[CODE] 2010-07-08,09:48:02 SysLog Scanner 3.1 - build 20100608 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) ================================================================ 注册项 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.29] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.11] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [全能助手工作室, 4, 0, 6, 1] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | NVIDIA Corporation, 6.14.11.9107] [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | NVIDIA Corporation, 6.14.11.9107] [(Verified)N/A] <"d:\Rising\Rav\RsTray.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.11] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components] <{44BBA842-CC51-11CF-AAFA-00AA00B6015B}> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | (Verified)Microsoft Corporation, 7.00.6000.17055 (vista_gdr.100414-0533) | (Verified)N/A] <{5945c046-1e7d-11d1-bc44-00c04fd912be}> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | (Verified)Microsoft Corporation, 7.00.6000.17055 (vista_gdr.100414-0533) | (Verified)N/A] <{6BF52A52-394A-11d3-B153-00C04F79FAA6}> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | (Verified)Microsoft Corporation, 7.00.6000.17055 (vista_gdr.100414-0533) | (Verified)N/A] <{89B4C1CD-B018-4511-B0A1-5476DBF70820}> [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt] <&U使用米人下载并收藏> [N/A] [] <上传到淘江湖相册> [N/A] <使用iTudou下载节目> [] <使用光影编辑和美化> [N/A] <使用迅雷下载> [N/A] <使用迅雷下载全部链接> [N/A] <氝樓善QQ桶> [N/A] <添加为阿里旺旺表情> [N/A] <添加到广告杀手> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\MenuExt] <氝樓善QQ桶> [N/A] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors] [Microsoft Corporation, 11.3.1897.0] ================================================================ 启动组 ================================================================ 任务计划 ================================================================ 组件 -------------------------------- ShellExecuteHook [ShlExecHack Class] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] -------------------------------- Shell Extension [全能助手广告拦截专家] <{ED51E9A3-16C5-4236-99E0-9F093B021433}> [全能助手工作室, 7, 0, 6, 2] [DllRegShlExt extension] <{8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C}> [www.Tudou.com, 1.1.0.0] [7-Zip Shell Extension] <{23170F69-40C1-278A-1000-000100020000}> [Igor Pavlov, 9.15 beta] [ShellLink for Application References] <{e82a2d71-5b2f-43a0-97b8-81be15854de8}> [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [WinRAR shell extension] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [Shell Extensions for RealOne Player] <{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}> [(Verified)RealNetworks, Inc., 1.0.2.67] [Desktop Explorer] <{1CDB2949-8F65-4355-8456-263E7C208A5D}> [(Verified)N/A] [NvCpl DesktopContext Class] <{A70C977A-BF00-412C-90B7-034C51DA2439}> [NVIDIA Corporation, 6.14.11.9107] [Haali Column Provider] <{0561EC90-CE54-4f0c-9C55-E226110A740C}> [N/A] [RISING] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] -------------------------------- ToolBar [全能助手广告拦截专家] <{ED51E9A3-16C5-4236-99E0-9F093B021433}> [全能助手工作室, 7, 0, 6, 2] -------------------------------- Protocols [Cor MIME Filter, CorFltr, CorFltr 1] <{1E66F26B-79EE-11D2-8710-00C04F79ED0D}> [Microsoft Corporation, 2.0.50727.42 (RTM.050727-4200)] [] <{6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}> [酷狗, 5.2.4.4] [Microsoft Infotech Storage Protocol for IE 4.0] <{0A9007C0-4076-11D3-8789-0000F8105754}> [Microsoft Corporation, 05.02.9336.01] -------------------------------- Context Menu [7-Zip] <{23170F69-40C1-278A-1000-000100020000}> [Igor Pavlov, 9.15 beta] [DLLRegSvr] <{8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C}> [www.Tudou.com, 1.1.0.0] [OpenFolder] <{0DE1378D-F811-40E6-B60A-1CC56F57D3E9}> [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1] [RisingKaKaExt] <{356B11FA-929F-4eb7-8B26-D7E3184DDD16}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [RisingRavExt] <{1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [WinRAR] <{B41DB860-8EE4-11D2-9906-E49FADC173CA}> [N/A] [00nView] <{1E9B04FB-F9E5-4718-997B-B8DA88302A48}> [(Verified)N/A] [NvCplDesktopContext] <{A70C977A-BF00-412C-90B7-034C51DA2439}> [NVIDIA Corporation, 6.14.11.9107] -------------------------------- BrowserHelperObject [Adobe PDF Reader Link Helper] <{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}> [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200] [迅雷下载IE支持] <{889D2FEB-5411-4565-8998-1DD2C5261283}> [(Verified)深圳市迅雷网络技术有限公司, 5,9,23,1488] -------------------------------- ActiveX Extension [PhotoDrawEx Class] <{05F5F404-7C24-4B39-B5CC-340CEDEB9C0D}> [(Verified)Tencent, 