[CODE]

2008-12-12,19:44:54

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
注册项

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <swg><C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe>  [(Verified)Google Inc., 2, 0, 301, 1654, C:2008-10-02 11:51 M:2008-10-02 11:51]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52|(Verified)NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:31 M:2008-02-25 12:29]
    <nwiz><nwiz.exe /install>  [N/A, C:2008-06-15 17:32 M:2008-02-25 12:29]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52|(Verified)NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:31 M:2008-02-25 12:29]
    <RTHDCPL><RTHDCPL.EXE>  [(Verified)Realtek Semiconductor Corp., 2.1.6.2, C:2002-01-01 04:15 M:2007-09-27 14:20]
    <Alcmtr><ALCMTR.EXE>  [(Verified)Realtek Semiconductor Corp., 1.6.0.2, C:2002-01-01 04:15 M:2005-05-03 18:43]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2002-01-01 04:35 M:2008-09-12 10:17]
    <RavTask><"C:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2002-01-01 04:43 M:2002-01-01 12:00]
    <Thunder><"E:\Program Files\Thunder Network\Thunder\Thunder.exe" /s>  [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2002-01-01 11:26 M:2008-08-12 17:41]
    <MyspaceIM><d:\Program Files\MySpaceUU2008\MySpaceIM.exe>  [MySpace中国, 2, 7, 0, 737, C:2008-10-04 20:12 M:2008-09-02 18:07]
    <EPSON ME 1><C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3W1.EXE /P10 "EPSON ME 1" /O6 "USB001" /M "ME 1">  [(Verified)SEIKO EPSON CORPORATION, 3.00, C:2008-12-04 10:36 M:2004-05-28 20:00|N/A, |N/A, ]
    <ssMgr_ccb><C:\Program Files\StarSec\ssMgr_ccb.exe -r>  [Copyright (C) 2006, 1, 0, 5, 1026, C:2007-04-11 18:45 M:2007-04-11 18:45]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2002-01-01 04:35 M:2002-01-01 04:42]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_Dlls><kmon.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]

[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\白云草地.scr>  [Microsoft, 1.0.0.0, C:2006-05-25 00:02 M:2006-05-25 00:02]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    <{E0E899AB-F487-11D5-8D29-0050BA6940E3}><>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用UUSee下载]
    <><C:\WINDOWS\system32\ShellExt\uuse\geturltodown.htm>  [N/A, C:2008-05-14 11:27 M:2008-05-14 11:27]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用UUSee加速播放]
    <><C:\WINDOWS\system32\ShellExt\uuse\geturltoplay.htm>  [N/A, C:2008-05-14 11:27 M:2008-05-14 11:27]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><E:\Program Files\Thunder Network\Thunder\Program\geturl.htm>  [N/A, C:2002-01-01 11:26 M:2008-07-28 15:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><E:\Program Files\Thunder Network\Thunder\Program\getallurl.htm>  [N/A, C:2002-01-01 11:26 M:2007-12-10 14:17]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><d:\Program Files\QQ2007\AddEmotion.htm>  [N/A, C:2008-06-30 17:14 M:2008-06-30 17:14]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52|(Verified)N/A, C:2002-01-01 03:59 M:2005-01-28 15:25]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}]
    <启动迅雷5><e:\Program Files\Thunder Network\Thunder\Thunder.exe>  [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2002-01-01 11:26 M:2008-08-12 17:41]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6096E38F-5AC1-4391-8EC4-75DFA92FB32F}]
    <JUJU猫启动光盘下载><http://jujumao.com>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{95B3F550-91C4-4627-BCC4-521288C52977}]
    <PPLive><C:\Program Files\PPLive\PPLive.exe>  [(Verified)N/A, C:2002-01-01 04:20 M:2007-03-16 13:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ExitCmd.exe]
    <><ntsd -d>  [N/A, ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svcrer.exe]
    <><ntsd -d>  [N/A, ]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\EPSON V6 Monitor4SA]
    <PrintMonitor: EPSON V6 Monitor4SA><EBPMON24.DLL>  [(Verified)SEIKO EPSON CORPORATION, 5, 4, 0, 0, C:2008-12-04 10:14 M:2004-05-21 22:04]


========================================
启动项

[QQ游戏启动加速程序]
    <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> "D:\Program Files\QQGame\Accel.exe"  > [(Verified)深圳市腾讯计算机系统有限公司, 2, 0, 103, 5, C:2008-10-23 15:23 M:2008-10-23 15:23]
[腾讯QQ]
    <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> "D:\Program Files\QQ2007\QQ.exe"  > [(Verified)TENCENT, 8,0,978,1833, C:2008-11-12 15:19 M:2008-11-12 15:19]


