iexplore.exe(进程ID：6444) 命令行:"c:\program files\internet explorer\iexplore.exe" C:\Users\admin\AppData\Local\Temp\wenhua.php.html
  iexplore.exe(进程ID：6936) 命令行:"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:6444 CREDAT:17410 /prefetch:2
svchost.exe(进程ID：6220) 命令行:C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s wscsvc