[CODE] 2008-09-06,18:53:48 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Home Edition Service Pack 2 (build 2600) - Administrators ======================================== 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <; "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"> [Intel Corporation, 11.1.0.5 , C:2007-02-21 11:19 M:2007-02-21 11:19] <; "C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A, C:2006-09-30 15:25 M:2006-09-30 15:25] <; C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup> [Macrovision Corporation, 3, 20, 100, 1123, C:2006-10-03 11:35 M:2006-10-03 11:35] <; "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start> [Macrovision Corporation, 3, 20, 100, 1123, C:2006-10-03 11:37 M:2006-10-03 11:37] <; "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"> [Sonic Solutions, 9.0.1.64, C:2006-11-05 11:22 M:2006-11-05 11:22] <; "C:\Program Files\Google\Google Pinyin\GooglePinyinDaemon.exe"> [(Verified)Google Inc., 1, 0, 0, 1, C:2007-11-23 11:34 M:2008-08-05 13:23] <; RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00|(Verified)NVIDIA Corporation, 6.14.11.0128, C:2007-10-27 12:16 M:2007-05-11 22:57] <; RunDLL32.exe NvMCTray.dll,NvTaskbarInit> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00|(Verified)NVIDIA Corporation, 6.14.11.0128, C:2007-10-27 12:16 M:2007-05-11 22:57] <"E:\新建文件夹\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-09-05 01:35 M:2008-09-06 01:06] <; "C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2008-09-05 01:36 M:2008-09-06 02:48] <18Rich> [18rich.com, 1, 0, 828, 2, C:2008-09-04 12:01 M:2008-09-04 12:01] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2008-09-05 01:36 M:2008-09-06 02:48] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-05 01:35 M:2008-09-06 01:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2007-10-29 18:11 M:2006-07-24 23:51] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2007-10-29 18:11 M:2006-03-08 18:49] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2008-01-04 09:17 M:2008-01-04 09:17] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00|(Verified)Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506), C:2004-08-17 10:00 M:2008-06-24 00:14|(Verified)N/A, C:2004-08-17 10:00 M:2004-08-17 10:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00|(Verified)Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506), C:2004-08-17 10:00 M:2008-06-24 00:14|(Verified)N/A, C:2004-08-17 10:00 M:2004-08-17 10:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00|(Verified)Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506), C:2004-08-17 10:00 M:2008-06-24 00:14|(Verified)N/A, C:2004-08-17 10:00 M:2004-08-17 10:00] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\HP Master Monitor] [(Verified)Hewlett-Packard, 10.00.16, C:2002-08-19 21:50 M:2002-08-19 21:50] ======================================== 启动项 ======================================== 计划任务 ======================================== 组件 ShellExecuteHook [ShlExecHack Class] {32CD708B-60A7-4C00-9377-D73EAA495F0F} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-05 01:35 M:2008-09-06 01:06] Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2007-10-27 11:44 M:2004-08-17 18:00] [NvCpl DesktopContext Class] {A70C977A-BF00-412C-90B7-034C51DA2439} [(Verified)NVIDIA Corporation, 6.14.11.0128, C:2007-10-27 12:16 M:2007-05-11 22:57] [Play on my TV helper] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [(Verified)NVIDIA Corporation, 6.14.11.0128, C:2007-10-27 12:16 M:2007-05-11 22:57] [Desktop Explorer] {1CDB2949-8F65-4355-8456-263E7C208A5D} [N/A, C:2007-10-27 12:16 M:2007-05-11 22:57] [Desktop Explorer Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [N/A, C:2007-10-27 12:16 M:2007-05-11 22:57] [nView Desktop Context Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [N/A, C:2007-10-27 12:16 M:2007-05-11 22:57] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2007-10-29 18:05 M:2007-05-06 11:58] [Roxio DragToDisc Shell Extension] {5E44E225-A408-11CF-B581-008029601108} [(Verified)Roxio, 9.0.0.63, C:2006-11-08 09:00 M:2006-11-08 09:00] [Shell Extensions for RealOne Player] {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [(Verified)RealNetworks, Inc., 