[CODE] 2012-03-22,13:24:12 System Repair Engineer 2.8.4.1331 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 3 (Build 2600) - 管理权限用户 - 完整功能以下内容被选中：所有的启动项目（包括注册表、启动文件夹、服务等）浏览器加载项正在运行的进程（包括进程模块信息）文件关联 Winsock 提供者 Autorun.inf HOSTS 文件进程特权扫描计划任务 Windows 安全更新检查 API HOOK 隐藏进程启动项目注册表 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] [(Verified)Microsoft Windows Component Publisher] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] <"D:\Program Files\Rising\RIS\RSTRAY.EXE" -system> [(Verified)Beijing Rising Information Technology Corporation Limited] <"D:\program files\ksafe\KSafeTray.exe" -autorun> [(Verified)Kingsoft Security Co.,Ltd] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{AEB6717E-7E19-11d0-97EE-00C04FD91972}> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <%SystemRoot%\system32\SHELL32.dll> [(Verified)Microsoft Windows Component Publisher] <%SystemRoot%\system32\webcheck.dll> [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dimsntfy] <%SystemRoot%\System32\dimsntfy.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] <{438755C2-A8BA-11D1-B96B-00A0C90312E1}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] <{8C7461EF-2B13-11d2-BE35-3078302C2030}><%SystemRoot%\system32\browseui.dll> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <浏览器自定义组件> [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [File is missing] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] <%SystemRoot%\system32\ie4uinit.exe> [(Verified)Microsoft Windows Component Publisher] ================================== 启动文件夹 N/A ================================== 服务 [Help and Support / helpsvc][Stopped/Disabled] %WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll> [HID Input Service / HidServ][Stopped/Auto Start] %SystemRoot%\System32\hidserv.dll> [KSafe service / KSafeSvc][Running/Auto Start] <"D:\program files\ksafe\KSafeSvc.exe" -svc> [Rsd Service / RsMgrSvc][Running/Auto Start] <"C:\Program Files\Rising\RSD\RsMgrSvc.exe"> [RIS Service / RsRISMon][Running/Auto Start] <"D:\Program Files\Rising\RIS\RavMonD.exe"> [SafeSvc / SafeSvc][Running/Auto Start] <> ================================== 驱动程序 [Ambfilt / Ambfilt][Stopped/Manual Start] [BC / BC][Running/Boot Start] <\SystemRoot\system32\Drivers\BC.sys> [Creative AudioPCI (ES1371,ES1373) (WDM) / es1371][Stopped/Manual Start] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [hooksys / hooksys][Running/System Start] <\??\C:\WINDOWS\system32\drivers\Hooksys.sys> [HookTdi / HookTdi][Running/System Start] <\??\C:\WINDOWS\system32\drivers\HookTdi.sys> [HyperVM / HyperVM][Running/System Start] <\??\C:\WINDOWS\system32\drivers\hvm.sys> [ialm / ialm][Running/Manual Start] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [kmodurl / kmodurl][Running/System Start] <\??\D:\program files\ksafe\kmodurl.sys> [Monfilt / Monfilt][Stopped/Manual Start] [ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start] <> [AMD PCNET Compatable Adapter Driver / PCnet][Stopped/Manual Start] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [QqNetflpwControl / QqNetflpwControl][Running/System Start] <\??\C:\Program Files\Common Files\Tencent\QQSafeGuarder\QMNetflowxp.sys> [QQProtect / QQProtect][Running/System Start] <\??\C:\WINDOWS\system32\drivers\QQProtect.sys> [Rising RfwARP Driver / RFWARP][Running/Auto Start] [Rising RfwNdis Driver / RFWNDIS][Running/Manual Start] [rfwtdi / rfwtdi][Running/Auto Start] <\??\D:\Program Files\Rising\RIS\rfwtdi.sys> [rsd protect / rsdsys][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\protreg.sys> [rsfwdrv / rsfwdrv][Running/Auto Start] <\??\D:\Program Files\Rising\RIS\rsfwdrv.sys> [Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start] [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start] [Secdrv / Secdrv][Stopped/Manual Start] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [TCSafeBox / TCSafeBox][Running/System Start] <\??\C:\Program Files\Common Files\Tencent\QQSafeGuarder\TCSafeBox.sys> [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> ================================== 浏览器加载项 [迅雷FLV视频嗅探及下载支持] {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} [迅雷下载支持] {889D2FEB-5411-4565-8998-1DD2C5261283} [] {9AA238FE-8298-48c9-B188-05B6AEE76C3A} <, > [迅雷FLV视频嗅探及下载支持代理] {0C27ADC4-E826-4620-A3A7-990D7E05545F} [迅雷FLV视频嗅探及下载支持] {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} [InstallHelper Class] {1DABF8D5-8430-4985-9B7F-A30E53D709B3} [Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [QQPYChecker Class] {5052B4D0-9DF7-45ef-88EF-F42C0EA33A43} [迅雷发行IE支持] {5FFF24BC-DC02-4808-B4E0-A8E2C93FE407} [] {6096E38F-5AC1-9527-8EC4-75DFA92FB32F} <, > [Access UserInfo by Script] {6EE9CD3E-A386-4DAE-9737-A759DBF927AE} [Active Desktop Mover] {72267F6A-A6F9-11D0-BC94-00C04FB67863} <%SystemRoot%\system32\SHELL32.dll, (Signed) N/A> [迅雷下载支持] {889D2FEB-5411-4565-8998-1DD2C5261283} [] {9701758C-4373-482E-B13C-776C048EC890} <, > [] {9AA238FE-8298-48C9-B188-05B6AEE76C3A} <, > [] {A9322148-C691-4B9D-91FC-B9C461DBE9DD} <, > [] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} <, > [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [xoliimpl Class] {DD5BF6D1-6663-47E0-9DFA-5C343CAF178E} [PlayerCtrl Class] {E05BC2A3-9A46-4a32-80C9-023A473F5B23} [PPLive Lite Class] {EF0D1A14-1033-41A2-A589-240C01EDC078} [] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} <, > [&使用&迅雷下载] [&使用&迅雷下载全部链接] [导出到 Microsoft Office Excel(&X)] ================================== 正在运行的进程 [PID: 896 / SYSTEM][\SystemRoot\System32\smss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 972 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [PID: 996 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1040 / SYSTEM][C:\WINDOWS\system32\services.exe] [(Verified) Microsoft Corporation, 5.1.2600.5755 (xpsp_sp3_qfe.090206-1316)] [PID: 1052 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1232 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1300 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [PID: 1460 / SYSTEM][C:\Program Files\Rising\RSD\RsMgrSvc.exe] [Beijing Rising Information Technology Co., Ltd., 1.0.0.38] [C:\Program Files\Rising\RSD\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [C:\Program Files\Rising\RSD\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1472 / SYSTEM][D:\Program Files\Rising\RIS\RavMonD.exe] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 14] [D:\Program Files\Rising\RIS\combase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 23] [D:\Program Files\Rising\RIS\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.8] [D:\Program Files\Rising\RIS\scansrvp.