[CODE] 2008-11-11,21:19:29 SysLog Scanner 1.0 - build 20080726 Arswp (http://www.arswp.com) Windows XP Professional Service Pack 3 (build 2600) - Administrators ======================================== 注册项 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] <"C:\Program Files\Rising\Rav\RavTask.exe" -system> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-10-09 21:37 M:2008-10-09 21:37] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-12-01 10:42 M:2008-04-14 10:14|NVIDIA Corporation, 6.14.10.8132, C:2005-09-14 08:05 M:2005-09-14 08:05] <"C:\Program Files\Rising\AntiSpyware\rstray.exe" /startup> [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-10-09 20:47 M:2008-10-09 20:47] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-10-09 20:47 M:2008-11-10 20:49] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用快车(FlashGet)下载] <> [N/A, C:2007-12-18 14:30 M:2007-12-18 14:30] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&使用快车(FlashGet)下载全部链接] <> [N/A, C:2007-12-18 14:30 M:2007-12-18 14:30] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载] <> [N/A, C:2007-07-01 08:15 M:2008-06-13 09:55] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接] <> [N/A, C:2007-07-01 08:15 M:2008-06-13 09:55] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)] <> [] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情] <> [N/A, C:2008-05-14 10:29 M:2008-05-14 10:29] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-12-01 10:42 M:2008-04-14 10:14|(Verified)Microsoft Corporation, 7.00.6000.16735 (vista_gdr.080820-1506), C:2006-12-01 10:41 M:2008-08-26 15:57|(Verified)N/A, C:2006-12-01 10:42 M:2004-08-04 08:48] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-12-01 10:42 M:2008-04-14 10:14|(Verified)Microsoft Corporation, 7.00.6000.16735 (vista_gdr.080820-1506), C:2006-12-01 10:41 M:2008-08-26 15:57|(Verified)N/A, C:2006-12-01 10:43 M:2004-08-04 08:48] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-12-01 10:42 M:2008-04-14 10:14|(Verified)Microsoft Corporation, 7.00.6000.16735 (vista_gdr.080820-1506), C:2006-12-01 10:41 M:2008-08-26 15:57|(Verified)N/A, C:2006-12-18 16:42 M:2005-01-28 15:25] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{09BA8F6D-CB54-424B-839C-C2A6C8E6B436}] <启动迅雷5> [Thunder Networking Technologies,LTD, 5, 6, 8, 19, C:2007-07-01 08:15 M:2008-07-10 21:15] ======================================== 启动项 [ADSL] "" > [] ======================================== 计划任务 ======================================== 组件 Shell Extension [Display Panning CPL Extension] {42071714-76d4-11d1-8b24-00a0c9068ff3} [] [HyperTerminal Icon Ext] {88895560-9AA2-1069-930E-00AA0030EBC8} [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-12-01 11:04 M:2004-06-06 14:13] [NvCpl DesktopContext Class] {A70C977A-BF00-412C-90B7-034C51DA2439} [NVIDIA Corporation, 6.14.10.8132, C:2005-09-14 08:05 M:2005-09-14 08:05] [Play on my TV helper] {FFB699E0-306A-11d3-8BD1-00104B6F7516} [NVIDIA Corporation, 6.14.10.8132, C:2005-09-14 08:05 M:2005-09-14 08:05] [Desktop Explorer] {1CDB2949-8F65-4355-8456-263E7C208A5D} [N/A, C:2005-09-14 08:05 M:2005-09-14 08:05] [Desktop Explorer Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A47} [N/A, C:2005-09-14 08:05 M:2005-09-14 08:05] [nView Desktop Context Menu] {1E9B04FB-F9E5-4718-997B-B8DA88302A48} [N/A, C:2005-09-14 08:05 M:2005-09-14 08:05] [WinRAR shell extension] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2006-12-01 14:37 M:2006-09-14 12:37] [Shell Extensions for RealOne Player] {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [(Verified)RealNetworks, Inc., 1.0.2.67, C:2006-12-03 18:16 M:2008-10-09 20:59] [OpenOffice Property Sheet Handler] {63542C48-9552-494A-84F7-73AA6A7C99C1} [] [EncryptFile] {D55189EB-2826-4834-8E59-582B05CA99CA} [(Verified)共软网络, 1.0.8.103, C:2008-10-17 