[CODE] 2010-04-22,10:47:41 SysLog Scanner 3.0 - build 20091220 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) ================================================================ 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"D:\Program Files\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.11] <"D:\Program Files\Rising\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.29] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3] [HKEY_CURRENT_USER\Control Panel\Desktop] [Longbow Digital Arts, 1.1a] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions] <{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}> [(Verified)深圳市迅雷网络技术有限公司, 5,8,14,706] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt] <使用迅雷下载> [N/A] <使用迅雷下载全部链接> [N/A] ================================================================ 启动组 ================================================================ 任务计划 [SogouImeMgr.job] <"d:\PROGRA~1\SOGOUI~1\423~1.281\PinyinRepair.exe" /S> [(Verified)Sogou.com Inc., 4.2.3.2810] ================================================================ 组件 -------------------------------- Shell Extension [RISING] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] -------------------------------- Context Menu [RisingKaKaExt] <{356B11FA-929F-4eb7-8B26-D7E3184DDD16}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [RisingRavExt] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [WinRAR] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [00nView] <{1E9B04FB-F9E5-4718-997B-B8DA88302A48}> [] [NvCplDesktopContext] <{A70C977A-BF00-412C-90B7-034C51DA2439}> [NVIDIA Corporation, 6.14.11.9107] -------------------------------- BrowserHelperObject [ThunderAtOnce Class] <{01443AEC-0FD1-40fd-9C87-E93D1494C233}> [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34] [BOC ProcessProtect Class] <{776B71E2-B4CC-4C94-BC7C-09103AA690B6}> [(Verified)www.ISRA.org.cn, 1, 3, 10, 26] [Thunder Browser Helper] <{889D2FEB-5411-4565-8998-1DD2C5261283}> [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120] [卡卡上网安全助手] <{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] -------------------------------- ActiveX Extension [ThunderAtOnce Class] <{01443AEC-0FD1-40FD-9C87-E93D1494C233}> [(Verified)Thunder Networking Technologies,LTD, 1.0.5.34] [BOC ProcessProtect Class] <{776B71E2-B4CC-4C94-BC7C-09103AA690B6}> [(Verified)www.ISRA.org.cn, 1, 3, 10, 26] [Thunder Browser Helper] <{889D2FEB-5411-4565-8998-1DD2C5261283}> [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120] [卡卡上网安全助手] <{98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}> [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 28] [Shockwave Flash Object] <{D27CDB6E-AE6D-11CF-96B8-444553540000}> [(Verified)Adobe Systems, Inc., 10,0,45,2] ================================================================ 服务 [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] [NVIDIA Display Driver Service / nvsvc][Stopped/Disabled] [NVIDIA Corporation, 6.14.11.9107] [Contrl Center of Storm Media / ccosm][Stopped/Disabled] [(Verified)北京暴风网际科技有限公司, 3, 8, 3, 15] [Rav Service / RsRavMon][Running/Auto Start] <"D:\Program Files\Rising\Rav\RavMonD.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] ================================================================ 驱动 [HOOKAPI / HOOKAPI][Stopped/Auto Start] <\??\D:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS> [] [SATALink driver accelerator / SiFilter][Stopped/Disabled] <\SystemRoot\system32\DRIVERS\SiWinAcc.sys> [Silicon Image, Inc., 1.0.0.11] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.5625 (xpsp_sp3_qfe.080620-1309)] [viamraid / viamraid][Stopped/Boot Start] [VIA Technologies inc,.ltd, 5.1.6000.581] [Ambfilt / Ambfilt][Stopped/Manual Start] [(Verified)Creative, 5.10.00.4240] [AMD HwPState Processor Driver / AmdPPM][Running/System Start] [(Verified)Advanced Micro Devices, 1.0.0 built by: WinDDK] [AsIO / AsIO][Running/System Start] [(Verified)N/A] [AtpKrnl / AtpKrnl][Running/Manual Start] [(Verified)www.arswp.com, 3.00] [Compaq Easy Access PS2 Internet Keyboard (Win2K) / eaps2kbd][Running/Manual Start] [(Verified)Compaq Computer Corp., 6.00.650] [EAWDMFD / eawdmfd][Running/System Start] [(Verified)Compaq Computer Corporation, 3.00.000.b7] [Microsoft 用于 High Definition Audio 的 UAA 总线驱动程序 / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 5] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 31] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5919 built by: WinDDK] [Monfilt / Monfilt][Stopped/Manual Start] [(Verified)Creative Technology Ltd., 5.10.0.4112] [ATK0110 ACPI UTILITY / MTsensor][Running/Manual Start] [(Verified)1043, 2, 15, 37] [nv / nv][Running/Manual Start] [(Verified)NVIDIA Corporation, 6.14.11.9107] [NVIDIA nForce 10/100/1000 Mbps Ethernet / NVENETFD][Running/Manual Start] [(Verified)NVIDIA Corporation, 7.03.01.07310] [Service for NVIDIA High Definition Audio Driver / NVHDA][Running/Manual Start] [(Verified)NVIDIA Corporation, 1.00.00.59 built by: WinDDK] [NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start] [(Verified)NVIDIA Corporation, 7.03.01.07310] [nvsmu / nvsmu][Running/Manual Start] [(Verified)NVIDIA Corporation, 5.10.2600.0161 built by: WinDDK] [Protector / Protector][Running/System Start] [(Verified)www.ISRA.org.cn, 1, 0, 1, 1] [ProtectorA / ProtectorA][Running/System Start] <\??