[CODE] 2009-07-28,21:08:25 SysLog Scanner 3.0 - build 20090620 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) ================================================================ 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [AMD, 1, 1, 1, 0] <; nwiz.exe /install> [N/A] [(Verified)Realtek Semiconductor Corp., 2.1.3.2] <"C:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22] <"C:\Program Files\Rising\RFW\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22] <360Safetray> <"D:\工具\360safe\safemon\360tray.exe" /start> [(Verified)360安全中心, 5, 2, 0, 1009] <"C:\Program Files\Rising\Rav\rssafety.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 3.0.0.63] <"C:\Program Files\VIEWGOOD\WebPlayer 2007\WebPlayerDeamon.exe" /Hide> [南京远古科技有限公司, 8.0.0.3] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105) | (Verified)NVIDIA Corporation, 6.14.11.6921] <360Install> <"D:\工具\QvodPlayer\installer.exe" "home"> [(Verified)360.CN, 1, 0, 0, 1001] [版权所有 (C) 2005, 1, 0, 0, 1] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt] <使用迅雷下载> [N/A] <使用迅雷下载全部链接> [N/A] <添加到QQ表情> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt] <添加到QQ表情> [N/A] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors] [Microsoft Corporation, 11.3.1897.0] ================================================================ 启动组 [快捷方式 到 宽带连接] <""> [] ================================================================ 任务计划 [SogouImeMgr.job] <"D:\工具\SOGOUI~1\423~1.281\PinyinRepair.exe" /S> [(Verified)Sogou.com Inc., 4.2.3.2810] ================================================================ 组件 -------------------------------- Shell Extension [Display Panning CPL Extension] <{42071714-76d4-11d1-8b24-00a0c9068ff3}> <> [] [HyperTerminal Icon Ext] <{88895560-9AA2-1069-930E-00AA0030EBC8}> [(Verified)Hilgraeve, Inc., 5.1.2600.0] [WinRAR shell extension] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [NvCpl DesktopContext Class] <{A70C977A-BF00-412C-90B7-034C51DA2439}> [(Verified)NVIDIA Corporation, 6.14.11.6921] [Desktop Explorer] <{1CDB2949-8F65-4355-8456-263E7C208A5D}> [N/A] [RISING] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] -------------------------------- Context Menu [QvodMenu] <{9F44453E-1E46-4D5C-B57C-112FF2EDAE82}> [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] [RisingRavExt] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [WinRAR] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [00nView] <{1E9B04FB-F9E5-4718-997B-B8DA88302A48}> [N/A] [NvCplDesktopContext] <{A70C977A-BF00-412C-90B7-034C51DA2439}> [(Verified)NVIDIA Corporation, 6.14.11.6921] -------------------------------- BrowserHelperObject [Adobe PDF Link Helper] <{18DF081C-E8AD-4283-A596-FA578C2EBDC3}> [(Verified)Adobe Systems Incorporated, 9.1.0.2009022700] [SafeMon Class] <{B69F34DD-F0F9-42DC-9EDD-957187DA688D}> [(Verified)360.CN, 5, 0, 0, 1020] -------------------------------- ActiveX Extension [ThunderAtOnce Class] <{01443AEC-0FD1-40FD-9C87-E93D1494C233}> [(Verified)深圳市迅雷网络技术有限公司, 5.9.4.969] [Adobe PDF Link Helper] <{18DF081C-E8AD-4283-A596-FA578C2EBDC3}> [(Verified)Adobe Systems Incorporated, 9.1.0.2009022700] [iTrusPTA Class] <{1E0DFFCF-27FF-4574-849B-55007349FEDA}> [(Verified)Copyright 2001, 2, 5, 1, 509] [QuickTime Object] <{4063BE15-3B08-470D-A0D5-B37161CFFD69}> [(Verified)Apple Inc., 7.6 (1292)] [Thunder Agent Class] <{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}> [(Verified)深圳市迅雷网络技术有限公司, 5.9.4.969] [EditCtrl Class] <{488A4255-3236-44B3-8F27-FA1AECAA8844}> [(Verified)Copyright 2008, 2, 2, 0, 1] [PowerPlayer Control] <{5EC7C511-CD0F-42E6-830C-1BD9882F3458}> [(Verified)PPStream Inc., 2,3,550,1950] [XMP Class] <{6483F145-A768-4C41-AACC-52D4D7845851}> [深圳市迅雷网络技术有限公司, 2, 1, 9, 102] [MediaComm Class] <{7670648D-461B-42AF-BDFE-46D26AF5EFF2}> [(Verified)深圳市迅雷网络技术有限公司, 3, 1, 7, 83] [XDownloaddManager Class] <{802F530B-A8F6-4631-AE49-6BACAAC6373E}> [(Verified)深圳市迅雷网络技术有限公司, 5.9.4.969] [360SafeLive] <{87515F61-A66C-4319-A0E0-D416CB8059E3}> [(Verified)360.cn, 1, 0, 2, 1006] [XML DOM 文档 