[CODE] 2011-03-22,13:33:30 System Repair Engineer 2.8.4.1331 Smallfrogs (http://www.KZTechs.com) Windows 7 Ultimate Edition Service Pack 1 (Build 7601) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描计划任务 Windows 安全更新检查 API HOOK 隐藏进程启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)NVIDIA Corporation] <"C:\Program Files\KSafe\KSafeTray.exe" -autorun> [(Verified)Kingsoft Security Co.,Ltd] <"D:\Program Files\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Corporation Limited] <"C:\Program Files\Rising\RFW\RSTRAY.EXE" -system> [(Verified)Beijing Rising Information Technology Corporation Limited] <"d:\Program Files\Rising\RAV\RSTRAY.EXE" -system> [(Verified)Beijing Rising Information Technology Corporation Limited] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] [(Verified)Microsoft Windows Hardware Compatibility Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] <%SystemRoot%\system32\unregmp2.exe /ShowWMP> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] <"C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] <%SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI> [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] [(Verified)Microsoft Windows] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] [(Verified)Microsoft Corporation] [HKEY_CURRENT_USER\Control Panel\Desktop] [(Verified)SHANGHAI ZHONGYUAN NETWORKS LIMITED] ================================== 启动文件夹 N/A ================================== 服务 [Baidu Updater / BaiduUpdater][Stopped/Manual Start] [Bluetooth Service / btwdins][Running/Auto Start] [EgisTec Data Security Service / EgisTec Data Security Service][Running/Auto Start] <"C:\Program Files\EgisTec BioExcess\EgisDSService.exe"> [EgisTec Service / EgisTec Service][Running/Auto Start] <"C:\Program Files\EgisTec BioExcess\EgisService.exe"> [IGRS / IGRS][Running/Auto Start] <"C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe"><联想集团有限公司> [Kingsoft Antivirus WebShield Service / Kingsoft Antivirus WebShield Service][Running/Auto Start] [Kingsoft Rescue Service / Kingsoft Rescue Service][Running/Auto Start] <> [KSafe service / KSafeSvc][Running/Auto Start] <"C:\Program Files\KSafe\KSafeSvc.exe" -svc> [Lenovo ReadyComm AppSvc / Lenovo ReadyComm AppSvc][Stopped/Manual Start] <"C:\Program Files\Lenovo\ReadyComm\AppSvc.exe"> [Lenovo ReadyComm ConnSvc / Lenovo ReadyComm ConnSvc][Stopped/Manual Start] <"C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe"> [LenovoVdiskService / LenovoVdiskService][Running/Auto Start] [NVIDIA Driver Helper Service / NVSvc][Running/Auto Start] [PnkBstrA / PnkBstrA][Running/Auto Start] [Protexis Licensing V2 / PSI_SVC_2][Running/Auto Start] <"C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe"> [Remote Packet Capture Protocol v.0 (experimental) / rpcapd][Stopped/Manual Start] <"C:\Program Files\WinPcap\rpcapd.exe" -d -f "C:\Program Files\WinPcap\rpcapd.ini"> [Rsd Service / RsMgrSvc][Running/Auto Start] <"C:\Program Files\Rising\RSD\RsMgrSvc.exe"> [Rav Service / RsRavMon][Running/Auto Start] <"d:\Program Files\Rising\RAV\RavMonD.exe"> [RFW Service / RsRFWMon][Running/Auto Start] <"C:\Program Files\Rising\RFW\RavMonD.exe"> [SGSvr / SGSvr][Running/Auto Start] <> [SwitchBoard / SwitchBoard][Stopped/Manual Start] <"C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"> [IdeaPad HDD APS Logging Service / TPHDEXLGSVC][Running/Auto Start] <(File is missing)> [XLDoctor Services / XLDoctor Services][Running/Auto Start] <深圳市迅雷网络技术有限公司> ================================== 驱动程序 [Lenovo Virtual Power Controller Driver / ACPIVPC][Running/Manual Start] [adp94xx / adp94xx][Stopped/Manual Start] <\SystemRoot\system32\drivers\adp94xx.sys> [adpahci / adpahci][Stopped/Manual Start] <\SystemRoot\system32\drivers\adpahci.sys> [adpu320 / adpu320][Stopped/Manual Start] <\SystemRoot\system32\drivers\adpu320.sys> [ahcix86s / ahcix86s][Stopped/Manual Start] <\SystemRoot\system32\drivers\ahcix86s.sys> [aic78xx / aic78xx][Stopped/Manual Start] <\SystemRoot\system32\drivers\djsvs.sys> [aliide / aliide][Stopped/Manual Start] <\SystemRoot\system32\drivers\aliide.sys> [amdsata / amdsata][Stopped/Manual Start] <\SystemRoot\system32\drivers\amdsata.sys> [amdsbs / amdsbs][Stopped/Manual Start] <\SystemRoot\system32\drivers\amdsbs.sys> [amdxata / amdxata][Running/Boot Start] <\SystemRoot\system32\drivers\amdxata.sys> [arc / arc][Stopped/Manual Start] <\SystemRoot\system32\drivers\arc.sys> [arcsas / arcsas][Stopped/Manual Start] <\SystemRoot\system32\drivers\arcsas.sys> [Broadcom NetXtreme II VBD / b06bdrv][Stopped/Manual Start] <\SystemRoot\system32\drivers\bxvbdx.sys> [Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0 / b57nd60x][Stopped/Manual Start] [Broadcom 802.11 网络适配器驱动程序 / BCM43XX][Stopped/Manual Start] [Brother USB Mass-Storage Lower Filter Driver / BrFiltLo][Stopped/Manual Start] <\SystemRoot\system32\drivers\BrFiltLo.sys> [Brother USB Mass-Storage Upper Filter Driver / BrFiltUp][Stopped/Manual Start] <\SystemRoot\system32\drivers\BrFiltUp.sys> [Bridge0 / Bridge0][Stopped/Manual Start] [Brother MFC Serial Port Interface Driver (WDM) / Brserid][Stopped/Manual Start] <\SystemRoot\System32\Drivers\Brserid.sys> [Brother WDM Serial driver / BrSerWdm][Stopped/Manual Start] <\SystemRoot\System32\Drivers\BrSerWdm.sys> [Brother MFC USB Fax Only Modem / BrUsbMdm][Stopped/Manual Start] <\SystemRoot\System32\Drivers\BrUsbMdm.sys> [Brother MFC USB Serial WDM Driver / BrUsbSer][Stopped/Manual Start] <\SystemRoot\System32\Drivers\BrUsbSer.sys> [Bluetooth USB Filter / btusbflt][Stopped/Manual Start] [蓝牙音频设备 / btwaudio][Stopped/Manual Start] [Bluetooth AVDT / btwavdt][Stopped/Manual Start] [Bluetooth L2CAP Service / btwl2cap][Stopped/Manual Start] [btwrchid / btwrchid][Stopped/Manual Start] [cmdide / cmdide][Stopped/Manual Start] <\SystemRoot\system32\drivers\cmdide.sys> [Intel(R) PRO/1000 NDIS 6 Adapter Driver / E1G60][Stopped/Manual Start] [Broadcom NetXtreme II 10 GigE VBD / ebdrv][Stopped/Manual Start] <\SystemRoot\system32\drivers\evbdx.sys> [elxstor / elxstor][Stopped/Manual Start] <\SystemRoot\system32\drivers\elxstor.sys> [EgisTec-Corp Fingerprint Reader Driver (FPSensor.sys) / FPSensor][Running/Auto Start] [Hauppauge Consumer Infrared Receiver / hcw85cir][Stopped/Manual Start] <\SystemRoot\system32\drivers\hcw85cir.sys> [Intel(R) Management Engine Interface / HECI][Running/Manual Start] [hooksys / hooksys][Running/System Start] <\??\C:\windows\system32\drivers\Hooksys.sys> [HookTdi / HookTdi][Running/System Start] <\??\C:\windows\system32\drivers\HookTdi.sys> [HpSAMD / HpSAMD][Stopped/Manual Start] <\SystemRoot\system32\drivers\HpSAMD.sys> [HyperVM / HyperVM][Running/System Start] <\??\C:\windows\system32\drivers\hvm.sys> [Supplicant Helper / IAmt][Running/Manual Start] [Intel AHCI Controller / iaStor][Running/Boot Start] <\SystemRoot\system32\drivers\iaStor.sys> [iaStorV / iaStorV][Stopped/Manual Start] <\SystemRoot\system32\drivers\iaStorV.sys> [igfx / igfx][Stopped/Manual Start] [iirsp / iirsp][Stopped/Manual Start] <\SystemRoot\system32\drivers\iirsp.sys> [Impcd / Impcd][Running/Manual Start] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Stopped/Manual Start] [Keyboard Filter / kbfiltr][Running/Manual Start] <> [kmodurl / kmodurl][Running/System Start] <\??\C:\Program Files\KSafe\kmodurl.sys> [krpr / krpr][Stopped/Manual Start] <\??\C:\windows\system32\Drivers\krpr.sys> [NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller (NDIS 6.20) / L1C][Running/Manual Start] [LSI_FC / LSI_FC][Stopped/Manual Start] <\SystemRoot\system32\drivers\lsi_fc.sys> [LSI_SAS / LSI_SAS][Stopped/Manual Start] <\SystemRoot\system32\drivers\lsi_sas.sys> [LSI_SAS2 / LSI_SAS2][Stopped/Manual Start] <\SystemRoot\system32\drivers\lsi_sas2.sys> [LSI_SCSI / LSI_SCSI][Stopped/Manual Start] <\SystemRoot\system32\drivers\lsi_scsi.sys> [megasas / megasas][Stopped/Manual Start] <\SystemRoot\system32\drivers\megasas.sys> [MegaSR / MegaSR][Stopped/Manual Start] <\SystemRoot\system32\drivers\MegaSR.sys> [mwlPSDFilter / mwlPSDFilter][Running/System Start] [mwlPSDNServ / mwlPSDNServ][Running/System Start] [mwlPSDVDisk / mwlPSDVDisk][Running/System Start] [nfrd960 / nfrd960][Stopped/Manual Start] <\SystemRoot\system32\drivers\nfrd960.sys> [NetGroup Packet Filter Driver / NPF][Running/Auto Start] [Service for NVIDIA High Definition Audio Driver / NVHDA][Running/Manual Start] [nvlddmkm / nvlddmkm][Running/Manual Start] [nvraid / nvraid][Running/Boot Start] <\SystemRoot\system32\drivers\nvraid.sys> [nvrd32 / nvrd32][Stopped/Manual Start] <\SystemRoot\system32\drivers\nvrd32.sys> [nvstor / nvstor][Stopped/Manual Start] <\SystemRoot\system32\drivers\nvstor.sys> [nvstor32 / nvstor32][Stopped/Manual Start] <\SystemRoot\system32\drivers\nvstor32.sys> [ql2300 / ql2300][Stopped/Manual Start] <\SystemRoot\system32\drivers\ql2300.sys> [ql40xx / ql40xx][Stopped/Manual Start] <\SystemRoot\system32\drivers\ql40xx.sys> [Rising RfwARP Driver / RFWARP][Running/Auto Start] [Rising RfwNdis Driver / RFWNDIS][Running/System Start] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\RFW\rfwtdi.sys> [rsfwdrv / rsfwdrv][Running/Auto Start] <\??\C:\Program Files\Rising\RFW\rsfwdrv.sys> [RtsUStor.Sys Realtek USB Card Reader / RSUSBSTOR][Stopped/Manual Start] [串行端口驱动程序 / Serial][Stopped/Manual Start] <\SystemRoot\system32\drivers\serial.sys> [Shockprf / Shockprf][Running/Boot Start] <\SystemRoot\System32\DRIVERS\Apsx86.sys> [SiSRaid2 / SiSRaid2][Stopped/Manual Start] <\SystemRoot\system32\drivers\SiSRaid2.sys> [SiSRaid4 / SiSRaid4][Stopped/Manual Start] <\SystemRoot\system32\drivers\sisraid4.sys> [stexstor / stexstor][Stopped/Manual Start] <\SystemRoot\system32\drivers\stexstor.sys> [tcphoc / tcphoc][Running/Manual Start] <\??