\C:\WINDOWS\system32\drivers\ProtectorA.sys> [(Verified)www.ISRA.org.cn, 1, 0, 1, 2] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)] [rsassist / rsassist][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 4] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [RsProtect / RsProtect][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 5] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086] ================================================================ 活动进程 [PID: 744 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 800 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 968 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1056 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1152 / SYSTEM] D:\Program Files\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Program Files\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] D:\Program Files\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] D:\Program Files\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] D:\Program Files\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Program Files\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.41] D:\Program Files\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] D:\Program Files\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 46] D:\Program Files\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] D:\Program Files\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29] D:\Program Files\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] D:\Program Files\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12] D:\Program Files\Rising\Rav\rsindent.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11] D:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] D:\Program Files\Rising\Rav\taskplug.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] D:\Program Files\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] D:\Program Files\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] D:\Program Files\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] D:\Program Files\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 3] D:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] D:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] D:\Program Files\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 1] D:\Program Files\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 36] D:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] D:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Program Files\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Program Files\Rising\Rav\bawhite.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Program Files\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] D:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.22] D:\Program Files\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] D:\Program Files\Rising\Rav\NComm2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Program Files\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] D:\Program Files\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Program Files\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] D:\Program Files\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] D:\Program Files\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Program Files\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Program Files\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Program Files\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Program Files\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Program Files\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Program Files\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Program Files\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 75] D:\Program Files\Rising\Rav\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Program Files\Rising\Rav\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] D:\Program Files\Rising\Rav\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.19] D:\Program Files\Rising\Rav\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] D:\Program Files\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] D:\Program Files\Rising\Rav\extarch.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] D:\Program Files\Rising\Rav\extcomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Program Files\Rising\Rav\scantj.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Program Files\Rising\Rav\methodex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] D:\Program Files\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] D:\Program Files\Rising\Rav\heurex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] D:\Program Files\Rising\Rav\extsfx.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Program Files\Rising\Rav\pecompd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] D:\Program Files\Rising\Rav\extole.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [PID: 1168 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1440 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1752 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] D:\Program Files\Rising\RegCall.