[CODE] 2008-08-05,18:14:03 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 2 (build 2600) - Administrators ======================================== 注册项 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"D:\迅雷下载\文化\新建文件夹\SogouInput\OlympicNews.exe"> [(Verified)Sogou.com Inc., 3.5.0.0, C:2008-06-20 19:21 M:2008-06-20 19:21] [(Verified)PPStream Inc, 1, 0, 11, 133, C:2008-07-18 14:46 M:2008-07-18 14:46] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"D:\Rising\Rising\Rfw\rfwmain.exe" -Startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-07-21 17:35 M:2008-07-26 14:14] <%systemroot%\system32\dumprep 0 -k> [N/A, C:1601-01-01 08:00 M:1601-01-01 08:00] <"D:\Rising\Thunder\Thunder.exe" /s> [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-07-18 13:07 M:2008-07-11 09:45] <"D:\Rising\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2008-07-19 18:57 M:2008-07-29 20:06] <"D:\Rising\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-07-21 16:14 M:2008-07-26 22:02] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2008-07-08 11:08 M:2008-07-27 16:31] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] [Microsoft Corporation, 1.07 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] [Microsoft Corporation, 1.09 (XPClient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] <%SystemRoot%\system32\webcheck.dll> [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-21 16:14 M:2008-07-31 01:27] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2008-07-01 21:56 M:2007-12-10 14:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2008-07-01 21:56 M:2007-12-10 14:17] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2007-06-19 10:55 M:2007-06-19 10:55] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet] [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] [Intel Corporation, 3,0,0,2104, C:2007-02-14 16:09 M:2003-04-07 08:06] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS] <浏览器自定义组件> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:32 M:2006-04-15 08:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|N/A, C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|N/A, C:2006-07-22 00:36 M:2005-01-28 15:25] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <通讯簿 6><"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:32 M:2006-04-15 08:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4383}] <%SystemRoot%\system32\ie4uinit.exe> [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}] <启动迅雷5> [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-07-18 13:07 M:2008-07-11 09:45] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\BJ Language Monitor] [Microsoft Corporation, 5.1.2600.2082 (xpsp(skatari).040213-0952), C:2004-08-16 16:38 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Local Port] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\PJL Language Monitor] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-16 16:39 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Standard TCP/IP Port] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\USB Monitor] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] ======================================== 启动项 [QQ游戏启动加速程序] "D:\迅雷下载\qq dui\QQGAME\Accel.exe" > [(Verified)深圳市腾讯计算机系统有限公司, 2, 0, 103, 5, C:2008-01-11 09:05 M:2008-01-11 09:05] ======================================== 计划任务 ======================================== 组件 ShellServiceObjectDelayLoad [WebCheck] {E6FB5E20-DE35-11CF-9C87-00AA005127ED} <%SystemRoot%\system32\webcheck.dll> [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [SysTray] {35CEC8A3-2BE6-11D2-8773-92E220524153} [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] ShellExecuteHook [ShlExecHack Class] {32CD708B-60A7-4C00-9377-D73EAA495F0F} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-21 16:14 M:2008-07-31 01:27] Shell Extension [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-21 16:14 M:2008-07-31 01:27] [Windows Media Player Play as Playlist Context Menu Handler] {8DD448E6-C188-4aed-AF92-44956194EB1F} [Microsoft Corporation, 10.00.00.3802, C:2006-04-15 00:00 M:2005-01-28 15:25] [Windows Media Player Burn Audio CD Context Menu Handler] {CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C} [Microsoft Corporation, 10.00.00.3802, C:2006-04-15 00:00 M:2005-01-28 15:25] [Windows Media Player Add to Playlist Context Menu Handler] {F1B9284F-E9DC-4e68-9D7E-42362A59F0FD} [Microsoft Corporation, 10.00.00.3802, C:2006-04-15 00:00 M:2005-01-28 15:25] Protocols [DVD: 可插入协议] {12D51199-0DB5-46FE-A120-47A3D7D937CC} [Microsoft Corporation, 6.05.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft InfoTech Protocols for IE 4.0] {9D148291-B9C8-11D0-A4CC-0000F80149F6} [Microsoft Corporation, 5.2.3790.2453 (srv03_sp1_gdr.050525-1542), C:2006-04-15 00:00 M:2005-05-27 10:05] [TV: 可插入协议] {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} [Microsoft Corporation, 6.05.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [WiaProtocol Class] {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] BrowserHelperObject [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-01 21:56 M:2008-04-07 15:40] [RealPlayer Download and Record Plugin for Internet Explorer] {3049C3E9-B461-4BC5-8870-4C09146192CA} [(Verified)RealPlayer, 1.0.1.57, C:2008-07-19 19:20 M:2008-07-19 19:20] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-01 21:56 M:2008-04-29 14:42] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-07-19 18:57 M:2008-07-25 17:07] ActiveX Extension [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-01 21:56 M:2008-04-07 15:40] [RealPlayer Download and Record Plugin for Internet Explorer] {3049C3E9-B461-4BC5-8870-4C09146192CA} [(Verified)RealPlayer, 1.0.1.57, C:2008-07-19 19:20 M:2008-07-19 19:20] [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-07-01 21:56 M:2008-05-26 11:09] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-01 21:56 M:2008-04-29 14:42] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-07-19 18:57 M:2008-07-25 17:07] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] Context Menu [Offline Files] {750fdf0e-2a26-11d1-a3ea-080036587f03} <%SystemRoot%\System32\cscui.dll> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [PicaView] {68f32140-2ca3-11d0-acc1-444553540000} [ACD Systems, Ltd., 2, 0, 0, 84, C:1980-01-01 00:00 M:2005-10-13 11:01] [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-21 16:14 M:2008-07-31 01:27] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2006-07-27 20:51 M:2006-07-20 16:04] [Sharing] {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] ======================================== 服务 [Alerter / Alerter][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\system32\alrsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Application Management / AppMgmt][Stopped/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\appmgmts.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Windows Audio / AudioSrv][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\audiosrv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Background Intelligent Transfer Service / BITS][Stopped/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\qmgr.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 6.6.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:32 M:2006-04-15 08:00] [Computer Browser / Browser][Stopped/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\browser.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [ClipBook / ClipSrv][Stopped/Disabled] <%SystemRoot%\system32\clipsrv.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [COM+ System Application / COMSysApp][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Cryptographic Services / CryptSvc][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\cryptsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [DCOM Server Process Launcher / DcomLaunch][Running/Auto Start] <%SystemRoot%\system32\svchost -k DcomLaunch --> "%SystemRoot%\system32\rpcss.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] [DHCP Client / Dhcp][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\dhcpcsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] [Logical Disk Manager Administrative Service / dmadmin][Stopped/Manual Start] <%SystemRoot%\System32\dmadmin.exe /com> [Microsoft Corp., Veritas Software, 2600.2180.503.0, C:2006-04-15 00:00 M:2006-04-15 00:00] [Logical Disk Manager / dmserver][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\dmserver.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corp., 2600.2180.503.0, C:2006-04-15 00:00 M:2006-04-15 00:00] [DNS Client / Dnscache][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k NetworkService --> "%SystemRoot%\System32\dnsrslvr.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.3316 (xpsp_sp2_gdr.080219-1316), C:2006-04-15 00:00 M:2008-02-20 13:33] [Error Reporting Service / ERSvc][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\ersvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Event Log / Eventlog][Running/Auto Start] <%SystemRoot%\system32\services.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [COM+ Event System / EventSystem][Running/Manual Start] "C:\WINDOWS\system32\es.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 2001.12.4414.308, C:2006-04-15 00:00 M:2005-07-26 12:39] [Fast User Switching Compatibility / FastUserSwitchingCompatibility][Running/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316), C:2006-04-15 00:00 M:2006-12-20 05:49] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [HTTP SSL / HTTPFilter][Stopped/Manual Start] <%SystemRoot%\System32\svchost.exe -k HTTPFilter --> "%SystemRoot%\System32\w3ssl.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 6.