[CODE]

2008-10-04,15:10:50

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
注册项

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <Apoint><C:\Program Files\Apoint2K\Apoint.exe>  [Alps Electric Co., Ltd., 7.0.1.260, C:2008-02-27 10:52 M:2007-07-09 08:11]
    <QlbCtrl><%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start>  [N/A, C:1601-01-01 08:00 M:1601-01-01 08:00]
    <IgfxTray><C:\WINDOWS\system32\igfxtray.exe>  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-06-01 15:13]
    <HotKeysCmds><C:\WINDOWS\system32\hkcmd.exe>  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-06-01 15:13]
    <Persistence><C:\WINDOWS\system32\igfxpers.exe>  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-06-01 15:13]
    <SynTPLpr><C:\Program Files\Synaptics\SynTP\SynTPLpr.exe>  [(Verified)Synaptics, Inc., 7.12.3 08Oct04, C:2008-03-05 12:40 M:2004-10-08 14:44]
    <SynTPEnh><C:\Program Files\Synaptics\SynTP\SynTPEnh.exe>  [(Verified)Synaptics, Inc., 7.12.3 08Oct04, C:2008-03-05 12:40 M:2004-10-08 14:43]
    <RfwMain><"D:\Program Files\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-10-04 12:49 M:2008-10-04 12:48]
    <runeip><"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-09-24 16:33 M:2008-10-04 13:35]
    <RavTask><"D:\Program Files\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-10-04 14:21 M:2008-10-04 14:20]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    <KKDelay><C:\Program Files\Rising\AntiSpyware\RunOnce.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 19, 0, 0, 3, C:2008-09-24 16:33 M:2008-10-04 13:35]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
    <Shell><Explorer.exe>  [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2008-01-12 08:33 M:2008-01-12 08:33]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\KnownDLLs]
    <ole32><ole32.dll>  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    <olecli32><olecli32.dll>  [Microsoft Corporation, 1.07 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    <olecnv32><olecnv32.dll>  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    <rpcrt4><rpcrt4.dll>  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    <shell32><shell32.dll>  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    <user32><user32.dll>  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    <PostBootReminder><%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    <CDBurn><%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    <hipgvbjq.dll><>  []
    <ogpytuop.dll><>  []
    <hphbnofr.dll><>  []
    <ypfqoqcj.dll><>  []
    <vilevjnl.dll><>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{AEB6717E-7E19-11d0-97EE-00C04FD91972}><shell32.dll>  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    <{D91BC61E-7D78-4A2A-A336-7B97E8E52F0B}><D91BC61E.dll>  []
    <{4EFDDEBE-303C-4D1A-8C9E-E4F215C43651}><4EFDDEBE.dll>  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]
    <{D23B0004-30E2-4BDB-B53A-7E9041308C36}><D23B0004.dll>  []
    <{4F34C688-FD49-42FC-97F7-87D2F5791612}><4F34C688.dll>  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-10-04 14:21 M:2008-10-04 14:20]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><D:\迅雷5\Program\geturl.htm>  [N/A, C:2008-09-24 16:49 M:2008-07-28 15:43]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><D:\迅雷5\Program\getallurl.htm>  [N/A, C:2008-09-24 16:49 M:2007-12-10 14:17]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><D:\QQ\AddEmotion.htm>  [N/A, C:2008-06-30 17:14 M:2008-06-30 17:14]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    <WinlogonNotify: igfxcui><igfxdev.dll>  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-05-25 11:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|N/A, C:2008-01-12 08:35 M:2008-01-12 08:35]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89820200-ECBD-11cf-8B85-00AA005B4340}]
    <Windows 桌面更新><regsvr32.exe /s /n /i:U shell32.dll>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}]
    <启动迅雷5><D:\迅雷5\Thunder.exe>  [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2008-09-24 16:49 M:2008-08-12 17:41]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0A155D3C-68E2-4215-A47A-E800A446447A}]
    <浩方电竞平台><E:\platform 5.0\gameclient.exe>  []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Print\Monitors\Microsoft Document Imaging Writer Monitor]
    <PrintMonitor: Microsoft Document Imaging Writer Monitor><mdimon.dll>  [Microsoft Corporation, 11.3.1897.0, C:2008-02-27 11:19 M:2003-06-18 17:31]


========================================
启动项

[QQ游戏启动加速程序]
    <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> "E:\QQGAME\Accel.exe"  > [(Verified)深圳市腾讯计算机系统有限公司, 2, 0, 103, 5, C:2007-08-14 17:46 M:2007-08-14 17:46]
[彩虹QQ显IP]
    <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\彩虹QQ显IP.lnk --> "D:\QQ\彩虹QQ\CaiHong.exe"  > [N/A, C:2008-08-14 14:13 M:2008-08-14 14:13]


========================================
计划任务



========================================
组件


ShellServiceObjectDelayLoad
[PostBootReminder 对象]
    {7849596a-48ea-486e-8937-a2a3009f31a9}  <%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
[烧 CD 的 ShellFolder]
    {fbeb8a05-beee-4442-804e-409d6c4515e9}  <%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]

ShellExecuteHook
[URL 执行挂钩]
    {AEB6717E-7E19-11d0-97EE-00C04FD91972}  <shell32.dll>  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
[]
    {D91BC61E-7D78-4A2A-A336-7B97E8E52F0B}  <D91BC61E.dll>  []
[]
    {4EFDDEBE-303C-4D1A-8C9E-E4F215C43651}  <4EFDDEBE.dll>  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]
[]
    {D23B0004-30E2-4BDB-B53A-7E9041308C36}  <D23B0004.dll>  []
[]
    {4F34C688-FD49-42FC-97F7-87D2F5791612}  <4F34C688.dll>  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
[ShlExecHack Class]
    {32CD708B-60A7-4C00-9377-D73EAA495F0F}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-10-04 14:21 M:2008-10-04 14:20]

Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2008-02-27 11:00 M:2006-04-01 02:52]
[Synaptics Control Panel]
    {2F603045-309F-11CF-9774-0020AFD0CFF6}  <C:\Program Files\Synaptics\SynTP\SynTPCpl.dll>  [(Verified)Synaptics, Inc., 7.12.3 08Oct04, C:2008-03-05 12:40 M:2004-10-08 14:38]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-10-04 14:21 M:2008-10-04 14:20]

Protocols
[WebView MIME Filter]
    {733AC4CB-F1A4-11d0-B951-00A0C90312E1}  <%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Microsoft InfoTech Protocols for IE 4.0]
    {9D148291-B9C8-11D0-A4CC-0000F80149F6}  <C:\WINDOWS\system32\itss.dll>  [Microsoft Corporation, 5.2.3790.2453 (srv03_sp1_gdr.050525-1542), C:2008-01-12 08:33 M:2008-01-12 08:33]
[]
    {6AC4FBC7-AA38-45EC-9634-D6D20B679EFC}  <C:\WINDOWS\system32\KuGoo3DownXControl.ocx>  [酷狗, 5.2.4.4, C:2008-09-24 16:53 M:2008-08-13 17:13]

BrowserHelperObject
[ThunderAtOnce Class]
    {01443AEC-0FD1-40fd-9C87-E93D1494C233}  <D:\迅雷5\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-09-24 16:50 M:2008-06-13 09:43]
[BandIE Class]
    {77FEF28E-EB96-44FF-B511-3185DEA48697}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [(Verified)Baidu.com, Inc., 2, 0, 2, 179, C:2008-09-30 15:38 M:2008-07-28 10:02]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <D:\迅雷5\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-09-24 16:50 M:2008-06-13 09:43]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-09-24 16:33 M:2008-10-04 13:35]

ToolBar
[百度工具栏]
    {B580CF65-E151-49C3-B73F-70B13FCA8E86}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [(Verified)Baidu.com, Inc., 2, 0, 2, 179, C:2008-09-30 15:38 M:2008-07-28 10:02]

ActiveX Extension
[ThunderAtOnce Class]
    {01443AEC-0FD1-40FD-9C87-E93D1494C233}  <D:\迅雷5\ComDlls\TDAtOnce_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-09-24 16:50 M:2008-06-13 09:43]
[DHTML Edit Control Safe for Scripting for IE5]
    {2D360201-FFF5-11D1-8D03-00A0C959BC0A}  <C:\Program Files\Common Files\Microsoft Shared\Triedit\dhtmled.ocx>  [Microsoft Corporation, 6.01.9232, C:2008-02-27 10:47 M:2008-01-12 16:32]
[XML Document]
    {48123BC4-99D9-11D1-A6B3-00C04FD91555}  <C:\WINDOWS\system32\msxml3.dll>  [Microsoft Corporation, 8.90.1101.0, C:2008-01-12 08:33 M:2008-01-12 08:33]
[Thunder Agent Class]
    {485463B7-8FB2-4B3B-B29B-8B919B0EACCE}  <D:\迅雷5\ComDlls\ThunderAgent_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 4, 23, C:2008-09-24 16:50 M:2008-06-13 09:43]
[BandIE Class]
    {77FEF28E-EB96-44FF-B511-3185DEA48697}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [(Verified)Baidu.com, Inc., 2, 0, 2, 179, C:2008-09-30 15:38 M:2008-07-28 10:02]
[Thunder Browser Helper]
    {889D2FEB-5411-4565-8998-1DD2C5261283}  <D:\迅雷5\ComDlls\xunleiBHO_Now.dll>  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-09-24 16:50 M:2008-06-13 09:43]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\UrlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-09-24 16:33 M:2008-10-04 13:35]
[百度工具栏]
    {B580CF65-E151-49C3-B73F-70B13FCA8E86}  <C:\PROGRA~1\baidu\bar\baidubar.dll>  [(Verified)Baidu.com, Inc., 2, 0, 2, 179, C:2008-09-30 15:38 M:2008-07-28 10:02]
[RDS.DataSpace]
    {BD96C556-65A3-11D0-983A-00C04FC29E36}  <C:\Program Files\Common Files\System\msadc\msadco.dll>  [Microsoft Corporation, 2.81.1124.0 (xpsp_sp2_gdr.060322-1613), C:2008-02-27 10:48 M:2008-01-12 16:33]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx>  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]

Context Menu
[Open With]
    {09799AFB-AD67-11d1-ABCD-00C04FC30936}  <%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Open With EncryptionMenu]
    {A470F8CF-A1E8-4f65-8335-227475AA5C46}  <%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-10-04 14:21 M:2008-10-04 14:20]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2008-02-27 11:00 M:2006-04-01 02:52]
[Send To]
    {7BA4C740-9E81-11CF-99D3-00AA004AE837}  <%SystemRoot%\system32\SHELL32.dll>  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]


========================================
服务

[Contrl Center of Storm Media / ccosm][Running/Auto Start]
    <C:\Program Files\StormII\stormliv.exe /asservice>  [北京暴风网际科技有限公司, 3, 8, 1, 13, C:2007-11-12 11:47 M:2008-01-11 11:41]
[hpqwmiex / hpqwmiex][Running/Auto Start]
    <C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe>  [Hewlett-Packard Development Company, L.P., 2, 0, 1, 9, C:2008-02-27 10:53 M:2006-05-02 14:41]
[Print Spooler / Spooler][Running/Auto Start]
    <%SystemRoot%\system32\spoolsv.exe>  [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2008-01-12 08:34 M:2008-01-12 08:34]
[XAudioService / XAudioService][Stopped/Auto Start]
    <%SystemRoot%\system32\DRIVERS\xaudio.exe>  [Conexant Systems, Inc., 1.02, C:2006-11-28 16:44 M:2006-11-28 16:44]

