[CODE]

2008-08-06,09:54:23

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
×¢²áÏî

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    <FlashPlayerUpdate><C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe>  [(Verified)Adobe Systems, Inc., 9,0,28,0, C:2006-11-10 06:46 M:2006-11-10 06:46]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <RavTask><"D:\ÈðÐÇɱ¶¾\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-08-05 22:17 M:2008-08-05 22:23]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2008-08-06 09:20 M:2008-08-06 09:19]
    <RfwMain><"D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-08-06 09:35 M:2008-08-06 09:32]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2008-08-05 22:18 M:2008-08-06 09:19]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_Dlls><kmon.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 21, C:2008-08-06 09:20 M:2008-08-06 09:19]

[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\ÃλÃË®~1.SCR>  [N/A, C:2007-01-25 02:32 M:2006-06-09 14:34]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-07-15 17:01 M:2008-08-05 22:22]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\ʹÓÃѸÀ×ÏÂÔØ]
    <><C:\Program Files\Thunder\Program\geturl.htm>  [N/A, C:2007-05-13 02:18 M:2007-02-28 14:59]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\ʹÓÃѸÀ×ÏÂÔØÈ«²¿Á´½Ó]
    <><C:\Program Files\Thunder\Program\getallurl.htm>  [N/A, C:2007-05-13 02:18 M:2007-02-10 14:41]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\µ¼³öµ½ Microsoft Office Excel(&X)]
    <><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp11.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:1980-01-01 00:00 M:2006-11-02 23:38]


========================================
Æô¶¯Ïî



========================================
¼Æ»®ÈÎÎñ



========================================
×é¼þ


ShellExecuteHook
[ShlExecHack Class]
    {32CD708B-60A7-4C00-9377-D73EAA495F0F}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-07-15 17:01 M:2008-08-05 22:22]

Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-11-07 01:29 M:2004-08-17 20:00]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2007-02-01 13:57 M:2006-12-04 18:43]
[Shell Extensions for RealOne Player]
    {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}  <C:\Program Files\Real\RealPlayer\rpshell.dll>  [RealNetworks, Inc., 1.0.1.2237, C:2007-02-01 14:08 M:2007-02-01 14:08]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-07-15 17:01 M:2008-08-05 22:22]

BrowserHelperObject
[ThunderAtOnce Class]
    {01443AEC-0FD1-40fd-9C87-E93D1494C233}  <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.0.4, C:2007-05-13 02:18 M:2007-04-16 19:16]
[Thunder Browser Helper]
    {98B7C139-E9CD-4959-8B46-FBEAB41E42A8}  <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll>  [Thunder Networking Technologies,LTD, 5, 0, 1, 4, C:2007-05-13 02:18 M:2007-04-25 12:45]
[¿¨¿¨ÉÏÍø°²È«ÖúÊÖ]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\urlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-06 09:20 M:2008-08-06 09:20]

ActiveX Extension
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.0.4, C:2007-05-13 02:18 M:2007-04-16 19:16]
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll>  [Thunder Networking Technologies,LTD, 5, 0, 3, 20, C:2007-05-13 02:18 M:2007-04-27 18:10]
[Thunder Browser Helper]
    {98B7C139-E9CD-4959-8B46-FBEAB41E42A8}  <C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll>  [Thunder Networking Technologies,LTD, 5, 0, 1, 4, C:2007-05-13 02:18 M:2007-04-25 12:45]
[¿¨¿¨ÉÏÍø°²È«ÖúÊÖ]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\urlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-06 09:20 M:2008-08-06 09:20]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx>  [(Verified)Adobe Systems, Inc., 9,0,28,0, C:2006-11-10 06:46 M:2006-11-10 06:46]

Context Menu
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-07-15 17:01 M:2008-08-05 22:22]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2007-02-01 13:57 M:2006-12-04 18:43]


