[CODE] 2009-07-23,22:08:18 SysLog Scanner 3.0 - build 20090620 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) ================================================================ 注册项 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"C:\Program Files\Tencent\QQ\Bin\QQ.exe" /background> [(Verified)Tencent, 1, 30, 860, 0] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"C:\Program Files\kingsoft\KSWebShieldSVC\kwstray.exe" /start> [] <"C:\Program Files\JiangMin\Antivirus\KVMonXP.kxp"> [] <"C:\Program Files\Rising\Ris\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] <> [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [Microsoft Corporation, 1.07 (xpsp_sp2_gdr.050725-1528)] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt] <使用迅雷下载> [N/A] <使用迅雷下载全部链接> [N/A] <添加到QQ表情> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt] <添加到QQ表情> [N/A] ================================================================ 启动组 [QQ游戏启动加速程序] <"C:\Program Files\腾讯游戏\QQGAME\Accel.exe"> [深圳市腾讯计算机系统有限公司, 2, 0, 103, 5] ================================================================ 任务计划 [SogouImeMgr.job] <"C:\PROGRA~1\SOGOUI~1\422~1.273\PinyinRepair.exe" /S> [(Verified)Sogou.com Inc., 4.2.2.2732] ================================================================ 组件 -------------------------------- Shell Extension [Display Panning CPL Extension] <{42071714-76d4-11d1-8b24-00a0c9068ff3}> [] [任务栏和「开始」菜单] <{0DF44EAA-FF21-4412-828E-260A8728E7F1}> <> [] [WinRAR shell extension] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [RISING] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] -------------------------------- ToolBar [瑞星卡卡工具条(&R)] <{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 3] -------------------------------- Protocols [Microsoft InfoTech Protocols for IE 4.0] <{9D148291-B9C8-11D0-A4CC-0000F80149F6}> [Microsoft Corporation, 5.2.3790.2453 (srv03_sp1_gdr.050525-1542)] [] <{6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}> [酷狗, 5.2.4.4] -------------------------------- Context Menu [OpenFolder] <{0DE1378D-F811-40E6-B60A-1CC56F57D3E9}> [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1] [QvodMenu] <{9F44453E-1E46-4D5C-B57C-112FF2EDAE82}> [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] [RisingRavExt] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [WinRAR] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] -------------------------------- BrowserHelperObject [ThunderAtOnce Class] <{01443AEC-0FD1-40fd-9C87-E93D1494C233}> [深圳市迅雷网络技术有限公司, 1.2.6.148] [Thunder Browser Helper] <{80BF4636-D65B-43F3-BB60-C5DD3D5FB7B9}> [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 18] [Thunder Browser Helper] <{889D2FEB-5411-4565-8998-1DD2C5261283}> [(Verified)Thunder Networking Technologies,LTD, 5.0.8.179] [卡卡上网安全助手] <{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] -------------------------------- ActiveX Extension [ThunderAtOnce Class] <{01443AEC-0FD1-40FD-9C87-E93D1494C233}> [深圳市迅雷网络技术有限公司, 1.2.6.148] [ULiveCtrl Control] <{070CA17A-4BD2-4612-83B4-32B1B9159B48}> [(Verified)北京新浪信息技术有限公司, 3, 0, 5,0] [DHTML Edit Control Safe for Scripting for IE5] <{2D360201-FFF5-11D1-8D03-00A0C959BC0A}> [Microsoft Corporation, 6.01.9232] [Thunder Agent Class] <{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}> [(Verified)Thunder Networking Technologies,LTD, 6.0.4.179] [mkd25aosCtrl Class] <{59B0298B-A7B5-4045-A34E-377EDF7BCB8E}> [(Verified)AhnLab, Inc., 2, 5, 0, 19] [XPPIECtrl Class] <{5AB1EF72-6CC6-4090-9030-8E0ACF7E6D3E}> [TOM Online Inc., 1, 0, 0, 1] [WangWangX Class] <{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B}> [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1] [StormPlayer Object] <{6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB}> [(Verified)北京暴风网际科技有限公司, 3, 9, 1, 15] [DLoader Class] <{78ABDC59-D8E7-44D3-9A76-9A0918C52B4A}> [(Verified)Sina Com, 1, 0, 0, 14] [Thunder Browser Helper] <{80BF4636-D65B-43F3-BB60-C5DD3D5FB7B9}> [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 18] [Thunder Browser Helper] <{889D2FEB-5411-4565-8998-1DD2C5261283}> [(Verified)Thunder Networking Technologies,LTD, 5.0.8.179] [OFrameObject Class] <{9701758C-4373-482E-B13C-776C048EC890}> [(Verified)ShenZhen Thunder Networking Technologies Ltd., 2, 3, 5901, 169] [卡卡上网安全助手] <{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] [WebVGPlayer Class] <{AA899B43-24BD-4B6B-BBD0-45557D8D11E0}> [Copyright 2004, 1, 0, 0, 1] [CCTVUpdateInstall] <{AC414988-E5BB-4C2C-873B-EA53D2F3D23A}> [(Verified)CCTV International Networks Co.,Ltd, 1, 0, 0, 9] [RDS.DataSpace] <{BD96C556-65A3-11D0-983A-00C04FC29E36}> [Microsoft Corporation, 2.81.1124.0 (xpsp_sp2_gdr.060322-1613)] [KooPlayer Control] <{C728DAB8-FDF5-4CD7-89DD-879D25794C77}> [(Verified)CCTV.COM, 1, 0, 0, 103] [AUDIO__MP3 Moniker Class] <{CD3AFA76-B84F-48F0-9393-7EDC34128127}> [Microsoft Corporation, 10.00.00.4058] [Shockwave Flash Object] <{D27CDB6E-AE6D-11CF-96B8-444553540000}> [(Verified)Adobe Systems, Inc., 10,0,22,87] [瑞星卡卡工具条(&R)] <{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 3] [PlayerCtrl Class] <{E05BC2A3-9A46-4A32-80C9-023A473F5B23}> [(Verified)深圳腾讯科技, 3, 1, 164, 203] [XPPlayer Class] <{F3E70CEA-956E-49CC-B444-73AFE593AD7F}> [(Verified)ShenZhen Thunder Networking Technologies Ltd., 2, 1, 59010, 253] [InfoCheck Class] <{F91BA567-79B9-467E-BC97-5DBA01BBC5EE}> [(Verified)Copyright 2008, 1, 0, 0, 2] ================================================================ 服务 [DHCP Client / Dhcp][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\dhcpcsvc.dll"> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [Fast User Switching Compatibility / FastUserSwitchingCompatibility][Stopped/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll"> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [Server / lanmanserver][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\srvsvc.dll"> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation, 5.1.2600.2577 (xpsp_sp2_gdr.041130-1729)] [Shell Hardware Detection / ShellHWDetection][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll"> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)] [Print Spooler / Spooler][Running/Auto Start] <%SystemRoot%\system32\spoolsv.exe> [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] [Windows Image Acquisition (WIA) / stisvc][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k imgsvc --> "%SystemRoot%\system32\wiaservc.dll"> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation, 5.1.2600.3051 (xpsp_sp2_gdr.061219-0316)] [Telephony / TapiSrv][Running/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\tapisrv.dll"> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation, 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657)] [Themes / Themes][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll"> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)] [Tencent Software Update Service / TSUSVC][Running/Auto Start] <"C:\Program Files\Tencent\QQSoftMgr\TencentUpdateSvc.exe" -run> [Tencent, 1.0 Beta2 Build 2009.04.20] [Universal Plug and Play Device Host / upnphost][Stopped/Manual Start] <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\upnphost.dll"> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation, 5.1.2600.3077 (xpsp_sp2_gdr.070204-2255)] [WebClient / WebClient][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\webclnt.dll"> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation, 5.1.2600.2821 (xpsp_sp2_gdr.060103-1536)] [Contrl Center of Storm Media / ccosm][Running/Auto Start] [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15] [Ris Process Communication Center / RisCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [Rising RisTask Manager / RisTask][Running/Auto Start] <"C:\Program Files\Rising\Ris\RavTask.exe" RisTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12] ================================================================ 驱动 [CdaC15BA / CdaC15BA][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\CdaC15BA.SYS> [Macrovision Europe Ltd, 3.17.000] [C-Media WDM Audio Interface / cmuda][Running/Manual Start] [C-Media Inc, 5.12.01.0049.1 (63)] [EagleNT / EagleNT][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys> [] [FltMgr / FltMgr][Running/Boot Start] [Microsoft Corporation, 5.1.2600.2978 (xpsp_sp2_gdr.060821-0039)] [HTTP / HTTP][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2869 (xpsp_sp2_gdr.060316-1512)] [IP Network Address Translator / IpNat][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2524 (xpsp_sp2_gdr.040919-1056)] [JMicron Hot-Plug Driver / JGOGO][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\JGOGO.sys> [JMicron , 5.0.3790.1] [Writing Tablet Driver / kbdfdo][Running/Manual Start] [1, 0, 0, 0] [Mkd2kfNt / Mkd2kfNt][Stopped/Manual Start] [AhnLab, Inc., 2,0,0,91] [Mkd2Nadr / Mkd2Nadr][Stopped/Manual Start] [AhnLab, Inc., 2,0,0,38] [Rdbss / Rdbss][Running/System Start] [Microsoft Corporation, 5.1.2600.2902 (xpsp_sp2_gdr.060505-0036)] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)] [TesDrvPt / TesDrvPt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesDrvPt.sys> [TENCENT, 1.0.4 built by: WinDDK] [BC / BC][Running/Boot Start] [(Verified)Kingsoft Corporation, 2009, 1, 8, 88] [bootsafe / bootsafe][Running/Boot Start] [(Verified)Copyright (C) 2008, 2009, 1, 6, 12] [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Running/Manual Start] [(Verified)VIA Technologies, Inc. , 2.66] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 56] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\Ris\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.7] [rsfwdrv / rsfwdrv][Running/System Start] <\??\C:\Program Files\Rising\Ris\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.47] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [S3SavageNB / S3SavageNB][Running/Manual Start] [(Verified)S3 Graphics, Inc., 6.14.10.0012-13.94.12] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [(Verified)TENCENT, 0, 1, 0, 4] ================================================================ 活动进程 [PID: 900 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\sxs.dll [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)] [PID: 924 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\AUTHZ.dll [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\COMCTL32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\SHSVCS.dll [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\sxs.dll [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] [PID: 968 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.3520 (xpsp_sp2_qfe.090206-1239)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\AUTHZ.dll [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519)] C:\WINDOWS\system32\umpnpmgr.dll [Microsoft Corporation, 5.1.2600.2744 (xpsp_sp2_gdr.050822-1647)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] [PID: 980 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] C:\WINDOWS\system32\kerberos.dll [Microsoft Corporation, 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] C:\WINDOWS\system32\wdigest.dll [Microsoft Corporation, 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516)] [PID: 1148 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] [PID: 1224 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] [PID: 1376 / SYSTEM] C:\Program Files\Rising\Ris\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] C:\Program Files\Rising\Ris\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\Program Files\Rising\Ris\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37] C:\Program Files\Rising\Ris\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1384 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] c:\windows\system32\shsvcs.dll [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316)] c:\windows\system32\dhcpcsvc.