========================================
计划任务



========================================
组件


Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2002-01-01 03:59 M:2006-09-14 15:36]
[NvCpl DesktopContext Class]
    {A70C977A-BF00-412C-90B7-034C51DA2439}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:31 M:2008-02-25 12:29]
[Desktop Explorer]
    {1CDB2949-8F65-4355-8456-263E7C208A5D}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-06-15 17:32 M:2008-02-25 12:29]
[Desktop Explorer Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-06-15 17:32 M:2008-02-25 12:29]
[nView Desktop Context Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2008-06-15 17:32 M:2008-02-25 12:29]
[Play on my TV helper]
    {FFB699E0-306A-11d3-8BD1-00104B6F7516}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:31 M:2008-02-25 12:29]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2002-01-01 04:43 M:2002-01-02 07:42]

Protocols
[IEProtocolHandler Class]
    {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D}  <C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL>  [(Verified)Skype Technologies, 1, 0, 27, 2, C:2008-06-11 08:17 M:2008-06-11 08:17]

BrowserHelperObject
[ThunderAtOnce Class]
    {01443AEC-0FD1-40fd-9C87-E93D1494C233}  <e:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll>  [Thunder Networking Technologies,LTD, Copyright 2005-2007, C:2002-01-01 11:26 M:2007-10-20 21:40]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <E:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2002-01-01 11:26 M:2008-06-13 09:43]
[Google Toolbar Helper]
    {AA58ED58-01DD-4d91-8333-CF10577473F7}  <c:\program files\google\googletoolbar1.dll>  [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-10-02 11:51 M:2008-10-02 11:51]
[ThunderAtOnce Class]
    {ED6A25E8-08F5-4937-948D-3E10C4F47FAA}  <E:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll>  [Thunder Networking Technologies,LTD, Copyright 2005-2007, C:2002-01-01 11:26 M:2007-10-20 21:40]

ToolBar
[&Google]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F}  <c:\program files\google\googletoolbar1.dll>  [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-10-02 11:51 M:2008-10-02 11:51]

