== Antiy Reporter [2008-06-25 07:45:26] == # OS: WindowsXP # WinDir: C:\WINDOWS # SysDir: C:\WINDOWS\system32 # IP: 192.168.0.80 # IP: 121.11.46.4 # Process to port mapper # PID Procotol Local Address Application Name [o] 4068 TCP 121.11.46.4:2396 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2431 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2480 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2408 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2491 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2432 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2412 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 1604 TCP 121.11.46.4:2487 D:\anquan\VnetComp\vnetsecsvc.exe [3C8B77A1] [o] 4068 TCP 121.11.46.4:2427 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2479 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2409 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2429 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2413 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2425 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2477 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2485 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2448 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2407 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2426 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2430 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 121.11.46.4:2428 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 0 TCP 121.11.46.4:2490 System [--------] [o] 0 TCP 121.11.46.4:2440 System [--------] [o] 0 TCP 121.11.46.4:2436 System [--------] [o] 0 TCP 121.11.46.4:2444 System [--------] [o] 0 TCP 121.11.46.4:2445 System [--------] [o] 0 TCP 121.11.46.4:2437 System [--------] [o] 0 TCP 121.11.46.4:2441 System [--------] [o] 0 TCP 121.11.46.4:2449 System [--------] [o] 0 TCP 121.11.46.4:2446 System [--------] [o] 0 TCP 121.11.46.4:2450 System [--------] [o] 0 TCP 121.11.46.4:2438 System [--------] [o] 1624 TCP 0.0.0.0:15789 C:\WINDOWS\system32\ZGRPlay.exe [EFDD97C9] [o] 4068 TCP 0.0.0.0:80 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 TCP 0.0.0.0:100 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 1012 TCP 0.0.0.0:6059 C:\PROGRAM FILES\RISING\RAV\Ravmond.exe [3423878F] [o] 4068 TCP 127.0.0.1:46897 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 UDP 0.0.0.0:3861 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 UDP 0.0.0.0:1597 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 UDP 127.0.0.1:1180 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 UDP 0.0.0.0:1004 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 UDP 0.0.0.0:15000 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 3628 UDP 127.0.0.1:3600 C:\Program Files\Tencent\TT\TTraveler.exe [0F6C6C3B] [o] 4068 UDP 0.0.0.0:1319 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 4068 UDP 0.0.0.0:4029 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 1624 UDP 127.0.0.1:1030 C:\WINDOWS\system32\ZGRPlay.exe [EFDD97C9] [o] 4068 UDP 0.0.0.0:1172 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [o] 436 UDP 127.0.0.1:1158 C:\WINDOWS\conime.exe [7DE7A8ED] [o] 1604 UDP 127.0.0.1:1065 D:\anquan\VnetComp\vnetsecsvc.exe [3C8B77A1] [o] 2808 UDP 127.0.0.1:3159 C:\WINDOWS\conime.exe [7DE7A8ED] # Register # Key Value # Processes # PID Application Name [p] 0 C:\WINDOWS\system32\System [--------] [p] 4 C:\WINDOWS\system32\System [--------] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\system32\services.exe [931a6be8] [m] 3D0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\system32\services.exe [067383fe] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\services.exe [eddbcc57] [m] 3F0000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\system32\services.exe [1d98fdad] [m] 690000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\system32\services.exe [ccd199af] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\system32\lsass.exe [931a6be8] [m] 3D0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\system32\lsass.exe [067383fe] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\lsass.exe [eddbcc57] [m] 3F0000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\system32\lsass.exe [1d98fdad] [m] 790000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\system32\lsass.exe [ccd199af] [m] 68100000 C:\WINDOWS\system32\dssenh.dll-->C:\WINDOWS\system32\lsass.exe [7af82174] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\system32\svchost.exe [931a6be8] [m] 3D0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\system32\svchost.exe [067383fe] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\svchost.exe [eddbcc57] [m] 3F0000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\system32\svchost.exe [1d98fdad] [m] 790000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\system32\svchost.exe [ccd199af] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\system32\svchost.exe [931a6be8] [m] 3D0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\system32\svchost.exe [067383fe] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\svchost.exe [eddbcc57] [m] 3F0000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\system32\svchost.exe [1d98fdad] [m] 790000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\system32\svchost.exe [ccd199af] [p] 350 C:\Program Files\Rising\Rav\CCenter.exe [5CC16C34] [m] 3D0000 C:\WINDOWS\system32\tisqatyu.dll-->C:\Program Files\Rising\Rav\CCenter.exe [067383fe] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\system32\svchost.exe [931a6be8] [m] 3D0000 C:\WINDOWS\System32\yzztkmsn.dll-->C:\WINDOWS\system32\svchost.exe [067383fe] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\svchost.exe [eddbcc57] [m] 3F0000 C:\WINDOWS\System32\arjreler.dll-->C:\WINDOWS\system32\svchost.exe [1d98fdad] [m] 790000 C:\WINDOWS\System32\tisqatyu.dll-->C:\WINDOWS\system32\svchost.exe [ccd199af] [m] 68BD0000 c:\windows\system32\hidserv.dll-->C:\WINDOWS\system32\svchost.exe [ca2a6fa0] [m] 57980000 C:\WINDOWS\System32\unimdm.tsp-->C:\WINDOWS\system32\svchost.exe [5214c09b] [m] 57A00000 C:\WINDOWS\System32\kmddsp.tsp-->C:\WINDOWS\system32\svchost.exe [d47defdd] [m] 579E0000 C:\WINDOWS\System32\ndptsp.tsp-->C:\WINDOWS\system32\svchost.exe [571f7df3] [m] 57A10000 C:\WINDOWS\System32\ipconf.tsp-->C:\WINDOWS\system32\svchost.exe [03f29337] [m] 57A30000 C:\WINDOWS\System32\h323.tsp-->C:\WINDOWS\system32\svchost.exe [31714ee7] [m] 57A20000 C:\WINDOWS\System32\hidphone.tsp-->C:\WINDOWS\system32\svchost.exe [006695cd] [m] 71EF0000 C:\WINDOWS\System32\ipxwan.dll-->C:\WINDOWS\system32\svchost.exe [1a1d1df3] [p] 3F4 C:\Program Files\Rising\Rav\RavMonD.exe [3423878F] [m] 10000000 C:\PROGRAM FILES\RISING\RAV\BWList.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [a4e5eca4] [m] 3D0000 C:\WINDOWS\system32\tisqatyu.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [067383fe] [m] 61BE0000 C:\WINDOWS\system32\MFC42LOC.DLL-->C:\Program Files\Rising\Rav\RavMonD.exe [a881661e] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [eddbcc57] [m] 850000 C:\PROGRAM FILES\RISING\RAV\RsCommX.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [2a4ab1c0] [m] 880000 C:\PROGRAM FILES\RISING\RAV\rfwctrl.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [3d9fab81] [m] 890000 C:\PROGRAM FILES\RISING\RAV\RsPPsys.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [ef0880ec] [m] 8C0000 C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.DLL-->C:\Program Files\Rising\Rav\RavMonD.exe [c43f851c] [m] 8EF0000 C:\PROGRAM FILES\RISING\RAV\CfgDll.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [4f754d10] [m] 23700000 C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL-->C:\Program Files\Rising\Rav\RavMonD.exe [a4d1525c] [m] 9190000 C:\PROGRAM FILES\RISING\RAV\RsLog.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [1ca7e9ce] [m] 91A0000 C:\PROGRAM FILES\RISING\RAV\HOOKSYS.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [22a96dcf] [m] 92D0000 C:\Program Files\Rising\Rav\Scanner.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [a12fb423] [m] 13100000 C:\Program Files\Rising\Rav\libload.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [ac09f6a2] [m] 9430000 C:\Program Files\Rising\Rav\VirusLib.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [74314d0e] [m] 9570000 C:\PROGRAM FILES\RISING\RAV\regmon.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [e46ef1fe] [m] 731B0000 C:\PROGRAM FILES\RISING\RAV\psapi.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [d530299f] [m] 97C0000 C:\PROGRAM FILES\RISING\RAV\HookWeb.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [4f2f4e3e] [m] 98E0000 C:\PROGRAM FILES\RISING\RAV\MemMon.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [26cdc340] [m] 9910000 C:\PROGRAM FILES\RISING\RAV\expscan.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [11483151] [m] 9930000 C:\PROGRAM FILES\RISING\RAV\mPorts.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [4b31d97f] [m] 9B40000 C:\PROGRAM FILES\RISING\RAV\HookCont.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [c4f05671] [m] 9B60000 C:\Program Files\Rising\Rav\SpamEng.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [287e62b1] [m] 9C00000 C:\Program Files\Rising\Rav\engine.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [c4133d34] [m] 20B00000 C:\WINDOWS\system32\imon.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [b12078c9] [m] A3A0000 C:\Program Files\Rising\Rav\PostTrt.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [9c175c43] [m] B010000 C:\Program Files\Rising\Rav\UnExe.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [f1bdb1d9] [m] 13AB0000 C:\Program Files\Rising\Rav\ScanExec.