[CODE]

2008-11-28,20:33:45

SysLog Scanner 1.0 - build 20080726
Arswp (http://www.arswp.com)

Windows XP Professional Service Pack 2 (build 2600) - Administrators



========================================
注册项

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <iTudouAutoStart><C:\Program Files\Tudou\iTudou\iTudou.exe -AutoStart>  [土豆网, 1.3.3.1, C:2007-09-21 18:26 M:2001-01-01 00:05]
    <TudouVAStart><C:\Program Files\Tudou\飞速Tudou\TudouVa.exe>  [土豆网(www.tudou.com), 1.0.1.0, C:2007-10-23 10:13 M:2008-06-06 16:16]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    <wallpaper><c:\windows\system32\壁纸自动换.exe>  [N/A, C:2006-04-18 01:50 M:2004-02-22 16:01]
    <BigDog303><C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)>  [Vimicro, 3, 6, 227, 13, C:2007-11-06 10:50 M:2006-02-27 11:25]
    <WangWang><"C:\Program Files\Alisoft\WangWang\WangWang.EXE">  [阿里巴巴软件(上海)有限公司, 5, 6, 0, 5, C:2007-11-23 15:04 M:2007-11-02 21:38]
    <搜狐彩电网页版><C:\Program Files\sohutv_web\SysTrayIcon.exe "C:\Program Files\sohutv_web" "86a8aa939ec65687ba4282a06eeb2f41" "1.0.0.4" "">  [(Verified)Sohu.com Inc., 1, 0, 0, 23, C:2008-03-10 15:00 M:2008-03-10 15:00]
    <AppleSyncNotifier><C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe>  [(Verified)Apple Inc., 1, 0, 0, 9, C:2008-07-22 20:42 M:2008-07-22 20:42]
    <QuickTime Task><"C:\Program Files\QuickTime\qttask.exe" -atboottime>  [Apple Inc., 7.5 (861), C:2008-05-27 10:50 M:2008-05-27 10:50]
    <iTunesHelper><"D:\黄丹\ipod\iTunesHelper.exe">  [(Verified)Apple Inc., 7.7.1.11, C:2008-07-30 10:47 M:2008-07-30 10:47]
    <AGRSMMSG><AGRSMMSG.exe>  [(Verified)Agere Systems, 2.1.41.10 2.1.41.10 06/29/2004 09:06:35, C:2004-06-29 09:06 M:2004-06-29 09:06]
    <nwiz><nwiz.exe /install>  [N/A, C:2006-07-05 01:31 M:2005-12-10 03:06]
    <SoundMan><SOUNDMAN.EXE>  [(Verified)Realtek Semiconductor Corp., 5, 1, 0, 52, C:2006-07-05 01:31 M:2006-03-02 07:22]
    <NvCplDaemon><RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)NVIDIA Corporation, 6.14.10.8198, C:2006-07-05 01:31 M:2005-12-10 03:06]
    <NvMediaCenter><RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)NVIDIA Corporation, 6.14.10.8198, C:2006-07-05 01:31 M:2005-12-10 03:06]
    <RavTask><"F:\瑞星\Rising\Rav\RavTask.exe" -system>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-11-26 19:57 M:2008-11-26 19:55]
    <RfwMain><"F:\瑞星\Rising\Rfw\rfwmain.exe" -Startup>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-11-26 21:42 M:2008-11-26 21:38]
    <runeip><"F:\瑞星\runiep.exe" /startup>  [Beijing Rising Technology Co., Ltd., 5.0.0.16, C:2008-11-27 19:36 M:2008-11-27 19:41]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
    <AppInit_Dlls><kmon.dll,ieprot.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-05 15:12 M:2008-11-27 19:52|Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]

[HKEY_CURRENT_USER\Control Panel\Desktop]
    <SCRNSAVE.EXE><C:\WINDOWS\system32\穿梭彩线.SCR>  [Microsoft Corporation, 6.0.5308.17 (winmain_idx01.060217-2200), C:2006-07-05 00:38 M:2006-03-01 05:21]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    <{D7B21266-AA85-44b8-B516-3B1A69827400}><C:\PROGRA~1\CNRN\RNEvent.dll>  [国风因特软件（北京）有限公司, 2.0.2.1017, C:2007-10-15 22:15 M:2007-11-22 16:54]
    <{32CD708B-60A7-4C00-9377-D73EAA495F0F}><C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-11-26 19:57 M:2008-11-26 19:43]
    <{AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}><C:\WINDOWS\system32\shlhook.dll>  [Beijing Rising Technology Co., Ltd., 4.0.0.9, C:2008-11-27 19:41 M:2008-11-27 19:41]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用iTudou下载节目]
    <><C:\Program Files\Tudou\iTudou\iTudou_Link.HTM>  [N/A, C:2007-03-22 10:28 M:2007-03-22 10:28]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载]
    <><C:\Program Files\Thunder Network\Thunder\Program\GetUrl.htm>  [N/A, C:2006-06-13 02:11 M:2006-03-08 18:48]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\使用迅雷下载全部链接]
    <><C:\Program Files\Thunder Network\Thunder\Program\GetAllUrl.htm>  [N/A, C:2006-06-13 02:11 M:2006-03-08 18:49]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\导出到 Microsoft Office Excel(&X)]
    <><res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000>  []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\添加到QQ表情]
    <><D:\黄丹\腾讯qq\AddEmotion.htm>  [N/A, C:2008-09-17 04:08 M:2008-09-17 04:08]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}]
    <NetMeeting 3.01><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 7.00.6000.16735 (vista_gdr.080820-1506), C:2004-08-17 12:00 M:2008-08-26 15:57|(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}]
    <Windows Messenger 4.7><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 7.00.6000.16735 (vista_gdr.080820-1506), C:2004-08-17 12:00 M:2008-08-26 15:57|(Verified)N/A, C:2004-08-17 12:00 M:2004-08-17 12:00]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}]
    <Microsoft Windows Media Player><rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|(Verified)Microsoft Corporation, 7.00.6000.16735 (vista_gdr.080820-1506), C:2004-08-17 12:00 M:2008-08-26 15:57|(Verified)N/A, C:2006-04-18 23:49 M:2005-01-28 15:25]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}]
    <><C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install>  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 1.1.4322.573, C:2003-02-21 08:09 M:2003-02-21 08:09]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{110F6354-E9E3-4f8c-95DD-8487ED86C73D}]
    <><http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=clean>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{30778C27-54C7-437e-946A-F04CBB8C460F}]
    <名品 折扣><http://adtaobao.allyes.com/main/adfclick?db=adtaobao&bid=138,140,18&cid=816,8,1&sid=5042&show=ignore&url=http://www.taobao.com/vertical/mall/pro.php?allyesPara=816>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4C4A96EA-D26D-4ab1-9D7C-BEA7D3312B6F}]
    <Yahoo 3.5G 电邮><http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomail>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{4D985980-695A-4b42-8B11-34D8D3385676}]
    <><http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=repair>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6C32C266-E0C3-447c-B1A1-650640D550D0}]
    <雅虎 WIDGET><http://cn.widget.yahoo.com/index.htm?source=Cns>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{7035F492-7EAE-4213-A159-7C4E1E216C12}]
    <情景 聊天><http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yahoomsg>  []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{BF69897E-F9B4-4c1a-9D81-59822096081F}]
    <雅虎 助手><http://cn.zs.yahoo.com/cnsbutton.htm?source=cns&btn=yassist>  []


