[CODE] 2010-02-26,21:42:43 SysLog Scanner 3.0 - build 20091220 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) ================================================================ 注册项 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"C:\Program Files\PPLive\PPLive.exe" /LoadModule ppvod.dll> [] <"C:\Program Files\Common Files\PPLiveNetwork\PPAP.exe" -background> [(Verified)PPLive Corporation, 2, 3, 0, 2] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Realtek Semiconductor Corp., 2.2.5.2] [(Verified)Realtek Semiconductor Corp., 1.6.0.2] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105) | NVIDIA Corporation, 6.14.11.7824] [AMD, 1, 1, 4, 0] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.27] <"D:\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.10] <"D:\Rising\Rfw\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.10] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions] <{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}> [(Verified)Thunder Networking Technologies,LTD, 5, 6, 8, 19] <{95B3F550-91C4-4627-BCC4-521288C52977}> [(Verified)PPLive Corporation, 2, 3, 0, 2] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt] <上传到淘江湖相册> [N/A] <使用迅雷下载> [N/A] <使用迅雷下载全部链接> [N/A] <添加为阿里旺旺表情> [N/A] ================================================================ 启动组 ================================================================ 任务计划 ================================================================ 组件 -------------------------------- ShellExecuteHook [ShlExecHack Class] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] -------------------------------- Shell Extension [Display Panning CPL Extension] <{42071714-76d4-11d1-8b24-00a0c9068ff3}> [] [任务栏和「开始」菜单] <{0DF44EAA-FF21-4412-828E-260A8728E7F1}> <> [] [WinRAR shell extension] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [NvCpl DesktopContext Class] <{A70C977A-BF00-412C-90B7-034C51DA2439}> [NVIDIA Corporation, 6.14.11.7824] [RISING] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] -------------------------------- ToolBar [瑞星卡卡工具条(&R)] <{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] -------------------------------- Context Menu [OpenFolder] <{0DE1378D-F811-40E6-B60A-1CC56F57D3E9}> [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1] [RisingKaKaExt] <{356B11FA-929F-4eb7-8B26-D7E3184DDD16}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [RisingRavExt] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [WinRAR] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] -------------------------------- BrowserHelperObject [ThunderAtOnce Class] <{01443AEC-0FD1-40fd-9C87-E93D1494C233}> [Thunder Networking Technologies,LTD, 1.0.5.34] [Thunder Browser Helper] <{889D2FEB-5411-4565-8998-1DD2C5261283}> [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120] [卡卡上网安全助手] <{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] [Download_Bho Class] <{A986E409-30CC-4185-89BB-AB212C104524}> [(Verified)Synacast, 1.0.5.56] [ICBC Anti-Phishing class] <{BB4491A2-D11A-4c6b-91C0-B53246A3122B}> [(Verified)中国工商银行, 1.0.6.29] -------------------------------- ActiveX Extension [ThunderAtOnce Class] <{01443AEC-0FD1-40FD-9C87-E93D1494C233}> [Thunder Networking Technologies,LTD, 1.0.5.34] [AxInputControl Class] <{73E4740C-08EB-4133-896B-8D0A7C9EE3CD}> [Copyright 2003, 1, 0, 0, 12] [Thunder Browser Helper] <{889D2FEB-5411-4565-8998-1DD2C5261283}> [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120] [AxSubmitControl Class] <{8D9E0B29-563C-4226-86C1-5FF2AE77E1D2}> [Copyright 2003, 1, 0, 0, 5] [卡卡上网安全助手] <{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] [Download_Bho Class] <{A986E409-30CC-4185-89BB-AB212C104524}> [(Verified)Synacast, 1.0.5.56] [ICBC Anti-Phishing class] <{BB4491A2-D11A-4C6B-91C0-B53246A3122B}> [(Verified)中国工商银行, 1.0.6.29] [Shockwave Flash Object] <{D27CDB6E-AE6D-11CF-96B8-444553540000}> [(Verified)Adobe Systems, Inc., 10,0,22,87] [瑞星卡卡工具条(&R)] <{DB9ECD4F-FB8F-4311-B3CE-90B976C2707C}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] [WWPicUploadCtrl Class] <{1D63232D-4F15-4A42-890D-EE617AA1537D}> [Alibaba software (Shanghai) Corporation, 1.0.0.1] [WangWangX Class] <{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B}> [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1] ================================================================ 服务 [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [NVIDIA Corporation, 6.14.11.7824] [Contrl Center of Storm Media / ccosm][Stopped/Auto Start] [(Verified)北京暴风网际科技有限公司, 3, 9, 5, 22] [ICBC Daemon Service / ICBC Daemon Service][Stopped/Auto Start] [(Verified)N/A] [Rav Service / RsRavMon][Running/Auto Start] <"D:\Rising\Rav\RavMonD.