2, 25, 166, 120] [Adobe PDF Reader Link Helper] <{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}> [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200] [GerneralPeerID Class] <{0A47E819-F82E-4D5D-B806-6A9EA94D68CD}> [] [WWPicUploadCtrl Class] <{1D63232D-4F15-4A42-890D-EE617AA1537D}> [Alibaba software (Shanghai) Corporation, 1.0.0.1] [InstallHelper Class] <{1DABF8D5-8430-4985-9B7F-A30E53D709B3}> [(Verified)Tencent, 8.13.4822.0] [System Requirements Lab Class] <{1E54D648-B804-468D-BC78-4AFFED8E262F}> [(Verified)Husdawg, LLC, 3, 0, 0, 4] [RealPlayer RAM Download Handler] <{2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93}> [(Verified)RealNetworks, Inc., 6.0.10.220] [Zyzzyva] <{30FA9641-9CFE-4D71-A3AA-DF8B6FA02FCC}> <> [] [Thunder Agent Class] <{485463B7-8FB2-4B3B-B29B-8B919B0EACCE}> [(Verified)深圳市迅雷网络技术有限公司, 5,9,23,1488] [IE2EMUrlTaker Class] <{48618374-565F-4CA0-B8CD-6F496C997FAF}> [] [SkyDrive.Plugin.1] <{4990272A-0655-4D80-90A7-C18D0FF7A4A9}> [Copyright 1998, 1, 0, 0, 9] [VaCom.Application] <{51E88884-1306-4444-B22D-C34119E44232}> [] [WangWangX Class] <{5D09DD40-CDC4-4C56-B615-0D1E3B357C2B}> [(Verified)Alibaba software (Shanghai) Corporation., 1.0.0.1] [XMP Class] <{6483F145-A768-4C41-AACC-52D4D7845851}> [深圳市迅雷网络技术有限公司, 2, 1, 9, 102] [DivXBrowserPlugin Object] <{67DABFBF-D0AB-41FA-9C46-CC0F21721616}> [(Verified)DivX,Inc., 2, 0, 2, 40] [XDRM] <{693571CB-54A3-4E90-9D52-EEAE1334E2D3}> [Copyright XunLei 2007, 1, 0, 0, 7] [StormPlayer Object] <{6BE52E1D-E586-474F-A6E2-1A85A9B4D9FB}> [(Verified)北京暴风网际科技有限公司, 3, 10, 6, 30] [Access UserInfo by Script] <{6EE9CD3E-A386-4DAE-9737-A759DBF927AE}> [(Verified)深圳市迅雷网络技术有限公司, 1.0.1.6] [MediaComm Class] <{7670648D-461B-42AF-BDFE-46D26AF5EFF2}> [(Verified)深圳市迅雷网络技术有限公司, 3, 1, 7, 83] [XDownloaddManager Class] <{802F530B-A8F6-4631-AE49-6BACAAC6373E}> [(Verified)深圳市迅雷网络技术有限公司, 5,9,23,1488] [XML DOM Document 5.0] <{88D969E5-F192-11D4-A65F-0040963251E5}> [] [Uploader Class] <{8B054DFE-79A3-4A6A-9F46-CD2A2F601129}> [(Verified)Tencent Inc., 1, 0, 1, 28] [SSOForPTLogin Class] <{8FC1EE75-72B3-4A23-B987-2B1C4C8A611B}> [(Verified)(c) Tencent Co. Ltd. All rights reserved., 1, 0, 1, 4] [OFrameObject Class] <{9701758C-4373-482E-B13C-776C048EC890}> [(Verified)深圳市迅雷网络技术有限公司, 2, 3, 5921, 297] [VersionDetector Class] <{9EFF1953-9694-47B1-AEF6-B2A3FE8BFE9B}> [(Verified)深圳市迅雷网络技术有限公司, 1, 1, 0, 30] [HallToolkit Class] <{A24E6133-404F-4431-A296-2DE576FC5AEE}> [(Verified)深圳市迅雷网络技术有限公司, 1.0.0.5] [APlayer Control] <{A9322148-C691-4B9D-91FC-B9C461DBE9DD}> [(Verified)ShenZhen Thunder Networking Technologies, LTD, 2.0.8.287] [CCTVUpdateInstall] <{AC414988-E5BB-4C2C-873B-EA53D2F3D23A}> [(Verified)CCTV International Networks Co.,Ltd, 1, 0, 0, 9] [UploadManager Class] <{AF2F4E3F-DC4D-40B3-B7DA-77974FF2F317}> [NetEase(Hangzhou)Network Tech.Co.,Ltd., 1.0.0.4] [ScreenCapture163 Class] <{B6DEE590-8486-4F35-86BB-265FC72DBD96}> [NetEase(Hangzhou)Network Tech.Co.,Ltd., 1.0.0.3] [SDECtrl Class] <{BDB157D1-205A-43D8-AE92-2EC5B362F4F7}> [] [FTNUpload Class] <{BDEACC50-F56D-4D60-860F-CF6ED1766D65}> [(Verified)Tencent, 1, 0, 0, 11] [KooPlayer Control] <{C728DAB8-FDF5-4CD7-89DD-879D25794C77}> [(Verified)CCTV.COM, 1, 0, 0, 105] [QQPlayerCtrl Class] <{CD108273-D434-43E6-AA90-1469F97EB398}> [(Verified)Tencent, 3, 2, 165, 710] [Shockwave Flash Object] <{D27CDB6E-AE6D-11CF-96B8-444553540000}> [(Verified)Adobe Systems, Inc., 10,1,53,64] [TimwpDll.TimwpCheck] <{ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4}> [(Verified)Tencent, 1, 50, 1720, 0] [全能助手广告拦截专家] <{ED51E9A3-16C5-4236-99E0-9F093B021433}> [全能助手工作室, 7, 0, 6, 2] [Thunder DapPlayer] <{EEDD6FF9-13DE-496B-9A1C-D78B3215E266}> [] [PPLive Lite Class] <{EF0D1A14-1033-41A2-A589-240C01EDC078}> [(Verified)Copyright 2008, 1, 0, 0, 3] [QvodCtrl Class] <{F3D0D36F-23F8-4682-A195-74C92B03D4AF}> [] [XPPlayer Class] <{F3E70CEA-956E-49CC-B444-73AFE593AD7F}> [(Verified)深圳市迅雷网络技术有限公司, 2, 1, 58130, 251] [ForceP2PPlayer Object] <{FCD61199-E187-4ADD-88E5-9AF238486D11}> [] [IERPCtl Class] <{FDC7A535-4070-4B92-A0EA-D9994BCC0DC5}> [(Verified)RealNetworks, Inc., 1.0.2.68] ================================================================ 服务 [InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"> [Macrovision Corporation, 11.00.28844] [Windows CardSpace / idsvc][/Manual Start] <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"> [Microsoft Corporation, 3.0.4506.30 (WAPRTM.004506-0030)] [Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled] <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"> [Microsoft Corporation, 3.0.4506.30 (WAPRTM.004506-0030)] [nProtect GameGuard Service / npggsvc][Stopped/Manual Start] [INCA Internet Co., Ltd., 2009, 3, 20, 1] [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [NVIDIA Corporation, 6.14.11.9107] [Sandboxie Service / SbieSvc][Running/Auto Start] <"f:\Sandboxie\SbieSvc.exe"> [tzuk, 3.42] [PnkBstrA / PnkBstrA][Running/Auto Start] [(Verified)N/A] [PnkBstrB / PnkBstrB][Running/Auto Start] [(Verified)N/A] [Rav Service / RsRavMon][Running/Auto Start] <"d:\Rising\Rav\RavMonD.