\D:\xulei\XLDoctor\7.1.6.2194_1\Program\tcphoc.sys> [TPDIGIMN / TPDIGIMN][Running/Boot Start] <\SystemRoot\System32\DRIVERS\ApsHM86.sys> [VGPU / VGPU][Stopped/Manual Start] [viaide / viaide][Stopped/Manual Start] <\SystemRoot\system32\drivers\viaide.sys> [Digital Camera 1 / vm331avs][Running/Manual Start] [vsmraid / vsmraid][Stopped/Manual Start] <\SystemRoot\system32\drivers\vsmraid.sys> [wdmirror / wdmirror][Running/Manual Start] [wsvd / wsvd][Stopped/Manual Start] ================================== 浏览器加载项 [迅雷FLV视频嗅探及下载支持] {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} [IEPwdBankBHO Class] {56CBB761-DA41-4E31-B270-B13B4B0A61D0} [Baidu Toolbar BHO] {77FEF28E-EB96-44FF-B511-3185DEA48697} [迅雷下载支持] {889D2FEB-5411-4565-8998-1DD2C5261283} [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [Java Plug-in 1.5.0_05] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [信息检索(&R)] {92780B25-18CC-41C8-B9BE-3C9C571A8263} [@C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015] {CCA281CA-C863-46ef-9331-5C8D4460577F} <, > [Baidu Toolbar] {B580CF65-E151-49C3-B73F-70B13FCA8E86} [Java Plug-in 1.5.0_05] {8AD9C840-044E-11D1-B3E9-00805F499D93} [Lenovo Update Control] {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} [Rising Online Antivirus scanner control] {9FAFB576-6933-4CCC-AB3D-B988EC43D04E} <%ProgramFiles%\Rising\RavOL\RavOLCtl.dll, (Signed) N/A> [SNReader Control] {A539A34D-10E1-4863-945E-44421527C4D3} [Java Plug-in 1.5.0_05] {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} [] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, > [迅雷FLV视频嗅探及下载支持] {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} [Player Class] {11F2A418-94B2-4e16-9B0C-B00C0435F903} [] {162AF25B-5A2A-448E-A842-194653EF3E05} <, > [InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} [XML DOM Document] {2933BF90-7B36-11D2-B20E-00C04F983E60} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [IEPwdBankBHO Class] {56CBB761-DA41-4E31-B270-B13B4B0A61D0} [QQLiveOcx Class] {5EF7B131-C278-4034-BC88-2CE28B128681} [迅雷发行IE支持] {5FFF24BC-DC02-4808-B4E0-A8E2C93FE407} [QQLiveFile Class] {6B232760-90F1-41c3-9902-C8552C1D8A72} [Baidu Toolbar BHO] {77FEF28E-EB96-44FF-B511-3185DEA48697} [XunleiBHO Class] {802F530B-A8F6-4631-AE49-6BACAAC6373E} [迅雷下载支持] {889D2FEB-5411-4565-8998-1DD2C5261283} [] {92780B25-18CC-41C8-B9BE-3C9C571A8263} <, > [] {95B3F550-91C4-4627-BCC4-521288C52977} <, > [OFrameObject Class] {9701758C-4373-482E-B13C-776C048EC890} [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [Lenovo Update Control] {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} [VersionDetector Class] {9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B} [Rising Online Antivirus scanner control] {9FAFB576-6933-4CCC-AB3D-B988EC43D04E} <%ProgramFiles%\Rising\RavOL\RavOLCtl.dll, (Signed) N/A> [SNReader Control] {A539A34D-10E1-4863-945E-44421527C4D3} [APlayer Control] {A9322148-C691-4B9D-91FC-B9C461DBE9DD} [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [Baidu Toolbar] {B580CF65-E151-49C3-B73F-70B13FCA8E86} [FTNUpload Class] {BDEACC50-F56D-4D60-860F-CF6ED1766D65} [] {CCA281CA-C863-46EF-9331-5C8D4460577F} <, > [Microsoft Url Search Hook] {CFBFAE00-17A6-11D0-99CB-00C04FD64497} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [QQLive Class] {D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62} [xoliimpl Class] {DD5BF6D1-6663-47E0-9DFA-5C343CAF178E} [PlayerCtrl Class] {E05BC2A3-9A46-4a32-80C9-023A473F5B23} [TimwpDll.TimwpCheck] {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} [XML HTTP Request] {ED8C108E-4349-11D2-91A4-00C04F7969E8} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [] {EF0D1A14-1033-41A2-A589-240C01EDC078} <, > [] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, > [XML HTTP] {F6D90F16-9C73-11D3-B32E-00C04F990BB4} <%SystemRoot%\System32\msxml3.dll, (Signed) N/A> [QQLiveOcxShell Class] {F7E55BDF-9528-46ba-B550-777859627591} [使用迅雷下载] [使用迅雷下载全部链接] [图像发送到 Bluetooth 设备(&B)...] [导出到 Microsoft Excel(&X)] [导出到 Microsoft Office Excel(&X)] [页面发送到 Bluetooth 设备(&B)...] ================================== 正在运行的进程 [PID: 312 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 452 / SYSTEM][C:\windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 504 / SYSTEM][C:\windows\system32\csrss.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 512 / SYSTEM][C:\windows\system32\wininit.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 564 / SYSTEM][C:\windows\system32\services.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 572 / SYSTEM][C:\windows\system32\lsass.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [C:\Program Files\EgisTec BioExcess\EgisPwdFilter.DLL] [Egis Technology Inc. , 7, 0, 0, 27] [C:\Program Files\EgisTec BioExcess\EgisUtility.dll] [Egis Technology Inc. , 7, 0, 0, 63] [C:\Program Files\EgisTec BioExcess\CryptoAPI.dll] [Egis Technology Inc., 3, 1, 66, 32] [C:\Program Files\EgisTec BioExcess\EgisDSPwdFilter.DLL] [Egis Technology Inc. , 7, 0, 0, 15] [PID: 596 / SYSTEM][C:\windows\system32\winlogon.exe] [(Verified) Microsoft Corporation, 6.1.7601.17514 (win7sp1_rtm.101119-1850)] [PID: 612 / SYSTEM][C:\windows\system32\lsm.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 732 / SYSTEM][C:\windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 792 / SYSTEM][C:\windows\system32\nvvsvc.exe] [NVIDIA Corporation, 8.16.11.9216] [PID: 836 / NETWORK SERVICE][C:\windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 912 / SYSTEM][C:\Program Files\Rising\RSD\RsMgrSvc.exe] [Beijing Rising Information Technology Co., Ltd., 1.0.0.22] [C:\Program Files\Rising\RSD\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [C:\Program Files\Rising\RSD\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [PID: 992 / SYSTEM][C:\Program Files\Rising\RFW\RavMonD.exe] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 9] [C:\Program Files\Rising\RFW\combase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 15] [C:\Program Files\Rising\RFW\cnt09.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [C:\Program Files\Rising\RFW\MonBase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [C:\Program Files\Rising\RFW\MonComm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.3] [C:\Program Files\Rising\RFW\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [C:\Program Files\Rising\RFW\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7] [C:\Program Files\Rising\RFW\rfwrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Rising\RFW\rfwsrv.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.86] [C:\Program Files\Rising\RFW\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [C:\Program Files\Rising\RFW\mPorts.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7] [C:\Program Files\Rising\RFW\rfwdrvc.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.0] [C:\Program Files\Rising\RFW\fishweb.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 26] [C:\Program Files\Rising\RFW\rsindent.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.1.0] [C:\Program Files\Rising\RFW\taskplug.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2] [C:\Program Files\Rising\RFW\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [C:\Program Files\Rising\RFW\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [C:\Program Files\Rising\RFW\Rfwdrv.dll] [Beijing Rising Information Technology Co., Ltd., 25.0.0.5] [C:\Program Files\Rising\RFW\RfwArp.dll] [Beijing Rising Information Technology Co., Ltd., 25.0.0.1] [C:\Program Files\Rising\RFW\urlrule.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2] [C:\Program Files\Rising\RFW\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] [C:\Program Files\Rising\RFW\refs.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] [C:\Program Files\Rising\RFW\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] [C:\Program Files\Rising\RFW\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [C:\Program Files\Rising\RFW\rfwproxy.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 72] [C:\Program Files\Rising\RFW\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [C:\Program Files\Rising\RFW\fwfish.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 4] [C:\Program Files\Rising\RFW\fwcomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11] [C:\Program Files\Rising\RFW\fwfs.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5] [C:\Program Files\Rising\RFW\fwvirlib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5] [C:\Program Files\Rising\RFW\fwlibldr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] [C:\Program Files\Rising\RFW\rsstub.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [C:\Program Files\Rising\RFW\rstask.