[CODE] 2009-01-08,09:45:01 SysLog Scanner 3.0 - build 20090620 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) ================================================================ 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <360Safetray> <"D:\新建文件夹 (2)\360safe\safemon\360tray.exe" /start> [(Verified)360安全中心, 5, 2, 0, 1007] <360DelayRunner> <"D:\新建文件夹 (2)\360safe\SoftMgr\360delayl.exe" /start> [(Verified)版权所有 (C) 2009, 1, 0, 0, 1001] <; D:\新建文件夹 (2)\完美卸载\AutoDetect.exe -OnPower> [] <; D:\新建文件夹 (2)\完美卸载\WmSysPro.exe -PowerOn> [] <; "E:\新建文件夹\Rising\Rfw\RsTray.exe" -system> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify] [(Verified)ATI Technologies Inc., 6.14.10.4132] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt] <&使用QQ旋风下载> [] <&使用QQ旋风下载全部链接> [] <使用UUSee下载> [] <使用UUSee加速播放> [] <使用电驴下载> [] <使用迅雷下载> [N/A] <使用迅雷下载全部链接> [N/A] <添加到QQ表情> [N/A] ================================================================ 启动组 ================================================================ 任务计划 ================================================================ 组件 -------------------------------- Shell Extension [Display Panning CPL Extension] <{42071714-76d4-11d1-8b24-00a0c9068ff3}> [] [HyperTerminal Icon Ext] <{88895560-9AA2-1069-930E-00AA0030EBC8}> [(Verified)Hilgraeve, Inc., 5.1.2600.0] [任务栏和「开始」菜单] <{0DF44EAA-FF21-4412-828E-260A8728E7F1}> <> [] [WinRAR shell extension] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [RISING] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] -------------------------------- Protocols [] <{6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}> [酷狗, 5.2.4.4] -------------------------------- Context Menu [CopyPathExt] <{7E41911F-13AA-11D3-A831-00104B9E30B5}> [KillSoft, 1.0.0.1] [RisingRavExt] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [WinRAR] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [WipeExt] <{CED84338-2CBE-458F-95F6-8EF382C846CB}> [Copyright 2007, 1, 0, 0, 1] -------------------------------- BrowserHelperObject [ThunderAtOnce Class] <{01443AEC-0FD1-40fd-9C87-E93D1494C233}> [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34] [Thunder Browser Helper] <{889D2FEB-5411-4565-8998-1DD2C5261283}> [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120] -------------------------------- ActiveX Extension [ThunderAtOnce Class] <{01443AEC-0FD1-40FD-9C87-E93D1494C233}> [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34] [PowerList Control] <{20C2C286-BDE8-441B-B73D-AFA22D914DA5}> [PPStream Inc., 2, 2, 9, 3608] [UUUpgrade Control] <{2CACD7BB-1C59-4BBB-8E81-6E83F82C813B}> [(Verified)UUSSE, 3, 0, 2, 27] [RealPlayer RAM Download Handler] <{2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93}> [(Verified)RealNetworks, Inc., 6.0.9.2568] [Thunder Agent Class] <{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}> [(Verified)Thunder Networking Technologies,LTD, 6, 0, 5, 47] [PowerPlayer Control] <{5EC7C511-CD0F-42E6-830C-1BD9882F3458}> [PPStream Inc., 2,2,58,5776] [XMP Class] <{6483F145-A768-4C41-AACC-52D4D7845851}> [Xunlei Networking Technologies,LTD, 2, 1, 9, 100] [XDRM] <{693571CB-54A3-4E90-9D52-EEAE1334E2D3}> [Copyright XunLei 2007, 1, 0, 0, 6] [StormPlayer Object] <{6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB}> [(Verified)北京暴风网际科技有限公司, 3, 9, 3, 15] [MediaComm Class] <{7670648D-461B-42AF-BDFE-46D26AF5EFF2}> [(Verified)ShenZhen Thunder Networking Technologies,LTD, 3, 1, 7, 82] [360SafeLive] <{87515F61-A66C-4319-A0E0-D416CB8059E3}> [(Verified)360.cn, 1, 0, 2, 1006] [Thunder Browser Helper] <{889D2FEB-5411-4565-8998-1DD2C5261283}> [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120] [XML DOM 文档 5.0] <{88D969E5-F192-11D4-A65F-0040963251E5}> [Microsoft Corporation, 5.10.2925.0] [卡卡上网安全助手] <{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] [DapCtrl Class] <{ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8}> [(Verified)ShenZhen Thunder Networking Technologies Ltd., 2, 3, 5808, 119] [SafeMon Class] <{B69F34DD-F0F9-42DC-9EDD-957187DA688D}> [(Verified)360.CN, 5, 0, 0, 1019] [QQPlayerCtrl Class] <{CD108273-D434-43E6-AA90-1469F97EB398}> [(Verified)深圳腾讯科技, 3, 1, 164, 203] [Shockwave Flash Object] <{D27CDB6E-AE6D-11CF-96B8-444553540000}> [(Verified)Adobe Systems, Inc., 