==================================
启动文件夹
N/A
==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
<C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
<C:\WINDOWS\system32\nvsvc32.exe><NVIDIA Corporation>
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
<D:\瑞星杀毒\Rising\Rav\CCENTER.EXE><Beijing Rising Information Technology Co., Ltd.>
[Rising RavTask Manager / RavTask][Stopped/Auto Start]
<"D:\瑞星杀毒\Rising\Rav\RavTask.exe" RavTask><Beijing Rising Information Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
<D:\瑞星杀毒\Rising\Rav\RavMonD.exe><Beijing Rising Information Technology Co., Ltd.>
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
<D:\瑞星杀毒\Rising\Rav\ScanFrm.exe><Beijing Rising Information Technology Co., Ltd.>
==================================
驱动程序
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
<system32\drivers\ac97intc.sys><Intel Corporation>
[AliIde / AliIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
<System32\DRIVERS\amdk8.sys><Advanced Micro Devices>
[CmdIde / CmdIde][Running/Boot Start]
<\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
<system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Running/Manual Start]
<system32\DRIVERS\fetnd5b.sys><VIA Technologies, Inc.>
[hookcont / hookcont][Running/System Start]
<system32\drivers\HookCont.sys><Beijing Rising Information Technology Co., Ltd.>
[hooksys / hooksys][Running/Disabled]
<system32\drivers\HookSys.sys><Beijing Rising Information Technology Co., Ltd.>
[nv / nv][Running/Manual Start]
<system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
<system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[RsNTGDI / RsNTGDI][Running/Boot Start]
<\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Information Technology Co., Ltd.>
[Secdrv / Secdrv][Stopped/Manual Start]
<system32\DRIVERS\secdrv.sys><N/A>
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
<system32\DRIVERS\tcpip.sys><Microsoft Corporation>
[ViaIde / ViaIde][Running/Boot Start]
<\SystemRoot\system32\DRIVERS\viaidexp.sys><VIA Technologies, Inc.>
[VIA AC'97 Audio Controller (WDM) / VIAudio][Running/Manual Start]
<system32\drivers\viaudio.sys><VIA Technologies, Inc.>
[io / io][Running/Manual Start]
<2 - 系统找不到指定的文件。
><N/A>
[Safe Mon 360 / SafeMon0][Running/System Start]
<\??\C:\WINDOWS\system32\77F12D38.dat><N/A>
[msiffei / msiffei][Stopped/Manual Start]
<System32\Drivers\msiffei.sys><N/A>
==================================
浏览器加载项
[SrchHook Class]
{F08555B0-9CC3-11D2-AA8E-000000000000} <C:\WINDOWS\system32\IEBHO.dll, N/A>
[IE搜索工具条]
{BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[IE搜索工具条]
{BE830FD4-E393-417F-9F4B-CC70ABB3384C} <C:\WINDOWS\system32\IETool.dll, N/A>
[Shockwave Flash Object]
{D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx, (Signed) Adobe Systems, Inc.>
[SrchHook Class]
{F08555B0-9CC3-11D2-AA8E-000000000000} <C:\WINDOWS\system32\IEBHO.dll, N/A>
[]
{FB5F1910-F110-11D2-BB9E-00C04F795683} <, >
[导出到 Microsoft Office Excel(&X)]
<res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
==================================
正在运行的进程
[PID: 560 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 632 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 656 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 700 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 712 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 868 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\anymie360.dll] [N/A, ]