ActiveX Extension
[Google Script Object]
    {00EF2092-6AC5-47C0-BD25-CF2D5D657FEB}  <c:\program files\google\googletoolbar1.dll>  [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-10-02 11:51 M:2008-10-02 11:51]
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <e:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll>  [Thunder Networking Technologies,LTD, Copyright 2005-2007, C:2002-01-01 11:26 M:2007-10-20 21:40]
[&Google]
    {2318C2B1-4965-11D4-9B18-009027A5CD4F}  <c:\program files\google\googletoolbar1.dll>  [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-10-02 11:51 M:2008-10-02 11:51]
[GDCCBCtrl Class]
    {478AB5EE-5C92-41C3-8339-CFC5BA639733}  <C:\WINDOWS\system32\GDCCBUtil.dll>  [G&D, 1.0.0.1, C:2007-04-09 09:21 M:2007-04-09 09:21]
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <E:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2002-01-01 11:26 M:2008-11-13 10:18]
[PowerPlayer Control]
    {5EC7C511-CD0F-42E6-830C-1BD9882F3458}  <C:\PROGRA~1\INTERN~1\110~1.262\POWERP~1.DLL>  [(Verified)PPStream Inc., 2,2,83,8611, C:2008-10-09 21:42 M:2008-10-09 21:42]
[InfoSecNetSign Class]
    {62B938C4-4190-4F37-8CF0-A92B0A91CC77}  <C:\WINDOWS\system32\NetSign.dll>  [Infosec Technologies Co., Ltd., 1, 2, 0, 1, C:2008-12-04 11:32 M:2002-06-19 18:52]
[XMP Class]
    {6483F145-A768-4C41-AACC-52D4D7845851}  <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xplayer.dll_1_work>  [Xunlei Networking Technologies,LTD, 2, 1, 6, 81, C:2002-01-01 11:27 M:2008-11-13 10:54]
[XDRM]
    {693571CB-54A3-4E90-9D52-EEAE1334E2D3}  <C:\Documents and Settings\All Users\Application Data\Thunder Network\KanKan\xdrm.dll_1_work>  [Copyright XunLei 2007, 1, 0, 0, 7, C:2002-01-01 11:26 M:2008-11-13 10:54]
[StormPlayer Object]
    {6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB}  <C:\Program Files\StormII\mps.dll>  [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 27, C:2008-03-25 15:10 M:2008-03-25 15:10]
[MediaComm Class]
    {7670648D-461B-42AF-BDFE-46D26AF5EFF2}  <E:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin18.dll>  [(Verified)Thunder Networking Technologies,LTD, 3, 1, 6, 81, C:2008-11-20 19:11 M:2008-11-25 11:16]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <E:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2002-01-01 11:26 M:2008-06-13 09:43]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2002-01-01 04:35 M:2002-01-01 04:35]
[Google Toolbar Helper]
    {AA58ED58-01DD-4D91-8333-CF10577473F7}  <c:\program files\google\googletoolbar1.dll>  [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-10-02 11:51 M:2008-10-02 11:51]
[DapCtrl Class]
    {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}  <C:\Program Files\Common Files\Thunder Network\KanKan\DapCtrl.2.1.5805.77.(399).dll>  [ShenZhen Thunder Networking Technologies Ltd., 2, 1, 5805, 77, C:2008-11-14 22:54 M:2008-11-13 10:54]
[Google Toolbar Notifier BHO]
    {AF69DE43-7D58-4638-B6FA-CE66B5AD205D}  <C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll>  [(Verified)Google Inc., 3, 1, 807, 1746, C:2008-10-03 21:43 M:2008-10-03 21:43]
[RealPlayer G2 Control]
    {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}  <C:\Program Files\StormII\Codec\rmoc3260.dll>  [(Verified)RealNetworks, Inc., 6.0.9.2568, C:2006-10-18 23:05 M:2006-10-18 23:05]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx>  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
[PlayerCtrl Class]
    {E05BC2A3-9A46-4A32-80C9-023A473F5B23}  <d:\Program Files\QQMusic\QzoneMusic.dll>  [(Verified)深圳腾讯科技, 3, 1, 162, 202, C:2008-05-15 09:37 M:2008-05-15 09:37]
[ThunderAtOnce Class]
    {ED6A25E8-08F5-4937-948D-3E10C4F47FAA}  <E:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll>  [Thunder Networking Technologies,LTD, Copyright 2005-2007, C:2002-01-01 11:26 M:2007-10-20 21:40]
[Thunder DapPlayer]
    {EEDD6FF9-13DE-496B-9A1C-D78B3215E266}  <e:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DapPlayer3.0.5712.71.424.dll>  [ShenZhen Thunder Networking Technologies Ltd., 3, 0, 5712, 71, C:2008-08-06 09:09 M:2008-08-04 12:58]
[XPPlayer Class]
    {F3E70CEA-956E-49CC-B444-73AFE593AD7F}  <C:\Program Files\Common Files\Thunder Network\KanKan\PPlayer.2.1.5853.212.(399).dll>  [Xunlei Networking Technologies,LTD, 2, 1, 5853, 212, C:2008-11-14 22:55 M:2008-11-13 10:54]

Context Menu
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2002-01-01 04:43 M:2002-01-02 07:42]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2002-01-01 03:59 M:2006-09-14 15:36]


========================================
服务

[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
[PlugServerD / PlugServer][Running/Auto Start]
    <C:\Program Files\StarSec\PlugServer.exe>  [GDChina, 1, 1, 0, 2, C:2008-12-04 10:44 M:2007-03-30 14:22]

[Contrl Center of Storm Media / ccosm][Running/Auto Start]
    <C:\Program Files\StormII\stormliv.exe /asservice>  [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 14:33 M:2008-03-11 14:33]
[Google Updater Service / gusvc][Stopped/Manual Start]
    <"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe">  [(Verified)Google, 2.0.734.29932.beta, C:2008-10-02 11:51 M:2008-10-02 11:51]
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [(Verified)NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:32 M:2008-02-25 12:29]
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
    <"C:\Program Files\Rising\Rav\CCenter.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2002-01-01 04:43 M:2002-01-02 07:42]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2002-01-01 04:43 M:2002-01-02 07:42]


========================================
驱动

[giveio / giveio][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\giveio.sys>  [N/A, C:2008-12-04 16:29 M:2008-12-04 16:29]
[IGALIVE / IGALIVE][Running/Auto Start]
    <\??\C:\Program Files\IGALIVE\IGALIVE.sys>  [N/A, C:2007-07-10 11:16 M:2008-11-13 21:44]
[npkcrypt / npkcrypt][Running/Auto Start]
    <\??\C:\Program Files\QQ2007\npkcrypt.sys>  [INCA Internet Co., Ltd., 2005. 11. 1. 1, C:2002-01-01 03:57 M:2007-02-02 19:04]
[oreans32 / oreans32][Running/System Start]
    <\??\C:\WINDOWS\system32\drivers\oreans32.sys>  [N/A, C:2008-11-01 20:36 M:2008-11-01 20:36]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245), C:2007-05-19 08:00 M:2008-06-20 18:45]