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [8fc03f1f] [m] A400000 C:\Program Files\Rising\Rav\ScanEx.dll-->C:\Program Files\Rising\Rav\RavMonD.exe [8af0d3f8] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\system32\spoolsv.exe [931a6be8] [m] 3D0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\system32\spoolsv.exe [067383fe] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\spoolsv.exe [eddbcc57] [m] 3F0000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\system32\spoolsv.exe [1d98fdad] [m] A10000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\system32\spoolsv.exe [ccd199af] [m] 72F70000 C:\WINDOWS\system32\winspool.drv-->C:\WINDOWS\system32\spoolsv.exe [2dc4266e] [m] C00000 C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll-->C:\WINDOWS\system32\spoolsv.exe [c57fcaf5] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\system32\svchost.exe [931a6be8] [m] 3D0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\system32\svchost.exe [067383fe] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\svchost.exe [eddbcc57] [m] 3F0000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\system32\svchost.exe [1d98fdad] [m] 790000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\system32\svchost.exe [ccd199af] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\system32\svchost.exe [931a6be8] [m] 3D0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\system32\svchost.exe [067383fe] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\svchost.exe [eddbcc57] [m] 3F0000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\system32\svchost.exe [1d98fdad] [m] 790000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\system32\svchost.exe [ccd199af] [m] 72F70000 c:\windows\system32\WINSPOOL.DRV-->C:\WINDOWS\system32\svchost.exe [2dc4266e] [p] 644 D:\anquan\VnetComp\vnetsecsvc.exe [3C8B77A1] [m] 3C0000 C:\WINDOWS\system32\tisqatyu.dll-->D:\anquan\VnetComp\vnetsecsvc.exe [ccd199af] [m] 10000000 C:\WINDOWS\system32\secplgmod.dll-->D:\anquan\VnetComp\vnetsecsvc.exe [a4e5eca4] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->D:\anquan\VnetComp\vnetsecsvc.exe [eddbcc57] [m] 20B00000 C:\WINDOWS\system32\imon.dll-->D:\anquan\VnetComp\vnetsecsvc.exe [b12078c9] [m] 1980000 D:\anquan\VnetComp\vnetshare.dll-->D:\anquan\VnetComp\vnetsecsvc.exe [d8247ec0] [p] 658 C:\WINDOWS\system32\ZGRPlay.exe [EFDD97C9] [m] 3C0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\system32\ZGRPlay.exe [ccd199af] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\ZGRPlay.exe [eddbcc57] [m] 3E0000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\system32\ZGRPlay.exe [1d98fdad] [m] B50000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\system32\ZGRPlay.exe [ccd199af] [m] 61BE0000 C:\WINDOWS\system32\MFC42LOC.DLL-->C:\WINDOWS\system32\ZGRPlay.exe [a881661e] [m] 20B00000 C:\WINDOWS\system32\imon.dll-->C:\WINDOWS\system32\ZGRPlay.exe [b12078c9] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\system32\alg.exe [931a6be8] [m] 3D0000 C:\WINDOWS\System32\tisqatyu.dll-->C:\WINDOWS\system32\alg.exe [067383fe] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\alg.exe [eddbcc57] [m] 20B00000 C:\WINDOWS\system32\imon.dll-->C:\WINDOWS\system32\alg.exe [b12078c9] [p] 1B4 C:\WINDOWS\conime.exe [7DE7A8ED] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\conime.exe [931a6be8] [m] A30000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\conime.exe [ccd199af] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\conime.exe [eddbcc57] [m] 10000000 C:\WINDOWS\system32\smwhapi.dll-->C:\WINDOWS\conime.exe [a4e5eca4] [m] 74BE0000 C:\WINDOWS\system32\OLEACC.DLL-->C:\WINDOWS\conime.exe [08899567] [m] 73640000 C:\WINDOWS\system32\msctfime.ime-->C:\WINDOWS\conime.exe [0561fb2d] [m] FC0000 C:\WINDOWS\system32\UNISPIM5.IME-->C:\WINDOWS\conime.exe [ef826fbb] [m] 11A0000 C:\WINDOWS\system32\s2da2f323.dll-->C:\WINDOWS\conime.exe [c2272999] [m] 12B0000 C:\WINDOWS\system32\zxmsdwin.dll-->C:\WINDOWS\conime.exe [e8e7e496] [m] 12C0000 C:\WINDOWS\system32\zptlcsys.dll-->C:\WINDOWS\conime.exe [f872f6a1] [m] 12D0000 C:\WINDOWS\system32\mpwdeapi.dll-->C:\WINDOWS\conime.exe [0b0ba606] [m] 12E0000 C:\WINDOWS\system32\mndhfdwd.dll-->C:\WINDOWS\conime.exe [e8b25ca8] [m] 12F0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\conime.exe [067383fe] [m] 1300000 C:\WINDOWS\system32\zywlcime.dll-->C:\WINDOWS\conime.exe [5872a6d1] [m] 1310000 C:\WINDOWS\system32\apsggjba.dll-->C:\WINDOWS\conime.exe [b5ba6fd3] [m] 1320000 C:\WINDOWS\system32\ypcqghlp.dll-->C:\WINDOWS\conime.exe [770bde72] [m] 1EA0000 C:\WINDOWS\system32\mndsgsrv.dll-->C:\WINDOWS\conime.exe [8ae4fff6] [m] 1330000 C:\WINDOWS\system32\zyzxjime.dll-->C:\WINDOWS\conime.exe [48f971d4] [m] 1340000 C:\WINDOWS\system32\oohxdbyt.dll-->C:\WINDOWS\conime.exe [ee804a49] [m] 1350000 C:\WINDOWS\system32\ptjhehlp.dll-->C:\WINDOWS\conime.exe [9f678d07] [m] 1360000 C:\WINDOWS\system32\apzhctde.dll-->C:\WINDOWS\conime.exe [5617a483] [m] 1370000 C:\WINDOWS\system32\zycbdime.dll-->C:\WINDOWS\conime.exe [a7f64a88] [m] 1380000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\conime.exe [1d98fdad] [m] 1390000 