System Repair Engineer 2.5.16.900
Smallfrogs (http://www.KZTechs.com)

Windows XP Professional Service Pack 2 (Build 2600) - 管理权限用户 - 完整功能

以下内容被选中：
    所有的启动项目（包括注册表、启动文件夹、服务等）
    浏览器加载项
    正在运行的进程（包括进程模块信息）
    文件关联
    Winsock 提供者
    Autorun.inf
    HOSTS 文件
    进程特权扫描


启动项目
注册表
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    <ctfmon.exe><C:\WINDOWS\system32\ctfmon.exe>  [(Verified)Microsoft Windows Publisher]
    <QQDownload><; "C:\Program Files\QQDownload\QQDownload.exe" autostart>  [N/A]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <load><>  [N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    <SoundMan><SOUNDMAN.EXE>  [Realtek Semiconductor Corp.]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Science and Technology Corporation Limited]
    <killrodog><"D:\烽火台\killer_rodog.exe" -anti>  [360Safe.com]
    <360Safetray><C:\Program Files\360safe\safemon\360tray.exe /start>  [奇虎网]
    <IMJPMIG8.1><; "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32>  [(Verified)Microsoft Windows Publisher]
    <PHIME2002A><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName>  [N/A]
    <PHIME2002ASync><; C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC>  [N/A]
    <StormCodec_Helper><; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti>  []
    <stup.exe><Rundll32.exe C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll,Rundll32 R>  [(Verified)Tencent Technology(Shenzhen) Company Limited]
    <TkBellExe><; "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osboot>  [RealNetworks, Inc.]
    <VTTimer><; VTTimer.exe>  [S3 Graphics, Inc.]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <shell><Explorer.exe>  [(Verified)Microsoft Windows Publisher]
    <Userinit><C:\WINDOWS\system32\userinit.exe,>  []
    <UIHost><logonui.exe>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{A8907901-1416-3389-9981-37217856998A}><C:\WINDOWS\Fonts\kawdjzy.dll>  [N/A]
    <{84336684-09e0-4167-9cb6-f577f3b8d73e}><C:\WINDOWS\system32\IGB_WD_1020.dll>  [N/A]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Science and Technology Corporation Limited]

[用户系统信息]Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; QQDownload 1.7)

<{DC3D30AE-0380-4151-8934-EE98A34B0370}><C:\WINDOWS\system32\mfdesy.dll>  []
    <{8C41B7F7-3168-400D-A702-0E7EFE0BA304}><C:\WINDOWS\system32\sgrefg.dll>  []
    <{45AADFAA-DD36-42AB-83AD-0521BBF58C24}><C:\WINDOWS\system32\zjydcx.dll>  []
    <{4FA10261-B890-F432-A453-69F1023513F4}><C:\WINDOWS\Fonts\gjcsdyc.dll>  [N/A]
    <{F859245F-345D-BC13-AC4F-145D47DA34FF}><C:\WINDOWS\Fonts\avzxomn.dll>  [N/A]
    <{17DFD111-BF3A-4CB4-ADB0-88FCBFE69821}><C:\WINDOWS\system32\hhrdxd.dll>  []
    <{73AE86E6-7F03-4C3B-8980-FB1DA157D3C7}><C:\WINDOWS\system32\fmcvxy.dll>  []
    <{7914E0AA-ECCB-4311-B584-C49538227824}><C:\WINDOWS\system32\jhfrxz.dll>  []
    <{CAED0F3B-DF8B-4DBF-BB20-8DFBC3199068}><C:\WINDOWS\system32\jhrcar.dll>  []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}]
    <Internet Explorer><%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}]
    <Outlook Express><%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}]
    <Themes Setup><%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
    <Microsoft Outlook Express 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install>  [N/A]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Windows Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}]
    <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install>  [N/A]
[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\BLISS.SCR>  [Microsoft]