[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
    <system32\DRIVERS\HDAudBus.sys>  [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2005-01-07 17:07 M:2005-01-07 17:07]
[HookCont / HookCont][Running/System Start]
    <\SystemRoot\system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2002-01-01 04:43 M:2002-01-02 07:42]
[HookNtos / HookNtos][Running/System Start]
    <\SystemRoot\system32\drivers\HookNtos.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 52, C:2002-01-01 04:43 M:2008-10-25 17:21]
[HookReg / HookReg][Running/System Start]
    <\SystemRoot\system32\drivers\HookReg.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29, C:2002-01-01 04:43 M:2008-11-04 20:30]
[HookSys / HookSys][Running/System Start]
    <\SystemRoot\system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2002-01-01 04:43 M:2008-08-27 05:56]
[Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start]
    <system32\drivers\RtkHDAud.sys>  [(Verified)Realtek Semiconductor Corp., 5.10.0.5490 built by: WinDDK, C:2002-01-01 04:15 M:2007-10-02 16:32]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:31 M:2008-02-25 12:29]
[NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start]
    <system32\DRIVERS\NVENETFD.sys>  [(Verified)NVIDIA Corporation, 1.00.02.06776, C:2002-01-01 04:12 M:2008-01-29 12:37]
[nvgts / nvgts][Running/Boot Start]
    <system32\DRIVERS\nvgts.sys>  [(Verified)NVIDIA Corporation, 10.3.0.21 built by: WinDDK, C:2002-01-01 04:12 M:2008-01-25 20:01]
[NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start]
    <system32\DRIVERS\nvnetbus.sys>  [(Verified)NVIDIA Corporation, 1.00.01.06776, C:2002-01-01 04:12 M:2008-01-29 12:37]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-06-06 14:13 M:2004-06-06 14:13]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2002-01-01 04:43 M:2002-01-02 07:43]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-07-17 19:36 M:2007-11-13 18:25]


========================================
进程

[PID: 424 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]

[PID: 492 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]

[PID: 516 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]

[PID: 560 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]

[PID: 572 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]

[PID: 720 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]

[PID: 808 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]

[PID: 848 / SYSTEM]   C:\Program Files\Rising\Rav\CCenter.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2002-01-01 04:43 M:2002-01-02 07:42]

[PID: 864 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]

[PID: 908 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]

[PID: 964 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]

[PID: 1048 / SYSTEM]   C:\PROGRAM FILES\RISING\RAV\ravmond.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\BWList.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2002-01-01 04:43 M:2002-01-01 04:42]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2002-01-01 04:43 M:2002-01-01 04:42]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2002-01-01 04:43 M:2002-01-01 04:42]
    C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2002-01-01 04:43 M:2002-01-01 12:01]
    C:\PROGRAM FILES\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\HookReg.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\HookNtos.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\rswalmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2002-01-01 04:43 M:2008-08-20 05:20]
    C:\PROGRAM FILES\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2002-01-01 04:43 M:2008-09-26 20:23]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    C:\Program Files\Rising\Rav\RsStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\Program Files\Rising\Rav\fakescan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\Program Files\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2002-01-01 04:43 M:2008-08-27 05:56]
    C:\PROGRAM FILES\RISING\RAV\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 1, 0, C:2002-01-01 04:43 M:2008-12-03 11:22]
    C:\PROGRAM FILES\RISING\RAV\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\scanpack.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2002-01-01 04:43 M:2008-10-09 19:53]
    C:\PROGRAM FILES\RISING\RAV\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2002-01-01 04:43 M:2008-10-09 19:53]
    C:\PROGRAM FILES\RISING\RAV\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2002-01-01 04:43 M:2008-09-03 23:50]

[PID: 1072 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-04 08:52 M:2005-06-11 07:53]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    C:\WINDOWS\system32\EBPMON24.DLL  [(Verified)SEIKO EPSON CORPORATION, 5, 4, 0, 0, C:2008-12-04 10:14 M:2004-05-21 22:04]

[PID: 1168 / SYSTEM]   C:\Program Files\StormII\stormliv.exe   [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15, C:2008-03-11 14:33 M:2008-03-11 14:33]
    C:\Program Files\StormII\MSVCP60.dll  [Microsoft Corporation, 6.02.3104.0, C:2007-09-21 19:43 M:2007-09-21 19:43]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]

[PID: 1256 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [(Verified)NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:32 M:2008-02-25 12:29]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\WINDOWS\system32\nvapi.dll  [(Verified)NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:32 M:2008-02-25 12:29]

