[CODE] 2008-08-22,17:30:34 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) - Administrators ======================================== 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [N/A, C:2006-11-23 00:47 M:2004-02-22 16:01] [(Verified)Intel Corporation, 3.0.0.4396, C:2006-11-22 20:02 M:2005-09-20 10:32] [(Verified)Intel Corporation, 3.0.0.4396, C:2006-11-22 20:02 M:2005-09-20 10:36] <360Safebox><"C:\Program Files\360Safebox\safeboxTray.exe" /r> [(Verified)360安全中心, 2, 1, 1, 1002, C:2008-06-11 22:48 M:2008-06-11 22:48] <"C:\Program Files\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.23, C:2008-04-25 14:07 M:2008-04-25 14:06] <"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot> [(Verified)RealNetworks, Inc., 0.1.1.45, C:2008-04-17 21:24 M:2008-04-17 21:24] <"C:\Documents and Settings\All Users\Documents\kaka\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2008-08-12 08:07 M:2008-08-12 08:07] <"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-08-12 15:59 M:2008-08-12 15:58] <360Safetray> [(Verified)奇虎网, 4, 1, 8, 1004, C:2008-07-04 16:06 M:2008-07-04 16:06] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2008-02-19 09:16 M:2008-08-12 08:07] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.17, C:2008-04-25 14:07 M:2008-04-25 14:06] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用超级旋风下载] <><> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用超级旋风下载全部链接] <><> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用iTudou下载节目] <> [N/A, C:2007-03-22 10:28 M:2007-03-22 10:28] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用快车(Flas&hGet)下载] <> [N/A, C:2008-07-24 13:14 M:2008-07-24 13:14] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用快车(Flash&Get)下载全部链接] <> [N/A, C:2008-07-24 13:14 M:2008-07-24 13:14] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用快车(FlashGet)下载该网页FLV] <> [N/A, C:2008-07-24 13:14 M:2008-07-24 13:14] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2008-03-09 13:59 M:2008-06-13 09:55] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2008-03-09 13:59 M:2008-06-13 09:55] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] [(Verified)Intel Corporation, 3.0.0.4396, C:2006-11-22 20:02 M:2005-09-20 10:31] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:13|(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:13|(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:14|(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:13|(Verified)N/A, C:2006-11-23 01:07 M:2005-01-28 15:25] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}] <启动迅雷5> [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-03-09 13:59 M:2008-07-10 21:15] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{669751ED-D558-49AE-B01A-3B374CC7910E}] <><> [] ======================================== 启动项 [QQ游戏启动加速程序] "C:\Program Files\TENCENT\QQGAME\Accel.exe" > [(Verified)深圳市腾讯计算机系统有限公司, 2, 0, 103, 5, C:2008-03-18 18:09 M:2008-03-18 18:09] ======================================== 计划任务 [8b1.job] "C:\WINDOWS\Downlo~1\8b1.exe" > [] ======================================== 组件 ShellExecuteHook [ShlExecHack Class] {32CD708B-60A7-4C00-9377-D73EAA495F0F} [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.17, C:2008-04-25 14:07 M:2008-04-25 14:06] Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-11-07 01:29 M:2004-08-17 20:00] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2006-11-22 23:05 M:2007-09-23 18:59] [Shell Extensions for RealOne Player] {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [(Verified)RealNetworks, Inc., 1.0.2.44, C:2006-11-22 23:17 M:2008-04-17 21:24] [ThuderBHO1] {F78DFA8B-3708-4BEB-8824-C0AF4B5883F0} [, 1.0.2.12, C:2005-12-16 14:29 M:2008-01-31 21:05] [DllRegShlExt extension] {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} [www.Tudou.com, 1.1.0.0, C:2007-01-24 18:07 M:2007-01-24 18:07] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.17, C:2008-04-25 14:07 M:2008-04-25 14:06] BrowserHelperObject [QQCycloneHelper Class] {00000000-12C9-4305-82F9-43058F20E8D2} [(Verified)腾讯公司, 1, 1, 0, 5, C:2007-12-17 18:21 M:2007-12-17 18:21] [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-03-09 13:59 M:2008-06-13 09:43] [FGCatchUrl] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} [www.flashget.com, 1, 8, 4, 1007, C:2007-09-11 19:21 M:2007-09-11 19:21] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-03-09 13:59 M:2008-06-13 09:43] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-12 08:07 M:2008-08-12 08:07] [FlashGetBHO] {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} [(Verified)FlashGet, 2, 2, 0, 1027, C:2008-07-29 18:53 M:2008-07-29 18:53] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 4, 2, 0, 1005, C:2008-04-09 