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] c:\windows\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] C:\WINDOWS\System32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] C:\WINDOWS\System32\SXS.DLL [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)] C:\WINDOWS\system32\comsvcs.dll [Microsoft Corporation, 2001.12.4414.308] c:\windows\system32\ESENT.dll [Microsoft Corporation, 5.1.2468.0 (Lab03_N(jliem).010306-1456)] c:\windows\system32\tapisrv.dll [Microsoft Corporation, 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657)] C:\WINDOWS\system32\kerberos.dll [Microsoft Corporation, 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522)] [PID: 1432 / SYSTEM] C:\Program Files\Rising\Ris\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\Program Files\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\Ris\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\Program Files\Rising\Ris\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 40] C:\Program Files\Rising\Ris\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] C:\WINDOWS\system32\COMCTL32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1508 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] c:\windows\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] [PID: 1724 / SYSTEM] C:\Program Files\Rising\Ris\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] C:\Program Files\Rising\Ris\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\Ris\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\Program Files\Rising\Ris\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] C:\Program Files\Rising\Ris\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Ris\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9] C:\Program Files\Rising\Ris\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31] C:\Program Files\Rising\Ris\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] C:\Program Files\Rising\Ris\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] C:\Program Files\Rising\Ris\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\Program Files\Rising\Ris\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] C:\Program Files\Rising\Ris\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\Program Files\Rising\Ris\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\Program Files\Rising\Ris\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25] C:\Program Files\Rising\Ris\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.89] C:\Program Files\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\Ris\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0] C:\Program Files\Rising\Ris\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3] C:\Program Files\Rising\Ris\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5] C:\WINDOWS\system32\Iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] C:\Program Files\Rising\Ris\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] C:\Program Files\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Ris\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.18] C:\Program Files\Rising\Ris\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Ris\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] C:\Program Files\Rising\Ris\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] C:\Program Files\Rising\Ris\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] C:\Program Files\Rising\Ris\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25] C:\Program Files\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\Program Files\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20] C:\Program Files\Rising\Ris\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18] C:\Program Files\Rising\Ris\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\Ris\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\Ris\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] C:\Program Files\Rising\Ris\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Rising\Ris\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\Program Files\Rising\Ris\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19] C:\Program Files\Rising\Ris\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.39] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] C:\Program Files\Rising\Ris\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] C:\Program Files\Rising\Ris\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] C:\Program Files\Rising\Ris\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] C:\Program Files\Rising\Ris\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] C:\Program Files\Rising\Ris\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 52] C:\Program Files\Rising\Ris\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Ris\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] C:\Program Files\Rising\Ris\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15] C:\Program Files\Rising\Ris\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\Program Files\Rising\Ris\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Ris\methodex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] C:\Program Files\Rising\Ris\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8] C:\Program Files\Rising\Ris\pecompd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] C:\Program Files\Rising\Ris\heurex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\Program Files\Rising\Ris\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] C:\Program Files\Rising\Ris\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] C:\Program Files\Rising\Ris\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] C:\Program Files\Rising\Ris\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] C:\Program Files\Rising\Ris\ur014.