[CODE] 2010-10-14,15:34:45 System Repair Engineer 2.8.2.1321 Smallfrogs (http://www.KZTechs.com) Windows 7 Ultimate Edition (Build 7600) - 管理权限用户 - 完整功能 以下内容被选中: 所有的启动项目(包括注册表、启动文件夹、服务等) 浏览器加载项 正在运行的进程(包括进程模块信息) 文件关联 Winsock 提供者 Autorun.inf HOSTS 文件 进程特权扫描 计划任务 Windows 安全更新检查 API HOOK 隐藏进程 启动项目 注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <"C:\Program Files\Common Files\Java\Java Update\jusched.exe"> [(Verified)Sun Microsystems, Inc.] [(Verified)Microsoft Corporation] <"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"> [(Verified)Microsoft Corporation] <"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"> [(Verified)Adobe Systems, Incorporated] <"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"> [(Verified)Adobe Systems, Incorporated] [(Verified)Lenovo(Japan)Ltd.] <%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe> [(Verified)Synaptics Incorporated] [(Verified)Lenovo(Japan)Ltd.] <"C:\Program Files\GridService\peer.exe" -n Grid> [FS2YOU] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{B5A7F190-DDA6-4420-B3BA-52453494E6CD}> [(Verified)Microsoft Corporation] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] <%SystemRoot%\system32\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] <"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Control Panel\Desktop] [(Verified)Microsoft Windows] ================================== 启动文件夹 N/A ================================== 服务 [AMD External Events Utility / AMD External Events Utility][Running/Auto Start] [ThinkPad PM Service / IBMPMSVC][Running/Auto Start] [Lenovo Microphone Mute / LENOVO.MICMUTE][Running/Auto Start] [Lenovo Auto Scroll / Lenovo.VIRTSCRLSVC][Running/Auto Start] [Intel(R) Management and Security Application Local Management Service / LMS][Running/Auto Start] [Macromedia Licensing Service / Macromedia Licensing Service][Stopped/Manual Start] <"C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe"><> [McAfee Security Scan Component Host Service / McComponentHostService][Stopped/Manual Start] <"C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe"> [Power Manager DBC Service / Power Manager DBC Service][Stopped/Manual Start] <"C:\Program Files\ThinkPad\Utilities\PWMDBSVC.EXE"> [Ris Service / RsRisMon][Running/Auto Start] <"C:\Program Files\Rising\Ris\RavMonD.exe"> [On Screen Display / TPHKSVC][Running/Auto Start] [Tencent Software Update Service / TSUSVC][Stopped/Auto Start] <"C:\Program Files\Tencent\QQSoftMgr\1.0.375.203\TencentUpdateSvc.exe" -run> [Intel(R) Management & Security Application User Notification Service / UNS][Running/Auto Start] <"C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe"> [Windows Accounts Driver / WindowsRemote][Running/Manual Start] <2 - 系统找不到指定的文件。 ><(File is missing)> ================================== 驱动程序 [adp94xx / adp94xx][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\adp94xx.sys> [adpahci / adpahci][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\adpahci.sys> [adpu320 / adpu320][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\adpu320.sys> [aic78xx / aic78xx][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\djsvs.sys> [aliide / aliide][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\aliide.sys> [amdsata / amdsata][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\amdsata.sys> [amdsbs / amdsbs][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\amdsbs.sys> [amdxata / amdxata][Running/Boot Start] <\SystemRoot\system32\DRIVERS\amdxata.sys> [arc / arc][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\arc.sys> [arcsas / arcsas][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\arcsas.sys> [atikmdag / atikmdag][Running/Manual Start] [Broadcom NetXtreme II VBD / b06bdrv][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\bxvbdx.sys> [Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60x][Stopped/Manual Start] [Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\BrFiltLo.sys> [Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\BrFiltUp.sys> [Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Manual Start] <\SystemRoot\System32\Drivers\Brserid.sys> [Brother WDM Serial driver / BrSerWdm][Stopped/Manual Start] <\SystemRoot\System32\Drivers\BrSerWdm.sys> [Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Manual Start] <\SystemRoot\System32\Drivers\BrUsbMdm.sys> [Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start] <\SystemRoot\System32\Drivers\BrUsbSer.sys> [cmdide / cmdide][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\cmdide.sys> [Broadcom