[CODE] 2010-07-29,13:57:56 SysLog Scanner 3.1 - build 20100608 Arswp (http://www.arswp.com) Windows Vista Home Basic Edition, 32-bit Service Pack 1 (build 6001) ================================================================ 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Lenovo Group Limited, 1.00] [(Verified)Synaptics, Inc., 11.1.2 10Apr08] <> <> [] [(Verified)Lenovo., 1.61.0.1] [(Verified)Lenovo Group Limited, 1.04] [(Verified)Lenovo Group Ltd., 2, 3, 2, 0] [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205) | (Verified)NVIDIA Corporation, 7.15.11.7930] [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205) | (Verified)NVIDIA Corporation, 7.15.11.7930] [Lenovo Group Limited, 4,21,10,0] <"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe"> [(Verified)Sonic Solutions, 10.1.1.98] <"C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe"> [(Verified)Roxio, 9.0.5.27] [(Verified)LENOVO, 3, 0, 0, 0] [(Verified)Lenovo Group Limited, 3, 0, 0, 0] [(Verified)Lenovo Group Limited, 3, 0, 0, 0] [Copyright © 2007, 1.0.0.0] [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205) | (Verified)Lenovo Group Limited, 1, 0, 0, 0] [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205) | (Verified)N/A] <"C:\Program Files\Lenovo\Mobile Broadband Connect\UserShortcutCreator.exe"> [Copyright © 2008, 1.0.0.0] <"C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent> [(Verified)Lenovo Group Limited, 8.20.0015.00] <"C:\Program Files\Common Files\Java\Java Update\jusched.exe"> [(Verified)Sun Microsystems, Inc., 2.0.2.1] <"C:\software\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.11] <"C:\software\Rising\RFW\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.11] <"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"> [(Verified)Adobe Systems Incorporated, 8.2.3.231] <"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"> [(Verified)Adobe Systems Incorporated, 1.4.5.0] <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxetray.exe" -autorun> [(Verified)Kingsoft Corporation, 2010,07,13,14] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd] [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt] <&Windows Live Search> [] <上传到淘江湖相册> [N/A] <使用迷你迅雷下载> [N/A] <导出到 Microsoft Excel(&X)> [] <添加为阿里旺旺表情> [N/A] ================================================================ 启动组 [QQ游戏启动加速程序] <"C:\game\腾讯游戏\QQGAME\Accel.exe"> [(Verified)深圳市腾讯计算机系统有限公司, 2, 0, 103, 5] ================================================================ 任务计划 ================================================================ 组件 -------------------------------- Shell Extension [Color Control Panel Applet] <{b2c761c6-29bc-4f19-9251-e6195265baf1}> <> [] [Synaptics Control Panel] <{2F603045-309F-11CF-9774-0020AFD0CFF6}> [(Verified)Synaptics, Inc., 11.1.2 10Apr08] [NvCpl DesktopContext Class] <{A70C977A-BF00-412C-90B7-034C51DA2439}> [(Verified)NVIDIA Corporation, 7.15.11.7930] [Roxio DragToDisc Shell Extension] <{5E44E225-A408-11CF-B581-008029601108}> [(Verified)Roxio, 9.0.5.27] [WinRAR shell extension] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [RISING] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [DllRegShlExt extension] <{8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C}> [www.Tudou.com, 1.1.0.0] -------------------------------- Context Menu [DLLRegSvr] <{8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C}> [www.Tudou.com, 1.1.0.0] [duba_32bit] <{D21D88E8-4123-48BA-B0B1-3FDBE4AE5FA4}> [(Verified)Kingsoft Corporation, 2010,05,29,742] [OpenFolder] <{0DE1378D-F811-40E6-B60A-1CC56F57D3E9}> [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1] [RisingRavExt] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [RXDCExtSvr] <{70D0238E-E029-4a94-B68D-182018B6C4FF}> [(Verified)Sonic Solutions, 10.1.1.94] [WinRAR] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [NvCplDesktopContext] <{A70C977A-BF00-412C-90B7-034C51DA2439}> [(Verified)NVIDIA Corporation, 7.15.11.7930] -------------------------------- Copy Hook [Roxio DragToDisc Shell Extension] <{5E44E225-A408-11CF-B581-008029601108}> [(Verified)Roxio, 9.0.5.27] -------------------------------- BrowserHelperObject [Adobe PDF Reader Link Helper] <{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}> [(Verified)Adobe Systems Incorporated, 8.2.3.231] [QvodExtend] <{53AC8551-0DE0-4606-8A1E-A51AF20ADD60}> [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] [IePasswordManagerHelper Class] <{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}> [(Verified)Lenovo Group Limited, 3.00.0106.00] [ToolbarBrowserHelper Class] <{D2F8A635-8B0F-47BF-915E-6F456767A300}> [(Verified)深圳市迅雷网络技术有限公司, 3,1,1,58] [Java(tm) Plug-In 2 SSV Helper] <{DBC80044-A445-435b-BC74-9C25C1C588A9}> [(Verified)Sun Microsystems, Inc., 6.0.200.2] -------------------------------- ActiveX Extension [Album Uploader] <{0076209A-9553-40DC-A8F9-C2AD835B8C93}> <> [] [Adobe PDF Reader Link Helper] <{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}> [(Verified)Adobe Systems Incorporated, 8.2.3.231] [Player Class] <{11F2A418-94B2-4e16-9B0C-B00C0435F903}> [(Verified)Tencent, 8.21.5165.0] [WWPicUploadCtrl Class] <{1D63232D-4F15-4A42-890D-EE617AA1537D}> [(Verified)Alibaba software (Shanghai) Corporation, 1.0.0.1] [InstallHelper Class] <{1DABF8D5-8430-4985-9B7F-A30E53D709B3}> [(Verified)Tencent, 8.21.5165.0] [iTrusPTA Class] <{1E0DFFCF-27FF-4574-849B-55007349FEDA}> [(Verified)Copyright 2001, 2, 5, 1, 509] [DownloadManagerUI Class] <{337F7561-7A70-44E4-BF60-BBC84412C2C2}> [(Verified)深圳市迅雷网络技术有限公司, 3,1,1,58] [EditCtrl Class] <{488A4255-3236-44B3-8F27-FA1AECAA8844}> [(Verified)Copyright 2008, 2, 4, 0, 1] [QvodExtend] <{53AC8551-0DE0-4606-8A1E-A51AF20ADD60}> [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] [isInstalled Class] <{5852F5ED-8BF4-11D4-A245-0080C6F74284}> [(Verified)Sun Microsystems, Inc., 6.0.200.2] [WangWangX Class] <{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B}> [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1] [QQLiveFile Class] <{6B232760-90F1-41c3-9902-C8552C1D8A72}> [(Verified)Tencent, 8.21.5165.0] [XML HTTP 4.0] <{88D969C5-F192-11D4-A65F-0040963251E5}> [Microsoft Corporation, 4.20.9818.0] [SSOForPTLogin Class] <{8FC1EE75-72B3-4A23-B987-2B1C4C8A611B}> [(Verified)(c) Tencent Co. Ltd. All rights reserved., 1, 0, 1, 4] [CCTVUpdateInstall] <{AC414988-E5BB-4C2C-873B-EA53D2F3D23A}> [(Verified)CCTV International Networks Co.,Ltd, 1, 0, 0, 9] [FTNUpload Class] <{BDEACC50-F56D-4D60-860F-CF6ED1766D65}> [(Verified)Tencent, 1, 0, 0, 11] [IePasswordManagerHelper Class] <{BF468356-BB7E-42D7-9F15-4F3B9BCFCED2}> [(Verified)Lenovo Group Limited, 3.00.0106.00] [KooPlayer Control] <{C728DAB8-FDF5-4CD7-89DD-879D25794C77}> [(Verified)CCTV.COM, 1, 0, 0, 112] [Adobe PDF Reader] <{CA8A9780-280D-11CF-A24D-444553540000}> [(Verified)Adobe Systems, Inc., 8.2.3.231] [QQPlayerCtrl Class] <{CD108273-D434-43E6-AA90-1469F97EB398}> [(Verified)Tencent, 3, 2, 165, 710] [Shockwave Flash Object] <{D27CDB6E-AE6D-11CF-96B8-444553540000}> [(Verified)Adobe Systems, Inc., 10,1,53,64] [QQLive Class] <{D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62}> [(Verified)Tencent, 8.21.5165.0] [Java(tm) Plug-In 2 SSV Helper] <{DBC80044-A445-435B-BC74-9C25C1C588A9}> [(Verified)Sun Microsystems, Inc., 6.0.200.2] [TimwpDll.TimwpCheck] <{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4}> [(Verified)Tencent, 1, 45, 1530, 0] [PPLive Lite Class] <{EF0D1A14-1033-41A2-A589-240C01EDC078}> [] [QvodCtrl Class] <{F3D0D36F-23F8-4682-A195-74C92B03D4AF}> [] [webmod Class] <{FEE3C8C5-9BEA-4079-AB36-63ECABFC7392}> [(Verified)Alipay.com Co.,Ltd, 1, 0, 0, 4] ================================================================ 服务 [ASLDR Service / ASLDRService][Running/Auto Start] [Copyright (C) 2006, 1.0.3.0] [ATKGFNEX Service / ATKGFNEXSrv][Running/Auto Start] [Copyright (C) 2007, 1, 0, 0, 0] [InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"> [Macrovision