========================================
启动项

[QQ游戏启动加速程序]
    <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\QQ游戏启动加速程序.lnk --> "C:\Program Files\Tencent\QQGAME\Accel.exe"  > [(Verified)深圳市腾讯计算机系统有限公司, 2, 0, 103, 5, C:2008-03-18 18:09 M:2008-03-18 18:09]
[启动飞速土豆]
    <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\启动飞速土豆.lnk --> "C:\Program Files\Tudou\飞速Tudou\TudouVa.exe" /ArgumentsHere > [土豆网(www.tudou.com), 1.0.1.0, C:2007-10-23 10:13 M:2008-06-06 16:16]
[腾讯QQ]
    <C:\Documents and Settings\Administrator\「开始」菜单\程序\启动\腾讯QQ.lnk --> "D:\黄丹\腾讯qq\QQ.exe"  > [(Verified)TENCENT, 8,0,1249,1853, C:2008-10-28 15:39 M:2008-10-28 15:39]


========================================
计划任务



========================================
组件


ShellExecuteHook
[]
    {D7B21266-AA85-44b8-B516-3B1A69827400}  <C:\PROGRA~1\CNRN\RNEvent.dll>  [国风因特软件（北京）有限公司, 2.0.2.1017, C:2007-10-15 22:15 M:2007-11-22 16:54]
[ShlExecHack Class]
    {32CD708B-60A7-4C00-9377-D73EAA495F0F}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-11-26 19:57 M:2008-11-26 19:43]
[瑞星卡卡上网安全助手]
    {AC2DC2EF-5165-40A3-8CDF-41DCA1B0901A}  <C:\WINDOWS\system32\shlhook.dll>  [Beijing Rising Technology Co., Ltd., 4.0.0.9, C:2008-11-27 19:41 M:2008-11-27 19:41]

Shell Extension
[Display Panning CPL Extension]
    {42071714-76d4-11d1-8b24-00a0c9068ff3}  <deskpan.dll>  []
[HyperTerminal Icon Ext]
    {88895560-9AA2-1069-930E-00AA0030EBC8}  <C:\WINDOWS\system32\hticons.dll>  [(Verified)Hilgraeve, Inc., 5.1.2600.0, C:2006-04-09 01:39 M:2004-08-17 20:00]
[WinRAR shell extension]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2006-07-05 01:06 M:2006-06-18 00:08]
[DllRegShlExt extension]
    {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C}  <C:\WINDOWS\system32\TudouUpload.dll>  [www.Tudou.com, 1.1.0.0, C:2007-01-24 18:07 M:2007-01-24 18:07]
[iTunes]
    {B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}  <D:\黄丹\ipod\iTunesMiniPlayer.dll>  [(Verified)Apple Inc., 7.7.1.11, C:2008-07-30 10:47 M:2008-07-30 10:47]
[NvCpl DesktopContext Class]
    {A70C977A-BF00-412C-90B7-034C51DA2439}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.10.8198, C:2006-07-05 01:31 M:2005-12-10 03:06]
[Play on my TV helper]
    {FFB699E0-306A-11d3-8BD1-00104B6F7516}  <C:\WINDOWS\system32\nvcpl.dll>  [(Verified)NVIDIA Corporation, 6.14.10.8198, C:2006-07-05 01:31 M:2005-12-10 03:06]
[Desktop Explorer]
    {1CDB2949-8F65-4355-8456-263E7C208A5D}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2006-07-05 01:31 M:2005-12-10 03:06]
[Desktop Explorer Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A47}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2006-07-05 01:31 M:2005-12-10 03:06]
[nView Desktop Context Menu]
    {1E9B04FB-F9E5-4718-997B-B8DA88302A48}  <C:\WINDOWS\system32\nvshell.dll>  [N/A, C:2006-07-05 01:31 M:2005-12-10 03:06]
[RISING]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-11-26 19:57 M:2008-11-26 19:43]

BrowserHelperObject
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\urlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-05 15:12 M:2008-11-27 19:52]
[]
    {D7B21266-AA85-44b8-B516-3B1A69827400}  <C:\PROGRA~1\CNRN\RNEvent.dll>  [国风因特软件（北京）有限公司, 2.0.2.1017, C:2007-10-15 22:15 M:2007-11-22 16:54]