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [RFW Service / RsRFWMon][Running/Auto Start] <"C:\Program Files\Rising\RFW\RavMonD.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] [TabletServiceWacom / TabletServiceWacom][Running/Auto Start] [(Verified)Wacom Technology, Corp., 6.0.5-7] [Tencent Software Update Service / TSUSVC][Stopped/Auto Start] <"F:\工具\QQSoftMgr\1.0.375.203\TencentUpdateSvc.exe" -run> [(Verified)Tencent, 1.0 Beta3 Build 375] ================================================================ 驱动 [d347bus / d347bus][Stopped/Boot Start] [ , 3.47.0.0 built by: WinDDK] [d347prt / d347prt][Stopped/Boot Start] [ , 3.47.0.0 built by: WinDDK] [dtscsi / dtscsi][Stopped/Manual Start] <\SystemRoot\System32\Drivers\dtscsi.sys> [] [EagleNT / EagleNT][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys> [] [GarenaPEngine / GarenaPEngine][Stopped/Manual Start] <\??\C:\DOCUME~1\dsag\LOCALS~1\Temp\DWJ137.tmp> [] [HOOKAPI / HOOKAPI][Stopped/Manual Start] <\??\C:\PROGRAM FILES\RISING\RAV\HOOKAPI.SYS> [] [IEProtector / IEProtector][Running/Auto Start] <\??\C:\Program Files\IEMate\IEProtector.sys> [N/A] [Motorola USB Device / P2k][Stopped/Manual Start] [Motorola Inc, 1.8] [p2pfilter / p2pfilter][Stopped/Manual Start] <\??\F:\工具\p2pover\p2pfilter.sys> [] [StarForce Protection Environment Driver v6 / prodrv06][Running/System Start] <\SystemRoot\System32\drivers\prodrv06.sys> [Protection Technology, 6.43] [StarForce Protection Helper Driver v2 / prohlp02][Running/Boot Start] [Protection Technology, 2.43] [StarForce Protection Synchronization Driver v1 / prosync1][Running/Boot Start] [Protection Technology, 1.5] [QKeyServiceDisplay / QKeyService][Running/Boot Start] [ Tencent Technology (Shenzhen) Company Limited, 1, 0, 0, 6] [SbieDrv / SbieDrv][Running/Manual Start] <\??\f:\Sandboxie\SbieDrv.sys> [tzuk, 3.42] [StarForce Cure Driver (version 1.x) / sfcure01][Stopped/Manual Start] [N/A] [StarForce Protection Environment Driver (version 1.x) / sfdrv01][Running/Boot Start] [Protection Technology, 1.27] [StarForce Protection Helper Driver / sfhlp01][Running/Boot Start] [Protection Technology, 1.5] [StarForce Protection Helper Driver (version 2.x) / sfhlp02][Running/Boot Start] [Protection Technology, 2.1] [StarForce Protection Synchronization Driver (version 2.x) / sfsync02][Running/Boot Start] [Protection Technology, 2.7] [sptd / sptd][Running/Boot Start] [N/A] [sysHostSvc / sysHostSvc][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\GuiHelp.sys> [Microsoft Corporation, 5, 1, 2467, 4] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245)] [TesDrvPt / TesDrvPt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesDrvPt.sys> [TENCENT, 1.0.5 built by: WinDDK] [zlportio / zlportio][Stopped/Manual Start] <\??\E:\COD2\star\zlportio.sys> [] [Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start] [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK] [hookcont / hookcont][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 6] [hooksys / hooksys][Running/System Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 34] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.0.5473 built by: WinDDK] [nv / nv][Running/Manual Start] [(Verified)NVIDIA Corporation, 6.14.11.9107] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148)] [PxHelp20 / PxHelp20][Running/Boot Start] [(Verified)Sonic Solutions, 3.00.93.0] [Rising RfwARP Driver / RFWARP][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] [Rising RfwBase Driver / RfwBase9][Running/Manual Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] [rfwtdi / rfwtdi][Running/Auto Start] <\??\C:\Program Files\Rising\RFW\rfwtdi.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.2] [rsassist / rsassist][Stopped/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 5] [rsfwdrv / rsfwdrv][Running/System Start] <\??