NetXtreme II 10 GigE VBD / ebdrv][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\evbdx.sys> [elxstor / elxstor][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\elxstor.sys> [Hauppauge Consumer Infrared Receiver / hcw85cir][Stopped/Manual Start] <\SystemRoot\system32\drivers\hcw85cir.sys> [Intel(R) Management Engine Interface / HECI][Running/Manual Start] [HpSAMD / HpSAMD][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\HpSAMD.sys> [iaStorV / iaStorV][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\iaStorV.sys> [IBMPMDRV / IBMPMDRV][Running/Manual Start] [iirsp / iirsp][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\iirsp.sys> [Lenovo System Interface Driver / lenovo.smi][Running/System Start] [LSI_FC / LSI_FC][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\lsi_fc.sys> [LSI_SAS / LSI_SAS][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\lsi_sas.sys> [LSI_SAS2 / LSI_SAS2][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\lsi_sas2.sys> [LSI_SCSI / LSI_SCSI][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\lsi_scsi.sys> [megasas / megasas][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\megasas.sys> [MegaSR / MegaSR][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\MegaSR.sys> [nfrd960 / nfrd960][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\nfrd960.sys> [nvraid / nvraid][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\nvraid.sys> [nvstor / nvstor][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\nvstor.sys> [PCDSRVC{3037D694-FD904ACA-06020000}_0 - PCDR Kernel Mode Service Helper Driver / PCDSRVC{3037D694-FD904ACA-06020000}_0][Stopped/Manual Start] <\??\c:\program files\pc-doctor\pcdsrvc.pkms> [ql2300 / ql2300][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\ql2300.sys> [ql40xx / ql40xx][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\ql40xx.sys> [rsassist / rsassist][Running/Auto Start] [RsNTGDI / RsNTGDI][Running/Boot Start] <\SystemRoot\system32\Drivers\RsNTGdi.sys> [Realtek 8167 NT Driver / RTL8167][Running/Manual Start] [Realtek Wireless LAN 802.11n PCI-E NIC NT Driver / rtl8192se][Running/Manual Start] [SiSRaid2 / SiSRaid2][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\SiSRaid2.sys> [SiSRaid4 / SiSRaid4][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\sisraid4.sys> [sptd / sptd][Running/Boot Start] <\SystemRoot\System32\Drivers\sptd.sys> [stexstor / stexstor][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\stexstor.sys> [Synaptics TouchPad Driver / SynTP][Running/Manual Start] [TPPWRIF / TPPWRIF][Running/System Start] [viaide / viaide][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\viaide.sys> [vsmraid / vsmraid][Stopped/Manual Start] <\SystemRoot\system32\DRIVERS\vsmraid.sys> ================================== 浏览器加载项 [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [Adobe PDF Link Helper] {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [Groove GFS Browser Helper] {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435b-BC74-9C25C1C588A9} [启动迅雷5] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} [Send to OneNote from Internet Explorer button] {2670000A-7350-4f3c-8081-5663EE0C6C49} [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [Java Plug-in 1.6.0_21] {8AD9C840-044E-11D1-B3E9-00805F499D93} [Lenovo Update Control] {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} [Java Plug-in 1.5.0_22] {CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA} [Java Plug-in 1.6.0_21] {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [Java Plug-in 1.6.0_21] {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, > [] {09BA8F6D-CB54-424B-839C-C2A6C8E6B436} <, > [Edit Class] {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D} [Adobe PDF Link Helper] {18DF081C-E8AD-4283-A596-FA578C2EBDC3} [WWPicUploadCtrl Class] {1D63232D-4F15-4A42-890D-EE617AA1537D} [InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} [iTrusPTA Class] {1E0DFFCF-27FF-4574-849B-55007349FEDA} [] {2670000A-7350-4F3C-8081-5663EE0C6C49} <, > [XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [EditCtrl Class] {488A4255-3236-44B3-8F27-FA1AECAA8844} [UDownAgentObj Control] {528D9365-F531-4A73-82B1-DC54B7DD692D} [WangWangX Class] {5D09DD40-CDC4-4C56-B615-0D1E3B357C2B} [CC_CtiClientActive Control] {60F65176-08C0-4E4B-A945-B1CF3ECC8212} [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [Groove GFS Browser