ActiveX Extension
[Edit Class]
    {0CA54D3F-CEAE-48AF-9A2B-31909CB9515D}  <C:\WINDOWS\system32\CMBEdit.dll>  [Copyright 2004, 1, 2, 0, 3, C:2007-10-20 19:16 M:2007-09-14 15:54]
[EditCtrl Class]
    {488A4255-3236-44B3-8F27-FA1AECAA8844}  <C:\WINDOWS\system32\aliedit\aliedit.dll>  [(Verified)Copyright 2008, 2, 1, 2, 1, C:2007-04-19 18:46 M:2008-07-22 11:13]
[VaCom.Application]
    {51E88884-1306-4444-B22D-C34119E44232}  <C:\PROGRA~1\Tudou\飞速TU~1\TDVaCom.dll>  [(Verified)土豆网, 1.0.0.1, C:2008-06-06 16:16 M:2008-06-06 16:16]
[WangWangObj Class]
    {6E213FC7-DD5A-4115-B7E6-D4C7838C361E}  <C:\Program Files\Alisoft\WangWang\WangWangX4.dll>  [阿里巴巴软件(上海)有限公司, 1, 0, 0, 1, C:2007-11-23 15:04 M:2007-09-10 12:36]
[DLoader Class]
    {78ABDC59-D8E7-44D3-9A76-9A0918C52B4A}  <C:\WINDOWS\Downloaded Program Files\downloader.dll>  [(Verified)Sina Com, 1, 0, 0, 14, C:2008-07-28 15:29 M:2008-07-28 15:29]
[XML DOM 文档 5.0]
    {88D969E5-F192-11D4-A65F-0040963251E5}  <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL>  [Microsoft Corporation, 5.10.2927.0, C:2004-09-22 17:09 M:2004-09-22 17:09]
[XML HTTP 5.0]
    {88D969EA-F192-11D4-A65F-0040963251E5}  <C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSXML5.DLL>  [Microsoft Corporation, 5.10.2927.0, C:2004-09-22 17:09 M:2004-09-22 17:09]
[UiManagerCtrl Class]
    {8E620797-825C-4F1C-8876-72E414FC639D}  <C:\Program Files\UiTV\UiPlayer\UiManager.dll>  [(Verified)UiTV Corporation, 3, 0, 6, 4, C:2008-10-27 22:30 M:2008-11-22 14:47]
[卡卡上网安全助手]
    {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8}  <C:\WINDOWS\system32\urlFilter.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 6, 0, 0, 15, C:2008-08-05 15:12 M:2008-11-27 19:52]
[RavOnline Class]
    {9FAFB576-6933-4CCC-AB3D-B988EC43D04E}  <C:\WINDOWS\Downloaded Program Files\RavOLCtl.dll>  [Beijing Rising Information Technology Co., Ltd., 20.0.0.17, C:2008-08-19 09:46 M:2008-08-19 09:46]
[CUiCheckCtrl Object]
    {CC2FF467-0BD8-408A-B591-07F8790C7321}  <C:\Program Files\UiTV\UiPlayer\UiCheck.dll>  [(Verified)UiTV Corporation, 1.0.0.6, C:2008-10-27 22:30 M:2008-10-29 10:11]
[Shockwave Flash Object]
    {D27CDB6E-AE6D-11CF-96B8-444553540000}  <C:\WINDOWS\system32\Macromed\Flash\Flash9f.ocx>  [(Verified)Adobe Systems, Inc., 9,0,124,0, C:2008-03-25 10:32 M:2008-03-25 10:32]
[]
    {D7B21266-AA85-44B8-B516-3B1A69827400}  <C:\PROGRA~1\CNRN\RNEvent.dll>  [国风因特软件（北京）有限公司, 2.0.2.1017, C:2007-10-15 22:15 M:2007-11-22 16:54]
[Microsoft Silverlight]
    {DFEAF541-F3E1-4C24-ACAC-99C30715084A}  <C:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll>  [(Verified) Microsoft Corporation, 2.0.31005.0, C:2008-10-04 21:48 M:2008-10-04 21:48]
[PlayerCtrl Class]
    {E05BC2A3-9A46-4A32-80C9-023A473F5B23}  <D:\黄丹\腾讯qq\QzoneMusic.dll>  [(Verified)深圳腾讯科技, 3, 1, 163, 202, C:2007-05-20 16:38 M:2007-05-20 16:38]
[QvodCtrl Class]
    {F3D0D36F-23F8-4682-A195-74C92B03D4AF}  <C:\Program Files\QvodPlayer\QvodInsert.dll>  [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 55, C:2008-09-10 19:12 M:2008-09-12 12:34]
[InfoCheck Class]
    {F91BA567-79B9-467E-BC97-5DBA01BBC5EE}  <C:\Program Files\Alisoft\WangWang\Ali_Check.dll>  [Copyright 2004, 1, 0, 0, 1, C:2007-11-23 15:04 M:2007-06-20 17:58]
[InstallCheck Class]
    {FFB8C97E-39D4-4E8A-9FE4-B451A0D6CA65}  <C:\Program Files\Alisoft\WangWang\Ali_Check.dll>  [Copyright 2004, 1, 0, 0, 1, C:2007-11-23 15:04 M:2007-06-20 17:58]

Context Menu
[DLLRegSvr]
    {8AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C}  <C:\WINDOWS\system32\TudouUpload.dll>  [www.Tudou.com, 1.1.0.0, C:2007-01-24 18:07 M:2007-01-24 18:07]
[RisingRavExt]
    {1C7593CB-C1CC-4BA7-BE52-8EEA47F9CB1D}  <C:\WINDOWS\system32\RavExt.dll>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.18, C:2008-11-26 19:57 M:2008-11-26 19:43]
[WinRAR]
    {B41DB860-8EE4-11D2-9906-E49FADC173CA}  <C:\Program Files\WinRAR\rarext.dll>  [N/A, C:2006-07-05 01:06 M:2006-06-18 00:08]


