[CODE] 2008-09-27,15:42:21 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3, v.3300 (build 2600) - Administrators ======================================== 注册项 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [(Verified)PPStream Inc, 1, 0, 11, 142, C:2008-09-27 12:36 M:2008-09-16 09:58] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"C:\Program Files\Ringz Studio\Storm Codec\StormSet.exe" /S /opti> [N/A, C:2004-12-24 00:18 M:2004-12-24 00:18] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-09-27 11:13 M:2008-09-27 11:13] <"C:\Program Files\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-09-27 11:22 M:2008-09-27 11:22] <"C:\Program Files\Rising\Rfw\rfwmain.exe" -Startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-09-27 11:26 M:2008-09-27 11:25] <"C:\Program Files\Thunder\Thunder.exe" /s> [Thunder Networking Technologies,LTD, 5.1.6.192, C:2006-04-25 04:05 M:2006-04-25 04:05] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2008-09-27 11:13 M:2008-09-27 11:19] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] <{32CD708B-60A7-4C00-9377-D73EAA495F0F}> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-27 11:22 M:2008-09-27 11:21] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2006-03-08 18:48 M:2006-03-08 18:48] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2006-03-08 18:49 M:2006-03-08 18:49] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2008-06-30 17:14 M:2008-06-30 17:14] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08|(Verified)Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08|(Verified)N/A, C:2008-01-25 20:08 M:2008-01-25 20:08] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08|(Verified)Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08|(Verified)N/A, C:2008-01-25 20:08 M:2008-01-25 20:08] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08|(Verified)Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08|(Verified)N/A, C:2008-02-19 14:01 M:2005-01-28 15:25] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Microsoft Document Imaging Writer Monitor] [Microsoft Corporation, 11.3.1897.0, C:2008-09-24 11:06 M:2003-06-18 17:31] ======================================== 启动项 [QQ游戏启动加速程序] "C:\Documents and Settings\Administrator\QQGame\Accel.exe" > [(Verified)深圳市腾讯计算机系统有限公司, 2, 0, 103, 5, C:2007-08-14 17:46 M:2007-08-14 17:46] [腾讯QQ] "C:\QQDownload\QQ.exe" > [(Verified)TENCENT, 8,0,978,1833, C:2007-07-01 08:50 M:2007-07-01 08:50] ======================================== 计划任务 [SogouImeMgr.job] "C:\PROGRA~1\SOGOUI~1\360~1.165\PinyinRepair.exe" /S > [(Verified)Sogou.com Inc., 3.6.0.1653, C:2008-09-17 10:07 M:2008-09-17 10:07] ======================================== 组件 ShellExecuteHook [ShlExecHack Class] {32CD708B-60A7-4C00-9377-D73EAA495F0F} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-27 11:22 M:2008-09-27 11:21] Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2008-02-15 11:37 M:2008-01-25 20:08] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-09-24 11:10 M:2007-09-23 18:59] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-27 11:22 M:2008-09-27 11:21] BrowserHelperObject [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [Thunder Networking Technologies,LTD, 5, 0, 0, 2, C:2006-06-03 19:17 M:2006-06-03 19:17] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-09-27 11:13 M:2008-09-27 11:13] ActiveX Extension [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [Thunder Networking Technologies,LTD, 5, 0, 0, 2, C:2006-06-03 19:17 M:2006-06-03 19:17] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-09-27 11:13 M:2008-09-27 11:13] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] Context Menu [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-27 11:22 M:2008-09-27 11:21] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2008-09-24 11:10 M:2007-09-23 18:59] ======================================== 服务 [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08] [Rising Proxy Service / RfwProxySrv][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-09-27 11:26 M:2008-09-27 11:25] [Rising Personal Firewall Service / RfwService][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2008-09-27 11:26 M:2008-09-27 11:25] [Rising Process Communication Center / RsCCenter][Running/Auto Start] <"C:\Program Files\Rising\Rav\CCenter.