[PID: 948 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1084 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1176 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1276 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1536 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe] [(Verified) Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1616 / Administrator][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\hbjcmaei.dll] [N/A, ]
[C:\WINDOWS\system32\fibpajai.dll] [N/A, ]
[C:\WINDOWS\system32\aeijmkfn.dll] [N/A, ]
[C:\WINDOWS\system32\gbbcbded.dll] [N/A, ]
[C:\WINDOWS\system32\mlhcpcol.dll] [N/A, ]
[C:\WINDOWS\system32\kjpcllif.dll] [N/A, ]
[C:\WINDOWS\system32\jalamgoh.dll] [N/A, ]
[C:\WINDOWS\system32\dfdcponb.dll] [N/A, ]
[C:\WINDOWS\system32\pappnebo.dll] [N/A, ]
[C:\WINDOWS\system32\lgjlhbpe.dll] [N/A, ]
[C:\WINDOWS\system32\plannhdn.dll] [N/A, ]
[C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation, 6.00.2600.0000]
[C:\WINDOWS\system32\anymie360.dll] [N/A, ]
[C:\WINDOWS\system32\fknnpecj.dll] [N/A, ]
[C:\WINDOWS\system32\lgbpfgkj.dll] [N/A, ]
[C:\Program Files\Internet Explorer\PowerNeNt.Onz] [N/A, ]
[PID: 1880 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [(Infected) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\Program Files\Internet Explorer\PowerNeNt.Onz] [N/A, ]
[PID: 1144 / SYSTEM][C:\WINDOWS\system32\nvsvc32.exe] [NVIDIA Corporation, 6.14.10.8198]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1576 / SYSTEM][D:\瑞星杀毒\Rising\Rav\ScanFrm.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.11]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[D:\瑞星杀毒\Rising\Rav\combase.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
[D:\瑞星杀毒\Rising\Rav\moncomm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[D:\瑞星杀毒\Rising\Rav\scansrvp.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.11]
[D:\瑞星杀毒\Rising\Rav\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
[D:\瑞星杀毒\Rising\Rav\ScanSrv.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.9]
[D:\瑞星杀毒\Rising\Rav\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
[D:\瑞星杀毒\Rising\Rav\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[D:\瑞星杀毒\Rising\Rav\ScanRavT.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.23]
[D:\瑞星杀毒\Rising\Rav\ScanBT.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.38]
[D:\瑞星杀毒\Rising\Rav\ScanStub.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.8]
[D:\瑞星杀毒\Rising\Rav\RsLog.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.32]
[D:\瑞星杀毒\Rising\Rav\ScanAdd.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
[D:\瑞星杀毒\Rising\Rav\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
[D:\瑞星杀毒\Rising\Rav\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.18]
[D:\瑞星杀毒\Rising\Rav\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.33]
[D:\瑞星杀毒\Rising\Rav\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
[D:\瑞星杀毒\Rising\Rav\refs.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
[D:\瑞星杀毒\Rising\Rav\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
[D:\瑞星杀毒\Rising\Rav\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
[D:\瑞星杀毒\Rising\Rav\mvengine.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
[D:\瑞星杀毒\Rising\Rav\posttrt.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
[D:\瑞星杀毒\Rising\Rav\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
[D:\瑞星杀毒\Rising\Rav\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3]
[PID: 1652 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
[PID: 1640 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 3672 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\browselc.dll] [Microsoft Corporation, 6.00.2600.0000]