[PID: 1316 / SYSTEM]   C:\Program Files\StarSec\PlugServer.exe   [GDChina, 1, 1, 0, 2, C:2008-12-04 10:44 M:2007-03-30 14:22]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\Program Files\StarSec\plugins\plugstarkey220.dll  [GDChina, 1, 1, 0, 1, C:2008-12-04 10:44 M:2007-04-11 18:45]

[PID: 1436 / Administrator]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-04 08:52 M:2007-06-13 21:21]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\Program Files\WinRAR\rarext.dll  [N/A, C:2002-01-01 03:59 M:2006-09-14 15:36]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\Program Files\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2002-01-01 04:43 M:2002-01-02 07:42]
    E:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2002-01-01 11:26 M:2008-06-13 09:43]
    E:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2002-01-01 11:26 M:2008-11-13 10:54]
    C:\WINDOWS\system32\nvcpl.dll  [(Verified)NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:31 M:2008-02-25 12:29]
    C:\WINDOWS\system32\NVRSZHC.DLL  [NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:31 M:2008-02-25 12:29]
    C:\WINDOWS\system32\nvapi.dll  [(Verified)NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:32 M:2008-02-25 12:29]
    C:\WINDOWS\system32\nvshell.dll  [N/A, C:2008-06-15 17:32 M:2008-02-25 12:29]

[PID: 1488 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]

[PID: 1512 / LOCAL SERVICE]   C:\WINDOWS\system32\wdfmgr.exe   [(Verified)Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act), C:2005-01-28 01:36 M:2005-01-28 01:36]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]

[PID: 1712 / SYSTEM]   C:\PROGRAM FILES\RISING\RAV\RavStub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2002-01-01 04:43 M:2002-01-02 07:42]

[PID: 128 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    C:\WINDOWS\System32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]

[PID: 156 / Administrator]   C:\PROGRAM FILES\RISING\RAV\RavMon.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.27, C:2002-01-01 04:43 M:2008-08-27 05:56]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2002-01-01 04:43 M:2002-01-01 04:42]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2002-01-01 04:43 M:2002-01-01 04:42]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2002-01-01 04:43 M:2002-01-01 04:42]
    C:\PROGRAM FILES\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2002-01-01 04:43 M:2008-08-20 05:20]
    C:\PROGRAM FILES\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2002-01-01 04:43 M:2002-01-02 07:43]
    C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\PROGRAM FILES\RISING\RAV\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2002-01-01 04:43 M:2002-01-01 12:00]
    C:\PROGRAM FILES\RISING\RAV\Rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2002-01-01 04:43 M:2002-01-01 12:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    C:\PROGRAM FILES\RISING\RAV\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2002-01-01 04:43 M:2002-01-02 07:42]

[PID: 1216 / Administrator]   C:\WINDOWS\system32\RUNDLL32.EXE   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\WINDOWS\system32\NvMcTray.dll  [(Verified)NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:31 M:2008-02-25 12:29]
    C:\WINDOWS\system32\nvapi.dll  [(Verified)NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:32 M:2008-02-25 12:29]
    C:\WINDOWS\system32\NVRSZHC.DLL  [NVIDIA Corporation, 6.14.11.6401, C:2008-06-15 17:31 M:2008-02-25 12:29]

[PID: 704 / Administrator]   C:\WINDOWS\RTHDCPL.EXE   [(Verified)Realtek Semiconductor Corp., 2.1.6.2, C:2002-01-01 04:15 M:2007-09-27 14:20]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]

[PID: 1252 / Administrator]   C:\Program Files\Rising\AntiSpyware\rstray.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2002-01-01 04:35 M:2008-09-12 10:17]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\Program Files\Rising\AntiSpyware\rsmginfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2002-01-01 04:35 M:2002-01-08 04:06]
    C:\Program Files\Rising\AntiSpyware\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2002-01-01 04:35 M:2002-01-01 04:35]
    C:\Program Files\Rising\AntiSpyware\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2002-01-01 04:35 M:2002-01-01 04:35]
    C:\Program Files\Rising\AntiSpyware\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2002-01-01 04:35 M:2002-01-01 04:35]
    C:\Program Files\Rising\AntiSpyware\ComServ.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2002-01-01 04:35 M:2002-01-01 04:35]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2002-01-01 04:35 M:2008-09-03 22:50]
    C:\Program Files\Rising\AntiSpyware\rscommon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2002-01-01 04:35 M:2002-01-01 04:35]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.34, C:2002-01-01 04:35 M:2008-09-07 09:42]
    C:\Program Files\Rising\AntiSpyware\pngdll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2002-01-01 04:35 M:2002-01-01 04:35]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    C:\Program Files\Rising\AntiSpyware\runiep.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.39, C:2002-01-01 04:35 M:2008-09-19 10:08]
    C:\Program Files\Rising\AntiSpyware\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2002-01-01 04:35 M:2002-01-01 04:35]
    C:\Program Files\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\Program Files\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2002-01-01 04:43 M:2002-01-02 07:42]