22:15 M:2008-01-03 13:51] [RISING] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-10-09 21:37 M:2008-10-09 21:37] BrowserHelperObject [ThunderAtOnce Class] {01443AEC-0FD1-40fd-9C87-E93D1494C233} [Thunder Networking Technologies,LTD, Copyright 2005-2007, C:2007-07-02 18:09 M:2007-10-20 21:40] [Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2007-07-02 18:09 M:2008-06-13 09:43] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [] [ThunderAtOnce Class] {ED6A25E8-08F5-4937-948D-3E10C4F47FAA} [Thunder Networking Technologies,LTD, Copyright 2005-2007, C:2007-07-02 18:09 M:2007-10-20 21:40] ActiveX Extension [ThunderAtOnce Class] {01443AEC-0FD1-40FD-9C87-E93D1494C233} [Thunder Networking Technologies,LTD, Copyright 2005-2007, C:2007-07-02 18:09 M:2007-10-20 21:40] [Adobe PDF Reader Link Helper] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08] [EscPWDCtrl Class] {0C207959-1551-4E49-993C-78DD2D62955F} [Copyright 2007, 1, 0, 0, 4, C:2007-07-25 15:19 M:2007-07-25 15:19] [DHTML Edit Control Safe for Scripting for IE5] {2D360201-FFF5-11D1-8D03-00A0C959BC0A} [] [Thunder Agent Class] {485463B7-8FB2-4B3B-B29B-8B919B0EACCE} [Thunder Networking Technologies,LTD, 5, 0, 3, 20, C:2007-07-02 18:09 M:2007-04-27 18:10] [HdwCode Control] {52A05F4B-9F0C-4752-BB78-9B6DFD2DE9D5} [home, 1, 1, 0, 0, C:2008-09-20 20:17 M:2005-06-28 09:10] [XMP Class] {6483F145-A768-4C41-AACC-52D4D7845851} [Copyright XunLei 2007, 2, 1, 2, 77, C:2008-02-12 17:15 M:2008-08-04 12:58] [XDRM] {693571CB-54A3-4E90-9D52-EEAE1334E2D3} [Copyright XunLei 2007, 1, 0, 0, 7, C:2008-02-12 17:14 M:2008-08-04 12:58] [CCtInf Class] {6DBB2904-082D-4DB0-944A-21C22BA121F4} [Copyright 2006, 1, 0, 0, 3, C:2007-07-09 20:59 M:2006-09-19 16:31] [MediaComm Class] {7670648D-461B-42AF-BDFE-46D26AF5EFF2} [Thunder Networking Technologies,LTD, 3, 1, 5, 78, C:2008-09-20 20:16 M:2008-08-04 12:58] [360SafeLive] {87515F61-A66C-4319-A0E0-D416CB8059E3} [(Verified)360.cn, 1, 0, 1, 1028, C:2008-07-16 22:00 M:2008-07-16 22:00] [Thunder Browser Helper] {889D2FEB-5411-4565-8998-1DD2C5261283} [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2007-07-02 18:09 M:2008-06-13 09:43] [XML HTTP 4.0] {88D969C5-F192-11D4-A65F-0040963251E5} [Microsoft Corporation, 4.20.9841.0, C:2006-11-04 14:14 M:2006-11-04 14:14] [卡卡上网安全助手] {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} [] [DapCtrl Class] {ACACC6EB-1FBA-4E13-A729-53AEB2DF54F8} [ShenZhen Thunder Networking Technologies Ltd., 2, 1, 5803, 60, C:2008-09-20 20:16 M:2008-08-04 12:58] [SafeMon Class] {B69F34DD-F0F9-42DC-9EDD-957187DA688D} [] [QQPlayerSvr Proxy Control] {CD108273-D434-43E6-AA90-1469F97EB398} [(Verified)腾讯科技, 2, 11, 112, 140, C:2007-12-11 20:01 M:2007-12-11 20:01] [RealPlayer G2 Control] {CFCDAA03-8BE4-11CF-B84B-0020AFBBCCFA} [(Verified)RealNetworks, Inc., 6.0.10.72, C:2006-12-03 18:16 M:2008-10-09 20:59] [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [Microsoft Silverlight] {DFEAF541-F3E1-4C24-ACAC-99C30715084A} [(Verified) Microsoft Corporation, 2.0.31005.0, C:2008-10-04 21:48 M:2008-10-04 21:48] [PasswordEditCtrl Class] {E787FD25-8D7C-4693-AE67-9406BC6E22DF} [(Verified)腾讯科技(深圳)有限公司, 1, 1, 0, 5, C:2008-01-07 17:08 M:2008-01-07 17:08] [TimwpDll.TimwpCheck] {ED4CA2E5-0EEA-44C1-AD7E-74A07A7507A4} [(Verified)TENCENT, 8,0,777,1805, C:2008-05-14 20:49 M:2008-05-14 20:49] [ThunderAtOnce Class] {ED6A25E8-08F5-4937-948D-3E10C4F47FAA} [Thunder Networking Technologies,LTD, Copyright 2005-2007, C:2007-07-02 18:09 M:2007-10-20 21:40] [Thunder DapPlayer] {EEDD6FF9-13DE-496B-9A1C-D78B3215E266} [ShenZhen Thunder Networking Technologies Ltd., 3, 0, 5712, 71, C:2008-09-20 20:16 M:2008-08-04 12:58] [XPPlayer Class] {F3E70CEA-956E-49CC-B444-73AFE593AD7F} [Xunlei Networking Technologies,LTD, 2, 0, 0, 181, C:2008-09-20 20:16 M:2008-08-04 12:58] [IERPCtl