system32\zqbdba.dll]  [N/A, ]
    [C:\WINDOWS\system32\uouwec.dll]  [N/A, ]
    [C:\WINDOWS\system32\ekngmx.dll]  [N/A, ]
    [C:\WINDOWS\system32\udktvt.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrwsf.dll]  [N/A, ]
    [C:\WINDOWS\system32\rylzrj.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayNNBNNB1045.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayDABDAB1057.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\IGBWMSJ1019.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayWWQWWQ1002.dll]  [N/A, ]
    [C:\WINDOWS\system32\ivjzen.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\ztveyi.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfjg.dll]  [N/A, ]
    [C:\WINDOWS\system32\ydgn.dll]  [N/A, ]
    [C:\WINDOWS\system32\jwlah.dll]  [N/A, ]
    [C:\WINDOWS\system32\xfgnxfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\zfdzb.dll]  [N/A, ]
    [C:\WINDOWS\system32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\hgfhk.dll]  [N/A, ]
    [C:\WINDOWS\system32\tciocp32.dll]  [N/A, ]
    [C:\WINDOWS\system32\cmdbcs.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayQACQAC1029.dll]  [N/A, ]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]

[C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [C:\WINDOWS\system32\Setup\en_1072.bin]  [N/A, ]
    [D:\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\WINDOWS\system32\nvcpl.dll]  [NVIDIA Corporation, 6.14.11.5819]
    [C:\WINDOWS\system32\NVRSZHC.DLL]  [NVIDIA Corporation, 6.14.11.5819]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.5819]
    [C:\WINDOWS\system32\nvshell.dll]  [, ]
[PID: 612 / SYSTEM][C:\WINDOWS\SoundMan.exe]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\vhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
    [C:\WINDOWS\system32\wshom.ocx]  [Microsoft Corporation, 5.6.0.8825]
    [C:\WINDOWS\system32\ScrRun.dll]  [Microsoft Corporation, 5.6.0.8825]
    [C:\WINDOWS\system32\wshCHS.DLL]  [Microsoft Corporation, 5.6.0.8515]
[PID: 932 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe]  [NVIDIA Corporation, 6.14.11.5819]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\vhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\nvapi.dll]  [NVIDIA Corporation, 6.14.11.5819]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
[PID: 3708 / Administrator][D:\Rising\Rav\Rav.exe]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 65]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\eohsom.dll]  [N/A, ]
    [C:\WINDOWS\system32\vhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
    [D:\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [D:\Rising\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 88]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]
    [D:\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
    [D:\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4]
    [C:\WINDOWS\system32\mycbukjwow.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [D:\Rising\Rav\RsCommon.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [D:\Rising\Rav\ravpagem.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 94]
    [D:\Rising\Rav\htmllib.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.15]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\pqcfln.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrwsf.dll]  [N/A, ]
    [C:\WINDOWS\system32\zqbdba.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dlL]  [N/A, ]
    [C:\WINDOWS\system32\couyjjar.dll]  [N/A, ]
    [C:\WINDOWS\system32\udktvt.dll]  [N/A, ]
    [C:\WINDOWS\system32\ekngmx.dll]  [N/A, ]
    [C:\WINDOWS\system32\uouwec.dll]  [N/A, ]
    [D:\Rising\Rav\ravpagew.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 86]
    [D:\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [D:\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.10]
    [C:\WINDOWS\system32\rylzrj.dll]  [N/A, ]
    [D:\Rising\Rav\fakescan.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.13]
    [D:\Rising\Rav\Scanner.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.36]
    [D:\Rising\Rav\BWList.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.4]
    [D:\Rising\Rav\SysMail.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.10]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
    [C:\WINDOWS\system32\msosiocp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayNNBNNB1045.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayDABDAB1057.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\IGBWMSJ1019.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayQACQAC1029.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayWWQWWQ1002.dll]  [N/A, ]
    [C:\WINDOWS\system32\sfc_os.dll]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]

[D:\Rising\Rav\RsLog.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.34]
    [C:\WINDOWS\system32\ivjzen.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [D:\Rising\Rav\RsStore.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.8]
    [C:\WINDOWS\system32\ztveyi.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfjg.dll]  [N/A, ]
    [C:\WINDOWS\system32\ydgn.dll]  [N/A, ]
[PID: 2648 / Administrator][C:\WINDOWS\system32\conime.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\UxTheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\mycbukjwow.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\udktvt.dll]  [N/A, ]