[PID: 1432 / Administrator]   C:\Program Files\Rising\Rav\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2002-01-01 04:43 M:2002-01-01 12:00]
    C:\Program Files\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\Program Files\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\Program Files\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\Program Files\Rising\Rav\RSAPPMGR.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\Program Files\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2002-01-01 04:43 M:2002-01-02 07:42]

[PID: 2040 / Administrator]   D:\Program Files\MySpaceUU2008\MySpaceIM.exe   [MySpace中国, 2, 7, 0, 737, C:2008-10-04 20:12 M:2008-09-02 18:07]
    D:\Program Files\MySpaceUU2008\TrapSysKey.dll  [N/A, C:2008-10-04 20:12 M:2008-08-20 13:53]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]

[PID: 2060 / Administrator]   C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3W1.EXE   [(Verified)SEIKO EPSON CORPORATION, 3.00, C:2008-12-04 10:36 M:2004-05-28 20:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]

[PID: 2100 / Administrator]   E:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe   [Thunder Networking Technologies,LTD, 5.8.5.595, C:2002-01-01 11:26 M:2008-11-13 10:55]
    E:\Program Files\Thunder Network\Thunder\Program\BugReport.dll  [Thunder Networking Technologies,LTD, 1, 4, 1, 20, C:2002-01-01 11:26 M:2008-11-13 10:54]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    E:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll  [Thunder Networking Technologies,LTD, 1, 3, 9, 71, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\download_interface.dll  [Thunder Networking Technologies,LTD, 3, 100, 2, 322, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\mp.dll  [Thunder Networking Technologies,LTD, 1, 0, 2, 2, C:2008-11-14 22:54 M:2008-11-13 10:54]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2002-01-01 04:43 M:2002-01-01 04:42]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2002-01-01 04:43 M:2002-01-01 04:42]
    E:\Program Files\Thunder Network\Thunder\Program\asyn_frame.dll  [Thunder Networking Technologies,LTD, 1, 2, 2, 25, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\ATL71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\fs.dll  [Thunder Networking Technologies,LTD, 1, 1, 2, 12, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\backend_agent.dll  [Thunder Networking Technologies,LTD, 1, 2, 2, 24, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\zlib1.dll  [(C) 1995-2004 Jean-loup Gailly & Mark Adler, 1.2.3, C:2008-11-14 22:54 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\ptl.dll  [Thunder Networking Technologies,LTD, 3,2,2,31, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\dl_peer_id.dll  [Thunder Networking Technologies,LTD, 3, 1, 2, 2, C:2008-11-14 22:54 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\XLNet.Dll  [Thunder Networking Technologies,LTD, 1, 5, 2, 25, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\xl_stat.dll  [Copyright 2007, 1, 1, 2, 6, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\p2p_upload.dll  [Thunder Networking Technologies,LTD, 1,2,2,12, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\p2p.dll  [Thunder Networking Technologies,LTD, 1,2,2,34, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\xldc.dll  [Thunder Networking Technologies,LTD, 2, 6, 2, 18, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\stream.dll  [Thunder Networking Technologies,LTD, 2, 1, 2, 399, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\p2sp.dll  [Thunder Networking Technologies,LTD, 1, 1, 2, 39, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\down_dispatcher.dll  [Thunder Networking Technologies,LTD, 1, 0, 2, 24, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\p2p_local_res.dll  [Thunder Networking Technologies,LTD, 1,2,2,16, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\al.dll  [Thunder Networking Technologies,LTD, 1,2,2,22, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\p2p_network_com.dll  [版权所有 (C) 2008, 1, 0, 2, 25, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll  [Thunder Networking Technologies,LTD, 1, 0, 4, 35, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll  [Thunder Networking Technologies,LTD, 1, 1, 1, 10, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DownAndPlay.dll  [Copyright 2007, 1, 0, 12, 30, C:2002-01-01 11:26 M:2008-11-13 10:54]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
    E:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll  [　, 1, 0, 2, 25, C:2002-01-01 11:26 M:2008-11-10 10:11]
    E:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed19.dll  [Thunder Networking Technologies,LTD, 3, 4, 10, 117, C:2008-11-20 19:11 M:2008-11-27 11:07]
    E:\Program Files\Thunder Network\Thunder\Components\InMedia\PlayerHelper.dll  [thunder, 1, 2, 7, 61, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\InMedia\XLIPC.DLL  [Thunder Networking Technologies,LTD, 1, 0, 0, 2, C:2002-01-01 11:26 M:2008-11-07 01:58]
    E:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll  [Thunder Networking Technologies,LTD, 2, 2, 5, 70, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll  [Thunder Networking Technologies,LTD, 2, 5, 0, 90, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll  [Thunder Networking Technologies,LTD, 2, 17, 0, 67, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\MSVCIRT.dll  [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\imdt.dll  [Thunder Networking Technologies,LTD, 1.2.2.18, C:2002-01-01 11:26 M:2008-11-13 10:54]
    C:\Program Files\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    E:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll  [Thunder Networking Technologies,LTD, 1, 1, 7, 25, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\LiveUpdate.dll  [Thunder Networking Technologies,LTD, 1, 2, 4, 26, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\XLSoftwareBase.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 3, C:2002-01-01 11:26 M:2008-07-26 19:54]
    E:\Program Files\Thunder Network\Thunder\Plugins\GouGouTop\GouGouTop.dll  [Thunder Networking Technologies,LTD, 1, 0, 2, 5, C:2002-01-01 11:27 M:2008-07-26 19:54]
    E:\Program Files\Thunder Network\Thunder\Plugins\KanKanTop\KanKanTop.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 4, C:2002-01-01 11:27 M:2008-07-26 19:54]
    E:\Program Files\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll  [Thunder Networking Technologies,LTD, 1, 0, 4, 19, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\Tips\TipsClient.dll  [Thunder Networking Technologies,LTD, 2, 2, 14, 120, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VPSHELL.dll  [迅雷网络, 4, 0, 0, 38, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\UserExperience\UserExperience.dll  [Thunder Networking Technologies,LTD, 1, 0, 3, 5, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsXlCom.dll  [版权所有 (C) 2007, 1, 0, 0, 30, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\ResWorker\MediaWorker.dll  [Thunder Networking Technologies,LTD, 1, 2, 0, 22, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\Tips\XLIPC.DLL  [Thunder Networking Technologies,LTD, 1, 0, 0, 2, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\DownloadStat\DownloadStat.dll  [Thunder Networking Technologies,LTD, 1, 4, 1, 6, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\p2sp_pd.dll  [Thunder Networking Technologies,LTD, 1, 100, 2, 4, C:2008-11-14 22:54 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\bd.dll  [Thunder Networking Technologies,LTD, 1, 0, 2, 18, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Program\emule_id.dll  [Copyright 2007, 1, 0, 2, 11, C:2002-01-01 11:26 M:2008-11-13 10:54]