========================================
·þÎñ

[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
    <D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\rfwProxy.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-08-06 09:35 M:2008-08-06 09:33]
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
    <D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\rfwsrv.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2008-08-06 09:35 M:2008-08-06 09:32]
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
    <"D:\ÈðÐÇɱ¶¾\Rising\Rav\CCenter.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-08-05 22:17 M:2008-08-05 22:23]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <"D:\ÈðÐÇɱ¶¾\RISING\RAV\Ravmond.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-08-05 22:17 M:2008-08-05 22:23]


========================================
Çý¶¯

[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
    <System32\DRIVERS\amdk8.sys>  [Advanced Micro Devices, 1.1.0 (srv03_sp1_rtm.050324-1447), C:2005-08-12 09:09 M:2005-05-21 20:43]
[npkcrypt / npkcrypt][Stopped/Auto Start]
    <\??\D:\Program Files\QQ2007\npkcrypt.sys>  []
[RsAntiSpyware / RsAntiSpyware][Running/Disabled]
    <system32\drivers\RsBoot.sys>  []
[USB PC Camera (SNPSTD325) / SNP325][Stopped/Manual Start]
    <system32\DRIVERS\snp325.sys>  [Sonix Co. Ltd., 1, 3, 2, 2, C:2007-07-15 16:59 M:2006-09-27 12:28]
[viagfx / viagfx][Running/Manual Start]
    <system32\DRIVERS\vtmini.sys>  [Copyright (C) VIA/S3 Graphics Co, Ltd., 6.14.10.0283-16.94.45.10, C:1980-01-01 00:00 M:2006-02-08 01:15]
[VIAMRAID / VIAMRAID][Stopped/Boot Start]
    <system32\DRIVERS\viamraid.sys>  [VIA Technologies inc,.ltd, 5.1.2600.310, C:2004-10-28 20:10 M:2004-05-18 16:55]
[VIA AC'97 Audio Controller (WDM) / VIAudio][Running/Manual Start]
    <system32\drivers\viaudio.sys>  [VIA Technologies, Inc., 6.14.01.3890 built by: VIA, C:1980-01-01 00:00 M:2003-10-20 11:39]

[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
    <system32\drivers\ac97intc.sys>  [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2006-11-07 01:20 M:2001-08-17 12:20]
[AliIde / AliIde][Running/Boot Start]
    <System32\DRIVERS\aliide.sys>  [(Verified)Acer Laboratories Inc., 1.20, C:2005-06-29 18:14 M:2005-06-16 08:58]
[CmdIde / CmdIde][Running/Boot Start]
    <System32\DRIVERS\cmdide.sys>  [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148), C:2004-04-12 20:37 M:2001-08-31 15:29]
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
    <system32\DRIVERS\fetnd5.sys>  [(Verified)VIA Technologies, Inc.              , 2.66, C:2006-11-07 01:20 M:2001-08-17 12:13]
[VIA Rhine Family Fast Ethernet Adapter Driver Service / FETNDISB][Running/Manual Start]
    <system32\DRIVERS\fetnd5b.sys>  [(Verified)VIA Technologies, Inc.              , 3.15.00.0351, C:1980-01-01 00:00 M:2003-01-15 16:05]
[HookCont / HookCont][Running/System Start]
    <\SystemRoot\system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2008-08-05 22:17 M:2008-08-05 22:23]
[HookNtos / HookNtos][Running/System Start]
    <\SystemRoot\system32\drivers\HookNtos.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 50, C:2008-08-05 22:17 M:2008-08-05 22:23]
[HookReg / HookReg][Running/System Start]
    <\SystemRoot\system32\drivers\HookReg.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 28, C:2008-08-05 22:17 M:2008-08-05 22:23]
[HookSys / HookSys][Running/System Start]
    <\SystemRoot\system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 54, C:2008-08-05 22:17 M:2008-08-05 22:23]
[HookUrl / HookUrl][Running/Auto Start]
    <\??\D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\HookUrl.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-08-06 09:35 M:2008-08-06 09:33]
[nv / nv][Stopped/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.10.5673, C:2006-11-07 01:20 M:2004-08-03 22:29]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00]
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
    <System32\DRIVERS\rfwbase.SYS>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.10, C:2008-08-06 09:35 M:2008-08-06 09:32]
[RsFwDrv / RsFwDrv][Running/System Start]
    <\??\D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RsFwDrv.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.34, C:2008-08-06 09:35 M:2008-08-06 09:32]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-08-05 22:17 M:2008-08-05 22:31]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25]
[VIA AGP Filter / viaagp1][Running/Boot Start]
    <system32\DRIVERS\viaagp1.sys>  [(Verified)VIA Technologies, Inc., 5.1.0.3442 built by: VIA, C:1980-01-01 00:00 M:2003-07-02 04:42]