    [C:\WINDOWS\system32\ekngmx.dll]  [N/A, ]
    [C:\WINDOWS\system32\uouwec.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\ivjzen.dll]  [N/A, ]
    [C:\WINDOWS\system32\ydgn.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfjg.dll]  [N/A, ]
[PID: 3652 / SYSTEM][C:\WINDOWS\system32\Com\hei19.exe]  [N/A, ]
    [C:\WINDOWS\system32\vmvreg32.dll]  [N/A, ]
    [C:\WINDOWS\system32\hgfhk.dll]  [N/A, ]
    [C:\WINDOWS\system32\jwlah.dll]  [N/A, ]
    [C:\WINDOWS\system32\ydgn.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfjg.dll]  [N/A, ]
    [C:\WINDOWS\system32\xfgnxfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\zfdzb.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
[PID: 7876 / Administrator][C:\Program Files\Maxthon2\Maxthon.exe]  [Maxthon International ltd., 2, 0, 8, 1720]
    [C:\Program Files\Maxthon2\mxpp.dll]  [Maxthon International ltd., 1, 0, 0, 74]
    [C:\Program Files\Maxthon2\MxSk.dll]  [Maxthon, 1, 0, 0, 369]
    [C:\Program Files\Maxthon2\MxProxy2.dll]  [Maxthon, 1, 0, 0, 3675]
    [C:\Program Files\Maxthon2\IMxWebBoost.dll]  [Maxthon, 1, 0, 0, 2330]
    [C:\Program Files\Maxthon2\mxdb.dll]  [Max, 3, 5, 3, 125]
    [C:\Program Files\Maxthon2\MxExt.dll]  [N/A, ]
    [C:\WINDOWS\system32\hgfhk.dll]  [N/A, ]
    [C:\WINDOWS\system32\jwlah.dll]  [N/A, ]
    [C:\WINDOWS\system32\ydgn.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfjg.dll]  [N/A, ]
    [C:\WINDOWS\system32\xfgnxfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\zfdzb.dll]  [N/A, ]
    [C:\WINDOWS\system32\vmvreg32.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\mycbukjwow.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\Program Files\Maxthon2\MxFav.dll]  [Maxthon International ltd., 1, 0, 0, 220]
    [C:\Program Files\Maxthon2\maxzlib.dll]  [, 1.2.3]
    [C:\Program Files\Maxthon2\mxtool.dll]  [, 1, 0, 0, 1]
    [C:\Program Files\Maxthon2\mxfeedU.dll]  [, 1, 0, 45, 92]
    [C:\Program Files\Maxthon2\Modules\MxGuardian\MxGuardian.dll]  [Maxthon International ltd., 1, 0, 0, 666]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\ivjzen.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\udktvt.dll]  [N/A, ]
    [C:\WINDOWS\system32\ekngmx.dll]  [N/A, ]
    [C:\WINDOWS\system32\uouwec.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\WINDOWS\system32\ztveyi.dll]  [N/A, ]
    [C:\WINDOWS\system32\rylzrj.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfrwsf.dll]  [N/A, ]
    [C:\WINDOWS\system32\zqbdba.dll]  [N/A, ]
    [C:\WINDOWS\system32\DbgHlp32.dlL]  [N/A, ]
    [C:\WINDOWS\system32\couyjjar.dll]  [N/A, ]
    [C:\WINDOWS\system32\msccrt.dll]  [N/A, ]
    [C:\WINDOWS\system32\pqcfln.dll]  [N/A, ]
    [C:\WINDOWS\system32\upxdnd.dll]  [N/A, ]
    [C:\WINDOWS\system32\MsIMMs32.dll]  [N/A, ]
    [C:\WINDOWS\system32\mppds.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosiocp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayNNBNNB1045.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayDABDAB1057.dll]  [N/A, ]
    [C:\WINDOWS\system32\IGBWMSJ1019.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayQACQAC1029.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayWWQWWQ1002.dll]  [N/A, ]
    [C:\WINDOWS\system32\shdoclc.dll]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [D:\Rising\Rav\RavScrCh.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\WINDOWS\system32\vbscript.dll]  [Microsoft Corporation, 5.6.0.8825]
    [C:\WINDOWS\system32\Macromed\Flash\Flash9e.ocx]  [Adobe Systems, Inc., 9,0,115,0]
    [E:\Thunder\ComDlls\xunleiBHO_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 8, 61]
    [E:\Thunder\ComDlls\ThunderAgent_Now.dll]  [Thunder Networking Technologies,LTD, 5, 0, 4, 23]
    [C:\WINDOWS\system32\RavExt.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.17]
[PID: 11512 / Administrator][C:\Documents and Settings\Administrator\桌面\ah\360compkill.exe]  [N/A, ]
    [C:\WINDOWS\system32\hgfhk.dll]  [N/A, ]
    [C:\WINDOWS\system32\jwlah.dll]  [N/A, ]
    [C:\WINDOWS\system32\ydgn.dll]  [N/A, ]
    [C:\WINDOWS\system32\hfjg.dll]  [N/A, ]
    [C:\WINDOWS\system32\xfgnxfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\xgnfn.dll]  [N/A, ]
    [C:\WINDOWS\system32\zfdzb.dll]  [N/A, ]
    [C:\WINDOWS\system32\vmvreg32.dll]  [N/A, ]
    [C:\WINDOWS\system32\uxtheme.dll]  [Microsoft Corporation, 6.00.2900.2845 (xpsp.060210-1526)]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\duygnef.dll]  [N/A, ]
    [C:\WINDOWS\system32\pahzij.dll]  [N/A, ]
    [C:\WINDOWS\system32\mycbukjwow.dll]  [Microsoft Corporation, 5.1.2600.3099]
    [C:\WINDOWS\system32\PTSShell.dll]  [N/A, ]
    [C:\WINDOWS\system32\ivjzen.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\cedafb.dll]  [N/A, ]
    [C:\WINDOWS\system32\udktvt.dll]  [N/A, ]
    [C:\WINDOWS\system32\ekngmx.dll]  [N/A, ]
    [C:\WINDOWS\system32\uouwec.dll]  [N/A, ]
    [C:\WINDOWS\system32\AVPSrv.dll]  [N/A, ]
    [C:\WINDOWS\system32\WSockDrv32.dll]  [N/A, ]
    [C:\WINDOWS\system32\msosiocp.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayNNBNNB1045.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayDABDAB1057.dll]  [N/A, ]
    [C:\WINDOWS\system32\IGBWMSJ1019.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayQACQAC1029.dll]  [N/A, ]
    [C:\WINDOWS\system32\ayWWQWWQ1002.dll]  [N/A, ]
[PID: 11728 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\RarSFX4\KillerSet.exe]  [360Safe.com, 1, 0, 0, 6]