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"> [Macrovision Corporation, 11.00.28844, C:2005-04-04 00:41 M:2005-04-04 00:41] [IMAPI CD-Burning COM Service / ImapiService][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Server / lanmanserver][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\srvsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2577 (xpsp_sp2_gdr.041130-1729), C:2006-04-15 00:00 M:2004-12-08 03:34] [Workstation / lanmanworkstation][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\wkssvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] [TCP/IP NetBIOS Helper / LmHosts][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\lmhsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Messenger / Messenger][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\msgsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Distributed Transaction Coordinator / MSDTC][Stopped/Manual Start] [Microsoft Corporation, 2001.12.4414.258, C:2006-07-22 00:30 M:2006-04-15 08:00] [Windows Installer / MSIServer][Stopped/Manual Start] [Microsoft Corporation, 3.1.4000.1823, C:2006-04-15 00:00 M:2005-05-04 14:45] [Network DDE / NetDDE][Stopped/Disabled] <%SystemRoot%\system32\netdde.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Network DDE DSDM / NetDDEdsdm][Stopped/Disabled] <%SystemRoot%\system32\netdde.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Net Logon / Netlogon][Stopped/Manual Start] <%SystemRoot%\system32\lsass.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Network Connections / Netman][Running/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\netman.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525), C:2006-04-15 00:00 M:2005-08-23 02:35] [Network Location Awareness (NLA) / Nla][Running/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\mswsock.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245), C:2006-04-15 00:00 M:2008-06-21 01:39] [NT LM Security Support Provider / NtLmSsp][Stopped/Manual Start] <%SystemRoot%\system32\lsass.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Removable Storage / NtmsSvc][Stopped/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\ntmssvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2400.2180, C:2006-04-15 00:00 M:2006-04-15 00:00] [Plug and Play / PlugPlay][Running/Auto Start] <%SystemRoot%\system32\services.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [IPSEC Services / PolicyAgent][Running/Auto Start] <%SystemRoot%\system32\lsass.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Protected Storage / ProtectedStorage][Running/Auto Start] <%SystemRoot%\system32\lsass.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Remote Access Auto Connection Manager / RasAuto][Stopped/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\rasauto.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Remote Access Connection Manager / RasMan][Running/Manual Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\rasmans.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2936 (xpsp_sp2_gdr.060621-2347), C:2006-04-15 00:00 M:2006-06-22 18:47] [Remote Desktop Help Session Manager / RDSessMgr][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] [Routing and Remote Access / RemoteAccess][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\mprdim.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [Remote Registry / RemoteRegistry][Stopped/Disabled] <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\system32\regsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Remote Procedure Call (RPC) Locator / RpcLocator][Stopped/Manual Start] <%SystemRoot%\system32\locator.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Remote Procedure Call (RPC) / RpcSs][Running/Auto Start] <%SystemRoot%\system32\svchost -k rpcss --> "%SystemRoot%\system32\rpcss.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] [QoS RSVP / RSVP][Stopped/Manual Start] <%SystemRoot%\system32\rsvp.exe> [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [Security Accounts Manager / SamSs][Running/Auto Start] <%SystemRoot%\system32\lsass.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Smart Card / SCardSvr][Stopped/Manual Start] <%SystemRoot%\System32\SCardSvr.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Task Scheduler / Schedule][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\schedsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:32 M:2006-04-15 08:00] [Secondary Logon / seclogon][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\seclogon.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [System Event Notification / SENS][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\sens.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Windows Firewall/Internet Connection Sharing (ICS) / SharedAccess][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\ipnathlp.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Shell Hardware Detection / ShellHWDetection][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316), C:2006-04-15 00:00 M:2006-12-20 05:49] [Print Spooler / Spooler][Stopped/Disabled] <%SystemRoot%\system32\spoolsv.exe> [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2006-04-15 00:00 M:2005-06-11 07:53] [System Restore Service / srservice][Stopped/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\srsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:32 M:2006-04-15 08:00] [SSDP Discovery Service / SSDPSRV][Running/Manual Start] <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\ssdpsrv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Windows Image Acquisition (WIA) / stisvc][Stopped/Manual Start] <%SystemRoot%\system32\svchost.exe -k imgsvc --> "%SystemRoot%\system32\wiaservc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.3051 (xpsp_sp2_gdr.061219-0316), C:2006-04-15 00:00 M:2006-12-20 02:17] [MS Software Shadow Copy Provider / SwPrv][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Performance Logs and Alerts / SysmonLog][Stopped/Manual Start] <%SystemRoot%\system32\smlogsvc.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Telephony / TapiSrv][Running/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\tapisrv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657), C:2006-04-15 00:00 M:2005-07-09 00:28] [Terminal Services / TermService][Running/Manual Start] <%SystemRoot%\System32\svchost -k DComLaunch --> "%SystemRoot%\System32\termsrv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] [Themes / Themes][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316), C:2006-04-15 00:00 M:2006-12-20 05:49] [Distributed Link Tracking Client / TrkWks][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\trkwks.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Windows User Mode Driver Framework / UMWdf][Stopped/Manual Start] [Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act), C:2005-01-28 01:36 M:2005-01-28 01:36] [Universal Plug and Play Device Host / upnphost][Stopped/Manual Start] <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\upnphost.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.3077 (xpsp_sp2_gdr.070204-2255), C:2006-04-15 00:00 M:2007-02-06 04:19] [Uninterruptible Power Supply / UPS][Stopped/Manual Start] <%SystemRoot%\System32\ups.exe> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [User Privilege Service / usprserv][Stopped/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Windows Time / W32Time][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\w32time.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [WebClient / WebClient][Running/Auto Start] <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\webclnt.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2821 (xpsp_sp2_gdr.060103-1536), C:2006-04-15 00:00 M:2006-01-04 11:35] [Windows Management Instrumentation / winmgmt][Running/Auto Start] <%systemroot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\system32\wbem\WMIsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] [Portable Media Serial Number Service / WmdmPmSN][Stopped/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\MsPMSNSv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 10.0.3790.3802, C:2006-04-15 00:00 M:2005-01-28 08:53] [Windows Management Instrumentation Driver Extensions / Wmi][Stopped/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\advapi32.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [WMI Performance Adapter / WmiApSrv][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] [Security Center / wscsvc][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SYSTEMROOT%\system32\wscsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Automatic Updates / wuauserv][Stopped/Disabled] <%systemroot%\system32\svchost.exe -k netsvcs --> "C:\WINDOWS\system32\wuauserv.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.4.3790.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:32 M:2006-04-15 08:00] [Wireless Zero Configuration / WZCSVC][Running/Auto Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\wzcsvc.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-16 16:39 M:2006-04-15 00:00] [Network Provisioning Service / xmlprov][Stopped/Manual Start] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\xmlprov.dll"> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00|Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Rising Proxy Service / RfwProxySrv][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-07-21 17:35 M:2008-07-30 20:43] [Rising Personal Firewall Service / RfwService][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2008-07-21 17:35 M:2008-07-26 14:14] [Rising Process Communication Center / RsCCenter][Running/Auto Start] <"D:\Rising\Rising\Rav\CCenter.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-07-21 16:14 M:2008-07-31 01:27] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"D:\RISING\RISING\RAV\Ravmond.