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7] [C:\Program Files\Rising\RFW\urllib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [PID: 1020 / LOCAL SERVICE][C:\windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1056 / SYSTEM][C:\windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1080 / SYSTEM][C:\windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1212 / LOCAL SERVICE][C:\windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1316 / SYSTEM][C:\Program Files\EgisTec BioExcess\EgisService.exe] [Egis Technology Inc. , 7, 0, 0, 136] [C:\Program Files\EgisTec BioExcess\LoggerUtility.dll] [Egis Technology Inc. , 1, 0, 0, 19] [C:\Program Files\EgisTec BioExcess\EgisFinger.dll] [Egis Technology Inc. , 7, 0, 0, 38] [C:\windows\system32\NBMatS1SDK.dll] [EgisTec, 6.0.42.1] [C:\Program Files\EgisTec BioExcess\EgisUtility.dll] [Egis Technology Inc. , 7, 0, 0, 63] [C:\Program Files\EgisTec BioExcess\CryptoAPI.dll] [Egis Technology Inc., 3, 1, 66, 32] [PID: 1400 / NETWORK SERVICE][C:\windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1544 / SYSTEM][C:\windows\system32\nvvsvc.exe] [NVIDIA Corporation, 8.16.11.9216] [C:\windows\system32\NVSVC.DLL] [NVIDIA Corporation, 8.16.11.9216] [C:\windows\system32\nvapi.dll] [NVIDIA Corporation, 8.16.11.9216] [C:\windows\system32\NVSVCR.DLL] [NVIDIA Corporation, 8.16.11.9216] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [PID: 1580 / SYSTEM][D:\Program Files\Kingsoft\webshield\KSWebShield.exe] [Kingsoft Corporation, 2011,01,20,66] [D:\Program Files\Kingsoft\webshield\kdump.dll] [Kingsoft Corporation, 2010,08,24,1353] [D:\Program Files\Kingsoft\webshield\kwssp.dll] [Kingsoft Corporation, 2011,01,20,66] [D:\Program Files\Kingsoft\webshield\kxebase.dll] [Kingsoft Corporation, 2009,11,20,309] [D:\Program Files\Kingsoft\webshield\scom.dll] [Kingsoft Corporation, 2009,11,20,309] [D:\Program Files\Kingsoft\webshield\kxecore\kxelog.dll] [Kingsoft Corporation, 2009,11,20,309] [D:\Program Files\Kingsoft\webshield\kxecore\kxecore.dll] [Kingsoft Corporation, 2010,5,12,402] [D:\Program Files\Kingsoft\webshield\kxecore\kxestat.dll] [Kingsoft Corporation, 2010,5,12,402] [D:\Program Files\Kingsoft\webshield\report\kinfoc.dll] [Kingsoft Corporation, 2010,05,07,677] [D:\Program Files\Kingsoft\webshield\KSE\ksecorex.dll] [Kingsoft Corporation, 2010,09,16,1206] [D:\Program Files\Kingsoft\webshield\KSE\kae\kaecore.dat] [Kingsoft Corporation, 2010,08,31,108] [D:\Program Files\Kingsoft\webshield\KSE\wfs.dll] [Kingsoft Corporation, 2010,08,23,1070] [D:\Program Files\Kingsoft\webshield\KSE\sqlite.dll] [Kingsoft Corporation, 2010,07,05,1194] [D:\Program Files\Kingsoft\webshield\KSE\ksbwdet2.dll] [Kingsoft Corporation, 2010,12,31,22] [PID: 1632 / SYSTEM][d:\Program Files\kingsoft\KSM\ksmsvc.exe] [, 2010,10,27,1479] [d:\Program Files\kingsoft\KSM\kdump.dll] [Kingsoft Corporation, 2010,10,11,1453] [d:\Program Files\kingsoft\KSM\kxestat.dll] [Kingsoft Corporation, 2009,11,20,309] [d:\Program Files\kingsoft\KSM\kxebase.dll] [Kingsoft Corporation, 2009,11,20,309] [d:\Program Files\kingsoft\KSM\scom.dll] [Kingsoft Corporation, 2009,11,20,309] [d:\Program Files\kingsoft\KSM\kxecore\kxelog.dll] [Kingsoft Corporation, 2009,11,20,309] [d:\Program Files\kingsoft\KSM\kxecore\kxecore.dll] [Kingsoft Corporation, 2010,5,12,402] [d:\Program Files\kingsoft\KSM\kxecore\kxestat.dll] [Kingsoft Corporation, 2009,11,20,309] [d:\Program Files\kingsoft\KSM\ksmcorex.dll] [Kingsoft Corporation, 2011,03,08,100] [d:\Program Files\kingsoft\KSM\ksecorex.dll] [Kingsoft Corporation, 2011,01,20,1518] [d:\Program Files\kingsoft\KSM\kae\kaecore.dat] [Kingsoft Corporation, 2010,12,28,110] [d:\Program Files\kingsoft\KSM\ksbwdet2.dll] [Kingsoft Corporation, 2011,03,01,2] [d:\Program Files\kingsoft\KSM\sqlite.dll] [N/A, ] [d:\Program Files\kingsoft\KSM\kae\karchive.dat] [Kingsoft Corporation, 2010,12,28,110] [d:\Program Files\kingsoft\KSM\kae\kaearcha.dat] [Kingsoft Corporation, 2010,12,28,110] [d:\Program Files\kingsoft\KSM\kae\kaeolea.dat] [Kingsoft Corporation, 2010,12,28,110] [d:\Program Files\kingsoft\KSM\kae\kaearchb.dat] [Kingsoft Corporation, 2010,06,30,436] [d:\Program Files\kingsoft\KSM\report\kinfoc.dll] [Kingsoft Corporation, 2010,12,13,213] [d:\Program Files\kingsoft\KSM\ksmbrfix.dll] [Kingsoft Corporation, 2010,09,13,1403] [d:\Program Files\kingsoft\KSM\ksbwsspx.dll] [Kingsoft Corporation, 2010,05,27,1072] [d:\Program Files\kingsoft\KSM\kcldrep.dll] [Kingsoft Corporation, 2010,11,24,1524] [d:\Program Files\kingsoft\KSM\kavifr.dll] [Kingsoft Corporation, 2010,05,25,74] [d:\Program Files\kingsoft\KSM\ksreng3.dll] [Kingsoft Corporation, 2011,02,17,142] [d:\Program Files\kingsoft\KSM\kplugeng.dll] [Kingsoft Corporation, 2.3.0.1188] [C:\PROGRA~1\Lenovo\Vdisk\ISHELL~1.DLL] [, 1.0.0.48] [C:\PROGRA~1\Lenovo\Vdisk\rtl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\vcl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [d:\Program Files\kingsoft\KSM\kssdet.dll] [Kingsoft Corporation, 2011,01,09,1638] [d:\Program Files\kingsoft\KSM\khandler.dll] [Kingsoft Corporation, 2010,01,28,505] [PID: 1712 / SYSTEM][C:\Program Files\KSafe\KSafeSvc.exe] [Kingsoft Corporation, 2.6.0.1347] [C:\Program Files\KSafe\kdump.dll] [Kingsoft Corporation, 2011,03,08,1746] [C:\Program Files\KSafe\kxebase.dll] [Kingsoft Corporation, 2010,5,12,402] [C:\Program Files\KSafe\scom.dll] [Kingsoft Corporation, 2010,5,12,402] [C:\Program Files\KSafe\kxecore\kxecore.dll] [Kingsoft Corporation, 2010,5,12,402] [C:\Program Files\KSafe\kse\ksbcommsp.dll] [Kingsoft Corporation, 2011,02,14,1702] [C:\Program Files\KSafe\kexectrl.dll] [Kingsoft Corporation, 2010,09,18,1422] [C:\Program Files\KSafe\kwssp.dll] [Kingsoft Corporation, 2011.03.15.1354] [C:\Program Files\KSafe\json.dll] [N/A, ] [C:\Program Files\KSafe\netstat.dll] [Kingsoft Corporation, 2.6.0.1347] [C:\Program Files\KSafe\fwproxy.dll] [Kingsoft Corporation, 2.6.0.1347] [C:\Program Files\KSafe\kse\BKReScan.dll] [Kingsoft Corporation, 2011,03,04,1740] [C:\Program Files\KSafe\kse\sqlite.dll] [Kingsoft Corporation, 2010,03,30,781] [C:\Program Files\KSafe\kse\ksbwdet2.dll] [Kingsoft Corporation, 2011,03,01,2] [C:\Program Files\KSafe\kse\ksecansp.dll] [Kingsoft Corporation, 2010,12,31,1615] [C:\Program Files\KSafe\kse\ksecorex.dll] [Kingsoft Corporation, 2011,01,20,1518] [C:\Program Files\KSafe\KEng\kae\kaecore.dat] [Kingsoft Corporation, 2010,12,16,1454] [C:\Program Files\KSafe\kse\wfs.dll] [Kingsoft Corporation, 2010,08,23,1070] [C:\Program Files\KSafe\KEng\kae\karchive.dat] [Kingsoft Corporation, 2010,12,16,1454] [C:\Program Files\KSafe\KEng\kae\kaearcha.dat] [Kingsoft Corporation, 2010,12,16,1454] [C:\Program Files\KSafe\KEng\kae\kaeolea.dat] [Kingsoft Corporation, 2010,12,16,1454] [C:\Program Files\KSafe\KEng\kae\kaearchb.dat] [Kingsoft Corporation, 2011,02,14,1540] [C:\Program Files\KSafe\KEng\kae\kaeunpak.dat] [Kingsoft Corporation, 2010,06,30,436] [C:\Program Files\KSafe\KEng\kae\kaeunpack.dat] [Kingsoft Corporation, 2010,07,18,365] [C:\Program Files\KSafe\ksscore.dll] [Kingsoft Corporation, 2011,03,08,100] [C:\Program Files\KSafe\ksreng3.dll] [Kingsoft Corporation, 2011,02,17,142] [C:\Program Files\KSafe\kcldrep.dll] [Kingsoft Corporation, 2010,11,06,47] [C:\Program Files\KSafe\kplugeng.dll] [Kingsoft Corporation, 2.6.0.1347] [C:\PROGRA~1\Lenovo\Vdisk\ISHELL~1.DLL] [, 1.0.0.48] [C:\PROGRA~1\Lenovo\Vdisk\rtl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\vcl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\Program Files\KSafe\KEng\kae\kaecoref.dat] [Kingsoft Corporation, 2010,12,16,1454] [C:\Program Files\KSafe\KEng\kae\kaecorem.dat] [Kingsoft Corporation, 2010,10,26,1328] [C:\Program Files\KSafe\KEng\kae\kaecorea.dat] [Kingsoft Corporation, 2010,12,16,1454] [PID: 2028 / SYSTEM][C:\windows\System32\spoolsv.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 1240 / LOCAL SERVICE][C:\windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 2076 / SYSTEM][C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe] [Broadcom Corporation., 6.2.1.800] [PID: 2144 / SYSTEM][C:\Program Files\EgisTec BioExcess\EgisDSService.exe] [Egis Technology Inc. , 7, 0, 0, 19] [C:\Program Files\EgisTec BioExcess\PSDUtil.dll] [Egis Technology Inc. , 7, 0, 0, 4] [C:\Program Files\EgisTec BioExcess\CryptoAPI.dll] [Egis Technology Inc., 3, 1, 66, 32] [C:\Program Files\EgisTec BioExcess\sysenv.dll] [Egis Technology Inc. , 7, 0, 0, 4] [C:\Program Files\EgisTec BioExcess\EgisUtility.dll] [Egis Technology Inc. , 7, 0, 0, 63] [C:\Program Files\EgisTec BioExcess\LoggerUtility.dll] [Egis Technology Inc. , 1, 0, 0, 19] [PID: 2188 / SYSTEM][C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe] [联想集团有限公司, 1.0.1.258] [C:\Program Files\Lenovo\ReadyComm\common\framework.dll] [联想集团有限公司, 1.0.1.258] [C:\windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Lenovo\ReadyComm\common\BTComPlugin.dll] [联想集团有限公司, 1.0.1.258] [C:\windows\system32\SerialPortMonitor.dll] [lenovo, 1, 0, 1, 19] [C:\Program Files\Lenovo\ReadyComm\common\CorePlugin.dll] [联想集团有限公司, 1.0.1.258] [C:\Program Files\Lenovo\ReadyComm\common\ProxyPlugin.dll] [联想集团有限公司, 1.0.1.258] [C:\Program Files\Lenovo\ReadyComm\common\ReliablePlugin.dll] [联想集团有限公司, 1.0.1.258] [C:\Program Files\Lenovo\ReadyComm\common\SocketPlugin.dll] [联想集团有限公司, 1.0.1.259] [C:\Program Files\Lenovo\ReadyComm\common\SvcHostPlugin.dll] [联想集团有限公司, 1.0.1.258] [PID: 2216 / SYSTEM][C:\PROGRA~1\Lenovo\Vdisk\vDiskService.exe] [N/A, ] [C:\PROGRA~1\Lenovo\Vdisk\rtl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\vcl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\xmlrtl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\IndyProtocols100.bpl] [Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew, 10.1.0.5] [C:\PROGRA~1\Lenovo\Vdisk\IndySystem100.bpl] [Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew, 10.1.0.5] [C:\PROGRA~1\Lenovo\Vdisk\IndyCore100.bpl] [Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew, 10.1.0.5] [C:\PROGRA~1\Lenovo\Vdisk\soaprtl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\inet100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\dbrtl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\dsnap100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\vcldb100.bpl] [Borland Software Corporation, 10.0.2151.25345] [PID: 2388 / Administrator][C:\windows\system32\taskhost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 2484 / Administrator][C:\windows\system32\Dwm.