17:02 M:2008-07-10 17:42] [FlashGet GetFlash Class] {F156768E-81EF-470C-9057-481BA8380DBA} [www.flashget.com, 1, 8, 4, 1003, C:2007-09-11 19:21 M:2007-09-11 19:21] ActiveX Extension [QQCycloneHelper Class] {00000000-12C9-4305-82F9-43058F20E8D2} [(Verified)腾讯公司, 1, 1, 0, 5, C:2007-12-17 18:21 M:2007-12-17 18:21] [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-03-09 13:59 M:2008-06-13 09:43] [PhotoDraw Class] {2375BEE5-F175-4F1C-81EC-8E4E2E72E2DD} [(Verified)TENCENT, 1, 5, 107, 120, C:2008-02-28 11:00 M:2008-02-28 11:00] [FGCatchUrl] {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} [www.flashget.com, 1, 8, 4, 1007, C:2007-09-11 19:21 M:2007-09-11 19:21] [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-03-09 13:59 M:2008-06-13 09:43] [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [(Verified)360.cn, 1, 0, 1, 1027, C:2008-04-09 17:07 M:2008-04-09 17:07] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-03-09 13:59 M:2008-06-13 09:43] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-12 08:07 M:2008-08-12 08:07] [FlashGetBHO] {B070D3E3-FEC0-47D9-8E8A-99D4EEB3D3B0} [(Verified)FlashGet, 2, 2, 0, 1027, C:2008-07-29 18:53 M:2008-07-29 18:53] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [(Verified)360.CN, 4, 2, 0, 1005, C:2008-04-09 17:02 M:2008-07-10 17:42] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [PlayerCtrl Class] {E05BC2A3-9A46-4A32-80C9-023A473F5B23} [(Verified)深圳腾讯科技, 3, 1, 163, 202, C:2007-05-20 16:38 M:2007-05-20 16:38] [FlashGet GetFlash Class] {F156768E-81EF-470C-9057-481BA8380DBA} [www.flashget.com, 1, 8, 4, 1003, C:2007-09-11 19:21 M:2007-09-11 19:21] Context Menu [DLLRegSvr] {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} [www.Tudou.com, 1.1.0.0, C:2007-01-24 18:07 M:2007-01-24 18:07] [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.17, C:2008-04-25 14:07 M:2008-04-25 14:06] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2006-11-22 23:05 M:2007-09-23 18:59] [KSKPPShellEx] {64B76234-8B9B-48A4-802B-DFE4191D0C6E} [(Verified)Kingsoft Corporation, 2008,03,10,1183, C:2005-12-24 19:15 M:2008-03-11 17:21] ======================================== 服务 [clic onfg / cliconfg][Stopped/Auto Start] [] [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14] [Windows CardSpace / idsvc][/Manual Start] <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"> [Microsoft Corporation, 3.0.4506.648 (Winfxred.004506-0648), C:2007-10-11 09:55 M:2007-10-11 09:55] [Net.Tcp Port Sharing Service / NetTcpPortSharing][Stopped/Disabled] <"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"> [Microsoft Corporation, 3.0.4506.648 (Winfxred.004506-0648), C:2007-10-11 09:55 M:2007-10-11 09:55] [Stormser / Stormser][Running/Auto Start] [暴风网际, 1, 0, 0, 11, C:2008-07-08 09:52 M:2008-06-20 12:35] [Rising Proxy Service / RfwProxySrv][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-08-12 15:59 M:2008-08-12 15:58] [Rising Personal Firewall Service / RfwService][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2008-08-12 15:59 M:2008-08-12 15:58] [Rising Process Communication Center / RsCCenter][Running/Auto Start] <"C:\Program Files\Rising\Rav\CCenter.exe"> [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.28, C:2008-04-25 14:07 M:2008-04-25 14:06] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"> [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.75, C:2008-04-25 14:07 M:2008-04-25 14:06] ======================================== 驱动 [ADProt / ADProt][Running/System Start] <\SystemRoot\system32\drivers\ADProt.sys> [腾讯科技(深圳)有限公司, 5, 0, 1, 18, C:2007-12-13 19:47 M:2007-12-13 19:47] [AMD K8 Processor Driver / AmdK8][Stopped/Manual Start] [Advanced Micro Devices, 1.1.0 (srv03_sp1_rtm.050324-1447), C:2005-08-12 09:09 M:2005-05-21 20:43] [Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start] [Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2006-11-22 20:03 M:2005-01-07 17:07] [Netgroup Packet Filter / NPF][Stopped/Manual Start] [CACE Technologies, 3, 1, 0, 27, C:2008-01-24 17:44 M:2008-01-24 17:44] [npkcrypt / npkcrypt][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkcrypt.sys> [] [npkycryp / npkycryp][Stopped/Manual Start] <\??\C:\WINDOWS\system32\npkycryp.sys> [] [QKeyServiceDisplay / QKeyService][Running/Boot Start] [ Tencent Technology (Shenzhen) Company Limited, 1, 0, 0, 6, C:2006-01-09 12:36 M:2007-07-25 16:07] [TesSafe / TesSafe][Stopped/Manual Start] <\??