1.0.2.44, C:2007-11-13 23:16 M:2008-09-06 02:46] [AutoCAD 数字签名图标覆盖处理程序] {36A21736-36C2-4C11-8ACB-D4136F2B57BD} [(Verified)Autodesk, 16.0.0.86, C:2003-02-14 01:31 M:2003-02-14 01:31] [Autodesk Drawing Preview] {AC1DB655-4F9A-4c39-8AD2-A65324A4C446} [(Verified)Autodesk, 16.0.0.86, C:2003-02-14 01:31 M:2003-02-14 01:31] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-05 01:35 M:2008-09-06 01:06] BrowserHelperObject [CnBho Class] {1CE35DBA-0DEC-4FC9-AF83-4B12642E9EC9} [中国互联网络信息中心(CNNIC), 2, 6, 0, 0, C:2007-03-28 10:39 M:2007-03-28 10:39] [RealPlayer Download and Record Plugin for Internet Explorer] {3049C3E9-B461-4BC5-8870-4C09146192CA} [(Verified)RealPlayer, 1.0.1.57, C:2008-09-06 02:47 M:2008-09-06 02:47] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-09-06 02:48 M:2008-09-06 02:48] [Google Toolbar Helper] {AA58ED58-01DD-4d91-8333-CF10577473F7} [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-09-06 02:51 M:2008-09-06 02:51] [Google Toolbar Notifier BHO] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [(Verified)Google Inc., 2, 0, 301, 7164, C:2008-09-06 02:52 M:2008-09-06 02:52] ToolBar [&Google] {2318C2B1-4965-11d4-9B18-009027A5CD4F} [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-09-06 02:51 M:2008-09-06 02:51] ActiveX Extension [Google Script Object] {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB} [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-09-06 02:51 M:2008-09-06 02:51] [MMCPlayer Class] {05C1004E-2596-48E5-8E26-39362985EEB9} [Sohu.com Inc., 2, 0, 0, 103, C:2007-09-03 21:07 M:2007-09-03 21:07] [CnBho Class] {1CE35DBA-0DEC-4FC9-AF83-4B12642E9EC9} [中国互联网络信息中心(CNNIC), 2, 6, 0, 0, C:2007-03-28 10:39 M:2007-03-28 10:39] [&Google] {2318C2B1-4965-11D4-9B18-009027A5CD4F} [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-09-06 02:51 M:2008-09-06 02:51] [PhotoDraw Class] {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} [(Verified)TENCENT, 1, 4, 106, 110, C:2007-09-11 10:09 M:2007-09-11 10:09] [RealPlayer Download and Record Plugin for Internet Explorer] {3049C3E9-B461-4BC5-8870-4C09146192CA} [(Verified)RealPlayer, 1.0.1.57, C:2008-09-06 02:47 M:2008-09-06 02:47] [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [Thunder Networking Technologies,LTD, 1, 0, 0, 10, C:2007-10-29 18:11 M:2006-08-08 00:59] [AxInputControl Class] {73E4740C-08EB-4133-896B-8D0A7C9EE3CD} [Copyright 2003, 1, 0, 0, 12, C:2005-07-25 15:51 M:2005-07-25 15:51] [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [360safe.com, 1, 0, 1, 1020, C:2007-08-21 23:31 M:2007-08-21 23:31] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [Thunder Networking Technologies,LTD, 5, 0, 0, 2, C:2007-10-29 18:11 M:2006-06-03 19:17] [XML DOM Document 4.0] {88D969C0-F192-11D4-A65F-0040963251E5} [Microsoft Corporation, 4.20.9848.0, C:2007-05-08 15:10 M:2007-05-08 15:10] [Free Threaded XML DOM Document 4.0] {88D969C1-F192-11D4-A65F-0040963251E5} [Microsoft Corporation, 4.20.9848.0, C:2007-05-08 15:10 M:2007-05-08 15:10] [XSL Template 4.0] {88D969C3-F192-11D4-A65F-0040963251E5} [Microsoft Corporation, 4.20.9848.0, C:2007-05-08 15:10 M:2007-05-08 15:10] [XML HTTP 4.0] {88D969C5-F192-11D4-A65F-0040963251E5} [Microsoft Corporation, 4.20.9848.0, C:2007-05-08 15:10 M:2007-05-08 15:10] [AxSubmitControl Class] {8D9E0B29-563C-4226-86C1-5FF2AE77E1D2} [Copyright 2003, 1, 0, 0, 5, C:2005-01-26 00:36 M:2005-01-26 00:36] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-09-06 02:48 M:2008-09-06 02:48] [RavOnline Class] {9FAFB576-6933-4CCC-AB3D-B988EC43D04E} [Beijing Rising Information Technology Co., Ltd., 20.0.0.17, C:2008-08-19 09:46 M:2008-08-19 09:46] [Google Toolbar Helper] {AA58ED58-01DD-4D91-8333-CF10577473F7} [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-09-06 02:51 M:2008-09-06 02:51] [Google Toolbar Notifier BHO] {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} [(Verified)Google Inc., 2, 0, 301, 7164, C:2008-09-06 02:52 M:2008-09-06 02:52] [Tencent Safety Online Base Module] {C09B522F-8AED-4E21-A65C-DC1AB652BAEE} [(Verified)Tencent Corporation, 2007, 4, 10, 12, C:2006-12-17 16:10 M:2006-12-17 16:10] [QQPlayerSvr Proxy Control] {CD108273-D434-43E6-AA90-1469F97EB398} [(Verified)腾讯科技, 2, 11, 112, 140, C:2007-12-12 