5.0] <{88D969E5-F192-11D4-A65F-0040963251E5}> [Microsoft Corporation, 5.00.2916.0] [SSOForPTLogin Class] <{8FC1EE75-72B3-4A23-B987-2B1C4C8A611B}> [(Verified)Tencent, 1.0.0.2] [OFrameObject Class] <{9701758C-4373-482E-B13C-776C048EC890}> [(Verified)ShenZhen PiaoYi Network Technology Co.,Ltd., 2, 3, 5904, 188] [VersionDetector Class] <{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B}> [(Verified)深圳市迅雷网络技术有限公司, 1, 1, 0, 22] [APlayer Control] <{A9322148-C691-4B9D-91FC-B9C461DBE9DD}> [(Verified)ShenZhen Thunder Networking Technologies, LTD, 1.0.0.58] [WebVGPlayer Class] <{AA899B43-24BD-4B6B-BBD0-45557D8D11E0}> [N/A] [SafeMon Class] <{B69F34DD-F0F9-42DC-9EDD-957187DA688D}> [(Verified)360.CN, 5, 0, 0, 1020] [QQPlayerCtrl Class] <{CD108273-D434-43E6-AA90-1469F97EB398}> [] [RealPlayer G2 Control] <{CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA}> [(Verified)RealNetworks, Inc., 6.0.10.72] [Shockwave Flash Object] <{D27CDB6E-AE6D-11CF-96B8-444553540000}> [(Verified)Adobe Systems, Inc., 10,0,22,87] [QuickTimeCheck Class] <{DE4AF3B0-F4D4-11D3-B41A-0050DA2E6C21}> [(Verified)Apple Inc., 7.6 (1292)] [TimwpDll.TimwpCheck] <{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4}> [(Verified)Tencent, 1, 30, 860, 0] [ViewgoodIPMan Class] <{F1263FCF-83C7-4CD5-907A-C8B59D0039A9}> [Copyright 2007, 1, 0, 0, 1] [QvodCtrl Class] <{F3D0D36F-23F8-4682-A195-74C92B03D4AF}> [(Verified)Shenzhen QVOD Technology Co.,Ltd, 3, 5, 0, 59] [XPPlayer Class] <{F3E70CEA-956E-49CC-B444-73AFE593AD7F}> [(Verified)深圳市迅雷网络技术有限公司, 2, 1, 59010, 253] ================================================================ 服务 [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [(Verified)NVIDIA Corporation, 6.14.11.6921] [Rav Process Communication Center / RavCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [Rising RavTask Manager / RavTask][Running/Auto Start] <"C:\Program Files\Rising\Rav\RavTask.exe" RavTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] [Rfw Process Communication Center / RfwCCenter][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [Rising Personal Firewall Service / RfwService][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] [Rising RfwTask Manager / RfwTask][Running/Auto Start] <"C:\Program Files\Rising\RFW\RavTask.exe" RfwTask> [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [Rising Scan Service / RsScanSrv][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12] ================================================================ 驱动 [ATSpy / ATSpy][Stopped/Manual Start] <\??\C:\WINDOWS\system32\ATSpy.sys> [] [hid7906 / hid7906][Stopped/Manual Start] [Compuware Corporation, 3.10] [hid8101 / hid8101][Stopped/Manual Start] [Compuware Corporation, 3.10] [hid8103 / hid8103][Stopped/Manual Start] [Compuware Corporation, 3.10] [npkcrypt / npkcrypt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkcrypt.sys> [] [npkycryp / npkycryp][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkycryp.sys> [] [oreans32 / oreans32][Running/System Start] <\??\C:\WINDOWS\system32\drivers\oreans32.sys> [N/A] [sptd / sptd][Running/Boot Start] [N/A] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [360AntiArp / 360AntiArp][Running/System Start] <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys> [(Verified)360安全中心, 1, 2, 0, 1003] [360SelfProtection / 360SelfProtection][Running/System Start] [(Verified)360安全中心, 1, 0, 0, 1005] [AMD Processor Driver / AmdK8][Running/System Start] [(Verified)Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226)] [AMD Low Level Device Driver / AmdLLD][Running/Manual Start] [(Verified)AMD, Inc., 1.0.0.0] [atksgt / atksgt][Running/Auto Start] [(Verified)N/A] [BFSDRV / BFSDRV][Running/Manual Start] <\??