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-07-21 16:14 M:2008-07-31 01:27] ======================================== 驱动 [Microsoft ACPI Driver / ACPI][Running/Boot Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2004-08-16 16:22] [Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Manual Start] [Microsoft Corporation, 5.1.2601.2078, C:2007-02-14 16:03 M:2004-08-03 22:39] [Service for WDM 3D Audio Driver / ALCXSENS][Running/Manual Start] [Sensaura, 5.10.00.3513, C:2007-02-14 16:10 M:2004-02-24 11:08] [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] [Realtek Semiconductor Corp., 5.10.5510, C:2007-02-14 16:09 M:2004-02-27 00:50] [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start] [Advanced Micro Devices, 1.1.0 (srv03_sp1_rtm.050324-1447), C:2005-08-12 09:09 M:2005-05-21 20:43] [RAS Asynchronous Media Driver / AsyncMac][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [标准 IDE/ESDI 硬盘控制器 / atapi][Running/Boot Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [ATM ARP Client Protocol / Atmarpc][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [音频存根驱动程序 / audstub][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2006-07-22 00:28 M:2001-08-17 13:59] [CD-ROM Driver / Cdrom][Running/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [磁盘驱动器 / Disk][Running/Boot Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [dmboot / dmboot][Stopped/Disabled] [Microsoft Corp., Veritas Software, 2600.2180.503.0, C:2006-04-15 00:00 M:2006-04-15 00:00] [Logical Disk Manager Driver / dmio][Running/Boot Start] [Microsoft Corp., Veritas Software, 2600.2180.503.0, C:2006-04-15 00:00 M:2006-04-15 00:00] [dmload / dmload][Running/Boot Start] [Microsoft Corp., Veritas Software., 2600.0.503.0, C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft Kernel DLS Syntheiszer / DMusic][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-02-14 16:03 M:2004-08-03 23:07] [Microsoft Kernel DRM Audio Descrambler / drmkaud][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-02-14 16:03 M:2004-08-03 23:07] [EagleNT / EagleNT][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\EagleNT.sys> [] [Floppy Disk Controller Driver / Fdc][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [FltMgr / FltMgr][Running/Boot Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:32 M:2006-04-15 08:00] [FsVga / FsVga][Stopped/System Start] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2001-08-31 15:43 M:2006-04-15 00:00] [Volume Manager Driver / Ftdisk][Running/Boot Start] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [Game Port Enumerator / gameenum][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-02-14 16:02 M:2004-08-03 23:08] [Generic Packet Classifier / Gpc][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft HID Class Driver / hidusb][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2006-04-15 00:00 M:2005-06-16 08:58] [HOOKAPI / HOOKAPI][Stopped/Auto Start] <\??\D:\迅雷下载\RISING\RAV\HOOKAPI.SYS> [] [HTTP / HTTP][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2869 (xpsp_sp2_gdr.060316-1512), C:2006-04-15 00:00 M:2006-03-17 08:33] [i8042 键盘和 PS/2 鼠标端口驱动程序 / i8042prt][Running/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [ialm / ialm][Running/Manual Start] [Intel Corporation, 6.13.10.3510, C:2007-02-14 16:09 M:2003-04-15 10:39] [IGALIVE / IGALIVE][Running/Auto Start] <\??\C:\Program Files\IGALIVE\IGALIVE.sys> [N/A, C:2007-07-10 11:16 M:2008-07-23 09:53] [CD 烧制筛选驱动器 / Imapi][Stopped/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [IntelIde / IntelIde][Running/Boot Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-02-14 16:03 M:2004-08-16 16:29] [Intel Processor Driver / intelppm][Running/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [IPv6 Windows Firewall Driver / Ip6Fw][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [IP Traffic Filter Driver / IpFilterDriver][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [IP in IP Tunnel Driver / IpInIp][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [IP Network Address Translator / IpNat][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2524 (xpsp_sp2_gdr.040919-1056), C:2006-04-15 00:00 M:2004-09-30 06:28] [IPSEC driver / IPSec][Running/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [PnP ISA/EISA Bus Driver / isapnp][Running/Boot Start] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [Keyboard Class Driver / Kbdclass][Running/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Keyboard HID Driver / kbdhid][Stopped/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-06-29 18:14 M:2005-06-16 08:58] [Microsoft Kernel Wave Audio Mixer / kmixer][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-02-14 16:03 M:2004-08-03 23:07] [kmsinput / kmsinput][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\kmsinput.sys> [N/A, C:2007-05-08 13:45 M:2006-03-07 11:00] [Mouse Class Driver / Mouclass][Running/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-16 16:23 M:2006-04-15 00:00] [Mouse HID Driver / mouhid][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2001-08-31 15:31 M:2005-06-16 08:58] [MRXSMB / MRxSmb][Running/System Start] [Microsoft Corporation, 5.1.2600.2902 (xpsp_sp2_gdr.060505-0036), C:2006-04-15 00:00 M:2006-05-05 17:41] [Microsoft Streaming Service Proxy / MSKSSRV][Stopped/Manual Start] [Microsoft Corporation, 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-02-14 16:03 M:2004-08-03 22:58] [Microsoft Streaming Clock Proxy / MSPCLOCK][Stopped/Manual Start] [Microsoft Corporation, 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-02-14 16:03 M:2004-08-03 22:58] [Microsoft Streaming Quality Manager Proxy / MSPQM][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-02-14 16:03 M:2004-08-03 22:58] [Microsoft System Management BIOS Driver / mssmbios][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-03 23:07 M:2006-04-15 00:00] [Microsoft MPU-401 MIDI UART Driver / ms_mpu401][Running/Manual Start] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2007-02-14 16:02 M:2001-08-17 14:00] [Remote Access NDIS TAPI Driver / NdisTapi][Running/Manual Start] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [NDIS 用户模式 I/O 协议 / Ndisuio][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-03 23:03 M:2006-04-15 00:00] [Remote Access NDIS WAN Driver / NdisWan][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [NetBIOS Interface / NetBIOS][Running/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [NetBios over Tcpip / NetBT][Running/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [npkcrypt / npkcrypt][Running/Auto Start] <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys> [INCA Internet Co., Ltd., 2005. 11. 1. 1, C:2007-02-02 19:04 M:2007-02-02 19:04] [npkycryp / npkycryp][Stopped/Manual Start] <\??\C:\Program Files\Tencent\QQ\npkycryp.sys> [] [IPX Traffic Filter Driver / NwlnkFlt][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [IPX Traffic Forwarder Driver / NwlnkFwd][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [Parallel port driver / Parport][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-16 16:22 M:2006-04-15 00:00] [PCI Bus Driver / PCI][Running/Boot Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [WAN Miniport (PPTP) / PptpMiniport][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [处理器驱动程序 / Processor][Stopped/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-16 16:24 M:2006-04-15 00:00] [QoS Packet Scheduler / PSched][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [QKeyServiceDisplay / QKeyService][Running/Boot Start] [ Tencent Technology (Shenzhen) Company Limited, 1, 0, 0, 6, C:2007-08-16 17:46 M:2007-10-14 20:07] [Remote Access Auto Connection Driver / RasAcd][Running/System Start] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [WAN Miniport (L2TP) / Rasl2tp][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [远程访问 PPPOE 驱动程序 / RasPppoe][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Direct Parallel / Raspti][Running/Manual Start] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [Rdbss / Rdbss][Running/System Start] [Microsoft Corporation, 5.1.2600.2902 (xpsp_sp2_gdr.060505-0036), C:2006-04-15 00:00 M:2006-05-05 17:47] [RDPCDD / RDPCDD][Running/System Start] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [Terminal Server Device Redirector Driver / rdpdr][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2004-08-03 23:01] [Digital CD Audio Playback Filter Driver / redbook][Running/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:27 M:2004-08-16 16:26] [RsAntiSpyware / RsAntiSpyware][Running/Boot Start] [Beijing Rising Technology Co., Ltd., 3, 0, 0, 28, C:2008-07-08 11:08 M:2008-07-08 11:08] [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Running/Manual Start] [Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK, C:2006-07-22 00:56 M:2004-08-03 22:31] [Serenum Filter Driver / serenum][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Serial port driver / Serial][Running/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Serial Mouse Driver / sermouse][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2006-07-30 03:05 M:2005-06-16 08:58] [Microsoft Kernel Audio Splitter / splitter][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-02-14 16:03 M:2004-08-03 23:07] [Software Bus Driver / swenum][Running/Manual Start] [Microsoft Corporation, 5.3.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-03 22:58 M:2006-04-15 00:00] [Microsoft Kernel GS Wavetable Synthesizer / swmidi][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2007-02-14 16:03 M:2001-08-17 14:00] [SXCH / SXCH][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\SXCH.ahc> [N/A, C:2008-08-03 14:36 M:2008-08-05 11:42] [Microsoft Kernel System Audio Device / sysaudio][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-02-14 16:03 M:2004-08-03 23:15] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245), C:1980-01-01 00:00 M:2008-06-20 18:45] [Terminal Device Driver / TermDD][Running/System Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2004-08-16 16:39] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [TENCENT, 0, 0, 6, 5, C:2008-08-03 10:12 M:2008-08-05 18:11] [TQAT_Hooker By FZH / TQAT][Stopped/Manual Start] <\??