17:29 M:2007-12-12 17:29] [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [(Verified)RealNetworks, Inc., 6.0.10.53, C:2006-09-15 20:20 M:2008-09-06 02:47] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [PasswordEditCtrl Class] {E787FD25-8D7C-4693-AE67-9406BC6E22DF} [(Verified)腾讯科技(深圳)有限公司, 1, 1, 0, 4, C:2007-08-14 18:27 M:2007-08-14 18:27] [BoBoControl Class] {EC0978ED-24E3-403C-AB7A-060E388553E6} [(Verified)广州易播信息科技有限公司, 3.11.1011.2, C:2007-11-11 14:31 M:2007-11-11 14:31] [TimwpDll.TimwpCheck] {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} [(Verified)TENCENT, 7,1,638,1773, C:2008-01-04 17:10 M:2008-01-04 17:10] [PPLive Lite Class] {EF0D1A14-1033-41A2-A589-240C01EDC078} [(Verified)Copyright 2008, 1, 0, 0, 3, C:2008-07-18 14:05 M:2008-07-18 14:05] [IERPCtl Class] {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} [(Verified)RealNetworks, Inc., 1.0.2.45, C:2008-09-06 02:46 M:2008-09-06 02:46] Context Menu [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-05 01:35 M:2008-09-06 01:06] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2007-10-29 18:05 M:2007-05-06 11:58] ======================================== 服务 [Application Management / AppMgmt][Stopped/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\appmgmts.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [C-DillaCdaC11BA / C-DillaCdaC11BA][Running/Auto Start] [Macrovision, 4.20.020, C:2008-07-29 11:09 M:2008-07-29 11:09] [Intel(R) PROSet/Wireless Event Log / EvtEng][Running/Auto Start] [Intel Corporation, 11.1.0.4, C:2007-02-21 11:28 M:2007-02-21 11:28] [InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe"> [Macrovision Corporation, 10.50.125, C:2004-10-22 03:24 M:2004-10-22 03:24] [P4P Service / P4P Service][Running/Auto Start] [Sohu.com Inc., 2, 0, 0, 33, C:2007-09-11 17:20 M:2007-09-11 17:20] [Intel(R) PROSet/Wireless Registry Service / RegSrvc][Running/Auto Start] [Intel Corporation, 11.1.0.0 , C:2007-02-21 11:10 M:2007-02-21 11:10] [RoxMediaDB9 / RoxMediaDB9][Stopped/Manual Start] <"C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe"> [Sonic Solutions, 9.0.1.64, C:2006-11-05 11:15 M:2006-11-05 11:15] [Roxio Hard Drive Watcher 9 / RoxWatch9][Stopped/Auto Start] <"C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe"> [Sonic Solutions, 9.0.1.64, C:2006-11-05 11:13 M:2006-11-05 11:13] [Intel(R) PROSet/Wireless Service / S24EventMonitor][Running/Auto Start] [Intel Corporation , 11, 1, 0, 9, C:2007-02-21 11:16 M:2007-02-21 11:16] [SiSoftware Database Agent Service / SandraDataSrv][Stopped/Manual Start] [] [SiSoftware Sandra Agent Service / SandraTheSrv][Stopped/Manual Start] [] [SigmaTel Audio Service / STacSV][Running/Auto Start] [SigmaTel, Inc., 1.0.5511.0 nd595 cp1, C:2007-10-27 12:20 M:2007-05-06 17:11] [stllssvr / stllssvr][Stopped/Manual Start] <"C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"> [MicroVision Development, Inc., 1.2.447, C:2006-09-14 14:54 M:2006-09-14 14:54] [Intel(R) PROSet/Wireless SSO Service / WLANKEEPER][Running/Auto Start] [Intel(R) Corporation, 11.1.0.4, C:2007-02-21 11:19 M:2007-02-21 11:19] [BoBoTurbo / BoBoTurbo][Running/Auto Start] [(Verified)广州易播信息科技有限公司, 1, 6, 902, 2, C:2008-09-03 11:38 M:2008-09-03 11:38] [Google Updater Service / gusvc][Stopped/Manual Start] <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"> [(Verified)Google, 2.0.734.29932.beta, C:2008-09-06 02:46 M:2008-09-06 02:46] [Kingsoft Basic Service / kaccore][Running/Auto Start] <"C:\Program Files\Kingsoft\KAC\Service\kaccore.exe"> [(Verified)Kingsoft Corporation, 2008,09,04,252, C:2008-09-06 02:34 M:2008-09-06 03:02] [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [(Verified)NVIDIA Corporation, 6.14.11.0128, C:2007-10-27 12:16 M:2007-05-11 22:57] [Rising Process Communication Center / RsCCenter][Running/Auto Start] <"E:\新建文件夹\Rising\Rav\CCenter.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-09-05 01:35 M:2008-09-06 01:06] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"E:\新建文件夹\RISING\RAV\Ravmond.