10,0,22,87] [AgControl Class] <{DFEAF541-F3E1-4C24-ACAC-99C30715084A}> [] [PasswordEditCtrl Class] <{E787FD25-8D7C-4693-AE67-9406BC6E22DF}> [(Verified)腾讯科技(深圳)有限公司, 1, 1, 0, 4] [TimwpDll.TimwpCheck] <{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4}> [(Verified)TENCENT, 7,1,638,1773] [XPPlayer Class] <{F3E70CEA-956E-49CC-B444-73AFE593AD7F}> [(Verified)Xunlei Networking Technologies,LTD, 2, 1, 5880, 242] ================================================================ 服务 [3ware Controller Service / 3wareSrv][Stopped/Auto Start] <%SystemRoot%\System32\3wareSrv.exe> [N/A] [AMD-813x Hot-Plug Service / AmdShpcSrv][Running/Auto Start] <%SystemRoot%\system32\AmdHpSrv.exe> [AMD, Inc., 1.3.9] [ATI Smart / ATI Smart][Stopped/Auto Start] [Copyright (C) 1998 - 2006 ATI Technologies Inc., 5.13.0025] [Help and Support / helpsvc][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll"> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [NetMeeting Remote Desktop Sharing / mnmsrvc][Stopped/Disabled] [] [Rising RfwTask Manager / RfwTask][Stopped/Auto Start] <"E:\新建文件夹\Rising\Rfw\RavTask.exe" RfwTask> [] [360软件管家延迟启动服务 / 360delays][Running/Auto Start] <"D:\新建文件夹 (2)\360safe\SoftMgr\360delays.exe"> [(Verified) , 1, 0, 0, 1001] [Ati HotKey Poller / Ati HotKey Poller][Running/Auto Start] <%SystemRoot%\system32\Ati2evxx.exe> [(Verified)ATI Technologies Inc., 6.14.10.4132] [ccosm / ccosm][Stopped/Auto Start] [(Verified)北京暴风网际科技有限公司, 3, 9, 3, 15] [Rising RisTask Manager / RisTask][Running/Auto Start] <"E:\新建文件夹\Rising\Ris\RavTask.exe" RisTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12] ================================================================ 驱动 [2310_00 / 2310_00][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.15.7.201] [3wareDrv / 3wareDrv][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\3wareDrv.sys> [N/A] [3waregsm / 3waregsm][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\3waregsm.sys> [N/A] [3wDrv100 / 3wDrv100][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\3wDrv100.sys> [N/A] [3wFlt100 / 3wFlt100][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\3wFlt100.sys> [N/A] [aaatimeo / aaatimeo][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aaatimeo.sys> [Microsoft Corporation, 5.00.1877.1] [Adaptec RAID Miniport Driver / aac][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aac.sys> [Adaptec, Inc., 4.2.0.7320] [aarich / aarich][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aarich.sys> [Adaptec, Inc., V4.00.36.2] [adp94xx / adp94xx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\adp94xx.sys> [Adaptec, Inc., 1.2.5929.0 built by: WinDDK] [ACARD AEC6210UF UltraDMA33 Controller / aec6210][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aec6210.sys> [ACARD Technology Corp., 5.0.4.3] [ACARD AEC6260 UltraDMA-66 Controller / aec6260][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aec6260.sys> [ACARD Technology Corp., 1.1.4.12] [aec6280 / aec6280][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aec6280.sys> [ACARD Technology Corp., 1, 0, 5, 4] [AEC6880 / AEC6880][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\AEC6880.sys> [ACARD Technology Corp., 2.10] [aec6897 / aec6897][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aec6897.sys> [ACARD Technology Corp., 1, 0, 3, 2] [AlcwNetDrv / AlcwNetDrv][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\AlcwNetDrv.sys> [Windows (R) 2000 DDK provider, 5.1.2600.0 built by: WinDDK] [AlcwWmDrv / AlcwWmDrv][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\AlcwWmDrv.sys> [Windows (R) 2000 DDK provider, 5.1.2600.0 built by: WinDDK] [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Stopped/Manual Start] [Realtek Semiconductor Corp., 5.10.00.6210 built by: WinDDK] [AMD-813x Bus-Filter Driver / AmdPCI][Running/Boot Start] [AMD, Inc., 1.3.9] [Rising TDI Base Driver / BaseTDI][Running/Auto Start] [Beijing Rising Technology Co., Ltd., 5, 0, 0, 5] [ATI Cabo AGP Filter / caboagp][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\atisgkaf.sys> [ATI Technologies Inc., 5.00.2196.1015] [cda1000 / cda1000][Stopped/Boot Start] [Adaptec, Inc., v4.30.15] [FastSx / FastSx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\FastSx.sys> [Promise Technology, Inc., 