C:\WINDOWS\system32\ozfyebyt.dll-->C:\WINDOWS\conime.exe [2ca8e258] [m] 13A0000 C:\WINDOWS\system32\tysqakol.dll-->C:\WINDOWS\conime.exe [1bd35473] [m] 20B00000 C:\WINDOWS\system32\imon.dll-->C:\WINDOWS\conime.exe [b12078c9] [m] 3490000 C:\WINDOWS\system32\nmjlt.dll-->C:\WINDOWS\conime.exe [00000000] [m] 34E0000 C:\WINDOWS\system32\febdl.dll-->C:\WINDOWS\conime.exe [3a2ed038] [m] 3EC0000 C:\WINDOWS\system32\rqnpx.dll-->C:\WINDOWS\conime.exe [1cc8fa13] [m] 43F0000 C:\WINDOWS\system32\7991.dat-->C:\WINDOWS\conime.exe [813507fb] [m] 28B0000 C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys-->C:\WINDOWS\conime.exe [fe92839c] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\system32\conime.exe [931a6be8] [m] 3D0000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\system32\conime.exe [067383fe] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\conime.exe [eddbcc57] [m] A50000 C:\WINDOWS\system32\nmjlt.dll-->C:\WINDOWS\system32\conime.exe [00000000] [m] F00000 C:\WINDOWS\system32\febdl.dll-->C:\WINDOWS\system32\conime.exe [3a2ed038] [m] 1050000 C:\WINDOWS\system32\rqnpx.dll-->C:\WINDOWS\system32\conime.exe [1cc8fa13] [m] 10000000 C:\WINDOWS\system32\smwhapi.dll-->C:\WINDOWS\system32\conime.exe [a4e5eca4] [m] 74BE0000 C:\WINDOWS\system32\OLEACC.DLL-->C:\WINDOWS\system32\conime.exe [08899567] [m] 73640000 C:\WINDOWS\system32\msctfime.ime-->C:\WINDOWS\system32\conime.exe [0561fb2d] [m] 14A0000 C:\WINDOWS\system32\UNISPIM5.IME-->C:\WINDOWS\system32\conime.exe [ef826fbb] [m] 1CE0000 C:\WINDOWS\system32\7991.dat-->C:\WINDOWS\system32\conime.exe [813507fb] [m] 12F0000 C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys-->C:\WINDOWS\system32\conime.exe [067383fe] [m] 2130000 C:\WINDOWS\system32\11521.dat-->C:\WINDOWS\system32\conime.exe [813507fb] [p] FE4 C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1AD73CCA] [m] 7C340000 C:\Program Files\Thunder Network\WebThunder\MSVCR71.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [35563170] [m] 3C0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [ccd199af] [m] 3D0000 C:\WINDOWS\system32\arjreler.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [067383fe] [m] 3E0000 C:\WINDOWS\system32\tisqatyu.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1d98fdad] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [eddbcc57] [m] DE0000 C:\WINDOWS\system32\7991.dat-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [813507fb] [m] 13D0000 C:\WINDOWS\system32\febdl.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [3a2ed038] [m] 1780000 C:\WINDOWS\system32\rqnpx.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [1cc8fa13] [m] 1CA0000 C:\WINDOWS\system32\nmjlt.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [00000000] [m] 10000000 C:\WINDOWS\system32\smwhapi.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [a4e5eca4] [m] 74BE0000 C:\WINDOWS\system32\OLEACC.DLL-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [08899567] [m] 73640000 C:\WINDOWS\system32\msctfime.ime-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [0561fb2d] [m] 2360000 C:\WINDOWS\system32\UNISPIM5.IME-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [ef826fbb] [m] 228E0000 C:\Program Files\Thunder Network\WebThunder\TaskManager.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [3ffc266f] [m] 61BE0000 C:\WINDOWS\system32\MFC42LOC.DLL-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [a881661e] [m] 21310000 C:\Program Files\Thunder Network\WebThunder\download_interface.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [efed5a2b] [m] 22030000 C:\Program Files\Thunder Network\WebThunder\stlport_vc646.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [07c51473] [m] 21220000 C:\Program Files\Thunder Network\WebThunder\asyn_dns.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [37737476] [m] 20B00000 C:\WINDOWS\system32\imon.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [b12078c9] [m] 221E0000 C:\Program Files\Thunder Network\WebThunder\streammedialib.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [ea1e18fc] [m] 21150000 C:\Program Files\Thunder Network\WebThunder\al.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [c7130c52] [m] 22510000 C:\Program Files\Thunder Network\WebThunder\xldc.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [52de93f6] [m] 21270000 C:\Program Files\Thunder Network\WebThunder\bd.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [56c7b88a] [m] 34B0000 C:\Program Files\Thunder Network\WebThunder\RegisterDll.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [7293d40b] [m] 3520000 C:\Program Files\Thunder Network\WebThunder\CacheServer.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [3bf8210d] [m] 58A0000 C:\Program Files\Thunder Network\WebThunder\XLSafe\SafeInfo.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [7f2c894c] [m] 59D0000 C:\Program Files\Thunder Network\WebThunder\XLSafe\RMFScan.