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-09-05 01:35 M:2008-09-06 01:06] ======================================== 驱动 [AEGIS Protocol (IEEE 802.1x) v3.6.0.0 / AegisP][Running/Auto Start] [Meetinghouse Data Communications, 3.6.0.0, C:2007-10-27 12:11 M:2007-10-27 12:11] [bootdrv / bootdrv][Stopped/Boot Start] [] [CdaC15BA / CdaC15BA][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\CDAC15BA.SYS> [Macrovision Europe Ltd, 3.17.000, C:2008-07-29 11:09 M:2008-07-29 11:09] [FTCProtect / FTCProtect][Stopped/Manual Start] [] [FTCProTime / FTCProTime][Stopped/Manual Start] [] [Netgroup Packet Filter / NPF][Stopped/Manual Start] [Politecnico di Torino, 3, 0, 0, 18, C:2007-10-29 20:13 M:2005-07-19 08:39] [Padus ASPI Shell / pfc][Running/Manual Start] [Padus, Inc., 2, 5, 0, 202, C:2008-01-14 09:37 M:2008-01-14 09:37] [StarForce Protection Environment Driver v6 / prodrv06][Running/System Start] <\SystemRoot\System32\drivers\prodrv06.sys> [Protection Technology, 6.29, C:2003-10-10 21:06 M:2003-10-10 21:06] [StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start] [Protection Technology, 2.29, C:2003-10-10 22:06 M:2003-10-10 22:06] [StarForce Protection Synchronization Driver v1 / prosync1][Running/Boot Start] [Protection Technology, 1.5, C:2003-09-06 20:22 M:2003-09-06 20:22] [PxHelp20 / PxHelp20][Running/Boot Start] [Sonic Solutions, 3.00.40a, C:2006-07-24 03:00 M:2006-07-24 03:00] [WLAN 传输 / s24trans][Running/Auto Start] [Intel Corporation, 11, 1, 0, 0, C:2007-02-21 11:16 M:2007-02-21 11:16] [StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start] [Protection Technology, 1.37, C:2005-08-10 20:44 M:2005-08-10 20:44] [StarForce Protection Helper Driver / sfhlp01][Running/Boot Start] [Protection Technology, 1.4, C:2003-09-06 20:27 M:2003-09-06 20:27] [StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start] [Protection Technology, 2.3, C:2005-05-16 21:20 M:2005-05-16 21:20] [StarForce Protection Synchronization Driver (version 2.x) / sfsync02][Running/Boot Start] [Protection Technology, 2.12, C:2005-08-10 22:06 M:2005-08-10 22:06] [Conexant Setup API / UIUSys][Stopped/Manual Start] [] [xbpublic / xbpublic][Running/Boot Start] [Microsoft Corporation, 15, 0, 0, 0, C:2007-11-29 15:29 M:2007-11-15 21:00] [Broadcom NetXtreme Gigabit Ethernet / b57w2k][Running/Manual Start] [(Verified)Broadcom Corporation, 10.27.0.0 built by: WinDDK, C:2007-10-27 12:15 M:2007-02-27 10:21] [DLABMFSM / DLABMFSM][Running/Auto Start] [(Verified)Roxio, 9.01.10a, C:2007-10-29 18:34 M:2006-10-26 16:21] [DLABOIOM / DLABOIOM][Running/Auto Start] [(Verified)Roxio, 9.01.10a, C:2007-10-29 18:34 M:2006-10-26 16:21] [DLACDBHM / DLACDBHM][Running/System Start] [(Verified)Roxio, 9.05.02a, C:2007-10-29 18:34 M:2007-02-08 20:05] [DLADResM / DLADResM][Running/Auto Start] [(Verified)Roxio, 9.01.10a, C:2007-10-29 18:34 M:2006-10-26 16:21] [DLAIFS_M / DLAIFS_M][Running/Auto Start] [(Verified)Roxio, 9.01.10a, C:2007-10-29 18:34 M:2006-10-26 16:21] [DLAOPIOM / DLAOPIOM][Running/Auto Start] [(Verified)Roxio, 9.01.10a, C:2007-10-29 18:34 M:2006-10-26 16:21] [DLAPoolM / DLAPoolM][Running/Auto Start] [(Verified)Roxio, 9.01.10a, C:2007-10-29 18:34 M:2006-10-26 16:21] [DLARTL_M / DLARTL_M][Running/System Start] [(Verified)Roxio, 9.05.02a, C:2007-10-29 18:34 M:2007-02-08 20:05] [DLAUDFAM / DLAUDFAM][Running/Auto Start] [(Verified)Roxio, 9.01.10a, C:2007-10-29 18:34 M:2006-10-26 16:21] [DLAUDF_M / DLAUDF_M][Running/Auto Start] [(Verified)Roxio, 9.01.10a, C:2007-10-29 18:34 M:2006-10-26 16:21] [DRVMCDB / DRVMCDB][Running/Boot Start] [(Verified)Sonic Solutions, 8.10.42a, C:2007-10-29 18:34 M:2006-07-21 11:21] [DRVNDDM / DRVNDDM][Running/Auto Start] [(Verified)Roxio, 9.05.02a, C:2007-10-29 18:34 M:2007-02-09 12:34] [Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2005-01-07 17:07 M:2005-01-07 17:07] [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2008-09-05 01:35 M:2008-09-06 01:06] [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 50, C:2008-09-05 01:35 M:2008-09-06 01:06] [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 28, C:2008-09-05 01:35 M:2008-09-06 01:06] [HookSys / HookSys][Running/System Start] <\SystemRoot\system32\drivers\HookSys.