[PID: 2104 / Administrator]   C:\Program Files\StarSec\ssMgr_ccb.exe   [Copyright (C) 2006, 1, 0, 5, 1026, C:2007-04-11 18:45 M:2007-04-11 18:45]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\WINDOWS\system32\SSP11_CCB.dll  [GDChina, 1, 0, 0, 2, C:2007-04-17 09:02 M:2007-04-17 09:02]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]

[PID: 2124 / Administrator]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-04 08:52 M:2004-08-04 08:52]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]

[PID: 2148 / Administrator]   C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe   [(Verified)Google Inc., 2, 0, 301, 1654, C:2008-10-02 11:51 M:2008-10-02 11:51]
    C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\gtn.dll  [(Verified)Google Inc., 3, 1, 807, 1746, C:2008-10-03 21:43 M:2008-10-03 21:43]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll  [(Verified)Google Inc., 3, 1, 807, 1746, C:2008-10-03 21:43 M:2008-10-03 21:43]

[PID: 2004 / Administrator]   C:\Program Files\arswp\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2008-11-30 00:35 M:2008-11-15 11:58]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.34, C:2002-01-01 04:35 M:2008-09-07 09:42]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2002-01-01 04:35 M:2008-09-03 22:50]
    C:\Program Files\arswp\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-11-30 00:35 M:2007-11-28 15:19]