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [RFW Service / RsRFWMon][Running/Auto Start] <"D:\Rising\Rfw\RavMonD.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] ================================================================ 驱动 [360procmon / 360procmon][Stopped/Manual Start] <\??\D:\360\360Safe\safemon\360procmon.sys> [] [EagleNT / EagleNT][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys> [] [hptpro / hptpro][Stopped/Boot Start] [HighPoint Technologies, Inc., 1.23.12.10] [nv / nv][Running/Manual Start] [NVIDIA Corporation, 6.14.11.7824] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_gdr.080620-1249)] [AMD AGP Bus Filter Driver / amdagp][Running/Boot Start] [(Verified)Advanced Micro Devices, Inc., 5.00 (xpsp.080413-2111)] [AMD Processor Driver / AmdK8][Running/System Start] [(Verified)Advanced Micro Devices, 1.3.2 (dnsrv(wmbla).060701-2226)] [AMD Low Level Device Driver / AmdLLD][Running/Manual Start] [(Verified)AMD, Inc., 1.0.1.0] [AtpKrnl / AtpKrnl][Running/Manual Start] [(Verified)www.arswp.com, 3.00] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 2] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 28] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5745 built by: WinDDK] [NVIDIA nForce 10/100 Mbps Ethernet / NVENETFD][Running/Manual Start] [(Verified)NVIDIA Corporation, 1.00.02.06789] [nvgts / nvgts][Running/Boot Start] [(Verified)NVIDIA Corporation, 10.3.0.42 built by: WinDDK] [NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start] [(Verified)NVIDIA Corporation, 1.00.01.06789] [nvsmu / nvsmu][Running/Manual Start] [(Verified)NVIDIA Corporation, 5.10.2600.0161 built by: WinDDK] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)] [Rising RfwARP Driver / RFWARP][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] [rfwtdi / rfwtdi][Running/Auto Start] <\??\D:\Rising\Rfw\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [rsassist / rsassist][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 2] [rsfwdrv / rsfwdrv][Running/System Start] <\??\D:\Rising\Rfw\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.35] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22. 0. 0.4] [RsProtect / RsProtect][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 5] [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start] [(Verified)Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\WINDOWS\system32\Drivers\safeboxkrnl.sys> [(Verified)360安全中心, 2, 3, 0, 1007] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086] [SATALink driver accelerator / SiFilter][Running/Boot Start] [(Verified)Silicon Image, Inc., 1.0.0.11] [SATALink External Device Filter / SiRemFil][Running/Boot Start] [(Verified)Silicon Image, Inc., 1, 1, 7, 0] [SIS AGP Bus Filter / sisagp][Running/Boot Start] [(Verified)Silicon Integrated Systems Corporation, 5.12.01.2010 (xpsp.080413-2111)] ================================================================ 活动进程 [PID: 948 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] C:\WINDOWS\system32\l3codeca.acm [(Verified)Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305] [PID: 1004 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1188 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1236 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1376 / SYSTEM] D:\Rising\Rfw\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Rising\Rfw\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] D:\Rising\Rfw\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] D:\Rising\Rfw\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rfw\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] D:\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] D:\Rising\Rfw\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] D:\Rising\Rfw\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.2] D:\Rising\Rfw\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] D:\Rising\Rfw\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Rising\Rfw\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] D:\Rising\Rfw\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.5] D:\Rising\Rfw\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rfw\RfwArp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.5] D:\Rising\Rfw\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] D:\Rising\Rfw\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] D:\Rising\Rfw\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] D:\Rising\Rfw\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rfw\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rfw\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rfw\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 67] D:\Rising\Rfw\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Rising\Rfw\rsindent.