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [a9690e62] [m] 74620000 C:\WINDOWS\system32\msls31.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [dbc68235] [m] 22960000 C:\Program Files\Thunder Network\WebThunder\XLNet.Dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [3e94776c] [m] 30000000 C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [12335e29] [m] 72C90000 C:\WINDOWS\system32\wdmaud.drv-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [6bff287c] [m] 72C80000 C:\WINDOWS\system32\msacm32.drv-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [f21089be] [m] 8B40000 C:\Program Files\Thunder Network\WebThunder\DownAndPlay\WebDownAndPlay.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [8fd61ae1] [m] 8C80000 C:\Program Files\Thunder Network\WebThunder\XLStatistic\XLStatisticAddin.dll-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [c1f821f5] [m] 72F70000 C:\WINDOWS\system32\WINSPOOL.DRV-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [2dc4266e] [m] 21F0000 C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [fe92839c] [m] 46E0000 C:\WINDOWS\system32\11521.dat-->C:\Program Files\Thunder Network\WebThunder\WebThunder.exe [813507fb] [p] C2C C:\WINDOWS\system32\wpuplderk.exe [F634388A] [m] 3D0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\system32\wpuplderk.exe [067383fe] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\wpuplderk.exe [eddbcc57] [m] 3F0000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\system32\wpuplderk.exe [1d98fdad] [m] B00000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\system32\wpuplderk.exe [ccd199af] [p] AF8 C:\WINDOWS\conime.exe [7DE7A8ED] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\conime.exe [931a6be8] [m] A30000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\conime.exe [ccd199af] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\conime.exe [eddbcc57] [m] C00000 C:\WINDOWS\system32\nmjlt.dll-->C:\WINDOWS\conime.exe [c57fcaf5] [m] FC0000 C:\WINDOWS\system32\febdl.dll-->C:\WINDOWS\conime.exe [ef826fbb] [m] 17C0000 C:\WINDOWS\system32\rqnpx.dll-->C:\WINDOWS\conime.exe [1cc8fa13] [m] 1C80000 C:\WINDOWS\system32\7991.dat-->C:\WINDOWS\conime.exe [813507fb] [m] 10000000 C:\WINDOWS\system32\smwhapi.dll-->C:\WINDOWS\conime.exe [a4e5eca4] [m] 74BE0000 C:\WINDOWS\system32\OLEACC.DLL-->C:\WINDOWS\conime.exe [08899567] [m] 73640000 C:\WINDOWS\system32\msctfime.ime-->C:\WINDOWS\conime.exe [0561fb2d] [m] 2220000 C:\WINDOWS\system32\UNISPIM5.IME-->C:\WINDOWS\conime.exe [ef826fbb] [m] 1B80000 C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys-->C:\WINDOWS\conime.exe [fe92839c] [m] 20B00000 C:\WINDOWS\system32\imon.dll-->C:\WINDOWS\conime.exe [b12078c9] [m] 3380000 C:\WINDOWS\system32\s2da2f323.dll-->C:\WINDOWS\conime.exe [c2272999] [m] 3390000 C:\WINDOWS\system32\zxmsdwin.dll-->C:\WINDOWS\conime.exe [e8e7e496] [m] 33A0000 C:\WINDOWS\system32\zptlcsys.dll-->C:\WINDOWS\conime.exe [f872f6a1] [m] 33B0000 C:\WINDOWS\system32\mpwdeapi.dll-->C:\WINDOWS\conime.exe [0b0ba606] [m] 33C0000 C:\WINDOWS\system32\mndhfdwd.dll-->C:\WINDOWS\conime.exe [e8b25ca8] [m] 33D0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\conime.exe [067383fe] [m] 33E0000 C:\WINDOWS\system32\zywlcime.dll-->C:\WINDOWS\conime.exe [5872a6d1] [m] 3F00000 C:\WINDOWS\system32\apsggjba.dll-->C:\WINDOWS\conime.exe [b5ba6fd3] [m] 4010000 C:\WINDOWS\system32\ypcqghlp.dll-->C:\WINDOWS\conime.exe [770bde72] [m] 4120000 C:\WINDOWS\system32\mndsgsrv.dll-->C:\WINDOWS\conime.exe [8ae4fff6] [m] 4430000 C:\WINDOWS\system32\zyzxjime.dll-->C:\WINDOWS\conime.exe [48f971d4] [m] 4540000 C:\WINDOWS\system32\oohxdbyt.dll-->C:\WINDOWS\conime.exe [ee804a49] [m] 4650000 C:\WINDOWS\system32\ptjhehlp.dll-->C:\WINDOWS\conime.exe [9f678d07] [m] 4760000 C:\WINDOWS\system32\apzhctde.dll-->C:\WINDOWS\conime.exe [5617a483] [m] 4770000 C:\WINDOWS\system32\zycbdime.dll-->C:\WINDOWS\conime.exe [a7f64a88] [m] 4880000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\conime.exe [1d98fdad] [m] 4990000 C:\WINDOWS\system32\ozfyebyt.dll-->C:\WINDOWS\conime.exe [2ca8e258] [m] 4AA0000 C:\WINDOWS\system32\tysqakol.dll-->C:\WINDOWS\conime.exe [1bd35473] [m] 4AC0000 C:\WINDOWS\system32\11521.dat-->C:\WINDOWS\conime.exe [813507fb] [p] CB8 C:\WINDOWS\system32\Explorer.EXE [B6163E9F] [m] 58FB0000 C:\WINDOWS\AppPatch\AcGenral.DLL-->C:\WINDOWS\system32\Explorer.EXE [931a6be8] [m] 400000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\system32\Explorer.EXE [067383fe] [m] 3E0000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\system32\Explorer.EXE [1d98fdad] [m] 3F0000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\system32\Explorer.EXE [1d98fdad] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\Explorer.EXE [eddbcc57] [m] C60000 C:\WINDOWS\system32\7991.dat-->C:\WINDOWS\system32\Explorer.EXE [813507fb] [m] DC0000 C:\WINDOWS\system32\nmjlt.dll-->C:\WINDOWS\system32\Explorer.EXE [00000000] [m] 10000000 C:\WINDOWS\system32\smwhapi.dll-->C:\WINDOWS\system32\Explorer.EXE [a4e5eca4] [m] 74BE0000 C:\WINDOWS\system32\OLEACC.DLL-->C:\WINDOWS\system32\Explorer.EXE [08899567] [m] 73640000 C:\WINDOWS\system32\msctfime.ime-->C:\WINDOWS\system32\Explorer.EXE [0561fb2d] [m] 1900000 C:\WINDOWS\system32\UNISPIM5.IME-->C:\WINDOWS\system32\Explorer.EXE [ef826fbb] [m] 30D0000 C:\WINDOWS\system32\zywlcime.dll-->C:\WINDOWS\system32\Explorer.EXE [5872a6d1] [m] 30E0000 C:\WINDOWS\system32\apzhctde.dll-->C:\WINDOWS\system32\Explorer.EXE [5617a483] [m] 32C0000 C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys-->C:\WINDOWS\system32\Explorer.EXE [fe92839c] [m] 3230000 C:\WINDOWS\system32\zycbdime.dll-->C:\WINDOWS\system32\Explorer.EXE [a7f64a88] [m] 3460000 C:\WINDOWS\system32\tysqakol.dll-->C:\WINDOWS\system32\Explorer.EXE [1bd35473] [m] 34B0000 C:\WINDOWS\system32\zptlcsys.dll-->C:\WINDOWS\system32\Explorer.EXE [7293d40b] [m] 3500000 C:\WINDOWS\system32\ptjhehlp.dll-->C:\WINDOWS\system32\Explorer.EXE [9f678d07] [m] 3550000 C:\WINDOWS\system32\mpwdeapi.dll-->C:\WINDOWS\system32\Explorer.EXE [0b0ba606] [m] 35A0000 C:\WINDOWS\system32\ozfyebyt.dll-->C:\WINDOWS\system32\Explorer.EXE [2ca8e258] [m] 35F0000 C:\WINDOWS\system32\oohxdbyt.dll-->C:\WINDOWS\system32\Explorer.EXE [ee804a49] [m] 3640000 C:\WINDOWS\system32\mndhfdwd.dll-->C:\WINDOWS\system32\Explorer.EXE [e8b25ca8] [m] 3690000 C:\WINDOWS\system32\mndsgsrv.dll-->C:\WINDOWS\system32\Explorer.EXE [8ae4fff6] [m] 38E0000 C:\WINDOWS\system32\zxmsdwin.dll-->C:\WINDOWS\system32\Explorer.EXE [e8e7e496] [m] 3930000 C:\WINDOWS\system32\apsggjba.dll-->C:\WINDOWS\system32\Explorer.EXE [b5ba6fd3] [m] 3980000 C:\WINDOWS\system32\ypcqghlp.dll-->C:\WINDOWS\system32\Explorer.EXE [770bde72] [m] 39D0000 C:\WINDOWS\system32\s2da2f323.dll-->C:\WINDOWS\system32\Explorer.EXE [c2272999] [m] 3A20000 C:\WINDOWS\system32\zyzxjime.dll-->C:\WINDOWS\system32\Explorer.EXE [48f971d4] [m] 72C90000 C:\WINDOWS\system32\wdmaud.drv-->C:\WINDOWS\system32\Explorer.EXE [6bff287c] [m] 72C80000 C:\WINDOWS\system32\msacm32.drv-->C:\WINDOWS\system32\Explorer.EXE [f21089be] [m] 2700000 C:\WINDOWS\system32\11521.dat-->C:\WINDOWS\system32\Explorer.EXE [813507fb] [m] 20B00000 C:\WINDOWS\system32\imon.dll-->C:\WINDOWS\system32\Explorer.EXE [b12078c9] [m] 72F70000 C:\WINDOWS\system32\WINSPOOL.DRV-->C:\WINDOWS\system32\Explorer.EXE [2dc4266e] [m] 23700000 C:\Program Files\Rising\Rav\RSCOMMON.DLL-->C:\WINDOWS\system32\Explorer.EXE [a4d1525c] [m] 4AE90000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll-->C:\WINDOWS\system32\Explorer.EXE [f12c4dd0] [m] 2800000 C:\WINDOWS\system32\igfxpph.dll-->C:\WINDOWS\system32\Explorer.EXE [b41cef43] [m] 1DE0000 C:\WINDOWS\system32\hccutils.DLL-->C:\WINDOWS\system32\Explorer.EXE [0ea8377f] [m] 2A60000 C:\WINDOWS\system32\igfxres.dll-->C:\WINDOWS\system32\Explorer.EXE [2480198f] [m] 2A90000 C:\WINDOWS\system32\igfxsrvc.dll-->C:\WINDOWS\system32\Explorer.EXE [c23269f0] [m] 2AE0000 C:\WINDOWS\system32\igfxdev.dll-->C:\WINDOWS\system32\Explorer.EXE [47513dd5] [m] 2B90000 C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll-->C:\WINDOWS\system32\Explorer.EXE [0904c671] [m] 2C80000 E:\新建文件夹\44\360safe\safemon\safemon.dll-->C:\WINDOWS\system32\Explorer.EXE [d776d2c9] [m] 60DF0000 D:\QQ\qdshm.dll-->C:\WINDOWS\system32\Explorer.EXE [028d6f5a] [m] 60A70000 D:\QQ\MFC42.DLL-->C:\WINDOWS\system32\Explorer.EXE [67ea5d3f] [m] 61BE0000 C:\WINDOWS\system32\MFC42LOC.DLL-->C:\WINDOWS\system32\Explorer.EXE [a881661e] [m] 3ED0000 C:\Program Files\WinRAR\rarext.dll-->C:\WINDOWS\system32\Explorer.EXE [ab8b0d03] [m] 3EA0000 C:\WINDOWS\system32\RavExt.dll-->C:\WINDOWS\system32\Explorer.EXE [f8ab53d7] [m] 4120000 D:\新建文件夹 (2)\PowerISO\PWRISOSH.DLL-->C:\WINDOWS\system32\Explorer.EXE [8ae4fff6] [p] DFC C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [461766CD] [m] 77180000 C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll-->C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [eddbcc57] [m] 3D0000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [067383fe] [m] B40000 C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys-->C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [fe92839c] [m] C60000 C:\WINDOWS\system32\nmjlt.dll-->C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [813507fb] [m] 10B0000 C:\WINDOWS\system32\febdl.dll-->C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [3a2ed038] [m] 1460000 C:\WINDOWS\system32\rqnpx.dll-->C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [1cc8fa13] [m] 1990000 C:\WINDOWS\system32\7991.dat-->C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [813507fb] [m] 10000000 C:\WINDOWS\system32\smwhapi.dll-->C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [a4e5eca4] [m] 74BE0000 C:\WINDOWS\system32\OLEACC.DLL-->C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [08899567] [m] 73640000 C:\WINDOWS\system32\msctfime.ime-->C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [0561fb2d] [m] 2740000 