\C:\WINDOWS\system32\drivers\bfsdrv.sys> [(Verified)360安全中心, 1.0.0.1003] [BREGDRV / BREGDRV][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\bregdrv.sys> [(Verified)360安全中心, 1.0.0.1012] [EfiSystemMon / EfiMon][Running/System Start] [(Verified)奇虎网, 1, 0, 0, 1003] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 6] [HookPort / HookPort][Running/Boot Start] [(Verified)360安全中心, 1, 0, 0, 1003] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 55] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5404 built by: WinDDK] [lirsgt / lirsgt][Running/Auto Start] [(Verified)N/A] [nv / nv][Running/Manual Start] [(Verified)NVIDIA Corporation, 6.14.11.6921] [DDK PACKET Protocol / Packet][Running/Manual Start] [(Verified)360安全中心, 1, 2, 0, 1002] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.2] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\RFW\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.7] [rsfwdrv / rsfwdrv][Running/System Start] <\??\C:\Program Files\Rising\RFW\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.47] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] [RsProtect / RsProtect][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 15] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\drivers\SafeBoxKrnl.sys> [(Verified)360安全中心, 2, 4, 0, 1004] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086] [TesDrvPt / TesDrvPt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesDrvPt.sys> [(Verified)TENCENT, 1.0.5 built by: WinDDK] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [(Verified)TENCENT, 0, 1, 0, 4] [NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start] [(Verified)Marvell, 10.15.4.3 built by: WinDDK] ================================================================ 活动进程 [PID: 1112 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] [PID: 1352 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] [PID: 1524 / SYSTEM] C:\Program Files\Rising\Rav\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\Program Files\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37] C:\Program Files\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] [PID: 1548 / SYSTEM] C:\Program Files\Rising\RFW\CCENTER.EXE [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] C:\Program Files\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\Program Files\Rising\RFW\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 37] [PID: 1556 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] c:\windows\system32\msi.dll [Microsoft Corporation, 4.5.6001.22159] [PID: 1600 / SYSTEM] C:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20] C:\Program Files\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 40] C:\Program Files\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [PID: 1612 / SYSTEM] C:\Program Files\Rising\RFW\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] C:\Program Files\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20] C:\Program Files\Rising\RFW\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 40] C:\Program Files\Rising\RFW\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] [PID: 1660 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] [PID: 1840 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] [PID: 1904 / SYSTEM] C:\Program Files\Rising\RFW\rfwsrv.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\RFW\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] C:\Program Files\Rising\RFW\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25] C:\Program Files\Rising\RFW\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.89] C:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\RFW\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.0] C:\Program Files\Rising\RFW\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.3] C:\Program Files\Rising\RFW\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.5] C:\Program Files\Rising\RFW\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.18] C:\Program Files\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] C:\Program Files\Rising\RFW\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\RFW\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] C:\Program Files\Rising\RFW\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] C:\Program Files\Rising\RFW\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] C:\Program