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11] D:\Rising\Rfw\taskplug.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] D:\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Rising\Rfw\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Rising\Rfw\NComm2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rfw\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] D:\Rising\Rfw\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] D:\Rising\Rfw\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [PID: 1408 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1568 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1712 / ] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1828 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1080 / ] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1480 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation, 6.14.11.7824] C:\WINDOWS\system32\nvapi.dll [NVIDIA Corporation, 6.14.11.7824] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 2216 / SYSTEM] D:\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] D:\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] D:\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] D:\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.41] D:\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] D:\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 46] D:\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] D:\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29] D:\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] D:\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12] D:\Rising\Rav\rsindent.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11] D:\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] D:\Rising\Rav\taskplug.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] D:\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] D:\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] D:\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 3] D:\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] D:\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] D:\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 1] D:\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 35] D:\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] D:\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rav\bawhite.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] D:\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.22] D:\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] D:\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] D:\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] D:\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] D:\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] D:\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 68] D:\Rising\Rav\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] D:\Rising\Rav\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.19] D:\Rising\Rav\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] D:\Rising\Rav\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Rising\Rav\ur023.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Rising\Rav\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Rising\Rav\scantj.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Rising\Rav\methodex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rav\heurex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 15] D:\Rising\Rav\pecompd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] D:\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] D:\Rising\Rav\extsfx.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] [PID: 3128 / admin] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 20] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16] C:\WINDOWS\system32\l3codeca.acm [(Verified)Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305] C:\WINDOWS\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\WinRAR\rarext.dll [N/A] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\WINDOWS\system32\kakaext.