==================================
启动文件夹
N/A

==================================
服务
[Human Interface Device Access / HidServ][Stopped/Disabled]
  <C:\WINDOWS\System32\svchost.exe -k netsvcs-->%SystemRoot%\System32\hidserv.dll><N/A>
[Rising Process Communication Center / RsCCenter][Stopped/Auto Start]
  <"C:\Program Files\Rising\Rav\CCenter.exe"><Beijing Rising Technology Co., Ltd.>
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
  <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"><Beijing Rising Technology Co., Ltd.>

==================================
驱动程序
[a320raid / a320raid][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\a320raid.sys><Adaptec, Inc.>
[AAC / AAC][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AAC.SYS><Adaptec, Inc.>
[aar1210 / aar1210][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aar1210.sys><Adaptec, Inc.>
[abp480n5 / abp480n5][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\abp480n5.sys><Microsoft Corporation>
[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
  <system32\drivers\ac97intc.sys><Intel Corporation>
[adpu160m / adpu160m][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\adpu160m.sys><Microsoft Corporation>
[adpu320 / adpu320][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\adpu320.sys><Adaptec, Inc.>
[ACARD AEC6210UF UltraDMA33 Controller / aec6210][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aec6210.sys><ACARD Technology Corp.>
[ACARD AEC6260 UltraDMA-66 Controller / aec6260][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aec6260.sys><ACARD Technology Corp.>
[aec6280 / aec6280][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aec6280.sys><ACARD Technology Corp.>
[AEC6290 / AEC6290][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC6290.SYS><ACARD Technology Corp.>
[AEC67160 / AEC67160][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC67160.SYS><ACARD Technology Corp.>
[AEC671X / AEC671X][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC671X.SYS><ACARD Technology Corp.>
[AEC6880 / AEC6880][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC6880.SYS><ACARD Technology Corp.>
[AEC6890 / AEC6890][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\AEC6890.sys><ACARD Technology Corp.>
[aec68x5 / aec68x5][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aec68x5.sys><ACARD Technology Corp.>
[Aha154x / Aha154x][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aha154x.sys><Microsoft Corporation>
[aic78u2 / aic78u2][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aic78u2.sys><Microsoft Corporation>
[aic78xx / aic78xx][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\aic78xx.sys><Microsoft Corporation>
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
  <system32\drivers\ALCXWDM.SYS><Realtek Semiconductor Corp.>
[AliIde / AliIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\aliide.sys><Acer Laboratories Inc.>
[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
  <System32\DRIVERS\amdk8.sys><Microsoft Corporation>
[arc / arc][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\arc.sys><Adaptec, Inc.>
[asc / asc][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\asc.sys><Advanced System Products, Inc.>
[asc3550 / asc3550][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\asc3550.sys><Advanced System Products, Inc.>
[ATI2HDDSRV / ATI2HDDSRV][Running/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\ati32srv.sys><N/A>
[CmdIde / CmdIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\cmdide.sys><CMD Technology, Inc.>
[dac2w2k / dac2w2k][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\dac2w2k.sys><Mylex Corporation>
[DeepFree Update / DeepFree Update][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\drivers\pcihdd2.sys><N/A>
[dpti2o / dpti2o][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\dpti2o.sys><Microsoft Corporation>
[elxstor / elxstor][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\elxstor.sys><Emulex>
[FASTSX / FASTSX][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\FASTSX.SYS><Promise Technology, Inc.>
[fasttrak / fasttrak][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\fasttrak.sys><Promise Technology, Inc.>
[fasttx2k / fasttx2k][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\fasttx2k.sys><Promise Technology, Inc.>
[fasttx2k2 / fasttx2k2][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\fasttx2k2.sys><Promise Technology, Inc.>
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
  <system32\DRIVERS\fetnd5.sys><VIA Technologies, Inc.>
[HookCont / HookCont][Running/System Start]
  <\SystemRoot\system32\drivers\HookCont.sys><Beijing Rising Technology Co., Ltd>
[HookNtos / HookNtos][Running/System Start]
  <\SystemRoot\system32\drivers\HookNtos.sys><Beijing Rising Technology Co., Ltd>
[HookReg / HookReg][Running/System Start]
  <\SystemRoot\system32\drivers\HookReg.sys><Beijing Rising Technology Co., Ltd>
[HookSys / HookSys][Running/System Start]
  <\SystemRoot\system32\drivers\HookSys.sys><Beijing Rising Technology Co., Ltd>
[HpCISSs / HpCISSs][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\hpcisss.sys><Hewlett-Packard Company>
[Hpt366 / Hpt366][Stopped/Boot Start]