C:\WINDOWS\system32\UNISPIM5.IME-->C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [ef826fbb] [m] 3100000 C:\DOCUME~1\Tong\LOCALS~1\Temp\nsoA3.tmp\nsExec.dll-->C:\WINDOWS\Downloaded Program Files\CONFLICT.1\FP_AX_CAB_INSTALLER.exe [3d9a4083] [p] EEC C:\Documents and Settings\Tong\Local Settings\Temp\nsoA3.tmp\nsA4.tmp [9987F5AE] [m] 8B0000 C:\WINDOWS\system32\tisqatyu.dll-->C:\Documents and Settings\Tong\Local Settings\Temp\nsoA3.tmp\nsA4.tmp [ccd199af] [p] 544 C:\WINDOWS\system32\HBmhly.exe [A46F8449] [m] 3D0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\WINDOWS\system32\HBmhly.exe [067383fe] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\WINDOWS\system32\HBmhly.exe [eddbcc57] [m] 3F0000 C:\WINDOWS\system32\arjreler.dll-->C:\WINDOWS\system32\HBmhly.exe [1d98fdad] [m] C10000 C:\WINDOWS\system32\tisqatyu.dll-->C:\WINDOWS\system32\HBmhly.exe [ccd199af] [p] E2C C:\Program Files\Tencent\TT\TTraveler.exe [0F6C6C3B] [m] 77180000 C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [eddbcc57] [m] 3E0000 C:\WINDOWS\system32\tisqatyu.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [1d98fdad] [m] 61BE0000 C:\WINDOWS\system32\MFC42LOC.DLL-->C:\Program Files\Tencent\TT\TTraveler.exe [a881661e] [m] E00000 C:\WINDOWS\system32\nmjlt.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [00000000] [m] 1370000 C:\WINDOWS\system32\febdl.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [a7f64a88] [m] 1720000 C:\WINDOWS\system32\rqnpx.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [1cc8fa13] [m] 1C40000 C:\WINDOWS\system32\7991.dat-->C:\Program Files\Tencent\TT\TTraveler.exe [813507fb] [m] 2190000 C:\WINDOWS\system32\11521.dat-->C:\Program Files\Tencent\TT\TTraveler.exe [813507fb] [m] 26E0000 C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys-->C:\Program Files\Tencent\TT\TTraveler.exe [fe92839c] [m] 10000000 C:\WINDOWS\system32\smwhapi.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [a4e5eca4] [m] 74BE0000 C:\WINDOWS\system32\OLEACC.DLL-->C:\Program Files\Tencent\TT\TTraveler.exe [08899567] [m] 73640000 C:\WINDOWS\system32\msctfime.ime-->C:\Program Files\Tencent\TT\TTraveler.exe [0561fb2d] [m] 2E00000 C:\WINDOWS\system32\UNISPIM5.IME-->C:\Program Files\Tencent\TT\TTraveler.exe [ef826fbb] [m] 4630000 C:\Program Files\Tencent\TT\Plugins\QQFloatBar\QQFloatBar4TT2.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [757eb60c] [m] 4660000 C:\Program Files\Tencent\TT\Plugins\TWeather\TWeather.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [adc8f3e7] [m] 20B00000 C:\WINDOWS\system32\imon.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [b12078c9] [m] 5330000 C:\Program Files\Tencent\TT\TTNetFavor.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [c119e5a5] [m] 72F70000 C:\WINDOWS\system32\WINSPOOL.DRV-->C:\Program Files\Tencent\TT\TTraveler.exe [2dc4266e] [m] 74620000 C:\WINDOWS\system32\msls31.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [dbc68235] [m] 72C90000 C:\WINDOWS\system32\wdmaud.drv-->C:\Program Files\Tencent\TT\TTraveler.exe [6bff287c] [m] 72C80000 C:\WINDOWS\system32\msacm32.drv-->C:\Program Files\Tencent\TT\TTraveler.exe [f21089be] [m] 89F0000 C:\WINDOWS\system32\GOOGLEPINYIN.IME-->C:\Program Files\Tencent\TT\TTraveler.exe [f4cacc20] [m] 74C90000 C:\WINDOWS\system32\oledlg.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [a6c7a28d] [m] 60180000 C:\WINDOWS\system32\msratelc.dll-->C:\Program Files\Tencent\TT\TTraveler.exe [f9860ec9] [m] 3E0000 C:\WINDOWS\system32\yzztkmsn.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [1d98fdad] [m] 3F0000 C:\WINDOWS\system32\arjreler.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [1d98fdad] [m] B00000 C:\WINDOWS\system32\tisqatyu.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [ccd199af] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [eddbcc57] [m] D60000 C:\WINDOWS\system32\nmjlt.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [00000000] [m] 11C0000 C:\WINDOWS\system32\febdl.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [3a2ed038] [m] 1570000 C:\WINDOWS\system32\rqnpx.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [1cc8fa13] [m] 1AA0000 C:\WINDOWS\system32\7991.dat-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [813507fb] [m] 1FF0000 C:\WINDOWS\system32\11521.dat-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [813507fb] [m] 2540000 C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [fe92839c] [m] 10000000 C:\WINDOWS\system32\smwhapi.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [a4e5eca4] [m] 74BE0000 C:\WINDOWS\system32\OLEACC.DLL-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [08899567] [m] 73640000 C:\WINDOWS\system32\msctfime.ime-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [0561fb2d] [m] 27B0000 C:\WINDOWS\system32\UNISPIM5.IME-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [ef826fbb] [m] 3A70000 C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [0904c671] [m] 636F0000 C:\Program Files\Real\RealOne Player\rpbrowserrecordplugin.