\E:\5\TQAT\tqat.sys> [] [Microcode Update Driver / Update][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft USB Generic Parent Driver / usbccgp][Stopped/Manual Start] <\SystemRoot\system32\drivers\usbccgp.sys> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-06-29 18:14 M:2005-06-16 08:58] [Microsoft USB 2.0 Enhanced Host Controller Miniport Driver / usbehci][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2005-06-16 08:58] [USB2 Enabled Hub / usbhub][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2004-08-03 23:08] [Microsoft USB Open Host Controller Miniport Driver / usbohci][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2005-06-16 08:58] [USB 大容量存储设备 / USBSTOR][Stopped/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-06-29 18:14 M:2005-06-16 08:58] [Microsoft USB Universal Host Controller Miniport Driver / USBUHCI][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2005-08-12 10:45 M:2004-08-03 23:08] [VgaSave / VgaSave][Running/System Start] <\SystemRoot\System32\drivers\vga.sys> [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Remote Access IP ARP Driver / Wanarp][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [Microsoft WINMM WDM Audio Compatibility Driver / wdmaud][Running/Manual Start] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2007-02-14 16:03 M:2004-08-03 23:15] [XPROTECTOR / XPROTECTOR][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\Xprotector.sys> [N/A, C:2006-07-27 21:02 M:2006-07-27 21:02] [Intel(R) Graphics Platform (SoftBIOS) Driver / {6080A529-897E-4629-A488-ABA0C29B635E}][Running/Manual Start] [Intel Corporation, 6.13.10.3510, C:2007-02-14 16:09 M:2003-04-15 10:40] [Intel(R) Graphics Chipset (KCH) Driver / {D31A0762-0CEB-444e-ACFF-B049A1F6FE91}][Running/Manual Start] [Intel Corporation, 6.13.10.3510, C:2007-02-14 16:09 M:2003-04-15 10:40] [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2008-07-21 16:14 M:2008-07-31 01:27] [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 50, C:2008-07-21 16:14 M:2008-07-31 01:27] [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 28, C:2008-07-21 16:14 M:2008-07-31 01:27] [HookSys / HookSys][Running/System Start] <\SystemRoot\system32\drivers\HookSys.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 54, C:2008-07-21 16:14 M:2008-07-31 01:27] [HookUrl / HookUrl][Running/Auto Start] <\??\D:\Rising\Rising\Rfw\HookUrl.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-07-21 17:35 M:2008-07-30 20:43] [Rising Rfwbase Driver / RfwBase][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.10, C:2008-07-21 17:35 M:2008-07-30 20:43] [RsFwDrv / RsFwDrv][Running/System Start] <\??\D:\Rising\Rising\Rfw\RsFwDrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.34, C:2008-07-21 17:35 M:2008-07-30 20:43] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-07-21 16:14 M:2008-07-31 01:27] [Secdrv / Secdrv][Running/Auto Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2006-04-15 00:00 M:2007-11-13 18:25] [TQANTISYS / TQANTISYS][Running/Auto Start] <\??\C:\WINDOWS\system32\drivers\TQANTISYS.SYS> [(Verified)天晴数码娱乐公司, 1, 0, 0, 1, C:2008-07-13 22:13 M:2008-07-22 20:24] ======================================== 进程 [PID: 420 / SYSTEM] \SystemRoot\System32\smss.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [PID: 488 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CSRSRV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\basesrv.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\imm32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] [PID: 512 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\AUTHZ.dll [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), C:2006-04-15 00:00 M:2005-03-03 02:10] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NDdeApi.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\PROFMAP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\REGAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSGINA.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\COMCTL32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\ODBC32.dll [Microsoft Corporation, 3.525.1117.0 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\odbcint.dll [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\sfc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\Apphelp.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINSCARD.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\cscdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WlNotify.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\cscui.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\wdmaud.drv [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-16 16:39 M:2006-04-15 00:00] C:\WINDOWS\system32\msacm32.drv [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\midimap.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4414.258, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] [PID: 556 / SYSTEM] C:\WINDOWS\system32\services.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SCESRV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\AUTHZ.dll [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), C:2006-04-15 00:00 M:2005-03-03 02:10] C:\WINDOWS\system32\umpnpmgr.dll [Microsoft Corporation, 5.1.2600.2744 (xpsp_sp2_gdr.050822-1647), C:2006-04-15 00:00 M:2005-08-23 11:39] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] C:\WINDOWS\system32\NCObjAPI.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSVCP60.dll [Microsoft Corporation, 6.02.3104.0, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ShimEng.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\Apphelp.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\eventlog.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\wtsapi32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] [PID: 568 / SYSTEM] C:\WINDOWS\system32\lsass.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] C:\WINDOWS\system32\NTDSAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SAMSRV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\cryptdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ShimEng.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\msprivs.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\kerberos.dll [Microsoft Corporation, 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522), C:2006-04-15 00:00 M:2005-06-16 01:50] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] C:\WINDOWS\system32\netlogon.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\w32time.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSVCP60.dll [Microsoft Corporation, 6.02.3104.0, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\wdigest.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\scecli.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\ipsecsvc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\AUTHZ.dll [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), C:2006-04-15 00:00 M:2005-03-03 02:10] C:\WINDOWS\system32\oakley.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINIPSEC.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\pstorsvc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\psbase.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\dssenh.dll [Microsoft Corporation, 5.1.2600.2133 (xpsp.040514-1639), C:2006-04-15 00:00 M:2006-04-15 00:00] [PID: 712 / SYSTEM] C:\WINDOWS\system32\svchost.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ShimEng.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\rpcss.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] c:\windows\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4414.258, C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\termsrv.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] c:\windows\system32\ICAAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] c:\windows\system32\SETUPAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\AUTHZ.dll [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), C:2006-04-15 00:00 M:2005-03-03 02:10] c:\windows\system32\mstlsapi.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\ACTIVEDS.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\adsldpc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] c:\windows\system32\ATL.DLL [Microsoft Corporation, 3.05.2284, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\REGAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629), C:2006-04-15 00:00 M:2006-04-15 00:00] [PID: 780 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ShimEng.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] c:\windows\system32\rpcss.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] c:\windows\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4414.258, C:2006-04-15 00:00 M:2006-04-15 00:00] [PID: 848 / SYSTEM] D:\Rising\Rising\Rav\CCenter.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] [PID: 864 / SYSTEM] C:\WINDOWS\System32\svchost.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\ShimEng.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\MSACM32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\System32\NTMARTA.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\SAMLIB.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\xpsp2res.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\WINSTA.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] c:\windows\system32\dhcpcsvc.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] c:\windows\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] C:\WINDOWS\System32\hnetcfg.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\rsaenh.dll [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\wzcsvc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-16 16:39 M:2006-04-15 00:00] c:\windows\system32\rtutils.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\WMI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\WTSAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\ESENT.dll [Microsoft Corporation, 5.1.2468.0 (Lab03_N(jliem).010306-1456), C:2006-04-15 00:00 M:2005-10-21 06:26] c:\windows\system32\ATL.DLL [Microsoft Corporation, 3.05.2284, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\rastls.