Helper] {72853161-30C5-4D22-B7F9-0BBC1D38A37E} [] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} <, > [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [XDownloaddManager Class] {802F530B-A8F6-4631-AE49-6BACAAC6373E} [Peer Adapter] {80E18282-3716-48CA-B50C-F7B7F6A32791} <, > [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [XML HTTP 6.0] {88D96A0A-F192-11D4-A65F-0040963251E5} <%SystemRoot%\System32\msxml6.dll, (Signed) N/A> [] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, > [OFrameObject Class] {9701758C-4373-482E-B13C-776C048EC890} [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [Lenovo Update Control] {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} [] {A539A34D-10E1-4863-945E-44421527C4D3} <, > [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [Microsoft Url Search Hook] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [Java(tm) Plug-In 2 SSV Helper] {DBC80044-A445-435B-BC74-9C25C1C588A9} [PlayerCtrl Class] {E05BC2A3-9A46-4a32-80C9-023A473F5B23} [BIS_VSEHTABLE Control] {E52A9DF6-E0D2-409A-A0EA-E4ECC99473BC} [TimwpDll.TimwpCheck] {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [webmod Class] {FEE3C8C5-9BEA-4079-AB36-63ECABFC7392} [&使用优蛋下载] [&使用优蛋下载全部链接] [上传到淘江湖相册] [使用迅雷下载] [使用迅雷下载全部链接] [分享到淘江湖] [导出到 Microsoft Excel(&X)] [添加为阿里旺旺表情] ================================== 正在运行的进程 [PID: 288 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 404 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 476 / SYSTEM][C:\Windows\system32\wininit.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 524 / SYSTEM][C:\Windows\system32\services.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 548 / SYSTEM][C:\Windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 556 / SYSTEM][C:\Windows\system32\lsm.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 708 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 772 / SYSTEM][C:\Windows\system32\ibmpmsvc.exe] [Lenovo., 1.60.0.4] [PID: 828 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 892 / SYSTEM][C:\Program Files\Rising\Ris\RavMonD.exe] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Ris\combase.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] [C:\Program Files\Rising\Ris\cnt09.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Ris\moncomm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] [C:\Program Files\Rising\Ris\MonBase.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\Rslog.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.41] [C:\Program Files\Rising\Ris\moncom08.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\rsindent.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11] [C:\Program Files\Rising\Ris\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\Ris\taskplug.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] [C:\Program Files\Rising\Ris\scansrvp.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.7] [C:\Program Files\Rising\Ris\cnt08.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Ris\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Ris\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Ris\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Ris\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\Ris\NComm2.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\rstask.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Ris\rsstub.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\ScanSrv.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.3] [C:\Program Files\Rising\Ris\ScanRavT.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [C:\Program Files\Rising\Ris\ScanBT.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.21] [C:\Program Files\Rising\Ris\ScanStub.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\Program Files\Rising\Ris\ScanAdd.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [C:\Program Files\Rising\Ris\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.22] [C:\Program Files\Rising\Ris\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Ris\refs.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Ris\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Ris\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 90] [C:\Program Files\Rising\Ris\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Ris\scanpe.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] [C:\Program Files\Rising\Ris\scantj.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\ur000.dat] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\urutils.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\methodex.