[DCOM Server Process Launcher / DcomLaunch][Running/Auto Start]
    <%SystemRoot%\system32\svchost -k DcomLaunch --> "%SystemRoot%\system32\rpcss.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
[DHCP Client / Dhcp][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\dhcpcsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:32 M:2008-01-12 08:32]
[Fast User Switching Compatibility / FastUserSwitchingCompatibility][Stopped/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Server / lanmanserver][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\srvsvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 5.1.2600.2577 (xpsp_sp2_gdr.041130-1729), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Workstation / lanmanworkstation][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\wkssvc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Network Connections / Netman][Running/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\netman.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525), C:2008-01-12 08:33 M:2008-01-12 08:33]
[Remote Access Connection Manager / RasMan][Running/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\rasmans.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 5.1.2600.2936 (xpsp_sp2_gdr.060621-2347), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
    <D:\Program Files\Rising\Rfw\rfwProxy.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-10-04 12:49 M:2008-10-04 12:48]
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
    <D:\Program Files\Rising\Rfw\rfwsrv.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2008-10-04 12:49 M:2008-10-04 12:48]
[Remote Procedure Call (RPC) / RpcSs][Running/Auto Start]
    <%SystemRoot%\system32\svchost -k rpcss --> "%SystemRoot%\system32\rpcss.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
    <"D:\Program Files\Rising\Rav\CCenter.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-10-04 14:21 M:2008-10-04 14:20]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <"D:\PROGRAM FILES\RISING\RAV\Ravmond.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-10-04 14:21 M:2008-10-04 14:20]
[Shell Hardware Detection / ShellHWDetection][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Windows Image Acquisition (WIA) / stisvc][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k imgsvc --> "%SystemRoot%\system32\wiaservc.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 5.1.2600.3051 (xpsp_sp2_gdr.061219-0316), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Telephony / TapiSrv][Running/Manual Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\tapisrv.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Themes / Themes][Running/Auto Start]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\shsvcs.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Universal Plug and Play Device Host / upnphost][Stopped/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\upnphost.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 5.1.2600.3077 (xpsp_sp2_gdr.070204-2255), C:2008-01-12 08:34 M:2008-01-12 16:34]
[WebClient / WebClient][Running/Auto Start]
    <%SystemRoot%\system32\svchost.exe -k LocalService --> "%SystemRoot%\System32\webclnt.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 5.1.2600.2821 (xpsp_sp2_gdr.060103-1536), C:2008-01-12 08:34 M:2008-01-12 08:34]


========================================
驱动

[Microsoft Kernel Acoustic Echo Canceller / aec][Stopped/Manual Start]
    <system32\drivers\aec.sys>  [Microsoft Corporation, 5.1.2601.2180, C:2008-02-27 10:57 M:2006-08-12 00:08]
[Alps Pointing-device Filter Driver / ApfiltrService][Running/Manual Start]
    <system32\DRIVERS\Apfiltr.sys>  [Alps Electric Co., Ltd., 5.7.0.76 built by: WinDDK, C:2008-02-27 10:52 M:2007-07-07 20:58]
[BdGuard / BdGuard][Running/Boot Start]
    <system32\drivers\BDGuard.SYS>  [Copyright (C) 2005, 1, 0, 12, 0, C:2008-09-30 15:39 M:2008-09-30 15:39]
[d7ba6e / d7ba6e][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\d7ba6e.sys>  []
[FltMgr / FltMgr][Running/Boot Start]
    <system32\DRIVERS\fltMgr.sys>  [Microsoft Corporation, 5.1.2600.2978 (xpsp_sp2_gdr.060821-0039), C:2008-02-27 10:48 M:2008-01-12 16:33]
[Microsoft UAA Function Driver for High Definition Audio Service / HdAudAddService][Running/Manual Start]
    <system32\drivers\CHDAud.sys>  [Conexant Systems Inc., 3.47.0.0 built by: WinDDK, C:2008-02-21 15:36 M:2007-12-18 12:18]
[HSF_DPV / HSF_DPV][Running/Manual Start]
    <system32\DRIVERS\HSX_DPV.sys>  [Conexant Systems, Inc., 7.61.00 built by: WinDDK, C:2006-12-07 15:05 M:2006-12-07 15:05]
[HSXHWAZL / HSXHWAZL][Running/Manual Start]
    <system32\DRIVERS\HSXHWAZL.sys>  [Conexant Systems, Inc., 7.61.00 built by: WinDDK, C:2006-12-07 15:04 M:2006-12-07 15:04]
[HTTP / HTTP][Running/Manual Start]
    <System32\Drivers\HTTP.sys>  [Microsoft Corporation, 5.1.2600.2869 (xpsp_sp2_gdr.060316-1512), C:2008-01-12 08:33 M:2008-01-12 08:33]
[IP Network Address Translator / IpNat][Running/Manual Start]
    <system32\DRIVERS\ipnat.sys>  [Microsoft Corporation, 5.1.2600.2524 (xpsp_sp2_gdr.040919-1056), C:2008-01-12 08:33 M:2008-01-12 08:33]
[Microsoft Kernel Wave Audio Mixer / kmixer][Running/Manual Start]
    <system32\drivers\kmixer.sys>  [Microsoft Corporation, 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359), C:2008-02-27 10:57 M:2006-10-03 23:58]
[mdmxsdk / mdmxsdk][Running/Auto Start]
    <system32\DRIVERS\mdmxsdk.sys>  [Conexant, 1.0.2.012, C:2006-06-19 14:26 M:2006-06-19 14:26]
[MRXSMB / MRxSmb][Running/System Start]
    <system32\DRIVERS\mrxsmb.sys>  [Microsoft Corporation, 5.1.2600.2902 (xpsp_sp2_gdr.060505-0036), C:2008-01-12 08:33 M:2008-01-12 08:33]
[Rdbss / Rdbss][Running/System Start]
    <system32\DRIVERS\rdbss.sys>  [Microsoft Corporation, 5.1.2600.2902 (xpsp_sp2_gdr.060505-0036), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Microsoft Kernel Audio Splitter / splitter][Stopped/Manual Start]
    <system32\drivers\splitter.sys>  [Microsoft Corporation, 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359), C:2008-02-27 10:57 M:2006-10-03 23:58]
[Srv / Srv][Running/Manual Start]
    <system32\DRIVERS\srv.sys>  [Microsoft Corporation, 5.1.2600.2974 (xpsp_sp2_gdr.060814-0101), C:2008-01-12 08:34 M:2008-01-12 08:34]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245), C:2008-01-12 08:36 M:2008-06-20 18:45]
[Conexant Setup API / UIUSys][Stopped/Manual Start]
    <system32\DRIVERS\UIUSYS.SYS>  []
[Microcode Update Driver / Update][Running/Manual Start]
    <system32\DRIVERS\update.sys>  [Microsoft Corporation, 5.1.2600.3124 (xpsp_sp2_gdr.070423-0049), C:2008-01-12 08:34 M:2008-01-12 08:34]
[Microsoft WINMM WDM Audio Compatibility Driver / wdmaud][Running/Manual Start]
    <system32\drivers\wdmaud.sys>  [Microsoft Corporation, 5.1.2600.2929 (xpsp_sp2_gdr.060613-2359), C:2008-02-27 10:57 M:2006-10-03 23:58]
[winachsf / winachsf][Running/Manual Start]
    <system32\DRIVERS\HSX_CNXT.sys>  [Conexant Systems, Inc., 7.61.00 built by: WinDDK, C:2006-12-07 15:04 M:2006-12-07 15:04]
[XAudio / XAudio][Running/Auto Start]
    <system32\DRIVERS\xaudio.sys>  [Conexant Systems, Inc., 1.02 built by: WinDDK, C:2006-11-28 16:44 M:2006-11-28 16:44]