2.00.00.25] [fasttrak / fasttrak][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\fasttrak.sys> [Promise Technology, Inc., 2.00.0.34] [fasttx2k / fasttx2k][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\fasttx2k.sys> [Promise Technology, Inc., 1.00.0.37] [hpt374 / hpt374][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\hpt374.sys> [HighPoint Technologies, Inc., v2.05s] [hpt3xx / hpt3xx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\hpt3xx.sys> [HighPoint Technologies, Inc., v2.351] [hptmv / hptmv][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\hptmv.sys> [HighPoint Technologies, Inc., v1.17] [hptmv6 / hptmv6][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.04] [hptpro / hptpro][Stopped/Boot Start] [HighPoint Technologies, Inc., 1.23.12.10] [IGALIVE / IGALIVE][Running/Auto Start] <\??\C:\Program Files\IGALIVE\IGALIVE.sys> [N/A] [ITE CIR Driver / ITECIR][Stopped/Manual Start] [IET Tech. Inc., 2, 4, 0, 0] [ITERAID_Service_Install / iteraid][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\iteraid.sys> [Integrated Technology Express, Inc., v1.7.1.91 built by: WinDDK] [m5281 / m5281][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\m5281.sys> [ALi Corporation, 5.029] [MegaIDE / MegaIDE][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\MegaIDE.sys> [LSI Logic Corporation., 4.1.0709.2003] [mraid35x / mraid35x][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\mraid35x.sys> [LSI Logic Corporation, 6.41.32 built by: WinDDK] [Netgroup Packet Filter / NPF][Stopped/Manual Start] [Politecnico di Torino, 3, 0, 0, 18] [CMD IDE Raid Controller / Pnp649r][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\pnp649r.sys> [CMD Technology, Inc., 1, 0, 0, 0] [PnpWmkDrv / PnpWmkDrv][Running/System Start] <\??\C:\WINDOWS\system32\drivers\PnpWmkDrv.sys> [Windows (R) 2000 DDK provider, 5.1.2600.0 built by: WinDDK] [raidsrc / raidsrc][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\raidsrc.sys> [Intel, 5.3.13] [rr232x / rr232x][Stopped/Boot Start] [HighPoint Technologies, Inc., v1.06] [SiS PCI Fast Ethernet Adapter Driver for NDIS5 / SISNIC2K][Running/Manual Start] [SiS Corporation, 2.0.1039.1190] [smwdm / smwdm][Running/Manual Start] [Analog Devices, Inc., 5.12.01.4050] [sptd / sptd][Running/Boot Start] [N/A] [sptrak / sptrak][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sptrak.sys> [Promise Technology, Inc., 1.10 Build 41] [Symmpi / Symmpi][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\symmpi.sys> [LSI Logic, 1.20.18.00 built by: WinDDK] [sysHostSvc / sysHostSvc][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\GuiHelp.sys> [Microsoft Corporation, 5, 1, 2467, 4] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [TVICHW32 / TVICHW32][Stopped/Manual Start] <\??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS> [EnTech Taiwan, 6.0] [ULi AGP Controller Bus Filter Driver / ULiAGP][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ULiAGP.sys> [ULi Electronics Inc., 5.1.2600.2114 built by: WinDDK] [ultra / ultra][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ultra.sys> [Promise Technology, Inc., 2.00.0.43] [viamraid / viamraid][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\viamraid.sys> [VIA Technologies inc,.ltd, 5.1.2600.540] [WmRegProDrv / WmRegProDrv][Stopped/Manual Start] [Windows (R) 2000 DDK provider, 5.1.2600.0 built by: WinDDK] [360SelfProtection / 360SelfProtection][Running/System Start] [(Verified)360安全中心, 1, 0, 0, 1004] [a320raid / a320raid][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\a320raid.sys> [(Verified)Adaptec, Inc., v3.00.036] [Adaptec SAS/SATA-II RAID Miniport Driver / aacsas][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aacsas.sys> [(Verified)Adaptec, Inc., 5.2.0.11829] [adpu160m / adpu160m][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\adpu160m.sys> [(Verified)Adaptec, Inc., 6,2,0000,000 built by: WinDDK] [adpu320 / adpu320][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\adpu320.sys> [(Verified)Adaptec, Inc., 1.1.000.000 built by: WinDDK] [aeaudio / aeaudio][Running/Manual Start] [(Verified)Andrea Electronics Corporation, 1.0.0.2 (STUB)] [AFAMgt / AFAMgt][Running/Boot Start] [(Verified)Adaptec, Inc., 4.1.0.7427] [ahcix86 / ahcix86][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ahcix86.sys> [(Verified)ATI Technologies Inc., 2.5.1540.34 built by: WinDDK] [AliIde / AliIde][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\aliide.sys> [(Verified)Acer Laboratories Inc., 1.20] [AMD AGP Bus Filter Driver / amdagp][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\amdagp.sys> [(Verified)Advanced Micro Devices, Inc., 5.00 (xpsp.080413-2111)] [AMD NB AGP Bus Filter / amdagp8p][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\amdagp8p.sys> [(Verified)Advanced Micro Devices, Inc., 8.1.2 built by: WinDDK] [amdbusdr / amdbusdr][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\amdbusdr.sys> [(Verified)AMD, 8.2.8] [AMD EIDE 驱动程衼E / amdeide][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\AmdEide.sys> [(Verified)AMD, 8.2.8] [asc / asc][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\asc.sys> [(Verified)Advanced System Products, Inc., 2.9I-MS (XPClient.010817-1148)] [asc3550 / asc3550][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\asc3550.sys> [(Verified)Advanced System Products, Inc., 3.1E-MS (XPClient.010817-1148)] [ati2mtag / ati2mtag][Running/Manual Start] [(Verified)ATI Technologies Inc., 6.14.10.6614] [atiide / atiide][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\atiide.sys> [(Verified)ATI Technologies Inc., 1.00.0000.3 built by: WinDDK] [AtpKrnl / AtpKrnl][Stopped/Manual Start] [(Verified)www.arswp.com, 3.00] [Promise driver accelerator / bb-run][Running/Boot Start] [(Verified)Promise Technology, Inc., 1.0.1.2 built by: WinDDK] [BFSDRV / BFSDRV][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\bfsdrv.sys> [(Verified)360安全中心, 1.0.0.1003] [DELL CERC SATA 1.5/6ch RAID Miniport Driver / cercsr6][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\cercsr6.sys> [(Verified)Adaptec, Inc., 4.1.0.7010] [CmdIde / CmdIde][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\cmdide.sys> [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148)] [Cpq32fs2 / Cpq32fs2][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\Cpq32fs2.sys> [(Verified)Hewlett-Packard Company, 5.24.00.0] [Creative SB16/AWE32/AWE64 Driver (WDM) / ctlsb16][Stopped/Manual Start] [(Verified)Copyright (C) Creative Technology Ltd. 1994-2001, 5.1.2501.0 built by: WinDDK] [dac2w2k / dac2w2k][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\dac2w2k.sys> [(Verified)Mylex Corporation, 6.00-21 (XPClient.010817-1148)] [DC21x4 Based Network Adapter Driver / DC21x4][Stopped/Manual Start] [(Verified)Intel Corporation., 5.05.04] [Promise Removable Disk Control Driver / dontgo][Running/Boot Start] [(Verified)Promise Technology, Inc., 1.0.0.3 built by: WinDDK] [EfiSystemMon / EfiMon][Running/System Start] [(Verified)奇虎网, 1, 0, 0, 1003] [fttxr52P / fttxr52P][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\fttxr52P.sys> [(Verified)Promise Technology, Inc., 2.6.0.311 built by: WinDDK] [Fujitsu FUJ02B1 Device Driver / FUJ02B1][Stopped/Manual Start] [(Verified)FUJITSU LIMITED, 1.21 built by: WinDDK] [%FUJ02E1.DeviceDesc% / FUJ02E1][Stopped/Manual Start] [(Verified)Fujitsu Limited, 1, 0, 0, 3] [Fujitsu FUJ02E3 Device Driver / FUJ02E3][Stopped/Manual Start] [(Verified)FUJITSU LIMITED, 1.00 built by: WinDDK] [Intel(R) Management Engine Interface / HECI][Stopped/Manual Start] [(Verified)Intel Corporation, 2.1.22.1026 built by: WinDDK] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6] [HookPort / HookPort][Running/Boot Start] [(Verified)360安全中心, 1, 0, 0, 1003] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 56] [Intel RAID Controller / iaStor][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\iaStor.sys> [(Verified)Intel Corporation, 7.0.0.1020] [IFXTPM / IFXTPM][Stopped/Manual Start] [(Verified)Infineon Technologies AG, 1.80.0002.00 built by: WinDDK] [JMicron Hot-Plug Driver / JGOGO][Running/Boot Start] [(Verified)JMicron , 5.0.3790.1] [JRAID / JRAID][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\jraid.sys> [(Verified)JMicron Technology Corp., 1.17.17.00 built by: WinDDK] [m5287 / m5287][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\m5287.sys> [(Verified)ULi Electronics Inc., 6.209] [m5288 / m5288][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\m5288.sys> [(Verified)ULi