ql420824pagefile.sys30g是什么病毒
点击联系发帖人
时间:2018-07-26 15:18
当前位置:
IBM System x5I75)点评
综合评分 3.2
同系列产品选择
一起分享体验
快速点评不得少于10个字哦,当前已输入0字
看不清?换一张
最多可以输入30个字
上传图片:
最多上传10张图片,您还可以上传10张
高级点评不得少于50个字哦,当前已输入0.0字
购买情况:
购买价格:
购买渠道:
1号店 京东商城 苏宁易购 国美电器 亚马逊 新蛋网 其它
IBM System x5I75)相关产品评价
热门城市:
甘肃省兰州
H湖南省长沙
湖北省武汉
海南省海口
河南省郑州
河北省石家庄保定邯郸邢台唐山
黑龙江哈尔滨大庆
J江西省南昌赣州
江苏省南京苏州无锡
吉林省长春
L辽宁省沈阳大连
N内蒙古呼和浩特
S上海市上海
四川省成都
陕西省西安
山东省 济南青岛烟台
山西省太原
T天津市天津
X新疆乌鲁木齐
Y云南省昆明
Z浙江省杭州宁波温州
加载中,请稍候...
IBM热门服务器排行请完成以下验证码
查看: 6467|回复: 11
机器中了病毒rundll32.exe
snxjmv.br,oinvqz
机器中了病毒,会在计划任务里面添加几百个任务计划,参数是rundll32.exe snxjmv.br,oinvqz
但是我怎么也找不好snxjmv.br这个文件啊
七月灬等待
扫描个sreng日志上来
首先说明下,rundll32.exe 是一个系统进程,可以说是微软系列系统的一个比较开放性的动态链接库(后缀名“.dll ”)调用程序,很多的动态链接库文件都需要 通过它进行调用才能完成系统的一系列运行。所以说他也是一个受害者。
另外两个文件因为不知道您系统装配的软件是什么,所以不好判断。还是先按照沙发上的那位扫描个日志传给他分析下。
本贴仅提供帮助。慢了一手,坐板凳了。
多谢楼上两位!日志如下:有点长
System Repair Engineer 2.8.2.1321
Smallfrogs ()
Windows Server 2003 Enterprise Edition Service Pack 2 (Build 3790) - 管理权限用户 - 完整功能
以下内容被选中:
& & 所有的启动项目(包括注册表、启动文件夹、服务等)
& & 浏览器加载项
& & 正在运行的进程(包括进程模块信息)
& & 文件关联
& & Winsock 提供者
& & Autorun.inf
& & HOSTS 文件
& & 进程特权扫描
& & 计划任务
& & Windows 安全更新检查
& & API HOOK
& & 隐藏进程
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
& & &ctfmon.exe&&C:\WINDOWS\system32\ctfmon.exe&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
& & &load&&&&&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
& & &IMJPMIG8.1&&&C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE& /Spoil /RemAdvDef /Migration32&&&[(Verified)Microsoft Windows Component Publisher]
& & &IMEKRMIG6.1&&C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE&&&[(Verified)Microsoft Windows Component Publisher]
& & &PHIME2002ASync&&C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC&&&[(Verified)Microsoft Windows Component Publisher]
& & &PHIME2002A&&C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName&&&[(Verified)Microsoft Windows Component Publisher]
& & &CPQTEAM&&C:\Program Files\HP\NCU\cpqteam.exe&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &RsTray&&&C:\Program Files\Rising\Rav\RsTray.exe& -system&&&[(Verified)Beijing Rising Information Technology Corporation Limited]
& & &RavTray&&&C:\Program Files\Rising\Rav\RavTray.exe&&&&[(Verified)Beijing Rising Information Technology Corporation Limited]
& & &DAEMON Tools-1033&&&C:\Program Files\D-Tools\daemon.exe&&&-lang 1033&&&[DAEMON'S HOME]
& & &IMSCMig&&C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload&&&[(Verified)Microsoft Corporation]
& & &QLogicSaveSystemInfo&&rundll32.exe qlco1006.dll,QLSaveSystemInfo&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
& & &shell&&Explorer.exe&&&[(Verified)Microsoft Windows Component Publisher]
& & &Userinit&&C:\WINDOWS\system32\userinit.exe,&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
& & &AppInit_DLLs&&&&&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
& & &UIHost&&%SystemRoot%\system32\logonui.exe&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
& & &{AEB-11d0-97EE-00C04FD91972}&&shell32.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
& & &PostBootReminder&&%SystemRoot%\system32\SHELL32.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &CDBurn&&%SystemRoot%\system32\SHELL32.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &WebCheck&&%SystemRoot%\system32\webcheck.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &SysTray&&C:\WINDOWS\system32\stobject.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
& & &WinlogonNotify: crypt32chain&&crypt32.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
& & &WinlogonNotify: cryptnet&&cryptnet.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
& & &WinlogonNotify: cscdll&&cscdll.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
& & &WinlogonNotify: dimsntfy&&dimsntfy.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
& & &WinlogonNotify: ScCertProp&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
& & &WinlogonNotify: Schedule&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
& & &WinlogonNotify: sclgntfy&&sclgntfy.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
& & &WinlogonNotify: SensLogn&&WlNotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
& & &WinlogonNotify: termsrv&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
& & &WinlogonNotify: wlballoon&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
& & &{-A8BA-11D1-B96B-00A0C90312E1}&&%SystemRoot%\system32\browseui.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &{8C7461EF-2B13-11d2-BE35-0}&&%SystemRoot%\system32\browseui.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{22d6f312-b0f6-11d0-94ab-e95}]
& & &Microsoft Windows Media Player&&C:\WINDOWS\INF\unregmp2.exe /HideWMP&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{60B49E34-C7CC-11D0-C90347FF}MICROS]
& & &浏览器自定义组件&&RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09--FED}]
& & &Themes Setup&&%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll&&&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
& & &Microsoft Outlook Express 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:OE /CALLER:WINNT /user /install&&&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
& & &NetMeeting 3.01&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
& & &Microsoft Windows Media Player&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{71-11d2-AF11-00C04FA35D02}]
& & &通讯簿 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:WAB /CALLER:WINNT /user /install&&&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4340}]
& & &Windows 桌面更新&®svr32.exe /s /n /i:U shell32.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4383}]
& & &Internet Explorer 6&&%SystemRoot%\system32\ie4uinit.exe&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018--5476DBF70820}]
& & &N/A&&C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A}]
& & &%IEHARDENADMIN_BASE_DESC%&&%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenAdmin&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A}]
& & &%IEHARDENUSER_DESC%&&%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenUser&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
& & &SCRNSAVE.EXE&&C:\WINDOWS\System32\logon.scr&&&[(Verified)Microsoft Windows Component Publisher]
==================================
启动文件夹
==================================
[HP Insight Event Notifier / CIMnotify][Stopped/Disabled]
&&&C:\WINDOWS\system32\CIMntfy\cimntfy.exe&&Hewlett-Packard Company&
[HP Smart Array SAS/SATA Event Notification Service / Cissesrv][Running/Auto Start]
&&&&C:\Program Files\HP\Cissesrv\cissesrv.exe&&&Hewlett-Packard Company&
[HP Insight NIC Agents / CpqNicMgmt][Running/Auto Start]
&&&C:\WINDOWS\system32\CPQNiMgt\cpqnimgt.exe&&Hewlett-Packard Company&
[HP ProLiant Remote Monitor Service / CpqRcmc][Running/Auto Start]
&&&C:\WINDOWS\system32\cpqrcmc.exe&&Hewlett-Packard Company&
[HP Version Control Agent / cpqvcagent][Running/Auto Start]
&&&C:\hp\hpsmh\data\cgi-bin\vcagent\vcagent.exe&&Hewlett-Packard Company&
[HP Insight Foundation Agents / CqMgHost][Running/Auto Start]
&&&C:\WINDOWS\system32\CpqMgmt\cqmghost\cqmghost.exe&&Hewlett-Packard Company&
[HP Insight Server Agents / CqMgServ][Running/Auto Start]
&&&C:\WINDOWS\system32\CpqMgmt\cqmgserv\cqmgserv.exe&&Hewlett-Packard Company&
[HP Insight Storage Agents / CqMgStor][Running/Auto Start]
&&&C:\WINDOWS\system32\CpqMgmt\cqmgstor\cqmgstor.exe&&Hewlett-Packard Company&
[Human Interface Device Access / HidServ][Stopped/Disabled]
&&&C:\WINDOWS\System32\svchost.exe -k netsvcs--&%SystemRoot%\System32\hidserv.dll&&N/A&
[Lotus Domino Server (LotusDominoData) / Lotus Domino Server (LotusDominoData)][Running/Manual Start]
&&&e:\Lotus\Domino\nservice.exe =e:\Lotus\Domino\notes.ini&&IBM Corp&
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
&&&C:\Program Files\Rising\Rav\CCENTER.EXE&&Beijing Rising Information Technology Co., Ltd.&
[RavService / RavService][Running/Auto Start]
&&&&C:\Program Files\Rising\Rav\RavService.exe&&&Beijing Rising Information Technology Co., Ltd.&
[Rising RavTask Manager / RavTask][Running/Auto Start]
&&&&C:\Program Files\Rising\Rav\RavTask.exe& RavTask&&Beijing Rising Information Technology Co., Ltd.&
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
&&&C:\Program Files\Rising\Rav\RavMonD.exe&&Beijing Rising Information Technology Co., Ltd.&
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
&&&C:\Program Files\Rising\Rav\ScanFrm.exe&&Beijing Rising Information Technology Co., Ltd.&
[IBM DS Storage Manager 10 Agent / SMagent][Stopped/Auto Start]
&&&C:\PROGRA~1\IBM_DS\agent\SMagent.exe&&N/A&
[HP ProLiant System Shutdown Service / sysdown][Running/Auto Start]
&&&C:\WINDOWS\system32\sysdown.exe&&Hewlett-Packard Company&
[HP System Management Homepage / SysMgmtHp][Running/Auto Start]
&&&C:\hp\hpsmh\bin\smhstart.exe&&Hewlett-Packard Company&
==================================
[ati2mtag / ati2mtag][Running/Manual Start]
&&&system32\DRIVERS\ati2mtag.sys&&ATI Technologies Inc.&
[HP Virtual Bus Device / b06bdrv][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\bxvbdx.sys&&Broadcom Corporation&
[HP iLO Management Channel Interface Driver / CpqCiDrv][Running/Manual Start]
&&&system32\DRIVERS\cpqcidrv.sys&&Hewlett-Packard Company&
[HP Network Configuration Utility / CPQTeam][Stopped/Manual Start]
&&&system32\DRIVERS\cpqteam.sys&&Hewlett-Packard Company&
[IBM DS3000/DS4000/DS5000 DSM / ds4dsm][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\ds4dsm.sys&&IBM Corporation&
[IBM DS3000/DS4000/DS5000 UTM Disk Manager / ds4utm][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\ds4utm.sys&&IBM Corporation&
[hookcont / hookcont][Running/System Start]
&&&system32\drivers\HookCont.sys&&Beijing Rising Information Technology Co., Ltd.&
[hooksys / hooksys][Running/System Start]
&&&system32\drivers\HookSys.sys&&Beijing Rising Information Technology Co., Ltd.&
[HpCISSs2 / HpCISSs2][Running/Boot Start]
&&&\SystemRoot\system32\drivers\HpCISSs2.sys&&Hewlett-Packard Company&
[hpqilo2 / hpqilo2][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\hpqilo2.sys&&Hewlett-Packard Company&
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
&&&system32\DRIVERS\ipinip.sys&&N/A&
[HP NC370 Multifunction Gigabit Server Adapter / l2nd][Running/Manual Start]
&&&system32\DRIVERS\bxnd52x.sys&&Broadcom Corporation&
[pnpshark / pnpshark][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\pnpshark.sys&&&
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