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\revm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Ris\heurex.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] [C:\Program Files\Rising\Ris\pecompd.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] [C:\Program Files\Rising\Ris\extsfx.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\extarch.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] [C:\Program Files\Rising\Ris\extcomp.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\rsstore.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [PID: 940 / SYSTEM][C:\Windows\system32\atiesrxx.exe] [AMD, 6.14.11.1033] [PID: 976 / LOCAL SERVICE][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1016 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1060 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1216 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1412 / NETWORK SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1596 / SYSTEM][C:\Windows\System32\spoolsv.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1624 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1712 / SYSTEM][C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe] [Lenovo Group Limited, 2.01] [PID: 1756 / LOCAL SERVICE][C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe] [(Verified) Microsoft Corporation, 3.0.6920.4902 built by: NetFXw7] [C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\f58ab951b57c8526430486dcf7ee38fd\mscorlib.ni.dll] [Microsoft Corporation, 2.0.50727.4952 (win7RTMGDR.050727-4900)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System\500ddd904b1099f95552a81b54223b7f\System.ni.dll] [Microsoft Corporation, 2.0.50727.4927 (NetFXspW7.050727-4900)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\cda6307ec359333afe51ed90f61db564\PresentationFontCache.ni.exe] [Microsoft Corporation, 3.0.6920.4902 built by: NetFXw7] [C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\6b8b76b26be7d7f4c3d1cb644811a2ef\System.ServiceProcess.ni.dll] [Microsoft Corporation, 2.0.50727.4927 (NetFXspW7.050727-4900)] [C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\3c0fbe23fa37ca50fea3dbe200b40f7a\WindowsBase.ni.dll] [Microsoft Corporation, 3.0.6920.5001 built by: Win7RTMGDR] [C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\74f3fc09a810d9b704a80ee8c18d9d04\PresentationCore.ni.dll] [Microsoft Corporation, 3.0.6920.5001 built by: Win7RTMGDR] [PID: 1864 / SYSTEM][C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe] [Lenovo Group Limited, 1.04] [C:\Program Files\LENOVO\HOTKEY\micmute6.dll] [Lenovo Group Limited, 1.03] [PID: 1888 / SYSTEM][C:\Program Files\LENOVO\VIRTSCRL\lvvsst.exe] [Lenovo Group Limited, 1.00] [PID: 1916 / SYSTEM][C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe] [Intel Corporation, 6.0.0.1184] [PID: 724 / LOCAL SERVICE][C:\Windows\system32\WUDFHost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 3548 / SYSTEM][C:\Windows\system32\SearchIndexer.exe] [(Verified) Microsoft Corporation, 7.00.7600.16385 (win7_rtm.090713-1255)] [PID: 3832 / LOCAL SERVICE][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 2728 / SYSTEM][C:\Windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1580 / SYSTEM][C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\UNS.exe] [Intel Corporation, 6.0.0.1184] [C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll] [Intel Corporation, 3.0.0.1] [C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll] [Apache Software Foundation, 2, 7, 0] [C:\Program Files\Intel\Intel(R) Management Engine Components\UNS\DTMessageLib.dll] [Intel Corporation, 6.0.0.0] [PID: 3676 / SYSTEM][C:\Windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1952 / SYSTEM][C:\Windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 3280 / SYSTEM][C:\Windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 2928 / SYSTEM][C:\Windows\system32\atieclxx.exe] [AMD, 6.14.11.1033] [C:\Windows\system32\atiadlxx.dll] [Advanced Micro Devices, Inc., 6.14.10.1050] [PID: 2044 / Administrator][C:\Windows\system32\taskhost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 2028 / SYSTEM][C:\PROGRA~1\LENOVO\VIRTSCRL\virtscrl.exe] [Lenovo Group Limited, 1.00] [PID: 2688 / SYSTEM][C:\Windows\system32\taskeng.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 660 / Administrator][C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.exe] [Lenovo Group Limited, 1.11] [C:\PROGRA~1\Lenovo\HOTKEY\tpnumlkd.dll] [Lenovo Group Limited, 1.01] [PID: 3308 / Administrator][C:\Windows\system32\Dwm.