Electronics Inc., 6.218] [m5289 / m5289][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\m5289.sys> [(Verified)ULi Electronics Inc., 5.030] [mv61xx / mv61xx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\mv61xx.sys> [(Verified)Marvell Semiconductor, Inc., 1.2.0.24 built by: WinDDK] [IBM ServeRAID 4M/4L/4Mx/4Lx/5i/6M/6i/7k Device Driver / nfrd960][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\nfrd960.sys> [(Verified)IBM Corporation, 7.10.18] [SiI 680 ATA Controller / Pnp680][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\pnp680.sys> [(Verified)Silicon Image, Inc., 1, 2, 26, 0] [Silicon Image SiI 0680 Medley Raid Controller / Pnp680r][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\pnp680r.sys> [(Verified)Silicon Image, Inc, 1, 0, 1, 7] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)] [ql1080 / ql1080][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql1080.sys> [(Verified)QLogic Corporation, 3.04] [ql12160 / ql12160][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql12160.sys> [(Verified)QLogic Corporation, 7.21.1.1 (W2K)] [ql1280 / ql1280][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql1280.sys> [(Verified)QLogic Corporation, 7.13.01 (W2K)] [ql2100 / ql2100][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql2100.sys> [(Verified)QLogic Corporation, 7.05.05 (W2K)] [ql2200 / ql2200][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ql2200.sys> [(Verified)QLogic Corporation, 8.1.5.12 (W2K IP)] [QQGameProtect / QQGameProtect][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\QQGameProtect.sys> [(Verified)TENCENT, 1.0.0.0 built by: WinDDK] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2] [rfwtdi / rfwtdi][Running/Auto Start] <\??\E:\新建文件夹\Rising\Ris\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.7] [rsfwdrv / rsfwdrv][Running/System Start] <\??\E:\新建文件夹\Rising\Ris\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.47] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [S150sx8 / S150sx8][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\S150sx8.sys> [(Verified)Promise Technology, Inc., 1.00.0.51] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys> [(Verified)360安全中心, 2, 4, 0, 1004] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086] [SiI-3512 SATALink Controller / SI3112][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SI3112.sys> [(Verified)Silicon Image, Inc., 1, 3, 68, 0] [ATI-437A Serial ATA Controller / SI3112r][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SI3112r.sys> [(Verified)Silicon Image, Inc, 1, 0, 56, 0] [SiI-3114 SATALink Controller / SI3114][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SI3114.sys> [(Verified)Silicon Image, Inc., 1, 3, 10, 0] [SiI-3114 SATARaid Controller / SI3114r][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SI3114R.sys> [(Verified)Silicon Image, Inc, 1, 0, 15, 0] [SiI-3114 SoftRaid 5 Controller / Si3114r5][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\Si3114r5.sys> [(Verified)Silicon Image, Inc, 1, 5, 10, 0] [SiI-3124 SATALink Controller / SI3124][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SI3124.sys> [(Verified)Silicon Image, Inc., 1, 3, 20, 0] [SiI-3124 SATARaid Controller / SI3124r][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SI3124R.sys> [(Verified)Silicon Image, Inc, 1, 0, 0, 2] [SiI-3124 SoftRaid 5 Controller / Si3124r5][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\Si3124r5.sys> [(Verified)Silicon Image, Inc, 1, 5, 11, 0] [SiI-3132 SATALink Controller / SI3132][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SI3132.sys> [(Verified)Silicon Image, Inc., 1, 0, 19, 0] [SiI-3132 SoftRaid 5 Controller / Si3132r5][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\Si3132r5.sys> [(Verified)Silicon Image, Inc, 1, 5, 14, 0] [SATALink driver accelerator / SiFilter][Running/Boot Start] [(Verified)Silicon Image, Inc., 1.0.0.11] [SATALink External Device Filter / SiRemFil][Running/Boot Start] [(Verified)Silicon Image, Inc., 1, 1, 6, 0] [SiS AGP Filter / SISAGP][Running/Boot Start] [(Verified)Silicon Integrated Systems Corporation, 7.2.0.1170 built by: WinDDK] [SiSide / SiSide][Running/Boot Start] [(Verified)Silicon Integrated Systems Corp., 