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [D:\Program Files\Rising\RIS\cnt09.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [D:\Program Files\Rising\RIS\moncomm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.3] [D:\Program Files\Rising\RIS\MonBase.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [D:\Program Files\Rising\RIS\Rslog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.26] [D:\Program Files\Rising\RIS\RsStore.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [D:\Program Files\Rising\RIS\mondrvd.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11] [D:\Program Files\Rising\RIS\defmon.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 62] [D:\Program Files\Rising\RIS\moncom08.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2] [D:\Program Files\Rising\RIS\taskplug.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2] [D:\Program Files\Rising\RIS\mondrvm.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] [D:\Program Files\Rising\RIS\MonRule.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 33] [D:\Program Files\Rising\RIS\FileMon.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 34] [D:\Program Files\Rising\RIS\MailMon.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 56] [D:\Program Files\Rising\RIS\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7] [D:\Program Files\Rising\RIS\rfwrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\Program Files\Rising\RIS\rfwsrv.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.99] [D:\Program Files\Rising\RIS\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [D:\Program Files\Rising\RIS\mPorts.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7] [D:\Program Files\Rising\RIS\rfwdrvc.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.37] [D:\Program Files\Rising\RIS\fishweb.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 26] [D:\Program Files\Rising\RIS\rsindent.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.1.0] [D:\Program Files\Rising\RIS\cnt08.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\Program Files\Rising\RIS\proccomm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2] [D:\Program Files\Rising\RIS\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [D:\Program Files\Rising\RIS\Hooksys.dll] [Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 8] [D:\Program Files\Rising\RIS\ProcCom.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [D:\Program Files\Rising\RIS\RsCommX2.dll] [Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [D:\Program Files\Rising\RIS\rstask.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] [D:\Program Files\Rising\RIS\rsstub.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [D:\Program Files\Rising\RIS\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [D:\Program Files\Rising\RIS\hookTdi.dll] [Beijing Rising Information Technology Co., Ltd., 25, 0, 0, 9] [D:\Program Files\Rising\RIS\BACore.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 99] [D:\Program Files\Rising\RIS\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [D:\Program Files\Rising\RIS\bawhite.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5] [D:\Program Files\Rising\RIS\ScanAdd.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.31] [D:\Program Files\Rising\RIS\Scanner.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 70] [D:\Program Files\Rising\RIS\recomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] [D:\Program Files\Rising\RIS\refs.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] [D:\Program Files\Rising\RIS\viruslib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] [D:\Program Files\Rising\RIS\relibldr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [D:\Program Files\Rising\RIS\fwfish.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5] [D:\Program Files\Rising\RIS\fwcomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 11] [D:\Program Files\Rising\RIS\fwfs.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5] [D:\Program Files\Rising\RIS\fwvirlib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 5] [D:\Program Files\Rising\RIS\fwlibldr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] [D:\Program Files\Rising\RIS\Rfwdrv.dll] [Beijing Rising Information Technology Co., Ltd., 25.0.0.8] [D:\Program Files\Rising\RIS\RfwArp.dll] [Beijing Rising Information Technology Co., Ltd., 25.0.0.1] [D:\Program Files\Rising\RIS\urlrule.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2] [D:\Program Files\Rising\RIS\rfwproxy.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 80] [D:\Program Files\Rising\RIS\ScanSrv.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 17] [D:\Program Files\Rising\RIS\scanpe.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 30] [D:\Program Files\Rising\RIS\pearc.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] [D:\Program Files\Rising\RIS\engext.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 33] [D:\Program Files\Rising\RIS\vmicore.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 19] [D:\Program Files\Rising\RIS\ffr.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] [D:\Program Files\Rising\RIS\nvfile.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 7] [D:\Program Files\Rising\RIS\scanexec.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 8] [D:\Program Files\Rising\RIS\unexe.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 0] [D:\Program Files\Rising\RIS\scanex.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 13] [D:\Program Files\Rising\RIS\scantj.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 9] [D:\Program Files\Rising\RIS\extsfx.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 9] [D:\Program Files\Rising\RIS\scansct.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [D:\Program Files\Rising\RIS\urllib.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 1] [D:\Program Files\Rising\RIS\extarch.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 15] [D:\Program Files\Rising\RIS\extcomp.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6] [D:\Program Files\Rising\RIS\scandeep.