&&&system32\DRIVERS\ptilink.sys&&Parallel Technologies, Inc.&
[QLogic Fibre Channel STOR Miniport Driver (w32 IP) / ql2300][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\ql2300.sys&&QLogic Corporation&
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
&&&system32\DRIVERS\rfwbase.sys&&Beijing Rising Information Technology Co., Ltd.&
[rfwtdi / rfwtdi][Running/Auto Start]
&&&\??\C:\Program Files\Rising\Rav\rfwtdi.sys&&Beijing Rising Information Technology Co., Ltd.&
[rsfwdrv / rsfwdrv][Running/System Start]
&&&\??\C:\Program Files\Rising\Rav\rsfwdrv.sys&&Beijing Rising Information Technology Co., Ltd.&
[RsNTGDI / RsNTGDI][Running/Boot Start]
&&&\SystemRoot\system32\Drivers\RsNTGdi.sys&&Beijing Rising Information Technology Co., Ltd.&
[Secdrv / Secdrv][Stopped/Manual Start]
&&&system32\DRIVERS\secdrv.sys&&Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.&
[st3shark / st3shark][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\st3shark.sys&&&
==================================
浏览器加载项
[信息检索(&R)]
&&{CC-41C8-B9BE-3C9C571A8263} &C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation&
[DDSC Class]
&&{62CEC9E0--A94E-4F7565DCD23F} &C:\WINDOWS\Downloaded Program Files\MSDDSC.dll, (Signed) &
[XSL Template]
&&{B36-11D2-B20E-00C04F983E60} &C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation&
[DDSC Class]
&&{62CEC9E0--A94E-4F7565DCD23F} &C:\WINDOWS\Downloaded Program Files\MSDDSC.dll, (Signed) &
&&{CC-41C8-B9BE-3C9C571A8263} &, &
[SearchAssistantOC]
&&{B45FF030--85DE-00C04FA35C89} &%SystemRoot%\system32\shdocvw.dll, (Signed) N/A&
[FileExchange Control]
&&{C902B087-E506-4ABC-8F73-A67B85CD9D0E} &C:\WINDOWS\system32\tsoa.ocx, home&
[XML DOM Document]
&&{F6D90F11-9C73-11D3-B32E-00C04F990BB4} &C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation&
[Free Threaded XML DOM Document]
&&{F6D90F12-9C73-11D3-B32E-00C04F990BB4} &C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation&
[导出到 Microsoft Office Excel(&X)]
&&&res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A&
==================================
正在运行的进程
[PID: 392 / SYSTEM][\SystemRoot\System32\smss.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 448 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]&&[(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.8)]
[PID: 476 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
& & [C:\WINDOWS\system32\tssoft32.acm]&&[DSP GROUP, INC., 1.01]
& & [C:\WINDOWS\system32\tsd32.dll]&&[, ]
& & [C:\WINDOWS\system32\sl_anet.acm]&&[Sipro Lab Telecom Inc., 3.02]
& & [C:\WINDOWS\system32\l3codeca.acm]&&[Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[PID: 524 / SYSTEM][C:\WINDOWS\system32\services.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_gdr.5)]
[PID: 536 / SYSTEM][C:\WINDOWS\system32\lsass.exe]&&[(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.8)]
[PID: 712 / SYSTEM][C:\WINDOWS\system32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 836 / SYSTEM][C:\Program Files\Rising\Rav\CCENTER.EXE]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\combase.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
& & [C:\Program Files\Rising\Rav\cnt09.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
& & [C:\Program Files\Rising\Rav\cnt08.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
[PID: 860 / SYSTEM][C:\Program Files\Rising\Rav\RavTask.exe]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
& & [C:\Program Files\Rising\Rav\proccomm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\rsconf.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
& & [C:\Program Files\Rising\Rav\RSAPPMGR.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
& & [C:\Program Files\Rising\Rav\CfgDll.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.21]
& & [C:\Program Files\Rising\Rav\rstask.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 40]
& & [C:\Program Files\Rising\Rav\rsstub.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[PID: 904 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 956 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 996 / SYSTEM][C:\WINDOWS\System32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 1000 / SYSTEM][C:\Program Files\Rising\Rav\RavMonD.exe]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\combase.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\moncomm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
& & [C:\Program Files\Rising\Rav\MonBase.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
& & [C:\Program Files\Rising\Rav\Rslog.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.41]
& & [C:\Program Files\Rising\Rav\mondrv.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
& & [C:\Program Files\Rising\Rav\defmon.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31]
& & [C:\Program Files\Rising\Rav\moncom08.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\MonRule.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
& & [C:\Program Files\Rising\Rav\FileMon.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
& & [C:\Program Files\Rising\Rav\MailMon.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
& & [C:\Program Files\Rising\Rav\HookWeb.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
& & [C:\Program Files\Rising\Rav\rfwlog.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\logproxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.7]
& & [C:\Program Files\Rising\Rav\rsxml3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\ProcComm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\Program Files\Rising\Rav\rfwrule.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
& & [C:\Program Files\Rising\Rav\rfwsrv.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.89]
& & [C:\Program Files\Rising\Rav\Syslay.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
& & [C:\Program Files\Rising\Rav\mPorts.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.0]
& & [C:\Program Files\Rising\Rav\rfwdrvc.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.3]
& & [C:\Program Files\Rising\Rav\Rfwdrv.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.5]
& & [C:\Program Files\Rising\Rav\rsnetsvr.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\comx3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
& & [C:\Program Files\Rising\Rav\urlrule.dll]&&[Beijing Rising Information Technology Co., Ltd., 1.0.0.18]
& & [C:\Program Files\Rising\Rav\recomp.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
& & [C:\Program Files\Rising\Rav\refs.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
& & [C:\Program Files\Rising\Rav\viruslib.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
& & [C:\Program Files\Rising\Rav\relibldr.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
& & [C:\Program Files\Rising\Rav\rfwproxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.27]
& & [C:\Program Files\Rising\Rav\RSAPPMGR.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
& & [C:\Program Files\Rising\Rav\CfgDll.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.21]
& & [C:\Program Files\Rising\Rav\Hooksys.dll]&&[Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18]
& & [C:\Program Files\Rising\Rav\ProcCom.dll]&&[Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
& & [C:\Program Files\Rising\Rav\RsCommX2.dll]&&[Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
& & [C:\Program Files\Rising\Rav\HookCont.dll]&&[Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12]
& & [C:\Program Files\Rising\Rav\BACore.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22]
& & [C:\Program Files\Rising\Rav\RSStore.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
& & [C:\Program Files\Rising\Rav\ScanAdd.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
& & [C:\Program Files\Rising\Rav\Scanner.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.41]
& & [C:\Program Files\Rising\Rav\ffr.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\nvfile.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\scanexec.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\unexe.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\scanex.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 76]
& & [C:\Program Files\Rising\Rav\extsfx.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\pearc.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\scanpe.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10]
& & [C:\Program Files\Rising\Rav\scantj.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\pecompd.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
& & [C:\Program Files\Rising\Rav\heurex.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17]
& & [C:\Program Files\Rising\Rav\scansct.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\ur000.dat]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\urutils.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\methodex.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
& & [C:\Program Files\Rising\Rav\revm.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
& & [C:\Program Files\Rising\Rav\extmail.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
& & [C:\Program Files\Rising\Rav\urllib.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\ur001.dat]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\posttrt.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7]
[PID: 1176 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 1308 / SYSTEM][C:\Program Files\HP\Cissesrv\cissesrv.exe]&&[Hewlett-Packard Company, 6.16.0.32 Build 2 (x86) built by: buildsrv]
[PID: 1324 / SYSTEM][C:\WINDOWS\system32\cpqrcmc.exe]&&[Hewlett-Packard Company, 5.21.0.0 built by: buildsrv]
[PID: 1340 / SYSTEM][C:\hp\hpsmh\data\cgi-bin\vcagent\vcagent.exe]&&[Hewlett-Packard Company, 2.2.1.830]
& & [C:\hp\hpsmh\data\cgi-bin\vcagent\xerces-c_2_4_0.dll]&&[Apache Software Foundation, 2, 4, 0]
& & [C:\hp\hpsmh\data\cgi-bin\vcagent\Xalan-C_1_7_0.dll]&&[Apache Software Foundation, 1, 7, 0, 0]
& & [C:\hp\hpsmh\data\cgi-bin\vcagent\XalanMessages_1_7_0.dll]&&[N/A, ]
& & [C:\hp\hpsmh\data\cgi-bin\vcagent\SSLEAY32.dll]&&[The OpenSSL Project, , 0.9.8g]
& & [C:\hp\hpsmh\data\cgi-bin\vcagent\LIBEAY32.dll]&&[The OpenSSL Project, , 0.9.8g]
[PID: 1372 / SYSTEM][C:\WINDOWS\System32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 1612 / SYSTEM][C:\WINDOWS\system32\inetsrv\inetinfo.exe]&&[(Verified) Microsoft Corporation, 6.0. (srv03_sp2_rtm.0)]
[PID: 1672 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]&&[Microsoft Corporation, 7.00.9466]