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation, 6.14.11.9107] C:\WINDOWS\system32\NVRSZHC.DLL [NVIDIA Corporation, 6.14.11.9107] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.9107] d:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 120] d:\Program Files\Thunder\Components\ResWorker\DsBho_00.dll [深圳市迅雷网络技术有限公司, 1, 0, 0, 20] d:\Program Files\Thunder\Components\ResWorker\DataProcessor_00.dll [深圳市迅雷网络技术有限公司, 1, 0, 0, 16] C:\Program Files\WinRAR\rarext.dll [N/A] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\WINDOWS\system32\KakaExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [PID: 1868 / Administrator] D:\Program Files\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.11] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] D:\Program Files\Rising\Rav\comserv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] D:\Program Files\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] D:\Program Files\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] D:\Program Files\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] D:\Program Files\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Program Files\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Program Files\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Program Files\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] D:\Program Files\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57] D:\Program Files\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] D:\Program Files\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] D:\Program Files\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] D:\Program Files\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7] D:\Program Files\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.74] D:\Program Files\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] D:\Program Files\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] D:\Program Files\Rising\Rav\scanleak.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] D:\Program Files\Rising\Rav\ravppops.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] D:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] D:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] D:\Program Files\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [PID: 1880 / Administrator] D:\Program Files\Rising\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.29] D:\Program Files\Rising\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] D:\Program Files\Rising\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] D:\Program Files\Rising\RegCall.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] D:\Program Files\Rising\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.33] D:\Program Files\Rising\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] D:\Program Files\Rising\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] D:\Program Files\Rising\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] D:\Program Files\Rising\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1] D:\Program Files\Rising\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] D:\Program Files\Rising\rsxml1.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] D:\Program Files\Rising\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] D:\Program Files\Rising\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.57] D:\Program Files\Rising\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] D:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] D:\Program Files\Rising\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [PID: 1900 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 508 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111)] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 1596 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852)] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] [PID: 3872 / Administrator] D:\Program Files\Rising\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14] D:\Program Files\Rising\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] D:\Program Files\Rising\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] D:\Program Files\Rising\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [PID: 2652 / Administrator] d:\Program Files\Thunder\Program\Thunder5.exe [深圳市迅雷网络技术有限公司, 5.8.14.706] d:\Program Files\Thunder\Program\BugReport.dll [深圳市迅雷网络技术有限公司, 1, 4, 1, 20] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] D:\Program Files\Rising\RegCall.