========================================
服务

[Human Interface Device Access / HidServ][Stopped/Disabled]
    <%SystemRoot%\System32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\hidserv.dll">  [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
[P4P Service / P4P Service][Stopped/Auto Start]
    <C:\Program Files\Common Files\Sogou PXP\p2psvr.exe>  []
[Qvod Terminal / Qvod Terminal][Running/Auto Start]
    <C:\Program Files\QvodPlayer\QvodTerminal.exe>  [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 55, C:2008-09-11 15:56 M:2008-09-11 15:56]

[Apple Mobile Device / Apple Mobile Device][Running/Auto Start]
    <"C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe">  [(Verified)Apple Inc., 2.1.29.0, C:2008-07-22 20:42 M:2008-07-22 20:42]
[Cmb WebProtect Support / CMBWPS][Running/Auto Start]
    <C:\Program Files\CMBCHINA\WebProtect\WPService.exe /start>  [(Verified)China Merchants Bank, 1, 0, 0, 1, C:2008-10-04 13:50 M:2007-08-27 16:35]
[iPod 服务 / iPod Service][Running/Manual Start]
    <"C:\Program Files\iPod\bin\iPodService.exe">  [(Verified)Apple Inc., 7.7.1.11, C:2008-07-30 10:47 M:2008-07-30 10:47]
[NVIDIA Display Driver Service / NVSvc][Running/Auto Start]
    <%SystemRoot%\system32\nvsvc32.exe>  [(Verified)NVIDIA Corporation, 6.14.10.8198, C:2006-07-05 01:31 M:2005-12-10 03:06]
[Remote Access Connection Manager / RasMan][Running/Manual Start]
    <%SystemRoot%\system32\svchost.exe -k netsvcs --> "%SystemRoot%\System32\rasmans.dll">  [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00|Microsoft Corporation, 5.1.2600.2908 (xpsp_sp2_gdr.060513-0343), C:2004-08-17 12:00 M:2006-05-14 16:44]
[Rising Proxy  Service / RfwProxySrv][Running/Auto Start]
    <F:\瑞星\Rising\Rfw\rfwProxy.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-11-26 21:42 M:2008-11-26 21:39]
[Rising Personal Firewall Service / RfwService][Running/Auto Start]
    <F:\瑞星\Rising\Rfw\rfwsrv.exe>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2008-11-26 21:42 M:2008-11-26 21:38]
[Rising Process Communication Center / RsCCenter][Running/Auto Start]
    <"F:\瑞星\Rising\Rav\CCenter.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-11-26 19:57 M:2008-11-26 19:55]
[Rising RealTime Monitor / RsRavMon][Stopped/Auto Start]
    <"F:\瑞星\RISING\RAV\Ravmond.exe">  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-11-26 19:57 M:2008-11-26 19:45]
[Windows Network Media Service / UiPlayer][Running/Auto Start]
    <C:\Program Files\UiTV\UiPlayer\msrv.exe>  [(Verified)UiTV Corporation, 1, 0, 1, 4, C:2008-10-27 22:30 M:2008-08-14 09:22]


========================================
驱动

[AMD K8 Processor Driver / AmdK8][Stopped/Manual Start]
    <System32\DRIVERS\amdk8.sys>  [Advanced Micro Devices, 1.1.0 (srv03_sp1_rtm.050324-1447), C:2005-08-12 09:09 M:2005-05-21 20:43]
[CMB8100 / CMB8100][Running/Auto Start]
    <\??\C:\WINDOWS\system32\Drivers\CertClient.dat>  [N/A, C:2007-10-20 19:16 M:2006-11-30 16:31]
[CMBProtector / CMBProtector][Running/Auto Start]
    <\??\C:\WINDOWS\system32\Drivers\CMBProtector.dat>  [N/A, C:2007-10-20 19:16 M:2007-01-18 14:28]
[CNRNDV / CNRNDV][Running/Boot Start]
    <system32\drivers\CNRNDV.sys>  [国风因特软件（北京）有限公司, 2.0.5.1022, C:2007-10-15 22:15 M:2007-12-28 15:52]
[Netgroup Packet Filter / NPF][Stopped/Manual Start]
    <system32\drivers\npf.sys>  [Politecnico di Torino, 3, 0, 0, 18, C:2000-10-10 21:21 M:2005-07-19 08:39]
[npkcrypt / npkcrypt][Stopped/Auto Start]
    <\??\C:\Program Files\QQ2006\npkcrypt.sys>  []
[PCTINDIS5 NDIS Protocol Driver / PCTINDIS5][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\PCTINDIS5.SYS>  []
[RsAntiSpyware / RsAntiSpyware][Running/Boot Start]
    <system32\drivers\RsBoot.sys>  [Beijing Rising Technology Co., Ltd., 3, 0, 0, 28, C:2008-11-27 19:36 M:2008-11-27 19:41]
[TCP/IP Protocol Driver / Tcpip][Running/System Start]
    <system32\DRIVERS\tcpip.sys>  [Microsoft Corporation, 5.1.2600.3394 (xpsp_sp2_gdr.080620-1245), C:2004-08-17 12:00 M:2008-06-20 18:45]
[Motorola USB Modem Driver for MPT / usbsermpt][Stopped/Manual Start]
    <system32\DRIVERS\usbsermpt.sys>  [Microsoft Corporation, 5.00.2195.6655, C:2000-10-11 15:57 M:2007-12-01 20:32]
[vmfilter303 / vmfilter303][Stopped/Manual Start]
    <system32\drivers\vmfilter303.sys>  [Vimicro Corporation, 1.4.060423.01, C:2007-11-06 10:50 M:2006-04-25 10:57]
[Sony Ericsson W550 driver (WDM) / w550bus][Stopped/Manual Start]
    <system32\DRIVERS\w550bus.sys>  []
[Sony Ericsson W550 USB WMC Modem Filter / w550mdfl][Stopped/Manual Start]
    <system32\DRIVERS\w550mdfl.sys>  []
[Sony Ericsson W550 USB WMC Modem Drivers / w550mdm][Stopped/Manual Start]
    <system32\DRIVERS\w550mdm.sys>  []
[Sony Ericsson W550 USB WMC Device Management Drivers / w550mgmt][Stopped/Manual Start]
    <system32\DRIVERS\w550mgmt.sys>  []
[Sony Ericsson W550 USB WMC OBEX Interface Drivers / w550obex][Stopped/Manual Start]
    <system32\DRIVERS\w550obex.sys>  []
[海天地QQ电脑眼 (Vimicro301 Neptune) / ZSMC303][Stopped/Manual Start]
    <System32\Drivers\usbVM303.sys>  [Vimicro Corporation, 3, 6, 410, 11, C:2007-11-06 10:50 M:2006-04-11 13:21]