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2] [D:\Program Files\Rising\RIS\ur029.dat] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2] [D:\Program Files\Rising\RIS\extole.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 2] [D:\Program Files\Rising\RIS\ScanRavT.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.64] [D:\Program Files\Rising\RIS\ScanBT.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 99] [D:\Program Files\Rising\RIS\ScanStub.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 26] [PID: 1492 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [c:\windows\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [PID: 1620 / NETWORK SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [PID: 1744 / SYSTEM][D:\program files\ksafe\KSafeSvc.exe] [Kingsoft Corporation, 3.6.0.2277] [D:\program files\ksafe\json.dll] [N/A, ] [D:\program files\ksafe\kdump.dll] [Kingsoft Corporation, 2011,05,31,2002] [D:\program files\ksafe\kxebase.dll] [Kingsoft Corporation, 2010,5,12,402] [D:\program files\ksafe\scom.dll] [Kingsoft Corporation, 2010,5,12,402] [D:\program files\ksafe\kxecore\kxecore.dll] [Kingsoft Corporation, 2010,5,12,402] [D:\program files\ksafe\kexectrl.dll] [Kingsoft Corporation, 2010,09,18,1422] [D:\program files\ksafe\kwssp.dll] [Kingsoft Corporation, 2012.03.16.2277] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [D:\program files\ksafe\netstat.dll] [Kingsoft Corporation, 3.6.0.2277] [D:\program files\ksafe\fwproxy.dll] [Kingsoft Corporation, 3.6.0.2277] [D:\program files\ksafe\kse\ksbcommsp.dll] [Kingsoft Corporation, 2011,07,26,2126] [D:\program files\ksafe\kse\ksecansp.dll] [Kingsoft Corporation, 2011,04,21,1878] [D:\program files\ksafe\kse\ksecorex.dll] [Kingsoft Corporation, 2011,10,20,1846] [D:\program files\ksafe\ksapi.dll] [Kingsoft Corporation, 2011,12,06,55] [D:\program files\ksafe\KEng\kae\kaecore.dat] [Kingsoft Corporation, 2011,11,17,1887] [D:\program files\ksafe\kse\wfs.dll] [Kingsoft Corporation, 2010,08,23,1070] [D:\program files\ksafe\kse\sqlite.dll] [Kingsoft Corporation, 2010,03,30,781] [D:\program files\ksafe\kse\ksbwdet2.dll] [Kingsoft Corporation, 2011,11,25,2438] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\program files\ksafe\KEng\kae\karchive.dat] [Kingsoft Corporation, 2011,07,29,1746] [D:\program files\ksafe\KEng\kae\kaearcha.dat] [Kingsoft Corporation, 2010,11,19,1407] [D:\program files\ksafe\KEng\kae\kaeolea.dat] [Kingsoft Corporation, 2011,10,20,1847] [D:\program files\ksafe\KEng\kae\kaearchb.dat] [Kingsoft Corporation, 2011,09,23,1813] [D:\program files\ksafe\ksscore.dll] [Kingsoft Corporation, 2011,11,15,39] [D:\program files\ksafe\khandler.dll] [Kingsoft Corporation, 2011,06,15,2036] [D:\program files\ksafe\kse\BKReScan.dll] [Kingsoft Corporation, 2011,04,27,1917] [D:\program files\ksafe\khistory.dll] [Kingsoft Corporation, 2011,08,26,2224] [D:\program files\ksafe\KEng\kae\kaecoref.dat] [Kingsoft Corporation, 2010,12,16,1454] [D:\program files\ksafe\KEng\kae\kaecorem.dat] [Kingsoft Corporation, 2010,10,26,1328] [D:\program files\ksafe\KEng\kae\kaecorea.dat] [Kingsoft Corporation, 2011,10,20,1847] [D:\program files\ksafe\KEng\kae\kaextend.dat] [Kingsoft Corporation, 2011,10,25,1852] [D:\program files\ksafe\KEng\kae\kaext2.dat] [Kingsoft Corporation, 2011,10,20,1847] [D:\program files\ksafe\KEng\kae\kaecoreo.dat] [Kingsoft Corporation, 2011,10,20,1847] [PID: 652 / Administrator][C:\WINDOWS\Explorer.EXE] [(Verified) Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159] [D:\program files\ksafe\ksfmon.dll] [Kingsoft Corporation, 3.6.0.2285] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\Program Files\WinRAR\rarext.dll] [, ] [C:\WINDOWS\system32\ravext.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6] [PID: 1416 / SYSTEM][C:\91DOS\SafeSvc.exe] [, 1, 0, 0, 1] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [C:\91DOS\Addl.dll] [, 1, 0, 0, 1] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\Program Files\Rising\RIS\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.18] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\WINDOWS\system32\Macromed\Flash\Flash11g.ocx] [Adobe Systems, Inc., 11,1,102,63] [PID: 1576 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1600 / Administrator][D:\Program Files\Rising\RIS\RSTRAY.EXE] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\Program Files\Rising\RIS\comserv.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.15] [D:\Program Files\Rising\RIS\rslang.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [D:\Program Files\Rising\RIS\comx3.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.4] [D:\Program Files\Rising\RIS\Syslay.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.1] [D:\Program Files\Rising\RIS\ProcComm.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2] [D:\Program Files\Rising\RIS\rsxml.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.2] [D:\Program Files\Rising\RIS\MonState.dll] [Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [D:\Program Files\Rising\RIS\ScanEvnt.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.10] [D:\Program Files\Rising\RIS\rsguilib.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [D:\Program Files\Rising\RIS\rsconf.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.8] [D:\Program Files\Rising\RIS\rfwrule.dll] [Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\Program Files\Rising\RIS\rspalvd.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7] [D:\Program Files\Rising\RIS\rsnetsvr.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [D:\Program Files\Rising\RIS\mruleui.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 10] [D:\Program Files\Rising\RIS\MonTray.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.1.15] [D:\Program Files\Rising\RIS\rfwtray.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 78] [D:\Program Files\Rising\RIS\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.14] [D:\Program Files\Rising\RIS\UsbServ.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] [D:\Program Files\Rising\RIS\ScanTray.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.55] [D:\Program Files\Rising\RIS\PngDll.dll] [Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 3] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\Program Files\Rising\RIS\dfw.