2.04.00.00 built by: WinDDK] [SiS PCI Fast Ethernet Adapter Driver / SISNIC][Stopped/Manual Start] [(Verified)SiS Corporation, 1.16.00.05 built by: WinDDK] [SiSRaid / SiSRaid][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SiSRaid.sys> [(Verified)Silicon Integrated Systems, 5.1.1039.1090] [SiSRaid2 / SiSRaid2][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SiSRaid2.sys> [(Verified)Silicon Integrated Systems Corp, 2.03.00] [Sparrow / Sparrow][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sparrow.sys> [(Verified)Adaptec, Inc., v2.0a (ReleaseBinaries.001205-1804)] [symc8xx / symc8xx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\symc8xx.sys> [(Verified)LSI Logic, 5.1.2409.1 (ReleaseBinaries.001205-1804)] [sym_hi / sym_hi][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sym_hi.sys> [(Verified)LSI Logic, 5.1.2462.0 (Lab01_N.010309-0027)] [sym_u3 / sym_u3][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\sym_u3.sys> [(Verified)LSI Logic, 5.1.2462.0 (Lab01_N.010309-0027)] [TesDrvPt / TesDrvPt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesDrvPt.sys> [(Verified)TENCENT, 1.0.5 built by: WinDDK] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [(Verified)TENCENT, 0, 1, 0, 4] [Transmeta TM 8000 AGP Filter Driver / tmagp][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\tmagp.sys> [(Verified)Transmeta Corporation, 1.2.0.3] [ULi AGP Bus Filter Driver / uliagpkx][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\agpkx.sys> [(Verified)ULi Electronics Inc., 5.1.2600.2300 built by: WinDDK] [UlSata / UlSata][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ulsata.sys> [(Verified)Promise Technology, Inc., 1.00.0.27] [ulsata2 / ulsata2][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\ulsata2.sys> [(Verified)Promise Technology, Inc., 1.00.0.33] [VIA AGP Filter / viaagp1][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\viaagp1.sys> [(Verified)VIA Technologies, Inc., 5.1.0.3442 built by: VIA] [VIA ATA/ATAPI Host Controller / viapdsk][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\viapdsk.sys> [(Verified)VIA Technologies, Inc., 5.1.2600.104] [videX32 / videX32][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\videX32.sys> [(Verified)VIA Technologies, Inc., 6.0.3790.160] [VIA SATA IDE Hot-plug Driver / xfilt][Running/Boot Start] [(Verified)VIA Technologies,Inc, 6.0.5728.160] ================================================================ 活动进程 [PID: 856 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] C:\WINDOWS\system32\Ati2evxx.dll [(Verified)ATI Technologies Inc., 6.14.10.4132] C:\WINDOWS\system32\COMRes.dll [N/A] [PID: 912 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] C:\WINDOWS\system32\GameLink.dll [www.Easy2Game.com, 17, 2, 6, 8] [PID: 1072 / SYSTEM] C:\WINDOWS\system32\Ati2evxx.exe [(Verified)ATI Technologies Inc., 6.14.10.4132] C:\WINDOWS\system32\Ati2edxx.dll [(Verified)ATI Technologies, Inc., 6, 14, 10, 2500] [PID: 1088 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\COMRes.dll [N/A] [PID: 1184 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\GameLink.dll [www.Easy2Game.com, 17, 2, 6, 8] C:\WINDOWS\system32\COMRes.dll [N/A] [PID: 1268 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\System32\COMRes.dll [N/A] C:\WINDOWS\system32\GameLink.dll [www.Easy2Game.com, 17, 2, 6, 8] c:\windows\system32\msi.dll [Microsoft Corporation, 4.5.6001.22159] [PID: 1356 / SYSTEM] E:\新建文件夹\Rising\Ris\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] E:\新建文件夹\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] E:\新建文件夹\Rising\Ris\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] E:\新建文件夹\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] E:\新建文件夹\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20] E:\新建文件夹\Rising\Ris\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 40] E:\新建文件夹\Rising\Ris\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [PID: 1412 / SYSTEM] D:\新建文件夹 (2)\360safe\SoftMgr\360delays.exe [(Verified) , 1, 0, 0, 1001] [PID: 1636 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\GameLink.dll [www.Easy2Game.com, 17, 2, 6, 8] [PID: 1708 / SYSTEM] E:\新建文件夹\Rising\Ris\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] E:\新建文件夹\Rising\Ris\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] E:\新建文件夹\Rising\Ris\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] E:\新建文件夹\Rising\Ris\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] E:\新建文件夹\Rising\Ris\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] E:\新建文件夹\Rising\Ris\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9] E:\新建文件夹\Rising\Ris\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31] E:\新建文件夹\Rising\Ris\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] E:\新建文件夹\Rising\Ris\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9] E:\新建文件夹\Rising\Ris\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28] E:\新建文件夹\Rising\Ris\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] E:\新建文件夹\Rising\Ris\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] E:\新建文件夹\Rising\Ris\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] E:\新建文件夹\Rising\Ris\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25] E:\新建文件夹\Rising\Ris\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.89] E:\新建文件夹\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] E:\新建文件夹\Rising\Ris\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0] E:\新建文件夹\Rising\Ris\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3] E:\新建文件夹\Rising\Ris\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5] E:\新建文件夹\Rising\Ris\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] E:\新建文件夹\Rising\Ris\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.18] E:\新建文件夹\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] E:\新建文件夹\Rising\Ris\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] E:\新建文件夹\Rising\Ris\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] E:\新建文件夹\Rising\Ris\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] E:\新建文件夹\Rising\Ris\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] E:\新建文件夹\Rising\Ris\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25] C:\WINDOWS\system32\GameLink.dll [www.Easy2Game.com, 17, 2, 6, 8] E:\新建文件夹\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] E:\新建文件夹\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] E:\新建文件夹\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20] E:\新建文件夹\Rising\Ris\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18] E:\新建文件夹\Rising\Ris\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] E:\新建文件夹\Rising\Ris\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] E:\新建文件夹\Rising\Ris\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] E:\新建文件夹\Rising\Ris\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22] E:\新建文件夹\Rising\Ris\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] E:\新建文件夹\Rising\Ris\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19] E:\新建文件夹\Rising\Ris\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.39] C:\WINDOWS\system32\COMRes.dll [N/A] E:\新建文件夹\Rising\Ris\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15] E:\新建文件夹\Rising\Ris\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] E:\新建文件夹\Rising\Ris\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] E:\新建文件夹\Rising\Ris\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] E:\新建文件夹\Rising\Ris\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] E:\新建文件夹\Rising\Ris\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 49] E:\新建文件夹\Rising\Ris\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] E:\新建文件夹\Rising\Ris\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] E:\新建文件夹\Rising\Ris\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] E:\新建文件夹\Rising\Ris\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] E:\新建文件夹\Rising\Ris\methodex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] E:\新建文件夹\Rising\Ris\pecompd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] E:\新建文件夹\Rising\Ris\heurex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10] E:\新建文件夹\Rising\Ris\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8] E:\新建文件夹\Rising\Ris\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] E:\新建文件夹\Rising\Ris\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] E:\新建文件夹\Rising\Ris\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] E:\新建文件夹\Rising\Ris\posttrt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] E:\新建文件夹\Rising\Ris\ur025.