[Intel(r) 82801 Audio Driver Install Service (WDM) / ac97intc][Stopped/Manual Start]
    <system32\drivers\ac97intc.sys>  [(Verified)Intel Corporation, 5.10.3523 built by: WinDDK, C:2006-04-08 15:05 M:2001-08-17 12:20]
[Agere Systems Soft Modem / AgereSoftModem][Running/Manual Start]
    <system32\DRIVERS\AGRSM.sys>  [(Verified)Agere Systems, 2.1.41.10 2.1.41.10 06/29/2004 09:07:15, C:2004-06-29 09:07 M:2004-06-29 09:07]
[Service for Realtek AC97 Audio (WDM) / ALCXWDM][Running/Manual Start]
    <system32\drivers\ALCXWDM.SYS>  [(Verified)Realtek Semiconductor Corp., 5.10.00.6090 built by: WinDDK, C:2000-10-10 21:13 M:2006-05-19 15:44]
[VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver / FETNDIS][Stopped/Manual Start]
    <system32\DRIVERS\fetnd5.sys>  [(Verified)VIA Technologies, Inc.              , 2.66, C:2006-04-08 15:06 M:2001-08-17 12:13]
[GEARAspiWDM / GEARAspiWDM][Running/Manual Start]
    <System32\Drivers\GEARAspiWDM.sys>  [(Verified)GEAR Software Inc., 2.00.07.03, C:2008-01-29 12:01 M:2008-01-29 12:01]
[HookCont / HookCont][Running/System Start]
    <\SystemRoot\system32\drivers\HookCont.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 7, C:2008-11-26 19:57 M:2008-11-26 19:55]
[HookNtos / HookNtos][Running/System Start]
    <\SystemRoot\system32\drivers\HookNtos.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 52, C:2008-11-26 19:57 M:2008-11-26 19:45]
[HookReg / HookReg][Running/System Start]
    <\SystemRoot\system32\drivers\HookReg.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 29, C:2008-11-26 19:57 M:2008-11-26 19:45]
[HookSys / HookSys][Running/System Start]
    <\SystemRoot\system32\drivers\HookSys.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 55, C:2008-11-26 19:57 M:2008-11-26 19:45]
[HookUrl / HookUrl][Running/Auto Start]
    <\??\F:\瑞星\Rising\Rfw\HookUrl.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.13, C:2008-11-26 21:42 M:2008-11-26 21:40]
[Motorola USB Composite Device Driver / motccgp][Stopped/Manual Start]
    <system32\DRIVERS\motccgp.sys>  [(Verified)Motorola, 2.2.0.0 built by: WinDDK, C:2007-11-24 16:50 M:2007-06-18 15:19]
[MotCcgpFlService / motccgpfl][Stopped/Manual Start]
    <system32\DRIVERS\motccgpfl.sys>  [(Verified)Motorola, 1.4.0.0 built by: WinDDK, C:2007-11-24 16:50 M:2007-01-22 19:33]
[Motorola USB CDC ACM Driver / motmodem][Stopped/Manual Start]
    <system32\DRIVERS\motmodem.sys>  [(Verified)Motorola, 4.1.0.0 built by: WinDDK, C:2007-11-24 16:50 M:2007-06-18 15:18]
[MotoSwitch Service / MotoSwitchService][Stopped/Manual Start]
    <system32\DRIVERS\motswch.sys>  [(Verified)Motorola, 6.0.0.0, C:2007-11-24 16:50 M:2006-12-06 18:33]
[nv / nv][Running/Manual Start]
    <system32\DRIVERS\nv4_mini.sys>  [(Verified)NVIDIA Corporation, 6.14.10.8198, C:2006-04-08 15:06 M:2005-12-10 03:06]
[nvatabus / nvatabus][Running/Boot Start]
    <System32\DRIVERS\NVATABUS.SYS>  [(Verified)NVIDIA Corporation, 5.10.2600.0507 built by: WinDDK, C:2006-05-26 15:59 M:2005-04-07 14:44]
[NVIDIA nForce Networking Controller Driver / NVENET][Running/Manual Start]
    <system32\DRIVERS\NVENET.sys>  [(Verified)NVIDIA Corporation, 4.14.01.0416, C:2000-10-10 21:12 M:2005-04-07 14:44]
[NVIDIA nForce AGP Bus Filter / nv_agp][Running/Boot Start]
    <system32\DRIVERS\nv_agp.sys>  [(Verified)NVIDIA Corporation, 4.12.01.0436, C:2006-07-05 01:31 M:2005-04-07 14:44]
[Direct Parallel Link Driver / Ptilink][Running/Manual Start]
    <system32\DRIVERS\ptilink.sys>  [(Verified)Parallel Technologies, Inc., 1.10 (XPClient.010817-1148), C:2004-08-17 12:00 M:2004-08-17 12:00]
[Rising  Rfwbase Driver / RfwBase][Running/Auto Start]
    <System32\DRIVERS\rfwbase.SYS>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.10, C:2008-11-26 21:46 M:2008-11-26 21:38]
[RsFwDrv / RsFwDrv][Running/System Start]
    <\??\F:\瑞星\Rising\Rfw\RsFwDrv.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.35, C:2008-11-26 21:42 M:2008-11-26 21:38]
[RsNTGDI / RsNTGDI][Running/Boot Start]
    <system32\Drivers\RsNTGdi.sys>  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 3, C:2008-11-26 19:57 M:2008-11-26 19:47]
[Secdrv / Secdrv][Stopped/Manual Start]
    <system32\DRIVERS\secdrv.sys>  [(Verified)Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., 4.03.086, C:2004-08-17 12:00 M:2007-11-13 18:25]
[TesSafe / TesSafe][Stopped/Manual Start]
    <\??\C:\WINDOWS\system32\TesSafe.sys>  [(Verified)TENCENT, 0, 0, 8, 8, C:2008-08-29 01:00 M:2008-11-23 18:39]