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [C:\Windows\system32\atidxx32.dll] [ATI Technologies Inc. , 8.15.10.0212] [PID: 2864 / Administrator][C:\Windows\Explorer.EXE] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 120] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 20] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 16] [C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL] [Lenovo Group Limited, 1, 0, 0, 0] [C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\PROGRA~1\ThinkPad\UTILIT~1\SC\PWMRT32V.DLL] [N/A, ] [C:\PROGRA~1\ThinkPad\UTILIT~1\PWMIF32V.DLL] [Lenovo Group Limited, 1, 0, 0, 0] [C:\Program Files\Lenovo\HOTKEY\hkvolkey.DLL] [Lenovo Group Limited, 1.01] [C:\Windows\system32\FXSAPI.dll] [Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [C:\Windows\system32\fms.dll] [Windows (R) Codename Longhorn DDK provider, 1.0001.6000.16384] [PID: 1872 / SYSTEM][C:\Program Files\Beike\Beike Scan\beikescan.exe] [贝壳网际(北京)安全技术有限公司, 2010.8.17.400] [PID: 2368 / Administrator][C:\Program Files\Common Files\Java\Java Update\jusched.exe] [Sun Microsystems, Inc., 2.0.2.4] [PID: 1724 / Administrator][C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe] [Microsoft Corporation, 12.0.4518.1014] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [PID: 3852 / Administrator][C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.exe] [Lenovo Group Limited, 1.20] [C:\Program Files\Lenovo\HOTKEY\TPOSDSVC.dll] [Lenovo Group Limited, 1.01] [C:\Program Files\Lenovo\HOTKEY\hkvolkey.DLL] [Lenovo Group Limited, 1.01] [C:\Program Files\Lenovo\HOTKEY\tplhmm.dll] [Lenovo Group Limited, 1.03] [PID: 3660 / Administrator][C:\Program Files\Synaptics\SynTP\SynTPEnh.exe] [Synaptics Incorporated, 15.0.18 22Apr10] [C:\Windows\system32\SynCOM.dll] [Synaptics Incorporated, 15.0.18 22Apr10] [C:\Windows\system32\SynTPAPI.dll] [Synaptics Incorporated, 15.0.18 22Apr10] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 2332 / Administrator][C:\Windows\System32\rundll32.exe] [Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [C:\PROGRA~1\ThinkPad\UTILIT~1\PWMTR32V.DLL] [Lenovo Group Limited, 1, 0, 0, 0] [C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\PROGRA~1\ThinkPad\UTILIT~1\SC\PWMRT32V.DLL] [N/A, ] [C:\PROGRA~1\ThinkPad\UTILIT~1\PWMIF32V.DLL] [Lenovo Group Limited, 1, 0, 0, 0] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\PROGRA~1\ThinkPad\UTILIT~1\ATM.DLL] [Lenovo Japan, 1, 3, 4, 0] [PID: 2984 / Administrator][C:\Program Files\GridService\peer.exe] [FS2YOU, 2, 1, 10, 8366] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 3156 / Administrator][C:\Program Files\Lenovo\HOTKEY\TPONSCR.exe] [Lenovo Group Limited, 6.01] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 1260 / Administrator][C:\Program Files\Rising\AntiSpyware\RSTray.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.32] [C:\Program Files\Rising\AntiSpyware\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\Rising\AntiSpyware\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\AntiSpyware\ComServ.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.33] [C:\Program Files\Rising\AntiSpyware\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\AntiSpyware\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Rising\AntiSpyware\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Rising\AntiSpyware\rscommon.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.1.1] [C:\Program Files\Rising\AntiSpyware\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\AntiSpyware\rsxml1.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [C:\Program Files\Rising\AntiSpyware\pngdll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [C:\Program Files\Rising\AntiSpyware\runiep.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.78] [C:\Program Files\Rising\AntiSpyware\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11] [C:\Program Files\Rising\AntiSpyware\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [C:\Program Files\Rising\AntiSpyware\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [PID: 3036 / Administrator][C:\Program Files\Synaptics\SynTP\SynTPHelper.exe] [Synaptics Incorporated, 15.0.18 22Apr10] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 2396 / SYSTEM][C:\Windows\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 2964 / Administrator][C:\Program Files\Synaptics\SynTP\SynTPLpr.exe] [Synaptics Incorporated, 15.0.18 22Apr10] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Windows\system32\SynCOM.dll] [Synaptics Incorporated, 