\C:\Program Files\Rising\RFW\rsfwdrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.37] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] [Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver / RTLE8023xp][Running/Manual Start] [(Verified)Realtek Semiconductor Corporation , 5.668.0412.2007 built by: WinDDK] [Secdrv / Secdrv][Running/Auto Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [(Verified)TENCENT, 0, 1, 0, 4] [Wacom Mouse Filter Driver / wacommousefilter][Running/Manual Start] [(Verified)Wacom Technology, 1.2.0002.0] [Wacom Virtual Hid Driver / wacomvhid][Running/Manual Start] [(Verified)Wacom Technology, 2.8.0000.0] [Virtual Keyboard Driver / WacomVKHid][Running/Manual Start] [(Verified)Wacom Technology, 1.1.0000.0] ================================================================ 活动进程 [PID: 1300 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation, 6.14.11.9107] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.9107] [PID: 1532 / SYSTEM] C:\Program Files\Rising\RFW\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\Program Files\Rising\RFW\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] C:\Program Files\Rising\RFW\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\Program Files\Rising\RFW\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\RFW\MonComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] C:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] C:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\RFW\rfwsrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.2] C:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\RFW\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\Program Files\Rising\RFW\rfwdrvc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.1] C:\Program Files\Rising\RFW\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.5] C:\Program Files\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\RFW\RfwArp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.5] C:\Program Files\Rising\RFW\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\Program Files\Rising\RFW\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] C:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\RFW\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\RFW\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\RFW\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\RFW\rfwproxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 73] C:\Program Files\Rising\RFW\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\Program Files\Rising\RFW\rsindent.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11] C:\Program Files\Rising\RFW\taskplug.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\Program Files\Rising\RFW\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\Program Files\Rising\RFW\NComm2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\RFW\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] C:\Program Files\Rising\RFW\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\Program Files\Rising\RFW\urllib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] [PID: 760 / dsag] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] F:\工具\Rising\AntiSpyware\RegCall.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] C:\Program Files\WinRAR\rarext.dll [N/A] F:\工具\7-Zip\7-zip.dll [Igor Pavlov, 9.15 beta] C:\Program Files\Haali\MatroskaSplitter\mmfinfo.dll [N/A] C:\Program Files\Haali\MatroskaSplitter\mkunicode.dll [N/A] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc., 8.1.0.0] C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation, 6.14.11.9107] C:\WINDOWS\system32\NVRSZHC.DLL [NVIDIA Corporation, 6.14.11.9107] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.9107] C:\Program Files\NVIDIA Corporation\nView\nvshell.dll [(Verified)N/A] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\WINDOWS\system32\kakaext.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] f:\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)深圳市迅雷网络技术有限公司, 5,9,23,1488] f:\Thunder Network\Thunder\ComDlls\zlib1.dll [(C) 1995-2004 Jean-loup Gailly & Mark Adler, 1.2.3] f:\Thunder Network\Thunder\ComDlls\MSVCR71.dll [Microsoft Corporation, 7.10.6030.0] f:\Thunder Network\Thunder\ComDlls\libexpat.dll [N/A] f:\Thunder Network\Thunder\ComDlls\MSVCP71.dll [Microsoft Corporation, 7.10.6030.0] f:\Thunder Network\Thunder\ComDlls\ATL71.DLL [Microsoft Corporation, 7.10.6101.0] F:\Thunder Network\Thunder\userdata\Components\ResWorker\DsBho_01.dll [(Verified)深圳市迅雷网络技术有限公司, 1, 0, 0, 33] F:\Thunder Network\Thunder\userdata\Components\ResWorker\DataProcessor_01.dll [(Verified)深圳市迅雷网络技术有限公司, 1, 0, 1, 6] [PID: 596 / SYSTEM] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [(Verified)Microsoft Corporation, 7.00.9466] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\2052\mdmui.dll [Microsoft Corporation, 7.00.9466] [PID: 1028 / SYSTEM] C:\WINDOWS\system32\PnkBstrA.exe [(Verified)N/A] [PID: 1040 / SYSTEM] C:\WINDOWS\system32\PnkBstrB.exe [(Verified)N/A] [PID: 1504 / SYSTEM] f:\Sandboxie\SbieSvc.exe [tzuk, 3.42] f:\Sandboxie\SbieDll.dll [tzuk, 