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [PID: 1772 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\msi.dll [Microsoft Corporation, 4.5.6001.22159] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] [PID: 1832 / SYSTEM] C:\Program Files\StormII\stormliv.exe [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] C:\WINDOWS\system32\mlang.dll [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)] [PID: 1952 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] c:\windows\system32\wiaservc.dll [Microsoft Corporation, 5.1.2600.3051 (xpsp_sp2_gdr.061219-0316)] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] [PID: 1976 / SYSTEM] C:\Program Files\Rising\Ris\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\Ris\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\Program Files\Rising\Ris\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\Program Files\Rising\Ris\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13] C:\Program Files\Rising\Ris\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\Program Files\Rising\Ris\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.10] C:\Program Files\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\Program Files\Rising\Ris\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.27] C:\Program Files\Rising\Ris\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.50] C:\Program Files\Rising\Ris\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.9] C:\Program Files\Rising\Ris\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Ris\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19] C:\Program Files\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20] C:\Program Files\Rising\Ris\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.39] C:\Program Files\Rising\Ris\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Ris\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] C:\Program Files\Rising\Ris\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] C:\Program Files\Rising\Ris\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] C:\Program Files\Rising\Ris\mvengine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] C:\Program Files\Rising\Ris\posttrt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Rising\Ris\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] C:\Program Files\Rising\Ris\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] C:\Program Files\Rising\Ris\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] C:\Program Files\Rising\Ris\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] C:\Program Files\Rising\Ris\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 52] C:\Program Files\Rising\Ris\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Ris\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] C:\Program Files\Rising\Ris\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\Program Files\Rising\Ris\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Ris\methodex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] C:\Program Files\Rising\Ris\pecompd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] C:\Program Files\Rising\Ris\heurex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\Program Files\Rising\Ris\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8] C:\Program Files\Rising\Ris\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] C:\Program Files\Rising\Ris\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15] C:\Program Files\Rising\Ris\ur025.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] C:\Program Files\Rising\Ris\ur027.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] C:\Program Files\Rising\Ris\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] [PID: 2000 / SYSTEM] C:\Program Files\Tencent\QQSoftMgr\TencentUpdateSvc.exe [Tencent, 1.0 Beta2 Build 2009.04.20] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] [PID: 284 / SYSTEM] C:\Program Files\Rising\Ris\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15] C:\Program Files\Rising\Ris\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\Program Files\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\Program Files\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Ris\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] [PID: 792 / Administrator] C:\WINDOWS\Explorer.EXE [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] C:\Program Files\FreeLaunchBar\flb.dll [TrueSoft, 1.0.0.0] C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)] C:\WINDOWS\system32\msi.dll [Microsoft Corporation, 4.5.6001.22159] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Tencent\QQ\qdshm.dll [(Verified)Copyright 2004, 1, 0, 101, 20] C:\Program Files\WinRAR\rarext.dll [N/A] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] C:\Program Files\FengSu\QvodBand.dll [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] D:\收藏夹和我的文挡\我的文档\My Pictures\旺旺\Alitalk\AliIMExt.dll [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll [Microsoft Corporation, 8.00.50727.762] [PID: 1184 / Administrator] C:\Program Files\Rising\Ris\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Rising\Ris\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\Ris\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28] C:\Program