15.0.18 22Apr10] [PID: 2652 / NETWORK SERVICE][C:\Program Files\Windows Media Player\wmpnetwk.exe] [Microsoft Corporation, 12.0.7600.16385 (win7_rtm.090713-1255)] [PID: 3424 / Administrator][C:\Progra~1\Intern~1\iexplore.exe] [Microsoft Corporation, 8.00.7600.16385 (win7_rtm.090713-1255)] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 2536 / Administrator][C:\Progra~1\Intern~1\iexplore.exe] [Microsoft Corporation, 8.00.7600.16385 (win7_rtm.090713-1255)] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll] [Thunder Networking Technologies,LTD, 1.0.5.34] [C:\Windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\Windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll] [Adobe Systems Incorporated, 9.3.0.148] [C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 9.3.0.148] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll] [Thunder Networking Technologies,LTD, 5, 0, 8, 120] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 20] [C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 16] [C:\Windows\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [C:\Program Files\Rising\AntiSpyware\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.21] [C:\Program Files\Java\jre6\bin\jp2ssv.dll] [Sun Microsystems, Inc., 6.0.210.7] [PID: 2836 / SYSTEM][C:\Windows\system32\svslct.exe] [N/A, ] [PID: 3028 / Administrator][C:\Program Files\Rising\Ris\rstray.exe] [Beijing Rising Information Technology Co., Ltd., 22.0.0.11] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\Rising\Ris\comserv.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.15] [C:\Program Files\Rising\Ris\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [C:\Program Files\Rising\Ris\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [C:\Program Files\Rising\Ris\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [C:\Program Files\Rising\Ris\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\rsxml.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\Ris\ScanEvnt.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.3] [C:\Program Files\Rising\Ris\rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57] [C:\Program Files\Rising\Ris\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\Program Files\Rising\Ris\rspalvd.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.7] [C:\Program Files\Rising\Ris\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [C:\Program Files\Rising\Ris\ravbintl.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] [C:\Program Files\Rising\Ris\MonTray.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.74] [C:\Program Files\Rising\Ris\RavITray.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Ris\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [C:\Program Files\Rising\Ris\scanleak.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] [C:\Program Files\Rising\Ris\ravppops.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] [C:\Program Files\Rising\Ris\RSAPPMGR.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Ris\CfgDll.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [C:\Program Files\Rising\Ris\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [C:\Program Files\Rising\Ris\ScanPrxy.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [PID: 3592 / Administrator][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.9.2.10] [C:\Program Files\Mozilla Firefox\xul.dll] [Mozilla Foundation, 1.9.2.10] [C:\Program Files\Mozilla Firefox\sqlite3.dll] [sqlite.org, 3.6.22] [C:\Program Files\Mozilla Firefox\MOZCRT19.dll] [Mozilla Foundation, 8.00.0000] [C:\Program Files\Mozilla Firefox\js3250.dll] [N/A, ] [C:\Program Files\Mozilla Firefox\nspr4.dll] [Mozilla Foundation, 4.8.6] [C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.12.7.0 Basic ECC] [C:\Program Files\Mozilla Firefox\nss3.dll] [Mozilla Foundation, 3.12.7.0 Basic ECC] [C:\Program Files\Mozilla Firefox\nssutil3.dll] [Mozilla Foundation, 3.12.7.0] [C:\Program Files\Mozilla Firefox\plc4.dll] [Mozilla Foundation, 4.8.6] [C:\Program Files\Mozilla Firefox\plds4.dll] [Mozilla Foundation, 4.8.6] [C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.12.7.0 Basic ECC] [C:\Program Files\Mozilla Firefox\MOZCPP19.dll] [Mozilla Foundation, 8.00.0000] [C:\Program Files\Mozilla Firefox\xpcom.dll] [Mozilla Foundation, 1.9.2.10] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\Mozilla Firefox\components\browserdirprovider.dll] [Mozilla Foundation, 1.9.2.10] [C:\Program Files\Mozilla Firefox\components\brwsrcmp.dll] [Mozilla Foundation, 