3.42] [PID: 1688 / SYSTEM] C:\WINDOWS\system32\Wacom_Tablet.exe [(Verified)Wacom Technology, Corp., 6.0.5-7] [PID: 708 / dsag] C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe [(Verified)Wacom Technology, Corp., 6.0.5-7] [PID: 744 / SYSTEM] C:\WINDOWS\system32\Wacom_Tablet.exe [(Verified)Wacom Technology, Corp., 6.0.5-7] [PID: 2856 / dsag] d:\Rising\Rav\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.11] d:\Rising\Rav\comserv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] d:\Rising\Rav\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] d:\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] d:\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] d:\Rising\Rav\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] d:\Rising\Rav\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] d:\Rising\Rav\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] d:\Rising\Rav\ScanEvnt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] d:\Rising\Rav\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57] d:\Rising\Rav\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] d:\Rising\Rav\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] d:\Rising\Rav\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] d:\Rising\Rav\mruleui.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7] d:\Rising\Rav\MonTray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.74] d:\Rising\Rav\RavITray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] d:\Rising\Rav\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] d:\Rising\Rav\scanleak.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] d:\Rising\Rav\ravppops.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] d:\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] d:\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] d:\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] d:\Rising\Rav\ScanPrxy.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] [PID: 3380 / dsag] F:\工具\TWEAKA~1\AssistSystray.exe [全能助手工作室, 4, 0, 6, 1] F:\工具\TWEAKA~1\AssistAlert.dll [全能助手工作室, 1, 0, 0, 0] F:\工具\TWEAKA~1\AssistBWSpy.dll [全能助手工作室, 1, 0, 1, 1] F:\工具\TWEAKA~1\TweakAssistKrnl.dll [全能助手工作室, 2, 0, 1, 1] F:\工具\Rising\AntiSpyware\RegCall.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] F:\工具\TWEAKA~1\AssistWallpaper.dll [全能助手工作室, 2, 0, 0, 3] F:\工具\TWEAKA~1\AssistImgfmt.dll [全能助手工作室, 2, 0, 0, 0] [PID: 3480 / dsag] C:\WINDOWS\system32\RUNDLL32.EXE [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] C:\WINDOWS\system32\NvMcTray.dll [NVIDIA Corporation, 6.14.11.9107] C:\WINDOWS\system32\nvapi.dll [(Verified)NVIDIA Corporation, 6.14.11.9107] C:\WINDOWS\system32\NVRSZHC.DLL [NVIDIA Corporation, 6.14.11.9107] [PID: 3772 / dsag] F:\工具\Rising\AntiSpyware\RSTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.29] F:\工具\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] F:\工具\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] F:\工具\Rising\AntiSpyware\RegCall.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] F:\工具\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.33] F:\工具\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] F:\工具\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] F:\工具\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] F:\工具\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1] F:\工具\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] F:\工具\Rising\AntiSpyware\rsxml1.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2] F:\工具\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5] F:\工具\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.65] F:\工具\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] d:\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] F:\工具\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] [PID: 2284 / dsag] C:\Program Files\Rising\RFW\RsTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.11] C:\Program Files\Rising\RFW\comserv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] C:\Program Files\Rising\RFW\rslang.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] C:\Program Files\Rising\RFW\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] C:\Program Files\Rising\RFW\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] C:\Program Files\Rising\RFW\ProcComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\Program Files\Rising\RFW\rsxml.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\Program Files\Rising\RFW\MonState.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] C:\Program Files\Rising\RFW\rfwrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\Program Files\Rising\RFW\rsconf.