Corporation, 10.50.125] [Service of LFKA / LFKAS][Running/Auto Start] [Copyright (C) 2008, 1, 0, 0, 1] [SessionLauncher / SessionLauncher][Stopped/Auto Start] [] [System Update / SUService][Running/Auto Start] <"c:\Program Files\Lenovo\System Update\SUService.exe"> [Lenovo Group Limited, 3.0.23.0] [On Screen Display / TPHKSVC][Running/Auto Start] [Lenovo Group Limited, 1.03] [TVT Backup Protection Service / TVT Backup Protection Service][Running/Auto Start] <"C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe"> [(C) Copyright Lenovo 2005, 2007. All rights reserved. , 4,21,11,0] [TVT Backup Service / TVT Backup Service][Running/Auto Start] <"C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe"> [Lenovo Group Limited, 4,21,11,0] [TVT Scheduler / TVT Scheduler][Running/Auto Start] <"c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe"> [Lenovo Group Limited, 4,21,10,0] [TVT Windows Update Monitor / TVT_UpdateMonitor][Stopped/Auto Start] [Lenovo Group Limited, 4, 21, 109, 0] [@%SystemRoot%\System32\wercplsupport.dll,-101 / wercplsupport][Stopped/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\Users\GST\Application Data\ACD Systems\ACDSee\Imagerx.ddf"> [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [XYNTService / XYNTService][Running/Auto Start] [N/A] [Ac Profile Manager Service / AcPrfMgrSvc][Running/Auto Start] [(Verified)Lenovo, 5.20] [Access Connections Main Service / AcSvc][Running/Auto Start] [(Verified)Lenovo, 5.20] [ThinkPad PM Service for SL Series / IBMPMSVC][Running/Auto Start] <%SystemRoot%\system32\ibmpmsvc.exe> [(Verified)Lenovo, 1.44] [IviRegMgr / IviRegMgr][Running/Auto Start] [(Verified)InterVideo, 1, 0, 4, 0] [Kingsoft Antivirus WebShield Service / Kingsoft Antivirus WebShield Service][Running/Auto Start] [(Verified)Kingsoft Corporation, 2010,07,02,8] [Kingsoft Core Defend Service / kxedefend][Running/Auto Start] <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxedefend.exe" /service kxedefend> [(Verified)Kingsoft Corporation, 2010,05,08,20] [Kingsoft Security App Service / kxesapp][Running/Auto Start] <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxesapp.exe" /service kxesapp> [(Verified)Kingsoft Corporation, 2010,06,22,821] [Kingsoft Core Service / kxescore][Running/Auto Start] <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxescore.exe" /service kxescore> [(Verified)Kingsoft Corporation, 2010,05,08,20] [Kingsoft Antivirus XEngine Service / KxEServ][Running/Auto Start] <"C:\Program Files\Common Files\Kingsoft\kiscommon\kxeserv.exe"> [(Verified)Kingsoft Corporation, 2010,05,08,20] [Kingsoft Antivirus Update Service / KxEUpSrv][Running/Auto Start] <"C:\Program Files\Common Files\Kingsoft\kiscommon\upsvc.exe"> [(Verified)Kingsoft Corporation, 2010,06,09,773] [NVIDIA Display Driver Service / nvsvc][Running/Auto Start] <%SystemRoot%\system32\nvvsvc.exe> [(Verified)NVIDIA Corporation, 7.15.11.7930] [Power Manager DBC Service / Power Manager DBC Service][Running/Auto Start] <"C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE"> [(Verified)Lenovo, 1.0.0.1] [Roxio UPnP Renderer 10 / Roxio UPnP Renderer 10][Stopped/Manual Start] <"C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe"> [(Verified)Sonic Solutions, 10.1.1.98] [Roxio Upnp Server 10 / Roxio Upnp Server 10][Stopped/Auto Start] <"C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe"> [(Verified)Sonic Solutions, 10.1.1.98] [LiveShare P2P Server 10 / RoxLiveShare10][Stopped/Auto Start] <"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe"> [(Verified)Sonic Solutions, 10.1.1.98] [RoxMediaDB10 / RoxMediaDB10][Stopped/Manual Start] <"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe"> [(Verified)Sonic Solutions, 10.1.1.98] [Roxio Hard Drive Watcher 10 / RoxWatch10][Stopped/Auto Start] <"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe"> [(Verified)Sonic Solutions, 10.1.1.98] [Rav Service / RsRavMon][Running/Auto Start] <"C:\software\Rising\Rav\RavMonD.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [RFW Service / RsRFWMon][Running/Auto Start] <"C:\software\Rising\RFW\RavMonD.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [stllssvr / stllssvr][Stopped/Manual Start] <"C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"> [(Verified)MicroVision Development, Inc., 1.2.595] [ThinkVantage Registry Monitor Service / ThinkVantage Registry Monitor Service][Running/Auto Start] <"c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe"> [(Verified)Lenovo Group Limited, 8.02.0009.00] [ThinkPad HDD APS Logging Service / TPHDEXLGSVC][Running/Auto Start] [(Verified)Lenovo., 1.60.0.6] [TSS Core Service / TSSCoreService][Running/Auto Start] <"C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe"> [(Verified)Lenovo, 8.02.0009.00] [XAudioService / XAudioService][Running/Auto Start] <%SystemRoot%\system32\DRIVERS\xaudio.exe> [(Verified)Conexant Systems, Inc., 1.00.15.00] ================================================================ 驱动 [IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start] [] [krpr / krpr][Stopped/Manual Start] <\??\C:\software\Kingsoft\webshield\krpr.sys> [] [IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start] [] [IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start] [] [TesDrvPt / TesDrvPt][Stopped/Manual Start] <\??\C:\Windows\system32\TesDrvPt.sy> [] [tvtfilter / tvtfilter][Running/Auto Start] [Lenovo, 4.10 built by: WinDDK] [Driver for XLPPoEPC Device / XLPPoEPC][Running/Manual Start] [西安信利软件系统公司, 1.0.0.0] [adp94xx / adp94xx][Stopped/Disabled] <\SystemRoot\system32\drivers\adp94xx.sys> [(Verified)Adaptec, Inc., 1.6.0006.3 (1.070222-1720)] [adpahci / adpahci][Stopped/Disabled] <\SystemRoot\system32\drivers\adpahci.sys> [(Verified)Adaptec, Inc., 1.6.0006.1 (1.070222-1720)] [adpu160m / adpu160m][Stopped/Disabled] <\SystemRoot\system32\drivers\adpu160m.sys> [(Verified)Adaptec, Inc., 6.4.645.100 (NT.070221-1001)] [adpu320 / adpu320][Stopped/Disabled] <\SystemRoot\system32\drivers\adpu320.sys> [(Verified)Adaptec, Inc., 7.2.000.000 (NT.070221-1245)] [aic78xx / aic78xx][Stopped/Disabled] <\SystemRoot\system32\drivers\djsvs.sys> [(Verified)Adaptec, Inc., 6.0.0.0] [aliide / aliide][Stopped/Disabled] <\SystemRoot\system32\drivers\aliide.sys> [(Verified)Acer Laboratories Inc., 1.20] [arc / arc][Stopped/Disabled] <\SystemRoot\system32\drivers\arc.sys> [(Verified)Adaptec, Inc., 5.2.0.10384 (NT.070222-1720)] [arcsas / arcsas][Stopped/Disabled] <\SystemRoot\system32\drivers\arcsas.sys> [(Verified)Adaptec, Inc., 5.2.0.10384 (NT.070222-1720)] [ASMMAP / ASMMAP][Running/Auto Start] <\??\C:\Program Files\Lenovo\ATK Hotkey\ASMMAP.sys> [(Verified)Copyright (C), 1.1.7.123 built by: WinDDK] [Atheros Extensible Wireless LAN device driver / athr][Running/Manual Start] [(Verified)Atheros Communications, Inc., 7.6.1.237 built by: WinDDK] [BC / BC][Running/Boot Start] [(Verified)Kingsoft Corporation, 2010,5,27,89] [Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start] <\SystemRoot\system32\drivers\brfiltlo.sys> [(Verified)Brother Industries, Ltd., 1.10.000 (vbl_wcp_d2_drivers.060616-1619)] [Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start] <\SystemRoot\system32\drivers\brfiltup.sys> [(Verified)Brother Industries, Ltd., 1.04.000 (vbl_wcp_d2_drivers.060616-1619)] [Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Disabled] <\SystemRoot\system32\drivers\brserid.sys> [(Verified)Brother Industries Ltd., 1.0.1.6 (vbl_wcp_d2_drivers.060616-1619)] [Brother WDM Serial driver / BrSerWdm][Stopped/Disabled] <\SystemRoot\system32\drivers\brserwdm.sys> [(Verified)Brother Industries Ltd., 1.0.0.20 (vbl_wcp_d2_drivers.060616-1619)] [Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Disabled] <\SystemRoot\system32\drivers\brusbmdm.sys> [(Verified)Brother Industries Ltd., 1,0,0,12 (vbl_wcp_d2_drivers.060616-1619)] [Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start] <\SystemRoot\system32\drivers\brusbser.sys> [(Verified)Brother