\C:\WINDOWS\system32\TesSafe.sys> [TENCENT, 0, 0, 4, 2, C:2008-07-03 19:41 M:2008-08-22 14:33] [USB2_04 driver / USB2_04][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\nkv2.sys> [] [360AntiArp / 360AntiArp][Running/System Start] <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys> [(Verified)360安全中心, 1, 0, 1, 1007, C:2008-04-09 16:33 M:2008-04-09 16:33] [Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start] [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2006-11-07 01:20 M:2001-08-17 12:20] [AliIde / AliIde][Running/Boot Start] [(Verified)Acer Laboratories Inc., 1.20, C:2005-06-29 18:14 M:2005-06-16 08:58] [CmdIde / CmdIde][Running/Boot Start] [(Verified)CMD Technology, Inc., 2.0.7 (XPClient.010817-1148), C:2004-04-12 20:37 M:2001-08-31 15:29] [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] [(Verified)VIA Technologies, Inc. , 2.66, C:2006-11-07 01:20 M:2001-08-17 12:13] [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys> [(Verified)Beijing Rising Technology Co., Ltd, 22, 0, 0, 5, C:2008-04-25 14:07 M:2008-04-25 14:06] [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys> [(Verified)Beijing Rising Technology Co., Ltd, 22, 0, 0, 46, C:2008-04-25 14:07 M:2008-04-25 14:06] [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys> [(Verified)Beijing Rising Technology Co., Ltd, 22, 0, 0, 23, C:2008-04-25 14:07 M:2008-04-25 14:06] [HookSys / HookSys][Running/System Start] <\SystemRoot\system32\drivers\HookSys.sys> [(Verified)Beijing Rising Technology Co., Ltd, 22, 0, 0, 48, C:2008-04-25 14:07 M:2008-04-25 14:06] [HookUrl / HookUrl][Running/Auto Start] <\??\C:\Program Files\Rising\Rfw\HookUrl.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-08-12 15:59 M:2008-08-12 15:58] [ialm / ialm][Running/Manual Start] [(Verified)Intel Corporation, 6.14.10.4396, C:2006-11-22 20:02 M:2005-09-20 11:00] [Service for Realtek HD Audio (WDM) / IntcAzAudAddService][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.00.5224 built by: WinDDK, C:2006-11-22 20:02 M:2006-02-27 18:47] [KPPDriver / KPPDriver][Stopped/Manual Start] <\??\C:\WINDOWS\system32\drivers\KPPDriver.sys> [(Verified)Kingsoft Corporation, 1.00, C:2005-12-24 19:15 M:2008-03-11 17:21] [nv / nv][Stopped/Manual Start] [(Verified)NVIDIA Corporation, 6.14.10.5673, C:2006-11-07 01:20 M:2004-08-03 22:29] [DDK PACKET Protocol / Packet][Stopped/Manual Start] [(Verified)360安全中心, 1, 0, 1, 1001, C:2008-04-09 16:36 M:2008-04-09 16:36] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00] [Rising Rfwbase Driver / RfwBase][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.10, C:2008-08-12 15:59 M:2008-08-12 15:58] [RsFwDrv / RsFwDrv][Running/System Start] <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.34, C:2008-08-12 15:59 M:2008-08-12 15:58] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 2, C:2008-04-25 14:07 M:2008-04-25 14:06] [Realtek 10/100/1000 NIC Family all in one NDIS XP Driver / RTL8023xp][Running/Manual Start] [(Verified)Realtek Semiconductor Corporation , 5,639,0118,2006 built by: WinDDK, C:2006-11-22 20:03 M:2006-01-18 18:41] [SafeBoxKrnl / SafeBoxKrnl][Running/System Start] <\??\C:\Program Files\360Safebox\SafeBoxKrnl.sys> [(Verified)360安全中心, 2, 2, 1, 1001, C:2008-06-06 18:31 M:2008-06-06 18:31] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25] ======================================== 进程 [PID: 444 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14] [PID: 508 / SYSTEM] \??\C:\windows\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:13] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 532 / SYSTEM] \??\C:\windows\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2004-08-17 12:00 M:2008-04-13 19:14] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 576 / SYSTEM] C:\windows\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 588 / SYSTEM] C:\windows\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2004-08-17 12:00 M:2008-04-13 19:14] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 728 / SYSTEM] C:\windows\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 796 / ] C:\windows\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 864 / SYSTEM] C:\Program Files\Rising\Rav\CCenter.exe [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.28, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 880 / SYSTEM] C:\windows\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 920 / ] C:\windows\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 1020 / SYSTEM] C:\PROGRAM FILES\RISING\RAV\ravmond.exe [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.75, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\BWList.dll [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.4, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\windows\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2005-12-16 12:54 M:2005-12-16 12:53] C:\windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\RsLog.dll [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.34, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 19, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 19, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\MonRule.dll [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.29, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\Hooksys.dll [(Verified)Beijing Rising Technology Co., Ltd, 22, 0, 0, 9, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\PROGRAM FILES\RISING\RAV\HookReg.dll [(Verified)Beijing Rising Technology Co., Ltd, 22, 0, 0, 4, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\HookNtos.dll [(Verified)Beijing Rising Technology Co., Ltd, 22, 0, 0, 2, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\rswalmon.