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\MPRAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\ACTIVEDS.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\adsldpc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\SETUPAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\RASAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\rasman.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\TAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\WinSCard.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\System32\raschap.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\System32\COMRes.dll [Microsoft Corporation, 2001.12.4414.258, C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\audiosrv.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\wkssvc.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] c:\windows\system32\NTDSAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\cryptsvc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\certcli.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\netman.dll [Microsoft Corporation, 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525), C:2006-04-15 00:00 M:2005-08-23 02:35] c:\windows\system32\netshell.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\credui.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\WZCSAPI.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-16 16:39 M:2006-04-15 00:00] c:\windows\system32\es.dll [Microsoft Corporation, 2001.12.4414.308, C:2006-04-15 00:00 M:2005-07-26 12:39] c:\windows\system32\dmserver.dll [Microsoft Corp., 2600.2180.503.0, C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\seclogon.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\wbem\wmisvc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] c:\windows\system32\trkwks.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\POWRPROF.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\sens.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\ipnathlp.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\AUTHZ.dll [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), C:2006-04-15 00:00 M:2005-03-03 02:10] C:\WINDOWS\system32\comsvcs.dll [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\system32\colbact.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\system32\MTXCLU.DLL [Microsoft Corporation, 2001.12.4414.311, C:2006-04-15 00:00 M:2006-03-02 03:43] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\CLUSAPI.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\RESUTILS.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\Wbem\wbemcore.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] C:\WINDOWS\System32\MSVCP60.dll [Microsoft Corporation, 6.02.3104.0, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\Wbem\esscli.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] C:\WINDOWS\System32\Wbem\wbemcomn.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] C:\WINDOWS\System32\Wbem\FastProx.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] c:\windows\system32\tapisrv.dll [Microsoft Corporation, 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657), C:2006-04-15 00:00 M:2005-07-09 00:28] c:\windows\system32\PSAPI.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\upnp.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINHTTP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\rasmans.dll [Microsoft Corporation, 5.1.2600.2936 (xpsp_sp2_gdr.060621-2347), C:2006-04-15 00:00 M:2006-06-22 18:47] c:\windows\system32\WINIPSEC.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\netcfgx.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\wbem\wmiutils.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] C:\WINDOWS\system32\wbem\repdrvfs.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] C:\WINDOWS\System32\rastapi.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\unimdm.tsp [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\uniplat.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\wbem\wmiprvsd.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] C:\WINDOWS\system32\NCObjAPI.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\kmddsp.tsp [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\ndptsp.tsp [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\ipconf.tsp [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\wbem\wbemess.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] C:\WINDOWS\System32\h323.tsp [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\hidphone.tsp [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\HID.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-16 16:38 M:2006-04-15 00:00] C:\WINDOWS\System32\rasppp.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\ntlsapi.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\kerberos.dll [Microsoft Corporation, 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522), C:2006-04-15 00:00 M:2005-06-16 01:50] C:\WINDOWS\System32\cryptdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\RASDLG.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\wbem\ncprov.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:30 M:2006-04-15 08:00] [PID: 912 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ShimEng.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] c:\windows\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [PID: 992 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ShimEng.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\lmhsvc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] c:\windows\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] c:\windows\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] c:\windows\system32\webclnt.dll [Microsoft Corporation, 5.1.2600.2821 (xpsp_sp2_gdr.060103-1536), C:2006-04-15 00:00 M:2006-01-04 11:35] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\wsock32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4414.258, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [PID: 1108 / SYSTEM] D:\RISING\RISING\RAV\ravmond.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\RISING\RISING\RAV\BWList.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-07-21 16:14 M:2008-07-21 16:13] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2008-07-19 19:19] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-07-18 13:08 M:2008-07-19 19:19] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] D:\RISING\RISING\RAV\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-07-21 16:14 M:2008-07-26 22:02] D:\RISING\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\RISING\RISING\RAV\HookReg.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\HookNtos.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\rswalmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 40, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 16, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\sfc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rav\RsStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\fakescan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\RISING\RISING\RAV\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\RISING\RISING\RAV\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4414.258, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\RISING\RISING\RAV\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 84, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\Wtsapi32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] D:\RISING\RISING\RAV\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-07-21 16:14 M:2008-07-31 01:27] [PID: 1120 / SYSTEM] D:\Rising\Rising\Rfw\rfwsrv.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-07-21 16:14 M:2008-07-21 16:13] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2008-07-19 19:19] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-07-18 13:08 M:2008-07-19 19:19] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] D:\Rising\Rising\Rfw\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 17:35 M:2008-07-30 20:43] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\RfwRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.16, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.48, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\psapi.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_ctrl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.0, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\unvdet.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.8, C:2008-07-21 17:35 M:2008-07-30 20:43] C:\WINDOWS\system32\sfc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\sfc_os.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\netapi32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] C:\WINDOWS\system32\Iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] D:\Rising\Rising\Rfw\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-07-21 17:35 M:2008-07-30 20:43] C:\WINDOWS\system32\perfproc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4414.258, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [PID: 1152 / SYSTEM] D:\Rising\Rising\Rfw\rfwProxy.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-07-21 17:35 M:2008-07-30 20:43] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-07-21 16:14 M:2008-07-21 16:13] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2008-07-19 19:19] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\psapi.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 17:35 M:2008-07-30 20:43] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\RfwRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-07-21 17:35 M:2008-07-30 20:43] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\version.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\MonMid.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-07-21 17:35 M:2008-07-30 20:43] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\perfproc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [PID: 1400 / SYSTEM] D:\Rising\Rising\Rfw\rfwstub.