& & [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll]&&[Microsoft Corporation, 7.00.9466]
& & [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL]&&[Microsoft Corporation, 7.00.9466]
[PID: 1724 / SYSTEM][C:\Program Files\Rising\Rav\RavService.exe]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 39]
& & [C:\Program Files\Rising\Rav\RavSevProxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 7]
& & [C:\Program Files\Rising\Rav\monstate.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
& & [C:\Program Files\Rising\Rav\comx3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
& & [C:\Program Files\Rising\Rav\Syslay.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
& & [C:\Program Files\Rising\Rav\DLCenter.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.4]
& & [C:\Program Files\Rising\Rav\ProcComm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\ScanPrxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
[PID: 1752 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[C:\Program Files\D-Tools\PFCTOC.DLL]&&[Padus(R), Inc., 1, 0, 0, 12]
& & [C:\Program Files\D-Tools\Plugins\Images\ccdmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\mdsmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\nrgmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\pdimount.dll]&&[GENERIC, 1.01.0.0]
[PID: 3984 / administrator][C:\WINDOWS\system32\ctfmon.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7600 / LOCAL SERVICE][C:\WINDOWS\system32\logon.scr]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7708 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]&&[(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.8)]
[PID: 7924 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
& & [C:\WINDOWS\system32\tssoft32.acm]&&[DSP GROUP, INC., 1.01]
& & [C:\WINDOWS\system32\tsd32.dll]&&[, ]
& & [C:\WINDOWS\system32\sl_anet.acm]&&[Sipro Lab Telecom Inc., 3.02]
& & [C:\WINDOWS\system32\l3codeca.acm]&&[Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[PID: 612 / administrator][C:\WINDOWS\system32\rdpclip.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6612 / administrator][C:\WINDOWS\Explorer.EXE]&&[(Verified) Microsoft Corporation, 6.00. (srv03_sp2_rtm.0)]
& & [F:\TRS软件\WinRAR\rarext.dll]&&[N/A, ]
& & [C:\WINDOWS\system32\RavExt.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[PID: 7020 / administrator][C:\Program Files\HP\NCU\cpqteam.exe]&&[Hewlett-Packard Company, 9.70.0.15]
[PID: 2792 / administrator][C:\Program Files\Rising\Rav\RsTray.exe]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.22]
& & [C:\Program Files\Rising\Rav\ComServ.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.49]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\rslang.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
& & [C:\Program Files\Rising\Rav\comx3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
& & [C:\Program Files\Rising\Rav\Syslay.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
& & [C:\Program Files\Rising\Rav\rsxml.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\ProcComm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\Program Files\Rising\Rav\MonState.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
& & [C:\Program Files\Rising\Rav\ScanEvnt.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
& & [C:\Program Files\Rising\Rav\rsguilib.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75]
& & [C:\WINDOWS\system32\MFC71.DLL]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\rsconf.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
& & [C:\Program Files\Rising\Rav\RSAPPMGR.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
& & [C:\Program Files\Rising\Rav\CfgDll.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.21]
& & [C:\Program Files\Rising\Rav\rfwrule.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
& & [C:\Program Files\Rising\Rav\rspalvd.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.26]
& & [C:\Program Files\Rising\Rav\rsnetsvr.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\ravbintl.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31]
& & [C:\Program Files\Rising\Rav\mruleui.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
& & [C:\Program Files\Rising\Rav\MonTray.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.1.4]
& & [C:\Program Files\Rising\Rav\PngDll.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\RavITray.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23]
& & [C:\Program Files\Rising\Rav\ScanPrxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
& & [C:\Program Files\Rising\Rav\rfwtray.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 12]
& & [C:\Program Files\Rising\Rav\rsmginfo.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\rfwlog.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\logproxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.7]
& & [C:\Program Files\Rising\Rav\rsxml3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
[PID: 1248 / administrator][C:\Program Files\Rising\Rav\RavTray.exe]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17]
& & [C:\Program Files\Rising\Rav\RavUILib.dll]&&[, 18, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\RavTray936.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8]
& & [C:\Program Files\Rising\Rav\ProcComm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
[PID: 1252 / administrator][C:\Program Files\D-Tools\daemon.exe]&&[DAEMON'S HOME, 3.41.0.0]
& & [C:\WINDOWS\daemon.dll]&&[, 3.41.0.0]
& & [C:\Program Files\D-Tools\PFCTOC.DLL]&&[Padus(R), Inc., 1, 0, 0, 12]
& & [C:\Program Files\D-Tools\Plugins\Images\ccdmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\mdsmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\nrgmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\pdimount.dll]&&[GENERIC, 1.01.0.0]
[PID: 4136 / administrator][C:\WINDOWS\system32\ctfmon.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7456 / administrator][C:\WINDOWS\Cluster\CluAdmin.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7692 / administrator][C:\WINDOWS\Cluster\CluAdmin.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7996 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]&&[(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.8)]
[PID: 4152 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
& & [C:\WINDOWS\system32\tssoft32.acm]&&[DSP GROUP, INC., 1.01]
& & [C:\WINDOWS\system32\tsd32.dll]&&[, ]
& & [C:\WINDOWS\system32\sl_anet.acm]&&[Sipro Lab Telecom Inc., 3.02]
& & [C:\WINDOWS\system32\l3codeca.acm]&&[Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[PID: 4200 / administrator][C:\WINDOWS\system32\rdpclip.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7688 / administrator][C:\WINDOWS\Explorer.EXE]&&[(Verified) Microsoft Corporation, 6.00. (srv03_sp2_rtm.0)]
[PID: 2352 / administrator][C:\Program Files\HP\NCU\cpqteam.exe]&&[Hewlett-Packard Company, 9.70.0.15]
[PID: 1236 / administrator][C:\Program Files\Rising\Rav\RsTray.exe]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.22]
& & [C:\Program Files\Rising\Rav\ComServ.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.49]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\rslang.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
& & [C:\Program Files\Rising\Rav\comx3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
& & [C:\Program Files\Rising\Rav\Syslay.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
& & [C:\Program Files\Rising\Rav\rsxml.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\ProcComm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\Program Files\Rising\Rav\MonState.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
& & [C:\Program Files\Rising\Rav\ScanEvnt.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
& & [C:\Program Files\Rising\Rav\rsguilib.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75]
& & [C:\WINDOWS\system32\MFC71.DLL]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\rsconf.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
& & [C:\Program Files\Rising\Rav\RSAPPMGR.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
& & [C:\Program Files\Rising\Rav\CfgDll.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.21]
& & [C:\Program Files\Rising\Rav\rfwrule.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
& & [C:\Program Files\Rising\Rav\rspalvd.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.26]
& & [C:\Program Files\Rising\Rav\rsnetsvr.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\ravbintl.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31]
& & [C:\Program Files\Rising\Rav\mruleui.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
& & [C:\Program Files\Rising\Rav\MonTray.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.1.4]
& & [C:\Program Files\Rising\Rav\PngDll.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\RavITray.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23]
& & [C:\Program Files\Rising\Rav\ScanPrxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
& & [C:\Program Files\Rising\Rav\rfwtray.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 12]
& & [C:\Program Files\Rising\Rav\rsmginfo.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\rfwlog.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\logproxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.7]
& & [C:\Program Files\Rising\Rav\rsxml3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
[PID: 7712 / administrator][C:\Program Files\Rising\Rav\RavTray.exe]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17]
& & [C:\Program Files\Rising\Rav\RavUILib.dll]&&[, 18, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\RavTray936.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8]
& & [C:\Program Files\Rising\Rav\ProcComm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
[PID: 8108 / administrator][C:\Program Files\D-Tools\daemon.exe]&&[DAEMON'S HOME, 3.41.0.0]
& & [C:\WINDOWS\daemon.dll]&&[, 3.41.0.0]
& & [C:\Program Files\D-Tools\PFCTOC.DLL]&&[Padus(R), Inc., 1, 0, 0, 12]
& & [C:\Program Files\D-Tools\Plugins\Images\ccdmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\mdsmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\nrgmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\pdimount.dll]&&[GENERIC, 1.01.0.0]