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [51f09c16] [m] 4AE90000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.2180_x-ww_522f9f82\gdiplus.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [f12c4dd0] [m] 7C3A0000 C:\WINDOWS\system32\MSVCP71.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [5a3b11d4] [m] 7C340000 C:\WINDOWS\system32\MSVCR71.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [35563170] [m] 61540000 C:\Program Files\Real\RealOne Player\lang\rpbrp_cn.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [fb73abd4] [m] 3B00000 C:\WINDOWS\system32\zywlcime.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [5872a6d1] [m] 3C20000 C:\Program Files\BitComet\tools\BitCometBHO_1.2.2.28.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [72b5568d] [m] 3CE0000 C:\WINDOWS\system32\apzhctde.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [5617a483] [m] 3DF0000 C:\WINDOWS\system32\zycbdime.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [a7f64a88] [m] 3F00000 C:\WINDOWS\system32\tysqakol.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [b5ba6fd3] [m] 4010000 C:\WINDOWS\system32\zptlcsys.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [770bde72] [m] 4120000 C:\WINDOWS\system32\ptjhehlp.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [8ae4fff6] [m] 4230000 C:\WINDOWS\system32\mpwdeapi.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [0b0ba606] [m] 4340000 C:\WINDOWS\system32\ozfyebyt.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [2ca8e258] [m] 4450000 C:\WINDOWS\system32\oohxdbyt.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [ee804a49] [m] 4560000 C:\WINDOWS\flash9.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [cc1deeb6] [m] 20B00000 C:\WINDOWS\system32\imon.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [b12078c9] [m] 48D0000 C:\WINDOWS\system32\mndhfdwd.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [e8b25ca8] [m] 49E0000 C:\WINDOWS\system32\mndsgsrv.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [8ae4fff6] [m] 4CF0000 C:\WINDOWS\system32\zxmsdwin.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [e8e7e496] [m] 4E00000 C:\WINDOWS\system32\apsggjba.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [b5ba6fd3] [m] 4F10000 C:\WINDOWS\system32\ypcqghlp.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [770bde72] [m] 5020000 C:\WINDOWS\system32\s2da2f323.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [c2272999] [m] 5130000 C:\WINDOWS\system32\zyzxjime.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [48f971d4] [m] 5240000 E:\新建文件夹\44\360safe\safemon\safemon.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [d776d2c9] [m] 74620000 C:\WINDOWS\system32\msls31.dll-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [dbc68235] [m] 72C90000 C:\WINDOWS\system32\wdmaud.drv-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [6bff287c] [m] 72C80000 C:\WINDOWS\system32\msacm32.drv-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [f21089be] [m] 30000000 C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx-->C:\Program Files\Internet Explorer\IEXPLORE.EXE [12335e29] [p] A7C E:\xiaoxin\AReporter.exe [710EA578] [m] 3D0000 C:\WINDOWS\system32\tisqatyu.dll-->E:\xiaoxin\AReporter.exe [067383fe] [m] 61BE0000 C:\WINDOWS\system32\MFC42LOC.DLL-->E:\xiaoxin\AReporter.exe [a881661e] [m] 77180000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll-->E:\xiaoxin\AReporter.exe [eddbcc57] [m] B10000 C:\WINDOWS\system32\11521.dat-->E:\xiaoxin\AReporter.exe [813507fb] [m] FC0000 C:\WINDOWS\system32\febdl.dll-->E:\xiaoxin\AReporter.exe [ef826fbb] [m] 1370000 C:\WINDOWS\system32\rqnpx.dll-->E:\xiaoxin\AReporter.exe [a7f64a88] [m] 1870000 C:\WINDOWS\system32\7991.dat-->E:\xiaoxin\AReporter.exe [813507fb] [m] 1DC0000 C:\WINDOWS\system32\nmjlt.dll-->E:\xiaoxin\AReporter.exe [00000000] [m] B90000 C:\Program Files\Internet Explorer\PLUGINS\Windows64.Sys-->E:\xiaoxin\AReporter.exe [fe92839c] [m] 10000000 C:\WINDOWS\system32\smwhapi.dll-->E:\xiaoxin\AReporter.exe [a4e5eca4] [m] 74BE0000 C:\WINDOWS\system32\OLEACC.DLL-->E:\xiaoxin\AReporter.exe [08899567] [m] 73640000 C:\WINDOWS\system32\msctfime.ime-->E:\xiaoxin\AReporter.exe [0561fb2d] [m] 24C0000 C:\WINDOWS\system32\UNISPIM5.IME-->E:\xiaoxin\AReporter.exe [ef826fbb] # Service List # State Type StartMode ServiceName FileName [s] Running WinApp Automatic RsCCenter C:\Program Files\Rising\Rav\CCenter.exe [5CC16C34] [s] Running WinApp Automatic RsRavMon C:\Program Files\Rising\Rav\RavMonD.exe [3423878F] [s] Stoped WinApp Manual RSVP C:\WINDOWS\system32\rsvp.exe [5ADE719D] [s] Stoped Other Automatic SentinelProtectionServer C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [E79E9B0F] [s] Running WinApp Automatic VnetSecurityService D:\anquan\VnetComp\vnetsecsvc.exe [3C8B77A1] [s] Stoped WinApp Manual WMConnectCDS C:\Program Files\Windows Media Connect 2\wmccds.exe [A86969C5]