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.67] [D:\Program Files\Rising\RIS\ScanPrxy.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.32] [D:\Program Files\Rising\RIS\GCompt.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.55] [D:\Program Files\Rising\RIS\Isol.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.14] [D:\Program Files\Rising\RIS\rsstore.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.12] [D:\Program Files\Rising\RIS\rfwlog.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.7] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [PID: 1632 / Administrator][D:\program files\ksafe\KSafeTray.exe] [Kingsoft Corporation, 3.6.0.2285] [D:\program files\ksafe\json.dll] [N/A, ] [C:\WINDOWS\system32\msi.dll] [Microsoft Corporation, 4.5.6001.22159] [D:\program files\ksafe\ksfmon.dll] [Kingsoft Corporation, 3.6.0.2285] [D:\program files\ksafe\kdump.dll] [Kingsoft Corporation, 2011,05,31,2002] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\program files\ksafe\ksafedb.dll] [Kingsoft Corporation, 3.6.0.2277] [D:\program files\ksafe\khistory.dll] [Kingsoft Corporation, 2011,08,26,2224] [D:\program files\ksafe\kwsctrl.dll] [Kingsoft Corporation, 3.6.0.2277] [D:\program files\ksafe\ksafeup.dll] [Kingsoft Corporation, 3.6.0.2277] [D:\program files\ksafe\zlib1.dll] [, 1.2.3] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [D:\program files\ksafe\krunopt.dll] [Kingsoft Corporation, 3.6.0.2284] [D:\program files\ksafe\kse\bkrescan.dll] [Kingsoft Corporation, 2011,04,27,1917] [D:\program files\ksafe\kse\sqlite.dll] [Kingsoft Corporation, 2010,03,30,781] [D:\program files\ksafe\KEng\ksignup.dll] [Kingsoft Corporation, 1.1.0.2277] [D:\program files\ksafe\KEng\KSGMerge.DLL] [Kingsoft Corporation, 2011,05,12,1656] [D:\program files\ksafe\kinfoc2.dll] [Kingsoft Corporation, 2012,03,08,2672] [D:\program files\ksafe\kavmgr.dll] [Kingsoft Corporation, 3.6.0.2277] [PID: 1640 / Administrator][C:\WINDOWS\system32\ctfmon.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 772 / Administrator][C:\Program Files\Rising\RSD\popwndexe.exe] [Beijing Rising Information Technology Co., Ltd., 1.0.0.5] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\program files\ksafe\ksfmon.dll] [Kingsoft Corporation, 3.6.0.2285] [C:\Program Files\Rising\RSD\rsdk.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.2] [C:\Program Files\Rising\RSD\rsmginfo.dll] [Beijing Rising Information Technology Co., Ltd., 1.0.0.30] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [PID: 2376 / LOCAL SERVICE][C:\WINDOWS\system32\svchost.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [C:\WINDOWS\system32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [PID: 2624 / LOCAL SERVICE][C:\WINDOWS\System32\alg.exe] [(Verified) Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] [C:\WINDOWS\System32\UxTheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [PID: 3412 / Administrator][D:\Program Files\Maxthon3\Bin\Maxthon.exe] [Maxthon International ltd., 3, 3, 6, 1000] [D:\Program Files\Maxthon3\Bin\Maxthon.dll] [Maxthon International ltd., 3, 3, 6, 1000] [D:\Program Files\Maxthon3\Bin\MxUI.dll] [Maxthon International ltd., 3, 3, 3, 56] [D:\Program Files\Maxthon3\Bin\MxMsg.dll] [Maxthon, 1,0,0,16] [D:\Program Files\Maxthon3\Bin\MxHttpRq.dll] [Maxthon International ltd., 3, 0, 0, 30] [D:\Program Files\Maxthon3\Bin\MxXDR.dll] [Maxthon, 1, 0, 2, 3] [D:\Program Files\Maxthon3\Bin\MxTool.dll] [Maxthon International ltd., 1, 2, 0, 45] [D:\Program Files\Maxthon3\Bin\MxCrashCatch.dll] [Maxthon International ltd., 2, 0, 0, 59] [D:\Program Files\Maxthon3\Bin\MxFilePackage.dll] [Maxthon, 1,0,1,8] [D:\Program Files\Maxthon3\Bin\MxCoreMan.DLL] [Maxthon International ltd., 3, 3, 2, 601] [D:\Program Files\Maxthon3\Bin\mxdb.dll] [Maxthon International ltd, 4, 0, 0, 5] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\program files\ksafe\ksfmon.dll] [Kingsoft Corporation, 3.6.0.2285] [D:\program files\ksafe\kwsui.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\program files\ksafe\kswebshield.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\program files\ksafe\kswbc.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\Program Files\Maxthon3\Modules\MxStorage\MxStorage.dll] [Maxthon International ltd., 1, 0, 5, 112] [D:\Program Files\Maxthon3\modules\MxSvInfo\MxSvInfo.dll] [Maxthon International ltd., 2, 0, 0, 6] [D:\Program Files\Maxthon3\Bin\MxRsc.dll] [Maxthon International ltd., 1, 0, 0, 14] [D:\Program Files\Maxthon3\Modules\MxUeip\MxUeip.dll] [Maxthon International ltd., 1, 0, 0, 80] [D:\Program Files\Maxthon3\bin\Maxzlib.dll] [, 1, 2, 3, 3] [D:\Program Files\Maxthon3\Bin\MxIPC.dll] [Maxthon International ltd., 3, 2, 2, 2] [D:\Program Files\Maxthon3\Bin\MxWKView.dll] [Maxthon International ltd., 1, 0, 2, 38] [D:\Program Files\Maxthon3\Core\Webkit\MxWebkit.dll] [Maxthon International ltd., 1, 1, 6, 351] [D:\Program Files\Maxthon3\Modules\MxSync\MxSync.dll] [Maxthon International ltd., 2, 0, 2, 13] [D:\Program Files\Maxthon3\Modules\MxSiteIcon\MxSiteIcon.dll] [Maxthon International ltd., 1, 0, 18, 8] [D:\Program Files\Maxthon3\Bin\mxaddonsmgr.dll] [Maxthon International ltd., 3, 3, 4, 1006] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [D:\Program Files\Maxthon3\Modules\MxSmartUrl\MxSmartUrl.dll] [Maxthon International ltd., 1, 0, 17, 34] [PID: 2240 / Administrator][D:\Program Files\Maxthon3\Bin\Maxthon.exe] [Maxthon International ltd., 3, 3, 6, 1000] [D:\Program Files\Maxthon3\Bin\MxCrashCatch.dll] [Maxthon International ltd., 2, 0, 0, 59] [D:\Program Files\Maxthon3\Bin\MxMsg.dll] [Maxthon, 1,0,0,16] [D:\Program Files\Maxthon3\Bin\MxXDR.dll] [Maxthon, 1, 0, 2, 3] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\program files\ksafe\ksfmon.dll] [Kingsoft Corporation, 3.6.0.2285] [D:\program files\ksafe\kwsui.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\program files\ksafe\kswebshield.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\program files\ksafe\kswbc.