Files\Rising\Ris\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Ris\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\Ris\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] C:\Program Files\Rising\Ris\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\Program Files\Rising\Ris\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] C:\Program Files\Rising\Ris\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14] C:\Program Files\Rising\Ris\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\Ris\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Ris\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\Ris\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20] C:\Program Files\Rising\Ris\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25] C:\Program Files\Rising\Ris\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.26] C:\Program Files\Rising\Ris\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] C:\Program Files\Rising\Ris\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29] C:\Program Files\Rising\Ris\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10] C:\Program Files\Rising\Ris\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.1.4] C:\Program Files\Rising\Ris\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Ris\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23] C:\Program Files\Rising\Ris\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17] C:\Program Files\Rising\Ris\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 12] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] C:\Program Files\Rising\Ris\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\Program Files\Rising\Ris\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] [PID: 1192 / Administrator] C:\Program Files\Rising\AntiSpyware\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\Program Files\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] C:\Program Files\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.43] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] C:\Program Files\Rising\AntiSpyware\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] C:\Program Files\Rising\AntiSpyware\pscan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.69] C:\Program Files\Rising\AntiSpyware\MFC71.DLL [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\AntiSpyware\NtLib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 3, 0, 0, 19] C:\Program Files\Rising\AntiSpyware\SecEx.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 3, 0, 0, 12] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1260 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] [PID: 1852 / Administrator] C:\Program Files\Tencent\QQ\Bin\QQ.exe [(Verified)Tencent, 1, 30, 860, 0] C:\WINDOWS\system32\COMCTL32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\Program Files\Tencent\QQ\Bin\Common.dll [(Verified)Tencent, 1, 30, 860, 0] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.DLL [Microsoft Corporation, 8.00.50727.762] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll [Microsoft Corporation, 8.00.50727.762] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll [Microsoft Corporation, 8.00.50727.762] C:\Program Files\Tencent\QQ\Bin\KernelUtil.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\GF.dll [(Verified)Tencent, 1, 30, 860, 0] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)] C:\Program Files\Tencent\QQ\Bin\AppUtil.dll [(Verified)Tencent, 1, 30, 860, 0] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] C:\Program Files\Tencent\QQ\Bin\MainFrame.dll [(Verified)Tencent, 1, 30, 860, 0] C:\WINDOWS\system32\mlang.dll [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)] C:\Program Files\Tencent\QQ\Bin\TaskTray.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\TXPFProxy.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll [(Verified)Tencent, 1.26.1.26] C:\Program Files\Tencent\QQ\Bin\IM.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\KernelMisc.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\AppMisc.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\AppCtrl.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\ChatFrame.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\ConfigCenter.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\CustomFace.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\LongCnn.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\ContactInfoFrame.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\MsgMgr.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\SkinMgr.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\QInterLive.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\SystemMsg.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Soso\Bin\Soso.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.Weather\Bin\Weather.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.SoBar\Bin\SoBar.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\Com.Tencent.taotao\Bin\Taotao.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll [(Verified)Tencent, 1.1.1.9] C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL [(Verified)Tencent, 1.1.1.3] C:\Program Files\Tencent\QQ\Bin\BasicCtrlDll.dll [(Verified)TENCENT, 8,0,773,1801] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A] C:\Program Files\Tencent\QQ\Bin\GroupApp.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.snsapp\Bin\SNSApp.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.paycenter\Bin\PayCenter.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.qbar\Bin\QBar.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.qqvipmisc\Bin\QQVipMisc.