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 22, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-04-25 14:07 M:2008-08-20 15:42] C:\PROGRAM FILES\RISING\RAV\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 16, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\Program Files\Rising\Rav\RsStore.dll [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.8, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\HookCont.dll [(Verified)Beijing Rising Technology Co., Ltd, 22, 0, 0, 1, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\fakescan.dll [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.13, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.36, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\HookWeb.dll [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.2, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 89, C:2008-04-25 14:07 M:2008-08-20 15:42] C:\PROGRAM FILES\RISING\RAV\scanpack.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 19, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\ur023.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\uroutine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\PROGRAM FILES\RISING\RAV\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-04-25 14:07 M:2008-07-28 18:40] [PID: 1032 / SYSTEM] C:\Program Files\Rising\Rfw\rfwsrv.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\windows\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2005-12-16 12:54 M:2005-12-16 12:53] C:\windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Program Files\Rising\Rfw\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\RfwRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.16, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.48, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\ijt_ctrl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.0, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\unvdet.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.8, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 1080 / SYSTEM] C:\Program Files\Rising\Rfw\rfwProxy.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\windows\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2005-12-16 12:54 M:2005-12-16 12:53] C:\windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Program Files\Rising\Rfw\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\RfwRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\MonMid.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 1276 / SYSTEM] C:\Program Files\Rising\Rfw\rfwstub.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Program Files\Rising\Rfw\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 1512 / SYSTEM] C:\PROGRAM FILES\RISING\RAV\RavStub.exe [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.9, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 19, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 19, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 16, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 1776 / P98111] C:\windows\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:14] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Program Files\Kingsoft\KPP\KPPShellEx.dll [(Verified)Kingsoft Corporation, 2008,03,10,1183, C:2005-12-24 19:15 M:2008-03-11 17:21] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.17, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-04-09 17:02 M:2008-07-10 17:42] C:\Program Files\WinRAR\rarext.dll [N/A, C:2006-11-22 23:05 M:2007-09-23 18:59] C:\Program Files\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 16, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\windows\system32\TudouUpload.dll [www.Tudou.com, 1.1.0.0, C:2007-01-24 18:07 M:2007-01-24 18:07] C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-03-09 13:59 M:2008-06-13 09:43] C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-03-09 13:59 M:2008-06-13 09:43] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2008-03-09 13:59 M:2008-08-04 12:58] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_00.