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [C:\windows\system32\nvwgf2um.dll] [NVIDIA Corporation, 8.16.11.9216] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [PID: 2492 / SYSTEM][D:\Program Files\Kingsoft\webshield\KSWebShield.exe] [Kingsoft Corporation, 2011,01,20,66] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [PID: 2500 / Administrator][D:\Program Files\Kingsoft\webshield\kwstray.exe] [Kingsoft Corporation, 2011,01,20,66] [D:\Program Files\Kingsoft\webshield\kdump.dll] [Kingsoft Corporation, 2010,08,24,1353] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [D:\Program Files\Kingsoft\webshield\report\kinfoc.dll] [Kingsoft Corporation, 2010,05,07,677] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 2772 / SYSTEM][C:\PROGRA~1\Lenovo\Vdisk\KeepLiveOnLine.exe] [N/A, ] [C:\PROGRA~1\Lenovo\Vdisk\rtl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\vcl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\xmlrtl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\IndyProtocols100.bpl] [Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew, 10.1.0.5] [C:\PROGRA~1\Lenovo\Vdisk\IndySystem100.bpl] [Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew, 10.1.0.5] [C:\PROGRA~1\Lenovo\Vdisk\IndyCore100.bpl] [Chad Z. Hower a.k.a Kudzu and the Indy Pit Crew, 10.1.0.5] [C:\PROGRA~1\Lenovo\Vdisk\soaprtl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\inet100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\dbrtl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\dsnap100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\vcldb100.bpl] [Borland Software Corporation, 10.0.2151.25345] [PID: 2800 / NETWORK SERVICE][C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe] [Microsoft Corporation, 2007.0100.2531.00 ((Katmai_PCU_Main).090329-1015 )] [PID: 2940 / Administrator][C:\Program Files\KSafe\ksafetray.exe] [Kingsoft Corporation, 2.6.0.1355] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [C:\Program Files\KSafe\kdump.dll] [Kingsoft Corporation, 2011,03,08,1746] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\Program Files\KSafe\ksafedb.dll] [Kingsoft Corporation, 2.6.0.1347] [C:\Program Files\KSafe\krunopt.dll] [Kingsoft Corporation, 2.6.0.1347] [C:\Program Files\KSafe\kwsctrl.dll] [Kingsoft Corporation, 2.6.0.1354] [C:\Program Files\KSafe\kse\bkrescan.dll] [Kingsoft Corporation, 2011,03,04,1740] [C:\Program Files\KSafe\kse\sqlite.dll] [Kingsoft Corporation, 2010,03,30,781] [C:\Program Files\KSafe\ksafeup.dll] [Kingsoft Corporation, 2.6.0.1347] [C:\Program Files\KSafe\zlib1.dll] [, 1.2.3] [C:\Program Files\KSafe\ksafevul.dll] [Kingsoft Corporation, 2.6.0.1347] [C:\Program Files\KSafe\KEng\ksignup.dll] [Kingsoft Corporation, 1.1.0.1347] [C:\Program Files\KSafe\KEng\KSGMerge.DLL] [Kingsoft Corporation, 2010,08,29,1105] [C:\Program Files\KSafe\kplugeng.dll] [Kingsoft Corporation, 2.6.0.1347] [C:\Program Files\KSafe\kavmgr.dll] [Kingsoft Corporation, 2.6.0.1347] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [PID: 3032 / Administrator][C:\Program Files\Rising\RFW\RsTray.exe] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10] [C:\Program Files\Rising\RFW\comserv.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.13] [C:\Program Files\Rising\RFW\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [C:\Program Files\Rising\RFW\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [C:\Program Files\Rising\RFW\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [C:\Program Files\Rising\RFW\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [C:\Program Files\Rising\RFW\rsxml.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2] [C:\Program Files\Rising\RFW\MonState.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\RFW\rfwrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Rising\RFW\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [C:\Program Files\Rising\RFW\rspalvd.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7] [C:\Program Files\Rising\RFW\rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.11] [C:\Program Files\Rising\RFW\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [C:\Program Files\Rising\RFW\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.6] [C:\Program Files\Rising\RFW\rfwtray.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 57] [C:\Program Files\Rising\RFW\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7] [C:\Program Files\Rising\RFW\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] [d:\Program Files\Rising\RAV\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10] [PID: 3412 / SYSTEM][C:\windows\system32\PnkBstrA.exe] [N/A, ] [PID: 3452 / SYSTEM][C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe] [Protexis Inc., 03.00.02.15] [PID: 3480 / SYSTEM][C:\windows\System32\IgrsSvcs.exe] [Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [c:\program files\lenovo\readycomm\common\router.dll] [联想集团有限公司, 4, 0, 0, 22] [PID: 3584 / SYSTEM][C:\SOSGhost\SGSvr.exe] [, 1, 0, 0, 1] [PID: 3668 / SYSTEM][C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe] [Microsoft Corporation, 2007.0100.1600.022 ((SQL_PreRelease).080709-1414 )] [PID: 3752 / SYSTEM][C:\windows\System32\TPHDEXLG.exe] [Lenovo., 1.70.0.3] [PID: 3836 / SYSTEM][D:\xulei\Program\DctSer.exe] [深圳市迅雷网络技术有限公司, 1.0.1.104] [D:\xulei\Program\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\xulei\Program\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [PID: 3252 / SYSTEM][C:\windows\System32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 3272 / NETWORK SERVICE][C:\windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 4116 / Administrator][C:\Program Files\DigitalChina\DigitalChinaSupplicant\DigitalChinaSupplicant.exe] [, 3, 5, 10, 621] [C:\windows\system32\packet.dll] [CACE Technologies, Inc., 4.1.0.1753] [C:\windows\system32\wpcap.dll] [CACE Technologies, Inc., 4.1.0.1753] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\Program Files\DigitalChina\DigitalChinaSupplicant\mydll.dll] [, 1, 0, 0, 1] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [PID: 4332 / Administrator][C:\windows\system32\hkcmd.exe] [Intel Corporation, 7.15.10.2104] [C:\windows\system32\hccutils.DLL] [Intel Corporation, 7.15.10.2104] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\windows\system32\igfxsrvc.dll] [Intel Corporation, 7.15.10.2104] [C:\windows\system32\igfxrCHS.lrc] [Intel Corporation, 7.15.10.2104] [C:\windows\system32\BAIDUCN.IME] [Baidu Inc., 1,0,10,21] [C:\windows\system32\bdxlog.dll] [Baidu Inc., 1,0,10,21] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 4496 / Administrator][C:\windows\system32\igfxtray.exe] [Intel Corporation, 7.15.10.2104] [C:\windows\system32\hccutils.DLL] [Intel Corporation, 7.15.10.2104] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\windows\system32\igfxsrvc.dll] [Intel Corporation, 7.15.10.2104] [C:\windows\system32\igfxrCHS.lrc] [Intel Corporation, 7.15.10.2104] [C:\windows\system32\igfxress.dll] [Intel Corporation, 7.15.10.2104] [PID: 4616 / SYSTEM][C:\windows\system32\wbem\wmiprvse.exe] [(Verified) Microsoft Corporation, 6.1.7601.17514 (win7sp1_rtm.101119-1850)] [PID: 4640 / Administrator][C:\Windows\system32\TpShocks.exe] [Lenovo., 1.54.0.1] [C:\Program Files\Lenovo\Active Protection System\MUI\0804\TpShocks.dll] [, ] [C:\Windows\system32\Sensor.dll] [Lenovo., 1.70.0.3] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [PID: 4848 / NETWORK SERVICE][C:\Program Files\Windows Media Player\wmpnetwk.exe] [Microsoft Corporation, 12.0.7600.16385 (win7_rtm.090713-1255)] [PID: 4860 / Administrator][C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe] [Broadcom Corporation., 6.2.1.800] [C:\Program Files\Lenovo\Bluetooth Software\btwapi.dll] [Broadcom Corporation., 6.2.1.800] [C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Lenovo\Bluetooth Software\btosif.dll] [Broadcom Corporation., 6.2.1.800] [C:\Program Files\Lenovo\Bluetooth Software\btwhidcs.DLL] [Broadcom Corporation., 6.2.1.800] [C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Lenovo\Bluetooth Software\BtBalloon.dll] [Broadcom Corporation., 6.2.1.800] [C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\Lenovo\Bluetooth Software\btrez.dll] [Broadcom Corporation., 6.2.1.800] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll] [N/A, ] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [C:\Program Files\Lenovo\Bluetooth Software\BtwCP.DLL] [Broadcom Corporation., 6.2.1.800] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 4964 / Administrator][C:\Program Files\Lenovo\YouCam\YouCamTray.exe] [CyberLink Corp., 3.0.0.2529] [C:\windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_cbf21254470d8752\MFC80U.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\windows\WinSxS\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.4053_none_03ca5532205cb096\MFC80CHS.DLL] [Microsoft Corporation, 8.00.50727.4053] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\Program Files\Lenovo\YouCam\MUITransfer\MUITransfer.dll] [CyberLink Corp., 1.01.0519] [C:\windows\system32\MFC71CHS.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Lenovo\YouCam\Custom\Lang\CHS\IM.dll] [TODO: , 1.0.0.1] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [PID: 5092 / LOCAL SERVICE][C:\windows\system32\svchost.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 5212 / Administrator][C:\Program Files\Lenovo\Energy Management\utility.exe] [Lenovo(beijing) Limited, 4, 3, 1, 9] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [C:\Program Files\Lenovo\Energy Management\kbdhook.dll] [N/A, ] [PID: 5440 / Administrator][C:\Program Files\Lenovo\Energy Management\Energy Management.exe] [Lenovo (Beijing) Limited, 5, 3, 0, 9] [C:\Program Files\Lenovo\Energy Management\HookLib.dll] [N/A, ] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [PID: 5528 / Administrator][C:\Program Files\USB Camera\VM331_STI.EXE] [Vimicro, 1, 0, 0, 3] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [PID: 5752 / Administrator][C:\Program Files\EgisTec BioExcess\EgisTSR.exe] [Egis Technology Inc. , 7, 0, 0, 130] [C:\Program Files\EgisTec BioExcess\LibFrame.dll] [Egis Technology Inc., 1, 6, 5, 9] [C:\Program Files\EgisTec BioExcess\FrameUtility.dll] [Egis Technology Inc., 1, 6, 2, 4] [C:\Program Files\EgisTec BioExcess\EgisUtility.dll] [Egis Technology Inc. , 7, 0, 0, 63] [C:\Program Files\EgisTec BioExcess\CryptoAPI.dll] [Egis Technology Inc., 3, 1, 66, 32] [C:\Program Files\EgisTec BioExcess\EgisFactorProxy.dll] [Egis Technology Inc. , 7, 0, 0, 99] [C:\Program Files\EgisTec BioExcess\LoggerUtility.dll] [Egis Technology Inc. , 1, 0, 0, 19] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\Program Files\EgisTec BioExcess\EgisFingerEnroll.dll] [Egis Technology Inc. , 7, 0, 0, 77] [C:\Program Files\EgisTec BioExcess\EgisAuthShell.dll] [Egis Technology Inc. , 7, 0, 0, 21] [C:\Program Files\EgisTec BioExcess\EgisLaunch.dll] [Egis Technology Inc. , 7, 0, 0, 127] [C:\Program Files\EgisTec BioExcess\EgisPBUI.dll] [Egis Technology Inc. , 7, 0, 0, 78] [C:\Program Files\EgisTec BioExcess\EgisFeature.dll] [Egis Technology Inc. , 7, 0, 0, 39] [C:\Program Files\EgisTec BioExcess\EgisPBTSR.dll] [Egis Technology Inc. , 7, 0, 0, 78] [PID: 5816 / Administrator][C:\windows\explorer.