[Broadcom 802.11 网络适配器驱动程序 / BCM43XX][Running/Manual Start]
    <system32\DRIVERS\bcmwl5.sys>  [(Verified)Broadcom Corp., 4.170.25.12, C:2008-02-27 10:53 M:2008-03-05 04:25]
[Microsoft UAA Bus Driver for High Definition Audio / HDAudBus][Running/Manual Start]
    <system32\DRIVERS\HDAudBus.sys>  [(Verified)Windows (R) Server 2003 DDK provider, 5.10.01.5013 built by: WinDDK, C:2008-01-12 08:38 M:2008-01-12 08:38]
[HookCont / HookCont][Running/System Start]
    <\SystemRoot\system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2008-10-04 14:21 M:2008-10-04 14:20]
[HookNtos / HookNtos][Running/System Start]
    <\SystemRoot\system32\drivers\HookNtos.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 50, C:2008-10-04 14:21 M:2008-10-04 14:20]
[HookReg / HookReg][Running/System Start]
    <\SystemRoot\system32\drivers\HookReg.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 28, C:2008-10-04 14:21 M:2008-10-04 14:20]
[HookSys / HookSys][Running/System Start]
    <\SystemRoot\system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2008-10-04 14:21 M:2008-10-04 14:20]
[HookUrl / HookUrl][Running/Auto Start]
    <\??\D:\Program Files\Rising\Rfw\HookUrl.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-10-04 12:49 M:2008-10-04 12:48]
[ialm / ialm][Running/Manual Start]
    <system32\DRIVERS\igxpmp32.sys>  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-05-25 12:27]
[Intel AHCI Controller / iaStor][Running/Boot Start]
    <system32\DRIVERS\iaStor7.sys>  [(Verified)Intel Corporation, 7.6.0.1011, C:2008-01-12 08:38 M:2008-01-12 08:38]
[Intel(R) Wireless WiFi Link 适配器驱动程序（适用于 Windows XP 32 位） / NETw4x32][Stopped/Manual Start]
    <system32\DRIVERS\NETw4x32.sys>  [(Verified)Intel Corporation, 11.1.0.86, C:2008-02-27 10:54 M:2007-03-01 12:47]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00]
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
    <System32\DRIVERS\rfwbase.SYS>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.10, C:2008-10-04 12:49 M:2008-10-04 12:48]
[rimmptsk / rimmptsk][Running/Manual Start]
    <system32\DRIVERS\rimmptsk.sys>  [(Verified)REDC, 1.0.0.9, C:2008-02-27 10:52 M:2005-11-16 20:28]
[rimsptsk / rimsptsk][Running/Manual Start]
    <system32\DRIVERS\rimsptsk.sys>  [(Verified)REDC, 1.00.02.05, C:2008-02-27 10:52 M:2005-12-22 17:02]
[Ricoh xD-Picture Card Driver / rismxdp][Running/Manual Start]
    <system32\DRIVERS\rixdptsk.sys>  [(Verified)REDC, 1.00.02.08, C:2008-02-27 10:52 M:2005-11-01 18:08]
[RsFwDrv / RsFwDrv][Running/System Start]
    <\??\D:\Program Files\Rising\Rfw\RsFwDrv.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.34, C:2008-10-04 12:49 M:2008-10-04 12:48]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-10-04 14:21 M:2008-10-04 14:20]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2008-01-12 08:34 M:2008-01-12 08:34]
[Synaptics TouchPad Driver / SynTP][Stopped/Manual Start]
    <system32\DRIVERS\SynTP.sys>  [(Verified)Synaptics, Inc., 7.12.3 08Oct04, C:2008-03-05 12:40 M:2004-10-08 14:33]
[NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Running/Manual Start]
    <system32\DRIVERS\yk51x86.sys>  [(Verified)Marvell, 8.57.2.3 built by: WinDDK, C:2008-01-20 15:52 M:2006-08-25 08:57]