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2008-09-05 01:35 M:2008-09-06 01:06] [HSFHWAZL / HSFHWAZL][Running/Manual Start] [(Verified)Conexant Systems, Inc., 7.59.00 built by: WinDDK, C:2007-10-27 12:07 M:2006-11-02 18:47] [HSF_DPV / HSF_DPV][Running/Manual Start] [(Verified)Conexant Systems, Inc., 7.59.00 built by: WinDDK, C:2007-10-27 12:07 M:2006-11-02 18:47] [KAVBootC / KAVBootC][Running/Boot Start] [(Verified)Kingsoft Corporation, 2008,04,28,85, C:2008-06-11 12:01 M:2008-06-17 08:59] [KAVSafe / KAVSafe][Running/Auto Start] <\??\C:\WINDOWS\system32\Drivers\KAVSafe.sys> [(Verified)Kingsoft Corporation, 2008,04,28,65, C:2008-06-11 12:01 M:2008-06-17 08:59] [mdmxsdk / mdmxsdk][Running/Auto Start] [(Verified)Conexant, 1.0.2.012, C:2007-10-27 12:07 M:2006-06-19 13:26] [Intel(R) Wireless WiFi Link 适配器驱动程序(适用于 Windows XP 32 位) / NETw4x32][Running/Manual Start] [(Verified)Intel Corporation, 11.1.0.86, C:2007-10-27 12:10 M:2007-02-25 06:05] [nv / nv][Running/Manual Start] [(Verified)NVIDIA Corporation, 6.14.11.0128, C:2007-10-27 12:15 M:2007-05-11 22:57] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 10:00 M:2004-08-17 10:00] [rimmptsk / rimmptsk][Running/Auto Start] [(Verified)REDC, 6.0.1.4, C:2007-10-27 12:23 M:2006-11-15 00:16] [rimsptsk / rimsptsk][Running/Auto Start] [(Verified)REDC, 6.00.01.04, C:2007-10-27 12:23 M:2006-11-14 19:42] [Ricoh xD-Picture Card Driver / rismxdp][Running/Auto Start] [(Verified)REDC, 6.00.01.05, C:2007-10-27 12:23 M:2006-11-14 17:35] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-09-05 01:35 M:2008-09-06 01:07] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 10:00 M:2007-11-13 18:25] [SigmaTel High Definition Audio CODEC / STHDA][Running/Manual Start] [(Verified)SigmaTel, Inc., 5.10.5511.0 nd595 cp1, C:2007-10-27 12:20 M:2007-05-06 17:12] [winachsf / winachsf][Running/Manual Start] [(Verified)Conexant Systems, Inc., 7.59.00 built by: WinDDK, C:2007-10-27 12:07 M:2006-11-02 18:46] ======================================== 进程 [PID: 768 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [PID: 844 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [PID: 876 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [PID: 920 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [PID: 932 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [PID: 1116 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [PID: 1188 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [PID: 1228 / SYSTEM] E:\新建文件夹\Rising\Rav\CCenter.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-09-05 01:35 M:2008-09-06 01:06] [PID: 1244 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [PID: 1300 / SYSTEM] C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [Intel Corporation, 11.1.0.4, C:2007-02-21 11:28 M:2007-02-21 11:28] C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll [Intel Corporation, 11.1.0.2 , C:2007-02-21 11:11 M:2007-02-21 11:11] C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll [The OpenSSL Project, http://www.openssl.org/, 0.9.8, C:2006-03-08 09:21 M:2006-03-08 09:21] C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL [Intel Corporation, 11, 1, 0, 4, C:2007-02-21 11:10 M:2007-02-21 11:10] C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll [Intel Corporation, 11, 1, 0, 1, C:2007-02-21 11:10 M:2007-02-21 11:10] C:\Program Files\Intel\Wireless\Bin\DbEngine.dll [Intel Corporation, 11, 1, 0, 1 , C:2007-02-21 11:10 M:2007-02-21 11:10] C:\Program Files\Intel\Wireless\Bin\IntStngs.dll [Intel Corporation, 11.1.0.2 , C:2007-02-21 11:11 M:2007-02-21 11:11] C:\Program Files\Intel\Wireless\Bin\MurocApi.dll [Intel Corporation, 11.1.0.9, C:2007-02-21 11:17 M:2007-02-21 11:17] C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll [Intel Corporation, 11.1.0.2, C:2007-02-21 11:17 M:2007-02-21 11:17] [PID: 1384 / SYSTEM] C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [Intel Corporation , 11, 1, 0, 9, C:2007-02-21 11:16 M:2007-02-21 11:16] C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll [The OpenSSL Project, http://www.openssl.org/, 0.9.8, C:2006-03-08 09:21 M:2006-03-08 09:21] C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL [Intel Corporation, 11, 1, 0, 4, C:2007-02-21 11:10 M:2007-02-21 11:10] C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll [Intel Corporation, 11, 1, 0, 1, C:2007-02-21 11:10 M:2007-02-21 11:10] C:\Program Files\Intel\Wireless\Bin\IntStngs.dll [Intel Corporation, 11.1.0.2 , C:2007-02-21 11:11 M:2007-02-21 11:11] C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL [N/A, C:2007-02-21 11:13 M:2007-02-21 11:13] [PID: 1416 / SYSTEM] C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [Intel(R) Corporation, 11.1.0.4, C:2007-02-21 11:19 M:2007-02-21 11:19] C:\Program Files\Intel\Wireless\Bin\PfMgrApi.dll [Intel Corporation, 11.1.0.2 , C:2007-02-21 11:11 M:2007-02-21 11:11] C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll [The OpenSSL Project, http://www.openssl.org/, 0.9.8, C:2006-03-08 09:21 M:2006-03-08 09:21] C:\Program Files\Intel\Wireless\Bin\TraceAPI.DLL [Intel Corporation, 11, 1, 0, 4, C:2007-02-21 11:10 M:2007-02-21 11:10] C:\Program Files\Intel\Wireless\Bin\PsRegApi.dll [Intel Corporation, 11, 1, 0, 1, C:2007-02-21 11:10 M:2007-02-21 11:10] C:\Program Files\Intel\Wireless\Bin\DbEngine.dll [Intel Corporation, 11, 1, 0, 1 , C:2007-02-21 11:10 M:2007-02-21 11:10] C:\Program Files\Intel\Wireless\Bin\IntStngs.dll [Intel Corporation, 11.1.0.2 , C:2007-02-21 11:11 M:2007-02-21 11:11] C:\Program Files\Intel\Wireless\Bin\MurocApi.dll [Intel Corporation, 11.1.0.9, C:2007-02-21 11:17 M:2007-02-21 11:17] C:\Program Files\Intel\Wireless\Bin\S24MUDLL.dll [Intel Corporation, 11.1.0.2, C:2007-02-21 11:17 M:2007-02-21 11:17] C:\Program Files\Intel\Wireless\Bin\C1XStngs.dll [Intel Corporation, 11.1.0.5 , C:2007-02-21 11:12 M:2007-02-21 11:12] C:\Program Files\Intel\Wireless\Bin\C8021CHS.dll [Intel Corporation, 11.1.0.5 , C:2007-02-21 11:59 M:2007-02-21 11:59] [PID: 1528 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [PID: 1620 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [PID: 1652 / SYSTEM] E:\新建文件夹\RISING\RAV\ravmond.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\BWList.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-09-05 01:35 M:2008-09-06 01:06] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:20 M:2003-03-18 21:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 20:44 M:2003-03-18 20:44] E:\新建文件夹\RISING\RAV\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-09-05 01:35 M:2008-09-06 01:08] E:\新建文件夹\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\HookReg.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\HookNtos.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\rswalmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 16, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\RsStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\fakescan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\scanpack.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\RISING\RAV\uroutine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-09-05 01:35 M:2008-09-06 01:07] [PID: 1880 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 10:00 M:2005-06-11 07:53] C:\WINDOWS\system32\HPBMMON.DLL [(Verified)Hewlett-Packard, 10.00.16, C:2002-08-19 21:50 M:2002-08-19 21:50] C:\WINDOWS\system32\hpdomon.dll [(Verified)Hewlett-Packard, 03.42.00, C:2000-03-23 11:25 M:2000-03-23 11:25] C:\WINDOWS\System32\spool\PRTPROCS\W32X86\HPPRN05.DLL [(Verified)Hewlett-Packard Corporation, 60.05.17.02, C:2003-01-07 17:04 M:2003-01-07 17:04] [PID: 1972 / SYSTEM] C:\WINDOWS\system32\boboturbo\boboturbo.exe [(Verified)广州易播信息科技有限公司, 1, 6, 902, 2, C:2008-09-03 11:38 M:2008-09-03 11:38] [PID: 1988 / SYSTEM] C:\WINDOWS\system32\drivers\CDAC11BA.EXE [Macrovision, 4.20.020, C:2008-07-29 11:09 M:2008-07-29 11:09] [PID: 128 / SYSTEM] C:\Program Files\Kingsoft\KAC\Service\kaccore.exe [(Verified)Kingsoft Corporation, 2008,09,04,252, C:2008-09-06 02:34 M:2008-09-06 03:02] C:\Program Files\Kingsoft\KAC\Service\corehelper.dll [(Verified)Kingsoft Corporation, 2008,09,04,252, C:2008-09-06 02:34 M:2008-09-06 03:02] [PID: 196 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [(Verified)NVIDIA Corporation, 6.14.11.0128, C:2007-10-27 12:16 M:2007-05-11 22:57] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.0128, C:2007-10-27 12:15 M:2007-05-11 22:57] [PID: 220 / SYSTEM] C:\Program Files\Common Files\Sogou PXP\p2psvr.exe [Sohu.com Inc., 2, 0, 0, 33, C:2007-09-11 17:20 M:2007-09-11 17:20] C:\Program Files\Sogou PXP\vodsvr.dll [Sohu.com Inc., 3, 0, 0, 35, C:2007-07-17 11:11 M:2007-07-17 11:11] C:\Program Files\Sogou