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\Program Files\AliWangWang\AliIMExt.dll [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 3200 / admin] C:\WINDOWS\RTHDCPL.EXE [(Verified)Realtek Semiconductor Corp., 2.2.5.2] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 3232 / admin] C:\Program Files\Rising\AntiSpyware\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.27] C:\Program Files\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] C:\Program Files\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] C:\Program Files\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.44] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] D:\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\AntiSpyware\pscan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.94] C:\Program Files\Rising\AntiSpyware\MFC71.DLL [Microsoft Corporation, 7.10.3077.0] [PID: 3240 / admin] D:\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.10] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] D:\Rising\Rav\comserv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] D:\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] D:\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] D:\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] D:\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57] D:\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] D:\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] D:\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] D:\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7] D:\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.74] D:\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] D:\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Rising\Rav\scanleak.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] D:\Rising\Rav\ravppops.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] D:\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] D:\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [PID: 3264 / admin] D:\Rising\Rfw\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.10] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] D:\Rising\Rfw\comserv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] D:\Rising\Rfw\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Rising\Rfw\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] D:\Rising\Rfw\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] D:\Rising\Rfw\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Rising\Rfw\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Rising\Rfw\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Rising\Rfw\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] D:\Rising\Rfw\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] D:\Rising\Rfw\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] D:\Rising\Rfw\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57] D:\Rising\Rfw\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] D:\Rising\Rfw\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Rising\Rfw\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Rising\Rfw\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 39] D:\Rising\Rfw\ravppops.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] D:\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Rising\Rfw\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] D:\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] [PID: 3288 / admin] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 2704 / admin] C:\WINDOWS\system32\conime.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 3216 / admin] C:\Program Files\Rising\AntiSpyware\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 2136 / admin] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll [Thunder Networking Technologies,LTD, 1.0.5.34] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 20] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16] C:\WINDOWS\system32\urlFilter.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15] C:\Program Files\Rising\AntiSpyware\UrlRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.21] C:\Program Files\PPLive\PPVA\DownloaderManager.dll [(Verified)Synacast, 1.0.5.56] C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\Icbc_AntiPhishing.dll [(Verified)中国工商银行, 1.0.6.29] C:\Program Files\ICBCEbankTools\ICBCAntiPhishing\KeyMonitor.dll [(Verified)N/A] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] D:\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87] C:\WINDOWS\system32\l3codeca.acm [(Verified)Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305] C:\Program Files\Thunder Network\Thunder\ComDlls\ThunderAgent_Now.dll [(Verified)Thunder Networking Technologies,LTD, 6, 0, 5, 47] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [PID: 2884 / admin] C:\Program Files\Thunder Network\Thunder\Program\Thunder5.exe [(Verified)Thunder Networking Technologies,LTD, 5.8.9.662] C:\Program Files\Thunder Network\Thunder\Program\BugReport.dll [Thunder Networking Technologies,LTD, 1, 4, 1, 20] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] C:\Program Files\Thunder Network\Thunder\Program\TaskManager.dll [Thunder Networking Technologies,LTD, 