[PID: 6448 / administrator][C:\WINDOWS\system32\ctfmon.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9096 / administrator][C:\WINDOWS\system32\taskmgr.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10028 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7416 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6876 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12060 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6560 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8712 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10540 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10364 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12212 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12264 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7944 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12260 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10444 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8488 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11176 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10200 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11332 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7108 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12208 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10504 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10920 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4272 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5600 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9548 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 1708 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9788 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8352 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8536 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8464 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10976 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9792 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5340 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9604 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 1088 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 2112 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7464 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10756 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7252 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7760 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11184 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9316 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6388 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 888 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10392 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7460 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10940 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10616 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4504 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7592 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8004 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8200 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4596 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12088 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11968 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5496 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6084 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11480 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11792 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11324 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10156 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11104 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12200 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7604 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6712 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11656 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8240 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10660 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10692 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8264 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11448 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9496 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8212 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8152 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7740 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8868 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7892 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12148 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11196 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8260 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5348 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11156 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 1836 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11744 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8996 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 2892 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12252 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7700 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9016 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10732 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8500 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10404 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4560 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 592 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10548 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11516 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 940 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11336 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12256 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10908 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11848 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5492 / NETWORK SERVICE][c:\windows\system32\inetsrv\w3wp.exe]&&[(Verified) Microsoft Corporation, 6.0. (srv03_sp2_rtm.0)]
& & [C:\WebSphere\AppServer\bin\iisWASPlugin_http.dll]&&[N/A, ]
& & [C:\WebSphere\AppServer\bin\plugin_common.dll]&&[N/A, ]
[PID: 7156 / administrator][C:\WINDOWS\system32\conime.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4436 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4752 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6860 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9892 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9416 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10560 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10860 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7716 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7644 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5244 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7296 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5520 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5016 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 2788 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9616 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6952 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7008 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10060 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4548 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7720 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6868 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7160 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5752 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10464 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12048 / administrator][C:\WINDOWS\system32\wuauclt.exe]&&[(Verified) Microsoft Corporation, 7.4. (winmain_wtr_wsus3sp2(wmbla).4)]
[PID: 10204 / administrator][C:\WINDOWS\system32\wuauclt.exe]&&[(Verified) Microsoft Corporation, 7.4. (winmain_wtr_wsus3sp2(wmbla).4)]
[PID: 1036 / administrator][C:\WINDOWS\system32\wuauclt.exe]&&[(Verified) Microsoft Corporation, 7.4. (winmain_wtr_wsus3sp2(wmbla).4)]
[PID: 7344 / administrator][F:\工具\sreng2\SREngLdr.EXE]&&[Smallfrogs Studio, 2.8.2.1321]
[PID: 9588 / administrator][F:\工具\sreng2\SRE7dd36ec4.EXE]&&[Smallfrogs Studio, 2.8.2.1321]
& & [F:\工具\sreng2\Upload\3rdUpd.DLL]&&[Smallfrogs Studio, 2, 1, 0, 15]
==================================
.TXT&&OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE&&OK. [&%1& %*]
.COM&&OK. [&%1& %*]
.PIF&&OK. [&%1& %*]
.REG&&OK. [regedit.exe &%1&]
.BAT&&OK. [&%1& %*]
.SCR&&OK. [&%1& /S]
.CHM&&OK. [&C:\WINDOWS\hh.exe& %1]
.HLP&&OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI&&OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF&&OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS&&OK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.JS& &OK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.LNK&&OK. [{0-}]
==================================
Winsock 提供者
==================================
Autorun.inf
==================================
HOSTS 文件
127.0.0.1& && & localhost
==================================
进程特权扫描
==================================
[已启用] At1001.job
& && &&&rundll32.exe
[已启用] At1000.job
& && &&&rundll32.exe
[已启用] At100.job
& && &&&rundll32.exe
[已启用] At10.job
& && &&&rundll32.exe
[已启用] At1.job
& && &&&rundll32.exe
[已启用] At1006.job
& && &&&rundll32.exe
[已启用] At1005.job
& && &&&rundll32.exe
[已启用] At1004.job
& && &&&rundll32.exe
[已启用] At1003.job
& && &&&rundll32.exe
[已启用] At1002.job
& && &&&rundll32.exe
[已启用] At1010.job
& && &&&rundll32.exe
[已启用] At999.job
& && &&&rundll32.exe
==================================
Windows 安全更新检查
==================================
==================================
==================================
你是conficker病毒
多谢天月来了 !
不重视补丁
liulangzhecgr
用超兔的软件天使打完补丁,360说还要叫我打补丁!补丁啊?!。。。要听谁的!
用超兔的软件天使打完补丁,360说还要叫我打补丁!补丁啊?!。。。要听谁的!
liulangzhecgr 发表于
windows update
Copyright & KaFan &KaFan.cn All Rights Reserved.
Powered by Discuz! X3.4( 苏ICP备号 ) GMT+8,}
IBM System x5I75)点评
综合评分 3.2
同系列产品选择
一起分享体验
快速点评不得少于10个字哦,当前已输入0字
看不清?换一张
最多可以输入30个字
上传图片:
最多上传10张图片,您还可以上传10张
高级点评不得少于50个字哦,当前已输入0.0字
购买情况:
购买价格:
购买渠道:
1号店 京东商城 苏宁易购 国美电器 亚马逊 新蛋网 其它
IBM System x5I75)相关产品评价
热门城市:
甘肃省兰州
H湖南省长沙
湖北省武汉
海南省海口
河南省郑州
河北省石家庄保定邯郸邢台唐山
黑龙江哈尔滨大庆
J江西省南昌赣州
江苏省南京苏州无锡
吉林省长春
L辽宁省沈阳大连
N内蒙古呼和浩特
S上海市上海
四川省成都
陕西省西安
山东省 济南青岛烟台
山西省太原
T天津市天津
X新疆乌鲁木齐
Y云南省昆明
Z浙江省杭州宁波温州
加载中,请稍候...