PXP\pxpnet.dll [Sohu.com Inc., 2, 0, 0, 18, C:2007-04-13 15:33 M:2007-04-13 15:33] C:\Program Files\Sogou PXP\p2pclient.dll [Sohu.com Inc., 2, 9, 1, 20, C:2007-07-24 10:16 M:2007-07-24 10:16] [PID: 252 / SYSTEM] C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [Intel Corporation, 11.1.0.0 , C:2007-02-21 11:10 M:2007-02-21 11:10] [PID: 548 / SYSTEM] C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe [SigmaTel, Inc., 1.0.5511.0 nd595 cp1, C:2007-10-27 12:20 M:2007-05-06 17:11] C:\WINDOWS\system32\stacapi.dll [(Verified)SigmaTel, Inc., 1.0.5511.0 nd595 cp1, C:2007-10-27 12:20 M:2007-05-06 17:11] [PID: 848 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [PID: 1144 / LOCAL SERVICE] C:\WINDOWS\system32\wdfmgr.exe [(Verified)Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act), C:2005-01-28 13:44 M:2005-01-28 13:44] [PID: 1500 / SYSTEM] E:\新建文件夹\RISING\RAV\RavStub.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\RISING\RAV\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-05 01:35 M:2008-09-06 01:06] [PID: 2520 / 请不要尝试破译密码] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 10:00 M:2007-06-13 21:21] C:\WINDOWS\system32\AcSignIcon.dll [(Verified)Autodesk, 16.0.0.86, C:2003-02-14 01:31 M:2003-02-14 01:31] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-05 01:35 M:2008-09-06 01:06] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll [(Verified)Autodesk, 16.0.0.86, C:2003-02-14 01:31 M:2003-02-14 01:31] C:\WINDOWS\system32\nvcpl.dll [(Verified)NVIDIA Corporation, 6.14.11.0128, C:2007-10-27 12:16 M:2007-05-11 22:57] C:\WINDOWS\system32\NVRSZHC.DLL [NVIDIA Corporation, 6.14.11.0128, C:2007-10-27 12:16 M:2007-05-11 22:57] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.0128, C:2007-10-27 12:15 M:2007-05-11 22:57] C:\WINDOWS\system32\nvshell.dll [N/A, C:2007-10-27 12:16 M:2007-05-11 22:57] C:\Program Files\WinRAR\rarext.dll [N/A, C:2007-10-29 18:05 M:2007-05-06 11:58] E:\新建文件夹\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-05 01:35 M:2008-09-06 01:06] [PID: 2600 / 请不要尝试破译密码] E:\新建文件夹\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\RSAPPMGR.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-09-05 01:35 M:2008-09-06 01:06] [PID: 2612 / 请不要尝试破译密码] E:\新建文件夹\Rising\Rav\Ravmon.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.27, C:2008-09-05 01:35 M:2008-09-06 01:06] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:20 M:2003-03-18 21:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 20:44 M:2003-03-18 20:44] E:\新建文件夹\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\Rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-09-05 01:35 M:2008-09-06 01:06] [PID: 3880 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 10:00 M:2004-08-17 10:00] [PID: 2336 / 请不要尝试破译密码] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506), C:2007-10-27 11:45 M:2008-06-23 17:19] C:\WINDOWS\system32\AcSignIcon.dll [(Verified)Autodesk, 16.0.0.86, C:2003-02-14 01:31 M:2003-02-14 01:31] c:\program files\google\googletoolbar2.dll [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-09-06 02:51 M:2008-09-06 02:51] C:\PROGRA~1\IdnKw\cnbho.dll [中国互联网络信息中心(CNNIC), 2, 6, 0, 0, C:2007-03-28 10:39 M:2007-03-28 10:39] C:\PROGRA~1\IdnKw\CnUps.dll [中国互联网络信息中心(CNNIC), 2, 6, 0, 3, C:2007-03-31 17:34 M:2007-03-31 17:34] C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [(Verified)RealPlayer, 1.0.1.57, C:2008-09-06 02:47 M:2008-09-06 02:47] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\Program Files\Real\RealPlayer\lang\rpbrp_cn.dll [RealNetworks, Inc., 6.0.14.0, C:2008-09-06 02:48 M:2008-09-06 02:48] C:\WINDOWS\system32\UrlFilter.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-09-06 02:48 M:2008-09-06 02:48] C:\Program Files\Rising\AntiSpyware\UrlRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-09-05 01:36 M:2008-09-06 02:48] C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [(Verified)Google Inc., 2, 0, 301, 7164, C:2008-09-06 02:52 M:2008-09-06 02:52] E:\新建文件夹\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-09-05 01:35 M:2008-09-06 01:06] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll [(Verified)Autodesk, 16.0.0.86, C:2003-02-14 01:31 M:2003-02-14 01:31] [PID: 3244 / 请不要尝试破译密码] E:\新建文件夹\Rising\Rav\Rav.