<\SystemRoot\System32\DRIVERS\Hpt366.sys><Microsoft Corporation>
[HPT371 / HPT371][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\HPT371.sys><HighPoint Technologies, Inc.>
[hpt374 / hpt374][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hpt374.sys><HighPoint Technologies, Inc.>
[hpt3xx / hpt3xx][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hpt3xx.sys><HighPoint Technologies, Inc.>
[hptmv / hptmv][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hptmv.sys><HighPoint Technologies, Inc.>
[hptpro / hptpro][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\hptpro.sys><HighPoint Technologies, Inc.>
[Intel Integrated RAID / iaStor][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\iaStor.sys><Intel Corporation>
[iirsp / iirsp][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\iirsp.sys><Intel Corp./ICP vortex GmbH>
[ini910u / ini910u][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ini910u.sys><Microsoft Corporation>
[ITERAID_Service_Install / iteraid][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\iteraid.sys><Integrated Technology Express, Inc.>
[LSI_SAS / LSI_SAS][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\lsi_sas.sys><LSI Logic>
[LSI_SCSI / LSI_SCSI][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\lsi_scsi.sys><LSI Logic>
[m5228 / m5228][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\m5228.sys><ALi Corporation.>
[m5281 / m5281][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\m5281.sys><ALi Corporation>
[MegaIDE / MegaIDE][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\MegaIDE.sys><LSI Logic Corporation.>
[megasas / megasas][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\megasas.sys><LSI Logic Corporation>
[mraid2k / mraid2k][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\mraid2k.sys><American Megatrends, Inc.>
[mraid35x / mraid35x][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\mraid35x.sys><American Megatrends Inc.>
[msepion / msepion][Stopped/Manual Start]
  <\??\C:\WINDOWS\system32\msepion.sys><N/A>
[msskye / msskye][Stopped/Auto Start]
  <system32\DRIVERS\msaclue.sys><N/A>
[nfrd960 / nfrd960][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\nfrd960.sys><IBM Corporation>
[npkcrypt / npkcrypt][Running/Auto Start]
  <\??\C:\Program Files\QQ2005\npkcrypt.sys><INCA Internet Co., Ltd.>
[nv / nv][Stopped/Manual Start]
  <system32\DRIVERS\nv4_mini.sys><NVIDIA Corporation>
[Intel SCSI Controller / NvAtaBus][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\NVATABUS.SYS><NVIDIA Corporation>
[NVIDIA nForce(tm) RAID Class Driver / nvraid][Stopped/Boot Start]
  <\SystemRoot\system32\DRIVERS\nvraid.sys><NVIDIA Corporation>
[PNP649R / PNP649R][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\PNP649R.SYS><CMD Technology, Inc.>
[SiI 680 ATA Controller / Pnp680][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\pnp680.sys><Silicon Image, Inc.>
[Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\pnp680r.sys><Silicon Image, Inc>
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
  <system32\DRIVERS\ptilink.sys><Parallel Technologies, Inc.>
[ql1080 / ql1080][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql1080.sys><QLogic Corporation>
[Ql10wnt / Ql10wnt][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql10wnt.sys><Microsoft Corporation>
[ql12160 / ql12160][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql12160.sys><QLogic Corporation>
[ql1280 / ql1280][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ql1280.sys><QLogic Corporation>
[QLogic Fibre Channel SCSI Miniport Driver / ql2300][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\ql2300.sys><QLogic Corporation>
[RAIDSRC / RAIDSRC][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\RAIDSRC.SYS><Intel/ICP>