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] E:\新建文件夹\Rising\Ris\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] E:\新建文件夹\Rising\Ris\uroutine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] [PID: 1816 / Administrator] C:\WINDOWS\system32\Ati2evxx.exe [(Verified)ATI Technologies Inc., 6.14.10.4132] C:\WINDOWS\system32\COMRes.dll [N/A] C:\WINDOWS\system32\Ati2edxx.dll [(Verified)ATI Technologies, Inc., 6, 14, 10, 2500] [PID: 1972 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] C:\WINDOWS\system32\COMRes.dll [N/A] [PID: 288 / SYSTEM] C:\WINDOWS\system32\AmdHpSrv.exe [AMD, Inc., 1.3.9] [PID: 684 / SYSTEM] E:\新建文件夹\Rising\Ris\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] E:\新建文件夹\Rising\Ris\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] E:\新建文件夹\Rising\Ris\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] E:\新建文件夹\Rising\Ris\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13] E:\新建文件夹\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] E:\新建文件夹\Rising\Ris\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.10] E:\新建文件夹\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] E:\新建文件夹\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [PID: 1244 / SYSTEM] E:\新建文件夹\Rising\Ris\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15] E:\新建文件夹\Rising\Ris\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12] E:\新建文件夹\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] E:\新建文件夹\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] E:\新建文件夹\Rising\Ris\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] [PID: 1824 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] C:\WINDOWS\System32\COMRes.dll [N/A] C:\WINDOWS\system32\GameLink.dll [www.Easy2Game.com, 17, 2, 6, 8] [PID: 3328 / Administrator] C:\Program Files\Internet Explorer\IEXPLORE.EXE [(Verified)Microsoft Corporation, 7.00.6000.16850 (vista_gdr.090423-0018)] C:\WINDOWS\system32\COMRes.dll [N/A] F:\新建文件夹 (16)\Thunder\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] F:\新建文件夹 (16)\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120] F:\新建文件夹 (16)\Thunder\Components\ResWorker\DsBho_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 20] F:\新建文件夹 (16)\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16] C:\WINDOWS\system32\GameLink.dll [www.Easy2Game.com, 17, 2, 6, 8] E:\新建文件夹\Rising\Ris\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.76] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A] C:\WINDOWS\system32\ffdshow.ax [Copyright © 2002-2005 Milan Čutka, 1.0.2.2028] [PID: 1944 / Administrator] D:\新建文件夹\arswp3\arswp3.exe [(C) 2006 - 2009 Windows 清 理 助 手, 3.0.6.628] C:\WINDOWS\system32\COMRes.dll [N/A] C:\WINDOWS\system32\GameLink.dll [www.Easy2Game.com, 17, 2, 6, 8] E:\新建文件夹\Rising\Ris\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.76] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87] ================================================================ 文件关联 ================================================================ Autorun.Inf ================================================================ Winsock提供者 [Easy2Game-TCPChain] <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8] [Easy2Game-UDPChain] <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8] [Easy2Game-UDPChain] <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8] [Easy2Game-TCPChain] <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8] [Easy2Game-TCPFilter] <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8] [Easy2Game-UDPFilter] <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8] [Easy2Game-UDPFilter] <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8] [Easy2Game-TCPFilter] <%systemroot%\system32\GameLink.dll> [www.Easy2Game.com, 17, 2, 6, 8] ================================================================ 隐藏进程 ================================================================ 可疑文件 ================================================================ HOSTS 127.0.0.1 aifind.info 127.0.0.1 allsearcher.info 127.0.0.1 cadabra.biz 127.0.0.1 ehttp.cc 127.0.0.1 freednshost.info 127.0.0.1 i-lookup.com 127.0.0.1 searchpage.cc 127.0.0.1 www.nkvd.us 127.0.0.1 www.smart-finder.biz 127.0.0.1 www.xfreehosting.com 127.0.0.1 www.xxx166.com [/CODE]