========================================
½ø³Ì

[PID: 576 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[PID: 652 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 676 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\MSGINA.dll  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 720 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 732 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 888 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 964 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 1084 / SYSTEM]   D:\ÈðÐÇɱ¶¾\Rising\Rav\CCenter.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-08-05 22:17 M:2008-08-05 22:23]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 1100 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 1192 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 1244 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 1376 / SYSTEM]   D:\ÈðÐÇɱ¶¾\RISING\RAV\ravmond.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\BWList.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-08-05 22:17 M:2008-08-05 22:23]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-08-05 22:17 M:2008-08-05 22:17]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-08-05 22:17 M:2008-08-05 22:31]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\HookReg.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\HookNtos.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\rswalmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 40, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 16, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RsStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-08-05 22:17 M:2008-08-05 22:31]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\fakescan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-08-05 22:17 M:2008-08-05 22:31]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-08-05 22:17 M:2008-08-05 22:31]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-05 22:17 M:2008-08-05 22:24]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 87, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\scanpack.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 19, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\ur023.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\uroutine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-08-05 22:17 M:2008-08-05 22:24]

[PID: 1508 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 12:00 M:2005-06-11 07:53]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 1696 / SYSTEM]   D:\ÈðÐÇɱ¶¾\RISING\RAV\RavStub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\RISING\RAV\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-05 22:17 M:2008-08-05 22:23]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 1908 / Administrator]   C:\WINDOWS\Explorer.EXE   [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-07-15 17:01 M:2008-08-05 22:22]
    C:\WINDOWS\system32\shlhook.dll  [Beijing Rising Technology Co., Ltd., 4.0.0.9, C:2008-08-05 22:18 M:2008-08-05 22:18]
    C:\WINDOWS\system32\browselc.dll  [Microsoft Corporation, 6.00.2600.0000, C:1980-01-01 00:00 M:2001-09-29 14:39]
    C:\WINDOWS\system32\MSGINA.dll  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\WINWB86.IME  [Microsoft Corporation, 4.00.950, C:2007-02-01 13:50 M:2000-06-08 17:00]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]
    C:\Program Files\WinRAR\rarext.dll  [N/A, C:2007-02-01 13:57 M:2006-12-04 18:43]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-05 22:17 M:2008-08-05 22:23]