Industries Ltd., 1,0,1,3 (vbl_wcp_d2_drivers.060809-0459)] [cmdide / cmdide][Stopped/Disabled] <\SystemRoot\system32\drivers\cmdide.sys> [(Verified)CMD Technology, Inc., 2.0.7 (longhorn_rtm.080118-1840)] [Conexant UAA Function Driver for High Definition Audio Service / CnxtHdAudService][Running/Manual Start] [(Verified)Conexant Systems Inc., 4.75.0.0 built by: WinDDK] [Integrated Camera / DCamUSBGene][Stopped/Manual Start] [(Verified) ] [DLABMFSM / DLABMFSM][Running/Auto Start] [(Verified)Roxio, 9.05.12a] [DLABOIOM / DLABOIOM][Running/Auto Start] [(Verified)Roxio, 9.05.12a] [DLACDBHM / DLACDBHM][Running/System Start] [(Verified)Roxio, 9.05.02a] [DLADResM / DLADResM][Running/Auto Start] [(Verified)Roxio, 9.05.12a] [DLAIFS_M / DLAIFS_M][Running/Auto Start] [(Verified)Roxio, 9.05.12a] [DLAOPIOM / DLAOPIOM][Running/Auto Start] [(Verified)Roxio, 9.05.12a] [DLAPoolM / DLAPoolM][Running/Auto Start] [(Verified)Roxio, 9.05.12a] [DLARTL_M / DLARTL_M][Running/System Start] [(Verified)Roxio, 9.05.02a] [DLAUDFAM / DLAUDFAM][Running/Auto Start] [(Verified)Roxio, 9.05.12a] [DLAUDF_M / DLAUDF_M][Running/Auto Start] [(Verified)Roxio, 9.05.12a] [DRVMCDB / DRVMCDB][Running/Boot Start] [(Verified)Sonic Solutions, 9.10.19a] [DRVNDDM / DRVNDDM][Running/Auto Start] [(Verified)Roxio, 9.05.02a] [Intel(R) PRO/1000 PCI Express Network Connection Driver / e1express][Stopped/Manual Start] [(Verified)Intel Corporation, 9.11.5.7 built by: WinDDK] [Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start] [(Verified)Intel Corporation, 8.3.2.8 built by: WinDDK] [elxstor / elxstor][Stopped/Disabled] <\SystemRoot\system32\drivers\elxstor.sys> [(Verified)Emulex, 5-1.30M9 03/18/2007 WS2K3 32 bit (NT.070222-1720)] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 6] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 34] [HpCISSs / HpCISSs][Stopped/Disabled] <\SystemRoot\system32\drivers\hpcisss.sys> [(Verified)Hewlett-Packard Company, 6.0.0.32 Build 7 (x86) (NT.070221-1245)] [HSFHWAZL / HSFHWAZL][Stopped/Manual Start] [(Verified)Conexant Systems, Inc., 7.39.06 built by: WinDDK] [HSF_DPV / HSF_DPV][Running/Manual Start] [(Verified)Conexant Systems, Inc., 7.73.00 built by: WinDDK] [HSXHWAZL / HSXHWAZL][Running/Manual Start] [(Verified)Conexant Systems, Inc., 7.73.00 built by: WinDDK] [Intel AHCI Controller / iaStor][Running/Boot Start] [(Verified)Intel Corporation, 8.8.0.1009] [Intel RAID Controller Vista / iaStorV][Stopped/Disabled] <\SystemRoot\system32\drivers\iastorv.sys> [(Verified)Intel Corporation, 6.2.0.1019] [IBMPMDRV / IBMPMDRV][Running/Manual Start] [(Verified)Lenovo., 1.44] [iirsp / iirsp][Stopped/Disabled] <\SystemRoot\system32\drivers\iirsp.sys> [(Verified)Intel Corp./ICP vortex GmbH, 5.4.22.0] [ITEATAPI_Service_Install / iteatapi][Stopped/Disabled] <\SystemRoot\system32\drivers\iteatapi.sys> [(Verified)Integrated Technology Express, Inc., v1.3.2.7 (NT.060726-2054)] [ITERAID_Service_Install / iteraid][Stopped/Disabled] <\SystemRoot\system32\drivers\iteraid.sys> [(Verified)Integrated Technology Express, Inc., v1.7.1.91 (NT.060726-2054)] [KAVBootC / KAVBootC][Running/Boot Start] [(Verified)Kingsoft Corporation, 2010,04,14,609] [KAVSafe / KAVSafe][Running/Auto Start] <\??\C:\Windows\system32\Drivers\KAVSafe.sys> [(Verified)Kingsoft Corporation, 2010,05,21,727] [ksdef / ksdef][Running/Auto Start] <\??\C:\Windows\system32\drivers\ksdef.sys> [(Verified)Kingsoft Corporation, 2010,07,13,42] [kwatch32 / kwatch32][Running/Auto Start] <\??\C:\Windows\system32\drivers\kwatch32.sys> [(Verified)Kingsoft Corporation, 2010,07,22,40] [Lenovo System Interface Driver / lenovo.smi][Running/System Start] [(Verified)Lenovo Group Limited, 1.01 built by: WinDDK] [LSI_FC / LSI_FC][Stopped/Disabled] <\SystemRoot\system32\drivers\lsi_fc.sys> [(Verified)LSI Logic, 1.25.06.22 (NT.070222-1242)] [LSI_SAS / LSI_SAS][Stopped/Disabled] <\SystemRoot\system32\drivers\lsi_sas.sys> [(Verified)LSI Logic, 1.25.06.22 (NT.070222-1242)] [LSI_SCSI / LSI_SCSI][Stopped/Disabled] <\SystemRoot\system32\drivers\lsi_scsi.sys> [(Verified)LSI Logic, 1.25.06.22 (NT.070222-1242)] [mdmxsdk / mdmxsdk][Running/Auto Start] [(Verified)Conexant, 1.0.2.012] [megasas / megasas][Stopped/Disabled] <\SystemRoot\system32\drivers\megasas.sys> [(Verified)LSI Corporation, 2.13.0.32 (NT.070222-1720)] [MegaSR / MegaSR][Stopped/Disabled] <\SystemRoot\system32\drivers\megasr.sys> [(Verified)LSI Corporation, Inc., 09.06.0523.2007] [Mraid35x / Mraid35x][Stopped/Disabled] <\SystemRoot\system32\drivers\mraid35x.sys> [(Verified)LSI Logic Corporation, 6.50.2.32 (NT.060824-1234)] [ATK0101 ACPI UTILITY / MTsensor][Running/Manual Start] [(Verified)ATK0100, 1043, 2, 31, 100] [nfrd960 / nfrd960][Stopped/Disabled] <\SystemRoot\system32\drivers\nfrd960.sys> [(Verified)IBM Corporation, 7.10.56 (NT.060601-1710)] [Netgroup Packet Filter / NPF][Stopped/Manual Start] [(Verified)CACE Technologies, Inc., 4.1.0.1753] [N-trig HID Tablet Driver / ntrigdigi][Stopped/Disabled] <\SystemRoot\system32\drivers\ntrigdigi.sys> [(Verified)N-trig Innovative Technologies, 0.90.16.16384 (Vista_RC1.060509-2219)] [Service for NVIDIA High Definition Audio Driver / NVHDA][Running/Manual Start] [(Verified)NVIDIA Corporation, 1.00.00.37 built by: WinDDK] [nvlddmkm / nvlddmkm][Running/Manual Start] [(Verified)NVIDIA Corporation, 7.15.11.7930] [NVIDIA nForce RAID Driver / nvraid][Stopped/Disabled] <\SystemRoot\system32\drivers\nvraid.sys> [(Verified)NVIDIA Corporation, 5.10.2600.0833 (NT.070222-1720)] [nvstor / nvstor][Stopped/Disabled] <\SystemRoot\system32\drivers\nvstor.sys> [(Verified)NVIDIA Corporation, 5.10.2600.0833 (NT.070222-1720)] [Lenovo Parties Service Access Device Driver / psadd][Running/Manual Start] [(Verified)Lenovo (United States) Inc., 6.1.1012.0] [PxHelp20 / PxHelp20][Running/Boot Start] [(Verified)Sonic Solutions, 3.00.83a] [QLogic Fibre Channel Miniport Driver / ql2300][Stopped/Disabled] <\SystemRoot\system32\drivers\ql2300.sys> [(Verified)QLogic Corporation, 9.1.4.5] [QLogic iSCSI Miniport Driver / ql40xx][Stopped/Disabled] <\SystemRoot\system32\drivers\ql40xx.sys> [(Verified)QLogic Corporation, 2.1.3.19 (STOR w32)] [Rising RfwARP Driver / RFWARP][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [Rising RfwBase Driver / RfwBase9][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\software\Rising\RFW\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.2] [rimmptsk / rimmptsk][Running/Auto Start] [(Verified)REDC, 6.00.03.06] [rimsptsk / rimsptsk][Running/Auto Start] [(Verified)REDC, 6.00.01.11] [Ricoh xD-Picture Card Driver / rismxdp][Running/Auto Start] [(Verified)REDC, 6.00.01.13] [rsassist / rsassist][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 7] [rsfwdrv / rsfwdrv][Running/System Start] <\??