========================================
进程

[PID: 856 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[PID: 924 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\sxs.dll  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]

[PID: 952 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\AUTHZ.dll  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), C:2008-01-12 08:32 M:2008-01-12 08:32]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\COMCTL32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\SHSVCS.dll  [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]

[PID: 996 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\AUTHZ.dll  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), C:2008-01-12 08:32 M:2008-01-12 08:32]
    C:\WINDOWS\system32\umpnpmgr.dll  [Microsoft Corporation, 5.1.2600.2744 (xpsp_sp2_gdr.050822-1647), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]

[PID: 1008 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\LSASRV.dll  [Microsoft Corporation, 5.1.2600.3249 (xpsp_sp2_gdr.071106-1716), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    C:\WINDOWS\system32\kerberos.dll  [Microsoft Corporation, 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\schannel.dll  [Microsoft Corporation, 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\wdigest.dll  [Microsoft Corporation, 5.1.2600.2874 (xpsp_sp2_gdr.060323-1516), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\AUTHZ.dll  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), C:2008-01-12 08:32 M:2008-01-12 08:32]

[PID: 1168 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    c:\windows\system32\rpcss.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    c:\windows\system32\AUTHZ.dll  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), C:2008-01-12 08:32 M:2008-01-12 08:32]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]

[PID: 1236 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    c:\windows\system32\rpcss.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]

[PID: 1380 / SYSTEM]   D:\Program Files\Rising\Rav\CCenter.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-10-04 14:21 M:2008-10-04 14:20]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]

[PID: 1396 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    c:\windows\system32\shsvcs.dll  [Microsoft Corporation, 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    c:\windows\system32\dhcpcsvc.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:32 M:2008-01-12 08:32]
    c:\windows\system32\iphlpapi.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    c:\windows\system32\ESENT.dll  [Microsoft Corporation, 5.1.2468.0 (Lab03_N(jliem).010306-1456), C:2008-01-12 08:32 M:2008-01-12 08:33]
    C:\WINDOWS\System32\SCHANNEL.dll  [Microsoft Corporation, 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\System32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    c:\windows\system32\wkssvc.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:34 M:2008-01-12 08:34]
    c:\windows\system32\srvsvc.dll  [Microsoft Corporation, 5.1.2600.2577 (xpsp_sp2_gdr.041130-1729), C:2008-01-12 08:34 M:2008-01-12 08:34]
    c:\windows\system32\netman.dll  [Microsoft Corporation, 5.1.2600.2743 (xpsp_sp2_gdr.050819-1525), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\System32\sfc_os.dll  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\System32\SXS.DLL  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\comsvcs.dll  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\colbact.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\MTXCLU.DLL  [Microsoft Corporation, 2001.12.4414.311, C:2008-01-12 08:33 M:2008-01-12 08:33]
    c:\windows\system32\AUTHZ.dll  [Microsoft Corporation, 5.1.2600.2622 (xpsp_sp2_gdr.050301-1519), C:2008-01-12 08:32 M:2008-01-12 08:32]
    c:\windows\system32\tapisrv.dll  [Microsoft Corporation, 5.1.2600.2716 (xpsp_sp2_gdr.050707-1657), C:2008-01-12 08:34 M:2008-01-12 08:34]
    c:\windows\system32\rasmans.dll  [Microsoft Corporation, 5.1.2600.2936 (xpsp_sp2_gdr.060621-2347), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\System32\rasadhlp.dll  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\kerberos.dll  [Microsoft Corporation, 5.1.2600.2698 (xpsp_sp2_gdr.050614-1522), C:2008-01-12 08:33 M:2008-01-12 08:33]

[PID: 1532 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    c:\windows\system32\iphlpapi.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]

[PID: 1572 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    c:\windows\system32\iphlpapi.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    c:\windows\system32\webclnt.dll  [Microsoft Corporation, 5.1.2600.2821 (xpsp_sp2_gdr.060103-1536), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]

[PID: 1680 / SYSTEM]   D:\PROGRAM FILES\RISING\RAV\ravmond.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\BWList.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-10-04 14:21 M:2008-10-04 14:20]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\PROGRAM FILES\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\HookReg.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\HookNtos.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\rswalmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-04 14:21 M:2008-10-04 14:32]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    D:\Program Files\Rising\Rav\RsStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\fakescan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-10-04 14:21 M:2008-10-04 14:20]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    D:\PROGRAM FILES\RISING\RAV\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2008-10-04 14:21 M:2008-10-04 14:20]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    D:\PROGRAM FILES\RISING\RAV\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 94, C:2008-10-04 14:21 M:2008-10-04 14:32]
    D:\PROGRAM FILES\RISING\RAV\scanpack.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\uroutine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 21, C:2008-10-04 14:21 M:2008-10-04 14:32]
    D:\PROGRAM FILES\RISING\RAV\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-10-04 14:21 M:2008-10-04 14:20]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    D:\PROGRAM FILES\RISING\RAV\extole.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 13, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-10-04 14:21 M:2008-10-04 14:20]