Files\Rising\RFW\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20] C:\Program Files\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\Program Files\Rising\RFW\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] [PID: 1924 / SYSTEM] C:\Program Files\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\Program Files\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] C:\Program Files\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9] C:\Program Files\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 31] C:\Program Files\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] C:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 9] C:\Program Files\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28] C:\Program Files\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 24] C:\Program Files\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 18] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 23, 0, 0, 12] C:\Program Files\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] C:\Program Files\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 22] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] C:\Program Files\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.19] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.39] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] C:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] C:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] C:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 6] C:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] C:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 54] C:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] C:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Rav\methodex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] C:\Program Files\Rising\Rav\pecompd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 1] C:\Program Files\Rising\Rav\heurex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\Program Files\Rising\Rav\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15] C:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 5] C:\Program Files\Rising\Rav\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 3] [PID: 196 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] C:\WINDOWS\system32\mdimon.dll [Microsoft Corporation, 11.3.1897.0] C:\WINDOWS\system32\msi.dll [Microsoft Corporation, 4.5.6001.22159] C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll [Microsoft Corporation, 11.3.1897.0] C:\WINDOWS\System32\spool\PRTPROCS\W32X86\filterpipelineprintproc.dll [Microsoft Corporation, 6.0.6000.16438 (winmain(wmbla).070123-1305)] [PID: 276 / SYSTEM] C:\Program Files\Rising\Rav\rsnetsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 15] C:\Program Files\Rising\Rav\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] [PID: 436 / Bird] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] D:\工具\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1020] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [(Verified)Adobe Systems, Inc., 9.1.0.2009022700] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS [N/A] C:\WINDOWS\system32\nvcpl.dll [(Verified)NVIDIA Corporation, 6.14.11.6921] C:\WINDOWS\system32\NVRSZHC.DLL [NVIDIA Corporation, 6.14.11.6921] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.6921] C:\WINDOWS\system32\nvshell.dll [N/A] C:\Program Files\WinRAR\rarext.dll [N/A] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 12] D:\工具\QvodPlayer\QvodBand.dll [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 0] [PID: 752 / Bird] C:\WINDOWS\RTHDCPL.EXE [(Verified)Realtek Semiconductor Corp., 2.1.3.2] D:\工具\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1020] [PID: 764 / Bird] C:\Program Files\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22] C:\Program Files\Rising\Rav\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] C:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] C:\Program Files\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.14] C:\Program