Class] {FDC7A535-4070-4B92-A0EA-D9994BCC0DC5} [(Verified)RealNetworks, Inc., 1.0.2.68, C:2006-12-03 18:16 M:2008-10-09 20:59] Context Menu [EncryptFile] {D55189EB-2826-4834-8E59-582B05CA99CA} [(Verified)共软网络, 1.0.8.103, C:2008-10-17 22:15 M:2008-01-03 13:51] [RisingRavExt] {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D} [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-10-09 21:37 M:2008-10-09 21:37] [WinRAR] {B41DB860-8EE4-11D2-9906-E49FADC173CA} [N/A, C:2006-12-01 14:37 M:2006-09-14 12:37] ======================================== 服务 [Human Interface Device Access / HidServ][Stopped/Disabled] <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll"> [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-05-11 20:44 M:2008-04-14 10:14] [InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"> [Macrovision Corporation, 10.50.125, C:2004-10-22 03:24 M:2004-10-22 03:24] [NVIDIA Display Driver Service / NVSvc][Running/Auto Start] <%SystemRoot%\system32\nvsvc32.exe> [NVIDIA Corporation, 6.14.10.8132, C:2005-09-14 08:05 M:2005-09-14 08:05] [Rising Process Communication Center / RsCCenter][Running/Auto Start] <"C:\Program Files\Rising\Rav\CCenter.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-10-09 21:37 M:2008-10-09 21:37] [Rising RealTime Monitor / RsRavMon][Stopped/Auto Start] <"C:\PROGRAM FILES\RISING\RAV\Ravmond.exe"> [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-10-09 21:37 M:2008-10-09 21:37] ======================================== 驱动 [USB 2.0 Compliance JPEG Video Camera / CAM1690][Stopped/Manual Start] [Copyright (C) 2007-2008, 1.02, C:2007-08-29 12:01 M:2007-08-29 12:01] [KvMemon / KvMemon][Stopped/Manual Start] <\??\C:\PROGRA~1\KV2006\KvMemon.sys> [] [npkcrypt / npkcrypt][Running/Auto Start] <\??\C:\Program Files\Tencent\QQ\npkcrypt.sys> [INCA Internet Co., Ltd., 2005. 11. 1. 1, C:2006-12-07 18:14 M:2006-12-07 18:14] [nv / nv][Running/Manual Start] [NVIDIA Corporation, 6.14.10.8132, C:2005-09-14 08:05 M:2005-09-14 08:05] [Service for NVIDIA(R) nForce(TM) Audio Enumerator / nvax][Running/Manual Start] [NVIDIA Corporation, 6.14.0462.0 built by: NVIDIA, C:2006-12-01 11:23 M:2005-04-13 12:32] [Service for NVIDIA(R) nForce(TM) Audio / nvnforce][Running/Manual Start] [NVIDIA Corporation, 6.14.0462.0 built by: NVIDIA, C:2006-12-01 11:23 M:2005-04-13 12:34] [PProtect / PProtect][Stopped/System Start] <\??\C:\PROGRA~1\KV2006\PProtect.sys> [] [TCP/IP Protocol Driver / Tcpip][Running/System Start] [Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-12-01 10:42 M:2008-04-14 03:20] [yfyenkqn / yfyenkqn][Running/Boot Start] [YAHOO Corporation, 1.1.4.1019, C:2006-12-20 12:51 M:2006-12-20 12:51] [360AntiArp / 360AntiArp][Running/System Start] <\??\C:\WINDOWS\system32\drivers\360AntiArp.sys> [(Verified)360安全中心, 1, 0, 1, 1007, C:2008-04-09 16:33 M:2008-04-09 16:33] [HookCont / HookCont][Running/System Start] <\SystemRoot\system32\drivers\HookCont.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2008-10-09 21:37 M:2008-10-09 21:37] [HookNtos / HookNtos][Running/System Start] <\SystemRoot\system32\drivers\HookNtos.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 52, C:2008-10-09 21:37 M:2008-10-23 18:47] [HookReg / HookReg][Running/System Start] <\SystemRoot\system32\drivers\HookReg.