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] C:\Program Files\Rising\RFW\rspalvd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] C:\Program Files\Rising\RFW\rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 57] C:\Program Files\Rising\RFW\ravbintl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] C:\Program Files\Rising\RFW\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] C:\Program Files\Rising\RFW\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] C:\Program Files\Rising\RFW\rfwtray.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 39] C:\Program Files\Rising\RFW\ravppops.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 21] C:\Program Files\Rising\RFW\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\Program Files\Rising\RFW\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] C:\Program Files\Rising\RFW\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 4] C:\Program Files\Rising\RFW\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.15] [PID: 3520 / dsag] F:\工具\Rising\AntiSpyware\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14] F:\工具\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11] F:\工具\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] F:\工具\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] [PID: 1316 / SYSTEM] d:\Rising\Rav\RavMonD.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] d:\Rising\Rav\combase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] d:\Rising\Rav\cnt09.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] d:\Rising\Rav\moncomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] d:\Rising\Rav\MonBase.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] d:\Rising\Rav\Rslog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.41] d:\Rising\Rav\mondrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] d:\Rising\Rav\defmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 46] d:\Rising\Rav\moncom08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] d:\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] d:\Rising\Rav\FileMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29] d:\Rising\Rav\MailMon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 22] d:\Rising\Rav\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12] d:\Rising\Rav\rsindent.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 11] d:\Rising\Rav\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6] d:\Rising\Rav\taskplug.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] d:\Rising\Rav\scansrvp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.7] d:\Rising\Rav\cnt08.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] d:\Rising\Rav\proccomm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] d:\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] d:\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.0] d:\Rising\Rav\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37] d:\Rising\Rav\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 3] d:\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] d:\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20] d:\Rising\Rav\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 24, 0, 0, 1] d:\Rising\Rav\BACore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 39] d:\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] d:\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] d:\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] d:\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] d:\Rising\Rav\rsnetsvr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] d:\Rising\Rav\bawhite.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] d:\Rising\Rav\RSStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] d:\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.22] d:\Rising\Rav\ScanAdd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] d:\Rising\Rav\rstask.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] d:\Rising\Rav\rsstub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] d:\Rising\Rav\ScanSrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.3] d:\Rising\Rav\ScanRavT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.4] d:\Rising\Rav\ScanBT.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.21] d:\Rising\Rav\ScanStub.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22.0.0.1] d:\Rising\Rav\scanpe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 10] d:\Rising\Rav\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] d:\Rising\Rav\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] d:\Rising\Rav\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] d:\Rising\Rav\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] d:\Rising\Rav\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 1] d:\Rising\Rav\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] d:\Rising\Rav\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] d:\Rising\Rav\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 80] d:\Rising\Rav\scantj.