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 72, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\Rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-09-05 01:35 M:2008-09-06 01:07] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:20 M:2003-03-18 21:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 20:44 M:2003-03-18 20:44] E:\新建文件夹\Rising\Rav\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\RsCommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\ravpagem.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 1, 9, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\htmllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.17, C:2008-09-05 01:35 M:2008-09-06 01:06] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\ravpagew.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 89, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-09-05 01:35 M:2008-09-06 01:06] C:\WINDOWS\system32\AcSignIcon.dll [(Verified)Autodesk, 16.0.0.86, C:2003-02-14 01:31 M:2003-02-14 01:31] E:\新建文件夹\Rising\Rav\fakescan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\BWList.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\SysMail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.11, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\RsStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-09-05 01:35 M:2008-09-06 01:07] E:\新建文件夹\Rising\Rav\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-09-05 01:35 M:2008-09-06 01:08] [PID: 2160 / 请不要尝试破译密码] E:\新建文件夹\Rising\Rav\RsAgent.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-09-05 01:35 M:2008-09-06 01:06] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:20 M:2003-03-18 21:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MFC71CHS.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 20:44 M:2003-03-18 20:44] E:\新建文件夹\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:06] E:\新建文件夹\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-05 01:35 M:2008-09-06 01:06] [PID: 3484 / 请不要尝试破译密码] C:\WINDOWS\msagent\AgentSvr.exe [(Verified)Microsoft Corporation, 2.00.0.3424, C:2004-08-17 10:00 M:2006-10-12 19:09] [PID: 3392 / 请不要尝试破译密码] E:\WINDOWS清理助手\arswp\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 1, 815, C:2008-09-06 18:37 M:2008-08-15 22:25] C:\WINDOWS\system32\AcSignIcon.dll [(Verified)Autodesk, 16.0.0.86, C:2003-02-14 01:31 M:2003-02-14 01:31] E:\WINDOWS清理助手\arswp\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-09-06 18:37 M:2007-11-28 15:19] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll [(Verified)Autodesk, 16.0.0.86, C:2003-02-14 01:31 M:2003-02-14 01:31] E:\新建文件夹\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-09-05 01:35 M:2008-09-06 01:06] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [PID: 364 / 请不要尝试破译密码] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 7.00.6000.16705 (vista_gdr.080618-1506), C:2007-10-27 11:45 M:2008-06-23 17:19] C:\WINDOWS\system32\AcSignIcon.dll [(Verified)Autodesk, 16.0.0.86, C:2003-02-14 01:31 M:2003-02-14 01:31] c:\program files\google\googletoolbar2.dll [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-09-06 02:51 M:2008-09-06 02:51] C:\PROGRA~1\IdnKw\cnbho.dll [中国互联网络信息中心(CNNIC), 2, 6, 0, 0, C:2007-03-28 10:39 M:2007-03-28 10:39] C:\PROGRA~1\IdnKw\CnUps.dll [中国互联网络信息中心(CNNIC), 2, 6, 0, 3, C:2007-03-31 17:34 M:2007-03-31 17:34] C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [(Verified)RealPlayer, 1.0.1.57, C:2008-09-06 02:47 M:2008-09-06 02:47] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\Program Files\Real\RealPlayer\lang\rpbrp_cn.dll [RealNetworks, Inc., 6.0.14.0, C:2008-09-06 02:48 M:2008-09-06 02:48] C:\WINDOWS\system32\UrlFilter.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-09-06 02:48 M:2008-09-06 02:48] C:\Program Files\Rising\AntiSpyware\UrlRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-09-05 01:36 M:2008-09-06 02:48] C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [(Verified)Google Inc., 2, 0, 301, 7164, C:2008-09-06 02:52 M:2008-09-06 02:52] E:\新建文件夹\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-09-05 01:35 M:2008-09-06 01:06] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 localhost [/CODE]