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-07-21 17:35 M:2008-07-30 20:43] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-07-18 13:08 M:2008-07-19 19:19] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2008-07-19 19:19] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-21 17:35 M:2008-07-30 20:43] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] [PID: 1484 / Administrator] C:\WINDOWS\Explorer.EXE [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\ShimEng.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\appHelp.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4414.258, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\cscui.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\CSCDLL.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\themeui.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSIMG32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\actxprxy.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msutb.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520), C:2006-04-15 00:00 M:2005-09-01 09:45] C:\WINDOWS\system32\ntshrui.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\webcheck.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\stobject.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\BatMeter.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\POWRPROF.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\wdmaud.drv [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-16 16:39 M:2006-04-15 00:00] C:\WINDOWS\system32\msacm32.drv [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\midimap.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETSHELL.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\credui.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\msi.dll [Microsoft Corporation, 3.1.4000.2435, C:2006-04-15 00:00 M:2005-05-04 14:45] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\drprov.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\ntlanman.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\NETUI0.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\NETUI1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\NETRAP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\SAMLIB.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\davclnt.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WZCSAPI.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-16 16:39 M:2006-04-15 00:00] C:\WINDOWS\system32\RASDLG.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MPRAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ACTIVEDS.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\adsldpc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\RASAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\igfxpph.dll [Intel Corporation, 3,0,0,2104, C:2007-02-14 16:09 M:2003-04-07 08:18] C:\WINDOWS\system32\hccutils.DLL [Intel Corporation, 3,0,0,2104, C:2007-02-14 16:09 M:2003-04-07 08:05] C:\WINDOWS\system32\igfxres.dll [Intel Corporation, 3,0,0,2104, C:2007-02-14 16:11 M:2003-04-07 08:20] C:\WINDOWS\system32\igfxsrvc.dll [Intel Corporation, 3,0,0,2104, C:2007-02-14 16:09 M:2003-04-07 08:06] C:\WINDOWS\system32\igfxdev.dll [Intel Corporation, 3,0,0,2104, C:2007-02-14 16:09 M:2003-04-07 08:04] C:\WINDOWS\system32\winspool.drv [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\dsquery.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\dsuiext.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NTDSAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\browselc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2006-07-25 02:25] D:\Rising\Thunder\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-01 21:56 M:2008-04-07 15:40] D:\Rising\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-01 21:56 M:2008-04-29 14:42] C:\WINDOWS\system32\OLEACC.dll [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSVCP60.dll [Microsoft Corporation, 6.02.3104.0, C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\Components\ResWorker\DsBho_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2008-07-18 13:07 M:2008-07-12 09:53] D:\Rising\Thunder\Components\ResWorker\DataProcessor_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-07-18 13:07 M:2008-07-12 09:53] C:\WINDOWS\system32\MSGINA.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ODBC32.dll [Microsoft Corporation, 3.525.1117.0 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\odbcint.dll [Microsoft Corporation, 3.525.1117.0 built by: (_sqlbld), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MLANG.dll [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030), C:2006-04-15 00:00 M:2004-10-16 04:54] [PID: 1760 / SYSTEM] D:\RISING\RISING\RAV\RavStub.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\COMCTL32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\RISING\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\RISING\RISING\RAV\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] [PID: 1900 / Administrator] D:\Rising\Rising\Rfw\RfwMain.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-07-21 16:14 M:2008-07-21 16:13] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2008-07-19 19:19] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-07-18 13:08 M:2008-07-19 19:19] D:\Rising\Rising\Rfw\RsGuiLib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-07-21 17:35 M:2008-07-30 20:44] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\RfwCtrl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-07-21 17:35 M:2008-07-30 20:43] D:\Rising\Rising\Rfw\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-21 17:35 M:2008-07-30 20:44] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\RfwRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-07-21 17:35 M:2008-07-30 20:43] C:\WINDOWS\system32\wintrust.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\perfproc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\netapi32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] C:\WINDOWS\system32\cryptnet.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINHTTP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SensApi.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [PID: 112 / Administrator] D:\Rising\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2008-07-19 18:57 M:2008-07-29 20:06] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\X86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-07-19 18:57 M:2008-08-02 16:15] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] D:\Rising\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-07-08 11:08 M:2008-07-26 14:25] D:\Rising\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-07-08 11:08 M:2008-07-19 18:57] D:\Rising\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-07-08 11:08 M:2008-07-19 18:57] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-07-19 18:57 M:2008-07-26 14:24] D:\Rising\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-07-19 18:57 M:2008-07-26 14:25] D:\Rising\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-07-19 18:57 M:2008-07-26 14:25] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-07-19 18:57 M:2008-07-26 14:24] C:\WINDOWS\system32\Wtsapi32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] D:\Rising\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-19 18:57 M:2008-07-26 14:25] D:\Rising\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.32, C:2008-07-19 18:57 M:2008-08-02 16:15] D:\Rising\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\wsock32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\RASAPI32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\appHelp.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4414.258, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-07-21 16:14 M:2008-07-31 01:27] [PID: 128 / Administrator] D:\Rising\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-07-21 16:14 M:2008-07-26 22:02] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\COMCTL32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] D:\Rising\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rav\RSAPPMGR.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] [PID: 160 / Administrator] D:\迅雷下载\文化\新建文件夹\SogouInput\OlympicNews.exe [(Verified)Sogou.com Inc., 3.5.0.0, C:2008-06-20 19:21 M:2008-06-20 19:21] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\IMM32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\COMCTL32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\MSIMG32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\NTMARTA.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SAMLIB.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\wsock32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\RASAPI32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] C:\WINDOWS\system32\sensapi.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] [PID: 172 / Administrator] D:\PPStream\ppsap.exe [(Verified)PPStream Inc, 1, 0, 11, 133, C:2008-07-18 14:46 M:2008-07-18 14:46] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\COMCTL32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\PPStream\1.0.11.138\vodnet.dll [(Verified)PPStream Inc., 1, 0, 11, 138, C:2008-08-03 15:22 M:2008-08-03 15:22] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\PPStream\1.0.11.138\vodres.dll [(Verified)PPStream Inc., 1, 0, 11, 138, C:2008-08-03 15:21 M:2008-08-03 15:21] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\shfolder.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\PPStream\1.0.11.138\ppssg.dll [(Verified)PPStream Inc., 1, 0, 11, 138, C:2008-08-03 15:20 M:2008-08-03 15:20] D:\PPStream\1.1.0.2599\fds.dll [(Verified)PPStream Inc., 1, 0, 0, 82, C:2008-08-03 15:23 M:2008-08-03 15:23] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\netapi32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] C:\WINDOWS\system32\RASAPI32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\sensapi.