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [C:\Program Files\Lenovo\Bluetooth Software\btncopy.dll] [Broadcom Corporation., 6.2.1.800] [C:\windows\system32\nvshext.dll] [NVIDIA Corporation, 266.58] [C:\windows\system32\nvapi.dll] [NVIDIA Corporation, 8.16.11.9216] [C:\windows\system32\igfxsrvc.dll] [Intel Corporation, 7.15.10.2104] [C:\windows\system32\FXSAPI.dll] [Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [C:\Program Files\WinRAR\rarext.dll] [, ] [C:\windows\system32\ravext.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6] [C:\windows\system32\KakaExt.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll] [N/A, ] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [PID: 5232 / NETWORK SERVICE][C:\windows\system32\sppsvc.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 820 / Administrator][D:\Program Files\rstray.exe] [Beijing Rising Information Technology Co., Ltd., 21.0.0.32] [D:\Program Files\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [D:\Program Files\ComServ.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.33] [D:\Program Files\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [D:\Program Files\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [D:\Program Files\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [D:\Program Files\rscommon.dll] [Beijing Rising Information Technology Co., Ltd., 20.0.1.1] [D:\Program Files\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\Program Files\RsXML.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [D:\Program Files\rsxml1.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] [D:\Program Files\pngdll.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] [D:\Program Files\runiep.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.78] [D:\Program Files\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11] [d:\Program Files\Rising\RAV\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [D:\Program Files\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [PID: 168 / Administrator][D:\Program Files\knownsvr.exe] [Beijing Rising Information Technology Co., Ltd., 6.0.0.14] [D:\Program Files\NComm.dll] [Beijing Rising Information Technology Co., Ltd., 6.0.0.11] [D:\Program Files\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.37] [D:\Program Files\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [PID: 6548 / SYSTEM][d:\Program Files\kingsoft\KSM\uniuwiz.exe] [Kingsoft Corporation, 2011, 01, 27, 22] [d:\Program Files\kingsoft\KSM\UniUCore.DLL] [Kingsoft Co. Ltd., 2010, 12, 27, 19] [d:\Program Files\kingsoft\KSM\ksignup.dll] [, 2011,01,26,1680] [PID: 7428 / Administrator][C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe] [Adobe Systems Incorporated, 1.0.175.0] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterCore.dll] [Adobe Systems Incorporated, 1\,0\,0\,67] [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\LogSession.dll] [Adobe Systems Incorporated, 2, 0, 1, 11] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [PID: 8056 / Administrator][E:\QQ软件\QQ\Bin\QQExternal.exe] [Tencent, 1,60,2011,0] [E:\QQ软件\QQ\Bin\Common.dll] [Tencent, 1,60,2011,0] [E:\QQ软件\QQ\Bin\zlib.dll] [, 1, 2, 5, 0] [E:\QQ软件\QQ\Bin\libexpat.dll] [, 2, 0, 1, 0] [C:\windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.4053_none_d1c738ec43578ea1\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [E:\QQ软件\QQ\Bin\ProcessSession.DLL] [Tencent, 1,60,2011,0] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [PID: 3208 / Administrator][C:\Program Files\Rising\RFW\rsmain.exe] [Beijing Rising Information Technology Co., Ltd., 23.0.0.36] [C:\windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\Program Files\Rising\RFW\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [C:\Program Files\Rising\RFW\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [C:\Program Files\Rising\RFW\combase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 15] [C:\Program Files\Rising\RFW\dfwMain.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.78] [C:\Program Files\Rising\RFW\monstate.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [C:\Program Files\Rising\RFW\RFW.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.58] [C:\Program Files\Rising\RFW\rfwRule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\Program Files\Rising\RFW\GCompt.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.49] [C:\Program Files\Rising\RFW\Misc.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.39] [C:\Program Files\Rising\RFW\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [C:\Program Files\Rising\RFW\RfwLog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7] [C:\Program Files\Rising\RFW\logstat.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.11] [C:\Program Files\Rising\RFW\logquery.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.39] [C:\Program Files\Rising\RFW\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [C:\Program Files\Rising\RFW\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [C:\Program Files\Rising\RFW\mPorts.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7] [C:\windows\system32\nvd3dum.dll] [NVIDIA Corporation, 8.16.11.9216] [d:\Program Files\Rising\RAV\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10] [PID: 7604 / SYSTEM][d:\Program Files\Rising\RAV\RavMonD.exe] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 9] [d:\Program Files\Rising\RAV\combase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 15] [d:\Program Files\Rising\RAV\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [d:\Program Files\Rising\RAV\scansrvp.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [d:\Program Files\Rising\RAV\cnt09.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [d:\Program Files\Rising\RAV\moncomm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.3] [d:\Program Files\Rising\RAV\MonBase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [d:\Program Files\Rising\RAV\Rslog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.23] [d:\Program Files\Rising\RAV\RsStore.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [d:\Program Files\Rising\RAV\mondrvd.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11] [d:\Program Files\Rising\RAV\defmon.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 61] [d:\Program Files\Rising\RAV\moncom08.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2] [d:\Program Files\Rising\RAV\taskplug.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2] [d:\Program Files\Rising\RAV\mondrvm.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] [d:\Program Files\Rising\RAV\MonRule.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 32] [d:\Program Files\Rising\RAV\FileMon.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 33] [d:\Program Files\Rising\RAV\MailMon.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 55] [d:\Program Files\Rising\RAV\rsindent.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.1.0] [d:\Program Files\Rising\RAV\cnt08.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [d:\Program Files\Rising\RAV\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [d:\Program Files\Rising\RAV\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [d:\Program Files\Rising\RAV\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [d:\Program Files\Rising\RAV\Hooksys.dll] [Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 8] [d:\Program Files\Rising\RAV\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [d:\Program Files\Rising\RAV\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [d:\Program Files\Rising\RAV\rstask.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7] [d:\Program Files\Rising\RAV\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [d:\Program Files\Rising\RAV\hookTdi.dll] [Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 9] [d:\Program Files\Rising\RAV\BACore.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 50] [d:\Program Files\Rising\RAV\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] [d:\Program Files\Rising\RAV\refs.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] [d:\Program Files\Rising\RAV\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] [d:\Program Files\Rising\RAV\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [d:\Program Files\Rising\RAV\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [d:\Program Files\Rising\RAV\bawhite.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5] [d:\Program Files\Rising\RAV\ScanAdd.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.31] [d:\Program Files\Rising\RAV\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 68] [d:\Program Files\Rising\RAV\ScanSrv.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 17] [d:\Program Files\Rising\RAV\scanpe.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 28] [d:\Program Files\Rising\RAV\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7] [d:\Program Files\Rising\RAV\engext.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 16] [d:\Program Files\Rising\RAV\vmicore.