IBM热门服务器排行请完成以下验证码
查看: 6467|回复: 11
机器中了病毒rundll32.exe
snxjmv.br,oinvqz
机器中了病毒,会在计划任务里面添加几百个任务计划,参数是rundll32.exe snxjmv.br,oinvqz
但是我怎么也找不好snxjmv.br这个文件啊
七月灬等待
扫描个sreng日志上来
首先说明下,rundll32.exe 是一个系统进程,可以说是微软系列系统的一个比较开放性的动态链接库(后缀名“.dll ”)调用程序,很多的动态链接库文件都需要 通过它进行调用才能完成系统的一系列运行。所以说他也是一个受害者。
另外两个文件因为不知道您系统装配的软件是什么,所以不好判断。还是先按照沙发上的那位扫描个日志传给他分析下。
本贴仅提供帮助。慢了一手,坐板凳了。
多谢楼上两位!日志如下:有点长
System Repair Engineer 2.8.2.1321
Smallfrogs ()
Windows Server 2003 Enterprise Edition Service Pack 2 (Build 3790) - 管理权限用户 - 完整功能
以下内容被选中:
& & 所有的启动项目(包括注册表、启动文件夹、服务等)
& & 浏览器加载项
& & 正在运行的进程(包括进程模块信息)
& & 文件关联
& & Winsock 提供者
& & Autorun.inf
& & HOSTS 文件
& & 进程特权扫描
& & 计划任务
& & Windows 安全更新检查
& & API HOOK
& & 隐藏进程
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
& & &ctfmon.exe&&C:\WINDOWS\system32\ctfmon.exe&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows]
& & &load&&&&&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
& & &IMJPMIG8.1&&&C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE& /Spoil /RemAdvDef /Migration32&&&[(Verified)Microsoft Windows Component Publisher]
& & &IMEKRMIG6.1&&C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE&&&[(Verified)Microsoft Windows Component Publisher]
& & &PHIME2002ASync&&C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC&&&[(Verified)Microsoft Windows Component Publisher]
& & &PHIME2002A&&C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName&&&[(Verified)Microsoft Windows Component Publisher]
& & &CPQTEAM&&C:\Program Files\HP\NCU\cpqteam.exe&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
& & &RsTray&&&C:\Program Files\Rising\Rav\RsTray.exe& -system&&&[(Verified)Beijing Rising Information Technology Corporation Limited]
& & &RavTray&&&C:\Program Files\Rising\Rav\RavTray.exe&&&&[(Verified)Beijing Rising Information Technology Corporation Limited]
& & &DAEMON Tools-1033&&&C:\Program Files\D-Tools\daemon.exe&&&-lang 1033&&&[DAEMON'S HOME]
& & &IMSCMig&&C:\PROGRA~1\COMMON~1\MICROS~1\IME\IMSC40A\IMSCMIG.EXE /Preload&&&[(Verified)Microsoft Corporation]
& & &QLogicSaveSystemInfo&&rundll32.exe qlco1006.dll,QLSaveSystemInfo&&&[(Verified)Microsoft Windows Hardware Compatibility Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
& & &shell&&Explorer.exe&&&[(Verified)Microsoft Windows Component Publisher]
& & &Userinit&&C:\WINDOWS\system32\userinit.exe,&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
& & &AppInit_DLLs&&&&&[N/A]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
& & &UIHost&&%SystemRoot%\system32\logonui.exe&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
& & &{AEB-11d0-97EE-00C04FD91972}&&shell32.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
& & &PostBootReminder&&%SystemRoot%\system32\SHELL32.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &CDBurn&&%SystemRoot%\system32\SHELL32.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &WebCheck&&%SystemRoot%\system32\webcheck.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &SysTray&&C:\WINDOWS\system32\stobject.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
& & &WinlogonNotify: crypt32chain&&crypt32.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
& & &WinlogonNotify: cryptnet&&cryptnet.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
& & &WinlogonNotify: cscdll&&cscdll.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy]
& & &WinlogonNotify: dimsntfy&&dimsntfy.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
& & &WinlogonNotify: ScCertProp&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
& & &WinlogonNotify: Schedule&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
& & &WinlogonNotify: sclgntfy&&sclgntfy.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
& & &WinlogonNotify: SensLogn&&WlNotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
& & &WinlogonNotify: termsrv&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
& & &WinlogonNotify: wlballoon&&wlnotify.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
& & &{-A8BA-11D1-B96B-00A0C90312E1}&&%SystemRoot%\system32\browseui.dll&&&[(Verified)Microsoft Windows Component Publisher]
& & &{8C7461EF-2B13-11d2-BE35-0}&&%SystemRoot%\system32\browseui.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{22d6f312-b0f6-11d0-94ab-e95}]
& & &Microsoft Windows Media Player&&C:\WINDOWS\INF\unregmp2.exe /HideWMP&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\&{60B49E34-C7CC-11D0-C90347FF}MICROS]
& & &浏览器自定义组件&&RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09--FED}]
& & &Themes Setup&&%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll&&&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}]
& & &Microsoft Outlook Express 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:OE /CALLER:WINNT /user /install&&&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
& & &NetMeeting 3.01&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
& & &Microsoft Windows Media Player&&rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{71-11d2-AF11-00C04FA35D02}]
& & &通讯簿 6&&&%ProgramFiles%\Outlook Express\setup50.exe& /APP:WAB /CALLER:WINNT /user /install&&&[File is missing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4340}]
& & &Windows 桌面更新&®svr32.exe /s /n /i:U shell32.dll&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{-ECBD-11cf-8B85-00AA005B4383}]
& & &Internet Explorer 6&&%SystemRoot%\system32\ie4uinit.exe&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018--5476DBF70820}]
& & &N/A&&C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A7-37EF-4b3f-8CFC-4F3A}]
& & &%IEHARDENADMIN_BASE_DESC%&&%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenAdmin&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{A509B1A8-37EF-4b3f-8CFC-4F3A}]
& & &%IEHARDENUSER_DESC%&&%SystemRoot%\system32\rundll32.exe iesetup.dll,IEHardenUser&&&[(Verified)Microsoft Windows Component Publisher]
[HKEY_CURRENT_USER\Control Panel\Desktop]
& & &SCRNSAVE.EXE&&C:\WINDOWS\System32\logon.scr&&&[(Verified)Microsoft Windows Component Publisher]
==================================
启动文件夹
==================================
[HP Insight Event Notifier / CIMnotify][Stopped/Disabled]
&&&C:\WINDOWS\system32\CIMntfy\cimntfy.exe&&Hewlett-Packard Company&
[HP Smart Array SAS/SATA Event Notification Service / Cissesrv][Running/Auto Start]
&&&&C:\Program Files\HP\Cissesrv\cissesrv.exe&&&Hewlett-Packard Company&
[HP Insight NIC Agents / CpqNicMgmt][Running/Auto Start]
&&&C:\WINDOWS\system32\CPQNiMgt\cpqnimgt.exe&&Hewlett-Packard Company&
[HP ProLiant Remote Monitor Service / CpqRcmc][Running/Auto Start]
&&&C:\WINDOWS\system32\cpqrcmc.exe&&Hewlett-Packard Company&
[HP Version Control Agent / cpqvcagent][Running/Auto Start]
&&&C:\hp\hpsmh\data\cgi-bin\vcagent\vcagent.exe&&Hewlett-Packard Company&
[HP Insight Foundation Agents / CqMgHost][Running/Auto Start]
&&&C:\WINDOWS\system32\CpqMgmt\cqmghost\cqmghost.exe&&Hewlett-Packard Company&
[HP Insight Server Agents / CqMgServ][Running/Auto Start]
&&&C:\WINDOWS\system32\CpqMgmt\cqmgserv\cqmgserv.exe&&Hewlett-Packard Company&
[HP Insight Storage Agents / CqMgStor][Running/Auto Start]
&&&C:\WINDOWS\system32\CpqMgmt\cqmgstor\cqmgstor.exe&&Hewlett-Packard Company&
[Human Interface Device Access / HidServ][Stopped/Disabled]
&&&C:\WINDOWS\System32\svchost.exe -k netsvcs--&%SystemRoot%\System32\hidserv.dll&&N/A&
[Lotus Domino Server (LotusDominoData) / Lotus Domino Server (LotusDominoData)][Running/Manual Start]
&&&e:\Lotus\Domino\nservice.exe =e:\Lotus\Domino\notes.ini&&IBM Corp&
[Rav Process Communication Center / RavCCenter][Stopped/Auto Start]
&&&C:\Program Files\Rising\Rav\CCENTER.EXE&&Beijing Rising Information Technology Co., Ltd.&
[RavService / RavService][Running/Auto Start]
&&&&C:\Program Files\Rising\Rav\RavService.exe&&&Beijing Rising Information Technology Co., Ltd.&
[Rising RavTask Manager / RavTask][Running/Auto Start]
&&&&C:\Program Files\Rising\Rav\RavTask.exe& RavTask&&Beijing Rising Information Technology Co., Ltd.&
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
&&&C:\Program Files\Rising\Rav\RavMonD.exe&&Beijing Rising Information Technology Co., Ltd.&
[Rising Scan Service / RsScanSrv][Stopped/Auto Start]
&&&C:\Program Files\Rising\Rav\ScanFrm.exe&&Beijing Rising Information Technology Co., Ltd.&
[IBM DS Storage Manager 10 Agent / SMagent][Stopped/Auto Start]
&&&C:\PROGRA~1\IBM_DS\agent\SMagent.exe&&N/A&
[HP ProLiant System Shutdown Service / sysdown][Running/Auto Start]
&&&C:\WINDOWS\system32\sysdown.exe&&Hewlett-Packard Company&
[HP System Management Homepage / SysMgmtHp][Running/Auto Start]
&&&C:\hp\hpsmh\bin\smhstart.exe&&Hewlett-Packard Company&
==================================
[ati2mtag / ati2mtag][Running/Manual Start]
&&&system32\DRIVERS\ati2mtag.sys&&ATI Technologies Inc.&
[HP Virtual Bus Device / b06bdrv][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\bxvbdx.sys&&Broadcom Corporation&
[HP iLO Management Channel Interface Driver / CpqCiDrv][Running/Manual Start]
&&&system32\DRIVERS\cpqcidrv.sys&&Hewlett-Packard Company&
[HP Network Configuration Utility / CPQTeam][Stopped/Manual Start]
&&&system32\DRIVERS\cpqteam.sys&&Hewlett-Packard Company&
[IBM DS3000/DS4000/DS5000 DSM / ds4dsm][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\ds4dsm.sys&&IBM Corporation&
[IBM DS3000/DS4000/DS5000 UTM Disk Manager / ds4utm][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\ds4utm.sys&&IBM Corporation&
[hookcont / hookcont][Running/System Start]
&&&system32\drivers\HookCont.sys&&Beijing Rising Information Technology Co., Ltd.&
[hooksys / hooksys][Running/System Start]
&&&system32\drivers\HookSys.sys&&Beijing Rising Information Technology Co., Ltd.&
[HpCISSs2 / HpCISSs2][Running/Boot Start]
&&&\SystemRoot\system32\drivers\HpCISSs2.sys&&Hewlett-Packard Company&
[hpqilo2 / hpqilo2][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\hpqilo2.sys&&Hewlett-Packard Company&
[IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start]
&&&system32\DRIVERS\ipinip.sys&&N/A&
[HP NC370 Multifunction Gigabit Server Adapter / l2nd][Running/Manual Start]
&&&system32\DRIVERS\bxnd52x.sys&&Broadcom Corporation&
[pnpshark / pnpshark][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\pnpshark.sys&&&
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
&&&system32\DRIVERS\ptilink.sys&&Parallel Technologies, Inc.&
[QLogic Fibre Channel STOR Miniport Driver (w32 IP) / ql2300][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\ql2300.sys&&QLogic Corporation&
[Rising RfwBase Driver / RfwBase9][Running/Manual Start]
&&&system32\DRIVERS\rfwbase.sys&&Beijing Rising Information Technology Co., Ltd.&
[rfwtdi / rfwtdi][Running/Auto Start]
&&&\??\C:\Program Files\Rising\Rav\rfwtdi.sys&&Beijing Rising Information Technology Co., Ltd.&