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-03-09 13:59 M:2008-08-04 12:58] C:\windows\system32\WINWB86.IME [Microsoft Corporation, 4.00.950, C:2006-11-22 22:55 M:2000-06-08 17:00] C:\PROGRA~1\THUNDE~1\Thunder\Plugins\bho_adv1.dll [, 1.0.2.12, C:2005-12-16 14:29 M:2008-01-31 21:05] [PID: 1816 / P98111] C:\Program Files\Rising\Rfw\RfwMain.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\windows\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2005-12-16 12:54 M:2005-12-16 12:53] C:\windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\Program Files\Rising\Rfw\RsGuiLib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\RfwCtrl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\RfwRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 1840 / ] C:\windows\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2004-08-17 12:00 M:2008-04-13 19:14] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 1912 / SYSTEM] C:\PROGRA~1\RINGZS~1\STORMC~1\Stormser.exe [暴风网际, 1, 0, 0, 11, C:2008-07-08 09:52 M:2008-06-20 12:35] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 1984 / ] C:\WINDOWS\system32\wdfmgr.exe [(Verified)Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act), C:2005-01-28 13:44 M:2005-01-28 13:44] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 636 / P98111] C:\WINDOWS\system32\hkcmd.exe [(Verified)Intel Corporation, 3.0.0.4396, C:2006-11-22 20:02 M:2005-09-20 10:32] C:\WINDOWS\system32\hccutils.DLL [(Verified)Intel Corporation, 3.0.0.4396, C:2006-11-22 20:02 M:2005-09-20 10:31] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\WINDOWS\system32\igfxsrvc.dll [(Verified)Intel Corporation, 3.0.0.4396, C:2006-11-22 20:02 M:2005-09-20 10:32] C:\WINDOWS\system32\igfxres.dll [(Verified)Intel Corporation, 3.0.0.4396, C:2007-12-11 20:11 M:2005-09-20 10:36] [PID: 852 / P98111] C:\WINDOWS\system32\igfxpers.exe [(Verified)Intel Corporation, 3.0.0.4396, C:2006-11-22 20:02 M:2005-09-20 10:36] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\WINDOWS\system32\igfxsrvc.dll [(Verified)Intel Corporation, 3.0.0.4396, C:2006-11-22 20:02 M:2005-09-20 10:32] [PID: 1240 / P98111] C:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.23, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 19, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 19, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 16, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\RSAPPMGR.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-04-25 14:07 M:2008-07-28 18:40] [PID: 1684 / P98111] C:\Program Files\Rising\Rav\Ravmon.exe [(Verified)Beijing Rising Technology Co., Ltd., 20.0.01.14, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\windows\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2005-12-16 12:54 M:2005-12-16 12:53] C:\windows\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\windows\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-05 10:31] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 19, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 19, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 16, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-04-25 14:07 M:2008-08-20 15:42] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-04-25 14:07 M:2008-07-28 18:40] C:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.29, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 4, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\Rsguilib.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 88, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\RsXML.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 0, C:2008-04-25 14:07 M:2008-04-25 14:06] [PID: 640 / P98111] C:\Program Files\Common Files\Real\Update_OB\realsched.exe [(Verified)RealNetworks, Inc., 0.1.1.45, C:2008-04-17 21:24 M:2008-04-17 21:24] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] [PID: 1088 / P98111] C:\Documents and Settings\All Users\Documents\kaka\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.15, C:2008-08-12 08:07 M:2008-08-12 08:07] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Documents and Settings\All Users\Documents\kaka\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-08-12 08:07 M:2008-08-12 08:07] C:\Documents and Settings\All Users\Documents\kaka\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-02-19 09:16 M:2008-08-12 08:07] C:\Documents and Settings\All Users\Documents\kaka\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-02-19 09:16 M:2008-08-12 08:06] C:\Documents and Settings\All Users\Documents\kaka\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-02-19 09:16 M:2008-08-12 08:06] C:\Documents