[RsNTGDI / RsNTGDI][Running/Boot Start]
  <\SystemRoot\system32\Drivers\RsNTGdi.sys><Beijing Rising Technology Co., Ltd.>
[Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start]
  <system32\DRIVERS\Rtnicxp.sys><Realtek Semiconductor Corporation>
[S150SX8 / S150SX8][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\S150SX8.SYS><Promise Technology, Inc.>
[Secdrv / Secdrv][Stopped/Manual Start]
  <system32\DRIVERS\secdrv.sys><N/A>
[SiI-3512 SATALink Controller / SI3112][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3112.sys><Silicon Image, Inc.>
[Silicon Image SiI 3512 SATARaid Controller / SI3112r][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\SI3112r.sys><Silicon Image, Inc>
[SiI-3114 SATALink Controller / SI3114][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3114.sys><Silicon Image, Inc.>
[SiI-3114 SATARaid Controller / SI3114r][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3114R.sys><Silicon Image, Inc>
[SiI-3124 SATALink Controller / SI3124][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3124.sys><Silicon Image, Inc.>
[SiI-3124 SATARaid Controller / SI3124r][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SI3124R.sys><Silicon Image, Inc>
[SATALink driver accelerator / SiFilter][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SiWinAcc.sys><Silicon Image, Inc.>
[SISIDE / SISIDE][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SISIDE.SYS><Silicon Integrated Systems Corp.>
[SiSRaid / SiSRaid][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SiSRaid.sys><Silicon Integrated Systems>
[SiSRaid1 / SiSRaid1][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SiSRaid1.sys><Silicon Integrated Systems>
[SISRAIDS / SISRAIDS][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SISRAIDS.SYS><Silicon Integrated Systems Corp>
[Sparrow / Sparrow][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\sparrow.sys><Adaptec, Inc.>
[sptrak / sptrak][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\sptrak.sys><Promise Technology, Inc.>
[symc810 / symc810][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\symc810.sys><Symbios Logic Inc.>
[symc8xx / symc8xx][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\symc8xx.sys><LSI Logic>
[SYMMPI / SYMMPI][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\SYMMPI.SYS><LSI Logic>
[sym_hi / sym_hi][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\sym_hi.sys><LSI Logic>
[sym_u3 / sym_u3][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\sym_u3.sys><LSI Logic>
[TosIde / TosIde][Running/Boot Start]
  <\SystemRoot\System32\DRIVERS\toside.sys><Microsoft Corporation>
[UlSata / UlSata][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ulsata.sys><Promise Technology, Inc.>
[ULSATAS / ULSATAS][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ULSATAS.SYS><Promise Technology, Inc.>
[ultra / ultra][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\ultra.sys><Promise Technology, Inc.>
[viagfx / viagfx][Running/Manual Start]
  <system32\DRIVERS\vtmini.sys><Copyright (C) VIA/S3 Graphics Co, Ltd.>
[ViaIde / ViaIde][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viaidexp.sys><VIA Technologies, Inc.>
[viamraid / viamraid][Running/Boot Start]
  <\SystemRoot\system32\DRIVERS\viamraid.sys><VIA Technologies inc,.ltd>
[VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\viapdsk.sys><VIA Technologies, Inc.>
[viaraid / viaraid][Stopped/Boot Start]
  <\SystemRoot\System32\DRIVERS\viaraid.sys><VIA Technologies inc,.ltd>
[viasraid / viasraid][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\viasraid.sys><VIA Technologies inc,.ltd>
[vmscsi / vmscsi][Stopped/Boot Start]
  <\SystemRoot\system32\drivers\vmscsi.sys><VMware, Inc.>