========================================
进程

[PID: 412 / SYSTEM]   \SystemRoot\System32\smss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]

[PID: 684 / SYSTEM]   \??\C:\WINDOWS\system32\csrss.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]

[PID: 708 / SYSTEM]   \??\C:\WINDOWS\system32\winlogon.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]

[PID: 756 / SYSTEM]   C:\WINDOWS\system32\services.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]

[PID: 768 / SYSTEM]   C:\WINDOWS\system32\lsass.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]

[PID: 928 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]

[PID: 996 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]

[PID: 1104 / SYSTEM]   F:\瑞星\Rising\Rav\CCenter.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.33, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1124 / SYSTEM]   C:\WINDOWS\System32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]
    c:\windows\system32\rasmans.dll  [Microsoft Corporation, 5.1.2600.2908 (xpsp_sp2_gdr.060513-0343), C:2004-08-17 12:00 M:2006-05-14 16:44]

[PID: 1172 / NETWORK SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]

[PID: 1312 / LOCAL SERVICE]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]

[PID: 1356 / SYSTEM]   F:\瑞星\RISING\RAV\ravmond.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.80, C:2008-11-26 19:57 M:2008-11-26 19:45]
    F:\瑞星\RISING\RAV\BWList.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.5, C:2008-11-26 19:57 M:2008-11-26 19:43]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2007-10-18 22:08 M:2007-10-18 22:08]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-06 17:40]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-06 17:40]
    F:\瑞星\RISING\RAV\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\RsLog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.36, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\RISING\RAV\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-11-26 19:57 M:2008-11-26 19:45]
    F:\瑞星\RISING\RAV\Hooksys.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 12, C:2008-11-26 19:57 M:2008-11-26 19:45]
    F:\瑞星\RISING\RAV\HookReg.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 6, C:2008-11-26 19:57 M:2008-11-26 19:45]
    F:\瑞星\RISING\RAV\HookNtos.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 5, C:2008-11-26 19:57 M:2008-11-26 19:45]
    F:\瑞星\RISING\RAV\rswalmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 24, C:2008-11-26 19:57 M:2008-11-26 19:45]
    F:\瑞星\RISING\RAV\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\ffr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rav\RsStore.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.9, C:2008-11-26 19:57 M:2008-11-26 19:48]
    F:\瑞星\RISING\RAV\HookCont.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 22, 0, 0, 3, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\Rising\Rav\fakescan.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.14, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\Rising\Rav\Scanner.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.39, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-11-26 19:57 M:2008-11-26 19:44]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\RISING\RAV\HookWeb.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.3, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\RISING\RAV\nvfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\scanexec.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\unexe.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 6, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\scanex.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 99, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\pearc.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 8, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\extfile.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 32, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\scanpack.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\revm.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\urutils.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 7, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\ur000.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 22, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\scansct.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 11, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\scriptci.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 4, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\ur001.dat  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\extmail.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 10, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\RISING\RAV\uroutine.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-11-26 19:57 M:2008-11-26 19:44]

[PID: 1372 / SYSTEM]   F:\瑞星\Rising\Rfw\rfwsrv.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.77, C:2008-11-26 21:42 M:2008-11-26 21:38]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2007-10-18 22:08 M:2007-10-18 22:08]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-06 17:40]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-06 17:40]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-05 15:12 M:2008-11-27 19:52]
    C:\WINDOWS\system32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]
    F:\瑞星\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 21:42 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 21:42 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-11-26 21:43 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-11-26 21:43 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-11-26 21:42 M:2008-11-26 21:40]
    F:\瑞星\Rising\Rfw\rfwlog.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.16, C:2008-11-26 21:42 M:2008-11-26 21:40]
    F:\瑞星\Rising\Rfw\Rfwdrv.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.50, C:2008-11-26 21:42 M:2008-11-26 21:38]
    F:\瑞星\Rising\Rfw\ijt_ctrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.0, C:2008-11-26 21:42 M:2008-11-26 21:38]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\unvdet.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.8, C:2008-11-26 21:42 M:2008-11-26 21:38]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rfw\mPorts.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-11-26 21:42 M:2008-11-26 21:40]