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] d:\Rising\Rav\methodex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] d:\Rising\Rav\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6] d:\Rising\Rav\heurex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 17] d:\Rising\Rav\pecompd.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] d:\Rising\Rav\extsfx.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] d:\Rising\Rav\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 4] d:\Rising\Rav\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 2] d:\Rising\Rav\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5] d:\Rising\Rav\extarch.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 9] d:\Rising\Rav\extcomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3] [PID: 3616 / dsag] F:\arswp3\ArSwp3.exe [(Verified)Windows 清理助手, 3.1.2.0628] F:\工具\Rising\AntiSpyware\RegCall.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] d:\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 32] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx [(Verified)Adobe Systems, Inc., 10,1,53,64] [PID: 2032 / dsag] C:\Program Files\Internet Explorer\iexplore.exe [(Verified)Microsoft Corporation, 7.00.6000.17055 (vista_gdr.100414-0533)] F:\工具\Rising\AntiSpyware\RegCall.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] f:\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)深圳市迅雷网络技术有限公司, 5,9,23,1488] f:\Thunder Network\Thunder\ComDlls\zlib1.dll [(C) 1995-2004 Jean-loup Gailly & Mark Adler, 1.2.3] f:\Thunder Network\Thunder\ComDlls\MSVCR71.dll [Microsoft Corporation, 7.10.6030.0] f:\Thunder Network\Thunder\ComDlls\libexpat.dll [N/A] f:\Thunder Network\Thunder\ComDlls\MSVCP71.dll [Microsoft Corporation, 7.10.6030.0] f:\Thunder Network\Thunder\ComDlls\ATL71.DLL [Microsoft Corporation, 7.10.6101.0] F:\Thunder Network\Thunder\ComDlls\ThunderAgent5.9.23.1488.dll [(Verified)深圳市迅雷网络技术有限公司, 5,9,23,1488] F:\Thunder Network\Thunder\userdata\Components\ResWorker\DsBho_01.dll [(Verified)深圳市迅雷网络技术有限公司, 1, 0, 0, 33] F:\Thunder Network\Thunder\userdata\Components\ResWorker\DataProcessor_01.dll [(Verified)深圳市迅雷网络技术有限公司, 1, 0, 1, 6] d:\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 32] C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx [(Verified)Adobe Systems, Inc., 10,1,53,64] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 5.0.1.4185] [PID: 2180 / dsag] F:\工具\QQ2009\Bin\QQ.exe [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\Common.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_473666fd\ATL80.DLL [Microsoft Corporation, 8.00.50727.4053] F:\工具\QQ2009\Bin\KernelUtil.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\GF.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\xGraphic32.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\AFUtil.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\Rising\AntiSpyware\RegCall.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] F:\工具\QQ2009\Bin\LoginPanel.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\IM.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\TaskTray.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\AppUtil.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\TXPFProxy.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\BasicCtrlDll.dll [(Verified)TENCENT, 8,0,773,1801] F:\工具\QQ2009\Bin\MainFrame.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\AppFramework.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\SkinMgr.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.PayCenter\Bin\PayCenter.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.QQVipMisc\Bin\QQVipMisc.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.NetBar\Bin\NetBar.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.VAS\Bin\VAS.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.Wireless\Bin\Wireless.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.PaiPaiGift\Bin\PaiPaiGift.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.QQShow\Bin\QQShow.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.Qzone\Bin\Qzone.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.CRM\Bin\CRM.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.AudioVideo\Bin\AudioVideo.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.Soso\Bin\Soso.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.Weather\Bin\Weather.