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 17] [d:\Program Files\Rising\RAV\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2] [d:\Program Files\Rising\RAV\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7] [d:\Program Files\Rising\RAV\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5] [d:\Program Files\Rising\RAV\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 0] [d:\Program Files\Rising\RAV\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7] [d:\Program Files\Rising\RAV\scantj.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 9] [d:\Program Files\Rising\RAV\extsfx.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] [d:\Program Files\Rising\RAV\scansct.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [d:\Program Files\Rising\RAV\extole.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 0] [d:\Program Files\Rising\RAV\extarch.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] [d:\Program Files\Rising\RAV\extcomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 4] [d:\Program Files\Rising\RAV\ur029.dat] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2] [d:\Program Files\Rising\RAV\extmail.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 0] [PID: 6572 / Administrator][D:\PROGRAM FILES\RISING\RAV\RSAGENT.EXE] [Beijing Rising Information Technology Co., Ltd., 23.0.0.29] [C:\windows\system32\Macromed\Flash\Flash10n.ocx] [Adobe Systems, Inc., 10,2,152,32] [D:\PROGRAM FILES\RISING\RAV\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [D:\PROGRAM FILES\RISING\RAV\ScanPrxy.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.30] [D:\PROGRAM FILES\RISING\RAV\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [D:\PROGRAM FILES\RISING\RAV\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [PID: 7384 / Administrator][D:\PROGRAM FILES\RISING\RAV\RSTRAY.EXE] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10] [D:\PROGRAM FILES\RISING\RAV\comserv.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.13] [D:\PROGRAM FILES\RISING\RAV\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [D:\PROGRAM FILES\RISING\RAV\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [D:\PROGRAM FILES\RISING\RAV\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [D:\PROGRAM FILES\RISING\RAV\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [D:\PROGRAM FILES\RISING\RAV\rsxml.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2] [D:\PROGRAM FILES\RISING\RAV\MonState.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [D:\PROGRAM FILES\RISING\RAV\ScanEvnt.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10] [D:\PROGRAM FILES\RISING\RAV\rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.11] [D:\PROGRAM FILES\RISING\RAV\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [D:\PROGRAM FILES\RISING\RAV\rspalvd.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7] [D:\PROGRAM FILES\RISING\RAV\mruleui.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 10] [D:\PROGRAM FILES\RISING\RAV\MonTray.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.88] [D:\PROGRAM FILES\RISING\RAV\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.6] [D:\PROGRAM FILES\RISING\RAV\UsbServ.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] [D:\PROGRAM FILES\RISING\RAV\ScanTray.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.54] [D:\PROGRAM FILES\RISING\RAV\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] [D:\PROGRAM FILES\RISING\RAV\dfw.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.66] [D:\PROGRAM FILES\RISING\RAV\ScanPrxy.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.30] [D:\PROGRAM FILES\RISING\RAV\GCompt.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.49] [D:\PROGRAM FILES\RISING\RAV\Isol.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.14] [D:\PROGRAM FILES\RISING\RAV\rsstore.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [d:\Program Files\Rising\RAV\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10] [C:\windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [PID: 5496 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.7600.16385 (win7_rtm.090713-1255)] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kdump.dll] [Kingsoft Corporation, 2010,08,24,1353] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [d:\Program Files\Rising\RAV\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10] [C:\windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\Program Files\Kingsoft\webshield\kswbc.dll] [Kingsoft Corporation, 2011,01,20,66] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll] [N/A, ] [PID: 4556 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.7600.16385 (win7_rtm.090713-1255)] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kdump.dll] [Kingsoft Corporation, 2010,08,24,1353] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [d:\Program Files\Rising\RAV\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10] [C:\windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\Program Files\Kingsoft\webshield\kswbc.dll] [Kingsoft Corporation, 2011,01,20,66] [D:\xulei\BHO\MediaMonitor1.0.0.11.dll] [深圳市迅雷网络技术有限公司, 1.0.0.11] [C:\windows\system32\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [C:\Program Files\EgisTec BioExcess\EgisIEPwdBank.dll] [Egis Technology Inc. , 7, 0, 0, 6] [D:\xulei\BHO\XunleiBHO7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 7,1,6,2194] [C:\windows\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [D:\Program Files\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.21] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [D:\xulei\BHO\XlGameBho7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 2] [D:\xulei\BHO\xldb.7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 7] [D:\xulei\BHO\xldp.7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 24] [C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll] [N/A, ] [C:\windows\system32\Macromed\Flash\Flash10n.ocx] [Adobe Systems, Inc., 10,2,152,32] [C:\windows\system32\nvd3dum.dll] [NVIDIA Corporation, 8.16.11.9216] [PID: 7372 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.7600.16385 (win7_rtm.090713-1255)] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kdump.dll] [Kingsoft Corporation, 2010,08,24,1353] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [d:\Program Files\Rising\RAV\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10] [C:\windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\Program Files\Kingsoft\webshield\kswbc.dll] [Kingsoft Corporation, 2011,01,20,66] [D:\xulei\BHO\MediaMonitor1.0.0.11.dll] [深圳市迅雷网络技术有限公司, 1.0.0.11] [C:\windows\system32\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [C:\Program Files\EgisTec BioExcess\EgisIEPwdBank.dll] [Egis Technology Inc. , 7, 0, 0, 6] [D:\xulei\BHO\XunleiBHO7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 7,1,6,2194] [C:\windows\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [D:\Program Files\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.21] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [C:\windows\system32\Macromed\Flash\Flash10n.ocx] [Adobe Systems, Inc., 10,2,152,32] [D:\xulei\BHO\XlGameBho7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 2] [D:\xulei\BHO\xldb.7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 7] [D:\xulei\BHO\xldp.7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 24] [C:\windows\system32\nvd3dum.dll] [NVIDIA Corporation, 8.16.11.9216] [D:\xulei\BHO\ThunderAgent7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 7,1,6,2194] [PID: 1600 / Administrator][C:\Program Files\Internet Explorer\iexplore.exe] [Microsoft Corporation, 8.00.7600.16385 (win7_rtm.090713-1255)] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kdump.dll] [Kingsoft Corporation, 2010,08,24,1353] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [d:\Program Files\Rising\RAV\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10] [C:\windows\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\windows\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\Program Files\Kingsoft\webshield\kswbc.dll] [Kingsoft Corporation, 2011,01,20,66] [C:\windows\system32\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [D:\xulei\BHO\XunleiBHO7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 7,1,6,2194] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [D:\xulei\BHO\XlGameBho7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 1, 0, 0, 2] [D:\xulei\BHO\xldb.7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 7] [D:\xulei\BHO\xldp.7.1.6.2194.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 24] [C:\windows\system32\nvd3dum.dll] [NVIDIA Corporation, 8.16.11.9216] [D:\xulei\BHO\MediaMonitor1.0.0.11.dll] [深圳市迅雷网络技术有限公司, 1.0.0.11] [C:\Program Files\EgisTec BioExcess\EgisIEPwdBank.dll] [Egis Technology Inc. , 7, 0, 0, 6] [C:\windows\system32\UrlFilter.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [D:\Program Files\UrlRule.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.21] [C:\windows\system32\Macromed\Flash\Flash10n.ocx] [Adobe Systems, Inc., 10,2,152,32] [C:\Program Files\Lenovo\Bluetooth Software\btkeyind.dll] [N/A, ] [PID: 3120 / Administrator][D:\xulei\Program\Thunder.exe] [深圳市迅雷网络技术有限公司, 7,1,6,2194] [D:\xulei\Program\XLUE.dll] [深圳市迅雷网络技术有限公司, 0.9.0.168] [D:\xulei\Program\XLGraphic.dll] [深圳市迅雷网络技术有限公司, 0.9.0.168] [D:\xulei\Program\libpng13.dll] [, 1.2.38] [D:\xulei\Program\zlib1.dll] [, 1.2.3] [D:\xulei\Program\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\xulei\Program\minizip.dll] [N/A, ] [D:\xulei\Program\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\xulei\Program\XLLuaRuntime.dll] [深圳市迅雷网络技术有限公司, 0.9.0.164] [D:\xulei\Program\libexpat.dll] [N/A, ] [D:\xulei\Program\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [D:\xulei\Program\DownloadKernel.dll] [深圳市迅雷网络技术有限公司, 7,1,6,2194] [D:\xulei\Program\sqlite3.dll] [, 3, 6, 22, 0] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [D:\xulei\Program\xl_data.dll] [深圳市迅雷网络技术有限公司, 1, 12, 5, 34] [D:\xulei\Program\asyn_download_interface.