\C:\software\Rising\RFW\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.37] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [Realtek 8169 NT Driver / RTL8169][Running/Manual Start] [(Verified)Realtek Corporation , 6.205.0403.2008 built by: WinDDK] [Shockprf / Shockprf][Running/Boot Start] [(Verified)Lenovo., 1.60.0.6] [SiSRaid4 / SiSRaid4][Stopped/Disabled] <\SystemRoot\system32\drivers\sisraid4.sys> [(Verified)Silicon Integrated Systems, 3.00.02 (NT.070222-1720)] [Symc8xx / Symc8xx][Stopped/Disabled] <\SystemRoot\system32\drivers\symc8xx.sys> [(Verified)LSI Logic, 4.16.06.00 (NT.051018-1332)] [Sym_hi / Sym_hi][Stopped/Disabled] <\SystemRoot\system32\drivers\sym_hi.sys> [(Verified)LSI Logic, 4.16.06.00 (NT.051018-1332)] [Sym_u3 / Sym_u3][Stopped/Disabled] <\SystemRoot\system32\drivers\sym_u3.sys> [(Verified)LSI Logic, 5.09.09.00 (NT.051018-1332)] [Synaptics TouchPad Driver / SynTP][Running/Manual Start] [(Verified)Synaptics, Inc., 11.1.2 10Apr08] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\Windows\system32\TesSafe.sys> [(Verified)TENCENT, 1, 11, 4, 3442] [TPDIGIMN / TPDIGIMN][Running/Boot Start] [(Verified)Lenovo., 1.60.0.6 built by: WinDDK] [TPPWRIF / TPPWRIF][Running/System Start] [(Verified)N/A] [tvtumon / tvtumon][Stopped/System Start] [(Verified)Lenovo, 4.20.0416.0] [uliahci / uliahci][Stopped/Disabled] <\SystemRoot\system32\drivers\uliahci.sys> [(Verified)ULi Electronics Inc., 6.302] [UlSata / UlSata][Stopped/Disabled] <\SystemRoot\system32\drivers\ulsata.sys> [(Verified)Promise Technology, Inc., 1.1.0.31] [ulsata2 / ulsata2][Stopped/Disabled] <\SystemRoot\system32\drivers\ulsata2.sys> [(Verified)Promise Technology, Inc., 1.0.0.38] [viaide / viaide][Stopped/Disabled] <\SystemRoot\system32\drivers\viaide.sys> [(Verified)VIA Technologies, Inc., 5.1.3790.150] [vsmraid / vsmraid][Stopped/Disabled] <\SystemRoot\system32\drivers\vsmraid.sys> [(Verified)VIA Technologies Inc.,Ltd, 6.0.6000,6161] [winachsf / winachsf][Running/Manual Start] [(Verified)Conexant Systems, Inc., 7.73.00 built by: WinDDK] [XAudio / XAudio][Running/Auto Start] [(Verified)Conexant Systems, Inc., 1.00.15.00 built by: WinDDK] ================================================================ 活动进程 [PID: 956 / SYSTEM] C:\Windows\system32\ibmpmsvc.exe [(Verified)Lenovo, 1.44] [PID: 984 / SYSTEM] C:\Windows\system32\nvvsvc.exe [(Verified)NVIDIA Corporation, 7.15.11.7930] [PID: 1056 / SYSTEM] C:\software\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\software\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\software\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] C:\software\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.41] C:\software\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\software\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 46] C:\software\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] C:\software\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29] C:\software\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] C:\software\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12] C:\software\Rising\Rav\rsindent.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11] C:\software\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\software\Rising\Rav\taskplug.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] C:\software\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] C:\software\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\software\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\software\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\software\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\software\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 3] C:\software\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\software\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\software\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 1] C:\software\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 39] C:\software\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\software\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\Rav\bawhite.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\software\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.22] C:\software\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] C:\software\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\software\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] C:\software\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] C:\software\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\software\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\software\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\software\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 85] C:\software\Rising\Rav\scantj.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\software\Rising\Rav\methodex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\Rav\heurex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\software\Rising\Rav\pecompd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\software\Rising\Rav\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\software\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\software\Rising\Rav\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] C:\software\Rising\Rav\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.21] C:\software\Rising\Rav\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\software\Rising\Rav\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\Rav\extsfx.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\software\Rising\Rav\SysMail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\software\Rising\Rav\ur004.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\Rav\extole.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\Rav\extarch.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] C:\software\Rising\Rav\extcomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\Rav\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\Rav\extalgo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\Rav\scanmac.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\software\Rising\Rav\ur014.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\Rav\ur025.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\Rav\ur023.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\Rav\uroutine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\Rav\extcryp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [PID: 1100 / SYSTEM] C:\software\Rising\RFW\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\software\Rising\RFW\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\software\Rising\RFW\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\RFW\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] C:\software\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] C:\software\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\Windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\software\Rising\RFW\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.2] C:\software\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\software\Rising\RFW\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\software\Rising\RFW\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\software\Rising\RFW\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.5] C:\software\Rising\RFW\RfwArp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.5] C:\software\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\software\Rising\RFW\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\software\Rising\RFW\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\software\Rising\RFW\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\RFW\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\RFW\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\RFW\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 73] C:\software\Rising\RFW\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\RFW\rsindent.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11] C:\software\Rising\RFW\taskplug.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] C:\software\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\software\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\software\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\software\Rising\RFW\NComm2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\RFW\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\software\Rising\RFW\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\RFW\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [PID: 1668 / SYSTEM] C:\Windows\system32\rundll32.exe [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] C:\Windows\system32\NVSVC.DLL [(Verified)NVIDIA Corporation, 7.15.11.7930] C:\Windows\system32\nvapi.