[PID: 1696 / SYSTEM]   D:\Program Files\Rising\Rfw\rfwsrv.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.76, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    D:\Program Files\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\rfwlog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.16, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\Rfwdrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.48, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\ijt_ctrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.0, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\unvdet.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.8, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\netapi32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\Iphlpapi.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    D:\Program Files\Rising\Rfw\mPorts.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]

[PID: 1948 / SYSTEM]   D:\Program Files\Rising\Rfw\rfwProxy.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\urlrule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\MonMid.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]

[PID: 268 / SYSTEM]   D:\Program Files\Rising\Rfw\rfwstub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    D:\Program Files\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]

[PID: 600 / Administrator]   C:\WINDOWS\Explorer.EXE   [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-10-04 14:21 M:2008-10-04 14:20]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\LINKINFO.dll  [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\msi.dll  [Microsoft Corporation, 3.1.4000.4039, C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\igfxpph.dll  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-05-25 11:01]
    C:\WINDOWS\system32\hccutils.DLL  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-05-25 11:00]
    C:\WINDOWS\system32\igfxres.dll  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:04 M:2007-05-25 11:03]
    C:\WINDOWS\system32\igfxress.dll  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-05-25 11:00]
    C:\WINDOWS\system32\igfxsrvc.dll  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-05-25 11:01]
    C:\WINDOWS\system32\SXS.DLL  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\迅雷5\ComDlls\TDAtOnce_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 1.0.5.29, C:2008-09-24 16:50 M:2008-06-13 09:43]
    D:\迅雷5\ComDlls\xunleiBHO_Now.dll  [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2008-09-24 16:50 M:2008-06-13 09:43]
    D:\迅雷5\Components\ResWorker\DsBho_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2008-09-24 16:50 M:2008-08-18 19:31]
    D:\迅雷5\Components\ResWorker\DataProcessor_00.dll  [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-09-24 16:50 M:2008-08-18 19:31]
    C:\WINDOWS\system32\MLANG.dll  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030), C:2008-01-12 08:33 M:2008-01-12 08:33]

[PID: 676 / SYSTEM]   D:\PROGRAM FILES\RISING\RAV\RavStub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-10-04 14:21 M:2008-10-04 14:20]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\COMCTL32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\PROGRAM FILES\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-04 14:21 M:2008-10-04 14:20]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]

[PID: 832 / Administrator]   D:\Program Files\Rising\Rfw\RfwMain.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-01-12 08:31 M:2008-01-12 08:31]
    D:\Program Files\Rising\Rfw\RsGuiLib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\RfwCtrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\netapi32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]

[PID: 1132 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\sfc_os.dll  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\netapi32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\mdimon.dll  [Microsoft Corporation, 11.3.1897.0, C:2008-02-27 11:19 M:2003-06-18 17:31]
    C:\WINDOWS\system32\msi.dll  [Microsoft Corporation, 3.1.4000.4039, C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\System32\spool\PRTPROCS\W32X86\mdippr.dll  [Microsoft Corporation, 11.3.1897.0, C:2008-02-27 11:19 M:2003-06-18 17:31]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]

[PID: 1084 / SYSTEM]   C:\Program Files\StormII\stormliv.exe   [北京暴风网际科技有限公司, 3, 8, 1, 13, C:2007-11-12 11:47 M:2008-01-11 11:41]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\msxml3.dll  [Microsoft Corporation, 8.90.1101.0, C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\mlang.dll  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030), C:2008-01-12 08:33 M:2008-01-12 08:33]

[PID: 460 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    c:\windows\system32\wiaservc.dll  [Microsoft Corporation, 5.1.2600.3051 (xpsp_sp2_gdr.061219-0316), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]

[PID: 2248 / SYSTEM]   C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe   [Hewlett-Packard Development Company, L.P., 2, 0, 1, 9, C:2008-02-27 10:53 M:2006-05-02 14:41]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\SXS.DLL  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), C:2008-01-12 08:34 M:2008-01-12 08:34]

[PID: 2600 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    C:\WINDOWS\System32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]

[PID: 3536 / SYSTEM]   C:\WINDOWS\system32\wuauclt.exe   [(Verified)Microsoft Corporation, 7.0.6000.381 (winmain(wmbla).070730-1740), C:2008-02-27 10:48 M:2008-01-12 16:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\ESENT.dll  [Microsoft Corporation, 5.1.2468.0 (Lab03_N(jliem).010306-1456), C:2008-01-12 08:32 M:2008-01-12 08:33]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\IPHLPAPI.DLL  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]

[PID: 724 / Administrator]   C:\Program Files\Apoint2K\Apoint.exe   [Alps Electric Co., Ltd., 7.0.1.260, C:2008-02-27 10:52 M:2007-07-09 08:11]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\Program Files\Apoint2K\ApResCS.dll  [Alps Electric Co., Ltd., 5.5.1701.21, C:2008-02-27 10:52 M:2007-02-06 09:15]
    C:\WINDOWS\system32\VXDIF.DLL  [Alps Electric Co., Ltd., 6.0.3.14, C:2008-02-27 10:52 M:2006-10-18 20:30]
    C:\Program Files\Apoint2K\Apoint.DLL  [Alps Electric Co., Ltd., 5.5.1702.262, C:2008-02-27 10:52 M:2007-02-15 19:40]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\Program Files\Apoint2K\EzAuto.dll  [Alps Electric Co., Ltd., 5.5.1.91, C:2008-02-27 10:52 M:2006-08-07 17:47]
    C:\WINDOWS\system32\netapi32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\Program Files\Apoint2K\EzLaunch.DLL  [Alps Electric Co., Ltd., 5.5.1.86, C:2008-02-27 10:52 M:2006-09-26 17:48]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]