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 61] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [D:\xulei\Program\tp_proxy.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 18] [D:\xulei\Program\XLUserAX.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 47] [D:\xulei\Program\Win7Trait.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 1] [D:\xulei\Program\xl_client.dll] [深圳市迅雷网络技术有限公司, 1, 13, 2, 34] [D:\xulei\Program\asyn_frame.dll] [深圳市迅雷网络技术有限公司, 1, 5, 2, 44] [D:\xulei\Program\dl_uac_tool.dll] [N/A, ] [D:\xulei\Program\mp.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 9] [D:\xulei\Addins\Community\XLCPAddinManager.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 19] [D:\xulei\Program\SuperDownloadInfo.dll] [深圳市迅雷网络技术有限公司, 7,1,6,2194] [D:\xulei\Program\dl_peer_id.dll] [深圳市迅雷网络技术有限公司, 3, 2, 2, 16] [D:\xulei\Program\xl_stat_client.dll] [深圳市迅雷网络技术有限公司, 1.1.0.70] [D:\xulei\Addins\community\Community.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 68] [D:\xulei\Addins\Community\http.dll] [深圳市迅雷网络技术有限公司, 1.0.2.15] [D:\xulei\Addins\Community\XLCP.dll] [Thunder Networking Technologies,LTD, 1.0.1.22] [D:\xulei\Addins\Community\BaseIM.dll] [TODO: , 1.0.2.13] [D:\xulei\Addins\Community\TipsManager.dll] [Thunder Networking Technologies,LTD, 1.0.2.24] [D:\xulei\Addins\community\VipService.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 240] [D:\xulei\Addins\DoctorAddin\DoctorAddin.dll] [深圳市迅雷网络技术有限公司, 1.0.1.109] [D:\xulei\XLDoctor\7.1.6.2194_1\Program\XLDoctor.dll] [深圳市迅雷网络技术有限公司, 1.0.1.112] [D:\xulei\XLDoctor\7.1.6.2194_1\Program\hoc.dll] [, 1, 0, 2, 2] [C:\windows\system32\Macromed\Flash\Flash10n.ocx] [Adobe Systems, Inc., 10,2,152,32] [D:\xulei\XLDoctor\7.1.6.2194_1\Program\tp_proxy.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 18] [D:\xulei\Addins\community\MsgBox.dll] [Thunder Networking Technologies,LTD, 1.0.2.18] [D:\xulei\Addins\GougouSearch\SearchFun.dll] [TODO: <公司名>, 1.0.0.4] [D:\xulei\Addins\P2pShare\P2pShare.dll] [TODO: <公司名>, 1.0.0.2] [D:\xulei\Addins\MobileAddin\MobileLite.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 60] [D:\xulei\Addins\DS\xlds.dll] [深圳市迅雷网络技术有限公司, 1.0.2.17] [D:\xulei\Addins\DS\xldp.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 24] [D:\xulei\Addins\DS\XLNetU.Dll] [深圳市迅雷网络技术有限公司, 1, 5, 2, 25] [D:\xulei\Addins\DS\xlmw.dll] [深圳市迅雷网络技术有限公司, 1, 2, 0, 27] [D:\xulei\Addins\RJCK\RJCK.dll] [深圳市迅雷网络技术有限公司, 1.0.0.34] [D:\xulei\Addins\InMediaAddin\iEmbed.dll] [Thunder Networking Technologies,LTD, 4, 0, 1, 19] [PID: 7580 / Administrator][c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\thunderplatform.exe] [深圳市迅雷网络技术有限公司, 1, 1, 2, 54] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\minizip.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\zlib1.dll] [, 1.2.3] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\XLBugHandler.dll] [深圳市迅雷网络技术有限公司, 2, 2, 0, 7] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\dl_uac_tool.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\download_engine.dll] [深圳市迅雷网络技术有限公司, 3, 5, 2, 401] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\mp.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 9] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\XLCrypto.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\asyn_frame.dll] [深圳市迅雷网络技术有限公司, 1, 5, 2, 44] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\ts.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 30] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\backend_agent.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 47] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\ta.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 68] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\ptl.dll] [深圳市迅雷网络技术有限公司, 3, 3, 2, 96] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\dl_peer_id.dll] [深圳市迅雷网络技术有限公司, 3, 2, 2, 16] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\xl_data.dll] [深圳市迅雷网络技术有限公司, 1, 12, 5, 34] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\XLLuaRuntime.dll] [深圳市迅雷网络技术有限公司, 0.9.0.164] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\libexpat.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\xl_client.dll] [深圳市迅雷网络技术有限公司, 1, 13, 2, 34] [C:\Users\Public\Thunder Network\ThunderPlatform\ThunderPlatform_1.1.2.54_1111_a\Components\DownloadLibDll\md_p_1.0.241\xl_stat.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 10] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\fs.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 26] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\p2sp.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 146] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\down_dispatcher.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 79] [C:\Users\Public\Thunder Network\ThunderPlatform\ThunderPlatform_1.1.2.54_1111_a\Components\DownloadLibDll\md_p_1.0.241\member_stat.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 13] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\al.dll] [深圳市迅雷网络技术有限公司, 1, 3, 2, 11] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\p2p_upload.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 21] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\xlnet_manager.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 35] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\dphubt.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 42] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\p2p.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 146] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\stream.dll] [深圳市迅雷网络技术有限公司, 2, 1, 2, 1147] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\p2p_local_res.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 28] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\emule_kernel.dll] [深圳市迅雷网络技术有限公司, 1, 3, 2, 126] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\media_data.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 12] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\sl.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 8] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\module_downloader.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 18] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\mini_unzip_dll.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\task_report.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 7] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\p2p_session_com.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 91] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\p2ptl2.dll] [深圳市迅雷网络技术有限公司, 1, 3, 2, 18] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\dtnet.dll] [深圳市迅雷网络技术有限公司, 1.0.1.13] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\p2p_cloud.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 52] [c:\program files\common files\thunder network\tp\ver1\1.1.2.54_1111\UACTool.dll] [N/A, ] [C:\Users\Public\Thunder Network\ThunderPlatform\ThunderPlatform_1.1.2.54_1111_a\Components\DownloadLibDll\md_p_1.0.241\emule_id.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 21] [C:\Users\Public\Thunder Network\ThunderPlatform\ThunderPlatform_1.1.2.54_1111_a\Components\DownloadLibDll\md_p_1.0.241\bd.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 26] [PID: 740 / Administrator][C:\Program Files\WinRAR\WinRAR.exe] [, ] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [C:\PROGRA~1\Lenovo\Vdisk\ISHELL~1.DLL] [, 1.0.0.48] [C:\PROGRA~1\Lenovo\Vdisk\rtl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [C:\PROGRA~1\Lenovo\Vdisk\vcl100.bpl] [Borland Software Corporation, 10.0.2151.25345] [PID: 1608 / Administrator][C:\Users\ADMINI~1\AppData\Local\Temp\Rar$EX00.870\SREngLdr.EXE] [Smallfrogs Studio, 2.8.4.1331] [PID: 5080 / Administrator][C:\Users\ADMINI~1\AppData\Local\Temp\Rar$EX00.870\SREf64d85ec.EXE] [Smallfrogs Studio, 2.8.4.1331] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] [C:\Program Files\Lenovo\Bluetooth Software\btmmhook.dll] [Broadcom Corporation., 6.2.1.800] [PID: 3992 / SYSTEM][C:\windows\servicing\TrustedInstaller.exe] [(Verified) Microsoft Corporation, 6.1.7600.16385 (win7_rtm.090713-1255)] [PID: 6992 / Administrator][C:\Program Files\Baidu\BaiduPinyin\1.0.10.21\BaiduPinyin.exe] [, 1,0,10,21] [C:\Program Files\Baidu\BaiduPinyin\1.0.10.21\libconfig.dll] [N/A, ] [C:\Program Files\Baidu\BaiduPinyin\1.0.10.21\bdaucommon.dll] [Baidu.com, Inc., 1,0,1,9] [C:\Program Files\Baidu\BaiduPinyin\1.0.10.21\bdxlog.dll] [Baidu Inc., 1,0,10,21] [C:\Program Files\Baidu\BaiduPinyin\1.0.10.21\reportlog.dll] [N/A, ] [C:\Program Files\Baidu\BaiduPinyin\1.0.10.21\basenet.dll] [N/A, ] [C:\Program Files\Baidu\BaiduPinyin\1.0.10.21\zlib1.dll] [, 1.2.5] [D:\Program Files\RegCall.dll] [Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [C:\Program Files\KSafe\ksfmon.dll] [Kingsoft Corporation, 2.6.0.1354] [D:\Program Files\Kingsoft\webshield\kwsui.dll] [Kingsoft Corporation, 2010,09,19,19] [D:\Program Files\Kingsoft\webshield\kswebshield.dll] [Kingsoft Corporation, 2011,01,07,61] ================================== 文件关联 .TXT Error. [C:\windows\notepad.exe %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["%SystemRoot%\hh.exe" %1] .HLP OK. [%SystemRoot%\winhlp32.exe %1] .INI OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .VBS OK. ["%SystemRoot%\System32\WScript.exe" "%1" %*] .JS Error. [C:\Windows\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 N/A ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 activate.adobe.com 127.0.0.1 practivate.adobe.com 127.0.0.1 ereg.adobe.com 127.0.0.1 activate.wip3.adobe.com 127.0.0.1 wip3.adobe.com 127.0.0.1 3dns-3.adobe.com 127.0.0.1 3dns-2.adobe.com 127.0.0.1 adobe-dns.adobe.com 127.0.0.1 adobe-dns-2.adobe.com 127.0.0.1 adobe-dns-3.adobe.com 127.0.0.1 ereg.wip3.adobe.com 127.0.0.1 activate-sea.adobe.com 127.0.0.1 