[rsfwdrv / rsfwdrv][Running/System Start]
&&&\??\C:\Program Files\Rising\Rav\rsfwdrv.sys&&Beijing Rising Information Technology Co., Ltd.&
[RsNTGDI / RsNTGDI][Running/Boot Start]
&&&\SystemRoot\system32\Drivers\RsNTGdi.sys&&Beijing Rising Information Technology Co., Ltd.&
[Secdrv / Secdrv][Stopped/Manual Start]
&&&system32\DRIVERS\secdrv.sys&&Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.&
[st3shark / st3shark][Running/Boot Start]
&&&\SystemRoot\system32\DRIVERS\st3shark.sys&&&
==================================
浏览器加载项
[信息检索(&R)]
&&{CC-41C8-B9BE-3C9C571A8263} &C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL, (Signed) Microsoft Corporation&
[DDSC Class]
&&{62CEC9E0--A94E-4F7565DCD23F} &C:\WINDOWS\Downloaded Program Files\MSDDSC.dll, (Signed) &
[XSL Template]
&&{B36-11D2-B20E-00C04F983E60} &C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation&
[DDSC Class]
&&{62CEC9E0--A94E-4F7565DCD23F} &C:\WINDOWS\Downloaded Program Files\MSDDSC.dll, (Signed) &
&&{CC-41C8-B9BE-3C9C571A8263} &, &
[SearchAssistantOC]
&&{B45FF030--85DE-00C04FA35C89} &%SystemRoot%\system32\shdocvw.dll, (Signed) N/A&
[FileExchange Control]
&&{C902B087-E506-4ABC-8F73-A67B85CD9D0E} &C:\WINDOWS\system32\tsoa.ocx, home&
[XML DOM Document]
&&{F6D90F11-9C73-11D3-B32E-00C04F990BB4} &C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation&
[Free Threaded XML DOM Document]
&&{F6D90F12-9C73-11D3-B32E-00C04F990BB4} &C:\WINDOWS\system32\msxml3.dll, (Signed) Microsoft Corporation&
[导出到 Microsoft Office Excel(&X)]
&&&res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000, N/A&
==================================
正在运行的进程
[PID: 392 / SYSTEM][\SystemRoot\System32\smss.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 448 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]&&[(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.8)]
[PID: 476 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
& & [C:\WINDOWS\system32\tssoft32.acm]&&[DSP GROUP, INC., 1.01]
& & [C:\WINDOWS\system32\tsd32.dll]&&[, ]
& & [C:\WINDOWS\system32\sl_anet.acm]&&[Sipro Lab Telecom Inc., 3.02]
& & [C:\WINDOWS\system32\l3codeca.acm]&&[Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[PID: 524 / SYSTEM][C:\WINDOWS\system32\services.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_gdr.5)]
[PID: 536 / SYSTEM][C:\WINDOWS\system32\lsass.exe]&&[(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.8)]
[PID: 712 / SYSTEM][C:\WINDOWS\system32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 780 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 836 / SYSTEM][C:\Program Files\Rising\Rav\CCENTER.EXE]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\combase.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
& & [C:\Program Files\Rising\Rav\cnt09.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37]
& & [C:\Program Files\Rising\Rav\cnt08.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
[PID: 860 / SYSTEM][C:\Program Files\Rising\Rav\RavTask.exe]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
& & [C:\Program Files\Rising\Rav\proccomm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\rsconf.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
& & [C:\Program Files\Rising\Rav\RSAPPMGR.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
& & [C:\Program Files\Rising\Rav\CfgDll.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.21]
& & [C:\Program Files\Rising\Rav\rstask.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 40]
& & [C:\Program Files\Rising\Rav\rsstub.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[PID: 904 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 956 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 996 / SYSTEM][C:\WINDOWS\System32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 1000 / SYSTEM][C:\Program Files\Rising\Rav\RavMonD.exe]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\combase.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\moncomm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
& & [C:\Program Files\Rising\Rav\MonBase.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6]
& & [C:\Program Files\Rising\Rav\Rslog.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.41]
& & [C:\Program Files\Rising\Rav\mondrv.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
& & [C:\Program Files\Rising\Rav\defmon.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31]
& & [C:\Program Files\Rising\Rav\moncom08.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\MonRule.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9]
& & [C:\Program Files\Rising\Rav\FileMon.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
& & [C:\Program Files\Rising\Rav\MailMon.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24]
& & [C:\Program Files\Rising\Rav\HookWeb.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
& & [C:\Program Files\Rising\Rav\rfwlog.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\logproxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.7]
& & [C:\Program Files\Rising\Rav\rsxml3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\ProcComm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\Program Files\Rising\Rav\rfwrule.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
& & [C:\Program Files\Rising\Rav\rfwsrv.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.89]
& & [C:\Program Files\Rising\Rav\Syslay.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
& & [C:\Program Files\Rising\Rav\mPorts.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.0]
& & [C:\Program Files\Rising\Rav\rfwdrvc.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.3]
& & [C:\Program Files\Rising\Rav\Rfwdrv.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.5]
& & [C:\Program Files\Rising\Rav\rsnetsvr.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\comx3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
& & [C:\Program Files\Rising\Rav\urlrule.dll]&&[Beijing Rising Information Technology Co., Ltd., 1.0.0.18]
& & [C:\Program Files\Rising\Rav\recomp.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
& & [C:\Program Files\Rising\Rav\refs.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
& & [C:\Program Files\Rising\Rav\viruslib.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
& & [C:\Program Files\Rising\Rav\relibldr.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
& & [C:\Program Files\Rising\Rav\rfwproxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.27]
& & [C:\Program Files\Rising\Rav\RSAPPMGR.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
& & [C:\Program Files\Rising\Rav\CfgDll.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.21]
& & [C:\Program Files\Rising\Rav\Hooksys.dll]&&[Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18]
& & [C:\Program Files\Rising\Rav\ProcCom.dll]&&[Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
& & [C:\Program Files\Rising\Rav\RsCommX2.dll]&&[Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20]
& & [C:\Program Files\Rising\Rav\HookCont.dll]&&[Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12]
& & [C:\Program Files\Rising\Rav\BACore.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22]
& & [C:\Program Files\Rising\Rav\RSStore.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13]
& & [C:\Program Files\Rising\Rav\ScanAdd.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.19]
& & [C:\Program Files\Rising\Rav\Scanner.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.41]
& & [C:\Program Files\Rising\Rav\ffr.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\nvfile.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\scanexec.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\unexe.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\scanex.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 76]
& & [C:\Program Files\Rising\Rav\extsfx.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\pearc.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\scanpe.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10]
& & [C:\Program Files\Rising\Rav\scantj.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\pecompd.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
& & [C:\Program Files\Rising\Rav\heurex.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17]
& & [C:\Program Files\Rising\Rav\scansct.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\ur000.dat]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\urutils.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\methodex.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3]
& & [C:\Program Files\Rising\Rav\revm.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6]
& & [C:\Program Files\Rising\Rav\extmail.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5]
& & [C:\Program Files\Rising\Rav\urllib.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\ur001.dat]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\posttrt.dll]&&[Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7]
[PID: 1176 / SYSTEM][C:\WINDOWS\system32\spoolsv.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 1308 / SYSTEM][C:\Program Files\HP\Cissesrv\cissesrv.exe]&&[Hewlett-Packard Company, 6.16.0.32 Build 2 (x86) built by: buildsrv]
[PID: 1324 / SYSTEM][C:\WINDOWS\system32\cpqrcmc.exe]&&[Hewlett-Packard Company, 5.21.0.0 built by: buildsrv]
[PID: 1340 / SYSTEM][C:\hp\hpsmh\data\cgi-bin\vcagent\vcagent.exe]&&[Hewlett-Packard Company, 2.2.1.830]
& & [C:\hp\hpsmh\data\cgi-bin\vcagent\xerces-c_2_4_0.dll]&&[Apache Software Foundation, 2, 4, 0]
& & [C:\hp\hpsmh\data\cgi-bin\vcagent\Xalan-C_1_7_0.dll]&&[Apache Software Foundation, 1, 7, 0, 0]
& & [C:\hp\hpsmh\data\cgi-bin\vcagent\XalanMessages_1_7_0.dll]&&[N/A, ]
& & [C:\hp\hpsmh\data\cgi-bin\vcagent\SSLEAY32.dll]&&[The OpenSSL Project, , 0.9.8g]
& & [C:\hp\hpsmh\data\cgi-bin\vcagent\LIBEAY32.dll]&&[The OpenSSL Project, , 0.9.8g]
[PID: 1372 / SYSTEM][C:\WINDOWS\System32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 1612 / SYSTEM][C:\WINDOWS\system32\inetsrv\inetinfo.exe]&&[(Verified) Microsoft Corporation, 6.0. (srv03_sp2_rtm.0)]
[PID: 1672 / SYSTEM][C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE]&&[Microsoft Corporation, 7.00.9466]
& & [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll]&&[Microsoft Corporation, 7.00.9466]
& & [C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MSDBG2.DLL]&&[Microsoft Corporation, 7.00.9466]
[PID: 1724 / SYSTEM][C:\Program Files\Rising\Rav\RavService.exe]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 39]
& & [C:\Program Files\Rising\Rav\RavSevProxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 7]
& & [C:\Program Files\Rising\Rav\monstate.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