==================================
浏览器加载项
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\QQDownload\QQIEHelper01.dll, 腾讯公司>
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr.dll, Tencent>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, N/A>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[微软]
  {6096E38F-5AC1-4391-8EC4-75DFA92FB32F} <http://www.microsoft.com/china/index.htm, N/A>
[Windows Genuine Advantage Validation Tool]
  {17492023-C23A-453E-A040-C7C580BBF700} <C:\WINDOWS\system32\LegitCheckControl.DLL, Microsoft? Corporation>
[QQCycloneHelper Class]
  {00000000-12C9-4305-82F9-43058F20E8D2} <C:\Program Files\QQDownload\QQIEHelper01.dll, 腾讯公司>
[Tencent Browser Helper]
  {0C7C23EF-A848-485B-873C-0ED954731014} <C:\Program Files\TENCENT\SSPlus\SAddr.dll, Tencent>
[PeerDraw Class]
  {10072CEC-8CC1-11D1-986E-00A0C955B42E} <C:\Program Files\Common Files\Microsoft Shared\VGX\vgx.dll, Microsoft Corporation>
[HTML Document]
  {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\system32\mshtml.dll, N/A>
[DHTML Edit Control Safe for Scripting for IE5]
  {2D360201-FFF5-11D1-8D03-00A0C959BC0A} <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx, Microsoft Corporation>
[Tabular Data Control]
  {333C7BC4-460F-11D0-BC04-0080C7055A83} <C:\WINDOWS\system32\tdc.ocx, Microsoft Corporation>
[XML Document]
  {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\system32\msxml3.dll, N/A>
[WUWebControl Class]
  {6414512B-B978-451D-A0D8-FCFDF33E833C} <C:\WINDOWS\system32\wuweb.dll, Microsoft Corporation>
[Windows Media Player]
  {6BF52A52-394A-11D3-B153-00C04F79FAA6} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Microsoft Web 浏览器]
  {8856F961-340A-11D0-A96B-00C04FD705A2} <C:\WINDOWS\system32\shdocvw.dll, Microsoft Corporation>
[Microsoft Scriptlet Component]
  {AE24FDAE-03C6-11D1-8B76-0080C744F389} <C:\WINDOWS\system32\mshtml.dll, Microsoft Corporation>
[SearchAssistantOC]
  {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\system32\shdocvw.dll, N/A>
[SafeMon Class]
  {B69F34DD-F0F9-42DC-9EDD-957187DA688D} <C:\Program Files\360safe\safemon\safemon.dll, N/A>
[RDS.DataSpace]
  {BD96C556-65A3-11D0-983A-00C04FC29E36} <C:\Program Files\Common Files\System\msadc\msadco.dll, Microsoft Corporation>
[NTIECatcher Class]
  {C56CB6B0-0D96-11D6-8C65-B2868B609932} <C:\Program Files\Xi\NetTransport 2\NTIEHelper.dll, Xi>
[AUDIO__X_MS_WMA Moniker Class]
  {CD3AFA84-B84F-48F0-9393-7EDC34128127} <C:\WINDOWS\system32\wmp.dll, Microsoft Corporation>
[Shockwave Flash Object]
  {D27CDB6E-AE6D-11CF-96B8-444553540000} <C:\WINDOWS\system32\macromed\flash\Flash85.ocx, Macromedia, Inc.>
[&使用超级旋风下载]
  <C:\Program Files\QQDownload\geturl.htm, N/A>
[&使用超级旋风下载全部链接]
  <C:\Program Files\QQDownload\getAllurl.htm, N/A>
[使用影音传送带下载]
  <C:\Program Files\Xi\NetTransport 2\NTAddLink.html, N/A>
[使用影音传送带下载全部链接]
  <C:\Program Files\Xi\NetTransport 2\NTAddList.html, N/A>
[导出到 Microsoft Office Excel(&X)]
  <res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000, N/A>
[添加到QQ表情]
  <C:\Program Files\QQ2005\AddEmotion.htm, N/A>