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\Program Files\Maxthon3\modules\MxSvInfo\MxSvInfo.dll] [Maxthon International ltd., 2, 0, 0, 6] [D:\Program Files\Maxthon3\Bin\MxHttpRq.dll] [Maxthon International ltd., 3, 0, 0, 30] [D:\Program Files\Maxthon3\Modules\MxUeip\MxUeip.dll] [Maxthon International ltd., 1, 0, 0, 80] [D:\Program Files\Maxthon3\Bin\MxTool.dll] [Maxthon International ltd., 1, 2, 0, 45] [D:\Program Files\Maxthon3\Bin\MxAddonsMgr.dll] [Maxthon International ltd., 3, 3, 4, 1006] [D:\Program Files\Maxthon3\Addons\Misc\MxAddonMisc.dll] [Maxthon International ltd., 3, 3, 4, 1010] [D:\Program Files\Maxthon3\Bin\MxUI.dll] [Maxthon International ltd., 3, 3, 3, 56] [D:\Program Files\Maxthon3\Bin\MxFilePackage.dll] [Maxthon, 1,0,1,8] [D:\Program Files\Maxthon3\Addons\ExtTools\MxExtTools.dll] [Maxthon International ltd., 3, 3, 4, 1004] [D:\Program Files\Maxthon3\Addons\Avatarext\MxAvatarext.dll] [Maxthon International ltd., 3, 3, 4, 1001] [D:\Program Files\Maxthon3\Core\Webkit\MxWebkit.dll] [Maxthon International ltd., 1, 1, 6, 351] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [PID: 224 / Administrator][D:\Program Files\Maxthon3\Bin\Maxthon.exe] [Maxthon International ltd., 3, 3, 6, 1000] [D:\Program Files\Maxthon3\Bin\MxTool.dll] [Maxthon International ltd., 1, 2, 0, 45] [D:\Program Files\Maxthon3\Bin\MxCrashCatch.dll] [Maxthon International ltd., 2, 0, 0, 59] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\program files\ksafe\ksfmon.dll] [Kingsoft Corporation, 3.6.0.2285] [D:\program files\ksafe\kwsui.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\program files\ksafe\kswebshield.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\program files\ksafe\kswbc.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\Program Files\Maxthon3\modules\MxSvInfo\MxSvInfo.dll] [Maxthon International ltd., 2, 0, 0, 6] [D:\Program Files\Maxthon3\Bin\MxMsg.dll] [Maxthon, 1,0,0,16] [D:\Program Files\Maxthon3\Bin\MxHttpRq.dll] [Maxthon International ltd., 3, 0, 0, 30] [D:\Program Files\Maxthon3\Bin\MxXDR.dll] [Maxthon, 1, 0, 2, 3] [D:\Program Files\Maxthon3\Modules\MxUeip\MxUeip.dll] [Maxthon International ltd., 1, 0, 0, 80] [D:\Program Files\Maxthon3\Bin\MxResMgr.dll] [Maxthon International ltd., 3, 3, 6, 200] [D:\Program Files\Maxthon3\Bin\MxUI.dll] [Maxthon International ltd., 3, 3, 3, 56] [D:\Program Files\Maxthon3\Bin\mxdb.dll] [Maxthon International ltd, 4, 0, 0, 5] [D:\Program Files\Maxthon3\Bin\MxIPC.dll] [Maxthon International ltd., 3, 2, 2, 2] [D:\Program Files\Maxthon3\Bin\MxAccountSvc.dll] [Maxthon, 1, 0, 2, 5] [D:\Program Files\Maxthon3\Bin\MxEncode.dll] [Maxthon, 1, 0, 0, 2] [D:\Program Files\Maxthon3\Modules\MxStorage\MxStorage.dll] [Maxthon International ltd., 1, 0, 5, 112] [D:\Program Files\Maxthon3\Modules\MxCmpUrl\MxCmpUrl.dll] [Maxthon International ltd., 1, 0, 16, 10] [D:\Program Files\Maxthon3\Bin\maxzlib.dll] [, 1, 2, 3, 3] [D:\Program Files\Maxthon3\Core\Webkit\MxWebkit.dll] [Maxthon International ltd., 1, 1, 6, 351] [D:\Program Files\Maxthon3\Modules\MxFavDb\MxFavDb.dll] [Maxthon International ltd., 9, 9, 0, 0] [D:\Program Files\Maxthon3\Modules\MxHistory\MxHistory.dll] [Maxthon International ltd., 1, 0, 18, 8] [D:\Program Files\Maxthon3\Modules\MxSync\MxSync.dll] [Maxthon International ltd., 2, 0, 2, 13] [D:\Program Files\Maxthon3\Modules\MxUrlSec\MxUrlSec.dll] [Maxthon International ltd., 2, 0, 0, 26] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [PID: 932 / Administrator][D:\Program Files\Maxthon3\Bin\Maxthon.exe] [Maxthon International ltd., 3, 3, 6, 1000] [D:\Program Files\Maxthon3\Bin\MxTool.dll] [Maxthon International ltd., 1, 2, 0, 45] [D:\Program Files\Maxthon3\Bin\MxCrashCatch.dll] [Maxthon International ltd., 2, 0, 0, 59] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\program files\ksafe\ksfmon.dll] [Kingsoft Corporation, 3.6.0.2285] [D:\program files\ksafe\kwsui.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\program files\ksafe\kswebshield.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\program files\ksafe\kswbc.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\Program Files\Maxthon3\modules\MxSvInfo\MxSvInfo.dll] [Maxthon International ltd., 2, 0, 0, 6] [D:\Program Files\Maxthon3\Bin\MxMsg.dll] [Maxthon, 1,0,0,16] [D:\Program Files\Maxthon3\Bin\MxHttpRq.dll] [Maxthon International ltd., 3, 0, 0, 30] [D:\Program Files\Maxthon3\Bin\MxXDR.dll] [Maxthon, 1, 0, 2, 3] [D:\Program Files\Maxthon3\Modules\MxUeip\MxUeip.dll] [Maxthon International ltd., 1, 0, 0, 80] [D:\Program Files\Maxthon3\Bin\MxCore.dll] [Maxthon International ltd., 3, 3, 6, 600] [D:\Program Files\Maxthon3\Bin\MxUI.dll] [Maxthon International ltd., 3, 3, 3, 56] [D:\Program Files\Maxthon3\Modules\MxMute\MxMute.dll] [Maxthon International ltd., 1, 0, 0, 19] [D:\Program Files\Maxthon3\Bin\MxIPC.dll] [Maxthon International ltd., 3, 2, 2, 2] [D:\Program Files\Maxthon3\Core\Webkit\MxWebkit.dll] [Maxthon International ltd., 1, 1, 6, 351] [D:\Program Files\Maxthon3\Bin\MxFilePackage.dll] [Maxthon, 1,0,1,8] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [D:\Program Files\Thunder Network\Thunder\BHO\ThunderAgent7.2.6.3426.dll] [深圳市迅雷网络技术有限公司, 7,2,6,3426] [C:\WINDOWS\system32\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\WINDOWS\system32\QQPINYIN.IME] [Tencent, 4.4.1116.400] [D:\Program Files\Maxthon3\Core\Webkit\Npplugins\NPSWF32.dll] [, ] [PID: 3176 / Administrator][D:\Program Files\Tencent\QQ\Bin\QQProtect\Bin\QQProtect.exe] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\QQProtect\Bin\QQProtect.dll] [, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\QQProtect\Bin\Common.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\QQProtect\Bin\zlib.dll] [, 1.2.5.0] [D:\Program Files\Tencent\QQ\Bin\QQProtect\Bin\libexpatw.dll] [, 2.0.1.0] [D:\Program Files\Tencent\QQ\Bin\QQProtect\Bin\tinyxml.dll] [Tencent, 1.75.2776.961] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [D:\Program Files\Tencent\QQ\Bin\QQProtect\Bin\GF.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\QQProtect\Bin\xGraphic32.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\QQProtect\Bin\jgImage.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\QQProtect\Bin\libpng.dll] [, 1.4.9.0] [D:\Program Files\Tencent\QQ\Bin\QQProtect\Bin\libjpegturbo.dll] [, 6.2.0.0] [D:\Program Files\Tencent\QQ\Bin\QQProtect\Bin\jgIOStub.dll] [Tencent, 1.75.254.0] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [PID: 3712 / Administrator][D:\Program Files\Tencent\QQ\Bin\QQ.exe] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\Common.