[PID: 120 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 308 / Administrator]   D:\ÈðÐÇɱ¶¾\Rising\Rav\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RSAPPMGR.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-08-05 22:17 M:2008-08-05 22:23]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 332 / Administrator]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 368 / Administrator]   D:\ÈðÐÇɱ¶¾\Rising\Rav\Ravmon.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.24, C:2008-08-05 22:17 M:2008-08-05 22:23]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-08-05 22:17 M:2008-08-05 22:17]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 40, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-05 22:17 M:2008-08-05 22:25]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\Rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-08-05 22:17 M:2008-08-05 22:25]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 1280 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 3196 / Administrator]   D:\ÈðÐÇɱ¶¾\Rising\Rav\Rav.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 72, C:2008-08-05 22:17 M:2008-08-05 22:31]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\Rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-08-05 22:17 M:2008-08-05 22:25]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-08-05 22:17 M:2008-08-05 22:17]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-05 22:17 M:2008-08-05 22:25]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RsCommon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\ravpagem.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 1, 8, C:2008-08-05 22:17 M:2008-08-05 22:31]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\htmllib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.17, C:2008-08-05 22:17 M:2008-08-05 22:23]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-07-15 17:01 M:2008-08-05 22:22]
    C:\WINDOWS\system32\shlhook.dll  [Beijing Rising Technology Co., Ltd., 4.0.0.9, C:2008-08-05 22:18 M:2008-08-05 22:18]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\ravpagew.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 89, C:2008-08-05 22:17 M:2008-08-05 22:31]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\fakescan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-08-05 22:17 M:2008-08-05 22:31]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-08-05 22:17 M:2008-08-05 22:31]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\BWList.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\SysMail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.11, C:2008-08-05 22:17 M:2008-08-05 22:31]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 40, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\mvengine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\posttrt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 16, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-08-05 22:17 M:2008-08-05 22:31]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 87, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\extole.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 13, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\scanpack.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 19, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\uroutine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\ur023.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\scanmac.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-08-05 22:17 M:2008-08-05 22:24]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\ur021.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-08-05 22:17 M:2008-08-05 22:24]

[PID: 2176 / Administrator]   C:\Program Files\Internet Explorer\iexplore.exe   [(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2006-11-07 01:31 M:2004-08-17 20:00]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\browselc.dll  [Microsoft Corporation, 6.00.2600.0000, C:1980-01-01 00:00 M:2001-09-29 14:39]
    C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.0.4, C:2007-05-13 02:18 M:2007-04-16 19:16]
    C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll  [Thunder Networking Technologies,LTD, 5, 0, 1, 4, C:2007-05-13 02:18 M:2007-04-25 12:45]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-05 22:17 M:2008-08-05 22:23]
    C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx  [(Verified)Adobe Systems, Inc., 9,0,28,0, C:2006-11-10 06:46 M:2006-11-10 06:46]
    C:\WINDOWS\system32\WINWB86.IME  [Microsoft Corporation, 4.00.950, C:2007-02-01 13:50 M:2000-06-08 17:00]
    C:\WINDOWS\system32\urlFilter.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-06 09:20 M:2008-08-06 09:20]
    C:\Program Files\Rising\AntiSpyware\UrlRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-08-06 09:20 M:2008-08-06 09:20]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]
    C:\WINDOWS\system32\MSGINA.dll  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-17 12:00]
    C:\Program Files\Thunder\ComDlls\Faker.dll  [°æȨËùÓÐ (C) 2007, 1, 0, 1, 2, C:2007-05-13 02:18 M:2007-05-04 13:04]
    C:\Program Files\Thunder\ComDlls\ThunderAgent_Now.dll  [Thunder Networking Technologies,LTD, 5, 0, 3, 20, C:2007-05-13 02:18 M:2007-04-27 18:10]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-07-15 17:01 M:2008-08-05 22:22]