1, 3, 10, 73] C:\Program Files\Thunder Network\Thunder\Program\download_interface.dll [Thunder Networking Technologies,LTD, 3, 4, 2, 333] C:\Program Files\Thunder Network\Thunder\Program\mp.dll [Thunder Networking Technologies,LTD, 1, 0, 2, 5] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Thunder Network\Thunder\Program\asyn_frame.dll [Thunder Networking Technologies,LTD, 1, 3, 2, 32] C:\Program Files\Thunder Network\Thunder\Program\ATL71.DLL [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Thunder Network\Thunder\Program\XLNet.Dll [Thunder Networking Technologies,LTD, 1, 5, 2, 25] C:\Program Files\Thunder Network\Thunder\Program\BHOStub.dll [Thunder Networking Technologies,LTD, 1, 1, 1, 12] C:\Program Files\Thunder Network\Thunder\Program\FloatBar.dll [Giganology Inc., 1, 0, 0, 2] C:\Program Files\Thunder Network\Thunder\Components\DownAndPlay\DownAndPlay.dll [Copyright 2007, 1, 0, 12, 30] C:\Program Files\Thunder Network\Thunder\Program\backend_agent.dll [Thunder Networking Technologies,LTD, 1, 1, 2, 27] C:\Program Files\Thunder Network\Thunder\Program\zlib1.dll [(C) 1995-2004 Jean-loup Gailly & Mark Adler, 1.2.3] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Thunder Network\Thunder\Program\p2sp.dll [Thunder Networking Technologies,LTD, 1, 1, 2, 59] C:\Program Files\Thunder Network\Thunder\Program\fs.dll [Thunder Networking Technologies,LTD, 1, 1, 2, 17] C:\Program Files\Thunder Network\Thunder\Program\down_dispatcher.dll [Thunder Networking Technologies,LTD, 1, 0, 2, 42] C:\Program Files\Thunder Network\Thunder\Program\ptl.dll [Thunder Networking Technologies,LTD, 3, 2, 2, 55] C:\Program Files\Thunder Network\Thunder\Program\dl_peer_id.dll [Thunder Networking Technologies,LTD, 3, 1, 2, 4] C:\Program Files\Thunder Network\Thunder\Program\xl_stat.dll [Copyright 2007, 1, 0, 2, 7] C:\Program Files\Thunder Network\Thunder\Program\iTargetAD.dll [Thunder Networking Technologies,LTD, 1, 0, 4, 35] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87] D:\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\Program Files\Thunder Network\Thunder\Program\p2p.dll [Thunder Networking Technologies,LTD, 1,1,2,48] C:\Program Files\Thunder Network\Thunder\Program\p2p_upload.dll [Thunder Networking Technologies,LTD, 1,1,2,13] C:\Program Files\Thunder Network\Thunder\Program\xldc.dll [Thunder Networking Technologies,LTD, 4, 0, 2, 28] C:\Program Files\Thunder Network\Thunder\Program\stream.dll [ShenZhen Thunder Networking Technologies,Ltd., 2, 1, 2, 1046] C:\WINDOWS\system32\l3codeca.acm [(Verified)Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305] C:\Program Files\Thunder Network\Thunder\Program\p2p_local_res.dll [Thunder Networking Technologies,LTD, 1,1,2,18] C:\Program Files\Thunder Network\Thunder\Program\al.dll [Thunder Networking Technologies,LTD, 1,1,2,31] C:\Program Files\Thunder Network\Thunder\Program\media_data.dll [Copyright 2008, 1, 0, 2, 7] C:\Program Files\Thunder Network\Thunder\Program\sl.dll [Thunder Networking Technologies,LTD, 1.0.2.2] C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbedShell.dll [ShenZhen Thunder Networking Technologies,LTD, 3, 4, 12, 125] C:\Program Files\Thunder Network\Thunder\Components\InMedia\iEmbed22.dll [ShenZhen Thunder Networking Technologies,LTD, 3, 4, 12, 125] C:\Program Files\Thunder Network\Thunder\Components\InMedia\XLIPC.DLL [ShenZhen Thunder Networking Technologies,LTD, 1, 0, 0, 2] C:\Program Files\Thunder Network\Thunder\Program\p2sp_pd.dll [Thunder Networking Technologies,LTD, 1, 0, 2, 5] C:\Program Files\Thunder Network\Thunder\Components\P4PClient\P4PClient.dll [Thunder Networking Technologies,LTD, 2, 2, 5, 70] C:\Program Files\Thunder Network\Thunder\Components\Community\XLCommunity.dll [Thunder Networking Technologies,LTD, 2, 6, 0, 104] C:\Program Files\Thunder Network\Thunder\Program\RegisterDll.dll [Thunder Networking Technologies,LTD, 2, 17, 0, 67] C:\Program Files\Thunder Network\Thunder\Program\MSVCIRT.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\Program Files\Thunder Network\Thunder\Program\XLNetU.Dll [Thunder Networking Technologies,LTD, 1, 5, 1, 24] C:\Program Files\Thunder Network\Thunder\Program\imdt.dll [Thunder Networking Technologies,LTD, 1.2.0.21] C:\Program Files\Thunder Network\Thunder\Components\Security\ThunderSafe.dll [Xunlei Networking Technologies,LTD, 2, 1, 8, 106] C:\Program Files\Thunder Network\Thunder\Components\Security\ConfigManager.dll [深圳市迅雷网络技术有限公司, 1, 0, 0, 1] C:\Program Files\Thunder Network\Thunder\Components\Security\SafeManager.dll [Xunlei Networking Technologies,LTD, 1, 0, 5, 20] C:\Program Files\Thunder Network\Thunder\Components\Security\SafeStatistic.dll [Xunlei Networking Technologies,LTD, 1, 0, 0, 1] C:\Program Files\Thunder Network\Thunder\Plugins\XLSafeHost\XLSafeHost.dll [深圳市迅雷网络技术有限公司, 1, 2, 19, 106] C:\Program Files\Thunder Network\Thunder\Components\Search\XLSearch.dll [Thunder Networking Technologies,LTD, 1, 1, 7, 25] C:\Program Files\Thunder Network\Thunder\Program\emule_id.dll [Copyright 2007, 1, 0, 2, 12] C:\Program Files\Thunder Network\Thunder\Program\LiveUpdate.dll [Thunder Networking Technologies,LTD, 1, 2, 4, 26] C:\Program Files\Thunder Network\Thunder\Plugins\NetGame\XLNetGame.dll [版权所有 (C) 2008, 1, 0, 0, 2] C:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\DrThunderHost.dll [深圳市迅雷网络技术有限公司, 1.0.0.17] C:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\DrKernel.dll [深圳市迅雷网络技术有限公司, 1.0.0.8] C:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\DrSoftIdentifier.dll [深圳市迅雷网络技术有限公司, 1.0.0.10] C:\Program Files\Thunder Network\Thunder\Components\XLSoftBase\DrUpdate.dll [深圳市迅雷网络技术有限公司, 1.1.0.8] C:\Program Files\Thunder Network\Thunder\Program\xldcsubtask.dll [Thunder Networking Technologies,LTD, 1, 0, 2, 13] C:\Program Files\Thunder Network\Thunder\Plugins\GouGouTop\GouGouTop.dll [Thunder Networking Technologies,LTD, 1, 0, 2, 7] C:\Program Files\Thunder Network\Thunder\Components\ExplorerHelper\ExplorerHelper.dll [Thunder Networking Technologies,LTD, 1, 0, 4, 26] C:\Program Files\Thunder Network\Thunder\Components\Tips\TipsClient.dll [(Verified)深圳市迅雷网络技术有限公司, 3, 0, 3, 137] C:\Program Files\Thunder Network\Thunder\Components\Tips\XLSkin.dll [(Verified)深圳市迅雷网络技术有限公司, 1, 0, 1, 3] C:\Program Files\Thunder Network\Thunder\Components\VPSHELL\VPSHELL.dll [迅雷网络, 4, 0, 0, 38] C:\Program Files\Thunder Network\Thunder\Components\UserExperience\UserExperience.dll [Thunder Networking Technologies,LTD, 1, 0, 3, 5] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsXlCom.dll [版权所有 (C) 2007, 1, 0, 0, 30] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\MediaWorker.dll [Thunder Networking Technologies,LTD, 1, 2, 0, 22] C:\Program Files\Thunder Network\Thunder\Components\DownloadStat\DownloadStat.dll [Thunder Networking Technologies,LTD, 1, 4, 1, 6] C:\Program Files\Thunder Network\Thunder\Program\bd.dll [Thunder Networking Technologies,LTD, 1, 0, 2, 20] [PID: 3316 / admin] C:\Program Files\arswp3\arswp3.exe [(Verified)Windows 清理助手, 3.0.14.0130] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] D:\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87] C:\WINDOWS\system32\l3codeca.acm [(Verified)Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305] [PID: 3944 / admin] C:\Program Files\Rising\AntiSpyware\ras.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.7] C:\Program Files\Rising\AntiSpyware\MFC71.DLL [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] C:\Program Files\Rising\AntiSpyware\KakaMgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.30] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] D:\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\AntiSpyware\dbmgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.4] C:\Program Files\Rising\AntiSpyware\RSXML.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] C:\Program Files\Rising\AntiSpyware\pweb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.24] C:\Program Files\Rising\AntiSpyware\pscan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.94] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] C:\Program Files\Rising\AntiSpyware\pset.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12] C:\Program Files\Rising\AntiSpyware\pdefend.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.15] C:\Program Files\Rising\AntiSpyware\ptools.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.18] C:\Program Files\Rising\AntiSpyware\psysinfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.72] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\Program Files\Rising\AntiSpyware\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)] D:\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\WINDOWS\system32\Macromed\Flash\Flash10b.ocx [(Verified)Adobe Systems, Inc., 10,0,22,87] C:\WINDOWS\system32\l3codeca.acm [(Verified)Fraunhofer Institut Integrierte Schaltungen IIS, 1, 9, 0, 0305] ================================================================ 文件关联 ================================================================ Autorun.Inf ================================================================ Winsock提供者 ================================================================ 隐藏进程 ================================================================ 可疑文件 ================================================================ HOSTS 127.0.0.1 localhost [/CODE]