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\zlib.dll] [, 1.2.5.0] [D:\Program Files\Tencent\QQ\Bin\libexpatw.dll] [, 2.0.1.0] [D:\Program Files\Tencent\QQ\Bin\tinyxml.dll] [Tencent, 1.75.2776.961] [C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL] [Microsoft Corporation, 8.00.50727.4053] [D:\Program Files\Tencent\QQ\Bin\KernelUtil.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\xImage.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\libpng.dll] [, 1.4.9.0] [D:\Program Files\Tencent\QQ\Bin\libjpegturbo.dll] [, 6.2.0.0] [D:\Program Files\Tencent\QQ\Bin\GF.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\xGraphic32.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\jgImage.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\jgIOStub.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\AFUtil.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\IPC.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\FlashService.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\AppMisc.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\UtilGif.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\AppUtil.dll] [Tencent, 1.75.2776.961] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\program files\ksafe\ksfmon.dll] [Kingsoft Corporation, 3.6.0.2285] [D:\program files\ksafe\kwsui.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\program files\ksafe\kswebshield.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\Program Files\Tencent\QQ\Bin\LoginPanel.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\IM.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\TaskTray.dll] [Tencent, 1.75.2776.961] [C:\WINDOWS\system32\Macromed\Flash\Flash11g.ocx] [Adobe Systems, Inc., 11,1,102,63] [D:\Program Files\Tencent\QQ\Bin\TXPFProxy.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\MainFrame.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\xGui.dll] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\AppFramework.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\SkinMgr.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\AFCtrl.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\ProcessSession.DLL] [Tencent, 1.75.254.0] [D:\Program Files\Tencent\QQ\Bin\ConfigCenter.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\SystemMsg.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\ChatFrameApp.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\PluginCommon.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\GroupApp.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\QInterLive.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.GameLife\Bin\GameLife.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.WBlog\Bin\WBlog.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.VAS\Bin\VAS.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Wireless\Bin\Wireless.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.CRM\Bin\CRM.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQShow\Bin\QQShow.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Mail\Bin\Mail.dll] [Tencent, 1.75.2776.961] [C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.38\Bin\SSOPlatform.dll] [Tencent, 1.2.1.38] [C:\Program Files\Common Files\Tencent\TXSSO\1.2.1.38\Bin\SSOCommon.DLL] [Tencent, 1.2.1.11] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.paycenter\Bin\PayCenter.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqvip\Bin\QQVip.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqvipmisc\Bin\QQVipMisc.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.wenwen\Bin\WenWen.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.friendssocial\Bin\FriendsSocial.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.wblog\Bin\WBKernel.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qplus\Bin\QPlus.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\InformationBox.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.memo\Bin\Memo.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.netdisk\Bin\NetDisk.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\ContactInfoFrame.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.soso\Bin\Soso.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\Com.Tencent.VAS\Bin\TRCloudInputLib.dll] [Tencent, 4.3.1084.400] [D:\Program Files\Tencent\QQ\Bin\CustomFace.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\MsgMgr.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.wblog\Bin\WBMisc.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.netbar\Bin\NetBar.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqpet\Bin\QQPet.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqring\Bin\QQRing.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.advertisement\Bin\Advertisement.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqmusic\Bin\QQMusic.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.snsapp\Bin\SNSApp.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\OPIEModule.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.today\Bin\Today.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.qqgame\Bin\QQGame.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.mmog\Bin\MMOG.dll] [Tencent, 1.75.2776.961] [C:\WINDOWS\system32\msdmo.dll] [, ] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\Program Files\Rising\RIS\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.18] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\LongCnn.dll] [Tencent, 1.75.2776.961] [D:\Program Files\Tencent\QQ\Bin\AddrSearch.dll] [Tencent, 6, 0, 1, 0] [D:\Program Files\Tencent\QQ\Plugin\com.tencent.winks\Bin\Winks.dll] [Tencent, 1.75.2776.961] [PID: 3436 / Administrator][D:\Program Files\Tencent\QQ\Bin\TXPlatform.exe] [Tencent, 1.75.2776.961] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\program files\ksafe\ksfmon.dll] [Kingsoft Corporation, 3.6.0.2285] [D:\Program Files\Tencent\QQ\Bin\TXPFProxy.dll] [Tencent, 1.75.2776.961] [PID: 1284 / SYSTEM][C:\91DOS\smt.exe] [Microsoft Corporation, 1.0] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [C:\WINDOWS\system32\shdoclc.