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29, C:2008-10-09 21:37 M:2008-11-04 20:30] [HookSys / HookSys][Running/System Start] <\SystemRoot\system32\drivers\HookSys.sys> [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2008-10-09 21:37 M:2008-10-09 21:37] [NVIDIA nForce Networking Controller Driver / NVENETFD][Running/Manual Start] [(Verified)NVIDIA Corporation, 1.00.00.05009, C:2006-12-01 11:20 M:2005-07-29 17:11] [NVIDIA Network Bus Enumerator / nvnetbus][Running/Manual Start] [(Verified)NVIDIA Corporation, 1.00.00.05009, C:2006-12-01 11:20 M:2005-07-29 17:11] [DDK PACKET Protocol / Packet][Stopped/Manual Start] [(Verified)360安全中心, 1, 0, 1, 1001, C:2008-04-09 16:36 M:2008-04-09 16:36] [Direct Parallel Link Driver / Ptilink][Running/Manual Start] [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2006-12-01 10:42 M:2004-06-06 14:13] [RsNTGDI / RsNTGDI][Running/Boot Start] [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-10-09 21:37 M:2008-10-09 21:37] [Secdrv / Secdrv][Stopped/Manual Start] [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2006-12-01 10:42 M:2007-11-13 18:25] ======================================== 进程 [PID: 632 / SYSTEM] \SystemRoot\System32\smss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-12-01 10:42 M:2008-04-14 10:14] [PID: 976 / SYSTEM] \??\C:\WINDOWS\system32\csrss.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-12-01 10:41 M:2008-04-14 10:13] [PID: 1004 / SYSTEM] \??\C:\WINDOWS\system32\winlogon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-12-01 10:42 M:2008-04-14 10:14] [PID: 1060 / SYSTEM] C:\WINDOWS\system32\services.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2006-12-01 10:42 M:2008-04-14 10:14] [PID: 1072 / SYSTEM] C:\WINDOWS\system32\lsass.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2113), C:2006-12-01 10:41 M:2008-04-14 10:14] [PID: 1248 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-05-11 20:44 M:2008-04-14 10:14] [PID: 1320 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-05-11 20:44 M:2008-04-14 10:14] [PID: 1408 / SYSTEM] C:\Program Files\Rising\Rav\CCenter.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-10-09 21:37 M:2008-10-09 21:37] [PID: 1428 / SYSTEM] C:\WINDOWS\System32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-05-11 20:44 M:2008-04-14 10:14] [PID: 1476 / NETWORK SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-05-11 20:44 M:2008-04-14 10:14] [PID: 1500 / LOCAL SERVICE] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-05-11 20:44 M:2008-04-14 10:14] [PID: 1668 / SYSTEM] C:\PROGRAM FILES\RISING\RAV\ravmond.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\BWList.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 23:20 M:2003-03-18 23:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 04:42 M:2008-10-09 20:59] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 22:14 M:2008-10-09 20:59] C:\PROGRAM FILES\RISING\RAV\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\RsLog.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\Hooksys.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\HookReg.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\HookNtos.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\rswalmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\ffr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-09 21:37 M:2008-10-09 22:02] C:\Program Files\Rising\Rav\RsStore.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\HookCont.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\fakescan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\Scanner.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\HookWeb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\extfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\pearc.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\nvfile.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\scanexec.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\unexe.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\scanex.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 98, C:2008-10-09 21:37 M:2008-11-05 18:25] C:\PROGRAM FILES\RISING\RAV\scanpack.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\revm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\urutils.