& & [C:\Program Files\Rising\Rav\comx3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
& & [C:\Program Files\Rising\Rav\Syslay.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
& & [C:\Program Files\Rising\Rav\DLCenter.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.4]
& & [C:\Program Files\Rising\Rav\ProcComm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\ScanPrxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
[PID: 1752 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[C:\Program Files\D-Tools\PFCTOC.DLL]&&[Padus(R), Inc., 1, 0, 0, 12]
& & [C:\Program Files\D-Tools\Plugins\Images\ccdmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\mdsmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\nrgmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\pdimount.dll]&&[GENERIC, 1.01.0.0]
[PID: 3984 / administrator][C:\WINDOWS\system32\ctfmon.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7600 / LOCAL SERVICE][C:\WINDOWS\system32\logon.scr]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7708 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]&&[(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.8)]
[PID: 7924 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
& & [C:\WINDOWS\system32\tssoft32.acm]&&[DSP GROUP, INC., 1.01]
& & [C:\WINDOWS\system32\tsd32.dll]&&[, ]
& & [C:\WINDOWS\system32\sl_anet.acm]&&[Sipro Lab Telecom Inc., 3.02]
& & [C:\WINDOWS\system32\l3codeca.acm]&&[Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[PID: 612 / administrator][C:\WINDOWS\system32\rdpclip.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6612 / administrator][C:\WINDOWS\Explorer.EXE]&&[(Verified) Microsoft Corporation, 6.00. (srv03_sp2_rtm.0)]
& & [F:\TRS软件\WinRAR\rarext.dll]&&[N/A, ]
& & [C:\WINDOWS\system32\RavExt.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12]
[PID: 7020 / administrator][C:\Program Files\HP\NCU\cpqteam.exe]&&[Hewlett-Packard Company, 9.70.0.15]
[PID: 2792 / administrator][C:\Program Files\Rising\Rav\RsTray.exe]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.22]
& & [C:\Program Files\Rising\Rav\ComServ.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.49]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\rslang.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
& & [C:\Program Files\Rising\Rav\comx3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
& & [C:\Program Files\Rising\Rav\Syslay.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
& & [C:\Program Files\Rising\Rav\rsxml.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\ProcComm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\Program Files\Rising\Rav\MonState.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
& & [C:\Program Files\Rising\Rav\ScanEvnt.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
& & [C:\Program Files\Rising\Rav\rsguilib.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75]
& & [C:\WINDOWS\system32\MFC71.DLL]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\rsconf.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
& & [C:\Program Files\Rising\Rav\RSAPPMGR.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
& & [C:\Program Files\Rising\Rav\CfgDll.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.21]
& & [C:\Program Files\Rising\Rav\rfwrule.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
& & [C:\Program Files\Rising\Rav\rspalvd.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.26]
& & [C:\Program Files\Rising\Rav\rsnetsvr.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\ravbintl.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31]
& & [C:\Program Files\Rising\Rav\mruleui.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
& & [C:\Program Files\Rising\Rav\MonTray.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.1.4]
& & [C:\Program Files\Rising\Rav\PngDll.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\RavITray.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23]
& & [C:\Program Files\Rising\Rav\ScanPrxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
& & [C:\Program Files\Rising\Rav\rfwtray.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 12]
& & [C:\Program Files\Rising\Rav\rsmginfo.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\rfwlog.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\logproxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.7]
& & [C:\Program Files\Rising\Rav\rsxml3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
[PID: 1248 / administrator][C:\Program Files\Rising\Rav\RavTray.exe]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17]
& & [C:\Program Files\Rising\Rav\RavUILib.dll]&&[, 18, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\RavTray936.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8]
& & [C:\Program Files\Rising\Rav\ProcComm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
[PID: 1252 / administrator][C:\Program Files\D-Tools\daemon.exe]&&[DAEMON'S HOME, 3.41.0.0]
& & [C:\WINDOWS\daemon.dll]&&[, 3.41.0.0]
& & [C:\Program Files\D-Tools\PFCTOC.DLL]&&[Padus(R), Inc., 1, 0, 0, 12]
& & [C:\Program Files\D-Tools\Plugins\Images\ccdmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\mdsmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\nrgmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\pdimount.dll]&&[GENERIC, 1.01.0.0]
[PID: 4136 / administrator][C:\WINDOWS\system32\ctfmon.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7456 / administrator][C:\WINDOWS\Cluster\CluAdmin.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7692 / administrator][C:\WINDOWS\Cluster\CluAdmin.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7996 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe]&&[(Verified) Microsoft Corporation, 5.2.3790.0 (srv03_rtm.8)]
[PID: 4152 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
& & [C:\WINDOWS\system32\tssoft32.acm]&&[DSP GROUP, INC., 1.01]
& & [C:\WINDOWS\system32\tsd32.dll]&&[, ]
& & [C:\WINDOWS\system32\sl_anet.acm]&&[Sipro Lab Telecom Inc., 3.02]
& & [C:\WINDOWS\system32\l3codeca.acm]&&[Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305]
[PID: 4200 / administrator][C:\WINDOWS\system32\rdpclip.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7688 / administrator][C:\WINDOWS\Explorer.EXE]&&[(Verified) Microsoft Corporation, 6.00. (srv03_sp2_rtm.0)]
[PID: 2352 / administrator][C:\Program Files\HP\NCU\cpqteam.exe]&&[Hewlett-Packard Company, 9.70.0.15]
[PID: 1236 / administrator][C:\Program Files\Rising\Rav\RsTray.exe]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.22]
& & [C:\Program Files\Rising\Rav\ComServ.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.49]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\rslang.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28]
& & [C:\Program Files\Rising\Rav\comx3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.37]
& & [C:\Program Files\Rising\Rav\Syslay.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.6]
& & [C:\Program Files\Rising\Rav\rsxml.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
& & [C:\Program Files\Rising\Rav\ProcComm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\Program Files\Rising\Rav\MonState.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7]
& & [C:\Program Files\Rising\Rav\ScanEvnt.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.14]
& & [C:\Program Files\Rising\Rav\rsguilib.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75]
& & [C:\WINDOWS\system32\MFC71.DLL]&&[Microsoft Corporation, 7.10.3077.0]
& & [C:\Program Files\Rising\Rav\rsconf.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10]
& & [C:\Program Files\Rising\Rav\RSAPPMGR.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.1]
& & [C:\Program Files\Rising\Rav\CfgDll.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.21]
& & [C:\Program Files\Rising\Rav\rfwrule.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.25]
& & [C:\Program Files\Rising\Rav\rspalvd.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.26]
& & [C:\Program Files\Rising\Rav\rsnetsvr.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\ravbintl.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31]
& & [C:\Program Files\Rising\Rav\mruleui.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11]
& & [C:\Program Files\Rising\Rav\MonTray.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.1.4]
& & [C:\Program Files\Rising\Rav\PngDll.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4]
& & [C:\Program Files\Rising\Rav\RavITray.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23]
& & [C:\Program Files\Rising\Rav\ScanPrxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.17]
& & [C:\Program Files\Rising\Rav\rfwtray.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 12]
& & [C:\Program Files\Rising\Rav\rsmginfo.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\rfwlog.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14]
& & [C:\Program Files\Rising\Rav\logproxy.dll]&&[Beijing Rising Information Technology Co., Ltd., 21.0.0.7]
& & [C:\Program Files\Rising\Rav\rsxml3.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2]
[PID: 7712 / administrator][C:\Program Files\Rising\Rav\RavTray.exe]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 17]
& & [C:\Program Files\Rising\Rav\RavUILib.dll]&&[, 18, 0, 0, 1]
& & [C:\Program Files\Rising\Rav\RavTray936.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8]
& & [C:\Program Files\Rising\Rav\ProcComm.dll]&&[Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46]
& & [C:\WINDOWS\system32\MSVCP71.dll]&&[Microsoft Corporation, 7.10.3077.0]
[PID: 8108 / administrator][C:\Program Files\D-Tools\daemon.exe]&&[DAEMON'S HOME, 3.41.0.0]
& & [C:\WINDOWS\daemon.dll]&&[, 3.41.0.0]
& & [C:\Program Files\D-Tools\PFCTOC.DLL]&&[Padus(R), Inc., 1, 0, 0, 12]
& & [C:\Program Files\D-Tools\Plugins\Images\ccdmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\mdsmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\nrgmount.dll]&&[GENERIC, 1.01.0.0]
& & [C:\Program Files\D-Tools\Plugins\Images\pdimount.dll]&&[GENERIC, 1.01.0.0]