Files\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20] C:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.26] C:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29] C:\Program Files\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 10] C:\Program Files\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.1.4] C:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 23] C:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.17] C:\Program Files\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] [PID: 780 / Bird] C:\Program Files\Rising\RFW\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.22] C:\Program Files\Rising\RFW\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.49] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\RFW\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 28] C:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\RFW\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 2] C:\Program Files\Rising\RFW\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\Program Files\Rising\RFW\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 7] C:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.25] C:\Program Files\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.20] C:\Program Files\Rising\RFW\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.26] C:\Program Files\Rising\RFW\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 75] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\RFW\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 29] C:\Program Files\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 14] C:\Program Files\Rising\RFW\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\Program Files\Rising\RFW\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 1, 12] C:\Program Files\Rising\RFW\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] [PID: 840 / Bird] C:\Program Files\Rising\Rav\rssafety.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 3.0.0.63] [PID: 564 / Bird] C:\Program Files\VIEWGOOD\WebPlayer 2007\WebPlayerDeamon.exe [南京远古科技有限公司, 8.0.0.3] C:\Program Files\VIEWGOOD\WebPlayer 2007\AsyncHttp71.dll [南京远古科技, 1, 2, 0, 0] C:\Program Files\VIEWGOOD\WebPlayer 2007\FileOperation.dll [VIEWGOOD, 8, 0, 0, 0] C:\Program Files\VIEWGOOD\WebPlayer 2007\zipdll.dll [N/A] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] D:\工具\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1020] [PID: 1144 / Bird] C:\Program Files\handstar_tf\penmin.exe [版权所有 (C) 2005, 1, 0, 0, 1] C:\Program Files\handstar_tf\padcom.dll [N/A] [PID: 1832 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [(Verified)NVIDIA Corporation, 6.14.11.6921] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.6921] [PID: 724 / SYSTEM] C:\Program Files\Rising\Rav\ScanFrm.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.12] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 11] C:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 13] C:\Program Files\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.13] C:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 46] C:\Program Files\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.10] C:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [PID: 3040 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] [PID: 700 / Bird] C:\WINDOWS\system32\wscntfy.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2108)] D:\工具\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1020] [PID: 3036 / Bird] D:\工具\QQ\Bin\TXPlatform.exe [(Verified)Tencent, 1, 30, 860, 0] D:\工具\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1020] D:\工具\QQ\Bin\TXPFProxy.dll [(Verified)Tencent, 1, 30, 860, 0] [PID: 4032 / LOCAL SERVICE] C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [(Verified)Microsoft Corporation, 3.0.6920.1109 (lh_tools_devdiv_wpf.071009-1109)] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\32e6f703c114f3a971cbe706586e3655\mscorlib.ni.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\ba0e3a22211ba7343e0116b051f2965a\System.ni.