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\ur000.dat [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-10-09 21:37 M:2008-10-09 22:02] C:\PROGRAM FILES\RISING\RAV\extole.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 13, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\scansct.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\extmail.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-10-09 21:37 M:2008-10-09 21:37] [PID: 1912 / Administrator] C:\WINDOWS\Explorer.EXE [(Verified)Microsoft Corporation, 6.00.2900.5512 (xpsp.080413-2105), C:2006-12-01 10:41 M:2008-04-14 10:14] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-10-09 20:47 M:2008-11-10 20:49] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll [Adobe Systems, Inc., 8.1.0.0, C:2007-05-10 22:54 M:2007-05-10 22:54] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll [Microsoft Corporation, 8.00.50727.163, C:2006-06-05 14:14 M:2006-06-05 14:14] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.CHS [Adobe Systems, Inc., 8.0.0.0, C:2006-11-17 00:37 M:2006-11-17 00:37] C:\WINDOWS\system32\nvcpl.dll [NVIDIA Corporation, 6.14.10.8132, C:2005-09-14 08:05 M:2005-09-14 08:05] C:\WINDOWS\system32\NVRSZHC.DLL [NVIDIA Corporation, 6.14.10.8132, C:2005-09-14 08:05 M:2005-09-14 08:05] C:\WINDOWS\system32\nvshell.dll [N/A, C:2005-09-14 08:05 M:2005-09-14 08:05] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08] C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2007-07-02 18:09 M:2008-06-13 09:43] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2008-09-20 20:16 M:2008-08-04 12:58] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-09-20 20:16 M:2008-08-04 12:58] [PID: 248 / SYSTEM] C:\WINDOWS\system32\spoolsv.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-12-01 10:42 M:2008-04-14 10:14] C:\WINDOWS\System32\spool\PRTPROCS\W32X86\vprproc.dll [Windows (R) 2000 DDK provider, 5.00.2195.1620, C:2008-03-13 09:14 M:2005-02-02 15:21] [PID: 364 / SYSTEM] C:\PROGRAM FILES\RISING\RAV\RavStub.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\PROGRAM FILES\RISING\RAV\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-09 21:37 M:2008-10-09 21:37] [PID: 112 / Administrator] C:\Program Files\Rising\Rav\RavTask.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\RSAPPMGR.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-10-09 21:37 M:2008-10-09 21:37] [PID: 688 / Administrator] C:\Program Files\Rising\Rav\Ravmon.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.27, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\WINDOWS\system32\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 23:20 M:2003-03-18 23:20] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 04:42 M:2008-10-09 20:59] C:\WINDOWS\system32\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2003-03-18 22:14 M:2008-10-09 20:59] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\RSCOMMON.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\recomp.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\refs.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\viruslib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\relibldr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\RSAPPMGR.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\CfgDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\MonRule.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\Rsguilib.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\Rav\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-10-09 21:37 M:2008-10-09 21:37] [PID: 728 / Administrator] C:\WINDOWS\system32\ctfmon.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2105), C:2006-12-01 10:42 M:2008-04-14 10:13] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-10-09 20:47 M:2008-11-10 20:49] [PID: 452 / SYSTEM] C:\WINDOWS\system32\nvsvc32.exe [NVIDIA Corporation, 6.14.10.8132, C:2005-09-14 08:05 M:2005-09-14 08:05] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-10-09 20:47 M:2008-11-10 20:49] [PID: 584 / SYSTEM] C:\WINDOWS\system32\svchost.