[PID: 6448 / administrator][C:\WINDOWS\system32\ctfmon.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9096 / administrator][C:\WINDOWS\system32\taskmgr.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10028 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7416 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6876 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12060 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6560 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8712 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10540 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10364 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12212 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12264 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7944 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12260 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10444 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8488 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11176 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10200 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11332 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7108 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12208 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10504 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10920 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4272 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5600 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9548 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 1708 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9788 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8352 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8536 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8464 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10976 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9792 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5340 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9604 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 1088 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 2112 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7464 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10756 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7252 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7760 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11184 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9316 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6388 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 888 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10392 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7460 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10940 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10616 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4504 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7592 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8004 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8200 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4596 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12088 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11968 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5496 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6084 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11480 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11792 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11324 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10156 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11104 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12200 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7604 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6712 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11656 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8240 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10660 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10692 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8264 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11448 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9496 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8212 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8152 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7740 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8868 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7892 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12148 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11196 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8260 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5348 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11156 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 1836 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11744 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8996 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 2892 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12252 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7700 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9016 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10732 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 8500 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10404 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4560 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 592 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10548 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11516 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 940 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11336 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12256 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10908 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 11848 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5492 / NETWORK SERVICE][c:\windows\system32\inetsrv\w3wp.exe]&&[(Verified) Microsoft Corporation, 6.0. (srv03_sp2_rtm.0)]
& & [C:\WebSphere\AppServer\bin\iisWASPlugin_http.dll]&&[N/A, ]
& & [C:\WebSphere\AppServer\bin\plugin_common.dll]&&[N/A, ]
[PID: 7156 / administrator][C:\WINDOWS\system32\conime.exe]&&[(Verified) Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4436 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4752 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6860 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9892 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9416 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10560 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10860 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7716 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7644 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5244 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7296 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5520 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5016 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 2788 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 9616 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6952 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7008 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10060 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 4548 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7720 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 6868 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 7160 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 5752 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 10464 / SYSTEM][C:\WINDOWS\System32\rundll32.exe]&&[Microsoft Corporation, 5.2. (srv03_sp2_rtm.0)]
[PID: 12048 / administrator][C:\WINDOWS\system32\wuauclt.exe]&&[(Verified) Microsoft Corporation, 7.4. (winmain_wtr_wsus3sp2(wmbla).4)]
[PID: 10204 / administrator][C:\WINDOWS\system32\wuauclt.exe]&&[(Verified) Microsoft Corporation, 7.4. (winmain_wtr_wsus3sp2(wmbla).4)]
[PID: 1036 / administrator][C:\WINDOWS\system32\wuauclt.exe]&&[(Verified) Microsoft Corporation, 7.4. (winmain_wtr_wsus3sp2(wmbla).4)]
[PID: 7344 / administrator][F:\工具\sreng2\SREngLdr.EXE]&&[Smallfrogs Studio, 2.8.2.1321]
[PID: 9588 / administrator][F:\工具\sreng2\SRE7dd36ec4.EXE]&&[Smallfrogs Studio, 2.8.2.1321]
& & [F:\工具\sreng2\Upload\3rdUpd.DLL]&&[Smallfrogs Studio, 2, 1, 0, 15]
==================================
.TXT&&OK. [%SystemRoot%\system32\NOTEPAD.EXE %1]
.EXE&&OK. [&%1& %*]
.COM&&OK. [&%1& %*]
.PIF&&OK. [&%1& %*]
.REG&&OK. [regedit.exe &%1&]
.BAT&&OK. [&%1& %*]
.SCR&&OK. [&%1& /S]
.CHM&&OK. [&C:\WINDOWS\hh.exe& %1]
.HLP&&OK. [%SystemRoot%\System32\winhlp32.exe %1]
.INI&&OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.INF&&OK. [%SystemRoot%\System32\NOTEPAD.EXE %1]
.VBS&&OK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.JS& &OK. [%SystemRoot%\System32\WScript.exe &%1& %*]
.LNK&&OK. [{0-}]
==================================
Winsock 提供者
==================================
Autorun.inf
==================================
HOSTS 文件
127.0.0.1& && & localhost
==================================
进程特权扫描
==================================
[已启用] At1001.job
& && &&&rundll32.exe
[已启用] At1000.job
& && &&&rundll32.exe
[已启用] At100.job
& && &&&rundll32.exe
[已启用] At10.job
& && &&&rundll32.exe
[已启用] At1.job
& && &&&rundll32.exe
[已启用] At1006.job
& && &&&rundll32.exe
[已启用] At1005.job
& && &&&rundll32.exe
[已启用] At1004.job
& && &&&rundll32.exe
[已启用] At1003.job
& && &&&rundll32.exe
[已启用] At1002.job
& && &&&rundll32.exe
[已启用] At1010.job
& && &&&rundll32.exe
[已启用] At999.job
& && &&&rundll32.exe
==================================
Windows 安全更新检查
==================================
==================================
==================================
你是conficker病毒
多谢天月来了 !
不重视补丁
liulangzhecgr
用超兔的软件天使打完补丁,360说还要叫我打补丁!补丁啊?!。。。要听谁的!
用超兔的软件天使打完补丁,360说还要叫我打补丁!补丁啊?!。。。要听谁的!
liulangzhecgr 发表于
windows update
Copyright & KaFan &KaFan.cn All Rights Reserved.
Powered by Discuz! X3.4( 苏ICP备号 ) GMT+8,}
我要回帖
更多关于 srv.sys蓝屏解决补丁 的文章
更多推荐
- ·世界十大未解之谜网站上有什么恐怖的网站?
- ·微信头像挂件制作方法怎么设置
- ·Qqqq怎样解绑手机号号能换绑几次?
- ·请问加盟那个克丽缇娜美容院加盟费多少钱好吗?
- ·名人朋友圈显示该用户不存在被封,要怎么才能解除呢?
- ·京东怎么京东购物网货到付款款?
- ·怎么向社会求助捐款,为什么在别的软件里点进ao3链接里明明
- ·我微信登不上怎么登两个微信办
- ·求 南禅番外婚宴下by唐酒卿 全文百度云 谢谢🙏
- ·谁有红花会diss幼稚园杀手Pentakill发给我
- ·求《满园春色好下联关不住》网配文网盘资源
- ·求台版新流星花园配音资源
- ·义务我想做生意却没有门路的人在网上找客户后下单自己生产或加工用什么软件(app)谈生意?
- ·暗恋一个人的心情说说女孩好久了,手机和她说话总是俩字俩字蹦,想和她出来玩咋都不出来,是不是看不上我,
- ·我输入的是错误手机输入验证码总是错误,为什么不会提示手机输入验证码总是错误错误呢?
- ·想问下qq动态上显示qq怎么取消ipone6在线和qq怎么取消ipone6在线plus会区别出来吗?有没有试过的,毕竟型号不一样。
- ·网站A站和B站的a和b数学写作是大写还是小写小写都可以吗?
- ·奔腾pFFN4005_DP奔腾电饭煲精煮只能精煮,其它的都不能煮为什么
- ·百姓通谱网挂羊头卖狗肉猜生肖,祸害了多少家庭你知道吗?真相搜索百姓通谱网诈骗就知道了。
- ·httpwwwhneaocn/ks/我电脑忘记登录密码怎么办了怎么办
- ·ql420824pagefile.sys30g是什么病毒
- ·淘宝卖家能添加成其它卖家的子账号-手机端详情页-怎么添加关注店铺的链接?
- ·扣扣空间的秘密的2人内购会不会被查出来是谁发的?
- ·关于QQQQ铠甲勇士表情包包自动联想
- ·如何帮他人在携程帮朋友加速有用吗软件上加速?
- ·苏州常熟传销有传销吗,网上认识一个女孩,她要我过去找她见面
- ·求tvb少年四大名捕高清tvb明星晚会国语完整版百度网盘
- ·我是mt4腾讯手游助手电脑版吃鸡鼠标进不去鼠标怎么设置
- ·小米8怎么样值得买吗MIX2,你知道买错了吗
- ·摩根兄弟自助餐声卡是哪款
- ·死侍有没有爪子要死侍2的资源?
- ·URI需要写服务器添加硬盘需要怎么配置的硬盘名吗?
- ·OPPO R9 plusm手机键盘上OPPO人15怎么隐藏键盘打日语
- ·叮嗒出行亲密账户怎么取消亲密用户?