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-09-27 11:22 M:2008-09-27 11:22] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-09-27 11:22 M:2008-09-27 11:22] ======================================== 驱动 [SATALink driver accelerator / SiFilter][Running/Boot Start] [Silicon Image, Inc., 1.0.0.11, C:2008-02-21 09:28 M:2006-08-08 22:19] [Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start] [(Verified)Realtek Semiconductor Corp., 5.10.00.6280 built by: WinDDK, C:2008-09-24 10:36 M:2008-01-24 16:36] [VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start] [(Verified)VIA Technologies, Inc. , 2.66, C:2008-02-15 11:31 M:2001-08-17 12:13] [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2008-09-27 11:22 M:2008-09-27 11:22] [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 50, C:2008-09-27 11:22 M:2008-09-27 11:22] [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 28, C:2008-09-27 11:22 M:2008-09-27 11:22] [HookSys / HookSys][Running/System Start] <\SystemRoot\system32\drivers\HookSys.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2008-09-27 11:22 M:2008-09-27 11:22] [HookUrl / HookUrl][Running/Auto Start] <\??\C:\Program Files\Rising\Rfw\HookUrl.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-09-27 11:26 M:2008-09-27 11:25] [nv / nv][Stopped/Manual Start] [(Verified)NVIDIA Corporation, 6.14.10.5673, C:2008-02-15 11:31 M:2008-01-25 07:50] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2008-01-25 20:08 M:2008-01-25 20:08] [Rising Rfwbase Driver / RfwBase][Running/Auto Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.10, C:2008-09-27 11:26 M:2008-09-27 11:25] [RsFwDrv / RsFwDrv][Running/System Start] <\??\C:\Program Files\Rising\Rfw\RsFwDrv.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.34, C:2008-09-27 11:26 M:2008-09-27 11:25] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-09-27 11:22 M:2008-09-27 11:22] [Realtek 10/100/1000 PCI NIC Family NDIS XP Driver / RTL8023xp][Running/Manual Start] [(Verified)Realtek Semiconductor Corporation , 5.681.1120.2007 built by: WinDDK, C:2008-09-24 10:35 M:2007-11-20 19:09] [Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver / rtl8139][Stopped/Manual Start] [(Verified)Realtek Semiconductor Corporation, 5.398.613.2003 built by: WinDDK, C:2008-09-24 10:34 M:2008-01-25 07:52] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2008-01-25 20:08 M:2008-01-25 20:08] [SiS315 / SiS315][Running/Manual Start] [(Verified)Silicon Integrated Systems Corporation, 6.14.10.3671, C:2008-09-24 10:34 M:2005-04-12 11:08] [SiSide / SiSide][Running/Boot Start] [(Verified)Silicon Integrated Systems Corp., 2.04.00.00 built by: WinDDK, C:2008-09-24 10:34 M:2003-03-25 17:50] [SiSkp / SiSkp][Running/System Start] [(Verified)Silicon Integrated Systems Corporation, 6.14.10.3671, C:2008-09-24 10:34 M:2005-04-12 11:42] ======================================== 进程 [PID: 556 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08] [PID: 636 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 660 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2034), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 704 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 716 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2034), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 872 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 952 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 1068 / SYSTEM] C:\Program Files\Rising\Rav\CCenter.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] [PID: 1084 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 1152 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 1376 / SYSTEM] C:\PROGRAM FILES\RISING\RAV\ravmond.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\BWList.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 05:20 M:2003-03-19 05:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\PROGRAM FILES\RISING\RAV\HookReg.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\HookNtos.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\rswalmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-27 11:22 M:2008-09-27 11:32] C:\Program Files\Rising\Rav\RsStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\Program Files\Rising\Rav\fakescan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\PROGRAM FILES\RISING\RAV\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 94, C:2008-09-27 11:22 M:2008-09-27 11:32] C:\PROGRAM FILES\RISING\RAV\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\scanpack.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 21, C:2008-09-27 11:22 M:2008-09-27 11:32] C:\PROGRAM FILES\RISING\RAV\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\scriptci.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\ur001.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\extole.