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-2111), C:2007-05-11 20:44 M:2008-04-14 10:14] [PID: 884 / LOCAL SERVICE] C:\WINDOWS\system32\wdfmgr.exe [(Verified)Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act), C:2005-01-28 01:36 M:2005-01-28 01:36] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-10-09 20:47 M:2008-11-10 20:49] [PID: 2356 / LOCAL SERVICE] C:\WINDOWS\System32\alg.exe [(Verified)Microsoft Corporation, 5.1.2600.5512 (xpsp.080413-0852), C:2006-12-01 10:41 M:2008-04-14 10:13] C:\WINDOWS\System32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-10-09 20:47 M:2008-11-10 20:49] [PID: 268 / Administrator] C:\Program Files\Rising\AntiSpyware\RSTray.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.16, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-10-09 20:47 M:2008-11-10 20:49] C:\Program Files\Rising\AntiSpyware\rsmginfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21, 0, 0, 8, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\RsXML.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\ComServ.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.31, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\rscommon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.1.1, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\pngdll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\runiep.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.41, C:2008-10-09 20:47 M:2008-11-10 20:49] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 20:47 M:2008-10-09 20:47] [PID: 3688 / Administrator] C:\Program Files\Rising\AntiSpyware\Update\Rsaupd.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 47, C:2008-10-09 20:48 M:2008-10-09 20:47] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-10-09 20:47 M:2008-11-10 20:49] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 20:47 M:2008-10-09 20:47] [PID: 2692 / Administrator] C:\Program Files\Rising\AntiSpyware\Ras.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.7, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\MFC71.DLL [Microsoft Corporation, 7.10.3077.0, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\KakaMgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.27, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\MSVCP71.dll [Microsoft Corporation, 7.10.3077.0, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\Rav\ProcCom.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\Program Files\Rising\AntiSpyware\RsCommX2.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\dbmgr.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.4, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\RSXML.DLL [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\pweb.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.18, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\pscan.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.58, C:2008-10-09 20:47 M:2008-11-10 20:49] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\pset.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\pdefend.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.14, C:2008-10-09 20:47 M:2008-11-10 20:49] C:\Program Files\Rising\AntiSpyware\ptools.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.15, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\psysinfo.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.56, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\PngDll.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [PID: 3256 / Administrator] C:\Program Files\Rising\AntiSpyware\knownsvr.exe [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.12, C:2008-10-09 20:47 M:2008-11-10 20:49] C:\Program Files\Rising\AntiSpyware\NComm.