[PID: 1404 / SYSTEM]   F:\瑞星\Rising\Rfw\rfwProxy.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.37, C:2008-11-26 21:42 M:2008-11-26 21:39]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2007-10-18 22:08 M:2007-10-18 22:08]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-06 17:40]
    F:\瑞星\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 21:42 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 21:42 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-11-26 21:42 M:2008-11-26 21:40]
    F:\瑞星\Rising\Rfw\urlrule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1.0.0.15, C:2008-11-26 21:42 M:2008-11-26 21:39]
    F:\瑞星\Rising\Rfw\MonMid.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.6, C:2008-11-26 21:42 M:2008-11-26 21:39]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 1656 / SYSTEM]   F:\瑞星\Rising\Rfw\rfwstub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.12, C:2008-11-26 21:42 M:2008-11-26 21:38]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-06 17:40]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-06 17:40]
    F:\瑞星\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-11-26 19:38 M:2008-11-26 21:37]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]

[PID: 1804 / SYSTEM]   F:\瑞星\RISING\RAV\RavStub.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.10, C:2008-11-26 19:57 M:2008-11-26 19:45]
    F:\瑞星\RISING\RAV\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\RISING\RAV\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\RISING\RAV\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-11-26 19:57 M:2008-11-26 19:43]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]

[PID: 1980 / SYSTEM]   C:\WINDOWS\system32\spoolsv.exe   [(Verified)Microsoft Corporation, 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519), C:2004-08-17 12:00 M:2005-06-11 07:53]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]

[PID: 444 / Administrator]   F:\瑞星\Rising\Rfw\RfwMain.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.1.70, C:2008-11-26 21:42 M:2008-11-26 21:38]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2007-10-18 22:08 M:2007-10-18 22:08]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-06 17:40]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-06 17:40]
    F:\瑞星\Rising\Rfw\RsGuiLib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-11-26 19:38 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 21:42 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 21:42 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-11-26 21:43 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-11-26 21:43 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-11-26 19:38 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\RfwCtrl.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-11-26 19:38 M:2008-11-26 21:37]
    F:\瑞星\Rising\Rfw\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-11-26 19:38 M:2008-11-26 21:37]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\RfwRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.17, C:2008-11-26 21:42 M:2008-11-26 21:40]

[PID: 1084 / Administrator]   F:\瑞星\Rising\Rav\RavTask.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.24, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-11-26 19:57 M:2008-11-26 19:43]
    F:\瑞星\Rising\Rav\RSAPPMGR.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-11-26 19:57 M:2008-11-26 19:44]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 2076 / Administrator]   F:\瑞星\Rising\Rav\Ravmon.exe   [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.01.27, C:2008-11-26 19:57 M:2008-11-26 19:45]
    C:\WINDOWS\system32\MFC71.DLL  [Microsoft Corporation, 7.10.3077.0, C:2007-10-18 22:08 M:2007-10-18 22:08]
    C:\WINDOWS\system32\MSVCR71.dll  [Microsoft Corporation, 7.10.3052.4, C:2004-04-05 10:31 M:2004-04-06 17:40]
    C:\WINDOWS\system32\MSVCP71.dll  [Microsoft Corporation, 7.10.3077.0, C:2004-04-05 10:31 M:2004-04-06 17:40]
    F:\瑞星\Rising\Rav\ProcCom.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\Rising\Rav\RsCommX2.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 20, C:2008-11-26 19:57 M:2008-11-26 19:55]
    F:\瑞星\Rising\Rav\RSCOMMON.DLL  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-11-26 19:57 M:2008-11-26 19:43]
    F:\瑞星\Rising\Rav\recomp.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 41, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\Rising\Rav\refs.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 18, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\Rising\Rav\viruslib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 27, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\Rising\Rav\relibldr.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 17, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\Rising\Rav\RSAPPMGR.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.1, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\Rising\Rav\CfgDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.19, C:2008-11-26 19:57 M:2008-11-26 19:44]
    F:\瑞星\Rising\Rav\MonRule.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20.0.0.29, C:2008-11-26 19:57 M:2008-11-26 19:45]
    F:\瑞星\Rising\Rav\PngDll.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 5, C:2008-11-26 19:57 M:2008-11-26 19:43]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    F:\瑞星\Rising\Rav\Rsguilib.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 90, C:2008-11-26 19:57 M:2008-11-26 19:43]
    F:\瑞星\Rising\Rav\RsXML.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 20, 0, 0, 2, C:2008-11-26 19:57 M:2008-11-26 19:43]

[PID: 2424 / SYSTEM]   C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe   [(Verified)Apple Inc., 2.1.29.0, C:2008-07-22 20:42 M:2008-07-22 20:42]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-05 15:12 M:2008-11-27 19:52]
    C:\WINDOWS\system32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]
    F:\瑞星\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-27 19:53 M:2008-11-27 19:51]
    F:\瑞星\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-27 19:53 M:2008-11-27 19:52]

[PID: 2492 / SYSTEM]   C:\Program Files\CMBCHINA\WebProtect\WPService.exe   [(Verified)China Merchants Bank, 1, 0, 0, 1, C:2008-10-04 13:50 M:2007-08-27 16:35]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-05 15:12 M:2008-11-27 19:52]
    C:\WINDOWS\system32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]
    F:\瑞星\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-27 19:53 M:2008-11-27 19:51]
    F:\瑞星\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-27 19:53 M:2008-11-27 19:52]
    C:\Program Files\CMBCHINA\WebProtect\WebProtectPlus.dll  [(Verified)China Merchants Bank, 1, 0, 0, 1, C:2008-10-04 13:50 M:2007-08-20 16:16]