[PID: 2244 / Administrator]   C:\Program Files\Rising\AntiSpyware\rstray.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2008-08-06 09:20 M:2008-08-06 09:19]
    C:\Program Files\Rising\AntiSpyware\rsmginfo.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-08-06 09:20 M:2008-08-06 09:20]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\Rising\AntiSpyware\RsXML.dll  [Beijing Rising Technology Co., Ltd., 20, 0, 0, 1, C:2008-08-05 22:18 M:2008-08-05 22:18]
    C:\Program Files\Rising\AntiSpyware\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-08-05 22:18 M:2008-08-06 09:19]
    C:\Program Files\Rising\AntiSpyware\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-08-05 22:18 M:2008-08-06 09:19]
    C:\Program Files\Rising\AntiSpyware\ComServ.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-08-06 09:20 M:2008-08-06 09:19]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 09:20 M:2008-08-06 09:20]
    C:\Program Files\Rising\AntiSpyware\rscommon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-08-06 09:20 M:2008-08-06 09:19]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-08-06 09:20 M:2008-08-06 09:19]
    C:\Program Files\Rising\AntiSpyware\pngdll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-06 09:20 M:2008-08-06 09:19]
    C:\Program Files\Rising\AntiSpyware\runiep.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.32, C:2008-08-06 09:20 M:2008-08-06 09:19]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:23]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-05 22:17 M:2008-08-05 22:23]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2007-07-15 17:01 M:2008-08-05 22:22]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 2132 / Administrator]   C:\Program Files\Rising\AntiSpyware\knownsvr.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2008-08-06 09:20 M:2008-08-06 09:19]
    C:\Program Files\Rising\AntiSpyware\NComm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-08-05 22:18 M:2008-08-06 09:19]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-08-06 09:20 M:2008-08-06 09:19]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 09:20 M:2008-08-06 09:20]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 2864 / Administrator]   D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\rfwmain.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-08-06 09:35 M:2008-08-06 09:32]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-08-05 22:17 M:2008-08-05 22:17]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RsGuiLib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-08-06 09:35 M:2008-08-06 09:32]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 21, C:2008-08-06 09:20 M:2008-08-06 09:19]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RfwCtrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-06 09:35 M:2008-08-06 09:32]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 2980 / SYSTEM]   D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\rfwsrv.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2008-08-06 09:35 M:2008-08-06 09:32]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-08-05 22:17 M:2008-08-05 22:17]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 21, C:2008-08-06 09:20 M:2008-08-06 09:19]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\rfwlog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.16, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\Rfwdrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.48, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_ctrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.0, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\unvdet.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.8, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\mPorts.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 3732 / SYSTEM]   D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\rfwstub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-08-06 09:35 M:2008-08-06 09:32]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 21, C:2008-08-06 09:20 M:2008-08-06 09:19]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-06 09:35 M:2008-08-06 09:32]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 3900 / SYSTEM]   D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\rfwProxy.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-08-06 09:35 M:2008-08-06 09:33]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-08-05 22:17 M:2008-08-05 22:17]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 21, C:2008-08-06 09:20 M:2008-08-06 09:19]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\urlrule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\MonMid.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-08-06 09:35 M:2008-08-06 09:33]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 2308 / Administrator]   D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RFWCFG.EXE   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.2.61, C:2008-08-06 09:35 M:2008-08-06 09:32]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-08-05 22:17 M:2008-08-05 22:17]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RsGuiLib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-08-06 09:35 M:2008-08-06 09:32]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 21, C:2008-08-06 09:20 M:2008-08-06 09:19]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-08-06 09:35 M:2008-08-06 09:32]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RfwCtrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\ProxyCtr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.3, C:2008-08-06 09:35 M:2008-08-06 09:33]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-06 09:35 M:2008-08-06 09:32]
    D:\ÈðÐǸöÈË·À»ðǽ\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-08-06 09:35 M:2008-08-06 09:33]

[PID: 2136 / Administrator]   D:\qingli\arswp\arswp.exe   [(Verified)ArSwp.com, 2, 8, 0, 728, C:2008-07-29 22:36 M:2008-07-29 22:36]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 21, C:2008-08-06 09:20 M:2008-08-06 09:19]
    C:\Program Files\Rising\AntiSpyware\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-08-06 09:20 M:2008-08-06 09:19]
    C:\Program Files\Rising\AntiSpyware\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-06 09:20 M:2008-08-06 09:20]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    D:\qingli\arswp\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2007-11-28 15:19 M:2007-11-28 15:19]
    D:\ÈðÐÇɱ¶¾\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-05 22:17 M:2008-08-05 22:23]
    C:\WINDOWS\system32\Macromed\Flash\Flash9b.ocx  [(Verified)Adobe Systems, Inc., 9,0,28,0, C:2006-11-10 06:46 M:2006-11-10 06:46]


========================================
Îļþ¹ØÁª



========================================
AutoRun.INF



========================================
WinsockÌṩÕß



========================================
HOSTS

    127.0.0.1 localhost


[/CODE]