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [PID: 144 / Administrator] D:\Rising\Rising\Rav\Ravmon.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.24, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-07-21 16:14 M:2008-07-21 16:13] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-10-05 15:39 M:2008-07-19 19:19] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-07-18 13:08 M:2008-07-19 19:19] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 40, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-07-21 16:14 M:2008-07-31 01:27] D:\Rising\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-21 16:14 M:2008-07-26 22:02] C:\WINDOWS\system32\wtsapi32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rav\Rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-07-21 16:14 M:2008-07-26 22:02] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\perfproc.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Rising\Rav\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-07-21 16:14 M:2008-07-31 01:27] [PID: 3936 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\ATL.DLL [Microsoft Corporation, 3.05.2284, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\System32\WSOCK32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\ShimEng.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\AppPatch\AcGenral.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\MSACM32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\comctl32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\System32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\System32\COMRes.dll [Microsoft Corporation, 2001.12.4414.258, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\xpsp2res.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [PID: 1084 / Administrator] D:\Rising\Thunder\Program\Thunder5.exe [Thunder Networking Technologies,LTD, 5.8.3.545, C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\Program\BugReport.dll [Thunder Networking Technologies,LTD, 1, 4, 1, 20, C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSVCRT.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\MFC42.DLL [Microsoft Corporation, 6.02.4131.0, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\COMCTL32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\MSVCP60.dll [Microsoft Corporation, 6.02.3104.0, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMAGEHLP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] C:\WINDOWS\system32\MFC42LOC.DLL [Microsoft Corporation, 6.00.8665.0, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\RICHED32.DLL [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\RICHED20.dll [Microsoft Corporation, 5.30.23.1221, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] D:\Rising\Thunder\Program\TaskManager.dll [Thunder Networking Technologies,LTD, 1, 3, 8, 68, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\download_interface.dll [Thunder Networking Technologies,LTD, 3, 1, 2, 318, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-07-01 21:56 M:2008-06-27 15:51] D:\Rising\Thunder\Program\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-07-01 21:56 M:2008-06-27 15:51] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4414.258, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\mlang.dll [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030), C:2006-04-15 00:00 M:2004-10-16 04:54] D:\Rising\Thunder\Program\asyn_frame.dll [Thunder Networking Technologies,LTD, 1, 1, 2, 21, C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] D:\Rising\Thunder\Program\ATL71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\Program\fs.dll [Thunder Networking Technologies,LTD, 1, 1, 2, 10, C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\Program\XLNet.Dll [Thunder Networking Technologies,LTD, 1, 5, 2, 25, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\ptl.dll [Thunder Networking Technologies,LTD, 3, 1, 2, 24, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\backend_agent.dll [Thunder Networking Technologies,LTD, 1, 1, 2, 20, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\xl_stat.dll [Thunder Networking Technologies,LTD, 1, 1, 2, 3, C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\RASAPI32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\Program\iTargetAD.dll [Thunder Networking Technologies,LTD, 1, 0, 4, 35, C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\OLEPRO32.DLL [Microsoft Corporation, 5.1.2600.2180, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\asycfilt.dll [Microsoft Corporation, 5.1.2600.2180, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msimg32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\Program\BHOStub.dll [Thunder Networking Technologies,LTD, 1, 1, 1, 10, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\DownAndPlay\DownAndPlay.dll [Copyright 2007, 1, 0, 12, 30, C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\wsock32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] D:\Rising\Thunder\Program\p2p_network_com.dll [版权所有 (C) 2008, 1, 0, 2, 25, C:2008-07-18 13:07 M:2008-07-12 09:53] C:\WINDOWS\system32\rsaenh.dll [Microsoft Corporation, 5.1.2600.2161 (xpsp.040706-1629), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\wdmaud.drv [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-16 16:39 M:2006-04-15 00:00] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msacm32.drv [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSACM32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\midimap.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\Components\InMedia\iEmbedShell.dll [ , 1, 0, 2, 25, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\InMedia\iEmbed17.dll [Thunder Networking Technologies,LTD, 3, 4, 8, 107, C:2008-07-01 21:56 M:2008-06-27 15:51] D:\Rising\Thunder\Components\InMedia\PlayerHelper.dll [thunder, 1, 2, 7, 61, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\InMedia\XLIPC.DLL [Thunder Networking Technologies,LTD, 1, 0, 0, 2, C:2008-07-01 21:56 M:2008-06-27 15:51] D:\Rising\Thunder\Components\P4PClient\P4PClient.dll [Thunder Networking Technologies,LTD, 2, 2, 5, 70, C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\shdoclc.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\xpsp2res.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msls31.dll [Microsoft Corporation, 3.10.349.0, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msimtf.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSCTF.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\Components\Community\XLCommunity.dll [Thunder Networking Technologies,LTD, 2, 4, 0, 77, C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\dbghelp.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\Program\RegisterDll.dll [Thunder Networking Technologies,LTD, 2, 17, 0, 67, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\MSVCIRT.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\appHelp.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\Program\p2p_upload.dll [Thunder Networking Technologies,LTD, 1, 1, 2, 8, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\p2p.dll [Thunder Networking Technologies,LTD, 1,1,2,24, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\xldc.dll [Thunder Networking Technologies,LTD, 3, 6, 2, 15, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\stream.dll [Thunder Networking Technologies,LTD, 2, 1, 2, 382, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\p2sp.dll [Thunder Networking Technologies,LTD, 1, 1, 2, 25, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\down_dispatcher.dll [Thunder Networking Technologies,LTD, 1, 0, 2, 17, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\p2p_local_res.dll [Thunder Networking Technologies,LTD, 1,1,2,12, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\al.dll [Thunder Networking Technologies,LTD, 1,1,2,15, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\imdt.dll [TODO: , 1.1.2.5, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\Security\ThunderSafe.dll [深圳市迅雷网络技术有限公司, 2, 1, 1, 93, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\Security\ConfigManager.dll [深圳市迅雷网络技术有限公司, 1, 0, 0, 1, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\Security\SafeManager.dll [深圳市迅雷网络技术有限公司, 1, 0, 4, 16, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Plugins\XLSafeHost\XLSafeHost.dll [深圳市迅雷网络技术有限公司, 1, 2, 1, 74, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\plugins\xlsafehost\Guard.dll [深圳市迅雷网络技术有限公司, 1, 0, 0, 4, C:2008-07-18 13:07 M:2008-07-12 09:53] D:\Rising\Thunder\Plugins\XLSafeHost\ThunderRAV\ThunderRAV.dll [N/A, C:2007-09-19 12:26 M:2007-09-19 12:26] D:\Rising\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\rsscan.dll [Beijing Rising Technology Co., Ltd., 20, 0, 0, 4, C:2008-04-02 14:42 M:2008-04-02 14:42] D:\Rising\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 40, C:2007-08-23 13:27 M:2008-07-31 01:27] D:\Rising\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-08-03 12:04 M:2008-07-31 01:27] D:\Rising\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-08-03 12:04 M:2008-07-31 01:27] D:\Rising\Thunder\Plugins\XLSafeHost\ThunderRAV\bin\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-03 12:04 M:2008-07-31 01:27] D:\Rising\Thunder\Plugins\XLSafeHost\AutoHelp.dll [Beijing Rising Technology Co., Ltd., 6.0.0.3, C:2008-07-18 13:07 M:2008-07-12 09:53] D:\Rising\Thunder\Program\XLNetU.Dll [Thunder Networking Technologies,LTD, 1, 5, 1, 24, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\Search\XLSearch.dll [Thunder Networking Technologies,LTD, 1, 1, 6, 21, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Program\LiveUpdate.dll [Thunder Networking Technologies,LTD, 1, 2, 3, 25, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\XLSoftBase\XLSoftwareBase.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 3, C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\Plugins\KanKanTop\KanKanTop.