[PID: 1544 / Administrator]   C:\Program Files\Internet Explorer\iexplore.exe   [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2002-01-01 03:56 M:2004-08-04 08:52]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.34, C:2002-01-01 04:35 M:2008-09-07 09:42]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2002-01-01 04:35 M:2008-09-03 22:50]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    c:\program files\google\googletoolbar1.dll  [(Verified)Google Inc., 4, 0, 1606, 6690, C:2008-10-02 11:51 M:2008-10-02 11:51]
    e:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll  [Thunder Networking Technologies,LTD, Copyright 2005-2007, C:2002-01-01 11:26 M:2007-10-20 21:40]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2002-01-01 04:43 M:2002-01-01 04:42]
    E:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2002-01-01 11:26 M:2008-06-13 09:43]
    E:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2002-01-01 11:26 M:2008-11-13 10:54]
    E:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2002-01-01 11:26 M:2008-11-13 10:54]
    C:\Program Files\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
    C:\WINDOWS\system32\SOGOUPY.IME  [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]

[PID: 2512 / Administrator]   E:\Program Files\Thunder Network\Thunder\Components\InMedia\ThunderMinisite.exe   [(Verified)Thunder Networking Technologies,LTD, 1, 0, 5, 26, C:2002-01-01 11:26 M:2008-11-26 18:30]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2002-01-01 04:43 M:2002-01-01 04:42]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2002-01-01 04:43 M:2002-01-01 04:42]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.34, C:2002-01-01 04:35 M:2008-09-07 09:42]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2002-01-01 04:35 M:2008-09-03 22:50]
    E:\Program Files\Thunder Network\Thunder\Components\InMedia\XLIPC.DLL  [Thunder Networking Technologies,LTD, 1, 0, 0, 2, C:2002-01-01 11:26 M:2008-11-07 01:58]
    E:\Program Files\Thunder Network\Thunder\Components\InMedia\XLSkin.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 2, C:2008-11-20 19:11 M:2008-11-25 17:25]
    C:\Program Files\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2002-01-01 04:43 M:2002-01-02 07:42]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2007-05-19 08:00 M:2007-05-19 08:00]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
    E:\Program Files\Thunder Network\Thunder\Components\InMedia\MediaAddin18.dll  [(Verified)Thunder Networking Technologies,LTD, 3, 1, 6, 81, C:2008-11-20 19:11 M:2008-11-25 11:16]

[PID: 1304 / Administrator]   C:\Program Files\SogouInput\3.6.0.1653\ImeUtil.exe   [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2002-01-01 04:35 M:2008-09-24 07:15]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.34, C:2002-01-01 04:35 M:2008-09-07 09:42]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2002-01-01 04:35 M:2008-09-03 22:50]


========================================
文件关联

[.ini] <C:\WINDOWS\System32\NOTEPAD.EXE %1> [N/A, ]


========================================
AutoRun.INF



========================================
Winsock提供者



========================================
HOSTS

    127.0.0.1 LocalHost
    0.0.0.0 www.51pywg.com
    0.0.0.0 51pywg.com
    0.0.0.0 www.hookdlq.com
    0.0.0.0 hookdlq.com
    0.0.0.0 www.dlq110.cn
    0.0.0.0 www.dlq999.cn
    0.0.0.0 woool.haocs.net
    0.0.0.0 www.2008woolsf.cn
    0.0.0.0 www.qcdlq.cn
    0.0.0.0 www.28pk.com
    0.0.0.0 www1.28pk.com
    0.0.0.0 bbs.28pk.com
    0.0.0.0 www.bfaft.com
    0.0.0.0 www.dw688.com
    0.0.0.0 www.dwdlq.com
    0.0.0.0 www.dwdlq.cn
    0.0.0.0 www.7474x.com
    0.0.0.0 www.niugm.cn
    0.0.0.0 cjwlp520.web167.cdnhost.cn
    0.0.0.0 bfaft.ys168.com
    0.0.0.0 www.908sf.com
    0.0.0.0 www.73751.com
    0.0.0.0 www.52laba.com
    0.0.0.0 www.4fsdo.cn
    0.0.0.0 www.lxcsl.cn
    0.0.0.0 www.qianghanidc68.cn
    0.0.0.0 www.guomeiwoool.cn
    0.0.0.0 www.wiiiioool.cn
    0.0.0.0 www.91wooolsf.com
    0.0.0.0 www.521cs.com
    0.0.0.0 www.woooljun.com
    0.0.0.0 www.uoool.com
    0.0.0.0 www.qqq173.com
    0.0.0.0 www.csrs588.cn
    0.0.0.0 www.35woool.cn
    0.0.0.0 35woool.cn
    0.0.0.0 www.wwo123.cn
    0.0.0.0 www.wwiioool.cn
    0.0.0.0 www.cs1998.com.cn
    0.0.0.0 www.wwooolsf.cn
    0.0.0.0 www.ww123pk.cn
    0.0.0.0 www.cswoool.com.cn
    0.0.0.0 www.cs1999sf.cn


[/CODE]