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.Advertisement\Bin\Advertisement.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.Memo\Bin\Memo.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.QQVip\Bin\QQVip.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.MMOG\Bin\MMOG.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.QQGame\Bin\QQGame.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.QQMusic\Bin\QQMusic.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.Mail\Bin\Mail.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.QQShow\Bin\FlashAvatarDll.dll [(Verified)Tencent, 1.50.1720.0] F:\工具\QQ2009\Plugin\Com.Tencent.PaiPai\Bin\PaiPai.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.SNSApp\Bin\SNSApp.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.QQLive\Bin\QQLive.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.WenWen\Bin\WenWen.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.QQPet\Bin\QQPet.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.QBar\Bin\QBar.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.qqwebsite\Bin\qqwebsite.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\Com.Tencent.bookmark\Bin\bookmark.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOPlatform.dll [(Verified)Tencent, 1.2.1.10] C:\Program Files\Common Files\Tencent\TXSSO\Bin\SSOCommon.DLL [(Verified)Tencent, 1.2.1.6] F:\工具\QQ2009\Bin\AFCtrl.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\SystemMsg.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\ConfigCenter.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\ChatFrameApp.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\QInterLive.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\GroupApp.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\AppMisc.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\Contacts.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\InformationBox.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\ContactInfoFrame.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\WINDOWS\system32\msdmo.dll [(Verified)N/A] F:\工具\QQ2009\Bin\WBlog.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\com.tencent.filetransfer\Bin\FileTransfer.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\vqqsdl.dll [(Verified)Tencent, 5, 0, 3, 24] F:\工具\QQ2009\Plugin\com.tencent.today\Bin\Today.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\com.tencent.qqring\Bin\QQRing.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\MsgMgr.dll [(Verified)Tencent, 1, 50, 1720, 0] d:\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 32] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4] F:\工具\QQ2009\Plugin\com.tencent.taotao\Bin\taotao.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\com.tencent.gamelife\Bin\GameLife.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Plugin\com.tencent.sobar\Bin\SoBar.dll [(Verified)Tencent, 1, 50, 1720, 0] C:\WINDOWS\system32\Macromed\Flash\Flash10h.ocx [(Verified)Adobe Systems, Inc., 10,1,53,64] C:\WINDOWS\system32\SOGOUPY.IME [(Verified)Sogou.com Inc., 5.0.1.4185] F:\工具\QQ2009\Bin\LongCnn.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\CustomFace.dll [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\QQ2009\Bin\AddrSearch.dll [(Verified)Tencent, 2, 3, 12, 11] [PID: 3956 / dsag] F:\工具\QQ2009\Bin\TXPlatform.exe [(Verified)Tencent, 1, 50, 1720, 0] F:\工具\Rising\AntiSpyware\RegCall.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 6] F:\工具\QQ2009\Bin\TXPFProxy.dll [(Verified)Tencent, 1, 50, 1720, 0] ================================================================ 文件关联 [.avi] <"C:\Program Files\DivX\DivX Plus Player\DivX Plus Player.exe" "%1"> [Copyright DivX, Inc. 2003-2010, 10, 1, 2, 50] [.wav] <"D:\KuGou\KuGou2008\KuGoo.exe" /Open "%1"> [(Verified)酷狗音乐, 5.3.41.404] [.ram] <"f:\StormII\Storm.exe" /play "%1"> [(Verified)北京暴风网际科技有限公司, 3, 10, 6, 30] [.mod] <"f:\StormII\Storm.exe" /play "%1"> [(Verified)北京暴风网际科技有限公司, 3, 10, 6, 30] ================================================================ Autorun.Inf ================================================================ Winsock提供者 ================================================================ 隐藏进程 ================================================================ 可疑文件 ================================================================ HOSTS 127.0.0.1 aifind.info 127.0.0.1 allsearcher.info 127.0.0.1 ehttp.cc 127.0.0.1 freednshost.info 127.0.0.1 i-lookup.com 127.0.0.1 www.23.la 127.0.0.1 www.joyiex.com 127.0.0.1 www.mj2005.com 127.0.0.1 www.mydj2005.com 127.0.0.1 www.nkvd.us 127.0.0.1 www.xfreehosting.com 127.0.0.1 www.xxx166.com [/CODE]