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.wenwen\Bin\WenWen.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.NetBar\Bin\NetBar.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.wireless\Bin\Wireless.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.qqshow\Bin\QQShow.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.qqgame\Bin\QQGame.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.qqpet\Bin\QQPet.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.mail\Bin\Mail.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.crm\Bin\CRM.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.qqvip\Bin\QQVip.dll [(Verified)Tencent, 1, 30, 860, 0] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87] C:\Program Files\Tencent\QQ\Plugin\com.tencent.memo\Bin\Memo.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.advertisement\Bin\Advertisement.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.today\Bin\Today.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\InformationBox.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Bin\vqqsdl.dll [(Verified)Tencent, 5, 0, 3, 24] C:\Program Files\Tencent\QQ\Plugin\com.tencent.qqring\Bin\QQRing.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Tencent\QQ\Plugin\com.tencent.qqwebsite\Bin\QQWebsite.dll [(Verified)Tencent, 1, 30, 860, 0] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Tencent\QQ\Plugin\com.tencent.gamelife\Bin\GameLife.dll [(Verified)Tencent, 1, 30, 860, 0] C:\Program Files\Rising\Ris\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.76] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)] C:\Program Files\Tencent\QQ\Bin\AddrSearch.dll [(Verified)Tencent, 2, 3, 12, 11] C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.2.2.2732] C:\Program Files\SogouInput\4.2.2.2732\Resource.dll [(Verified)Sogou.com Inc., 4.2.2.2732] C:\Program Files\Tencent\QQ\Plugin\com.tencent.vas\Bin\VAS.dll [(Verified)Tencent, 1, 30, 860, 0] [PID: 1140 / Administrator] C:\Program Files\Tencent\QQ\Bin\TXPlatform.exe [(Verified)Tencent, 1, 30, 860, 0] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] C:\Program Files\Tencent\QQ\Bin\TXPFProxy.dll [(Verified)Tencent, 1, 30, 860, 0] [PID: 3336 / Administrator] C:\Program Files\Rising\AntiSpyware\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] [PID: 2988 / Administrator] D:\傲游\Maxthon2\Maxthon.exe [(Verified)Maxthon International ltd., 2, 1, 5, 1250] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] D:\傲游\Maxthon2\mxpp.dll [(Verified)Maxthon International ltd., 1, 0, 0, 250] D:\傲游\Maxthon2\MxSk.dll [(Verified)Maxthon, 1, 0, 0, 414] C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\gdiplus.dll [Microsoft Corporation, 5.1.3102.5581 (xpsp_sp3_qfe.080415-1416)] D:\傲游\Maxthon2\MxProxy2.dll [(Verified)Maxthon International ltd., 1, 0, 0, 4106] D:\傲游\Maxthon2\MxExt.dll [(Verified)N/A] D:\傲游\Maxthon2\MxUI.dll [Maxthon International, 3, 3, 0, 9] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] D:\傲游\Maxthon2\mxtool.dll [(Verified)Copyright 2005, 1, 0, 0, 1] D:\傲游\Maxthon2\maxzlib.dll [(Verified)(C) 1995-2004 Jean-loup Gailly & Mark Adler, 1.2.3] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] C:\WINDOWS\system32\RICHED20.dll [Microsoft Corporation, 5.30.23.1228] C:\WINDOWS\system32\mlang.dll [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)] D:\傲游\Maxthon2\Modules\MxWebBoost\MxWebBoost.dll [(Verified)Maxthon, 1,0,2,1267] D:\傲游\Maxthon2\mxdb.dll [(Verified)Max, 3, 5, 3, 125] D:\傲游\Maxthon2\Modules\MxHistory\MxHistory.dll [(Verified)Maxthon International ltd., 1, 0, 0, 302] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] D:\傲游\Maxthon2\MxFav.dll [(Verified)Maxthon International ltd., 2, 0, 0, 11] C:\Program Files\Rising\Ris\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.76] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.2.2.2732] C:\Program Files\SogouInput\4.2.2.2732\Resource.dll [(Verified)Sogou.com Inc., 4.2.2.2732] [PID: 800 / Administrator] C:\Program Files\arswp3\arswp3.exe [(Verified)(C) 2006 - 2009 Windows 清 理 助 手, 3.0.6.628] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003)] C:\WINDOWS\system32\USER32.dll [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222)] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040)] C:\WINDOWS\system32\oledlg.dll [Microsoft Corporation, 1.0 (xpsp_sp2_gdr.061016-0148)] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528)] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 38] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308] C:\WINDOWS\system32\SXS.DLL [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414)] C:\WINDOWS\system32\rasadhlp.dll [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020)] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\mlang.dll [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030)] C:\Program Files\Rising\Ris\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.76] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87] C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520)] ================================================================ 文件关联 [.chm] <"hh.exe" %1> [Microsoft Corporation, 5.2.3790.2453 (srv03_sp1_gdr.050525-1542)] [.chm] <"hh.exe" %1> [Microsoft Corporation, 5.2.3790.2453 (srv03_sp1_gdr.050525-1542)] ================================================================ Autorun.Inf ================================================================ Winsock提供者 ================================================================ 隐藏进程 ================================================================ 可疑文件 ================================================================ HOSTS 127.0.0.1 localhost [/CODE]