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] C:\Windows\system32\NVSVCR.DLL [(Verified)NVIDIA Corporation, 7.15.11.7930] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 1884 / SYSTEM] C:\Program Files\Lenovo\ATK Hotkey\ASLDRSrv.exe [Copyright (C) 2006, 1.0.3.0] [PID: 1896 / SYSTEM] C:\Program Files\Lenovo\ATK Hotkey\GFNEXSrv.exe [Copyright (C) 2007, 1, 0, 0, 0] [PID: 1948 / SYSTEM] C:\Windows\system32\WLANExt.exe [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] C:\Windows\system32\athihvs.dll [Atheros, 1.0.0.131] [PID: 2044 / SYSTEM] C:\Program Files\Lenovo\ATK Hotkey\LFKAS.exe [Copyright (C) 2008, 1, 0, 0, 1] [PID: 412 / SYSTEM] C:\software\Kingsoft\webshield\KSWebShield.exe [(Verified)Kingsoft Corporation, 2010,07,02,8] C:\software\Kingsoft\webshield\kdump.dll [(Verified)Kingsoft Corporation, 2010,06,25,1157] C:\software\Kingsoft\webshield\kwssp.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\software\Kingsoft\webshield\kxebase.dll [(Verified)Kingsoft Corporation, 2009,11,20,309] C:\software\Kingsoft\webshield\scom.dll [(Verified)Kingsoft Corporation, 2009,11,20,309] C:\software\Kingsoft\webshield\kxecore\kxelog.dll [(Verified)Kingsoft Corporation, 2009,11,20,309] C:\software\Kingsoft\webshield\kxecore\kxecore.dll [(Verified)Kingsoft Corporation, 2009,11,20,309] C:\software\Kingsoft\webshield\kxecore\kxestat.dll [(Verified)Kingsoft Corporation, 2010,5,12,402] C:\software\Kingsoft\webshield\report\kinfoc.dll [(Verified)Kingsoft Corporation, 2010,05,07,677] C:\software\Kingsoft\webshield\KSE\ksecorex.dll [(Verified)Kingsoft Corporation, 2010,07,15,926] C:\software\Kingsoft\webshield\KSE\kae\kaecore.dat [(Verified)Kingsoft Corporation, 2010,06,30,436] C:\software\Kingsoft\webshield\KSE\wfs.dll [(Verified)Kingsoft Corporation, 2010,06,30,869] C:\software\Kingsoft\webshield\KSE\sqlite.dll [(Verified)Kingsoft Corporation, 2010,07,05,1194] C:\software\Kingsoft\webshield\KSMCoreKws.dll [(Verified)Kingsoft Corporation, 2010,06,02,1089] C:\software\Kingsoft\webshield\ksmcorew.dll [(Verified)Kingsoft Corporation, 2010,07,23,1253] C:\software\Kingsoft\webshield\kcldrep.dll [(Verified)Kingsoft Corporation, 2010,07,06,1198] C:\software\Kingsoft\webshield\kavifr.dll [(Verified)Kingsoft Corporation, 2008,11,13,50] C:\software\Kingsoft\webshield\KSE\ksbwdet2.dll [(Verified)Kingsoft Corporation, 2010,07,12,1210] C:\software\Kingsoft\webshield\KSE\kae\karchive.dat [(Verified)Kingsoft Corporation, 2010,06,30,436] C:\software\Kingsoft\webshield\KSE\kae\kaearcha.dat [(Verified)Kingsoft Corporation, 2010,06,30,436] C:\software\Kingsoft\webshield\KSE\kae\kaeolea.dat [(Verified)Kingsoft Corporation, 2010,06,30,436] C:\software\Kingsoft\webshield\KSE\kae\kaearchb.dat [(Verified)Kingsoft Corporation, 2010,06,30,436] C:\software\Kingsoft\webshield\ksreng.dll [(Verified)Kingsoft Corporation, 2010,07,15,1227] [PID: 2988 / SYSTEM] C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Program Files\ThinkPad\ConnectUtilities\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcLocMigrator.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\ThinQCon.dll [(Verified)Lenovo, 5.20] [PID: 3072 / SYSTEM] C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [(Verified)InterVideo, 1, 0, 4, 0] [PID: 3284 / SYSTEM] C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE [(Verified)Lenovo, 1.0.0.1] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL [Microsoft Corporation, 8.00.50727.4053] [PID: 3552 / SYSTEM] c:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe [(Verified)Lenovo Group Limited, 8.02.0009.00] [PID: 3584 / SYSTEM] C:\Windows\System32\TPHDEXLG.exe [(Verified)Lenovo., 1.60.0.6] [PID: 3604 / SYSTEM] C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [Lenovo Group Limited, 1.03] [PID: 3624 / NETWORK SERVICE] C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe [(Verified)Lenovo, 8.02.0009.00] [PID: 3640 / SYSTEM] C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [(C) Copyright Lenovo 2005, 2007. All rights reserved. , 4,21,11,0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Windows\system32\MFC71U.DLL [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0] [PID: 3684 / SYSTEM] C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe [Lenovo Group Limited, 4,21,11,0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Lenovo\Rescue and Recovery\zlib.dll [Lenovo Group Limited, 4,21,11,0] c:\program files\common files\lenovo\ui.dll [Lenovo Group Limited, 4,21,11,0] C:\Program Files\Lenovo\Rescue and Recovery\CDRecord.dll [N/A] C:\Windows\system32\MFC71U.DLL [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Lenovo\Rescue and Recovery\rr_res.dll [Lenovo Limited Group Corporation, 4,21,11,0] c:\program files\common files\lenovo\tvt_think_res.dll [(Verified)Lenovo Group Limited, 6.02.0010.00] C:\Program Files\Lenovo\Rescue and Recovery\rnr_think_res.dll [Lenovo Group Limited, 4,21,4,0] C:\Windows\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0] [PID: 3712 / SYSTEM] c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe [Lenovo Group Limited, 4,21,10,0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Windows\system32\MFC71U.DLL [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0] [PID: 3856 / SYSTEM] C:\Windows\system32\DRIVERS\xaudio.exe [(Verified)Conexant Systems, Inc., 1.00.15.00] [PID: 3888 / SYSTEM] C:\Users\ADMINI~1\AppData\Local\Temp\{59F30715-7E5A-4701-BE82-99FB3EF85834}\{061A431C-86E7-4DB4-92B8-36DE783865CF}\STK2135\Win2KXP\stk2135bsrv.exe [N/A] [PID: 3912 / SYSTEM] C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Program Files\ThinkPad\ConnectUtilities\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcSvcHlpr.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\ACVistaWlAutoconfig.dll [(Verified)Lenovo, 5.20] [PID: 3964 / SYSTEM] c:\Program Files\Lenovo\System Update\SUService.exe [Lenovo Group Limited, 3.0.23.0] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5b3e3b0551bcaa722c27dbb089c431e4\mscorlib.ni.dll [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\267d4c344058092e6950c11594244f90\System.ni.dll [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\80a3d0416c6660b86e245bd1f6b66fd8\System.ServiceProcess.ni.dll [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] c:\Program Files\Lenovo\System Update\TvsuServiceCommon.dll [(Verified) , 0.0.0.0] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\02cf61328d59df9b3ec09544f449a781\System.Xml.ni.dll [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\3faf6c0dd4b29ada10b11269abb62653\System.Management.ni.dll [Microsoft Corporation, 2.0.50727.1434 (REDBITS.050727-1400)] [PID: 3472 / SYSTEM] C:\software\Kingsoft\webshield\KSWebShield.exe [(Verified)Kingsoft Corporation, 2010,07,02,8] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 3428 / GST] C:\Windows\system32\taskeng.exe [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\Windows\system32\nvapi.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] [PID: 3344 / GST] C:\software\Kingsoft\webshield\kwstray.exe [(Verified)Kingsoft Corporation, 2010,07,21,33] C:\software\Kingsoft\webshield\kdump.dll [(Verified)Kingsoft Corporation, 2010,06,25,1157] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\software\Kingsoft\webshield\report\kinfoc.dll [(Verified)Kingsoft Corporation, 2010,05,07,677] [PID: 3748 / SYSTEM] C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe [Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Program Files\ThinkPad\ConnectUtilities\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgr.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcCryptHlpr.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\ACGUIHlpr.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\MFC71U.DLL [Microsoft Corporation, 7.10.5057.0] C:\Program Files\ThinkPad\ConnectUtilities\AcAdaptersInfo.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\ACON.