wwis-dubc1-vip60.adobe.com 127.0.0.1 activate-sjc0.adobe.com ================================== 进程特权扫描 N/A ================================== 计划任务 [已启用] \\AdobeAAMUpdater-1.0-PC-20110320FIXS-Administrator C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe -mode=scheduled [已启用] \\BaiduPinyinUpdate C:\Program Files\Baidu\BaiduPinyin\1.0.10.21\bdupdate.exe -mode=scheduled [已启用] \\KsafeDelay C:\Program Files\KSafe\KSafeTray.exe -delayruncheck -mode=scheduled [已启用] \\{4EE83D0B-EA34-42D7-934E-A24439FC9A22} C:\windows\system32\pcalua.exe -a C:\Users\Administrator\Desktop\V460_Win732_驱动安装说明.exe -d C:\Users\Administrator\Desktop [已启用] \\{585B4271-9FF1-4314-A60F-339C2315E20F} C:\windows\system32\pcalua.exe -a F:\程序\MP10Setup.exe -d F:\程序 [已启用] \\{A76C324D-7F47-40A5-A81B-E6E9D60DBC7F} C:\windows\system32\pcalua.exe -a C:\Users\Administrator\Desktop\Touchpad.exe -d C:\Users\Administrator\Desktop [已启用] \\{D5F09F4D-5605-447C-AA1D-224BD54D7E85} C:\windows\system32\pcalua.exe -a C:\Users\Administrator\Desktop\Chipset.exe -d C:\Users\Administrator\Desktop [已启用] \\{EBE5A4A5-AB20-4681-9F5B-EBB5A3B41060} C:\windows\system32\pcalua.exe -a F:\程序\kpfw_down_10_10.exe -d F:\程序 [已启用] \Microsoft\Windows\SetupSQMTask C:\windows\SYSTEM32\OOBE\SETUPSQM.EXE [已禁用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Automated) N/A [已启用] \Microsoft\Windows\Active Directory Rights Management Services Client\AD RMS Rights Policy Template Management (Manual) N/A [已禁用] \Microsoft\Windows\AppID\PolicyConverter %windir%\system32\appidpolicyconverter.exe [已禁用] \Microsoft\Windows\AppID\VerifiedPublisherCertStoreCheck %windir%\system32\appidcertstorecheck.exe [已启用] \Microsoft\Windows\Application Experience\AitAgent aitagent [已启用] \Microsoft\Windows\Application Experience\ProgramDataUpdater %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate [已启用] \Microsoft\Windows\Autochk\Proxy %windir%\system32\rundll32.exe /d acproxy.dll,PerformAutochkOperations [已启用] \Microsoft\Windows\Bluetooth\UninstallDeviceTask BthUdTask.exe $(Arg0) [已启用] \Microsoft\Windows\CertificateServicesClient\SystemTask N/A [已启用] \Microsoft\Windows\CertificateServicesClient\UserTask N/A [已禁用] \Microsoft\Windows\CertificateServicesClient\UserTask-Roam N/A [已启用] \Microsoft\Windows\Customer Experience Improvement Program\Consolidator %SystemRoot%\System32\wsqmcons.exe [已启用] \Microsoft\Windows\Defrag\ScheduledDefrag %windir%\system32\defrag.exe -c [已启用] \Microsoft\Windows\Location\Notifications %windir%\System32\LocationNotifications.exe [已启用] \Microsoft\Windows\Maintenance\WinSAT N/A [已禁用] \Microsoft\Windows\Media Center\ActivateWindowsSearch %SystemRoot%\ehome\ehPrivJob.exe /DoActivateWindowsSearch [已禁用] \Microsoft\Windows\Media Center\ConfigureInternetTimeService %SystemRoot%\ehome\ehPrivJob.exe /DoConfigureInternetTimeService [已禁用] \Microsoft\Windows\Media Center\DispatchRecoveryTasks %SystemRoot%\ehome\ehPrivJob.exe /DoRecoveryTasks $(Arg0) [已禁用] \Microsoft\Windows\Media Center\ehDRMInit %SystemRoot%\ehome\ehPrivJob.exe /DRMInit [已禁用] \Microsoft\Windows\Media Center\InstallPlayReady %SystemRoot%\ehome\ehPrivJob.exe /InstallPlayReady $(Arg0) [已禁用] \Microsoft\Windows\Media Center\mcupdate %SystemRoot%\ehome\mcupdate $(Arg0) [已禁用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [已禁用] \Microsoft\Windows\Media Center\MediaCenterRecoveryTask %SystemRoot%\ehome\mcupdate.exe -MediaCenterRecoveryTask [已禁用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [已禁用] \Microsoft\Windows\Media Center\ObjectStoreRecoveryTask %SystemRoot%\ehome\mcupdate.exe -ObjectStoreRecoveryTask [已禁用] \Microsoft\Windows\Media Center\OCURActivate %SystemRoot%\ehome\ehPrivJob.exe /OCURActivate [已禁用] \Microsoft\Windows\Media Center\OCURDiscovery %SystemRoot%\ehome\ehPrivJob.exe /OCURDiscovery $(Arg0) [已禁用] \Microsoft\Windows\Media Center\PBDADiscovery %SystemRoot%\ehome\ehPrivJob.exe /PBDADiscovery [已禁用] \Microsoft\Windows\Media Center\PBDADiscoveryW1 %SystemRoot%\ehome\ehPrivJob.exe /wait:7 /PBDADiscovery [已禁用] \Microsoft\Windows\Media Center\PBDADiscoveryW2 %SystemRoot%\ehome\ehPrivJob.exe /wait:90 /PBDADiscovery [已禁用] \Microsoft\Windows\Media Center\PeriodicScanRetry %windir%\ehome\MCUpdate.exe -pscn 0 [已禁用] \Microsoft\Windows\Media Center\PvrRecoveryTask %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [已禁用] \Microsoft\Windows\Media Center\PvrRecoveryTask %SystemRoot%\ehome\mcupdate.exe -PvrRecoveryTask [已禁用] \Microsoft\Windows\Media Center\PvrScheduleTask %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [已禁用] \Microsoft\Windows\Media Center\PvrScheduleTask %SystemRoot%\ehome\mcupdate.exe -PvrSchedule [已禁用] \Microsoft\Windows\Media Center\RecordingRestart %SystemRoot%\ehome\ehrec /RestartRecording [已禁用] \Microsoft\Windows\Media Center\RegisterSearch %SystemRoot%\ehome\ehPrivJob.exe /DoRegisterSearch $(Arg0) [已禁用] \Microsoft\Windows\Media Center\ReindexSearchRoot %SystemRoot%\ehome\ehPrivJob.exe /DoReindexSearchRoot [已禁用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [已禁用] \Microsoft\Windows\Media Center\SqlLiteRecoveryTask %SystemRoot%\ehome\mcupdate.exe -SqlLiteRecoveryTask [已禁用] \Microsoft\Windows\Media Center\UpdateRecordPath %SystemRoot%\ehome\ehPrivJob.exe /DoUpdateRecordPath $(Arg0) [已启用] \Microsoft\Windows\MobilePC\HotStart N/A [已启用] \Microsoft\Windows\MUI\LPRemove %windir%\system32\lpremove.exe [已启用] \Microsoft\Windows\Multimedia\SystemSoundsService N/A [已启用] \Microsoft\Windows\NetTrace\GatherNetworkInfo %windir%\system32\gatherNetworkInfo.vbs [已禁用] \Microsoft\Windows\Offline Files\Background Synchronization N/A [已禁用] \Microsoft\Windows\Offline Files\Logon Synchronization N/A [已启用] \Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem %SystemRoot%\System32\powercfg.exe -energy -auto [已启用] \Microsoft\Windows\Ras\MobilityManager N/A [已禁用] \Microsoft\Windows\SideShow\AutoWake N/A [已启用] \Microsoft\Windows\SideShow\GadgetManager N/A [已禁用] \Microsoft\Windows\SideShow\SessionAgent N/A [已禁用] \Microsoft\Windows\SideShow\SystemDataProviders N/A [已禁用] \Microsoft\Windows\SystemRestore\SR %windir%\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation [已启用] \Microsoft\Windows\Tcpip\IpAddressConflict1 %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPOffendingSystem [已启用] \Microsoft\Windows\Tcpip\IpAddressConflict2 %windir%\system32\rundll32.exe ndfapi.dll,NdfRunDllDuplicateIPDefendingSystem [已启用] \Microsoft\Windows\Time Synchronization\SynchronizeTime %windir%\system32\sc.exe start w32time task_started [已启用] \Microsoft\Windows\UPnP\UPnPHostConfig sc.exe config upnphost start= auto [已禁用] \Microsoft\Windows\User Profile Service\HiveUploadTask N/A [已启用] \Microsoft\Windows\Windows Error Reporting\QueueReporting %windir%\system32\wermgr.exe -queuereporting [已启用] \Microsoft\Windows\Windows Media Sharing\UpdateLibrary "%ProgramFiles%\Windows Media Player\wmpnscfg.exe" [已启用] \Microsoft\Windows\WindowsBackup\ConfigNotification %systemroot%\System32\sdclt.exe /CONFIGNOTIFICATION [已禁用] \Microsoft\Windows\WindowsColorSystem\Calibration Loader N/A ================================== Windows 安全更新检查 KB2416472, 用于 Windows XP、Windows Server 2003、Windows Vista、Windows 7、Windows Server 2008 x86 的 Microsoft .NET Framework 4 安全更新程序 (KB2416472) MS10-070 KB2488113, Windows 7 更新程序 (KB2488113) KB2483139, 拉脱维亚语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 斯洛文尼亚语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 爱沙尼亚语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 挪威语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 西班牙语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 德语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 意大利语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 土耳其语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 朝鲜语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 斯洛伐克语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 希腊语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 捷克语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 希伯来语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 日语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 丹麦语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 葡萄牙语（巴西）语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 葡萄牙语（葡萄牙）语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 繁体中文语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 立陶宛语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 泰国语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 克罗地亚语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 英语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 俄语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 瑞典语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 塞尔维亚语（拉丁语）语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 法语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 保加利亚语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 乌克兰语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 阿拉伯语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 波兰语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 芬兰语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 罗马尼亚语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 荷兰语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2483139, 匈牙利语语言包 - Windows 7 Service Pack 1 (KB2483139) KB2484033, Windows 7 更新程序 (KB2484033) KB890830, Windows 恶意软件删除工具 - 2011 年 3 月 (KB890830) KB915597, Definition Update for Windows Defender - KB915597 (Definition 1.99.1460.0) ================================== API HOOK 入口点错误：FindFirstFileA (危险等级: 高, 被下面模块所HOOK: 0x017C02D9) 入口点错误：LoadLibraryExW (危险等级: 高, 被下面模块所HOOK: 0x01C802F1) 入口点错误：CreateProcessA (危险等级: 高, 被下面模块所HOOK: 0x009602F1) 入口点错误：CreateProcessW (危险等级: 高, 被下面模块所HOOK: 0x017B02F1) 入口点错误：ShellExecuteExW (危险等级: 一般, 被下面模块所HOOK: D:\Program Files\Kingsoft\webshield\kswebshield.dll) ================================== 隐藏进程 N/A ================================== [/CODE]