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 6.0.0.6, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-10-09 20:47 M:2008-11-10 20:49] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-10-09 20:47 M:2008-10-09 20:47] [PID: 2456 / Administrator] C:\Program Files\Internet Explorer\IEXPLORE.EXE [(Verified)Microsoft Corporation, 7.00.6000.16735 (vista_gdr.080820-1506), C:2006-12-01 11:05 M:2008-08-23 13:56] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-10-09 20:47 M:2008-11-10 20:49] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Thunder Network\Thunder\ComDlls\TDAtOnce_Now.dll [Thunder Networking Technologies,LTD, Copyright 2005-2007, C:2007-07-02 18:09 M:2007-10-20 21:40] C:\WINDOWS\system32\MSVCR71.dll [Microsoft Corporation, 7.10.3052.4, C:2003-02-21 04:42 M:2008-10-09 20:59] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [(Verified)Adobe Systems Incorporated, 8.0.0.2006102200, C:2006-10-22 23:08 M:2006-10-22 23:08] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\MSVCR80.dll [Microsoft Corporation, 8.00.50727.163, C:2006-06-05 14:14 M:2006-06-05 14:14] C:\Program Files\Thunder Network\Thunder\ComDlls\xunleiBHO_Now.dll [(Verified)Thunder Networking Technologies,LTD, 5, 0, 8, 96, C:2007-07-02 18:09 M:2008-06-13 09:43] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DsBho_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 20, C:2008-09-20 20:16 M:2008-08-04 12:58] C:\Program Files\Thunder Network\Thunder\Components\ResWorker\DataProcessor_01.dll [Thunder Networking Technologies,LTD, 1, 0, 0, 16, C:2008-09-20 20:16 M:2008-08-04 12:58] C:\Program Files\Rising\Rav\RavScrCh.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-10-09 21:37 M:2008-10-09 21:37] C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32] [PID: 4028 / Administrator] C:\Program Files\arswp\ArSwp.exe [(Verified)ArSwp.com, 2, 8, 1, 815, C:2008-11-10 20:55 M:2008-08-15 22:25] C:\WINDOWS\system32\kmon.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-10-09 20:47 M:2008-11-10 20:49] C:\Program Files\Rising\AntiSpyware\comx3.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\Rising\AntiSpyware\Syslay.dll [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-10-09 20:47 M:2008-10-09 20:47] C:\Program Files\arswp\plugin\ArFix.dll [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-11-10 20:55 M:2007-11-28 15:19] ======================================== 文件关联 ======================================== AutoRun.INF ======================================== Winsock提供者 ======================================== HOSTS 127.0.0.1 localhost 127.0.0.1 yu.8s7.net 127.0.0.1 1.jopanqc.com 127.0.0.1 2.joppnqq.com 127.0.0.1 wg.47255.com 127.0.0.1 1.joppnqq.com 127.0.0.1 xxx.m111.biz 127.0.0.1 1.jopenqc.com 127.0.0.1 1.jopenkk.com 127.0.0.1 xxx.vh7.biz 127.0.0.1 xxx.j41m.com 127.0.0.1 3.joppnqq.com 127.0.0.1 d.93se.com 127.0.0.1 www.868wg.com 127.0.0.1 xxx.mmma.biz 127.0.0.1 ilove.com 127.0.0.1 tp.shpzhan.cn 127.0.0.1 www.tomwg.com 127.0.0.1 www.cike007.cn 127.0.0.1 www.22aaa.com 127.0.0.1 xx.exiao01.com 127.0.0.1 www.exiao01.com 127.0.0.1 www.exiao01.com 127.0.0.1 new.749571.com 127.0.0.1 xtx.kv8.info 127.0.0.1 cao.kv8.info 127.0.0.1 1.jopmmqq.com 127.0.0.1 171817.171817.com 127.0.0.1 d2.llsging.com 127.0.0.1 down.malasc.cn 127.0.0.1 llboss.com 127.0.0.1 nx.51ylb.cn 127.0.0.1 my.531jx.cn 127.0.0.1 qqq.dzydhx.com 127.0.0.1 qqq.hao1658.com 127.0.0.1 www.333292.com 127.0.0.1 down.18dd.net 127.0.0.1 up.22x44.com 127.0.0.1 aaa.faba01.com 127.0.0.1 bad.tqdlt.cn 127.0.0.1 1.chsipo.com 127.0.0.1 c3.aishangai.net 127.0.0.1 c2.aishangai.net 127.0.0.1 xxx.188dm.com 127.0.0.1 x2.1a2b3c1.com 127.0.0.1 d1.163500.net 127.0.0.1 down.google-serv.cn [/CODE]