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationFontCac#\4ce7fd62d4107fbe996ab305eb21ee6a\PresentationFontCache.ni.exe [Microsoft Corporation, 3.0.6920.1109 (lh_tools_devdiv_wpf.071009-1109)] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\193ac978af569ad9ee45110b359961b9\System.ServiceProcess.ni.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\0703021437c2ec71213a6b701771be86\WindowsBase.ni.dll [Microsoft Corporation, 3.0.6920.1109 (lh_tools_devdiv_wpf.071009-1109)] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PresentationCore\011f8e31d197b4ccb6a61c2267a38e5c\PresentationCore.ni.dll [Microsoft Corporation, 3.0.6920.1109 (lh_tools_devdiv_wpf.071009-1109)] C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess.resources\2.0.0.0_zh-CHS_b03f5f7f11d50a3a\System.ServiceProcess.resources.dll [Microsoft Corporation, 2.0.50727.1433 (REDBITS.050727-1400)] [PID: 2052 / Bird] C:\Program Files\Internet Explorer\IEXPLORE.EXE [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] D:\工具\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1020] [PID: 4028 / Bird] C:\Program Files\Internet Explorer\IEXPLORE.EXE [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] D:\工具\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1020] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [(Verified)Adobe Systems Incorporated, 9.1.0.2009022700] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [(Verified)Adobe Systems Incorporated, 9.1.0.2009022700] D:\工具\360safe\safemon\urlproc.dll [(Verified)360.CN, 1, 0, 0, 1006] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] C:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.76] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87] [PID: 1884 / Bird] C:\Program Files\Internet Explorer\IEXPLORE.EXE [(Verified)Microsoft Corporation, 8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)] D:\工具\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1020] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [(Verified)Adobe Systems Incorporated, 9.1.0.2009022700] D:\工具\360safe\safemon\urlproc.dll [(Verified)360.CN, 1, 0, 0, 1006] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] C:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.76] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [(Verified)Adobe Systems Incorporated, 9.1.0.2009022700] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 4.2.3.2810] D:\工具\SogouInput\4.2.3.2810\Resource.dll [(Verified)Sogou.com Inc., 4.2.3.2810] [PID: 3132 / Bird] D:\工具\arswp3\arswp3.exe [(Verified)(C) 2006 - 2009 Windows 清 理 助 手, 3.0.6.628] D:\工具\360safe\safemon\safemon.dll [(Verified)360.CN, 5, 0, 0, 1020] C:\WINDOWS\system32\gamelsp.dll [Copyright (C) GameCap, 6, 0, 3, 20] ================================================================ 文件关联 ================================================================ Autorun.Inf ================================================================ Winsock提供者 [gamelsp on MSAFD Tcpip [TCP/IP]] [Copyright (C) GameCap, 6, 0, 3, 20] [gamelsp on MSAFD Tcpip [UDP/IP]] [Copyright (C) GameCap, 6, 0, 3, 20] [gamelsp on MSAFD Tcpip [RAW/IP]] [Copyright (C) GameCap, 6, 0, 3, 20] [gamelsp] [Copyright (C) GameCap, 6, 0, 3, 20] ================================================================ 隐藏进程 [PID: 3680] D:\工具\Thunder\Program\Thunder.exe [(Verified)深圳市迅雷网络技术有限公司, 5.9.4.969] [PID: 2868] D:\工具\QQ\Bin\QQ.exe [(Verified)Tencent, 1, 30, 860, 0] [PID: 808] D:\工具\360safe\safemon\360tray.exe [(Verified)360安全中心, 5, 2, 0, 1009] ================================================================ 可疑文件 ================================================================ HOSTS 127.0.0.1 v.onondown.com.cn 127.0.0.2 ymsdasdw1.cn 127.0.0.3 h96b.info 127.0.0.0 fuck.zttwp.cn 127.0.0.0 www.hackerbf.cn 127.0.0.0 geekbyfeng.cn 127.0.0.0 121.14.101.68 127.0.0.0 ppp.etimes888.com 127.0.0.0 www.bypk.com 127.0.0.0 CSC3-2004-crl.verisign.com 127.0.0.1 va9sdhun23.cn 127.0.0.0 udp.hjob123.com 127.0.0.2 bnasnd83nd.cn 127.0.0.0 www.gamehacker.com.cn 127.0.0.0 