正在运行的进程
[PID: 552 / SYSTEM][\SystemRoot\System32\smss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 616 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
[PID: 640 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
[PID: 684 / SYSTEM][C:\WINDOWS\system32\services.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
[PID: 696 / SYSTEM][C:\WINDOWS\system32\lsass.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
[PID: 836 / SYSTEM][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
[PID: 944 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
[PID: 1068 / SYSTEM][C:\WINDOWS\System32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\System32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\System32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\System32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\System32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\System32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\System32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\System32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\System32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\System32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\System32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\System32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\System32\auhad.dll]  [N/A, ]
[PID: 1132 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
[PID: 1364 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
[PID: 1400 / new][C:\WINDOWS\system32\userinit.exe]  [N/A, ]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]

[PID: 1432 / new][C:\windows\explorer.exe]  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 3, 11]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
[PID: 1832 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
[PID: 368 / new][C:\WINDOWS\SOUNDMAN.EXE]  [Realtek Semiconductor Corp., 5, 1, 0, 48]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 3, 11]
[PID: 392 / new][C:\Program Files\Rising\Rav\RavTask.exe]  [Beijing Rising Technology Co., Ltd., 20.0.0.22]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]

[C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\RSAPPMGR.DLL]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.10]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 3, 11]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
[PID: 884 / new][C:\WINDOWS\system32\Rundll32.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 3, 11]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
[PID: 2252 / new][C:\WINDOWS\system32\ctfmon.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 3, 11]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
[PID: 3236 / LOCAL SERVICE][C:\WINDOWS\system32\wdfmgr.exe]  [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act)]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
[PID: 3560 / new][C:\Program Files\Rising\Rav\Ravmon.exe]  [Beijing Rising Technology Co., Ltd., 20.0.01.05]
    [C:\WINDOWS\system32\MFC71.DLL]  [Microsoft Corporation, 7.10.3077.0]
    [C:\WINDOWS\system32\MSVCR71.dll]  [Microsoft Corporation, 7.10.3052.4]
    [C:\WINDOWS\system32\MSVCP71.dll]  [Microsoft Corporation, 7.10.3077.0]