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\ACTurinSupport.dll [(Verified)Lenovo, 5.20] C:\Program Files\ThinkPad\ConnectUtilities\AcSmBiosHelper.dll [(Verified)Lenovo, 5.20] C:\Windows\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0] C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\GUIHlprRes.dll [Lenovo, 4, 5, 0, 0] C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\SvcHlprRes.dll [Lenovo, 4, 4, 0, 0] [PID: 3276 / GST] C:\Windows\system32\Dwm.exe [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\Windows\system32\nvd3dum.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] [PID: 4100 / GST] C:\Windows\Explorer.EXE [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\Windows\system32\nvcpl.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] C:\Windows\system32\nvapi.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] C:\Program Files\Kingsoft\Kingsoft Antivirus\ktaskbar.dll [(Verified)Kingsoft Corporation, 2010,05,26,732] C:\Program Files\Lenovo\Drag-to-Disc\Shellex.dll [(Verified)Roxio, 9.0.5.27] C:\Windows\system32\DLAAPI_W.DLL [(Verified)N/A] C:\Program Files\Lenovo\Drag-to-Disc\ShellRes.dll [(Verified)Roxio, 9.0.5.27] C:\software\WinRAR\rarext.dll [N/A] C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll [(Verified)Sonic Solutions, 10.1.1.94] C:\Windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Windows\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\software\AliWangWang\AliIMExt.dll [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1] C:\Program Files\Kingsoft\Kingsoft Antivirus\kavmenu.dll [(Verified)Kingsoft Corporation, 2010,05,29,742] C:\Program Files\Kingsoft\Kingsoft Antivirus\kis.dll [(Verified)Kingsoft Corporation, 2010,04,14,610] C:\Windows\system32\TudouUpload.dll [www.Tudou.com, 1.1.0.0] C:\Program Files\Lenovo\HOTKEY\hkvolkey.dll [(Verified)Lenovo Group Limited, 1.01] [PID: 4328 / SYSTEM] C:\Program Files\Lenovo\ATK Hotkey\LCONTROL.exe [ATK0101, 1043, 2, 31, 90] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 4672 / SYSTEM] C:\Program Files\Lenovo\ATK Hotkey\LFKA.exe [Lenovo, 1.0.0.8] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 4968 / GST] C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe [(Verified)Lenovo Group Limited, 1.00] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\Program Files\Lenovo\NPDIRECT\tpfnf7.dll [(Verified)Lenovo Group Limited, 1.00] [PID: 5056 / GST] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [(Verified)Synaptics, Inc., 11.1.2 10Apr08] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\Windows\system32\SynCOM.dll [(Verified)Synaptics, Inc., 11.1.2 10Apr08] C:\Windows\system32\SynTPAPI.dll [(Verified)Synaptics, Inc., 11.1.2 10Apr08] [PID: 5080 / GST] C:\Windows\System32\TpShocks.exe [(Verified)Lenovo., 1.61.0.1] C:\Program Files\ThinkPad\TpShocks\MUI\0804\TpShocks.dll [(Verified)N/A] C:\Windows\System32\Sensor.dll [(Verified)Lenovo., 1.60.0.6] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 5100 / GST] C:\Program Files\Lenovo\HOTKEY\LVOSDSVC.exe [(Verified)Lenovo Group Limited, 1.04] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\Program Files\Lenovo\HOTKEY\hkvolkey.dll [(Verified)Lenovo Group Limited, 1.01] C:\Program Files\Lenovo\HOTKEY\tplhmm.dll [(Verified)Lenovo Group Limited, 1.01] [PID: 5168 / GST] C:\Program Files\ThinkPad\Utilities\EZEJMNAP.EXE [(Verified)Lenovo Group Ltd., 2, 3, 2, 0] C:\Program Files\ThinkPad\Utilities\SC\EzMApRes.dll [(Verified)Lenovo Group Ltd., 2, 3, 2, 0] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 5184 / GST] C:\Windows\System32\rundll32.exe [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] C:\Windows\system32\NvMcTray.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] C:\Windows\System32\nvapi.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 5204 / GST] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe [Lenovo Group Limited, 4,21,10,0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Windows\system32\MFC71U.DLL [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Common Files\Lenovo\ui.dll [Lenovo Group Limited, 4,21,11,0] c:\program files\common files\lenovo\CDRecord.dll [N/A] C:\Program Files\Common Files\Lenovo\rr_res.dll [Lenovo Limited Group Corporation, 4,21,11,0] c:\program files\common files\lenovo\tvt_think_res.dll [(Verified)Lenovo Group Limited, 6.02.0010.00] C:\Program Files\Lenovo\Rescue and Recovery\rnr_think_res.dll [Lenovo Group Limited, 4,21,4,0] C:\Windows\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0] [PID: 5244 / GST] C:\Program Files\Lenovo\Drag-to-Disc\DrgToDsc.exe [(Verified)Roxio, 9.0.5.27] C:\Program Files\Lenovo\Drag-to-Disc\AS_Storage_w32.dll [(Verified)Sonic Solutions, 3.4.44.500] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\Program Files\Lenovo\Drag-to-Disc\D2DRes.dll [(Verified)Roxio, 9.0.5.27] C:\Program Files\Common Files\Roxio Shared\DLLShared\apm.dll [Sonic Solutions, 10.1.1.91] C:\Windows\system32\ATL71.DLL [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\DLAAPI_W.DLL [(Verified)N/A] C:\Windows\system32\CDRTC.DLL [Sonic Solutions, 9.0.1.6] C:\Windows\system32\cdral.DLL [Sonic Solutions, 9.0.1.6] [PID: 5276 / GST] C:\Program Files\Lenovo\LenovoCare\LPMGR.EXE [(Verified)Lenovo Group Limited, 3, 0, 0, 0] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\PROGRA~1\Lenovo\LENOVO~2\SC\LPRESMGR.DLL [(Verified)Lenovo Group Limited, 3, 0, 0, 0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Windows\system32\MFC71U.DLL [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0] C:\Program Files\ThinkPad\ConnectUtilities\Res\SC\TrayRes.dll [Lenovo, 4, 5, 0, 0] [PID: 5284 / GST] C:\Program Files\Lenovo\LenovoCare\LPMLCHK.EXE [(Verified)Lenovo Group Limited, 3, 0, 0, 0] C:\Program Files\Lenovo\LenovoCare\SSLEAY32.dll [The OpenSSL Project, http://www.openssl.org/, 0.9.8e] C:\Program Files\Lenovo\LenovoCare\LIBEAY32.dll [The OpenSSL Project, http://www.openssl.org/, 0.9.8e] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 5300 / GST] C:\Windows\System32\rundll32.exe [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL [(Verified)Lenovo Group Limited, 1, 0, 0, 0] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL [Microsoft Corporation, 8.00.50727.4053] C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL [Microsoft Corporation, 8.00.50727.4053] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\PROGRA~1\ThinkPad\UTILIT~1\SC\PWMRT32V.DLL [N/A] C:\PROGRA~1\ThinkPad\UTILIT~1\PWMIF32V.DLL [(Verified)Lenovo Group Limited, 1, 0, 0, 0] C:\Windows\System32\Sensor.dll [(Verified)Lenovo., 1.60.0.6] C:\Windows\System32\OEMDSPIF.DLL [(Verified)NVIDIA Corporation, 7.15.11.7930] C:\Windows\System32\nvapi.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] C:\Program Files\Lenovo\ATK Hotkey\AGFNEX.dll [2.0.0.4] C:\PROGRA~1\ThinkPad\UTILIT~1\ATM.DLL [(Verified)Lenovo Japan, 1, 3, 4, 0] [PID: 5328 / GST] C:\Program Files\Lenovo\Client Security Solution\cssauth.exe [(Verified)Lenovo Group Limited, 8.20.0015.00] C:\Windows\system32\cssuserdatadispatcher.dll [(Verified)Lenovo Group Limited, 8.02.0013.00] C:\Program Files\Lenovo\Client Security Solution\csswait.dll [(Verified)Lenovo Group Limited, 8.02.0013.00] C:\Program Files\Lenovo\Client Security Solution\css_banner.dll [(Verified)Lenovo Group Limited, 8.02.0013.00] C:\Program Files\Lenovo\Client Security Solution\cssdlgpwentry.dll [(Verified)Lenovo Group Limited, 8.02.0013.00] C:\Program Files\Lenovo\Client Security Solution\dlganswerprompt.dll [(Verified)Lenovo Group Limited, 8.02.0013.00] C:\Windows\system32\tvttsp.dll [(Verified)Lenovo, 8.02.0009.00] C:\Windows\system32\tcsrpc.dll [(Verified)Lenovo, 8.02.0009.00] c:\program files\common files\lenovo\tvt_think_res.dll [(Verified)Lenovo Group Limited, 6.02.0010.00] C:\Program Files\Lenovo\Client Security Solution\css_think_res.dll [(Verified)Lenovo Group Limited, 8.02.0013.00] C:\Program Files\Lenovo\Client Security Solution\css_strings.dll [(Verified)Lenovo Group Limited, 8.02.0013.00] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 5344 / GST] C:\Program Files\Common Files\Java\Java Update\jusched.exe [(Verified)Sun Microsystems, Inc., 2.0.2.1] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 5360 / GST] C:\software\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.11] C:\software\Rising\Rav\comserv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] C:\software\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\software\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\software\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\software\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] C:\software\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57] C:\software\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\software\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] C:\software\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] C:\software\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7] C:\software\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.74] C:\software\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\software\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\software\Rising\Rav\scanleak.