[C:\WINDOWS\system32\IETool.dll] [N/A, ]
[D:\瑞星杀毒\Rising\Rav\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.60]
[C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0]
[C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4]
[C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx] [Adobe Systems, Inc., 9,0,28,0]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\WINDOWS\system32\hbjcmaei.dll] [N/A, ]
[C:\WINDOWS\system32\fibpajai.dll] [N/A, ]
[C:\WINDOWS\system32\aeijmkfn.dll] [N/A, ]
[C:\WINDOWS\system32\gbbcbded.dll] [N/A, ]
[C:\WINDOWS\system32\mlhcpcol.dll] [N/A, ]
[C:\WINDOWS\system32\kjpcllif.dll] [N/A, ]
[C:\WINDOWS\system32\jalamgoh.dll] [N/A, ]
[C:\WINDOWS\system32\dfdcponb.dll] [N/A, ]
[C:\WINDOWS\system32\pappnebo.dll] [N/A, ]
[C:\WINDOWS\system32\lgjlhbpe.dll] [N/A, ]
[C:\WINDOWS\system32\plannhdn.dll] [N/A, ]
[C:\WINDOWS\system32\fknnpecj.dll] [N/A, ]
[C:\Program Files\Internet Explorer\PowerNeNt.Onz] [N/A, ]
[C:\WINDOWS\system32\lgbpfgkj.dll] [N/A, ]
[PID: 2148 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1816204] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\Program Files\Internet Explorer\PowerNeNt.Onz] [N/A, ]
[PID: 3648 / Administrator][C:\WINDOWS\system32\conime.exe] [(Verified) Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[C:\Program Files\Internet Explorer\PowerNeNt.Onz] [N/A, ]
[PID: 3688 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\1958209] [N/A, ]
[C:\WINDOWS\system32\hbjcmaei.dll] [N/A, ]
[C:\WINDOWS\system32\fibpajai.dll] [N/A, ]
[PID: 3576 / Administrator][D:\扫描\SREngLdr.EXE] [Smallfrogs Studio, 2.7.0.1210]
[C:\WINDOWS\system32\hbjcmaei.dll] [N/A, ]
[C:\WINDOWS\system32\fibpajai.dll] [N/A, ]
[C:\WINDOWS\system32\aeijmkfn.dll] [N/A, ]
[C:\WINDOWS\system32\gbbcbded.dll] [N/A, ]
[C:\WINDOWS\system32\mlhcpcol.dll] [N/A, ]
[C:\WINDOWS\system32\kjpcllif.dll] [N/A, ]
[C:\WINDOWS\system32\jalamgoh.dll] [N/A, ]
[C:\WINDOWS\system32\dfdcponb.dll] [N/A, ]
[C:\WINDOWS\system32\pappnebo.dll] [N/A, ]
[C:\WINDOWS\system32\lgjlhbpe.dll] [N/A, ]
[C:\WINDOWS\system32\plannhdn.dll] [N/A, ]
[PID: 3744 / Administrator][D:\扫描\SRE9b4eb966.EXE] [Smallfrogs Studio, 2.7.0.1210]
[C:\WINDOWS\system32\gbbcbded.dll] [N/A, ]
[C:\WINDOWS\system32\plannhdn.dll] [N/A, ]
[C:\WINDOWS\system32\kjpcllif.dll] [N/A, ]
[C:\WINDOWS\system32\jalamgoh.dll] [N/A, ]
[C:\WINDOWS\system32\fibpajai.dll] [N/A, ]
[C:\WINDOWS\system32\mlhcpcol.dll] [N/A, ]
[C:\WINDOWS\system32\lgjlhbpe.dll] [N/A, ]
[C:\WINDOWS\system32\dfdcponb.dll] [N/A, ]
[C:\WINDOWS\system32\hbjcmaei.dll] [N/A, ]
[C:\WINDOWS\system32\pappnebo.dll] [N/A, ]
[C:\WINDOWS\system32\aeijmkfn.dll] [N/A, ]
[C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\WowInitcode.dat] [N/A, ]
[D:\扫描\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15]
[C:\WINDOWS\system32\fknnpecj.dll] [N/A, ]
[C:\Program Files\Internet Explorer\PowerNeNt.Onz] [N/A, ]
[C:\WINDOWS\system32\lgbpfgkj.dll] [N/A, ]
[PID: 1004 / Administrator][C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\2173408] [N/A, ]
[C:\WINDOWS\system32\hbjcmaei.dll] [N/A, ]
[C:\WINDOWS\system32\fibpajai.dll] [N/A, ]
[C:\WINDOWS\system32\aeijmkfn.dll] [N/A, ]
[C:\WINDOWS\system32\gbbcbded.dll] [N/A, ]
[C:\WINDOWS\system32\mlhcpcol.dll] [N/A, ]
[C:\WINDOWS\system32\kjpcllif.dll] [N/A, ]
[C:\WINDOWS\system32\jalamgoh.dll] [N/A, ]
[C:\WINDOWS\system32\dfdcponb.dll] [N/A, ]
[C:\WINDOWS\system32\pappnebo.dll] [N/A, ]
[C:\WINDOWS\system32\lgjlhbpe.dll] [N/A, ]
[C:\WINDOWS\system32\plannhdn.dll] [N/A, ]
[C:\WINDOWS\system32\fknnpecj.dll] [N/A, ]