1.9.2.10] [C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.12.7.0 Basic ECC] [C:\Program Files\Mozilla Firefox\nssdbm3.dll] [Mozilla Foundation, 3.12.7.0 Basic ECC] [C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.12.7.0 Basic ECC] [C:\Program Files\Mozilla Firefox\nssckbi.dll] [Mozilla Foundation, 1.79] [C:\Program Files\Lenovo\HOTKEY\hkvolkey.DLL] [Lenovo Group Limited, 1.01] [PID: 2192 / Administrator][F:\aa\SREngLdr.EXE] [Smallfrogs Studio, 2.8.2.1321] [PID: 3968 / Administrator][F:\aa\SREa1d7d0b4.EXE] [Smallfrogs Studio, 2.8.2.1321] [C:\Program Files\Rising\AntiSpyware\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [F:\aa\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] [C:\Program Files\Lenovo\HOTKEY\hkvolkey.DLL] [Lenovo Group Limited, 1.01] ================================== 文件关联 .TXT Error. [C:\Windows\notepad.exe %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["%SystemRoot%\hh.exe" %1] .HLP OK. [%SystemRoot%\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*] .JS Error. ["C:\Program Files\Macromedia\Dreamweaver MX 2004\Dreamweaver.exe" "%1"] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 N/A ================================== 进程特权扫描 N/A ================================== 计划任务 [已启用] \\PCDEventLauncher "C:\Program Files\PC-Doctor\sessionchecker.exe" [已禁用] \\PCDoctorBackgroundMonitorTask C:\Program Files\PC-Doctor\uaclauncher.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently [已启用] \\PMTask C:\PROGRA~1\ThinkPad\UTILIT~1\PwmIdTsv.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently [已启用] \\RunAsStdUser Task25579 C:\Program Files\Rising\Ris\RsConfig.exe -backgroundmon scripts\backgroundmon.xml -st PCDoctorBackgroundMonitorTask --ignoresecondarysplash --runsilently [已启用] \\SystemToolsDailyTest C:\Program Files\PC-Doctor\pcdrcui.exe -silentenumeration [已启用] \\{3741B7A2-6890-420B-BEBB-533C52A9CA4C} C:\Windows\system32\pcalua.exe -a F:\share\Oracle\10G_10203\Disk1\setup.exe -d F:\share\Oracle\10G_10203\Disk1 [已启用] \\贝壳木马专杀每日定时扫描任务 C:\Program Files\Beike\Beike Scan\beikescan.exe -ts:daily [已启用] \\贝壳木马专杀登录扫描任务 C:\Program Files\Beike\Beike Scan\beikescan.exe -ts:logon [已禁用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) N/A [已启用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) N/A [已禁用] \Microsoft\Windows\AppID\PolicyConverter %windir%\system32\appidpolicyconverter.exe [已禁用] \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck %windir%\system32\appidcertstorecheck.exe [已启用] \Microsoft\Windows\Application Experience\AitAgent aitagent [已启用] \Microsoft\Windows\Application Experience\ProgramDataUpdater %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [已启用] \Microsoft\Windows\Autochk\Proxy %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask BthUdTask.exe $(Arg0) [已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask N/A [已启用] \Microsoft\Windows\CertificateServicesClient\UserTask N/A [已禁用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam N/A [已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator %SystemRoot%\System32\wsqmcons.exe [已启用] \Microsoft\Windows\Defrag\ScheduledDefrag %windir%\system32\defrag.exe -c [已启用] \Microsoft\Windows\Location\Notifications %windir%\System32\LocationNotifications.exe [已启用] \Microsoft\Windows\Maintenance\WinSAT N/A [已启用] \Microsoft\Windows\Media Center\ActivateWindowsSearch %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [已启用] \Microsoft\Windows\Media Center\ConfigureInternetTimeService %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [已启用] \Microsoft\Windows\Media Center\DispatchRecoveryTasks %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [已启用] \Microsoft\Windows\Media Center\ehDRMInit %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [已启用] \Microsoft\Windows\Media Center\InstallPlayReady %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [已启用] \Microsoft\Windows\Media Center\mcupdate %SystemRoot%\ehome\mcupdate $(Arg0) [已启用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [已启用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [已启用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [已启用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [已启用] \Microsoft\Windows\Media Center\OCURActivate %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [已启用] \Microsoft\Windows\Media Center\OCURDiscovery %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [已启用] \Microsoft\Windows\Media Center\PBDADiscovery %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [已启用] \Microsoft\Windows\Media