[PID: 192 / Administrator]   C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe   [ Hewlett-Packard Development Company, L.P., 6, 2, 2, 1, C:2008-02-27 10:53 M:2007-02-13 11:38]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBSERVICE.dll  [Hewlett-Packard Development Company, L.P., 6, 2, 2, 1, C:2008-02-27 10:53 M:2007-02-13 11:37]
    C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\hpqExec.dll  [Hewlett-Packard Company, 6, 2, 1, 3, C:2008-02-27 10:53 M:2007-01-20 08:35]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\SXS.DLL  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\netapi32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\RavExt.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-10-04 14:21 M:2008-10-04 14:20]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]

[PID: 808 / Administrator]   C:\WINDOWS\system32\hkcmd.exe   [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-06-01 15:13]
    C:\WINDOWS\system32\hccutils.DLL  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-05-25 11:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\igfxsrvc.dll  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-05-25 11:01]
    C:\WINDOWS\system32\igfxres.dll  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:04 M:2007-05-25 11:03]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]

[PID: 1480 / Administrator]   C:\WINDOWS\system32\igfxpers.exe   [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-06-01 15:13]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\igfxsrvc.dll  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-05-25 11:01]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]

[PID: 1484 / Administrator]   C:\Program Files\Apoint2K\ApMsgFwd.exe   [(Verified)Alps Electric Co., Ltd., 7, 0, 0, 15, C:2008-02-27 11:06 M:2007-01-29 19:07]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\Program Files\Apoint2K\Apoint.dll  [Alps Electric Co., Ltd., 5.5.1702.262, C:2008-02-27 10:52 M:2007-02-15 19:40]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\Vxdif.dll  [Alps Electric Co., Ltd., 6.0.3.14, C:2008-02-27 10:52 M:2006-10-18 20:30]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]

[PID: 1472 / Administrator]   C:\WINDOWS\system32\igfxsrvc.exe   [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-06-01 15:13]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]
    C:\WINDOWS\system32\igfxsrvc.dll  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-05-25 11:01]
    C:\WINDOWS\system32\igfxdev.dll  [(Verified)Intel Corporation, 6.14.10.4833, C:2008-02-27 11:02 M:2007-05-25 11:00]

[PID: 1916 / Administrator]   C:\Program Files\Synaptics\SynTP\SynTPEnh.exe   [(Verified)Synaptics, Inc., 7.12.3 08Oct04, C:2008-03-05 12:40 M:2004-10-08 14:43]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\COMCTL32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\SynCOM.dll  [(Verified)Synaptics, Inc., 7.12.3 08Oct04, C:2008-03-05 12:40 M:2004-10-08 14:35]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]

[PID: 2004 / Administrator]   C:\Program Files\Apoint2K\Apntex.exe   [Alps Electric Co., Ltd., 7.0.1.26, C:2008-02-27 10:52 M:2006-09-08 15:06]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\VXDIF.DLL  [Alps Electric Co., Ltd., 6.0.3.14, C:2008-02-27 10:52 M:2006-10-18 20:30]
    C:\Program Files\Apoint2K\Apoint.DLL  [Alps Electric Co., Ltd., 5.5.1702.262, C:2008-02-27 10:52 M:2007-02-15 19:40]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]

[PID: 2136 / Administrator]   C:\WINDOWS\system32\conime.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]

[PID: 2140 / Administrator]   C:\WINDOWS\system32\ctfmon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]

[PID: 2148 / Administrator]   D:\Program Files\Rising\Rav\Ravmon.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.27, C:2008-10-04 14:21 M:2008-10-04 14:20]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2008-01-12 08:31 M:2008-01-12 08:31]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2008-01-12 08:31 M:2008-01-12 08:31]
    D:\Program Files\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-10-04 14:21 M:2008-10-04 14:20]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    D:\Program Files\Rising\Rav\Rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-10-04 14:21 M:2008-10-04 14:20]
    D:\Program Files\Rising\Rav\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-10-04 14:21 M:2008-10-04 14:20]

[PID: 2620 / SYSTEM]   C:\WINDOWS\system32\wbem\wmiprvse.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2008-02-27 10:47 M:2004-08-17 20:00]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\comctl32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]