and Settings\All Users\Documents\kaka\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-08-12 08:07 M:2008-08-12 08:06] C:\Documents and Settings\All Users\Documents\kaka\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-12 08:07 M:2008-08-12 08:07] C:\Documents and Settings\All Users\Documents\kaka\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-08-12 08:07 M:2008-08-12 08:07] C:\Documents and Settings\All Users\Documents\kaka\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-08-12 08:07 M:2008-08-12 08:06] C:\Documents and Settings\All Users\Documents\kaka\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-08-12 08:07 M:2008-08-12 08:07] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-04-09 17:02 M:2008-07-10 17:42] C:\Documents and Settings\All Users\Documents\kaka\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.32, C:2008-08-12 08:07 M:2008-08-12 08:07] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 19, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Technology Co., Ltd., 20, 0, 0, 19, C:2008-04-25 14:07 M:2008-04-25 14:06] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Technology Co., Ltd., 20.0.0.17, C:2008-04-25 14:07 M:2008-04-25 14:06] [PID: 1892 / P98111] C:\Program Files\360safe\safemon\360Tray.exe [(Verified)奇虎网, 4, 1, 8, 1004, C:2008-07-04 16:06 M:2008-07-04 16:06] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-04-09 17:02 M:2008-07-10 17:42] C:\Program Files\360safe\safemon\SafeKrnl.dll [(Verified)奇虎网, 4, 2, 0, 1001, C:2008-06-13 20:16 M:2008-06-13 20:16] C:\Program Files\360safe\AntiAdwa.dll [(Verified)360Safe.com, 4, 2, 0, 1001, C:2008-06-13 20:16 M:2008-06-13 20:16] C:\Program Files\360safe\live.dll [(Verified)360.cn, 1, 0, 1, 1027, C:2008-04-09 17:07 M:2008-04-09 17:07] [PID: 2100 / P98111] C:\windows\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:13] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-04-09 17:02 M:2008-07-10 17:42] [PID: 464 / P98111] C:\Documents and Settings\All Users\Documents\kaka\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.11, C:2008-08-12 08:07 M:2008-08-12 08:06] C:\Documents and Settings\All Users\Documents\kaka\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-02-19 09:16 M:2008-08-12 08:06] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Documents and Settings\All Users\Documents\kaka\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-08-12 08:07 M:2008-08-12 08:06] C:\Documents and Settings\All Users\Documents\kaka\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-12 08:07 M:2008-08-12 08:07] [PID: 2324 / P98111] C:\Program Files\Tencent\QQ\TXPlatform.exe [(Verified)Tencent, 1, 5, 225, 0, C:2008-05-20 17:53 M:2008-05-20 17:53] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Documents and Settings\All Users\Documents\kaka\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-08-12 08:07 M:2008-08-12 08:06] C:\Documents and Settings\All Users\Documents\kaka\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-12 08:07 M:2008-08-12 08:07] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-04-09 17:02 M:2008-07-10 17:42] [PID: 3036 / P98111] E:\Windows清理助手\arswp2\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 1, 815, C:2008-08-22 17:22 M:2008-08-15 22:25] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Documents and Settings\All Users\Documents\kaka\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-08-12 08:07 M:2008-08-12 08:06] C:\Documents and Settings\All Users\Documents\kaka\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-12 08:07 M:2008-08-12 08:07] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-08-12 15:59 M:2008-08-12 15:58] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-04-09 17:02 M:2008-07-10 17:42] C:\Program Files\Kingsoft\KPP\KPPShellEx.dll [(Verified)Kingsoft Corporation, 2008,03,10,1183, C:2005-12-24 19:15 M:2008-03-11 17:21] E:\Windows清理助手\arswp2\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-08-22 17:22 M:2007-11-28 15:19] [PID: 3644 / P98111] C:\windows\system32\conime.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2004-08-17 12:00 M:2008-04-13 19:13] C:\windows\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 25, C:2008-08-12 08:07 M:2008-08-15 20:11] C:\Documents and Settings\All Users\Documents\kaka\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.24, C:2008-08-12 08:07 M:2008-08-12 08:06] C:\Documents and Settings\All Users\Documents\kaka\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-08-12 08:07 M:2008-08-12 08:07] C:\Program Files\360safe\safemon\safemon.dll [(Verified)360.CN, 4, 2, 0, 1005, C:2008-04-09 17:02 M:2008-07-10 17:42] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 [/CODE]