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] d:\Program Files\Thunder\Program\TaskManager.dll [N/A] d:\Program Files\Thunder\Program\Shareds.dll [深圳市迅雷网络技术有限公司, 1, 3, 11, 75] d:\Program Files\Thunder\Program\download_interface.dll [深圳市迅雷网络技术有限公司, 3, 4, 2, 341] d:\Program Files\Thunder\Program\mp.dll [深圳市迅雷网络技术有限公司, 1, 0, 2, 5] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] d:\Program Files\Thunder\Program\XLCrypto.dll [N/A] d:\Program Files\Thunder\Program\asyn_frame.dll [深圳市迅雷网络技术有限公司, 1, 4, 2, 34] d:\Program Files\Thunder\Program\ATL71.DLL [Microsoft Corporation, 7.10.3077.0] d:\Program Files\Thunder\Program\XLNet.Dll [深圳市迅雷网络技术有限公司, 1, 5, 2, 25] d:\Program Files\Thunder\Program\BHOStub.dll [深圳市迅雷网络技术有限公司, 1, 1, 1, 13] d:\Program Files\Thunder\Program\FloatBar.dll [深圳市迅雷网络技术有限公司, 1, 0, 0, 2] d:\Program Files\Thunder\Components\DownAndPlay\DownAndPlay.dll [深圳市迅雷网络技术有限公司, 1, 0, 12, 30] d:\Program Files\Thunder\Program\backend_agent.dll [深圳市迅雷网络技术有限公司, 1, 1, 2, 30] d:\Program Files\Thunder\Program\zlib1.dll [(C) 1995-2004 Jean-loup Gailly & Mark Adler, 1.2.3] d:\Program Files\Thunder\Program\p2sp_pd.dll [深圳市迅雷网络技术有限公司, 2, 0, 2, 46] d:\Program Files\Thunder\Program\fs.dll [深圳市迅雷网络技术有限公司, 1, 1, 2, 20] d:\Program Files\Thunder\Program\ptl.dll [深圳市迅雷网络技术有限公司, 3, 2, 3, 57] d:\Program Files\Thunder\Program\dl_peer_id.dll [深圳市迅雷网络技术有限公司, 3, 1, 2, 4] d:\Program Files\Thunder\Program\xl_stat.dll [深圳市迅雷网络技术有限公司, 1, 0, 2, 9] d:\Program Files\Thunder\Program\p2sp.dll [深圳市迅雷网络技术有限公司, 1, 1, 2, 69] d:\Program Files\Thunder\Program\down_dispatcher.dll [深圳市迅雷网络技术有限公司, 1, 0, 2, 44] d:\Program Files\Thunder\Program\p2p.dll [深圳市迅雷网络技术有限公司, 1,1,2,51] d:\Program Files\Thunder\Program\p2p_upload.dll [深圳市迅雷网络技术有限公司, 1,1,2,13] d:\Program Files\Thunder\Program\xldc.dll [深圳市迅雷网络技术有限公司, 4, 0, 2, 28] d:\Program Files\Thunder\Program\stream.dll [深圳市迅雷网络技术有限公司, 2, 1, 2, 1046] d:\Program Files\Thunder\Program\iTargetAD.dll [深圳市迅雷网络技术有限公司, 1, 0, 4, 35] C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx [(Verified)Adobe Systems, Inc., 10,0,45,2] d:\Program Files\Thunder\Program\p2p_local_res.dll [深圳市迅雷网络技术有限公司, 1,1,2,19] d:\Program Files\Thunder\Program\bt_shell.dll [深圳市迅雷网络技术有限公司, 1, 0, 2, 8] d:\Program Files\Thunder\Program\al.dll [深圳市迅雷网络技术有限公司, 1,1,2,35] d:\Program Files\Thunder\Program\media_data.dll [深圳市迅雷网络技术有限公司, 1, 0, 2, 7] d:\Program Files\Thunder\Program\sl.dll [深圳市迅雷网络技术有限公司, 1.0.2.2] d:\Program Files\Thunder\Components\Community\XLCommunity.dll [深圳市迅雷网络技术有限公司, 3.0.2.18] d:\Program Files\Thunder\Program\XLI18N.dll [深圳市迅雷网络技术有限公司, 1, 0, 2, 1] d:\Program Files\Thunder\Components\Community\VipResource.dll [N/A] d:\Program Files\Thunder\Program\http.dll [深圳市迅雷网络技术有限公司, 1.0.2.5] d:\Program Files\Thunder\Components\Community\XLCP.dll [深圳市迅雷网络技术有限公司, 1.0.2.6] d:\Program Files\Thunder\Components\Community\XLUser.dll [深圳市迅雷网络技术有限公司, 1.0.2.8] d:\Program Files\Thunder\Components\Community\XLBlog.dll [深圳市迅雷网络技术有限公司, 1.0.2.10] d:\Program Files\Thunder\Components\InMedia\iEmbedShell.dll [深圳市迅雷网络技术有限公司, 3, 4, 12, 125] d:\Program Files\Thunder\Components\InMedia\iEmbed22.dll [深圳市迅雷网络技术有限公司, 3, 4, 12, 125] d:\Program Files\Thunder\Components\InMedia\XLIPC.DLL [深圳市迅雷网络技术有限公司, 1, 0, 0, 2] d:\Program Files\Thunder\Program\xldcsubtask.dll [深圳市迅雷网络技术有限公司, 1, 0, 2, 16] d:\Program Files\Thunder\Components\Security\ThunderSafe.dll [深圳市迅雷网络技术有限公司, 2, 1, 9, 113] d:\Program Files\Thunder\Components\Security\ConfigManager.dll [深圳市迅雷网络技术有限公司, 1, 0, 0, 1] d:\Program Files\Thunder\Components\Security\SafeManager.dll [深圳市迅雷网络技术有限公司, 1, 0, 6, 21] d:\Program Files\Thunder\Components\Security\SafeStatistic.dll [深圳市迅雷网络技术有限公司, 1, 0, 0, 1] d:\Program Files\Thunder\Program\XLNetU.Dll [深圳市迅雷网络技术有限公司, 1, 5, 1, 24] d:\Program Files\Thunder\Plugins\XLSafeHost\XLSafeHost.dll [深圳市迅雷网络技术有限公司, 1, 2, 20, 108] d:\Program Files\Thunder\Program\LiveUpdate.dll [深圳市迅雷网络技术有限公司, 1, 2, 4, 26] d:\Program Files\Thunder\Plugins\Xmp\XmpVip.dll [深圳市迅雷网络技术有限公司, 1.0.0.4] d:\Program Files\Thunder\Plugins\KanKanTop\KanKanTop.dll [深圳市迅雷网络技术有限公司, 1, 0, 0, 18] d:\Program Files\Thunder\Components\ExplorerHelper\ExplorerHelper.dll [深圳市迅雷网络技术有限公司, 1, 0, 4, 27] d:\Program Files\Thunder\Program\emule_id.dll [深圳市迅雷网络技术有限公司, 1, 0, 2, 12] d:\Program Files\Thunder\Components\VPSHELL\VPSHELL.dll [深圳市迅雷网络技术有限公司, 4, 0, 1, 42] d:\Program Files\Thunder\Components\UserExperience\UserExperience.dll [深圳市迅雷网络技术有限公司, 1, 0, 3, 5] d:\Program Files\Thunder\Components\ResWorker\DsXlCom.dll [深圳市迅雷网络技术有限公司, 1, 0, 0, 30] d:\Program Files\Thunder\Components\ResWorker\DataProcessor_00.dll [深圳市迅雷网络技术有限公司, 1, 0, 0, 16] d:\Program Files\Thunder\Components\ResWorker\MediaWorker.dll [深圳市迅雷网络技术有限公司, 1, 2, 0, 22] d:\Program Files\Thunder\Components\DownloadStat\DownloadStat.dll [深圳市迅雷网络技术有限公司, 1, 4, 1, 6] D:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 28] d:\Program Files\Thunder\Program\bd.dll [深圳市迅雷网络技术有限公司, 1, 0, 2, 20] [PID: 3784 / Administrator] C:\Program Files\arswp3\arswp3.exe [(Verified)Windows 清理助手, 3.0.15.0309] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105)] D:\Program Files\Rising\RegCall.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] D:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 28] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\Macromed\Flash\Flash10e.ocx [(Verified)Adobe Systems, Inc., 10,0,45,2] ================================================================ 文件关联 ================================================================ Autorun.Inf ================================================================ Winsock提供者 ================================================================ 隐藏进程 ================================================================ 可疑文件 ================================================================ HOSTS [/CODE]