[C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\Program Files\Rising\Rav\ProcCom.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RsCommX2.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 19]
    [C:\Program Files\Rising\Rav\RSCOMMON.DLL]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\recomp.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 20]
    [C:\Program Files\Rising\Rav\refs.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 12]
    [C:\Program Files\Rising\Rav\viruslib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 16]
    [C:\Program Files\Rising\Rav\relibldr.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 13]
    [C:\Program Files\Rising\Rav\RSAPPMGR.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.0]
    [C:\Program Files\Rising\Rav\CfgDll.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.10]
    [C:\Program Files\Rising\Rav\MonRule.dll]  [Beijing Rising Technology Co., Ltd., 20.0.0.24]
    [C:\Program Files\Rising\Rav\PngDll.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 3]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 3, 11]
    [C:\Program Files\Rising\Rav\Rsguilib.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 79]
    [C:\Program Files\Rising\Rav\RsXML.dll]  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 0]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]
[PID: 1408 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe]  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)]
    [C:\WINDOWS\System32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\System32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\System32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\System32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\System32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\System32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\System32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\System32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\System32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\System32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\System32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\System32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\System32\auhad.dll]  [N/A, ]
[PID: 4204 / new][C:\Documents and Settings\new\桌面\sreng2\SREngPS.EXE]  [Smallfrogs Studio, 2.5.16.900]
    [C:\WINDOWS\system32\ijougiemnaw.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnaixnauhqq.dll]  [N/A, ]
    [C:\WINDOWS\system32\naijoad.dll]  [N/A, ]
    [C:\WINDOWS\system32\niluw.dll]  [N/A, ]
    [C:\WINDOWS\system32\naixuhz.dll]  [N/A, ]
    [C:\WINDOWS\system32\jsqc.dll]  [N/A, ]
    [C:\WINDOWS\system32\nauhgnem.dll]  [N/A, ]
    [C:\WINDOWS\system32\iqnauhc.dll]  [N/A, ]
    [C:\WINDOWS\system32\gnolnait.dll]  [N/A, ]
    [C:\WINDOWS\system32\oadnew.dll]  [N/A, ]
    [C:\WINDOWS\system32\ijiq.dll]  [N/A, ]
    [C:\WINDOWS\system32\hjxr.dll]  [N/A, ]
    [C:\WINDOWS\system32\auhad.dll]  [N/A, ]
    [C:\PROGRA~1\TENCENT\SSPlus\SPlus.dll]  [TENCENT, 5, 0, 3, 11]
    [C:\WINDOWS\system32\jhrcar.dll]  [N/A, ]
    [C:\WINDOWS\system32\jhfrxz.dll]  [N/A, ]
    [C:\WINDOWS\system32\fmcvxy.dll]  [N/A, ]
    [C:\WINDOWS\system32\hhrdxd.dll]  [N/A, ]
    [C:\WINDOWS\system32\zjydcx.dll]  [N/A, ]
    [C:\WINDOWS\system32\sgrefg.dll]  [N/A, ]
    [C:\WINDOWS\system32\mfdesy.dll]  [N/A, ]
    [C:\Documents and Settings\new\桌面\sreng2\Upload\3rdUpd.DLL]  [Smallfrogs Studio, 2, 1, 0, 15]
    [C:\WINDOWS\system32\HDDGuard.dll]  [N/A, ]

==================================
文件关联
.TXT  Error. [C:\WINDOWS\notepad.exe %1]
.EXE  OK. ["%1" %*]
.COM  OK. ["%1" %*]
.PIF  OK. ["%1" %*]
.REG  OK. [regedit.exe "%1"]
.BAT  OK. ["%1" %*]
.SCR  OK. ["%1" /S]
.CHM  Error. ["hh.exe" %1]
.HLP  OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI  Error. [C:\WINDOWS\System32\NOTEPAD.EXE %1]
.INF  OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.JS  OK. [%SystemRoot%\System32\WScript.exe "%1" %*]
.LNK  OK. [{00021401-0000-0000-C000-000000000046}]

==================================
Winsock 提供者
N/A

==================================
Autorun.inf
N/A

==================================
HOSTS 文件
127.0.0.1      localhost
; 1*********以下内容为360安全卫士为免疫机器狗木马病毒所添加******************
127.0.0.1  yu.8s7.net
127.0.0.1  2.joppnqq.com
127.0.0.1  wg.47255.com
127.0.0.1  1.joppnqq.com
127.0.0.1  xxx.m111.biz
127.0.0.1  1.jopenqc.com
127.0.0.1  1.jopenkk.com
127.0.0.1  xxx.vh7.biz
127.0.0.1  xxx.j41m.com
127.0.0.1  3.joppnqq.com
127.0.0.1  d.93se.com
127.0.0.1  www.868wg.com
127.0.0.1  xxx.mmma.biz
127.0.0.1  ilove.com
127.0.0.1  tp.shpzhan.cn
127.0.0.1  www.tomwg.com
127.0.0.1  www.177dvd.cn
127.0.0.1  www.cike007.cn
127.0.0.1  www.22aaa.com
127.0.0.1  xx.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  www.exiao01.com
127.0.0.1  new.749571.com
127.0.0.1  xtx.kv8.info
127.0.0.1  cao.kv8.info
; *********结束******************

==================================
进程特权扫描
特殊特权被允许： SeLoadDriverPrivilege [PID = 368, C:\WINDOWS\SOUNDMAN.EXE]

==================================
API HOOK
N/A

==================================
隐藏进程
N/A

==================================


[/CODE]