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 13, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\uroutine.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-09-27 11:22 M:2008-09-27 11:22] [PID: 1392 / SYSTEM] C:\Program Files\Rising\Rfw\rfwsrv.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 05:20 M:2003-03-19 05:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2008-09-27 11:13 M:2008-09-27 11:19] C:\Program Files\Rising\Rfw\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\RfwRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\rfwlog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.16, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\Rfwdrv.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.48, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\ijt_ctrl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.0, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\unvdet.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.8, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rfw\mPorts.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 1460 / SYSTEM] C:\Program Files\Rising\Rfw\rfwProxy.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 05:20 M:2003-03-19 05:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2008-09-27 11:13 M:2008-09-27 11:19] C:\Program Files\Rising\Rfw\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\RfwRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\urlrule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\MonMid.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] [PID: 1772 / SYSTEM] C:\Program Files\Rising\Rfw\rfwstub.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2008-09-27 11:13 M:2008-09-27 11:19] C:\Program Files\Rising\Rfw\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 2020 / SYSTEM] C:\PROGRAM FILES\RISING\RAV\RavStub.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 188 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-0707), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\mdimon.dll [Microsoft Corporation, 11.3.1897.0, C:2008-09-24 11:06 M:2003-06-18 17:31] C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll [Microsoft Corporation, 11.3.1897.0, C:2008-09-24 11:06 M:2003-06-18 17:31] [PID: 1028 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 2320 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-0707), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\WINDOWS\System32\UxTheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\WINDOWS\System32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2008-09-27 11:13 M:2008-09-27 11:19] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 2720 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2008-09-27 11:13 M:2008-09-27 11:19] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\Program Files\Thunder\ComDlls\XunLeiBHO_002.dll [Thunder Networking Technologies,LTD, 5, 0, 0, 2, C:2006-06-03 19:17 M:2006-06-03 19:17] C:\Program Files\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\Program Files\WinRAR\rarext.dll [N/A, C:2008-09-24 11:10 M:2007-09-23 18:59] [PID: 3832 / Administrator] C:\Program Files\Rising\Rfw\RfwMain.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 05:20 M:2003-03-19 05:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\Program Files\Rising\Rfw\RsGuiLib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\RfwCtrl.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\RfwRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 1900 / Administrator] C:\PROGRAM FILES\RISING\RAV\RavMon.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.27, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 05:20 M:2003-03-19 05:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\PROGRAM FILES\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\PROGRAM FILES\RISING\RAV\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\PROGRAM FILES\RISING\RAV\Rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\PROGRAM FILES\RISING\RAV\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 340 / Administrator] C:\Program Files\Rising\AntiSpyware\rstray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2008-09-27 11:13 M:2008-09-27 11:19] C:\Program Files\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.34, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.39, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-27 11:22 M:2008-09-27 11:21] [PID: 3276 / Administrator] C:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\Program Files\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\Program Files\Rising\Rav\RSAPPMGR.