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\Program Files\Rising\RIS\RavScrCh.dll] [Beijing Rising Information Technology Co., Ltd., 23.0.0.18] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [C:\WINDOWS\system32\Macromed\Flash\Flash11g.ocx] [Adobe Systems, Inc., 11,1,102,63] [PID: 2704 / Administrator][D:\Program Files\Thunder Network\Thunder\Program\Thunder.exe] [深圳市迅雷网络技术有限公司, 7,2,6,3426] [D:\Program Files\Thunder Network\Thunder\Program\XLUE.dll] [深圳市迅雷网络技术有限公司, 0.9.0.324] [D:\Program Files\Thunder Network\Thunder\Program\XLGraphic.dll] [深圳市迅雷网络技术有限公司, 0.9.0.324] [D:\Program Files\Thunder Network\Thunder\Program\libpng13.dll] [, 1.2.38] [D:\Program Files\Thunder Network\Thunder\Program\zlib1.dll] [, 1.2.5] [D:\Program Files\Thunder Network\Thunder\Program\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\Program Files\Thunder Network\Thunder\Program\XLFSIO.dll] [深圳市迅雷网络技术有限公司, 0.9.0.324] [D:\Program Files\Thunder Network\Thunder\Program\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [D:\Program Files\Thunder Network\Thunder\Program\XLLuaRuntime.dll] [深圳市迅雷网络技术有限公司, 0.9.0.312] [D:\Program Files\Thunder Network\Thunder\Program\libexpat.dll] [N/A, ] [D:\Program Files\Thunder Network\Thunder\Program\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [D:\Program Files\Thunder Network\Thunder\Program\XLBugHandler.dll] [, 2, 2, 0, 7] [D:\Program Files\Thunder Network\Thunder\Program\minizip.dll] [, 1, 0, 0, 1] [D:\Program Files\Thunder Network\Thunder\Program\XLIPC.dll] [N/A, ] [D:\Program Files\Thunder Network\Thunder\Program\sqlite3.dll] [, 3, 6, 22, 0] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\program files\ksafe\ksfmon.dll] [Kingsoft Corporation, 3.6.0.2285] [D:\program files\ksafe\kwsui.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\program files\ksafe\kswebshield.dll] [Kingsoft Corporation, 2012.03.16.2277] [D:\Program Files\Thunder Network\Thunder\Program\xl_data.dll] [深圳市迅雷网络技术有限公司, 1, 12, 5, 38] [D:\Program Files\Thunder Network\Thunder\Program\DownloadKernel.dll] [深圳市迅雷网络技术有限公司, 7,2,6,3426] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [D:\Program Files\Thunder Network\Thunder\Program\asyn_download_interface.dll] [深圳市迅雷网络技术有限公司, 1,1,2,51] [D:\Program Files\Thunder Network\Thunder\Program\tp_proxy.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 22] [D:\Program Files\Thunder Network\Thunder\Program\XLUserAX.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 81] [D:\Program Files\Thunder Network\Thunder\Program\dl_peer_id.dll] [深圳市迅雷网络技术有限公司, 3, 2, 2, 17] [D:\Program Files\Thunder Network\Thunder\Program\BaseCommunity.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 184] [D:\Program Files\Thunder Network\Thunder\Program\xl_client.dll] [深圳市迅雷网络技术有限公司, 1, 14, 2, 35] [D:\Program Files\Thunder Network\Thunder\Program\asyn_frame.dll] [深圳市迅雷网络技术有限公司, 1,6,2,21] [D:\Program Files\Thunder Network\Thunder\Program\dl_uac_tool.dll] [N/A, ] [D:\Program Files\Thunder Network\Thunder\Program\mp.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 10] [D:\Program Files\Thunder Network\Thunder\Program\xl_stat_client.dll] [ShenZhen Thunder Networking Technologies Ltd., 1.1.0.84] [D:\Program Files\Thunder Network\Thunder\Program\SuperDownloadInfo.dll] [深圳市迅雷网络技术有限公司, 7,2,6,3426] [D:\Program Files\Thunder Network\Thunder\Addins\VipService\VipService.dll] [Thunder Networking Technologies,LTD, 1, 1, 2, 376] [D:\Program Files\Thunder Network\Thunder\Addins\DS\xlds.dll] [深圳市迅雷网络技术有限公司, 1.0.2.19] [D:\Program Files\Thunder Network\Thunder\Addins\DS\xldp.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 24] [D:\Program Files\Thunder Network\Thunder\Addins\DS\XLNetU.Dll] [深圳市迅雷网络技术有限公司, 1, 5, 2, 25] [D:\Program Files\Thunder Network\Thunder\Addins\DS\xlmw.dll] [深圳市迅雷网络技术有限公司, 1, 2, 0, 27] [D:\Program Files\Thunder Network\Thunder\Addins\MallAssistantAddin\MallAssistantAddin.dll] [深圳市迅雷网络技术有限公司, 1, 0, 1, 22] [D:\Program Files\Thunder Network\Thunder\Addins\DoctorAddin\DoctorAddin.dll] [深圳市迅雷网络技术有限公司, 1.0.1.320] [D:\Program Files\Thunder Network\Thunder\XLDoctor\7.2.6.3426_3\Program\XLDoctor.dll] [深圳市迅雷网络技术有限公司, 1.0.1.316] [D:\Program Files\Thunder Network\Thunder\XLDoctor\7.2.6.3426_3\Program\XLUpLoadInfo.dll] [深圳迅雷网络技术有限公司, 1.0.0.4] [D:\Program Files\Thunder Network\Thunder\Addins\TipsAddin\TipsAddin.dll] [TODO: <公司名>, 1.0.0.10] [D:\Program Files\Thunder Network\Thunder\Addins\VideoAddin\videoaddin.dll] [TODO: <公司名>, 1, 0, 1, 41] [D:\Program Files\Thunder Network\Thunder\XLDoctor\7.2.6.3426_3\Program\tp_proxy.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 22] [D:\Program Files\Thunder Network\Thunder\Addins\Community\XLCPAddinManager.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 21] [D:\Program Files\Thunder Network\Thunder\Addins\community\Community.dll] [Thunder Networking Technologies,LTD, 1, 0, 2, 111] [D:\Program Files\Thunder Network\Thunder\Addins\Community\http.dll] [深圳市迅雷网络技术有限公司, 1.0.2.15] [D:\Program Files\Thunder Network\Thunder\Addins\Community\XLCP.dll] [Thunder Networking Technologies,LTD, 1.0.1.22] [D:\Program Files\Thunder Network\Thunder\Addins\Community\BaseIM.dll] [TODO: , 1.0.2.13] [D:\Program Files\Thunder Network\Thunder\Addins\Community\TipsManager.dll] [Thunder Networking Technologies,LTD, 1.0.2.24] [D:\Program Files\Thunder Network\Thunder\Addins\InMediaAddin\iEmbed.dll] [Thunder Networking Technologies,LTD, 4, 0, 1, 28] [D:\Program Files\Thunder Network\Thunder\Addins\XLMC\xlmc.dll] [深圳市迅雷网络技术有限公司, 1.0.0.6] [D:\Program Files\Thunder Network\Thunder\Addins\CompressPreviewAddin\CompressPreview.dll] [TODO: <公司名>, 1.0.0.1] [D:\Program Files\Thunder Network\Thunder\Addins\XLMC\XLNetU.Dll] [深圳市迅雷网络技术有限公司, 1, 5, 2, 25] [C:\WINDOWS\system32\Macromed\Flash\Flash11g.ocx] [Adobe Systems, Inc., 11,1,102,63] [D:\Program Files\Thunder Network\Thunder\Addins\P2pShare\P2pShare.dll] [TODO: <公司名>, 1.0.0.4] [D:\Program Files\Thunder Network\Thunder\Addins\ADTipsAddin\TipsClient.dll] [Thunder Networking Technologies,LTD, 3, 1, 1, 6] [D:\Program Files\Thunder Network\Thunder\Addins\ADTipsAddin\XLSkin.dll] [Thunder Networking Technologies,LTD, 1, 0, 1, 3] [D:\Program Files\Thunder Network\Thunder\Addins\ADTipsAddin\XLNetU.dll] [Thunder Networking Technologies,LTD, 1, 4, 5, 20] [D:\Program Files\Thunder Network\Thunder\Addins\ADTipsAddin\XLIPC_AD.DLL] [Thunder Networking Technologies,LTD, 1, 0, 0, 2] [PID: 2708 / Administrator][c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\thunderplatform.exe] [深圳市迅雷网络技术有限公司, 1, 1, 2, 101] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\minizip.dll] [, 1, 0, 0, 1] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\zlib1.dll] [, 1.2.5] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\MSVCR71.dll] [Microsoft Corporation, 7.10.6030.0] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\MSVCP71.dll] [Microsoft Corporation, 7.10.6030.0] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\xlbughandler.dll] [, 2, 2, 0, 7] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\dl_uac_tool.