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\software\Rising\Rav\ravppops.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] C:\software\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\software\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\software\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\software\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [PID: 5368 / GST] C:\software\Rising\RFW\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.11] C:\software\Rising\RFW\comserv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] C:\software\Rising\RFW\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\software\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\software\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\software\Rising\RFW\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\software\Rising\RFW\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\RFW\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\software\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\Windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\software\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\software\Rising\RFW\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] C:\software\Rising\RFW\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57] C:\software\Rising\RFW\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] C:\software\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\software\Rising\RFW\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\software\Rising\RFW\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 39] C:\software\Rising\RFW\ravppops.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] C:\software\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\software\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\software\Rising\RFW\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\software\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] [PID: 5420 / GST] C:\Program Files\Windows Sidebar\sidebar.exe [(Verified)Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\software\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 35] C:\Windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Windows\system32\nvd3dum.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] [PID: 5428 / GST] C:\Program Files\Windows Media Player\wmpnscfg.exe [(Verified)Microsoft Corporation, 11.0.6000.6324 (vista_rtm.061101-2205)] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 5456 / GST] C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe [(Verified)Lenovo Group Limited, 5.01] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 5492 / GST] C:\Program Files\Lenovo\Zoom\TpScrex.exe [(Verified)Lenovo Group Limited, 2.03] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 5576 / GST] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [(Verified)Synaptics, Inc., 11.1.2 10Apr08] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\Windows\system32\SynCOM.dll [(Verified)Synaptics, Inc., 11.1.2 10Apr08] [PID: 5636 / GST] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe [(Verified)Synaptics, Inc., 11.1.2 10Apr08] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 5748 / GST] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kdump.dll [(Verified)Kingsoft Corporation, 2010,06,25,1157] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\software\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 35] C:\Windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\software\Kingsoft\webshield\kswbc.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Tencent\QQ\Bin\TXPFProxy.dll [(Verified)Tencent, 1, 45, 1530, 0] [PID: 5308 / GST] C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe [(Verified)Adobe Systems, Inc., 10,1,53,64] C:\Users\GST\AppData\Local\Temp\6048.tmp [(Verified)Adobe Systems, Inc., 10,1,53,64] C:\Windows\system32\Macromed\Flash\FlashUtil10h_ActiveX.dll [(Verified)Adobe Systems, Inc., 10,1,53,64] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 3260 / GST] C:\Windows\system32\conime.exe [(Verified)Microsoft Corporation, 6.0.6001.18000 (longhorn_rtm.080118-1840)] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] [PID: 7676 / GST] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kdump.dll [(Verified)Kingsoft Corporation, 2010,06,25,1157] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\software\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 35] C:\Windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\software\Kingsoft\webshield\kswbc.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\Program Files\Windows Live Toolbar\zh-cn\mtbres.dll.mui [Microsoft Corporation, 03.00.0001.2012] C:\Program Files\Windows Live Toolbar\mtbres.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\Tem.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\zh-cn\searchboxRes.dll.mui [Microsoft Corporation, 03.00.0001.2012] C:\Program Files\Windows Live Toolbar\searchboxRes.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\zh-cn\CMRes.dll.mui [Microsoft Corporation, 03.00.0001.2032] C:\Program Files\Windows Live Toolbar\CMRes.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\zh-cn\msn_slrs.DLL.mui [Microsoft Corporation, 03.00.0001.2012] C:\Program Files\Windows Live Toolbar\msn_slrs.DLL [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\zh-cn\CBRes.dll.mui [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\CBRes.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\searchbox.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\stmain.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\cm.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\msn_slps.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\CB.dll [Microsoft Corporation, 03.01.0000.0130] C:\Windows\system32\nvd3dum.