gamehacker.com.cn 127.0.0.3 adlaji.cn 127.0.0.1 858656.com 127.1.1.1 bnasnd83nd.cn 127.0.0.1 my123.com 127.0.0.0 user1.12-27.net 127.0.0.1 8749.com 127.0.0.0 fengent.cn 127.0.0.1 4199.com 127.0.0.1 user1.16-22.net 127.0.0.1 7379.com 127.0.0.1 2be37c5f.3f6e2cc5f0b.com 127.0.0.1 7255.com 127.0.0.1 user1.23-12.net 127.0.0.1 3448.com 127.0.0.1 www.guccia.net 127.0.0.1 7939.com 127.0.0.1 a.o1o1o1.nEt 127.0.0.1 8009.com 127.0.0.1 user1.12-73.cn 127.0.0.1 piaoxue.com 127.0.0.1 3n8nlasd.cn 127.0.0.1 kzdh.com 127.0.0.0 www.sony888.cn 127.0.0.1 about.blank.la 127.0.0.0 user1.asp-33.cn 127.0.0.1 6781.com 127.0.0.0 www.netkwek.cn 127.0.0.1 7322.com 127.0.0.0 ymsdkad6.cn 127.0.0.1 localhost 127.0.0.0 www.lkwueir.cn 127.0.0.1 06.jacai.com 127.0.1.1 user1.23-17.net 127.0.0.1 1.jopenkk.com 127.0.0.0 upa.luzhiai.net 127.0.0.1 1.jopenqc.com 127.0.0.0 www.guccia.net 127.0.0.0 4m9mnlmi.cn 127.0.0.1 1.xqhgm.com 127.0.0.0 mm119mkssd.cn 127.0.0.1 100.332233.com 127.0.0.0 61.128.171.115:8080 127.0.0.1 121.11.90.79 127.0.0.0 www.1119111.com 127.0.0.1 121565.net 127.0.0.0 win.nihao69.cn 127.0.0.1 125.90.88.38 127.0.0.1 16888.6to23.com 127.0.0.0 puc.lianxiac.net 127.0.0.1 204.177.92.68 127.0.0.0 pud.lianxiac.net 127.0.0.1 210.74.145.236 127.0.0.0 210.76.0.133 127.0.0.1 219.129.239.220 127.0.0.0 61.166.32.2 127.0.0.1 219.153.40.221 127.0.0.0 218.92.186.27 127.0.0.1 219.153.46.27 127.0.0.0 www.fsfsfag.cn 127.0.0.1 219.153.52.123 127.0.0.0 ovo.ovovov.cn 127.0.0.1 221.195.42.71 127.0.0.0 dw.com.com 127.0.0.1 222.73.218.115 127.0.0.1 203.110.168.233:80 127.0.0.1 203.110.168.221:80 127.0.0.1 363xx.com 127.0.0.1 www1.ip10086.com.cm 127.0.0.1 4199.com 127.0.0.1 blog.ip10086.com.cn 127.0.0.1 43242.com 127.0.0.1 www.ccji68.cn 127.0.0.1 5.xqhgm.com 127.0.0.0 t.myblank.cn 127.0.0.1 520.mm5208.com 127.0.0.0 x.myblank.cn 127.0.0.1 59.34.131.54 127.0.0.1 210.51.45.5 127.0.0.1 59.34.198.228 127.0.0.1 www.ew1q.cn 127.0.0.1 59.34.198.88 127.0.0.1 59.34.198.97 127.0.0.1 60.190.114.101 127.0.0.1 60.190.218.34 127.0.0.0 qq-xing.com.cn 127.0.0.1 60.191.124.252 127.0.0.1 61.145.117.212 127.0.0.1 61.157.109.222 127.0.0.1 75.126.3.216 127.0.0.1 75.126.3.217 127.0.0.1 75.126.3.218 127.0.0.0 59.125.231.177:17777 127.0.0.1 75.126.3.220 127.0.0.1 75.126.3.221 127.0.0.1 75.126.3.222 127.0.0.1 772630.com 127.0.0.1 832823.cn 127.0.0.1 8749.com 127.0.0.1 888.jopenqc.com 127.0.0.1 89382.cn 127.0.0.1 8v8.biz 127.0.0.1 97725.com 127.0.0.1 9gg.biz 127.0.0.1 www.9000music.com 127.0.0.1 test.591jx.com 127.0.0.1 a.topxxxx.cn 127.0.0.1 picon.chinaren.com 127.0.0.1 www.5566.net 127.0.0.1 p.qqkx.com 127.0.0.1 news.netandtv.com 127.0.0.1 z.neter888.cn 127.0.0.1 b.myblank.cn 127.0.0.1 wvw.wokutu.com 127.0.0.1 unionch.qyule.com 127.0.0.1 www.qyule.com 127.0.0.1 it.itjc.cn 127.0.0.1 www.linkwww.com 127.0.0.1 vod.kaicn.com 127.0.0.1 www.tx8688.com 127.0.0.1 b.neter888.cn 127.0.0.1 promote.huanqiu.com 127.0.0.1 www.huanqiu.com 127.0.0.1 www.haokanla.com 127.0.0.1 play.unionsky.cn 127.0.0.1 www.52v.com 127.0.0.1 www.gghka.cn 127.0.0.1 icon.ajiang.net 127.0.0.1 new.ete.cn 127.0.0.1 www.stiae.cn 127.0.0.1 o.neter888.cn 127.0.0.1 comm.jinti.com 127.0.0.1 www.google-analytics.com 127.0.0.1 hz.mmstat.com 127.0.0.1 www.game175.cn 127.0.0.1 x.neter888.cn 127.0.0.1 z.neter888.cn 127.0.0.1 p.etimes888.com 127.0.0.1 hx.etimes888.com 127.0.0.1 abc.qqkx.com 127.0.0.1 dm.popdm.cn 127.0.0.1 www.yl9999.com 127.0.0.1 www.dajiadoushe.cn 127.0.0.1 v.onondown.com.cn 127.0.0.1 www.interoo.net 127.0.0.1 bally1.bally-bally.net 127.0.0.1 www.bao5605509.cn 127.0.0.1 www.rty456.cn 127.0.0.1 www.werqwer.cn 127.0.0.1 1.360-1.cn 127.0.0.1 user1.23-16.net 127.0.0.1 www.guccia.net 127.0.0.1 www.interoo.net 127.0.0.1 upa.netsool.net 127.0.0.1 js.users.51.la 127.0.0.1 vip2.51.la 127.0.0.1 web.51.la 127.0.0.1 qq.gong2008.com 127.0.0.1 2008tl.copyip.com 127.0.0.1 tla.laozihuolaile.cn 127.0.0.1 www.tx6868.cn 127.0.0.1 p001.tiloaiai.com 127.0.0.1 s1.tl8tl.com 127.0.0.1 s1.gong2008.com 127.0.0.1 4b3ce56f9g.3f6e2cc5f0b.com 127.0.0.1 2be37c5f.3f6e2cc5f0b.com [/CODE]