==================================
正在运行的进程
[PID: 612][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 980][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1008][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\cryptimg.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[PID: 1052][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1064][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1208][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1344][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1384][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 1708][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\WINDOWS\system32\wbem\dsdbydzc.dll] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\Thunder Network\Thunder\ComDlls\XunLeiBHO_002.dll] [Thunder Networking Technologies,LTD, 5, 0, 0, 2]
[C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\Program Files\DeskAdTop\fshook.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\nwizAskTao.dll] [N/A, ]
[C:\WINDOWS\system32\nwiztlbb.dll] [N/A, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\system32\RavExt.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 9]
[C:\Program Files\WinRAR\rarext.dll] [N/A, ]
[F:\新建文件夹 (3)\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[C:\WINDOWS\system32\AlxTB1.dll] [Alexa Internet, 7, 2, 0, 2]
[C:\Program Files\Microsoft Office\OFFICE11\msohev.dll] [Microsoft Corporation, 11.0.5510]
[PID: 1436][C:\WINDOWS\system32\RUNDLL32.EXE] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\WINDOWS\system32\NvMcTray.dll] [NVIDIA Corporation, 6.14.10.8198]
[C:\WINDOWS\system32\NVRSZHC.DLL] [NVIDIA Corporation, 6.14.10.8198]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1492][C:\WINDOWS\SOUNDMAN.EXE] [Realtek Semiconductor Corp., 5, 1, 0, 52]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1476][C:\Program Files\360safe\safemon\360tray.exe] [奇虎网, 1, 0, 1, 1002]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\360safe\safemon\SafeKrnl.dll] [奇虎网, 1, 0, 0, 1001]
[C:\Program Files\360safe\AntiAdwa.dll] [360Safe.com, 2, 2, 2, 1000]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\DeskAdTop\fshook.dll] [, 1, 0, 0, 1]
[PID: 1588][C:\WINDOWS\VM305_STI.EXE] [Vimicro, 4, 3, 625, 61]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\WINDOWS\system32\msdmo.dll] [, ]
[C:\WINDOWS\system32\VM305Prp.Ax] [Vimicro, 4.3. 625.61]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 1604][C:\Program Files\hxupdate\hxgame-update.exe] [, 1, 0, 0, 1]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[PID: 1652][C:\WINDOWS\system32\rundll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\DeskAdTop\Run.dll] [, 1, 0, 0, 1]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\DeskAdTop\fshook.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[PID: 2012][C:\WINDOWS\system32\SysJ2\svchost.exe] [N/A, ]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[PID: 1936][C:\WINDOWS\system32\ctfmon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\DeskAdTop\fshook.dll] [, 1, 0, 0, 1]
[PID: 2836][C:\Program Files\Rising\AntiSpyware\runiep.exe] [Beijing Rising Technology Co., Ltd., 1, 0, 1, 6]
[C:\Program Files\Rising\AntiSpyware\iep_ctrl.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 4]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\DeskAdTop\fshook.dll] [, 1, 0, 0, 1]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[PID: 2784][F:\新建文件夹 (3)\Rising\Rav\RavTask.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 7]
[F:\新建文件夹 (3)\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[F:\新建文件夹 (3)\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[F:\新建文件夹 (3)\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[F:\新建文件夹 (3)\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[PID: 4064][F:\新建文件夹 (3)\Rising\Rav\RavMon.exe] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 45]
[F:\新建文件夹 (3)\Rising\Rav\RsGuiLib.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 33]
[F:\新建文件夹 (3)\Rising\Rav\BWList.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 10]
[F:\新建文件夹 (3)\Rising\Rav\RSAPPMGR.DLL] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 2]
[F:\新建文件夹 (3)\Rising\Rav\CfgDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 13]
[F:\新建文件夹 (3)\Rising\Rav\RSCOMMON.DLL] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 5]
[F:\新建文件夹 (3)\Rising\Rav\RsCommX.dll] [rising, 18, 0, 0, 1]
[F:\新建文件夹 (3)\Rising\Rav\RsXML.dll] [Beijing Rising Technology Co., Ltd., 19, 0, 0, 2]
[F:\新建文件夹 (3)\Rising\Rav\PngDll.dll] [Beijing Rising Technology Co., Ltd., 18, 0, 0, 5]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\DeskAdTop\fshook.dll] [, 1, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[PID: 680][F:\新建文件夹 (3)\sreng2\SREng.EXE] [Smallfrogs Studio, 2.4.12.806]
[C:\Program Files\360safe\safemon\safemon.dll] [, 1, 0, 0, 1002]
[C:\Program Files\DeskAdTop\fshook.dll] [, 1, 0, 0, 1]
[C:\Program Files\Rising\AntiSpyware\ieprot.dll] [Beijing Rising Technology Co., Ltd., 1, 0, 0, 10]
[C:\WINDOWS\system32\SysJ2\Ghook.dll] [N/A, ]
[C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL] [Microsoft Corporation, 11.0.6551]
==================================
文件关联
.TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE OK. ["%1" %*]
.COM OK. ["%1" %*]
.PIF OK. ["%1" %*]
.REG OK. [regedit.exe "%1"]
.BAT OK. ["%1" %*]
.SCR OK. ["%1" /S]
.CHM OK. ["C:\WINDOWS\hh.exe" %1]
.HLP OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK OK. [{00021401-0000-0000-C000-000000000046}]
==================================
Winsock 提供者
N/A
==================================
Autorun.inf
N/A
==================================
HOSTS 文件
127.0.0.1 localhost
127.0.0.1 mmm.caifu18.net
127.0.0.1 www.18dmm.com
127.0.0.1 d.qbbd.com
127.0.0.1 www.5117music.com
127.0.0.1 www.union123.com
127.0.0.1 www.wu7x.cn
127.0.0.1 www.54699.com
127.0.0.1 www1.6tan.com
127.0.0.1 www2.6tan.com
127.0.0.1 www.97725.com
127.0.0.1 down.97725.com
127.0.0.1 ip.315hack.com
127.0.0.1 ip.54liumang.com
127.0.0.1 www.41ip.com
127.0.0.1 xulao.com
127.0.0.1 www.heixiou.com
127.0.0.1 www.9cyy.com
127.0.0.1 www.hunll.com
127.0.0.1 www.down.hunll.com
127.0.0.1 do.77276.com
127.0.0.1 www.baidulink.com
127.0.0.1 adnx.yygou.cn
127.0.0.1 222.73.220.45
127.0.0.1 www.f5game.com
127.0.0.1 www.guazhan.cn
127.0.0.1 wm,103715.com
127.0.0.1 www.my6688.cn
127.0.0.1 i.96981.com
127.0.0.1 d.77276.com
127.0.0.1 www1.cw988.cn
127.0.0.1 cool.47555.com
127.0.0.1 www.asdwc.com
127.0.0.1 55880.cn
127.0.0.1 61.152.169.234
127.0.0.1 cc.wzxqy.com
127.0.0.1 www.54699.com
127.0.0.1 t.gcuj.com
127.0.0.1 www.puma163.com
127.0.0.1 ceoww.com
127.0.0.1 boolom.com
127.0.0.1 adult-novel.cn
127.0.0.1 ll.chinasese.net
127.0.0.1 www.tellumore.com
127.0.0.1 www.o1wg.com
127.0.0.1 www.qq756.com
127.0.0.1 ll.chinasese.net
==================================
API HOOK
N/A
==================================
隐藏进程
N/A
==================================
[/CODE]