[PID: 3188 / Administrator]   D:\tt\bin\TTraveler.exe   [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:26 M:2008-09-11 09:26]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\tt\bin\TTUtilWidget.dll  [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:26 M:2008-09-11 09:26]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\COMCTL32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    D:\tt\bin\TTStore.dll  [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:26 M:2008-09-11 09:26]
    D:\tt\bin\sqlite3.dll  [(Verified)N/A, C:2008-09-11 09:25 M:2008-09-11 09:25]
    D:\tt\bin\PlatformWidget.dll  [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:22 M:2008-09-11 09:22]
    D:\tt\bin\TTMainFrame.dll  [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:25 M:2008-09-11 09:25]
    D:\tt\bin\UpdateUtil.dll  [(Verified)N/A, C:2008-09-11 09:26 M:2008-09-11 09:26]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\msxml3.dll  [Microsoft Corporation, 8.90.1101.0, C:2008-01-12 08:33 M:2008-01-12 08:33]
    D:\tt\bin\TTMBrowser.dll  [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:26 M:2008-09-11 09:26]
    D:\tt\bin\TTabMgr.dll  [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:25 M:2008-09-11 09:25]
    D:\tt\bin\TTSkin.dll  [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:26 M:2008-09-11 09:26]
    C:\WINDOWS\system32\SXS.DLL  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\tt\bin\TTPluginMng.dll  [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:26 M:2008-09-11 09:26]
    D:\tt\Plugins\3TTWeather\TTWeather.dll  [Tencent, 1.0.0.1, C:2008-09-10 18:31 M:2008-09-10 18:31]
    D:\tt\Plugins\WebInfo\WebToolbar.dll  [Tencent, 1.0.0.1, C:2008-09-10 18:31 M:2008-09-10 18:31]
    C:\WINDOWS\system32\mlang.dll  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]
    D:\tt\bin\TTHtmlApp.dll  [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:25 M:2008-09-11 09:25]
    D:\tt\bin\FavoriteLogical.dll  [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:21 M:2008-09-11 09:21]
    D:\tt\bin\TSupport.dll  [(Verified)TENCENT Inc., 1, 2, 11, 201, C:2008-09-11 09:25 M:2008-09-11 09:25]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020), C:2008-01-12 08:34 M:2008-01-12 08:34]
    D:\tt\bin\TTFilter.dll  [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:25 M:2008-09-11 09:25]
    D:\tt\bin\TTNetwork.dll  [(Verified)Tencent, 4, 14, 0, 14, C:2008-09-11 09:26 M:2008-09-11 09:26]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    D:\Program Files\Rising\Rav\RavScrCh.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-10-04 14:21 M:2008-10-04 14:20]
    C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
    C:\WINDOWS\system32\schannel.dll  [Microsoft Corporation, 5.1.2600.3126 (xpsp_sp2_gdr.070425-0226), C:2008-01-12 08:34 M:2008-01-12 08:34]

[PID: 3228 / Administrator]   D:\清理助手\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 1, 815, C:2008-10-04 14:58 M:2008-08-15 22:25]
    C:\WINDOWS\system32\RPCRT4.dll  [Microsoft Corporation, 5.1.2600.3173 (xpsp_sp2_gdr.070709-0051), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\USER32.dll  [Microsoft Corporation, 5.1.2600.3099 (xpsp_sp2_gdr.070308-0222), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\ole32.dll  [Microsoft Corporation, 5.1.2600.2726 (xpsp_sp2_gdr.050725-1528), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\NETAPI32.dll  [Microsoft Corporation, 5.1.2600.2976 (xpsp_sp2_gdr.060817-0106), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\COMCTL32.dll  [Microsoft Corporation, 5.82 (xpsp.060825-0040), C:2008-01-12 08:32 M:2008-01-12 08:32]
    C:\WINDOWS\system32\SHELL32.dll  [Microsoft Corporation, 6.00.2900.3241 (xpsp_sp2_gdr.071025-1248), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\oledlg.dll  [Microsoft Corporation, 1.0 (xpsp_sp2_gdr.061016-0148), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\iphlpapi.dll  [Microsoft Corporation, 5.1.2600.2912 (xpsp_sp2_gdr.060519-0003), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll  [Microsoft Corporation, 6.0 (xpsp.060825-0040), C:2008-02-27 10:45 M:2008-01-12 16:40]
    D:\Program Files\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-10-04 12:49 M:2008-10-04 12:48]
    D:\Program Files\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-10-04 12:49 M:2008-10-04 12:48]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2008-01-12 08:36 M:2008-01-12 08:36]
    C:\WINDOWS\system32\CLBCATQ.DLL  [Microsoft Corporation, 2001.12.4414.308, C:2008-02-27 10:47 M:2008-01-12 16:32]
    C:\WINDOWS\system32\08223B03.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4F34C688.dll  [N/A, C:2008-10-04 11:18 M:2008-10-04 11:18]
    C:\WINDOWS\system32\4EFDDEBE.dll  [N/A, C:2008-10-04 11:17 M:2008-10-04 11:17]
    D:\清理助手\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-10-04 14:58 M:2007-11-28 15:19]
    C:\WINDOWS\system32\mlang.dll  [Microsoft Corporation, 6.00.2900.2530 (xpsp.040919-1030), C:2008-01-12 08:33 M:2008-01-12 08:33]
    C:\WINDOWS\system32\rasadhlp.dll  [Microsoft Corporation, 5.1.2600.2938 (xpsp_sp2_gdr.060626-0020), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\SXS.DLL  [Microsoft Corporation, 5.1.2600.3019 (xpsp_sp2_gdr.061019-0414), C:2008-01-12 08:34 M:2008-01-12 08:34]
    C:\WINDOWS\system32\shdoclc.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\LINKINFO.dll  [Microsoft Corporation, 5.1.2600.2751 (xpsp_sp2_gdr.050831-1520), C:2008-01-12 08:33 M:2008-01-12 08:33]


========================================
文件关联

[.chm] <"hh.exe" %1> [Microsoft Corporation, 5.2.3790.2453 (srv03_sp1_gdr.050525-1542), C:2008-01-12 08:33 M:2008-01-12 08:33]


========================================
AutoRun.INF



========================================
Winsock提供者



========================================
HOSTS

    127.0.0.1 localhost
    127.0.0.1 858656.com
    127.0.0.1 my123.com
    127.0.0.1 8749.com
    127.0.0.1 4199.com
    127.0.0.1 7379.com
    127.0.0.1 7255.com
    127.0.0.1 3448.com
    127.0.0.1 7939.com
    127.0.0.1 8009.com
    127.0.0.1 piaoxue.com
    127.0.0.1 kzdh.com
    127.0.0.1 about.blank.la
    127.0.0.1 6781.com
    127.0.0.1 7322.com


[/CODE]