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] [PID: 584 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-01-25 20:08] C:\WINDOWS\system32\UxTheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2008-09-27 11:13 M:2008-09-27 11:19] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] [PID: 2076 / Administrator] C:\Program Files\PPStream\ppsap.exe [(Verified)PPStream Inc, 1, 0, 11, 142, C:2008-09-27 12:36 M:2008-09-16 09:58] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2008-09-27 11:13 M:2008-09-27 11:19] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\PPStream\vodnet.dll [(Verified)PPStream Inc., 1, 0, 11, 142, C:2008-09-16 15:41 M:2008-09-16 15:41] C:\Program Files\PPStream\vodres.dll [(Verified)PPStream Inc., 1, 0, 11, 142, C:2008-09-16 15:41 M:2008-09-16 15:41] C:\Program Files\PPStream\ppssg.dll [(Verified)PPStream Inc., 1, 0, 11, 142, C:2008-09-16 15:41 M:2008-09-16 15:41] C:\Program Files\PPStream\fds.dll [(Verified)PPStream Inc., 1, 0, 0, 82, C:2008-09-22 10:56 M:2008-09-22 10:56] C:\Program Files\PPStream\PPSMedia.dll [(Verified)PPStream Inc., 1.0.0.1, C:2008-09-16 15:41 M:2008-09-16 15:41] [PID: 1236 / Administrator] C:\Program Files\Rising\Rav\RsAgent.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-19 05:20 M:2003-03-19 05:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 05:42 M:2003-02-21 05:42] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 21:14 M:2003-03-18 21:14] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:22 M:2008-09-27 11:22] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-09-27 11:22 M:2008-09-27 11:22] [PID: 2512 / Administrator] C:\WINDOWS\msagent\AgentSvr.exe [(Verified)Microsoft Corporation, 2.00.0.3427, C:2008-01-25 20:08 M:2008-01-25 20:08] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2008-09-27 11:13 M:2008-09-27 11:19] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.34, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\Rfw\ijt_base.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\Program Files\Rising\Rfw\olemon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-09-27 11:26 M:2008-09-27 11:25] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] [PID: 628 / Administrator] C:\Program Files\Thunder\Program\Thunder5.exe [Thunder Networking Technologies,LTD, 5.2.0.207, C:2006-06-12 17:27 M:2006-06-12 17:27] C:\Program Files\Thunder\Program\UpdateDownload.dll [Thunder Networking Technologies,LTD, 1, 0, 1, 8, C:2006-05-31 00:10 M:2006-05-31 00:10] C:\Program Files\Thunder\Program\download_interface.dll [Thunder Networking Technologies,LTD, 1, 0, 3, 70, C:2006-06-10 02:09 M:2006-06-10 02:09] C:\Program Files\Thunder\Program\log4cplus.dll [Copyright 2000- 2005, 1, 0, 2, 1, C:2005-12-22 06:25 M:2005-12-22 06:25] C:\Program Files\Thunder\Program\stlport_vc646.dll [STLport Consulting, Inc., 4.6.2003.1031, C:2005-11-01 00:33 M:2005-11-01 00:33] C:\Program Files\Thunder\Program\asyn_dns.dll [N/A, C:2006-06-10 00:56 M:2006-06-10 00:56] C:\Program Files\Thunder\Program\msgmanage.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 15, C:2006-02-20 00:21 M:2006-02-20 00:21] C:\Program Files\Thunder\Program\historyinfo_manage.dll [Thunder Networking Technologies,LTD, 5, 2, 0, 148, C:2006-01-04 19:00 M:2006-01-04 19:00] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\Thunder\Program\RegisterDll.dll [Thunder Networking Technologies,LTD, 1, 2, 0, 7, C:2006-04-11 18:54 M:2006-04-11 18:54] C:\Program Files\Thunder\Program\FloatBar.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 2, C:2006-04-09 23:08 M:2006-04-09 23:08] C:\WINDOWS\system32\RavExt.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-09-27 11:22 M:2008-09-27 11:21] C:\Program Files\Thunder\Program\iTargetAd.dll [N/A, C:2006-06-12 17:27 M:2006-06-12 17:27] [PID: 3980 / Administrator] C:\Program Files\arswp\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 1, 815, C:2008-09-27 15:38 M:2008-08-15 22:25] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 31, C:2008-09-27 11:13 M:2008-09-27 11:19] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.34, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-09-27 11:13 M:2008-09-27 11:13] C:\WINDOWS\system32\uxtheme.dll [Microsoft Corporation, 6.00.2900.3300 (xpsp.080125-2028), C:2008-01-25 20:08 M:2008-02-08 05:01] C:\Program Files\arswp\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-09-27 15:38 M:2007-11-28 15:19] ======================================== 文件关联 [.hlp] [Microsoft Corporation, 5.1.2600.0 (XPClient.010817-1148), C:1601-01-01 08:00 M:1601-01-01 08:00] ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 localhost [/CODE]