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\download_engine.dll] [深圳市迅雷网络技术有限公司, 3, 7, 2, 18] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\mp.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 10] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\XLCrypto.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\asyn_frame.dll] [深圳市迅雷网络技术有限公司, 1,6,2,21] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\ts.dll] [深圳市迅雷网络技术有限公司, 1,1,2,30] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\ta.dll] [深圳市迅雷网络技术有限公司, 1, 0, 2, 100] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\ATL71.DLL] [Microsoft Corporation, 7.10.6101.0] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\xl_data.dll] [深圳市迅雷网络技术有限公司, 1, 12, 5, 38] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\XLLuaRuntime.dll] [深圳市迅雷网络技术有限公司, 0.9.0.312] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\XLFSIO.dll] [深圳市迅雷网络技术有限公司, 0.9.0.324] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\libexpat.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\backend_agent.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 63] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\xl_client.dll] [深圳市迅雷网络技术有限公司, 1, 14, 2, 35] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\program files\ksafe\ksfmon.dll] [Kingsoft Corporation, 3.6.0.2285] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\ptl.dll] [深圳市迅雷网络技术有限公司, 3, 3, 2, 123] [D:\program files\ksafe\kwsui.dll] [Kingsoft Corporation, 2012.03.16.2277] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\dl_peer_id.dll] [深圳市迅雷网络技术有限公司, 3, 2, 2, 17] [D:\program files\ksafe\kswebshield.dll] [Kingsoft Corporation, 2012.03.16.2277] [C:\Documents and Settings\All Users\Application Data\Thunder Network\ThunderPlatform\ThunderPlatform_1.1.2.101_1111_a\Components\DownloadLibDll\md_p_1.0.252\xl_stat.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 12] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\al.dll] [深圳市迅雷网络技术有限公司, 1, 3, 2, 86] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\p2p_upload.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 32] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\down_dispatcher.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 134] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\fs.dll] [深圳市迅雷网络技术有限公司, 1, 3, 2, 10] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\dphubt.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 47] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\p2sp.dll] [深圳市迅雷网络技术有限公司, 1, 3, 2, 224] [C:\Documents and Settings\All Users\Application Data\Thunder Network\ThunderPlatform\ThunderPlatform_1.1.2.101_1111_a\Components\DownloadLibDll\md_p_1.0.252\member_stat.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 15] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\p2p.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 186] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\p2p_local_res.dll] [深圳市迅雷网络技术有限公司, 1, 2, 2, 31] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\sl.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 11] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\task_report.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 9] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\dtnet.dll] [深圳市迅雷网络技术有限公司, 1.0.1.13] [C:\Documents and Settings\All Users\Application Data\Thunder Network\ThunderPlatform\ThunderPlatform_1.1.2.101_1111_a\Components\DownloadLibDll\md_p_1.0.252\emule_id.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 33] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\stream.dll] [深圳市迅雷网络技术有限公司, 2, 1, 2, 1203] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\module_downloader.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 19] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\mini_unzip_dll.dll] [N/A, ] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\p2p_session_com.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 114] [c:\program files\common files\thunder network\tp\ver1\1.1.2.101_1111\p2p_cloud.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 11] [C:\Documents and Settings\All Users\Application Data\Thunder Network\ThunderPlatform\ThunderPlatform_1.1.2.101_1111_a\Components\DownloadLibDll\md_p_1.0.252\bd.dll] [深圳市迅雷网络技术有限公司, 1, 1, 2, 28] [PID: 644 / Administrator][F:\SREngLdr.EXE] [Smallfrogs Studio, 2.8.4.1331] [PID: 2544 / Administrator][F:\SREd957320c.EXE] [Smallfrogs Studio, 2.8.4.1331] [C:\WINDOWS\system32\uxtheme.dll] [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [D:\program files\ksafe\ksfmon.dll] [Kingsoft Corporation, 3.6.0.2285] [C:\WINDOWS\system32\TenLSP.dll] [Tencent, 1.0.6.298] ================================== 文件关联 .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock 提供者 TenLSP over [MSAFD Tcpip [TCP/IP]] C:\WINDOWS\system32\TenLSP.dll(Tencent, Tencent TGC LSP) TenLSP over [MSAFD Tcpip [UDP/IP]] C:\WINDOWS\system32\TenLSP.dll(Tencent, Tencent TGC LSP) TenLSP C:\WINDOWS\system32\TenLSP.dll(Tencent, Tencent TGC LSP) ================================== Autorun.inf N/A ================================== HOSTS 文件 127.0.0.1 localhost 127.0.0.1 211.94.190.80 113.105.167.244 www.dangdang.com 113.105.167.244 dangdang.com 127.0.0.1 wa.kuwo.cn 122.227.0.167 doshome.net 122.227.0.167 doshome.com ================================== 进程特权扫描特殊特权被允许： SeLoadDriverPrivilege [PID = 996, C:\WINDOWS\SYSTEM32\WINLOGON.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1416, C:\91DOS\SAFESVC.EXE] 特殊特权被允许： SeLoadDriverPrivilege [PID = 1284, C:\91DOS\SMT.EXE] ================================== 计划任务 N/A ================================== Windows 安全更新检查 N/A ================================== API HOOK 入口点错误：LoadLibraryExW (危险等级: 高, 被下面模块所HOOK: 0x00F102F1) 入口点错误：CreateProcessA (危险等级: 高, 被下面模块所HOOK: 0x00EB02F1) 入口点错误：CreateProcessW (危险等级: 高, 被下面模块所HOOK: 0x00EE02F1) ================================== 隐藏进程 N/A ================================== [/CODE]