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] C:\software\Tencent\QQ\Bin\Timwp.dll [(Verified)Tencent, 1, 45, 1530, 0] C:\software\Tencent\QQ\Bin\Common.dll [(Verified)Tencent, 1, 45, 1530, 0] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL [Microsoft Corporation, 8.00.50727.4053] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL [Microsoft Corporation, 8.00.50727.4053] C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL [Microsoft Corporation, 8.00.50727.4053] C:\software\Tencent\QQ\Bin\TXPFProxy.dll [(Verified)Tencent, 1, 45, 1530, 0] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [(Verified)Adobe Systems Incorporated, 8.2.3.231] C:\Program Files\Common Files\System\Extend.dll [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [(Verified)Lenovo Group Limited, 3.00.0106.00] C:\Program Files\Lenovo\Client Security Solution\tvtpwm_interface.dll [(Verified)Lenovo Group Limited, 3.00.0106.00] C:\software\Thunder Network\MiniThunder\ToolBarNow.dll [(Verified)深圳市迅雷网络技术有限公司, 3,1,1,58] C:\software\Thunder Network\MiniThunder\ATL71.DLL [Microsoft Corporation, 7.10.6101.0] C:\Program Files\Java\jre6\bin\jp2ssv.dll [(Verified)Sun Microsystems, Inc., 6.0.200.2] C:\Windows\system32\Macromed\Flash\Flash10h.ocx [(Verified)Adobe Systems, Inc., 10,1,53,64] C:\Program Files\Lenovo\HOTKEY\hkvolkey.dll [(Verified)Lenovo Group Limited, 1.01] C:\Windows\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 5.0.1.4185] [PID: 7496 / GST] C:\Windows\explorer.exe [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [(Verified)Adobe Systems Incorporated, 8.2.3.231] C:\Program Files\Kingsoft\Kingsoft Antivirus\kis.dll [(Verified)Kingsoft Corporation, 2010,04,14,610] [PID: 7836 / GST] C:\TDdownload\arswp3\ArSwp3.exe [(Verified)Windows 清理助手, 3.1.2.0628] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\software\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 35] C:\Windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Windows\system32\Macromed\Flash\Flash10h.ocx [(Verified)Adobe Systems, Inc., 10,1,53,64] C:\Windows\system32\nvd3dum.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] [PID: 6140 / GST] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kdump.dll [(Verified)Kingsoft Corporation, 2010,06,25,1157] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\software\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 35] C:\Windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\software\Kingsoft\webshield\kswbc.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] [PID: 1728 / GST] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kdump.dll [(Verified)Kingsoft Corporation, 2010,06,25,1157] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\software\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 35] C:\Windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\software\Kingsoft\webshield\kswbc.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\Program Files\Windows Live Toolbar\zh-cn\mtbres.dll.mui [Microsoft Corporation, 03.00.0001.2012] C:\Program Files\Windows Live Toolbar\mtbres.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\Tem.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\zh-cn\searchboxRes.dll.mui [Microsoft Corporation, 03.00.0001.2012] C:\Program Files\Windows Live Toolbar\searchboxRes.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\zh-cn\CMRes.dll.mui [Microsoft Corporation, 03.00.0001.2032] C:\Program Files\Windows Live Toolbar\CMRes.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\zh-cn\msn_slrs.DLL.mui [Microsoft Corporation, 03.00.0001.2012] C:\Program Files\Windows Live Toolbar\msn_slrs.DLL [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\zh-cn\CBRes.dll.mui [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\CBRes.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\searchbox.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\stmain.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\cm.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\msn_slps.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\CB.dll [Microsoft Corporation, 03.01.0000.0130] C:\Windows\system32\nvd3dum.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [(Verified)Adobe Systems Incorporated, 8.2.3.231] C:\Program Files\Common Files\System\Extend.dll [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [(Verified)Lenovo Group Limited, 3.00.0106.00] C:\Program Files\Lenovo\Client Security Solution\tvtpwm_interface.dll [(Verified)Lenovo Group Limited, 3.00.0106.00] C:\software\Thunder Network\MiniThunder\ToolBarNow.dll [(Verified)深圳市迅雷网络技术有限公司, 3,1,1,58] C:\software\Thunder Network\MiniThunder\ATL71.DLL [Microsoft Corporation, 7.10.6101.0] C:\Program Files\Java\jre6\bin\jp2ssv.dll [(Verified)Sun Microsystems, Inc., 6.0.200.2] C:\Windows\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 5.0.1.4185] [PID: 4608 / GST] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] C:\software\Kingsoft\webshield\kwsui.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\software\Kingsoft\webshield\kdump.dll [(Verified)Kingsoft Corporation, 2010,06,25,1157] C:\software\Kingsoft\webshield\kswebshield.dll [(Verified)Kingsoft Corporation, 2010,07,23,38] C:\software\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 35] C:\Windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\software\Kingsoft\webshield\kswbc.dll [(Verified)Kingsoft Corporation, 2010,07,20,30] C:\Program Files\Windows Live Toolbar\zh-cn\mtbres.dll.mui [Microsoft Corporation, 03.00.0001.2012] C:\Program Files\Windows Live Toolbar\mtbres.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\Tem.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\zh-cn\searchboxRes.dll.mui [Microsoft Corporation, 03.00.0001.2012] C:\Program Files\Windows Live Toolbar\searchboxRes.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\zh-cn\CMRes.dll.mui [Microsoft Corporation, 03.00.0001.2032] C:\Program Files\Windows Live Toolbar\CMRes.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\zh-cn\msn_slrs.DLL.mui [Microsoft Corporation, 03.00.0001.2012] C:\Program Files\Windows Live Toolbar\msn_slrs.DLL [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\zh-cn\CBRes.dll.mui [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\CBRes.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [(Verified)Adobe Systems Incorporated, 8.2.3.231] C:\Program Files\Common Files\System\Extend.dll [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] C:\Program Files\Windows Live Toolbar\searchbox.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\stmain.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\cm.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\msn_slps.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Windows Live Toolbar\CB.dll [Microsoft Corporation, 03.01.0000.0130] C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll [(Verified)Lenovo Group Limited, 3.00.0106.00] C:\Program Files\Lenovo\Client Security Solution\tvtpwm_interface.dll [(Verified)Lenovo Group Limited, 3.00.0106.00] C:\software\Thunder Network\MiniThunder\ToolBarNow.dll [(Verified)深圳市迅雷网络技术有限公司, 3,1,1,58] C:\software\Thunder Network\MiniThunder\ATL71.DLL [Microsoft Corporation, 7.10.6101.0] C:\Program Files\Java\jre6\bin\jp2ssv.dll [(Verified)Sun Microsystems, Inc., 6.0.200.2] C:\Windows\system32\nvd3dum.dll [(Verified)NVIDIA Corporation, 7.15.11.7930] C:\Windows\system32\Macromed\Flash\Flash10h.ocx [(Verified)Adobe Systems, Inc., 10,1,53,64] ================================================================ 文件关联 [.zip] <"C:\software\WinRAR\WinRAR.exe" "%1"> [N/A] [.MOD] <"C:\software\StormII\Storm.exe" /play "%1"> [(Verified)北京暴风网际科技有限公司, 3, 10, 5, 21] ================================================================ Autorun.Inf ================================================================ Winsock提供者 ================================================================ 隐藏进程 [PID: 5404] C:\Program Files\Common Files\Kingsoft\kiscommon\kxetray.exe [(Verified)Kingsoft Corporation, 2010,07,13,14] [PID: 1452] C:\Windows\System32\audiodg.exe [(Verified)Microsoft Corporation, 6.0.6000.16386 (vista_rtm.061101-2205)] [PID: 1924] C:\Program Files\Common Files\Kingsoft\kiscommon\kxedefend.exe [(Verified)Kingsoft Corporation, 2010,05,08,20] [PID: 2032] C:\Program Files\Common Files\Kingsoft\kiscommon\kxescore.exe [(Verified)Kingsoft Corporation, 2010,05,08,20] [PID: 528] C:\Program Files\Common Files\Kingsoft\kiscommon\kxesapp.exe [(Verified)Kingsoft Corporation, 2010,06,22,821] [PID: 1864] C:\Program Files\Common Files\Kingsoft\kiscommon\kxeserv.exe [(Verified)Kingsoft Corporation, 2010,05,08,20] [PID: 3188] C:\Program Files\Common Files\Kingsoft\kiscommon\upsvc.exe [(Verified)Kingsoft Corporation, 2010,06,09,773] ================================================================ 可疑文件 ================================================================ HOSTS 127.0.0.1 localhost [/CODE]