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 4, C:2008-07-02 10:35 M:2008-07-12 09:53] D:\Rising\Thunder\Plugins\GouGouTop\GouGouTop.dll [Thunder Networking Technologies,LTD, 1, 0, 2, 5, C:2008-07-18 13:08 M:2008-07-12 09:53] D:\Rising\Thunder\Components\ExplorerHelper\ExplorerHelper.dll [Thunder Networking Technologies,LTD, 1, 0, 4, 19, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\ComDlls\ThunderAgent_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-07-01 21:56 M:2008-05-26 11:09] C:\WINDOWS\system32\OLEACC.dll [Microsoft Corporation, 4.2.5406.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-07-01 21:56 M:2008-04-29 14:42] D:\Rising\Thunder\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-07-01 21:56 M:2008-04-07 15:40] D:\Rising\Thunder\Components\Tips\TipsClient.dll [Thunder Networking Technologies,LTD, 2, 2, 13, 118, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\VPSHELL\VPSHELL.dll [迅雷网络, 3, 0, 1, 33, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\UserExperience\UserExperience.dll [Thunder Networking Technologies,LTD, 1, 0, 3, 5, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\ResWorker\DsXlCom.dll [版权所有 (C) 2007, 1, 0, 0, 30, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\ResWorker\DataProcessor_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-07-18 13:07 M:2008-07-12 09:53] D:\Rising\Thunder\Components\ResWorker\MediaWorker.dll [Thunder Networking Technologies,LTD, 1, 2, 0, 22, C:2008-07-01 21:56 M:2008-07-12 09:53] C:\WINDOWS\system32\WMASF.DLL [Microsoft Corporation, 10.00.00.3802 built by: dnsrv(bld4act), C:2006-04-15 00:00 M:2005-01-28 08:53] C:\WINDOWS\system32\AVIFIL32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSVFW32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] D:\Rising\Thunder\Components\Tips\XLIPC.DLL [Thunder Networking Technologies,LTD, 1, 0, 0, 2, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Thunder\Components\DownloadStat\DownloadStat.dll [Thunder Networking Technologies,LTD, 1, 4, 1, 6, C:2008-07-01 21:56 M:2008-07-12 09:53] D:\Rising\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-07-21 16:14 M:2008-07-31 01:27] C:\WINDOWS\system32\vbscript.dll [Microsoft Corporation, 5.6.0.8825, C:2006-04-15 00:00 M:2004-08-09 21:27] C:\WINDOWS\system32\jscript.dll [Microsoft Corporation, 5.6.0.8831, C:2006-04-15 00:00 M:2006-05-18 13:36] D:\Rising\Thunder\Program\bd.dll [Thunder Networking Technologies,LTD, 1, 0, 2, 17, C:2008-07-01 21:56 M:2008-07-12 09:53] [PID: 2728 / Administrator] E:\windosw清理助手 优化大师\arswp2\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 0, 728, C:2008-07-29 22:36 M:2008-07-29 22:36] C:\WINDOWS\system32\ntdll.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ADVAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\Secur32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msvcrt.dll [Microsoft Corporation, 7.0.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPT32.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MSASN1.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ole32.dll [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2006-04-15 00:00 M:2005-07-26 12:39] C:\WINDOWS\system32\VERSION.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\imagehlp.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINTRUST.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WTSAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINSTA.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\NETAPI32.dll [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2006-04-15 00:00 M:2006-08-17 20:29] C:\WINDOWS\system32\PSAPI.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\comdlg32.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\COMCTL32.dll [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2006-04-15 00:00 M:2006-08-25 23:49] C:\WINDOWS\system32\WINSPOOL.DRV [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\OLEPRO32.DLL [Microsoft Corporation, 5.1.2600.2180, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WSOCK32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2_32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WS2HELP.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\iphlpapi.dll [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2006-04-15 00:00 M:2006-05-19 21:14] C:\WINDOWS\system32\MSVCP60.dll [Microsoft Corporation, 6.02.3104.0, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\SETUPAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\IMM32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LPK.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\USP10.dll [Microsoft Corporation, 1.0420.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2006-08-25 08:49 M:2006-08-25 08:49] D:\Rising\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-07-21 17:35 M:2008-07-26 14:14] D:\Rising\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-07-21 17:35 M:2008-07-26 14:14] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 12:06] C:\WINDOWS\system32\appHelp.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CLBCATQ.DLL [Microsoft Corporation, 2001.12.4414.308, C:2006-07-22 00:30 M:2005-07-26 12:39] C:\WINDOWS\system32\COMRes.dll [Microsoft Corporation, 2001.12.4414.258, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msctfime.ime [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] E:\windosw清理助手 优化大师\arswp2\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2007-11-28 15:19 M:2007-11-28 15:19] C:\WINDOWS\system32\USERENV.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\CRYPTUI.dll [Microsoft Corporation, 5.131.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WLDAP32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\asycfilt.dll [Microsoft Corporation, 5.1.2600.2180, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\mlang.dll [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030), C:2006-04-15 00:00 M:2004-10-16 04:54] C:\WINDOWS\system32\hnetcfg.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\wshtcpip.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\RASAPI32.DLL [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rasman.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\TAPI32.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\rtutils.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\WINMM.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\msv1_0.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\System32\winrnr.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\LINKINFO.dll [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520), C:2006-04-15 00:00 M:2005-09-01 09:45] C:\WINDOWS\system32\ntshrui.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\ATL.DLL [Microsoft Corporation, 3.05.2284, C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\mstask.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:32 M:2006-04-15 08:00] C:\WINDOWS\system32\NTDSAPI.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] C:\WINDOWS\system32\MPR.dll [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] ======================================== 文件关联 [.txt] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:24 M:2006-04-15 08:00] [.log] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-07-22 00:24 M:2006-04-15 08:00] [.ini] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2006-04-15 00:00 M:2006-04-15 00:00] [.hlp] <%SystemRoot%\System32\winhlp32.exe %1> [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] [.vbs] <%SystemRoot%\System32\WScript.exe "%1" %*> [Microsoft Corporation, 5.6.0.8825, C:2006-04-15 00:00 M:2004-08-09 21:27] [.js] <%SystemRoot%\System32\WScript.exe "%1" %*> [Microsoft Corporation, 5.6.0.8825, C:2006-04-15 00:00 M:2004-08-09 21:27] [.chm] <"hh.exe" %1> [Microsoft Corporation, 5.2.3790.2453 (srv03_sp1_gdr.050525-1542), C:2006-04-15 00:00 M:2005-05-27 07:22] ======================================== AutoRun.INF ======================================== Winsock提供者 RSVP UDP Service Provider <%SystemRoot%\system32\rsvpsp.dll> [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] RSVP TCP Service Provider <%SystemRoot%\system32\rsvpsp.dll> [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148), C:2006-04-15 00:00 M:2006-04-15 00:00] ======================================== HOSTS 127.0.0.1 localhost 127.0.0.1 www.dk3702192.cn 127.0.0.1 pt.99.vc 127.0.0.1 y.ddzu.com 127.0.0.1 www.king88888.cn 127.0.0.1 www.zhandouma.cn 127.0.0.1 my.up9999.cn 127.0.0.1 baicai121.cn 127.0.0.1 yzjlele.cn 127.0.0.1 www.yh64.com 127.0.0.1 www.xiaoshen0519.com 127.0.0.1 www.yzjlele.cn 127.0.0.1 aa.91.vc 127.0.0.1 860315zx.c70.163ns.com 127.0.0.1 www.tngs888.com 127.0.0.1 user3.zp8888.cn:7000 127.0.0.1 www.517fca.cn 127.0.0.1 www.laomian147369.cn 127.0.0.1 www.dk250.cn 127.0.0.1 www.dd918918.cn 127.0.0.1 lanhuazhou.com 127.0.0.1 www.dd918918.cn 127.0.0.1 www.kksfw.cn 127.0.0.1 www.517fca.cn:82 127.0.0.1 wcceo.sx200.39226.cn 127.0.0.1 baicai133.com 127.0.0.1 www.79qm.com 127.0.0.1 www.xianyu520.com 127.0.0.1 www.105250.cn 127.0.0.1 muma5.cn 127.0.0.1 www.binyang.net 127.0.0.1 user1.gamehack.us:8080 127.0.0.1 www.8888ds.cn 127.0.0.1 aa.zhandouma.cn 127.0.0.1 www.5173sb.cn 127.0.0.1 www.xiaoyuyu888.cn 127.0.0.1 www.duojinxin1212.cn 127.0.0.1 www.cike007.cn 127.0.0.1 www.exiao01.com 127.0.0.1 qqq.dzydhx.com 127.0.0.1 qqq.hao1658.com 127.0.0.1 www.333292.com 127.0.0.1 down.18dd.net 127.0.0.1 xxx.m111.biz 127.0.0.1 1.jopenqc.com 127.0.0.1 xxx.j41m.com 127.0.0.1 3.joppnqq.com 127.0.0.1 d.93se.com 127.0.0.1 1.jopenkk.com 127.0.0.1 xxx.vh7.biz 127.0.0.1 new.749571.com 127.0.0.1 xtx.kv8.info 127.0.0.1 cao.kv8.info 127.0.0.1 1.jopmmqq.com 127.0.0.1 yu.8s7.net 127.0.0.1 1.jopanqc.com 127.0.0.1 2.joppnqq.com 127.0.0.1 www.868wg.com 127.0.0.1 xxx.mmma.biz 127.0.0.1 ilove.com 127.0.0.1 www.22aaa.com 127.0.0.1 xx.exiao01.com 127.0.0.1 tp.shpzhan.cn 127.0.0.1 www.tomwg.com 127.0.0.1 wg.47255.com 127.0.0.1 1.joppnqq.com 127.0.0.1 171817.171817.com 127.0.0.1 d2.llsging.com 127.0.0.1 down.malasc.cn 127.0.0.1 llboss.com 127.0.0.1 nx.51ylb.cn 127.0.0.1 my.531jx.cn 127.0.0.1 up.22x44.com [/CODE]