Center\PBDADiscoveryW1 %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [已启用] \Microsoft\Windows\Media Center\PBDADiscoveryW2 %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [已禁用] \Microsoft\Windows\Media Center\PeriodicScanRetry %windir%\ehome\MCUpdate.exe -pscn 0 [已启用] \Microsoft\Windows\Media Center\PvrRecoveryTask %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [已启用] \Microsoft\Windows\Media Center\PvrRecoveryTask %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [已启用] \Microsoft\Windows\Media Center\PvrScheduleTask %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [已启用] \Microsoft\Windows\Media Center\PvrScheduleTask %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [已禁用] \Microsoft\Windows\Media Center\RecordingRestart %SystemRoot%\ehome\ehrec /RestartRecording [已启用] \Microsoft\Windows\Media Center\RegisterSearch %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [已启用] \Microsoft\Windows\Media Center\ReindexSearchRoot %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [已启用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [已启用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [已启用] \Microsoft\Windows\Media Center\UpdateRecordPath %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [已启用] \Microsoft\Windows\MobilePC\HotStart N/A [已启用] \Microsoft\Windows\MUI\LPRemove %windir%\system32\lpremove.exe [已启用] \Microsoft\Windows\Multimedia\SystemSoundsService N/A [已启用] \Microsoft\Windows\NetTrace\GatherNetworkInfo %windir%\system32\gatherNetworkInfo.vbs [已禁用] \Microsoft\Windows\Offline Files\Background Synchronization N/A [已禁用] \Microsoft\Windows\Offline Files\Logon Synchronization N/A [已启用] \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem %SystemRoot%\System32\powercfg.exe -energy -auto [已启用] \Microsoft\Windows\Ras\MobilityManager N/A [已禁用] \Microsoft\Windows\SideShow\AutoWake N/A [已启用] \Microsoft\Windows\SideShow\GadgetManager N/A [已禁用] \Microsoft\Windows\SideShow\SessionAgent N/A [已禁用] \Microsoft\Windows\SideShow\SystemDataProviders N/A [已启用] \Microsoft\Windows\SystemRestore\SR %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1 %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2 %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [已启用] \Microsoft\Windows\Time Synchronization\SynchronizeTime %windir%\system32\sc.exe start w32time task_started [已启用] \Microsoft\Windows\UPnP\UPnPHostConfig sc.exe config upnphost start= auto [已禁用] \Microsoft\Windows\User Profile Service\HiveUploadTask N/A [已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting %windir%\system32\wermgr.exe -queuereporting [已启用] \Microsoft\Windows\Windows Media Sharing\UpdateLibrary "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [已启用] \Microsoft\Windows\WindowsBackup\ConfigNotification %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [已禁用] \Microsoft\Windows\WindowsColorSystem\Calibration Loader N/A ================================== Windows 安全更新检查 KB972813, 西班牙语语言包 - Windows 7 (KB972813) KB972813, 希腊语语言包 - Windows 7 (KB972813) KB972813, 立陶宛语语言包 - Windows 7 (KB972813) KB972813, 阿拉伯语语言包 - Windows 7 (KB972813) KB972813, 瑞典语语言包 - Windows 7 (KB972813) KB972813, 德语语言包 - Windows 7 (KB972813) KB972813, 斯洛伐克语语言包 - Windows 7 (KB972813) KB972813, 乌克兰语语言包 - Windows 7 (KB972813) KB972813, 繁体中文语言包 - Windows 7 (KB972813) KB972813, 挪威语语言包 - Windows 7 (KB972813) KB972813, 爱沙尼亚语语言包 - Windows 7 (KB972813) KB972813, 捷克语语言包 - Windows 7 (KB972813) KB972813, 斯洛文尼亚语语言包 - Windows 7 (KB972813) KB972813, 日语语言包 - Windows 7 (KB972813) KB972813, 法语语言包 - Windows 7 (KB972813) KB972813, 英语语言包 - Windows 7 (KB972813) KB972813, 罗马尼亚语语言包 - Windows 7 (KB972813) KB972813, 波兰语语言包 - Windows 7 (KB972813) KB972813, 泰语语言包 - Windows 7 (KB972813) KB972813, 保加利亚语语言包 - Windows 7 (KB972813) KB972813, 俄语语言包 - Windows 7 (KB972813) KB972813, 克罗地亚语语言包 - Windows 7 (KB972813) KB972813, 塞尔维亚语(拉丁语)语言包 - Windows 7 (KB972813) KB972813, 葡萄牙语(葡萄牙)语言包 - Windows 7 (KB972813) KB972813, 朝鲜语语言包 - Windows 7 (KB972813) KB972813, 意大利语语言包 - Windows 7 (KB972813) KB972813, 匈牙利语语言包 - Windows 7 (KB972813) KB972813, 土耳其语语言包 - Windows 7 (KB972813) KB972813, 丹麦语语言包 - Windows 7 (KB972813) KB972813, 芬兰语语言包 - Windows 7 (KB972813) KB972813, 拉脱维亚语语言包 - Windows 7 (KB972813) KB972813, 希伯来语语言包 - Windows 7 (KB972813) KB972813, 荷兰语语言包 - Windows 7 (KB972813) KB972813, 葡萄牙语(巴西)语言包 - Windows 7 (KB972813) KB976422, Windows 7 更新程序 (KB976422) ================================== API HOOK N/A ================================== 隐藏进程 N/A ================================== [/CODE]