[PID: 2620 / SYSTEM]   C:\WINDOWS\system32\nvsvc32.exe   [(Verified)NVIDIA Corporation, 6.14.10.8198, C:2006-07-05 01:31 M:2005-12-10 03:06]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-05 15:12 M:2008-11-27 19:52]
    C:\WINDOWS\system32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]
    F:\瑞星\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-27 19:53 M:2008-11-27 19:51]
    F:\瑞星\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-27 19:53 M:2008-11-27 19:52]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 2904 / SYSTEM]   C:\Program Files\QvodPlayer\QvodTerminal.exe   [Shenzhen QVOD Technology Co.,Ltd, 3, 0, 0, 55, C:2008-09-11 15:56 M:2008-09-11 15:56]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-05 15:12 M:2008-11-27 19:52]
    C:\WINDOWS\system32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]
    F:\瑞星\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-27 19:53 M:2008-11-27 19:51]
    F:\瑞星\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-27 19:53 M:2008-11-27 19:52]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 2968 / SYSTEM]   C:\WINDOWS\system32\svchost.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 3032 / SYSTEM]   C:\Program Files\UiTV\UiPlayer\msrv.exe   [(Verified)UiTV Corporation, 1, 0, 1, 4, C:2008-10-27 22:30 M:2008-08-14 09:22]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-05 15:12 M:2008-11-27 19:52]
    C:\WINDOWS\system32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]
    F:\瑞星\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-27 19:53 M:2008-11-27 19:51]
    F:\瑞星\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-27 19:53 M:2008-11-27 19:52]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\Program Files\UiTV\UiPlayer\UiPlay.dll  [(Verified)UiTV Corporation, 3.0.5.6, C:2008-10-27 22:30 M:2008-11-22 18:50]

[PID: 3104 / LOCAL SERVICE]   C:\WINDOWS\system32\wdfmgr.exe   [(Verified)Microsoft Corporation, 5.2.3790.1230 built by: dnsrv(bld4act), C:2005-01-28 01:36 M:2005-01-28 01:36]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-05 15:12 M:2008-11-27 19:52]
    C:\WINDOWS\system32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]
    F:\瑞星\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-27 19:53 M:2008-11-27 19:51]
    F:\瑞星\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-27 19:53 M:2008-11-27 19:52]

[PID: 3304 / SYSTEM]   C:\Program Files\iPod\bin\iPodService.exe   [(Verified)Apple Inc., 7.7.1.11, C:2008-07-30 10:47 M:2008-07-30 10:47]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-05 15:12 M:2008-11-27 19:52]
    C:\WINDOWS\system32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]
    F:\瑞星\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-27 19:53 M:2008-11-27 19:51]
    F:\瑞星\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-27 19:53 M:2008-11-27 19:52]
    C:\Program Files\iPod\bin\iPodService.Resources\zh_CN.lproj\iPodServiceLocalized.DLL  [Apple Inc., 7.7.1.3, C:2008-07-30 10:48 M:2008-07-30 10:48]
    C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL  [Apple Inc., 7.7.1.11, C:2008-07-30 10:47 M:2008-07-30 10:47]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]

[PID: 3852 / LOCAL SERVICE]   C:\WINDOWS\System32\alg.exe   [(Verified)Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158), C:2004-08-17 12:00 M:2004-08-17 12:00]
    C:\WINDOWS\System32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\System32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-05 15:12 M:2008-11-27 19:52]
    C:\WINDOWS\System32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]
    F:\瑞星\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-27 19:53 M:2008-11-27 19:51]
    F:\瑞星\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-27 19:53 M:2008-11-27 19:52]

[PID: 3468 / Administrator]   F:\arswp2\ArSwp.exe   [(Verified)ArSwp.com, 2, 8, 2, 1115, C:2008-11-28 20:20 M:2008-11-15 11:58]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-05 15:12 M:2008-11-27 19:52]
    C:\WINDOWS\system32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]
    F:\瑞星\comx3.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.37, C:2008-11-27 19:53 M:2008-11-27 19:51]
    F:\瑞星\Syslay.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 21.0.0.6, C:2008-11-27 19:53 M:2008-11-27 19:52]
    F:\瑞星\Rising\Rfw\ijt_base.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.21, C:2008-11-26 21:42 M:2008-11-26 21:41]
    F:\瑞星\Rising\Rfw\olemon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 7.0.0.9, C:2008-11-26 21:42 M:2008-11-26 21:41]
    C:\WINDOWS\system32\uxtheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\PROGRA~1\CNRN\CNRN.dll  [国风因特软件（北京）有限公司, 2.1.0.1048, C:2007-03-20 14:15 M:2008-01-16 14:28]
    C:\WINDOWS\system32\nview.dll  [N/A, C:2006-07-05 01:31 M:2005-12-10 03:06]
    C:\WINDOWS\system32\NVWRSZHC.DLL  [NVIDIA Corporation, 6.14.10.11014, C:2006-07-05 01:31 M:2005-12-10 03:06]
    C:\PROGRA~1\CNRN\RNHelper.dll  [国风因特软件（北京）有限公司, 2.0.1.1016, C:2007-10-15 22:15 M:2007-09-17 19:42]
    C:\WINDOWS\system32\nvwddi.dll  [(Verified)NVIDIA Corporation, 6.14.10.8198, C:2006-07-05 01:31 M:2005-12-10 03:06]
    F:\arswp2\plugin\ArFix.dll  [(Verified)ArSwp.Com, 2, 5, 0, 0, C:2008-11-28 20:20 M:2007-11-28 15:19]

[PID: 2648 / Administrator]   C:\WINDOWS\explorer.exe   [(Verified)Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234), C:2004-08-17 12:00 M:2007-06-13 21:21]
    C:\WINDOWS\system32\UxTheme.dll  [Microsoft Corporation, 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158), C:1980-01-01 00:00 M:2004-08-07 09:37]
    C:\WINDOWS\system32\kmon.dll  [(Verified)Beijing Rising Information Technology Co., Ltd., 1, 0, 0, 33, C:2008-08-05 15:12 M:2008-11-27 19:52]
    C:\WINDOWS\system32\ieprot.dll  [Beijing Rising Technology Co., Ltd., 1, 0, 0, 19, C:2008-11-27 19:41 M:2008-11-27 19:41]


========================================
文件关联



========================================
AutoRun.INF



========================================
Winsock提供者



[/CODE]